Opened 16 years ago
Closed 16 years ago
#600 closed defect (fixed)
Reinvite/update call when SRTP enabled may cause one way media.
Reported by: | nanang | Owned by: | nanang |
---|---|---|---|
Priority: | normal | Milestone: | release-1.0-rc1 |
Component: | pjmedia | Version: | trunk |
Keywords: | Cc: | ||
Backport to 1.x milestone: | Backported: |
Description (last modified by bennylp)
Symptom:
In some occassions after media_start(), srtp_unprotect() fails (returning err_status_replay_old).
Description:
The srtp_unprotect() may fail on the following scenarios:
- UAC sent INVITE, and the INVITE forks to more than one UAS's, and the UAS's all send RTP to the UAC. In this case, it is expected that only RTP packets from one UAS will be successfully processed.
- The SRTP keys have changed in re-INVITE/UPDATE, and the SRTP session has been re-created with same keys, but some old RTP packets are still lingering in the network or in socket buffer. The SRTP then may learn it's initial state from these old packets. The new packet may have different sequence numbering than the old packets, and this will cause the new RTP packets to be rejected by the SRTP session.
- Some attacker genuinely replays old SRTP packets
From the scenarios above, this ticket only handles the scenario no 2.
Solution:
- Modify the stream, so that when it's restarted it will maintain the sequence number and timestamp from the last transmission. This will be implemented on separate ticket.
- Modify SRTP transport, so that when it's restarted, it takes into consideration that some old packets may be received. This is to handle the case where the UA is talking to another UA that doesn't maintain sequence number during re-INVITE and UPDATE.
Related link:
There is a similar discussion about srtp_unprotect() failure when the SRTP is restarted here: http://sourceforge.net/mailarchive/message.php?msg_name=C3C343D0.3BDB%25mcgrew%40cisco.com
Attachments (1)
Change History (8)
comment:1 Changed 16 years ago by bennylp
- Description modified (diff)
comment:2 Changed 16 years ago by bennylp
- Description modified (diff)
comment:3 Changed 16 years ago by bennylp
- Description modified (diff)
comment:4 Changed 16 years ago by bennylp
- Description modified (diff)
comment:5 Changed 16 years ago by bennylp
- Description modified (diff)
Changed 16 years ago by nanang
comment:6 Changed 16 years ago by nanang
In r2242: Added probation state in media transport SRTP and also capability to auto-restart when packets received in probation state are 'invalid'.
comment:7 Changed 16 years ago by bennylp
- Resolution set to fixed
- Status changed from new to closed
Done, closing the ticket.
Added probation counter, inited when media_start() is called, when this counter > 0, SRTP may auto restart when unprotect() returns replay_fail