[Freeswitch-users] Problem about ZRTP call

Zhang, Yu (Floyd) floyd.zhang at alcatel-lucent.com
Mon Jul 21 13:26:54 MSD 2014 

Hi all,

I'm not sure about the right FS expert to my problem so I sent mail to all users, hope someone could help me, thanks in advance!

We are doing a small test with amazing freeswitch. Our goal is to use two linphone clients with FS to have an E2E call with ZRTP encrypted.

Our environment is:

Freeswitch-1.2.17 (compiled with zrtp-enabled)+Linphone+ubuntu12.04LTS

We can do a non-zrtp call with FS successfully, but when we doing the zrtp, we encountered problem (before that, I have configure the environment with issuing
               global_setvar zrtp_secure_media=true
           global_setvar zrtp_enrollment=true

The problem is, after serveral seconds good voice, there will be silence but call not drop, we can see the log info:

2014-07-21 11:30:41.904140 [DEBUG] switch_rtp.c:927  [  zrtp utils]:        Send <SASRELAY> ssrc=1338834216 seq=51924 size=92. Stream 20:DH:SASRELAY
2014-07-21 11:30:41.904140 [DEBUG] switch_rtp.c:927  [zrtp protoco]: ERROR! Decrypt failed. ID=20:DH s=SRTP authentication failure (RTP size=172 ssrc=2087558422 seq=13/13 pt=0)
2014-07-21 11:30:41.924173 [DEBUG] switch_rtp.c:927  [zrtp protoco]: ERROR! Decrypt failed. ID=20:DH s=SRTP authentication failure (RTP size=172 ssrc=2087558422 seq=14/14 pt=0)
....
2014-07-21 11:30:51.384177 [DEBUG] switch_rtp.c:927  [   zrtp mitm]: WARNING! SASRELAY Max retransmissions count reached. ID=20
2014-07-21 11:30:51.384177 [DEBUG] switch_rtp.c:927  [ zrtp engine]:     Enter InitiatingError State with ERROR:<Protocol Packets Retries Timeout>, notification Disabled. ID=20
2014-07-21 11:30:51.384177 [DEBUG] switch_rtp.c:927  [        zrtp]:         Stream ID=20 DH switching <SASRELAY> ---> <ERROR>.

The full log is in the attachment.

Could you help me solve some of my questions about that:

1.       How did this happen? Is there any additional configurations that I missed for ZRTP/SAS configure? If yes, which file I need to configure them in and is there an example for it?

2.       I want to know the mechanism about the ZRTP running in FS, if the media flow has already encrypted in linphone side, then what FS side did with the voip call flow regarding ZRTP? I am looking into the code yet I still want to know the specific docs to clarify that

3.       What role does the FS play in this kind of VoIP call? Does it do operations towards the encrypted traffic or it will encrypt that? Is there any method that FS only played the role of signaling server and traffic is flowed between point-to-point, i.e., by pass the freeswitch server.


I would highly appreciate any of your help about my question, hope it could be solved under your great help. Look forward to your reply!

Thanks,
Floyd


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140721/32a491b5/attachment-0001.html 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Freeswitch_ZRTP_Failed.txt
Url: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140721/32a491b5/attachment-0001.txt

Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list