| Summary: | ASTERISK-14102: [patch] Early media bridged from caller to callee allows free calls | ||
| Reporter: | Marcus Hunger (fnordian) | Labels: | |
| Date Opened: | 2009-05-11 06:15:28 | Date Closed: | 2011-07-26 14:18:52 |
| Priority: | Major | Regression? | No |
| Status: | Closed/Complete | Components: | Applications/app_dial |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) noincomingearlymedia.patch | |
| Description: | Hi, german security press reported about this last week ( http://www.heise.de/security/Lauschangriff-in-VoIP-Netzen--/artikel/137297 ). The problem occurs on receiving a call and placing it to an user. Ringing and session progress data are bridged from the callee to the caller and that's good. The bad thing is that media-data from the caller is forwarded to the callee. This allows among other problems free calls. I learned that this might be wanted behavior e.g. for call centers, but it's not good for gateways. There should be an option for Dial() to disable the forwarding of media-data to the callee during call-setup. | ||
| Comments: | By: Tilghman Lesher (tilghman) 2009-05-11 16:11:00 You're talking about the design of early media, and it is functioning as designed. While it may not function the way you'd like, it is not a security hole. At best, this is a feature request requesting early media to be turned off. By: Tilghman Lesher (tilghman) 2009-05-11 16:13:32 BTW, the best way to handle this is to use the second parameter of Dial, which specifies a time limit that the Dial is allowed to remain in a dialled state before the call will be considered to have failed. By: Alec Davis (alecdavis) 2009-05-11 18:00:08 Early media to a SIP device seems to be broken in TRUNK. Fills screen with the following and no audio. May 7 22:07:43] WARNING[14412]: chan_sip.c:5922 sip_write: Asked to transmit frame type 64, while native formats is 0x8 (alaw)(8) read/write = 0x8 (alaw)(8)/0x8 (alaw)(8) By: Marcus Hunger (fnordian) 2009-05-12 08:35:20 Ok, so let's declare it as a feature request. Not providing incoming early-media seems to be common in traditional pstn. So having the possibility to adopt to this behavior is reasonable, isn't it? By: Joshua C. Colp (jcolp) 2009-05-12 08:36:34 alecdavis: Please file a separate issue for that. By: Leif Madsen (lmadsen) 2009-06-10 13:04:40 Patch attached, so setting to 'Confirmed'. By: Russell Bryant (russell) 2011-05-06 15:13:28 This feature is fine but someone will need to update the patch for trunk. By: Leif Madsen (lmadsen) 2011-07-26 14:18:43.737-0500 Per the Asterisk maintenance timeline page at http://www.asterisk.org/asterisk-versions maintenance (bug) support for the 1.4 and 1.6.x branches has ended. For continued maintenance support please move to the 1.8 branch which is a long term support (LTS) branch. For more information about branch support, please see https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions If this is still an issue, please open a new issue so it can be re-triaged appropriately. Thanks! | ||