rtp: Randomize the initial sequence number for RFC compliance

The usage of random() is not that unpredictable but the closest we can get right now. RFC 3550: The initial value of the sequence number SHOULD be random (unpredictable) to make known-plaintext attacks on encryption more difficult, even if the source itself does not encrypt according to the method in Section 9.1, because the packets may flow through a translator that does. Techniques for choosing unpredictable numbers are discussed in [17]. Fixes: SYS#403
author: Holger Hans Peter Freyther <holger@moiji-mobile.com> 2014-06-24 10:57:35 +0200
committer: Holger Hans Peter Freyther <holger@moiji-mobile.com> 2014-06-24 10:59:43 +0200
commit: bf6f1f4a37c254f5046de555092b8c0b8c0940a6 (patch)
tree: c678dfda2b2f81248cf58e36dc32095adaed0c30
parent: d67f3f04ab59e766521b234bff6b40be21f279ff (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/trau/osmo_ortp.c b/src/trau/osmo_ortp.c
index 2f2f26c..89a69ee 100644
--- a/src/trau/osmo_ortp.c
+++ b/src/trau/osmo_ortp.c
@@ -337,6 +337,10 @@ struct osmo_rtp_socket *osmo_rtp_socket_create(void *talloc_ctx, unsigned int fl
 				   (RtpCallback) ortp_sig_cb_ts,
 				   (unsigned long) rs);
 
+	/* initialize according to the RFC */
+	rtp_session_set_seq_number(rs->sess, random());
+	
+
 	return rs;
 }
author	Holger Hans Peter Freyther <holger@moiji-mobile.com>	2014-06-24 10:57:35 +0200
committer	Holger Hans Peter Freyther <holger@moiji-mobile.com>	2014-06-24 10:59:43 +0200
commit	bf6f1f4a37c254f5046de555092b8c0b8c0940a6 (patch)
tree	c678dfda2b2f81248cf58e36dc32095adaed0c30
parent	d67f3f04ab59e766521b234bff6b40be21f279ff (diff)