<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div>Hello Anthony,</div><div><br></div><div>Thanks for your quick response!</div><div><br></div><div><blockquote type="cite"><div>does it work then? I had it disabled on purpose cos I have not<br>confirmed it works yet.<br></div></blockquote></div><div>That would explain it then :-)</div><div><br></div><div>I have managed to get SRTP working for the outbound voice path, but it required a couple of hacks:</div><div>1) It was attempting to decrypt the STUN/ICE Bind Requests and failing. I've bodged it for now by passing the SFF_PLC flag to switch_rtp.c:read_rtp_packet() but I suspect this will stop inbound voice paths from working!</div><div>2) In mod_dingaling.c:try_secure() the incorrect crypto_type is passed to switch_rtp_add_crypto_key(). I suspect there is some confusion between the crypto_type and crypto_send_type/crypto_recv_type members of tech_pvt->transports. I've hacked it for now as shown below.</div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><br></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><span class="Apple-style-span" style="font-family: Helvetica; font-size: medium; ">I hope this is useful to you. I'm going to try with the outbound voice path tomorrow.</span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><span class="Apple-style-span" style="font-family: Helvetica; font-size: medium; "><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><span class="Apple-style-span" style="font-family: Helvetica; font-size: medium; ">Regards,</span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal 11px/normal Monaco; "><span class="Apple-style-span" style="font-family: Helvetica; font-size: medium; "> Richard</span></div><div><br></div><div><br></div><div>For reference here are the diffs:</div><div><br></div><div><br></div><div><br></div><div><div>diff --git a/src/mod/endpoints/mod_dingaling/mod_dingaling.c b/src/mod/endpoints/mod_dingaling/</div><div>index c47f589..1dda789 100644</div><div>--- a/src/mod/endpoints/mod_dingaling/mod_dingaling.c</div><div>+++ b/src/mod/endpoints/mod_dingaling/mod_dingaling.c</div><div>@@ -956,9 +956,11 @@ switch_status_t mdl_build_crypto(struct private_object *tech_pvt, ldl_tran</div><div> char *p;</div><div> </div><div> </div><div>+/*</div><div> if (!switch_test_flag(tech_pvt, TFLAG_SECURE)) {</div><div> return SWITCH_STATUS_SUCCESS;</div><div> }</div><div>+*/</div><div> </div><div> </div><div> if (type == AES_CM_128_HMAC_SHA1_80) {</div><div>@@ -1056,10 +1058,13 @@ static switch_status_t mdl_add_crypto(struct private_object *tech_pvt,</div><div> static void try_secure(struct private_object *tech_pvt, ldl_transport_type_t ttype) </div><div> {</div><div> </div><div>+/*</div><div> if (!switch_test_flag(tech_pvt, TFLAG_SECURE)) {</div><div> return;</div><div> }</div><div> </div><div>+*/</div><div>+ tech_pvt->transports[ttype].crypto_type = tech_pvt->transports[ttype].crypto_recv_type;</div><div> </div><div> //if (tech_pvt->transports[ttype].crypto_type) {</div><div> switch_rtp_add_crypto_key(tech_pvt->transports[ttype].rtp_session, </div></div><div><br></div><div><br></div><div><br></div><div><br></div><div><div>diff --git a/src/switch_rtp.c b/src/switch_rtp.c</div><div>index 7d6ad29..99b4f83 100644</div><div>--- a/src/switch_rtp.c</div><div>+++ b/src/switch_rtp.c</div><div>@@ -3234,6 +3234,7 @@ static int rtp_common_read(switch_rtp_t *rtp_session, switch_payload_t *p</div><div> if (read_pretriggered) {</div><div> read_pretriggered = 0;</div><div> } else {</div><div>+ *flags |= SFF_PLC;</div><div> status = read_rtp_packet(rtp_session, &bytes, flags, SWITCH_TRU</div><div> //switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH</div><div> }</div></div><div><br></div><div><br></div><br><div><div>On 12 Jul 2012, at 00:13, Anthony Minessale wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>does it work then? I had it disabled on purpose cos I have not<br>confirmed it works yet.<br><br><br>On Wed, Jul 11, 2012 at 4:47 AM, Richard Screene<br><<a href="mailto:richard.screene@netdev.co.uk">richard.screene@netdev.co.uk</a>> wrote:<br><blockquote type="cite">Hello,<br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">Using mod_dingaling I am unable to get it to append the crypto details to<br></blockquote><blockquote type="cite">the session-accept Jingle stanza. The message is sent as:<br></blockquote><blockquote type="cite"><snip></blockquote></div></blockquote></div><div>
</div>
<br></body></html>