<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="GENERATOR" content="GtkHTML/4.4.4">
</head>
<body>
Hi again.<br>
<br>
I checked the FS code and i see that rpm i am using is built with ZRTP disabled.<br>
There is only one place that "sip_secure_media" on the code. That is on switch_rtp.c<br>
<br>
#ifdef ENABLE_ZRTP<br>
if (zrtp_on) {<br>
switch_rtp_t *master_rtp_session = NULL;<br>
<br>
int initiator = 0;<br>
const char *zrtp_enabled = switch_channel_get_variable(channel, "zrtp_secure_media");<br>
const char *srtp_enabled = switch_channel_get_variable(channel, "sip_secure_media");<br>
<br>
<br>
So since ENABLE_ZRTP is 0, i don't have chance to use "sip_secure_media" variable.<br>
<br>
Is there any other variable that i can use and make sofia module not to choose SRTP ?<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>
_lvnd_
{^_^}
</pre>
</td>
</tr>
</tbody>
</table>
On Thu, 2013-02-07 at 13:54 +0000, Levend Sayar wrote:<br>
<blockquote type="CITE">But the very same phone calls another phone and talk with RTP, not SRTP if the peer does not accept SRTP<br>
<br>
Here is the SDP offer by the same phone<br>
<br>
v=0<br>
o=- 20186 20186 IN IP4 192.168.173.69<br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
m=audio 11782 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:NzFmYjdiMjk1OTY2ODQwYzExZjM0ZmE2NGM0YWMw<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:M2MxMTE2OWFjOGY2ZjEwADEzZmZkNzAxNjRlMzFm<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:NjkzZDg2Mjk0ZTkxMjg1YzdmYjFiNjRlMmFhNGFm<br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
And here is the SDP answer sent by the other phone<br>
<br>
v=0<br>
o=- 20029 20029 IN IP4 192.168.173.65<br>
s=SDP data<br>
c=IN IP4 192.168.173.65<br>
t=0 0<br>
m=audio 11794 RTP/SAVP 0 101<br>
a=rtpmap:0 PCMU/8000<br>
a=sendrecv<br>
a=ptime:20<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
<br>
<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>
--
</pre>
<br>
<pre>
_lvnd_
{^_^}
</pre>
<br>
<br>
<br>
<br>
</td>
</tr>
</tbody>
</table>
On Thu, 2013-02-07 at 13:37 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">m=audio 11780 RTP/SAVP 0 8 18 9 101 <br>
<br>
<br>
RTP/SAVP means SRTP is mandatory. You need to reconfigure the phone.<br>
<br>
<br>
If the phone sends RTP/AVP then that means plain RTP, and RTP/AVP with a a=crypto attribute means SRTP is optional.<br>
<br>
<br>
-Steve <br>
<br>
<br>
<br>
<br>
On 7 February 2013 13:26, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Below is the SDP offer sent by the phone.<br>
<br>
v=0<br>
o=- <a href="tel:20185%2020185">20185 20185</a> IN IP4 192.168.173.69<br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
m=audio 11780 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:MTM2MjVhMGI1NDZjYmRjADU5NWVjNGVkNTNlYzA1<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:YmExYmZhNQAzN2ZjNDgzYTRkNGU2ZjFiN2Q0MmE3<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:N2Q2NTRiYQAxZjA3MWY3ZjI1YTI5NjIyM2FjODYw<br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
<br>
<br>
And below is the SDP answer sent by FS<br>
<br>
v=0<br>
o=FreeSWITCH 1360230601 1360230602 IN IP4 192.168.169.114<br>
s=FreeSWITCH<br>
c=IN IP4 192.168.169.114<br>
t=0 0<br>
m=audio 12532 RTP/SAVP 9 101<br>
a=rtpmap:9 G722/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-16<br>
a=silenceSupp:off - - - -<br>
a=ptime:20<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:l8v0R64H7CP0vEx9j0Ycdbob8bgMCpLDppWGy7Dy<br>
<br>
<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>
_lvnd_
{^_^}
</pre>
<br>
<br>
<br>
<br>
<br>
</td>
</tr>
</tbody>
</table>
On Thu, 2013-02-07 at 13:09 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">What I mean is you'll see two separate m=audio lines within the callee's SDP, one for 'RTP/AVP' and one for 'SRTP/AVP'. If there is no m=audio line for RTP/AVP the caller won't know of a port that's expecting RTP. So if the callee only
sends SRTP/AVP the caller can't send RTP. <br>
<br>
<br>
Can you show us the SDP being sent by the phone? <br>
<br>
<br>
-Steve <br>
<br>
<br>
<br>
<br>
<br>
On 7 February 2013 11:01, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanx Steven. <br>
<br>
<br>
Caller makes the offer for SDP but callee chooses whatever it wants. So caller can offer SRTP but callee can prefer not to talk encrypted. In our case I want FS to choose non secure media.<br>
Phone will offer SRTP on the conference call but FS must prefer RTP, not SRTP.<br>
<br>
<br>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<br>
<blockquote type="CITE">
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<blockquote><br>
_lvnd_ <br>
{^_^} <br>
<br>
<br>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<br>
<blockquote type="CITE">
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<blockquote><br>
<br>
<br>
On 7 Şub 2013, at 11:13, "Steven Ayre" <<a href="mailto:steveayre@gmail.com">steveayre@gmail.com</a>> wrote:<br>
<br>
<br>
<blockquote type="CITE">It's also going to rely on the phone actually offering RTP/AVP as well as SRTP/AVP in their SDP - without that there'd be nowhere to send insecure RTP.<br>
<br>
<br>
-Steve <br>
<br>
<br>
<br>
<br>
On 6 February 2013 16:09, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanks Daniel for the reply. <br>
<br>
<br>
I tried <br>
<br>
<br>
<action application="set" data="sip_secure_media=false" /> <br>
<br>
<br>
But did not work. Upon your reply I also tried <br>
<br>
<br>
<action application="set" data="secure_media=false" /> <br>
<br>
<br>
But did not work either. I am doing something wrong ?<br>
<br>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<br>
<blockquote type="CITE">
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<blockquote><br>
<br>
_lvnd_ <br>
{^_^} <br>
<br>
<br>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<br>
<blockquote type="CITE">
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote type="CITE">
<blockquote><br>
<br>
<br>
On 6 Şub 2013, at 18:00, "Daniel Ivanov" <<a href="mailto:sertys@gmail.com">sertys@gmail.com</a>> wrote:<br>
<br>
<br>
<br>
<blockquote type="CITE">Of course you can. Just set the secure_media var to false and you will be srtp-free in sip.<br>
<br>
On Feb 5, 2013 6:06 PM, "Levend Sayar" <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Hi all.<br>
<br>
I am using FS as a conference server. Some of my phones are using SRTP , some of them not. Both type of phone can<br>
join a conference. FS can talk to each peer with SRTP or not depending on the phone itself.<br>
<br>
My question:<br>
<br>
Is it possible to disable SRTP on FS ?<br>
<br>
I suppose if i can disable SRTP, FS will talk without SRTP with each phone whether they are using SRTP or not.<br>
<br>
TIA<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>
<table cellspacing="0" cellpadding="0" border="1"><tbody><tr><td><font size="2">plain text document attachment (ATT00001)</font> </td></tr></tbody></table>
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</td>
</tr>
</tbody>
</table>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</body>
</html>