[Freeswitch-users] Get ZRTP SAS from other side of MITM call

Bill Ross rossbcan at gmail.com
Fri Mar 21 22:07:05 MSK 2014


Hi Brian;

I sorted this out, this is FYI

Topology1:

Non ZRTP UA (local extension) from / to FS MITM from / to  ZRTP UA via
gateway (incoming call from another SIP switch)

The aleg (from gateway via MITM) DOES contain the security variables and the
SAS is available. No problem

Topology2:

Non ZRTP UA (local extension) from / to FS MITM from / to  ZRTP UA via
gateway from / to another GW on same FS from / to a ZRTP UA on same FS

This is a corner case. Normally, the two extensions would directly dial
themselves, rather than wastefully consuming two gateways.

Error (from log):

[ zrtp engine]: Received a ZRTP_HELLO packet with the same ZRTP ID that we
have.
This is likely due to a bug in the software. Ignoring the ZRTP_HELLO
packet, therefore this call cannot be encrypted.
[ zrtp engine]:    Enter InitiatingError State with ERROR:<Equal ZIDs in
Hello>, notification Enabled. ID=1

This is not a problem for me, but, if you like, can enter it as a bug in
Jira, if U think this case is worth handling.

Regards;
Bill


-----Original Message-----
From: Bill Ross [mailto:rossbcan at gmail.com] 
Sent: March-21-14 12:44 PM
To: 'FreeSWITCH Users Help'
Subject: RE: [Freeswitch-users] Get ZRTP SAS from other side of MITM call

Hi Brian;

So am I:)

Standby on this one. Have an error message in the log regarding identical
ZRTP ID's. Believe it is because of topology.

Scenario:

Non ZRTP UA (local extension) from / to FS MITM from / to  ZRTP UA via
gateway (not stated, this call was from another ZRTP extension via another
gateway on same FS)

So, FS MITM ZRTP (incoming) is attempting to negotiate ZRTP with itself from
another gateway, also itself

I saw a log message regarding identical ZRTP ID's, encryption fail, possible
bug, looking into it

For now, am verifying that if the gateway receives a ZRTP call from another
switch, that aleg contains security variables.

Regards;
Bill
-----Original Message-----
From: freeswitch-users-bounces at lists.freeswitch.org
[mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Brian
West
Sent: March-21-14 12:06 PM
To: FreeSWITCH Users Help
Subject: Re: [Freeswitch-users] Get ZRTP SAS from other side of MITM call

It should do this automatically. Why are you trying to manually pass these
across?  I’m confused.

--
Brian West
brian at freeswitch.org
FreeSWITCH Solutions, LLC
PO BOX 2531
Brookfield, WI 53008-2531
Twitter: @FreeSWITCH , @briankwest
http://www.freeswitchbook.com
http://www.freeswitchcookbook.com

T: +1.918.420.9001  |  F: +1.918.420.9002  |  M: +1.918.424.WEST
iNUM: +883 5100 1420 9001
ISN: 410*543
Skype:briankwest
PGP Key: http://www.bkw.org/key.txt (AB93356707C76CED)













On Mar 21, 2014, at 10:55 AM, Bill Ross <rossbcan at gmail.com> wrote:

> Folks;
>  
> Scenario:
>  
> Non ZRTP UA (local extension) ßà FS MITM ßà ZRTP UA via gateway
>  
> I am attempting to get the ZRTP SAS from the ZRTP call which is 
> received via gateway and bridged to Non ZRTP UA
>  
> It appears that in MITM scenario, the aleg uuid (for non-ZRTP call) is 
> identical (recycled less security variables) to the ZRTP aleg uuid
>  
> Is there any way to get variables (luarun script) from the ZRTP call
(other side of MITM) from within the uuid context of the non ZRTP call?
>  
> Or, other suggestions, since my newbie status is inevitably “missing
something”
>  
> Thanks;
> Bill Ross
> ______________________________________________________________________
> ___ Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
> 
>  
> 
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-use
> rs
> http://www.freeswitch.org





Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users mailing list