[Freeswitch-users] Zoiper5 broken with FS, outbound calls get dropped
Michael Jerris
mike at jerris.com
Tue Aug 21 20:28:59 UTC 2018
Try latest freeswitch master code. I think the fix is in for this issue there.
> On Aug 20, 2018, at 10:11 PM, Rajil Saraswat <rajil.s at gmail.com> wrote:
>
> Hello,
>
> All my outbound calls made by Zoiper5 get dropped. I contacted Zoiper support and they mentioned that it is a FreeSwitch problem. How can this be fixed?
>
> Here is what Zoiper support said,
>
> There was a known issue with FreeSwitch related to the naming of the security suites sent from them, they were not completely matched to RFC 6188.
>
> On the left, the names are the standard ones - used in the RFC6188, and the right ones are the names used by FreeSwitch:
>
> AES_256_CM_HMAC_SHA1_80 == AES_CM_256_HMAC_SHA1_80
> AES_256_CM_HMAC_SHA1_32 == AES_CM_256_HMAC_SHA1_32
> AES_192_CM_HMAC_SHA1_80 == AES_CM_192_HMAC_SHA1_80
> AES_192_CM_HMAC_SHA1_32 == AES_CM_192_HMAC_SHA1_32
>
> In order to be robust we added the so called FS names but they are not different suits just one suite has two names (as the negotiation process requires a complete match of the names).
>
> In the previous Zoiper5 versions (e.g. 5.2.14) the additional FS names were not present. The offered by Zoiper suites were only the described in the RFC 6188 and 4568 in that priority order:
>
> AES_256_CM_HMAC_SHA1_80
> AES_256_CM_HMAC_SHA1_32
> AES_192_CM_HMAC_SHA1_80
> AES_192_CM_HMAC_SHA1_32
> AES_CM_128_HMAC_SHA1_80
> AES_CM_128_HMAC_SHA1_32
>
> After the addition of FS names (5.2.16 and newer) we now offer everything in the following order:
>
> AES_256_CM_HMAC_SHA1_80 // RFC 6188
> AES_256_CM_HMAC_SHA1_32 // RFC 6188
> AES_CM_256_HMAC_SHA1_80 // FS interpretation
> AES_CM_256_HMAC_SHA1_32 // FS interpretation
> AES_192_CM_HMAC_SHA1_80 // RFC 6188
> AES_192_CM_HMAC_SHA1_32 // RFC 6188
> AES_CM_192_HMAC_SHA1_80 // FS interpretation
> AES_CM_192_HMAC_SHA1_32 // FS interpretation
> AES_CM_128_HMAC_SHA1_80 // RFC 4568
> AES_CM_128_HMAC_SHA1_32 // RFC 4568
>
> It seems that FS also sends bad checksums with the AES_256_CM_HMAC_SHA1_80 and AES_CM_192_HMAC_SHA1_80, the only working suite is AES_CM_128_HMAC_SHA1.
>
> There is a workaround you can use until and if this issue is fixed by FS. You may try to rearrange the priority on your FS (put 128 on top instead of 256, or completely disable the non-working suites). Or you can simply keep using older version of Zoiper with 128 bit.
>
> Thanks
> _________________________________________________________________________
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180821/6037906b/attachment-0001.html>
More information about the FreeSWITCH-users
mailing list