Summary:ASTERISK-16849: Indicate SRTP + Feature reqest
Reporter:Chodorenko Michail (chodorenko)Labels:
Date Opened:2010-10-22 10:06:35Date Closed:2015-02-25 15:05:40.000-0600
Versions:Frequency of
is related toASTERISK-17282 [patch] Unable to choose which SRTP suite to offer
Description:Command "sip show peer NAME" do not indicate status of encryption


# Command {{sip show peer NAME}} do not indicate status of encryption
in my previous bug i report by this (6) https://issues.asterisk.org/view.php?id=18140#128202 and twilson commit path for modification in source tree/ In release 1.8.0 again not this value.
# Command {{sip show peer NAME}} do not indicate status of forceencrypt
# My opinion that the use of 2 variables
{{encryption = Yes|No}}
{{forceencrypt = Yes|No}}
no not the best approach. Propose will integrate them into one variable {{srtp_capability = Yes|No|Optional}}
** Yes - Force SRTP
** No - Force RTP
** Optional - May Use encryption (* Default)
# Variable srtp_capability can may be read from dialplan
as variant .....
exten => 123,1,GotoIf("$[${srtp_capability(SIP/test)}" = "Yes"]?call_optional_encrypt)
or different way ....
Comments:By: Stefan Schmidt (schmidts) 2010-10-22 12:25:25

to 1. it is in the source tree but its not in 1.8.0 so i think this would come in 1.8.1 maybe.

By: Paul Belanger (pabelanger) 2010-10-22 15:11:48

Patches welcome.

By: Chodorenko Michail (chodorenko) 2010-10-23 10:21:08

to -> pabelanger
Paul, If i can write code, i give patches in bug reports witch out of you message, im tester, administrator and integrator only, i not developer :( sorry

As far as I can remember is the people who maintain SRTP, he may deem necessary and possible to implement this

By: Terry Wilson (twilson) 2010-11-11 13:56:03.000-0600

1. The code is there, it must be showing up. It is somewhere in the middle, right after "Use Reason".
2. There is not foreceencrypt in chan_sip. That is why it doesn't show up. :-) encryption=yes implies forceencrypt in chan_sip.
3. We don't use two variables, and don't support optional encryption. Please read https://wiki.asterisk.org/wiki/display/AST/Secure+Calls for an example of how everything is already handled via the dialplan.

By: Bob Beers (bbeers) 2011-02-14 10:07:10.000-0600

moderator: Can we add a relation to issue ASTERISK-17282?
SRTP encryption is really more than yes|no.

By: Stefan Schmidt (schmidts) 2011-02-14 12:01:44.000-0600

your welcome

By: Olle Johansson (oej) 2013-09-05 04:33:29.944-0500

After reading this I'm unclear if we have any outstanding issues here or if we can close this issue.

By: Matt Jordan (mjordan) 2015-02-25 15:05:40.211-0600

After reading through the various proposals, these are either:
# Completed (such as in the proposed additions to the CLI commands)
# Feature requests (such as the support for optional encryption)

As such, since there is no bug here and there isn't a patch for the feature requests (which are a good idea, and would be nice to have in {{chan_sip}}), I agree with [~oej] that there isn't much need in keeping this open without a patch.

If someone would like to provide a patch or - given how much is listed on this issue a separate issue + patch for any of the things not implemented in the request - that would be appreciated. In either case, we can always reopen this if there is additional work someone would like to do in improving Asterisk's SDES-SRTP support.