<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="GENERATOR" content="GtkHTML/4.4.4">
<title>Re: [Freeswitch-users] optional SRTP</title>
</head>
<body>
Ken you are right. But what i want to do is not securing all the conversation. I dont need that.<br>
What i want is FS to prefer RTP when an optional SRTP offer is received.<br>
<br>
<br>
In this list, it is mentioned that<br>
<br>
m=audio RTP/AVP<br>
a=crypto ...<br>
<br>
means optional SRTP. Namely caller prefers to talk with SRTP, but if calle prefers RTP, caller accept RTP too.<br>
<br>
First of all, the SDP I show is improper ?<br>
<br>
<br>
<table cellspacing="0" cellpadding="0" width="100%">
<tbody>
<tr>
<td>
<pre>
--
İyi çalışmalar.
_lvnd_
{^_^}
KAREL`UCAP
</pre>
<br>
<br>
</td>
</tr>
</tbody>
</table>
On Fri, 2013-02-22 at 10:08 -0600, Ken Rice wrote:<br>
<blockquote type="CITE">FreeSWITCH Support SIP/TLS, SRTP and ZRTP, the error message you are refering to below is where someone has improperly implemented SRTP and is sending the crypto headers in the wrong spots. See the Wiki for setting up secure calling.<br>
<br>
Also please note, if you are going to use SRTP, you _must_ use SIP/TLS as the keys for SRTP are passed in the SDP of the SIP messaging. You can use ZRTP without using SIP/TLS as the key exchange for ZRTP happens as a DH exchange in the ZRTP stream, but if you
want to protect the contents of the SIP messaging you’ll still want to use SIP/TLS.<br>
<br>
<br>
K<br>
<br>
<br>
On 2/22/13 9:36 AM, "Levend Sayar" <<a href="levend.sayar@karel.com.tr">levend.sayar@karel.com.tr</a>> wrote:<br>
<br>
<blockquote>Hi again.<br>
<br>
On my previous discussion on this list, i learned that RTP/AVP with a a=crypto attribute means optional SRTP.<br>
<br>
I suppose FS supports optional SRTP, but when i look at the sofia code, afaiu fs does not support it.<br>
<br>
Right ?<br>
<br>
A code snippet from sofia_glue.c <br>
<br>
if (m->m_proto != sdp_proto_srtp) {<br>
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_ERROR, "a=crypto in RTP/AVP, refer to rfc3711\n");<br>
match = 0;<br>
goto done;<br>
}<br>
<br>
<br>
<br>
<br>
<br>
<br>
</blockquote>
<br>
<table cellspacing="0" cellpadding="0" border="1">
<tbody>
<tr>
<td><font size="2">plain text document attachment (ATT00001)</font> </td>
</tr>
</tbody>
</table>
<pre>
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a>
<a href="http://www.freeswitchsolutions.com">http://www.freeswitchsolutions.com</a>
FreeSWITCH-powered IP PBX: The CudaTel Communication Server
<a href="http://www.cudatel.com">http://www.cudatel.com</a>
Official FreeSWITCH Sites
<a href="http://www.freeswitch.org">http://www.freeswitch.org</a>
<a href="http://wiki.freeswitch.org">http://wiki.freeswitch.org</a>
<a href="http://www.cluecon.com">http://www.cluecon.com</a>
FreeSWITCH-users mailing list
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
</body>
</html>