[Freeswitch-users] Linphone + Freeswitch + SRTP

Jurijs Ivolga jurij.ivo at gmail.com
Wed Nov 4 17:06:27 MSK 2015 

Hi,

First of all I'm sorry if this not a really good place to ask, but I
spotted very strange behavior using Linphone and Freeswitch.

I'm not sure that this is 100% Freeswitch bug, but maybe you point me to
proper direction.

Test environment:

Linphone =SRTP==> Freeswitch =SRTP==> 2nd Linphone

Linphone & 2nd Linphone located behind NAT in same private network.

1) This invite is sent from Linphone to Freeswitch:

I left only SDP part where all ciphers are listed(same I did for all other
sip packages)

a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:2QEye591aHIqRwdLODMrr8ieQBBHl5WdIizE0NH2.
a=crypto:2 AES_CM_128_HMAC_SHA1_32
inline:d6K8m+tGEMvkEbRm5Zzy6KQkrlwS78l7wGufgx8S.
a=crypto:3 AES_CM_256_HMAC_SHA1_80
inline:PMvGinW3fpIejXOWDskUNWUhBX1KRlhrPkbrP0Nv4L/+My1V7w2r/ALSyLhkPg==.
a=crypto:4 AES_CM_256_HMAC_SHA1_32
inline:ZsdwMe0D+RauGydaQ90qG7pfOvdW6m9cxjbBhJ5AUaNSTecse9Sk3lRzlgZuSA==.

2) Trying from Freeswitch

3) Freeswitch replies Proxy Authentication Required

4) ACK from Linphone

5) Linphone sends one more invite to Freeswitch:

a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:2QEye591aHIqRwdLODMrr8ieQBBHl5WdIizE0NH2.
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:d6K8m+tGEMvkEbRm5Zzy6KQkrlwS

*As we can see this is something very strange, cause Linphone first invite
send 4 ciphers, but now it sends only 2 and it looks like that second one
is missing something.*

6) Trying from freeswitch

7) Invite sent from Freeswitch to 2nd Linphone

a=crypto:1 AEAD_AES_256_GCM_8
inline:jotCMStRYMvwWT18wMqmgwAu6mVBKaIkENGh8HLF0UYFEcwGnoQpM0m4juU.
a=crypto:2 AEAD_AES_128_G

And as we can see in Invite from Freeswitch to 2nd Linphone ciphers are
completely different from what Linphone sent in second Invite. I think this
is not 100% Linphone bug. What you think?

Full sip trace you can find in attachemnt, additionnally I will rase same
issue on Linphone side.

With kind regards,

Jurijs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20151104/80423ee5/attachment.html 
-------------- next part --------------
#
U linphone_ip:46373 -> freeswitch_ip_address:5060
INVITE sip:1000 at freeswitch_ip_address SIP/2.0.
Via: SIP/2.0/UDP 192.168.5.146:49753;branch=z9hG4bK.wu34Vty9R;rport.
From: <sip:1002 at freeswitch_ip_address>;tag=T7Oti-pIH.
To: sip:1000 at freeswitch_ip_address.
CSeq: 20 INVITE.
Call-ID: IhjiX3dwya.
Max-Forwards: 70.
Supported: outbound.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO, UPDATE.
Content-Type: application/sdp.
Content-Length: 869.
Contact: <sip:1002 at linphone_ip:46373>;+sip.instance="<urn:uuid:353290b2-cccb-4138-b097-05158ab176ad>".
User-Agent: Linphone_iPhone7,2_iOS9.1/2.4-3-g94e1037 (belle-sip/1.4.1).
.
v=0.
o=1002 3337 126 IN IP4 192.168.5.146.
s=Talk.
c=IN IP4 192.168.5.146.
b=AS:380.
t=0 0.
a=rtcp-xr:rcvr-rtt=all:10000 stat-summary=loss,dup,jitt,TTL voip-metrics.
m=audio 7286 RTP/SAVP 96 97 98 99 0 8 101 100 102.
a=rtpmap:96 opus/48000/2.
a=fmtp:96 useinbandfec=1.
a=rtpmap:97 SILK/16000.
a=rtpmap:98 speex/16000.
a=fmtp:98 vbr=on.
a=rtpmap:99 speex/8000.
a=fmtp:99 vbr=on.
a=rtpmap:101 telephone-event/48000.
a=rtpmap:100 telephone-event/16000.
a=rtpmap:102 telephone-event/8000.
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:2QEye591aHIqRwdLODMrr8ieQBBHl5WdIizE0NH2.
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:d6K8m+tGEMvkEbRm5Zzy6KQkrlwS78l7wGufgx8S.
a=crypto:3 AES_CM_256_HMAC_SHA1_80 inline:PMvGinW3fpIejXOWDskUNWUhBX1KRlhrPkbrP0Nv4L/+My1V7w2r/ALSyLhkPg==.
a=crypto:4 AES_CM_256_HMAC_SHA1_32 inline:ZsdwMe0D+RauGydaQ90qG7pfOvdW6m9cxjbBhJ5AUaNSTecse9Sk3lRzlgZuSA==.

