[Freeswitch-users] SRTP in PhonerLite and Freeswitch
Brian West
brian at freeswitch.org
Thu Apr 24 06:31:00 PDT 2008
Chris,
The a=encryption:optional tag is a Microsoft extension held over
(Snom has removed it in recent beta builds I have). We do not support
it and will not. Grandstream uses RTP/SAVP, Snom will be doing RTP/
SAVP in 7.1.33 (in beta), Polycom does the dual m= line for RTP/SAVP
and RTP/AVP. Offering crypto in an RTP/AVP is wrong please refer to
RFC3711 where it clearly states "The RTP specification establishes a
registry of profile names for use by higher-level control protocols,
such as the Session Description Protocol (SDP), to refer to transport
methods. This profile registers the name "RTP/SAVP"."
If he wishes to see the most recent Snom beta where they are now doing
it correctly please have him contact me.
/b
PS RFC3711 section 12
On Apr 24, 2008, at 4:35 AM, Krzysiek wrote:
> I have just received replay from the author of PhonerLite:
>
> "Hi Chris,
> I don't think it is a bug. I do it like others do too.
> For PhonerLite SRTP is optional (see: a=encryption:optional). So if
> Freeswitch doesn't support this, SRTP fails and RTP is unencrypted.
> This is exactly the the way like Snom and Grandstream offer SRTP in
> their SDP.
>
> I won't change this!
>
> Heiko
>
>
> INVITE sip:123 at 172.16.115.114 SIP/2.0
> Via: SIP/2.0/UDP
> 172.16.115.114
> :5070;branch=z9hG4bK0014de144110dd118b3d00123fa91863;rport
> From: <sip:hs at 172.16.115.114>;tag=3538012975
> To: <sip:123 at 172.16.115.114>
> Call-ID: 0014DE14-4110-DD11-8B3C-00123FA91863 at 172.16.115.114
> CSeq: 1 INVITE
> Contact: <sip:hs at 172.16.115.114:5070>
> Content-Type: application/sdp
> Allow: INVITE, OPTIONS, ACK, BYE, CANCEL, INFO, NOTIFY, MESSAGE,
> UPDATE
> Max-Forwards: 70
> Supported: 100rel, replaces
> User-Agent: SIPPER for PhonerLite
> Content-Length: 506
>
> v=0
> o=- 2350732611 0 IN IP4 172.16.115.114
> s=SIPPER for PhonerLite
> c=IN IP4 172.16.115.114
> t=0 0
> m=audio 5072 RTP/AVP 0 8 2 3 97 110 111 9 101
> a=rtpmap:0 PCMU/8000
> a=rtpmap:8 PCMA/8000
> a=rtpmap:2 G726-32/8000
> a=rtpmap:3 GSM/8000
> a=rtpmap:97 iLBC/8000
> a=rtpmap:110 speex/8000
> a=rtpmap:111 speex/16000
> a=rtpmap:9 G722/8000
> a=rtpmap:101 telephone-event/8000
> a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:PYoCXAWH4BjD/tmuK+Ww5/
> pIa9MIBT424Judwmty
> a=encryption:optional
> a=fmtp:101 0-15
> a=sendrecv "
>
> :(
> Chris
> ----- Original Message -----
> From: Brian West
> To: freeswitch-users at lists.freeswitch.org
> Sent: Thursday, April 24, 2008 1:17 AM
> Subject: Re: [Freeswitch-users] SRTP in PhonerLite and Freeswitch
>
> Well the snom on 7.1.33 will be correct... the Grandstream will work
> correctly also.
>
> /b
>
> On Apr 23, 2008, at 5:31 PM, Krzysiek wrote:
>> Thanks for help and explanation.
>> Yes I know that I should use TLS. This was just a test.
>> That's a pity, that this client is broken. I have just thought that
>> I found nice and free sip client with srtp and tls support. I have
>> found this client here: http://www.phonerlite.de/ , author Heiko
>> Sommerfeldt. I hope, he corrects this bug.
>>
>> >The Polycom is the only phone that does this little tid bit
>> correctly.
>>
>> Do I understand this correctly that there aren't any softphone
>> clients that support SRTP via SDES correctly ? I found few clients
>> that support SRTP here http://en.wikipedia.org/wiki/Comparison_of_VoIP_software
>> but I haven't tested them yet.
>
> Brian West
> sip:brian at freeswitch.org
>
>
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
Brian West
sip:brian at freeswitch.org
More information about the FreeSWITCH-users
mailing list