[Freeswitch-dev] HELP DTLS HANDSHAKE to FAIL chromeV87 (Kaiduan Xie)

Cédric Clavier cedric at saooti.com
Tue Dec 8 13:11:21 UTC 2020 

Thank you very much it works. It save me from a very difficult and speed server migration (ubuntu 16.04 -> ubuntu 20.04).


Cédric Clavier
Chef de projet R&D
06 25 00 45 88

4 rue André Marie Ampère - 22300 Lannion

 <https://saooti.com/>

 <https://twitter.com/saooti> <https://www.linkedin.com/company/291543/admin/>

> Le 8 déc. 2020 à 13:00, freeswitch-dev-request at lists.freeswitch.org a écrit :
> 
> Send FreeSWITCH-dev mailing list submissions to
> 	freeswitch-dev at lists.freeswitch.org
> 
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> or, via email, send a message with subject or body 'help' to
> 	freeswitch-dev-request at lists.freeswitch.org
> 
> You can reach the person managing the list at
> 	freeswitch-dev-owner at lists.freeswitch.org
> 
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of FreeSWITCH-dev digest..."
> Today's Topics:
> 
>   1. Re: HELP DTLS HANDSHAKE to FAIL chromeV87 (Kaiduan Xie)
> 
> De: Kaiduan Xie <kaiduanx at gmail.com>
> Objet: Rép. : [Freeswitch-dev] HELP DTLS HANDSHAKE to FAIL chromeV87
> Date: 4 décembre 2020 à 21:00:39 UTC+1
> À: freeswitch-dev at lists.freeswitch.org
> Cc: "freeswitch-users-request at lists.freeswitch.org" <freeswitch-users-request at lists.freeswitch.org>, FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> 
> 
> If you can build Freeswitch, change the code in switch_rtp.c as below,
> 
>  #if OPENSSL_VERSION_NUMBER >= 0x10100000
>         dtls->ssl_ctx = SSL_CTX_new((type & DTLS_TYPE_SERVER) ? DTLS_server_method() : DTLS_client_method());
>  #else
> -       dtls->ssl_ctx = SSL_CTX_new((type & DTLS_TYPE_SERVER) ? DTLSv1_server_method() : DTLSv1_client_method());
> +       switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(rtp_session->session), SWITCH_LOG_INFO,
> +               "Negotiated DTLS1.2 between remote-host:%s, local-host:%s\n", rtp_session->remote_host_str, rtp_session->local_host_str);
> +       dtls->ssl_ctx = SSL_CTX_new((type & DTLS_TYPE_SERVER) ? DTLSv1_2_server_method() : DTLSv1_2_client_method());
>  #endif
> 
> /Kaiduan
> 
> On Fri, Dec 4, 2020 at 1:09 PM Jazmin Marina Florez Marino <Jazmin.Marino at on24.com <mailto:Jazmin.Marino at on24.com>> wrote:
> Hi
> 
> I have a verto client trying to connect to FS using Chrome V87 but we have DTLS problems.
> 
> The openssl version we are using on FS side is OpenSSL 1.0.2k-fips
> 
> FreeSWITCH (Version 1.8.4  64bit)
> 
>  
> 
>  
> 
> FS LOG - Chrome V87  FAILED CONNECTION
> 
>  
> 
> 2020-12-03 11:23:06.762291 [ERR] switch_rtp.c:3199 video Handshake failure 1
> 
> 2020-12-03 11:23:06.762291 [INFO] switch_rtp.c:3200 Changing video DTLS state from HANDSHAKE to FAIL
> 
> 2020-12-03 11:23:06.832295 [ERR] switch_rtp.c:3199 audio Handshake failure 1
> 
> 2020-12-03 11:23:06.832295 [INFO] switch_rtp.c:3200 Changing audio DTLS state from HANDSHAKE to FAIL
> 
> 2020-12-03 11:23:06.852295 [NOTICE] switch_rtp.c:3181 Hangup verto.rtc/3520 [CS_EXECUTE] [DESTINATION_OUT_OF_ORDER]
> 
> 2020-12-03 11:23:06.852295 [DEBUG] switch_core_media.c:7470 verto.rtc/3520 Video thread ended
> 
> 2020-12-03 11:23:06.872305 [INFO] conference_loop.c:1670 Channel leaving conference, cause: DESTINATION_OUT_OF_ORDER
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_session.c:2639 verto.rtc/3520 skip receive message [DISPLAY] (channel is hungup already)
> 
> 2020-12-03 11:23:06.872305 [DEBUG] mod_conference.c:2467 verto.rtc/3520 skip receive message [TRANSFER] (channel is hungup already)
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_media.c:12220 verto.rtc/3520 skip receive message [BITRATE_REQ] (channel is hungup already)
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_codec.c:248 verto.rtc/3520 Restore previous codec opus:116.
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_session.c:2886 verto.rtc/3520 skip receive message [PHONE_EVENT] (channel is hungup already)
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:650 (verto.rtc/3520) State EXECUTE going to sleep
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:584 (verto.rtc/3520) Running State Change CS_HANGUP (Cur 1 Tot 3)