#
U freeswitch_ip_address:5060 -> linphone_ip:46373
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 192.168.5.146:49753;branch=z9hG4bK.wu34Vty9R;rport=46373;received=linphone_ip.
From: <sip:1002 at freeswitch_ip_address>;tag=T7Oti-pIH.
To: sip:1000 at freeswitch_ip_address.
Call-ID: IhjiX3dwya.
CSeq: 20 INVITE.
User-Agent: FreeSWITCH-mod_sofia/1.4.21~64bit.
Content-Length: 0.
.

#
U freeswitch_ip_address:5060 -> linphone_ip:46373
SIP/2.0 407 Proxy Authentication Required.
Via: SIP/2.0/UDP 192.168.5.146:49753;branch=z9hG4bK.wu34Vty9R;rport=46373;received=linphone_ip.
From: <sip:1002 at freeswitch_ip_address>;tag=T7Oti-pIH.
To: <sip:1000 at freeswitch_ip_address>;tag=XK6jSv113rSFD.
Call-ID: IhjiX3dwya.
CSeq: 20 INVITE.
User-Agent: FreeSWITCH-mod_sofia/1.4.21~64bit.
Accept: application/sdp.
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY.
Supported: timer, path, replaces.
Allow-Events: talk, hold, conference, refer.
Proxy-Authenticate: Digest realm="freeswitch_ip_address", nonce="672c38e4-82f9-11e5-85b8-8341447a2074", algorithm=MD5, qop="auth".
Content-Length: 0.
.

#
U linphone_ip:46373 -> freeswitch_ip_address:5060
ACK sip:1000 at freeswitch_ip_address SIP/2.0.
Via: SIP/2.0/UDP 192.168.5.146:49753;branch=z9hG4bK.wu34Vty9R;rport.
Call-ID: IhjiX3dwya.
From: <sip:1002 at freeswitch_ip_address>;tag=T7Oti-pIH.
To: <sip:1000 at freeswitch_ip_address>;tag=XK6jSv113rSFD.
Contact: <sip:1002 at linphone_ip:46373>;+sip.instance="<urn:uuid:353290b2-cccb-4138-b097-05158ab176ad>".
Max-Forwards: 70.
CSeq: 20 ACK.
.

