Hi David and List,
i end up with an route like this:
route[CHECK_CRYPTO] {
if ( has_body("application/sdp") && $proto =~ "tls" ) {
if ( !search_body("a=crypto") ) {
xlog("[CHECK_ACRYPTO] IP not sending crypto Src: [$si] to
IP:[$Ri]:[$Rp] \n");
append_to_reply("P-SBC-Error: SdpParsingFailure\r\n");
sl_send_reply("488", "Not Acceptable Here");
exit;
}
}
return;
}
that i call from my invite checking block.
Cheers
Karsten
Am Sa., 14. Dez. 2019 um 14:54 Uhr schrieb David Villasmil <
[email protected]>:
> Sure, only if it's tls ;)
> Regards,
>
> David Villasmil
> email: [email protected]
> phone: +34669448337
>
>
> On Sat, Dec 14, 2019 at 11:12 AM Karsten Horsmann <[email protected]>
> wrote:
>
>> Hi David,
>>
>> That's looks good. It's a bit to greedy cos I translate SRTP from
>> internet to RTP to inside.
>>
>> Maybe an AND with
>>
>> If proto==TLS would be an good idea.
>>
>> Cheers.
>> Karsten
>>
>> David Villasmil <[email protected]> schrieb am Sa., 14.
>> Dez. 2019, 11:35:
>>
>>> Well, you could simply use
>>>
>>>
>>> if ( has_body("application/sdp") ) {
>>> if ( !search_body("a=crypto") ) {
>>> ... reject here ...
>>> }
>>> }
>>>
>>> though there's probably a better way...
>>>
>>> David Villasmil
>>> email: [email protected]
>>> phone: +34669448337
>>>
>>>
>>> On Sat, Dec 14, 2019 at 8:20 AM Karsten Horsmann <[email protected]>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I use Kamailio 5.3.1 with rtpengine to offer an siptrunk endpoint for
>>>> my customers.
>>>>
>>>> I observe that someone of them use tls to encrypt signaling but
>>>> forgotten to encrypt rtp.
>>>>
>>>> I want to reject this invites.
>>>>
>>>> Are there any hints how to do this?
>>>>
>>>> Thought about reading the sdp and search for a=crypto line and if not
>>>> send reply with (what code ever will be good for that).
>>>>
>>>> Cheers
>>>> Karsten
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing List
>>>> [email protected]
>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> [email protected]
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> [email protected]
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> [email protected]
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
--
Mit freundlichen Grüßen
*Karsten Horsmann*
_______________________________________________
Kamailio (SER) - Users Mailing List
[email protected]
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
