[Freeswitch-users] Calls from SRTP Clients to non-SRTP clients
R W
wingcomm at hotmail.com
Mon Aug 27 10:34:17 MSD 2012
Richard et al.,
Thank you for your insight. To answer your last question, I did refer to Bria for the iPhone and Bria 3 on Mac OS X since I assumed this issue was limited to non-SRTP devices and SRTP devices. However, further testing, however has shown what appears to be an incompatibility between Bria for the iPhone and Bria for Mac OS X.
Both devices can make/receive calls through FreeSWITCH to external providers and to services like voicemail and I can verify that SRTP is active between FreeSWITCH <-> Bria. I can even make calls to between Bria for iOS (iPhone/iPad) to other Bria for iOS devices with SRTP...
However with SRTP enabled/required on both Bria softphones (iOS/iPhone/iPad and Mac OS X) I get a "SERVICE_NOT_IMPLEMENTED" in FreeSWITCH when I call Bria (iOS/Mac OS X) to Bria (iOS/Mac OS X).
2012-08-27 02:16:33.501940 [NOTICE] sofia.c:6847 Hangup sofia/internal/sip:2003@<ip removed>:63615 [CS_CONSUME_MEDIA] [SERVICE_NOT_IMPLEMENTED]...2012-08-27 02:16:33.501940 [DEBUG] switch_ivr_originate.c:3458 Originate Resulted in Error Cause: 79 [SERVICE_NOT_IMPLEMENTED]2012-08-27 02:16:33.501940 [NOTICE] switch_ivr_originate.c:2544 Cannot create outgoing channel of type [user] cause: [SERVICE_NOT_IMPLEMENTED]2012-08-27 02:16:33.501940 [DEBUG] switch_ivr_originate.c:3458 Originate Resulted in Error Cause: 79 [SERVICE_NOT_IMPLEMENTED]2012-08-27 02:16:33.501940 [INFO] mod_dptools.c:3027 Originate Failed. Cause: SERVICE_NOT_IMPLEMENTED
I am going to do a little further testing, but any insight into what this could be would be appreciated. Has anyone else seen this?
Best,
-Rob
Date: Tue, 14 Aug 2012 18:41:03 +0100
From: rnbrady at gmail.com
To: freeswitch-users at lists.freeswitch.org
Subject: Re: [Freeswitch-users] Calls from SRTP Clients to non-SRTP clients
> is there a way to force FreeSWITCH to establish an SRTP call to clients when the originating client does not support SRTP?
This should work by default, assuming you are setting sip_secure_media in the appropriate place.
FreeSWITCH should negotiate both channels (legs) independently. So if the A-end has no SRTP, that should not prevent FreeSWITCH from sending a INVITE to the B-end with SRTP specified (i.e. SAVP in the SDP with a crypto attribute).
I think "all or nothing" doesn't imply both ends of the call, it implies all calls or none of the calls calls. So an inbound or outbound call without SRTP will be rejected. Hope this makes sense.
However, in the default dialplan there is a condition that will cause FreeSWITCH to implement such a policy. It is commented out by default:
<condition field="${sip_has_crypto}" expression="^(AES_CM_128_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_80)$" break="never">
<action application="set" data="sip_secure_media=true"/> <!-- Offer SRTP on outbound legs if we have it on inbound. --> <!-- <action application="export" data="sip_secure_media=true"/> -->
</condition>
So if you uncommented that export line you would experience the behaviour you described.
Assuming you have not done that, could it be that Bria is simply rejecting any INVITE with SDP that does not contain an SAVP entry with a crypto attribute? If this was the case you would find all inbound call to that extension failing.
Actually I wonder if this is what happened and then caused you to uncomment the line above, which has led you to your conclusion, as this would cause only calls coming from SRTP devices to work. If so, you'd want to comment it out again and find a different way to create a group for all users with SRTP devices and use a dialplan condition to decide whether or not to export sip_secure_media=true.
Alternatively you could try for some sort of fall-back mechanism but you'd have to think carefully about this to make it secure and/or stable.
Good luck!
Richard
PS: In your first paragraph, did you mean Bria for iPhone in both cases?
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
consulting at freeswitch.org
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://wiki.freeswitch.org
http://www.cluecon.com
Join Us At ClueCon - Aug 7-9, 2012
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120827/357b510e/attachment.html
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list