ALERT libsrtp2-1 Problems in Debian/testing branch

kenzo

New Member
Joined
Jan 22, 2019
Messages
3
Reaction score
1
Has anyone else noticed in Debian stretch/testing that there is a bad libsrtp2-1 that causes Asterisk to crash?

I saw other threads about this problem in the forums, but I can safely report that I'm seeing the same crash in both arm and x86 using Asterisk 15.

[email protected]:~# apt list libsrtp2*
Listing... Done
libsrtp2-1/testing 2.2.0-1 amd64 [upgradable from: 2.0.0+20170123-1]
libsrtp2-1-dbg/testing 2.2.0-1 amd64 [upgradable from: 2.0.0+20170123-1]
libsrtp2-dev/testing 2.2.0-1 amd64 [upgradable from: 2.0.0+20170123-1]
libsrtp2-docs/testing 2.2.0-1 all [upgradable from: 2.0.0+20170123-1]

Symptom: REGISTER works fine with a SIP client, connects on TLS. But when placing a call which touches SRTP, this causes Asterisk to core if you have CLI open you get nothing indicating what's going haywire, likely it's causing a core while the SRTP connection is being stood up.

Cause: libsrtp2-1/testing 2.2.0-1 , specifically the libsrtp2 version that's in the testing branch in debian (and has proliferated to other distros) appears to be bad.

Workaround: Force a downgrade of the SRTP library to the version that's in stretch (2.0.0+20170123-1). On Debian for instance:

apt -t=stretch install libsrtp2*

Taking the libsrtp2 that's in the main branch rather than the testing branch backgrades SRTP so it's working again.


I got Asterisk to core using the latest versions of Bria 5 and Zoiper for Android as SIP clients. The certificate was self-signed with a 4096-bit length key.
 

Members online

PIAF 5 - Powered by 3CX

Forum statistics

Threads
22,510
Messages
138,507
Members
14,637
Latest member
gatoambroggio