[Freeswitch-users] Issue connecting to FS with SRTP
Sergey Safarov
s.safarov at gmail.com
Wed Aug 17 21:44:25 MSD 2016
Look at rfc4566, section-5.14
<https://tools.ietf.org/html/rfc4566#section-5.14>
ср, 17 авг. 2016 г. в 17:37, Oleg Stolyar <olegstolyar at gmail.com>:
> Is there some RFC or some other authoritative source that would say
> whether "UDP/TLS/RTP/SAVP" or "RTP/SAVP" is the correct value for
> DLTS-SRTP for NON-WebRTC connections?
>
> If the former, then I'll file a Jira in FS. If the latter, I'll work with
> the SDK developers to fix.
>
> On Wed, Aug 17, 2016 at 7:18 AM, Sergey Safarov <s.safarov at gmail.com>
> wrote:
>
>> Correct way to fix on client side but if it is not possible then SDP
>> rewrite can be made on server side.
>> For SRD rewrite on server side i recoment use kamailio proxy server.
>>
>> About DTLS. I has found that use DTLS requres modern crypro lib. Try
>> FreeSwitch on fedora server distr or other with modern crypto lib.
>>
>> Sergey.
>>
>> ср, 17 авг. 2016 г. в 13:23, Oleg Stolyar <olegstolyar at gmail.com>:
>>
>>> I think you are right Sergey. Should it be fixed on the FS side or on
>>> the client SDK side though? Which is the right value?
>>>
>>> By the way, the SDK can do either dtls or sdes. This issue happens with
>>> dtls. Sdes works fine and I can establish a call.
>>>
>>> On Aug 16, 2016 10:14 PM, "Sergey Safarov" <s.safarov at gmail.com> wrote:
>>>
>>> Think issue related to "m=audio 61434 UDP/TLS/RTP/SAVP"
>>> Try "m=audio 61434 RTP/SAVP"
>>>
>>> ср, 17 авг. 2016 г. в 5:35, Oleg Stolyar <olegstolyar at gmail.com>:
>>>
>>>> Thanks Gonzalo,
>>>>
>>>> That setup on the FS side refers to TLS and as I said TLS is working
>>>> for me, I have it set up.
>>>>
>>>> SRTP should work out of the box AFAIK. I suspect there is something in
>>>> the SDP I posted that FS considers to be non-compliant with the specs. Not
>>>> sure what though and whether it's a bug in FS or in the client SDK I am
>>>> using.
>>>>
>>>> On Tue, Aug 16, 2016 at 7:22 PM, Gonzalo Gasca Meza <
>>>> gascagonzalo at gmail.com> wrote:
>>>>
>>>>> Did you enable/configure SRTP? This
>>>>> <http://twilio-marketing-prod.elasticbeanstalk.com/resources/images/docs/TwilioSecure-Freeswitch.pdf>
>>>>> is a sample guide I use for Twilio TLS/SRTP which can help
>>>>> Can you post all logs?
>>>>>
>>>>>
>>>>> On Tue, Aug 16, 2016 at 6:10 PM, Oleg Stolyar <olegstolyar at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hi guys,
>>>>>>
>>>>>> I am trying to connect to FS using the CounterPath SDK for Android.
>>>>>> I use TLS for signalling. All works well until I try to enable SRTP. Then
>>>>>> FS rejects the call the INCOMPATIBLE_DESTINATION message. Is there
>>>>>> something wrong with the SDP? Here are the relevant SDPs from the INVITES.
>>>>>>
>>>>>> NON-SRTP (works)
>>>>>> v=0
>>>>>> o=- 622419737965 1 IN IP4 192.168.1.78
>>>>>> s=
>>>>>> c=IN IP4 192.168.1.78
>>>>>> t=0 0
>>>>>> m=audio 57194 RTP/AVP 3 120 123 122 121 9 8 0 84 85 18 101
>>>>>> a=rtpmap:120 opus/48000/2
>>>>>> a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000
>>>>>> a=rtpmap:123 SILK/24000
>>>>>> a=rtpmap:122 SILK/16000
>>>>>> a=rtpmap:121 SILK/8000
>>>>>> a=rtpmap:84 speex/16000
>>>>>> a=rtpmap:85 speex/8000
>>>>>> a=rtpmap:18 G729/8000
>>>>>> a=fmtp:18 annexb=yes
>>>>>> a=rtpmap:101 telephone-event/8000
>>>>>> a=fmtp:101 0-15
>>>>>> a=sendrecv
>>>>>>
>>>>>> SRTP (does not work)
>>>>>> v=0
>>>>>> o=- 622187157154 1 IN IP4 192.168.1.78
>>>>>> s=
>>>>>> c=IN IP4 192.168.1.78
>>>>>> t=0 0
>>>>>> a=fingerprint:SHA-256
>>>>>> 4D:08:D6:49:9E:CA:77:A2:77:74:02:A0:B9:92:32:2F:2D:76:7D:59:7F:A4:CA:85:16:BA:D0:27:0A:74:1C:0F
>>>>>> a=setup:actpass
>>>>>> m=audio 61434 UDP/TLS/RTP/SAVP 3 120 123 122 121 9 8 0 84 85 18 101
>>>>>> a=rtpmap:120 opus/48000/2
>>>>>> a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000
>>>>>> a=rtpmap:123 SILK/24000
>>>>>> a=rtpmap:122 SILK/16000
>>>>>> a=rtpmap:121 SILK/8000
>>>>>> a=rtpmap:84 speex/16000
>>>>>> a=rtpmap:85 speex/8000
>>>>>> a=rtpmap:18 G729/8000
>>>>>> a=fmtp:18 annexb=yes
>>>>>> a=rtpmap:101 telephone-event/8000
>>>>>> a=fmtp:101 0-15
>>>>>> a=sendrecv
>>>>>>
>>>>>>
>>>>>>
>>>>>> _________________________________________________________________________
>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>> consulting at freeswitch.org
>>>>>> http://www.freeswitchsolutions.com
>>>>>>
>>>>>> Official FreeSWITCH Sites
>>>>>> http://www.freeswitch.org
>>>>>> http://confluence.freeswitch.org
>>>>>> http://www.cluecon.com
>>>>>>
>>>>>> FreeSWITCH-users mailing list
>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>> UNSUBSCRIBE:
>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>> http://www.freeswitch.org
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:
>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:
>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160817/ca95eec7/attachment.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list