|Summary:||ASTERISK-21416: Implement SDES-SRTP support in chan_gulp|
|Reporter:||Matt Jordan (mjordan)||Labels:||Asterisk12 NewSIP|
|Date Opened:||2013-04-12 08:33:14||Date Closed:||2013-05-01 08:22:38|
|Description:||This task is to implement SDES-SRTP support in chan_gulp. This includes:
* Refactoring out the setup of an SRTP session - given a set of SDP parameters - to minimize code duplication between chan_sip and chan_gulp. This would involve improving the code in sdp_crypto and sharing it between both channel drivers.
* Defining and adding the necessary configuration parameters to an endpoint to enable encryption
* Performing SRTP initialization on inbound requests and responding with the appropriate keys in a response
* Transmitting SRTP keys given an endpoint's support for encryption
* Re-initializing an SRTP session on a channel if a re-INVITE contains new keys
* Adding automated tests to the test suite for chan_gulp that test negotiating SRTP keys
|Comments:||By: Kinsey Moore (kmoore) 2013-04-17 16:10:04.175-0500|
The work for this issue is occurring on the following branch:
The sdp/srtp parser functions have been pulled into main and cleaned up a little (removed unused items). Next up will be factoring out the SRTP/RTP engine setup from chan_sip so it can be used from res_sip as well.
By: Kinsey Moore (kmoore) 2013-04-23 10:22:00.956-0500
Calls initiated with SRTP function with encrypted audio in both directions.
By: Kinsey Moore (kmoore) 2013-04-23 14:13:38.136-0500
Verified that encrypted audio still works properly after hold/unhold and session-timers-based re-INVITES with several different different clients, but none were capable of setting new keys during a call.
By: Kinsey Moore (kmoore) 2013-04-24 13:46:44.453-0500
After working some bugs out of the hacked chan_sip side of changing SRTP keys mid-call, mid-call re-keying of res_sip calls now works properly (after some tweaks).