[Freeswitch-users] SRTP
Michael Collins
msc at freeswitch.org
Thu Jun 16 22:01:41 MSD 2011
Are you working off of the default.xml dialplan file? If so, it has an
example condition already:
<condition field="${sip_has_crypto}"
expression="^(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)$"
break="never">
<action application="set" data="sip_secure_media=true"/>
<!-- Offer SRTP on outbound legs if we have it on inbound. -->
<!-- <action application="export" data="sip_secure_media=true"/> -->
</condition>
What exactly are you checking on in your scenario? Most likely there is an
elegant way to do it. Give us the plain language description of the problem
you're addressing and the community will no doubt have good suggestions for
you.
-MC
On Thu, Jun 16, 2011 at 10:22 AM, Rob Hutton <justlikeef at gmail.com> wrote:
> Steven -
>
> Thanks for the help here...
>
> So there would have to be two dialplan entries for this number to work with
> either RTP or SRTP? (Maybe two devices registering to the same user?)
>
> Would it make more since to do this in a more global manner higher up in
> the
> dialplan in its own condition block?
>
>
> On Thursday 16 June 2011 03:15:33 Steven Ayre wrote:
> > {ERR} mod_dialplan_xml.c:110 Nexted conditions are not allowed
> >
> > That's because it shouldn't be nested. It's not missing a /, and the 1st
> > Should have the /. The extra indendation shouldn't be there on the 2nd.
> >
> > It should look like this:
> >
> > <extension name="incoming-fxs">
> > <condition field="destination_number" expression="^(202)$"/>
> > <condition field="${sip_has_crypto}"
> > expression="^(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)$"
> > break="never">
> > <action application="set" data="sip_secure_media=true"/>
> > <action application="bridge" data="openzap/1/1"/>
> > </condition>
> > </extension>
> >
> > The two conditions function as an AND, even though it's not nested. FS
> > stops checking the extension as soon as it sees a condition that's false
> > (at least by default and in the above case), so if the destination is not
> > 202 it'll never get to the 2nd condition.
> >
> > -Steve
> >
> > On 16 June 2011 03:10, Rob Hutton <justlikeef at gmail.com> wrote:
> > > I think I have TLS and SRTP working at this point, but in the docs it
> > > says to use the following template for the dialplan:
> > >
> > > http://wiki.freeswitch.org/wiki/Secure_RTP:
> > > <extension name="incoming-fxs">
> > >
> > > <condition field="destination_number" expression="^(202)$"/>
> > >
> > > <condition field="${sip_has_crypto}"
> > >
> > > expression="^(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)$"
> > > break="never">
> > >
> > > <action application="set" data="sip_secure_media=true"/>
> > > <action application="bridge" data="openzap/1/1"/>
> > >
> > > </condition>
> > >
> > > </extension
> > >
> > > 1) There is a missing > at the end of the close extension tag.
> > > 2) There is either a missing / at the end of the internal condition
> line,
> > > or a missing condition close tag somewhere
> > > 3) When I fix the interal condition, I get an error:
> > >
> > > {ERR} mod_dialplan_xml.c:110 Nexted conditions are not allowed
> > >
> > > All this, but a packet capture shows that SRTP is working based on what
> I
> > > did on:
> > >
> > > http://wiki.freeswitch.org/wiki/SIP_TLS
> > >
> > > Can someone give me some guidance on the Secure_RTP page and I will
> > > update whatever?
> > >
> > > _______________________________________________
> > > FreeSWITCH-users mailing list
> > > FreeSWITCH-users at lists.freeswitch.org
> > > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> > > UNSUBSCRIBE:
> http://lists.freeswitch.org/mailman/options/freeswitch-users
> > > http://www.freeswitch.org
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20110616/acb50424/attachment.html
More information about the FreeSWITCH-users
mailing list