<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Why not just ask yealink to fix this? They have been pretty good about making fixes for us.<div><br></div><div>Mike</div><div><br><div><div>On Feb 14, 2013, at 10:03 AM, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="GENERATOR" content="GtkHTML/4.4.4">
<div>
Thanks for your kind responses Steve.<br>
<br>
Phones are same brand, you are right. And not Polycom or Linksys. They are Yealink phones.<br>
<br>
I found the code piece handling the RTP/SAVP part you mentioned. (sofia_glue_negotiate_sdp function).
<br>
Although it is not wise, I will add a new channel variable and try to disable SRTP even if phone says SRTP is mandatory.
<br>
I need that.<br><table cellspacing="0" cellpadding="0" width="100%" style="position: static; z-index: auto; "><tbody><tr><td><br><br></td></tr></tbody></table>
On Wed, 2013-02-13 at 17:59 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">If the phone is Polycom or Linksys have you read the notes on
<a href="http://wiki.freeswitch.org/wiki/SRTP">http://wiki.freeswitch.org/wiki/SRTP</a>?
</blockquote>
<blockquote type="CITE" style="position: static; z-index: auto; "><br>On 13 February 2013 17:53, Steven Ayre <<a href="mailto:steveayre@gmail.com">steveayre@gmail.com</a>> wrote:</blockquote><blockquote type="CITE">
<blockquote>Nevertheless it's not being negotiated and this is possibly a bug in the phone. Adding a workaround in FS would decrease security because the phone is explicitly saying it'll only accept SRTP so sending plain RTP wouldn't be wise.
</blockquote>
</blockquote>
<blockquote type="CITE" style="position: static; z-index: auto; ">
<blockquote><br>I assume both phones are the same make?</blockquote></blockquote>
<blockquote type="CITE" style="position: static; z-index: auto; ">
<blockquote><br>On 7 February 2013 13:54, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:</blockquote></blockquote>
<blockquote type="CITE" style="position: static; z-index: auto; ">
<blockquote>
<blockquote>But the very same phone calls another phone and talk with RTP, not SRTP if the peer does not accept SRTP<br>
<br>
Here is the SDP offer by the same phone<br>
<br>
v=0<br>
o=- <a href="tel:20186%2020186">20186 20186</a> IN IP4 192.168.173.69 </blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote><br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
<br>
</blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote>m=audio 11782 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:NzFmYjdiMjk1OTY2ODQwYzExZjM0ZmE2NGM0YWMw<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:M2MxMTE2OWFjOGY2ZjEwADEzZmZkNzAxNjRlMzFm<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:NjkzZDg2Mjk0ZTkxMjg1YzdmYjFiNjRlMmFhNGFm </blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote><br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
<br>
</blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE">
<blockquote>
<blockquote>And here is the SDP answer sent by the other phone<br>
<br>
v=0<br>
o=- 20029 20029 IN IP4 192.168.173.65<br>
s=SDP data<br>
c=IN IP4 192.168.173.65<br>
t=0 0<br>
m=audio 11794 RTP/SAVP 0 101<br>
a=rtpmap:0 PCMU/8000<br>
a=sendrecv<br>
a=ptime:20 </blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE" style="position: static; z-index: auto; ">
<blockquote>
<blockquote><br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
<br>
<br>
On Thu, 2013-02-07 at 13:37 +0000, Steven Ayre wrote:</blockquote></blockquote></blockquote><blockquote type="CITE"><blockquote><blockquote>
<blockquote type="CITE" style="position: static; z-index: auto; ">m=audio 11780 RTP/SAVP 0 8 18 9 101 <br>
<br>
<br>
RTP/SAVP means SRTP is mandatory. You need to reconfigure the phone.<br>
<br>
<br>
