[Freeswitch-users] Issue connecting to FS with SRTP

Anthony Minessale anthony.minessale at gmail.com
Wed Aug 17 21:38:13 MSD 2016


Try master
https://freeswitch.org/jira/browse/FS-9434


On Wed, Aug 17, 2016 at 9:36 AM, Oleg Stolyar <olegstolyar at gmail.com> wrote:

> Is there some RFC or some other authoritative source that would say
> whether "UDP/TLS/RTP/SAVP" or "RTP/SAVP" is the correct value for
> DLTS-SRTP for NON-WebRTC connections?
>
> If the former, then I'll file a Jira in FS.  If the latter, I'll work with
> the SDK developers to fix.
>
> On Wed, Aug 17, 2016 at 7:18 AM, Sergey Safarov <s.safarov at gmail.com>
> wrote:
>
>> Correct way to fix on client side but if it is not possible then SDP
>> rewrite can be made on server side.
>> For SRD rewrite on server side i recoment use kamailio proxy server.
>>
>> About DTLS. I has found that use DTLS requres modern crypro lib. Try
>> FreeSwitch on fedora server distr or other with modern crypto lib.
>>
>> Sergey.
>>
>> ср, 17 авг. 2016 г. в 13:23, Oleg Stolyar <olegstolyar at gmail.com>:
>>
>>> I think you are right Sergey.  Should it be fixed on the FS side or on
>>> the client SDK side though?  Which is the right value?
>>>
>>> By the way, the SDK can do either dtls or sdes.  This issue happens with
>>> dtls.  Sdes works fine and I can establish a call.
>>>
>>> On Aug 16, 2016 10:14 PM, "Sergey Safarov" <s.safarov at gmail.com> wrote:
>>>
>>> Think issue related to "m=audio 61434 UDP/TLS/RTP/SAVP"
>>> Try "m=audio 61434 RTP/SAVP"
>>>
>>> ср, 17 авг. 2016 г. в 5:35, Oleg Stolyar <olegstolyar at gmail.com>:
>>>
>>>> Thanks Gonzalo,
>>>>
>>>> That setup on the FS side refers to TLS and as I said TLS is working
>>>> for me, I have it set up.
>>>>
>>>> SRTP should work out of the box AFAIK.  I suspect there is something in
>>>> the SDP I posted that FS considers to be non-compliant with the specs.  Not
>>>> sure what though and whether it's a bug in FS or in the client SDK I am
>>>> using.
>>>>
>>>> On Tue, Aug 16, 2016 at 7:22 PM, Gonzalo Gasca Meza <
>>>> gascagonzalo at gmail.com> wrote:
>>>>
>>>>> Did you enable/configure SRTP? This
>>>>> <http://twilio-marketing-prod.elasticbeanstalk.com/resources/images/docs/TwilioSecure-Freeswitch.pdf>
>>>>> is a sample guide I use for Twilio TLS/SRTP which can help
>>>>> Can you post all logs?
>>>>>
>>>>>
>>>>> On Tue, Aug 16, 2016 at 6:10 PM, Oleg Stolyar <olegstolyar at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi guys,
>>>>>>
>>>>>> I am trying to connect to FS using the CounterPath SDK for Android.
>>>>>> I use TLS for signalling.  All works well until I try to enable SRTP.  Then
>>>>>> FS rejects the call the INCOMPATIBLE_DESTINATION message.  Is there
>>>>>> something wrong with the SDP?  Here are the relevant SDPs from the INVITES.
>>>>>>
>>>>>> NON-SRTP (works)
>>>>>>    v=0
>>>>>>    o=- 622419737965 1 IN IP4 192.168.1.78
>>>>>>    s=
>>>>>>    c=IN IP4 192.168.1.78
>>>>>>    t=0 0
>>>>>>    m=audio 57194 RTP/AVP 3 120 123 122 121 9 8 0 84 85 18 101
>>>>>>    a=rtpmap:120 opus/48000/2
>>>>>>    a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000
>>>>>>    a=rtpmap:123 SILK/24000
>>>>>>    a=rtpmap:122 SILK/16000
>>>>>>    a=rtpmap:121 SILK/8000
>>>>>>    a=rtpmap:84 speex/16000
>>>>>>    a=rtpmap:85 speex/8000
>>>>>>    a=rtpmap:18 G729/8000
>>>>>>    a=fmtp:18 annexb=yes
>>>>>>    a=rtpmap:101 telephone-event/8000
>>>>>>    a=fmtp:101 0-15
>>>>>>    a=sendrecv
>>>>>>
>>>>>> SRTP (does not work)
>>>>>>    v=0
>>>>>>    o=- 622187157154 1 IN IP4 192.168.1.78
>>>>>>    s=
>>>>>>    c=IN IP4 192.168.1.78
>>>>>>    t=0 0
>>>>>>    a=fingerprint:SHA-256 4D:08:D6:49:9E:CA:77:A2:77:74:
>>>>>> 02:A0:B9:92:32:2F:2D:76:7D:59:7F:A4:CA:85:16:BA:D0:27:0A:74:1C:0F
>>>>>>    a=setup:actpass
>>>>>>    m=audio 61434 UDP/TLS/RTP/SAVP 3 120 123 122 121 9 8 0 84 85 18 101
>>>>>>    a=rtpmap:120 opus/48000/2
>>>>>>    a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000
>>>>>>    a=rtpmap:123 SILK/24000
>>>>>>    a=rtpmap:122 SILK/16000
>>>>>>    a=rtpmap:121 SILK/8000
>>>>>>    a=rtpmap:84 speex/16000
>>>>>>    a=rtpmap:85 speex/8000
>>>>>>    a=rtpmap:18 G729/8000
>>>>>>    a=fmtp:18 annexb=yes
>>>>>>    a=rtpmap:101 telephone-event/8000
>>>>>>    a=fmtp:101 0-15
>>>>>>    a=sendrecv
>>>>>>
>>>>>>
>>>>>> ____________________________________________________________
>>>>>> _____________
>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>> consulting at freeswitch.org
>>>>>> http://www.freeswitchsolutions.com
>>>>>>
>>>>>> Official FreeSWITCH Sites
>>>>>> http://www.freeswitch.org
>>>>>> http://confluence.freeswitch.org
>>>>>> http://www.cluecon.com
>>>>>>
>>>>>> FreeSWITCH-users mailing list
>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/
>>>>>> freeswitch-users
>>>>>> http://www.freeswitch.org
>>>>>>
>>>>>
>>>>>
>>>>> ____________________________________________________________
>>>>> _____________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/
>>>>> freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>
>>>> ____________________________________________________________
>>>> _____________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/
>>>> freeswitch-users
>>>> http://www.freeswitch.org
>>>
>>>
>>> ____________________________________________________________
>>> _____________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>>
>>> ____________________________________________________________
>>> _____________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 
Anthony Minessale II       ♬ @anthmfs  ♬ @FreeSWITCH  ♬

☞ http://freeswitch.org/http://cluecon.com/http://twitter.com/FreeSWITCH
☞ irc.freenode.net #freeswitch ☞ *http://freeswitch.org/g+
<http://freeswitch.org/g+>*

ClueCon Weekly Development Call
☎ sip:888 at conference.freeswitch.org  ☎ +19193869900

https://www.youtube.com/watch?v=9XXgW34t40s
https://www.youtube.com/watch?v=NLaDpGQuZDA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160817/646891c2/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list