-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 François Marier wrote: > Public bug reported: > > Binary package hint: asterisk > > As described upstream, IAX2 encryption is broken in the Jaunty > version of asterisk: > > If an iax channel is encrypted, and a retransmit frame is sent, > that packet's iseqno is updated while it is encrypted. This causes > the entire frame to be corrupted. When the corrupted frame is sent, > the other side decrypts it and sends a VNAK back because the > decrypted frame doesn't make any sense. When we get the VNAK, we > look through the sent queue and send the same corrupted frame > causing a loop. To fix this, encrypted frames requiring > retransmission are decrypted, updated, then re-encrypted. Since > key-rotation may change the key held by the pvt struct, the keys > used for encryption/decryption are held within the iax_frame to > guarantee they remain correct. > > This makes it practically impossible to turn IAX2 encryption in > most of my calls because the connection constantly cuts off. So > it's a very serious bug for anybody using encryption with Asterisk. > > > I have attached a debdiff which applies the upstream patch on the > current Jaunty version. > > ** Affects: asterisk Importance: Unknown Status: Unknown > > ** Affects: asterisk (Ubuntu) Importance: Undecided Status: New > > ** Affects: asterisk (Debian) Importance: Unknown Status: Unknown >
status confirmed -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAknPBhwACgkQR7/9CWL6/5jazQCfcAi/wy6auKz31BlOAyWvOgCE OxIAoKh/FYyFIyXNilS9RwnHPnz1Mbin =TCCN -----END PGP SIGNATURE----- -- IAX2 encryption: calls end abrutly due to normal packet loss https://bugs.launchpad.net/bugs/350732 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
