Relay cause of hangup on SRTP failure

We hangup the channel after receiving 10 SRTP packets in a row with a
bad auth tag or that are replayed.  Prior to this commit we were
indicating a normal clearing.  When doing interop and looking first at
packet traces, this made freeswitch's behavior look surprising.  With
this commit we'll indicate more loudly what's happening.

diff --git a/src/include/switch_types.h b/src/include/switch_types.h
index e90abe2dd30b5eace3afa57a0c325c58d6aa17dd..55aa80f061fcb6b1699640b860ff9285f700ddf2 100644 (file)
--- a/src/include/switch_types.h
+++ b/src/include/switch_types.h
@@ -1968,7 +1968,8 @@ typedef enum {
        SWITCH_CAUSE_GATEWAY_DOWN = 609,
        SWITCH_CAUSE_INVALID_URL = 610,
        SWITCH_CAUSE_INVALID_PROFILE = 611,
-       SWITCH_CAUSE_NO_PICKUP = 612
+       SWITCH_CAUSE_NO_PICKUP = 612,
+       SWITCH_CAUSE_SRTP_READ_ERROR = 613
 } switch_call_cause_t;
 
 typedef enum {

diff --git a/src/switch_channel.c b/src/switch_channel.c
index df391b9336eb07da3a18845c62f1a13d870ea19a..2168fd396e1f25d25202a025a90f22a2319abd98 100644 (file)
--- a/src/switch_channel.c
+++ b/src/switch_channel.c
@@ -123,6 +123,7 @@ static struct switch_cause_table CAUSE_CHART[] = {
        {"INVALID_URL", SWITCH_CAUSE_INVALID_URL},
        {"INVALID_PROFILE", SWITCH_CAUSE_INVALID_PROFILE},
        {"NO_PICKUP", SWITCH_CAUSE_NO_PICKUP},
+       {"SRTP_READ_ERROR", SWITCH_CAUSE_SRTP_READ_ERROR},
        {NULL, 0}
 };
 

diff --git a/src/switch_rtp.c b/src/switch_rtp.c
index ba0d0eff5c979d843b80f01abc2754a05b9f39ac..ca3d8487ca83e25f7db182bb744d501f941c5fa7 100644 (file)
--- a/src/switch_rtp.c
+++ b/src/switch_rtp.c
@@ -4802,15 +4802,14 @@ static switch_status_t read_rtp_packet(switch_rtp_t *rtp_session, switch_size_t
 
                                if (stat && rtp_session->recv_msg.header.pt != rtp_session->recv_te && rtp_session->recv_msg.header.pt != rtp_session->cng_pt) {
                                        if (++rtp_session->srtp_errs[rtp_session->srtp_idx_rtp] >= MAX_SRTP_ERRS && stat != 10) {
-                                               
+                                               switch_channel_t *channel = switch_core_session_get_channel(rtp_session->session);
                                                switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(rtp_session->session), SWITCH_LOG_ERROR,
                                                                                  "Error: SRTP %s unprotect failed with code %d%s %ld\n", rtp_type(rtp_session), stat,
                                                                                  stat == err_status_replay_fail ? " (replay check failed)" : stat ==
                                                                                  err_status_auth_fail ? " (auth check failed)" : "", (long)*bytes);
-                                               return SWITCH_STATUS_GENERR;
-                                       } else {
-                                               sbytes = 0;
+                                               switch_channel_hangup(channel, SWITCH_CAUSE_SRTP_READ_ERROR);
                                        }
+                                       sbytes = 0;
                                } else {
                                        rtp_session->srtp_errs[rtp_session->srtp_idx_rtp] = 0;
                                }