SRTP: Lower SDES key lifetime minimum to 2^20

SRTP SDES key lifetime support was added in ASTERISK_17899.

In that addition, the minimum key lifetime to be accepted was
set at the 10 hours @ 20ms/packet = 1800000 packets.

The firmware in the obi1xx ATA uses a hardcoded lifetime of
2^20 packets.

Lower the limit to 2^20 to support a wider field of clients.

ASTERISK-27967 #close

Change-Id: I81a0703c595a0c9101dfdf02300149a3cc39bf94

diff --git a/res/res_srtp.c b/res/res_srtp.c
index b92019c50767f2348390ae255d049759ed63b024..7552a7a2ff3842e1ee7146384e2a1b4450a3838d 100644 (file)
--- a/res/res_srtp.c
+++ b/res/res_srtp.c
@@ -980,8 +980,8 @@ static int res_sdp_crypto_parse_offer(struct ast_rtp_instance *rtp, struct ast_s
                                sdes_lifetime = n_lifetime;
                        }
 
-                       /* Accept anything above 10 hours. Less than 10; reject. */
-                       if (sdes_lifetime < 1800000) {
+                       /* Accept anything above ~5.8 hours. Less than ~5.8; reject. */
+                       if (sdes_lifetime < 1048576) {
                                ast_log(LOG_NOTICE, "Rejecting crypto attribute '%s': lifetime '%f' too short\n", attr, sdes_lifetime);
                                continue;
                        }