SRTP: Lower SDES key lifetime minimum to 2^20

SRTP SDES key lifetime support was added in ASTERISK_17899. In that addition, the minimum key lifetime to be accepted was set at the 10 hours @ 20ms/packet = 1800000 packets. The firmware in the obi1xx ATA uses a hardcoded lifetime of 2^20 packets. Lower the limit to 2^20 to support a wider field of clients. ASTERISK-27967 #close Change-Id: I81a0703c595a0c9101dfdf02300149a3cc39bf94
7 years ago · 6a0847cfc6
parent 694503d378
commit 6a0847cfc6
1 changed files with 2 additions and 2 deletions
--- a/main/sdp_srtp.c
+++ b/main/sdp_srtp.c
@ -322,8 +322,8 @@ int ast_sdp_crypto_process(struct ast_rtp_instance *rtp, struct ast_sdp_srtp *sr
 				sdes_lifetime = n_lifetime;
 			}

-			/* Accept anything above 10 hours. Less than 10; reject. */
-			if (sdes_lifetime < 1800000) {
+			/* Accept anything above ~5.8 hours. Less than ~5.8; reject. */
+			if (sdes_lifetime < 1048576) {
 				ast_log(LOG_NOTICE, "Rejecting crypto attribute '%s': lifetime '%f' too short\n", attr, sdes_lifetime);
 				continue;
 			}