Hi, By the timeout implementation in now more secure the support of the NAT IP change. To change the Caller/Called address the mediaproxy waits for two seconds that the Caller/Called doesn't send any rtp/rtcp packet and checking the SSRC. This change was tested and in production working well.
Also I found a bug in the asymmetric RTP UA support. This file contains the fix of the bug, the solution to the bug is very simple. How can I do to report the bug and the solution? Regards > "Gonzalo J. Sambucaro" <[EMAIL PROTECTED]> writes: > >> [...] >> 1) When the first rtp packet of a source arrives, save the SSRC field in >> the MP. >> - Save the SSRC of the caller. >> - Save the SSRC of the called. >> >> 2) If arrives a rtp packet with unknown source IP but with the same SSRC >> field of some of the two streams, updates the binding (with the new IP >> detected) between the caller and the MP or between the called and the MP >> according to the field SSRC previously saved. > > An attacker would have to guess/sniff the SSRC and then could take over > the rtp session? (maybe could be fixed by only allowing to take over > after some timeout) > On the other hand if he can sniff ... > -- Gonzalo J. Sambucaro Ingeniería de Software Tel: +54-341-4230504 MSLC [EMAIL PROTECTED] www.mslc.com.ar Ocampo y Esmeralda - Vivero de Empresas de Base Tecnológica Ciudad Universitaria Rosario UNR, CCT CONICET Rosario - Santa Fé - Argentina
rtphandler.py.tgz
Description: Binary data
_______________________________________________ Users mailing list Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