If the phone sends RTP/AVP then that means plain RTP, and RTP/AVP with a a=crypto attribute means SRTP is optional.<br><br>
On 7 February 2013 13:26, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Below is the SDP offer sent by the phone.<br>
<br>
v=0<br>
o=- <a href="tel:20185%2020185">20185 20185</a> IN IP4 192.168.173.69<br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
m=audio 11780 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:MTM2MjVhMGI1NDZjYmRjADU5NWVjNGVkNTNlYzA1<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:YmExYmZhNQAzN2ZjNDgzYTRkNGU2ZjFiN2Q0MmE3<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:N2Q2NTRiYQAxZjA3MWY3ZjI1YTI5NjIyM2FjODYw<br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
<br>
<br>
And below is the SDP answer sent by FS<br>
<br>
v=0<br>
o=FreeSWITCH 1360230601 1360230602 IN IP4 192.168.169.114<br>
s=FreeSWITCH<br>
c=IN IP4 192.168.169.114<br>
t=0 0<br>
m=audio 12532 RTP/SAVP 9 101<br>
a=rtpmap:9 G722/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-16<br>
a=silenceSupp:off - - - -<br>
a=ptime:20<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:l8v0R64H7CP0vEx9j0Ycdbob8bgMCpLDppWGy7Dy<br>
<br>
On Thu, 2013-02-07 at 13:09 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE" style="position: static; z-index: auto; ">What I mean is you'll see two separate m=audio lines within the callee's SDP, one for 'RTP/AVP' and one for 'SRTP/AVP'. If there is no m=audio line for RTP/AVP the caller won't know of a port that's expecting RTP. So if the callee only
sends SRTP/AVP the caller can't send RTP. <br>
<br>
<br>
Can you show us the SDP being sent by the phone? <br>
<br>
<br>
<br>
On 7 February 2013 11:01, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanx Steven. <br>
<br>
<br>
Caller makes the offer for SDP but callee chooses whatever it wants. So caller can offer SRTP but callee can prefer not to talk encrypted. In our case I want FS to choose non secure media.<br>
Phone will offer SRTP on the conference call but FS must prefer RTP, not SRTP.<br>
<br>
On 7 Şub 2013, at 11:13, "Steven Ayre" <<a href="mailto:steveayre@gmail.com">steveayre@gmail.com</a>> wrote:<br>
<br>
<br>
<blockquote type="CITE" style="position: static; z-index: auto; ">It's also going to rely on the phone actually offering RTP/AVP as well as SRTP/AVP in their SDP - without that there'd be nowhere to send insecure RTP.<br>
<br>
<br>
On 6 February 2013 16:09, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanks Daniel for the reply. <br>
<br>
<br>
I tried <br>
<br>
<br>
<action application="set" data="sip_secure_media=false" /> <br>
<br>
<br>
But did not work. Upon your reply I also tried <br>
<br>
<br>
<action application="set" data="secure_media=false" /> <br>
<br>
<br>
But did not work either. I am doing something wrong ?<br><br>
On 6 Şub 2013, at 18:00, "Daniel Ivanov" <<a href="mailto:sertys@gmail.com">sertys@gmail.com</a>> wrote:<br>
<br>
<br>
<br>
<blockquote type="CITE" style="position: static; z-index: auto; ">Of course you can. Just set the secure_media var to false and you will be srtp-free in sip.<br>
<br>
On Feb 5, 2013 6:06 PM, "Levend Sayar" <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Hi all.<br>
<br>
I am using FS as a conference server. Some of my phones are using SRTP , some of them not. Both type of phone can<br>
join a conference. FS can talk to each peer with SRTP or not depending on the phone itself.<br>
<br>
My question:<br>
<br>
Is it possible to disable SRTP on FS ?<br>
<br>
I suppose if i can disable SRTP, FS will talk without SRTP with each phone whether they are using SRTP or not.<br>
<br></blockquote></blockquote></blockquote></blockquote></blockquote></blockquote></blockquote></blockquote></blockquote></blockquote></blockquote></div></blockquote></div><br></div></body></html>