Merge "SRTP: Lower SDES key lifetime minimum to 2^20"

asterisk · Jul 18, 2018 · 5f01f73 · 5f01f73
2 parents d9596b5 + 993ba84
commit 5f01f73
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/res/res_srtp.c b/res/res_srtp.c
@@ -980,8 +980,8 @@ static int res_sdp_crypto_parse_offer(struct ast_rtp_instance *rtp, struct ast_s
 				sdes_lifetime = n_lifetime;
 			}
 
-			/* Accept anything above 10 hours. Less than 10; reject. */
-			if (sdes_lifetime < 1800000) {
+			/* Accept anything above ~5.8 hours. Less than ~5.8; reject. */
+			if (sdes_lifetime < 1048576) {
 				ast_log(LOG_NOTICE, "Rejecting crypto attribute '%s': lifetime '%f' too short\n", attr, sdes_lifetime);
 				continue;
 			}