Public bug reported:
Binary package hint: asterisk
As described upstream, IAX2 encryption is broken in the Jaunty version
of asterisk:
If an iax channel is encrypted, and a retransmit frame is sent, that packet's
iseqno
is updated while it is encrypted. This causes the entire frame to be
corrupted. When
the corrupted frame is sent, the other side decrypts it and sends a VNAK back
because
the decrypted frame doesn't make any sense. When we get the VNAK, we look
through the
sent queue and send the same corrupted frame causing a loop. To fix this,
encrypted
frames requiring retransmission are decrypted, updated, then re-encrypted.
Since
key-rotation may change the key held by the pvt struct, the keys used for
encryption/decryption are held within the iax_frame to guarantee they remain
correct.
This makes it practically impossible to turn IAX2 encryption in most of my calls
because the connection constantly cuts off. So it's a very serious bug for
anybody using
encryption with Asterisk.
I have attached a debdiff which applies the upstream patch on the
current Jaunty version.
** Affects: asterisk
Importance: Unknown
Status: Unknown
** Affects: asterisk (Ubuntu)
Importance: Undecided
Status: New
** Affects: asterisk (Debian)
Importance: Unknown
Status: Unknown
--
IAX2 encryption: calls end abrutly due to normal packet loss
https://bugs.launchpad.net/bugs/350732
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