#
U linphone_ip:46373 -> freeswitch_ip_address:5060
INVITE sip:1000 at freeswitch_ip_address SIP/2.0.
Via: SIP/2.0/UDP 192.168.5.146:49753;branch=z9hG4bK.6qqHie0jI;rport.
From: <sip:1002 at freeswitch_ip_address>;tag=T7Oti-pIH.
To: sip:1000 at freeswitch_ip_address.
CSeq: 21 INVITE.
Call-ID: IhjiX3dwya.
Max-Forwards: 70.
Supported: outbound.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO, UPDATE.
Content-Type: application/sdp.
Content-Length: 869.
Contact: <sip:1002 at linphone_ip:46373>;+sip.instance="<urn:uuid:353290b2-cccb-4138-b097-05158ab176ad>".
User-Agent: Linphone_iPhone7,2_iOS9.1/2.4-3-g94e1037 (belle-sip/1.4.1).
Proxy-Authorization:  Digest realm="freeswitch_ip_address", nonce="672c38e4-82f9-11e5-85b8-8341447a2074", algorithm=MD5, username="1002",  uri="sip:1000 at freeswitch_ip_address", response="4917e1df6d262a8c
a1b380880c32bece", cnonce="72980da5", nc=00000001, qop=auth.
.
v=0.
o=1002 3337 126 IN IP4 192.168.5.146.
s=Talk.
c=IN IP4 192.168.5.146.
b=AS:380.
t=0 0.
a=rtcp-xr:rcvr-rtt=all:10000 stat-summary=loss,dup,jitt,TTL voip-metrics.
m=audio 7286 RTP/SAVP 96 97 98 99 0 8 101 100 102.
a=rtpmap:96 opus/48000/2.
a=fmtp:96 useinbandfec=1.
a=rtpmap:97 SILK/16000.
a=rtpmap:98 speex/16000.
a=fmtp:98 vbr=on.
a=rtpmap:99 speex/8000.
a=fmtp:99 vbr=on.
a=rtpmap:101 telephone-event/48000.
a=rtpmap:100 telephone-event/16000.
a=rtpmap:102 telephone-event/8000.
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:2QEye591aHIqRwdLODMrr8ieQBBHl5WdIizE0NH2.
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:d6K8m+tGEMvkEbRm5Zzy6KQkrlwS
#
U freeswitch_ip_address:5060 -> linphone_ip:46373
SIP/2.0 100 Trying.
Via: SIP/2.0/UDP 192.168.5.146:49753;branch=z9hG4bK.6qqHie0jI;rport=46373;received=linphone_ip.
From: <sip:1002 at freeswitch_ip_address>;tag=T7Oti-pIH.
To: sip:1000 at freeswitch_ip_address.
Call-ID: IhjiX3dwya.
CSeq: 21 INVITE.
User-Agent: FreeSWITCH-mod_sofia/1.4.21~64bit.
Content-Length: 0.
.

#
U freeswitch_ip_address:5060 -> linphone_ip:7934
INVITE sip:1000 at linphone_ip:7934;app-id=622464153529;pn-type=google;pn-tok=APA91bGn_dfOuanH4LuoRjnOlklsuO1QGDwtO6qO_eDiH8sAnSRd98JlkCDc0adaz4trHOn6J8LHJysimvEguCP6j6Ct4UDtyw1gubW5OeJIH0YcK
RoshhI SIP/2.0.
Via: SIP/2.0/UDP freeswitch_ip_address;rport;branch=z9hG4bKraycKmHDQ7UmS.
Max-Forwards: 69.
From: "Extension 1002" <sip:1002 at freeswitch_ip_address>;tag=Z5r4vj38Xa6mm.
To: <sip:1000 at linphone_ip:7934;app-id=622464153529;pn-type=google;pn-tok=APA91bGn_dfOuanH4LuoRjnOlklsuO1QGDwtO6qO_eDiH8sAnSRd98JlkCDc0adaz4trHOn6J8LHJysimvEguCP6j6Ct4UDtyw1gubW5OeJIH0YcKRo
shhI>.
Call-ID: 3e9790cc-fd9c-1233-2891-000c291961fa.
CSeq: 82986105 INVITE.
Contact: <sip:mod_sofia at freeswitch_ip_address:5060>.
User-Agent: FreeSWITCH-mod_sofia/1.4.21~64bit.
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY.
Supported: timer, path, replaces.
Allow-Events: talk, hold, conference, refer.
Content-Type: application/sdp.
Content-Disposition: session.
Content-Length: 1956.
X-FS-Support: update_display,send_info.
Remote-Party-ID: "Extension 1002" <sip:1002 at freeswitch_ip_address>;party=calling;screen=yes;privacy=off.
.
v=0.
o=FreeSWITCH 1446625829 1446625830 IN IP4 freeswitch_ip_address.
s=FreeSWITCH.
c=IN IP4 freeswitch_ip_address.
t=0 0.
m=audio 18510 RTP/SAVP 0 8 101 13.
a=rtpmap:0 PCMU/8000.
a=rtpmap:8 PCMA/8000.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-16.
a=crypto:1 AEAD_AES_256_GCM_8 inline:jotCMStRYMvwWT18wMqmgwAu6mVBKaIkENGh8HLF0UYFEcwGnoQpM0m4juU.
a=crypto:2 AEAD_AES_128_G

Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list