[Freeswitch-dev] mod_dingaling does not set crypto

Richard Screene richard.screene at netdev.co.uk
Thu Jul 12 20:58:43 MSD 2012 

Hello Anthony,

Thanks for your quick response!

> does it work then? I had it disabled on purpose cos I have not
> confirmed it works yet.

That would explain it then :-)

I have managed to get SRTP working for the outbound voice path, but it required a couple of hacks:
1) It was attempting to decrypt the STUN/ICE Bind Requests and failing.  I've bodged it for now by passing the SFF_PLC flag to switch_rtp.c:read_rtp_packet() but I suspect this will stop inbound voice paths from working!
2) In mod_dingaling.c:try_secure() the incorrect crypto_type is passed to switch_rtp_add_crypto_key().  I suspect there is some confusion between the crypto_type and crypto_send_type/crypto_recv_type members of tech_pvt->transports.  I've hacked it for now as shown below.

I hope this is useful to you.  I'm going to try with the outbound voice path tomorrow.

Regards,
  Richard


For reference here are the diffs:



diff --git a/src/mod/endpoints/mod_dingaling/mod_dingaling.c b/src/mod/endpoints/mod_dingaling/
index c47f589..1dda789 100644
--- a/src/mod/endpoints/mod_dingaling/mod_dingaling.c
+++ b/src/mod/endpoints/mod_dingaling/mod_dingaling.c
@@ -956,9 +956,11 @@ switch_status_t mdl_build_crypto(struct private_object *tech_pvt, ldl_tran
        char *p;
 
 
+/*
        if (!switch_test_flag(tech_pvt, TFLAG_SECURE)) {
                return SWITCH_STATUS_SUCCESS;
        }
+*/
 
 
        if (type == AES_CM_128_HMAC_SHA1_80) {
@@ -1056,10 +1058,13 @@ static switch_status_t mdl_add_crypto(struct private_object *tech_pvt,
 static void try_secure(struct private_object *tech_pvt, ldl_transport_type_t ttype) 
 {
 
+/*
        if (!switch_test_flag(tech_pvt, TFLAG_SECURE)) {
                return;
        }
 
+*/
+       tech_pvt->transports[ttype].crypto_type = tech_pvt->transports[ttype].crypto_recv_type;
 
        //if (tech_pvt->transports[ttype].crypto_type) {
                switch_rtp_add_crypto_key(tech_pvt->transports[ttype].rtp_session, 




diff --git a/src/switch_rtp.c b/src/switch_rtp.c
index 7d6ad29..99b4f83 100644
--- a/src/switch_rtp.c
+++ b/src/switch_rtp.c
@@ -3234,6 +3234,7 @@ static int rtp_common_read(switch_rtp_t *rtp_session, switch_payload_t *p
                        if (read_pretriggered) {
                                read_pretriggered = 0;
                        } else {
+                               *flags |= SFF_PLC;
                                status = read_rtp_packet(rtp_session, &bytes, flags, SWITCH_TRU
                                //switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH
                        }



On 12 Jul 2012, at 00:13, Anthony Minessale wrote:

> does it work then? I had it disabled on purpose cos I have not
> confirmed it works yet.
> 
> 
> On Wed, Jul 11, 2012 at 4:47 AM, Richard Screene
> <richard.screene at netdev.co.uk> wrote:
>> Hello,
>> 
>> Using mod_dingaling I am unable to get it to append the crypto details to
>> the session-accept Jingle stanza.  The message is sent as:
>> <snip>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20120712/e86db49a/attachment-0001.html

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-dev mailing list