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:847 (verto.rtc/3520) Callstate Change ACTIVE -> HANGUP
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:849 (verto.rtc/3520) State HANGUP
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:60 verto.rtc/3520 Standard HANGUP, cause: DESTINATION_OUT_OF_ORDER
> 
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:849 (verto.rtc/3520) State HANGUP going to sleep
> 
>  
> 
> The weird thing is the connection works ok when the version of chrome is V86. Some weeks ago chrome was updated and we detected this issue.
> 
>  
> 
> FS LOG - ChromeV86 CONNECTION OK
> 
>  
> 
> 2020-12-03 11:19:19.622294 [INFO] switch_rtp.c:3206 Changing video DTLS state from HANDSHAKE to SETUP
> 
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:3113 video Fingerprint Verified.
> 
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:4104 Activating video Secure RTP SEND
> 
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:4082 Activating video Secure RTP RECV
> 
> 2020-12-03 11:19:19.672317 [DEBUG] switch_core_sqldb.c:2617 Secure Type: srtp:dtls:AES_CM_128_HMAC_SHA1_80
> 
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:3155 Changing video DTLS state from SETUP to READY
> 
> 2020-12-03 11:19:19.672317 [DEBUG] switch_rtp.c:1890 rtcp_stats_init: video ssrc[2719546543] base_seq[1999]
> 
> 2020-12-03 11:19:19.672317 [DEBUG] switch_core_sqldb.c:2617 Secure Type: srtp:dtls:AES_CM_128_HMAC_SHA1_80
> 
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:3206 Changing audio DTLS state from HANDSHAKE to SETUP
> 
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:3113 audio Fingerprint Verified.
> 
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:4104 Activating audio Secure RTP SEND
> 
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:4082 Activating audio Secure RTP RECV
> 
> 2020-12-03 11:19:19.702298 [DEBUG] switch_core_sqldb.c:2617 Secure Type: srtp:dtls:AES_CM_128_HMAC_SHA1_80
> 
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:3155 Changing audio DTLS state from SETUP to READY
> 
> 2020-12-03 11:19:19.702298 [DEBUG] switch_core_sqldb.c:2617 Secure Type: srtp:dtls:AES_CM_128_HMAC_SHA1_80
> 
> _________________________________________________________________________
> 
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com <https://signalwire.com/>
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
> Build your next product on our scalable cloud platform.
> 
> Join our online community to chat in real time https://signalwire.community <https://signalwire.community/>
> 
> Professional FreeSWITCH Services
> sales at freeswitch.com <mailto:sales at freeswitch.com>
> https://freeswitch.com <https://freeswitch.com/>
> 
> Official FreeSWITCH Sites
> https://freeswitch.com/oss <https://freeswitch.com/oss>
> https://freeswitch.org/confluence <https://freeswitch.org/confluence>
> https://cluecon.com <https://cluecon.com/>
> 
> FreeSWITCH-dev mailing list
> FreeSWITCH-dev at lists.freeswitch.org <mailto:FreeSWITCH-dev at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev <http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev>
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev <http://lists.freeswitch.org/mailman/options/freeswitch-dev>
> https://freeswitch.com <https://freeswitch.com/>
> 
> -- 
> Founder of Goodstartsoft
> https://www.goodstartsoft.com <https://www.goodstartsoft.com/>
> 
> _________________________________________________________________________
> 
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
> Build your next product on our scalable cloud platform.
> 
> Join our online community to chat in real time https://signalwire.community
> 
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
> 
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
> 
> FreeSWITCH-dev mailing list
> FreeSWITCH-dev at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-dev
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-dev
> https://freeswitch.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-dev/attachments/20201208/f2aec203/attachment-0001.html>

More information about the FreeSWITCH-dev mailing list