Ticket #2096 (closed defect: fixed)

Opened 4 months ago

Last modified 5 weeks ago

Various updates in DTLS-SRTP

Reported by: nanang Owned by: nanang
Priority: normal Milestone: release-2.8
Component: pjmedia Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no


A place for any bug fixes or enhancements related to DTLS-SRTP.

Change History

comment:1 Changed 4 months ago by nanang

  • Status changed from new to closed
  • Resolution set to fixed

In r5746:

  • Fixed re-INVITE scenario: always generate SRTP attr in SDP re-offer/answer as both offerer/answerer (as long as SRTP is not disabled of course), currently it does not generate SRTP attr if active session does not use SRTP.
  • Fixed bug in retrieving video stream info from SDP that caused DTLS transport (UDP/TLS/RTP/SAVP) getting rejected.
  • Added pjsua app param '--srtp-keying=0/1' to choose SRTP keying to be used in the outgoing offer (0=SDES (default), 1=DTLS-SRTP).
  • Few minors, e.g: adding transport_srtp_dtls/sdes.c to pjmedia MSVC2015 project.
Last edited 4 months ago by nanang (previous) (diff)

comment:2 Changed 4 months ago by nanang

In 5749:

Re #2096: Fixed assertion in SDP answerer when its SRTP is disabled. This is an SDES issue, but related to DTLS-SRTP works (all SRTP keyings have been refactored for DTLS implementation).

comment:3 Changed 4 months ago by nanang

In 5750:

Re #2096:

  • Fixed crash in media transport when application calls detach() while the transport only implements detach2().
  • Avoid assertion in UDP media transport when calling detach() without previously calling attach().

comment:4 Changed 2 months ago by riza

In 5780:

Re #2096: When checking hash algo, don't use case sensitive comparision.
Thanks to Christian Scheid for the report.

comment:5 Changed 2 months ago by nanang

In 5781:

Re #2096:

  • Fixed DTLS-SRTP issues with AEAD_AES_256_GCM crypto, e.g: material buffer length too short, silly mistake of missing comma in PJSIP-OpenSSL crypto map.
  • Fixed SRTP error PJMEDIA_SRTP_ESDPREQCRYPTO when crypto count is set to zero and SRTP is in mandatory mode.
  • Fixed SRTP transport attach where stream RTP/RTCP reception callbacks may be overriden by DTLS-SRTP.

comment:6 Changed 2 months ago by nanang

In r5782: added log about crypto setting.

comment:7 Changed 2 months ago by nanang

In 5783:

Re #2096: Start UDP transport earlier to allow early DTLS-SRTP nego.

comment:8 Changed 5 weeks ago by nanang

In 5794:

Re #2096:

  • Fixed memory leak due to not destroyed DTLS-SRTP keying (when it is not active).
  • DTLS-SRTP must not destroy itself, keying destroy must be initiated by SRTP.
Note: See TracTickets for help on using tickets.