Opened 10 years ago
Closed 10 years ago
#1856 closed enhancement (fixed)
Offer only current active crypto on re-INVITE
Reported by: | nanang | Owned by: | nanang |
---|---|---|---|
Priority: | normal | Milestone: | release-2.4.5 |
Component: | pjmedia | Version: | trunk |
Keywords: | sipit31 | Cc: | |
Backport to 1.x milestone: | Backported: | no |
Description
On re-INVITE (e.g: lock codec, ICE update, session refresh), SRTP sends all crypto-suites instead of just the currently active. In the Sipit31 tests, this seems to be just fine (the same current active cryptos were used on both sides, no RTP protect/unprotect error), but this is perhaps risky, e.g: remote may mistakenly see it as SRTP session restart, thus remote will reset its SRTP states (so RTP seq calculation became out of sync, etc). So sending the current active crypto should be safer.
Change History (1)
comment:1 Changed 10 years ago by nanang
- Resolution set to fixed
- Status changed from new to closed
Note: See
TracTickets for help on using
tickets.
In 5103: