<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="GENERATOR" content="GtkHTML/4.4.4">
</head>
<body>
In normal situations, I will do so. But right now I don't have chance to wait for them to make a fix.<br>
<br>
Besides, I already made the necessary fix on FS. I changed sdp parser. It ignores a=crypto attributes and<br>
set media protocol as RTP/AVP even if coming SDP offer is RTP/SAVP. I bind this behaviour to a new proprieratary channel attribute.<br>
It works just fine according to my smoke tests.<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>
--
_lvnd_
{^_^}
</pre>
<br>
<br>
</td>
</tr>
</tbody>
</table>
On Thu, 2013-02-14 at 13:41 -0500, Michael Jerris wrote:<br>
<blockquote type="CITE">Why not just ask yealink to fix this? They have been pretty good about making fixes for us.
</blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
<blockquote type="CITE">Mike </blockquote>
<blockquote type="CITE"><br>
</blockquote>
<blockquote type="CITE">On Feb 14, 2013, at 10:03 AM, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:
</blockquote>
<blockquote type="CITE"><br>
</blockquote>
<blockquote type="CITE">
<blockquote type="CITE">Thanks for your kind responses Steve.<br>
<br>
Phones are same brand, you are right. And not Polycom or Linksys. They are Yealink phones.<br>
<br>
I found the code piece handling the RTP/SAVP part you mentioned. (sofia_glue_negotiate_sdp function).
<br>
Although it is not wise, I will add a new channel variable and try to disable SRTP even if phone says SRTP is mandatory.
<br>
I need that.<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td><br>
<br>
<br>
</td>
</tr>
</tbody>
</table>
On Wed, 2013-02-13 at 17:59 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">If the phone is Polycom or Linksys have you read the notes on
<a href="http://wiki.freeswitch.org/wiki/SRTP">http://wiki.freeswitch.org/wiki/SRTP</a>?<br>
<br>
On 13 February 2013 17:53, Steven Ayre <<a href="mailto:steveayre@gmail.com">steveayre@gmail.com</a>> wrote:<br>
<blockquote>Nevertheless it's not being negotiated and this is possibly a bug in the phone. Adding a workaround in FS would decrease security because the phone is explicitly saying it'll only accept SRTP so sending plain RTP wouldn't be wise.<br>
<br>
I assume both phones are the same make?<br>
<br>
On 7 February 2013 13:54, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>But the very same phone calls another phone and talk with RTP, not SRTP if the peer does not accept SRTP<br>
<br>
Here is the SDP offer by the same phone<br>
<br>
v=0<br>
o=- <a href="tel:20186%2020186">20186 20186</a> IN IP4 192.168.173.69 <br>
<br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
<br>
m=audio 11782 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:NzFmYjdiMjk1OTY2ODQwYzExZjM0ZmE2NGM0YWMw<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:M2MxMTE2OWFjOGY2ZjEwADEzZmZkNzAxNjRlMzFm<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:NjkzZDg2Mjk0ZTkxMjg1YzdmYjFiNjRlMmFhNGFm <br>
<br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
<br>
And here is the SDP answer sent by the other phone<br>
<br>
v=0<br>
o=- 20029 20029 IN IP4 192.168.173.65<br>
s=SDP data<br>
c=IN IP4 192.168.173.65<br>
t=0 0<br>
m=audio 11794 RTP/SAVP 0 101<br>
a=rtpmap:0 PCMU/8000<br>
a=sendrecv<br>
a=ptime:20 <br>
<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
<br>
<br>
On Thu, 2013-02-07 at 13:37 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">m=audio 11780 RTP/SAVP 0 8 18 9 101 <br>
<br>
<br>
RTP/SAVP means SRTP is mandatory. You need to reconfigure the phone.<br>
<br>
<br>
If the phone sends RTP/AVP then that means plain RTP, and RTP/AVP with a a=crypto attribute means SRTP is optional.<br>
<br>
On 7 February 2013 13:26, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Below is the SDP offer sent by the phone.<br>
<br>
v=0<br>
o=- <a href="tel:20185%2020185">20185 20185</a> IN IP4 192.168.173.69<br>
s=SDP data<br>
c=IN IP4 192.168.173.69<br>
t=0 0<br>
m=audio 11780 RTP/SAVP 0 8 18 9 101<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:MTM2MjVhMGI1NDZjYmRjADU5NWVjNGVkNTNlYzA1<br>
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:YmExYmZhNQAzN2ZjNDgzYTRkNGU2ZjFiN2Q0MmE3<br>
a=crypto:3 F8_128_HMAC_SHA1_80 inline:N2Q2NTRiYQAxZjA3MWY3ZjI1YTI5NjIyM2FjODYw<br>
a=rtpmap:0 PCMU/8000<br>
a=rtpmap:8 PCMA/8000<br>
a=rtpmap:18 G729/8000<br>
a=fmtp:18 annexb=no<br>
a=rtpmap:9 G722/8000<br>
a=fmtp:101 0-15<br>
a=rtpmap:101 telephone-event/8000<br>
a=ptime:20<br>
a=sendrecv<br>
<br>
<br>
<br>
And below is the SDP answer sent by FS<br>
<br>
v=0<br>
o=FreeSWITCH 1360230601 1360230602 IN IP4 192.168.169.114<br>
s=FreeSWITCH<br>
c=IN IP4 192.168.169.114<br>
t=0 0<br>
m=audio 12532 RTP/SAVP 9 101<br>
a=rtpmap:9 G722/8000<br>
a=rtpmap:101 telephone-event/8000<br>
a=fmtp:101 0-16<br>
a=silenceSupp:off - - - -<br>
a=ptime:20<br>
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:l8v0R64H7CP0vEx9j0Ycdbob8bgMCpLDppWGy7Dy<br>
<br>
On Thu, 2013-02-07 at 13:09 +0000, Steven Ayre wrote:<br>
<blockquote type="CITE">What I mean is you'll see two separate m=audio lines within the callee's SDP, one for 'RTP/AVP' and one for 'SRTP/AVP'. If there is no m=audio line for RTP/AVP the caller won't know of a port that's expecting RTP. So if the callee only
sends SRTP/AVP the caller can't send RTP. <br>
<br>
<br>
Can you show us the SDP being sent by the phone? <br>
<br>
<br>
<br>
On 7 February 2013 11:01, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanx Steven. <br>
<br>
<br>
Caller makes the offer for SDP but callee chooses whatever it wants. So caller can offer SRTP but callee can prefer not to talk encrypted. In our case I want FS to choose non secure media.<br>
Phone will offer SRTP on the conference call but FS must prefer RTP, not SRTP.<br>
<br>
On 7 Şub 2013, at 11:13, "Steven Ayre" <<a href="mailto:steveayre@gmail.com">steveayre@gmail.com</a>> wrote:<br>
<br>
<br>
<blockquote type="CITE">It's also going to rely on the phone actually offering RTP/AVP as well as SRTP/AVP in their SDP - without that there'd be nowhere to send insecure RTP.<br>
<br>
<br>
On 6 February 2013 16:09, Levend Sayar <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Thanks Daniel for the reply. <br>
<br>
<br>
I tried <br>
<br>
<br>
<action application="set" data="sip_secure_media=false" /> <br>
<br>
<br>
But did not work. Upon your reply I also tried <br>
<br>
<br>
<action application="set" data="secure_media=false" /> <br>
<br>
<br>
But did not work either. I am doing something wrong ?<br>
<br>
On 6 Şub 2013, at 18:00, "Daniel Ivanov" <<a href="mailto:sertys@gmail.com">sertys@gmail.com</a>> wrote:<br>
<br>
<br>
<br>
<blockquote type="CITE">Of course you can. Just set the secure_media var to false and you will be srtp-free in sip.<br>
<br>
On Feb 5, 2013 6:06 PM, "Levend Sayar" <<a href="mailto:levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<blockquote>Hi all.<br>
<br>
I am using FS as a conference server. Some of my phones are using SRTP , some of them not. Both type of phone can<br>
join a conference. FS can talk to each peer with SRTP or not depending on the phone itself.<br>
<br>
My question:<br>
<br>
Is it possible to disable SRTP on FS ?<br>
<br>
I suppose if i can disable SRTP, FS will talk without SRTP with each phone whether they are using SRTP or not.<br>
<br>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
</blockquote>
<blockquote type="CITE"><br>
<br>
</blockquote>
</body>
</html>