<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">the trace i saw didnt look like optional to me.  was rejecting the non srtp one off the bat<div class=""><br class=""><div><br class=""><blockquote type="cite" class=""><div class="">On May 24, 2018, at 4:03 PM, Andrew Cassidy <<a href="mailto:andrew@cassidywebservices.co.uk" class="">andrew@cassidywebservices.co.uk</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><span class="">Hi Mike,</span><div class=""><br class=""></div><div class="">This was with rtp_secure_media=optional</div><div class=""><br class=""></div><div class="">If I use any other value of rtp_secure_media it works as expected. If that has to be the workaround then so be it.</div><div class=""><br class=""></div><div class="">Kind regards,<br class=""><br class=""><div class="gmail_quote"><div dir="ltr" class="">On Wed, 23 May 2018, 16:17 Michael Jerris, <<a href="mailto:mike@jerris.com" class="">mike@jerris.com</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word;line-break:after-white-space" class="">After review with the zoiper team, it looks like this re-invite is trying to force srtp, while using UDP, something which is generally bad security practice, and because of this, something that zoiper does not support.  If you wish to create an SRTP call with zoiper you should do so at the start of the call, and using TLS for signaling for security.<div class=""><br class=""><div class=""><br class=""><blockquote type="cite" class=""></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space" class=""><div class=""><div class=""><blockquote type="cite" class=""><div class="">On May 19, 2018, at 3:12 AM, Andrew Cassidy <<a href="mailto:andrew@cassidywebservices.co.uk" target="_blank" class="">andrew@cassidywebservices.co.uk</a>> wrote:</div><br class="m_7663738992184948856Apple-interchange-newline"></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space" class=""><div class=""><div class=""><blockquote type="cite" class=""><div class="">Thanks Michael,<div class=""><br class=""></div><div class="">They're basically being all high and mighty about it. I've suggested that handling the call should be consistent, they either don't reject the reinvite, or they reject the initial invite but have told me this issue is "by design".</div><div class=""><br class=""></div><div class="">We have workarounds as previously mentioned so it's not the end of the world. I might have to reconsider whether I continue to use them in the long term.</div><div class=""><br class=""></div></div></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space" class=""><div class=""><div class=""><blockquote type="cite" class=""><div class=""><div class="">Kind regards,<br class=""><br class=""><div class="gmail_quote"></div></div></div></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space" class=""><div class=""><div class=""><blockquote type="cite" class=""><div class=""><div class=""><div class="gmail_quote"><div dir="ltr" class="">On Fri, 18 May 2018, 16:19 Michael Jerris, <<a href="mailto:mike@jerris.com" target="_blank" class="">mike@jerris.com</a>> wrote:<br class=""></div></div></div></div></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space" class=""><div class=""><div class=""><blockquote type="cite" class=""><div class=""><div class=""><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">After review of the sip trace,  I’d report that one to the zoiper guys.  There is no reason they should reject the call in that case.<br class="">
<br class="">
> On May 17, 2018, at 4:48 PM, Andrew Cassidy <<a href="mailto:andrew@cassidywebservices.co.uk" target="_blank" class="">andrew@cassidywebservices.co.uk</a>> wrote:<br class="">
> <br class="">
> Good afternoon All,<br class="">
> <br class="">
> I have experienced the following issue with Zoiper specifically (I have a support ticket open with them currently) and was wondering if it's something that could/should be fixed FreeSWITCH side.<br class="">
> <br class="">
> If rtp_secure_media is set to optional, and SRTP is disabled on Zoiper, when FreeSWITCH sends the Re-INVITE, it sends crypto lines. Zoiper then replies with a 514 Unsupported Media Type and the timer refresh fails, causing Zoiper to hang up the call.<br class="">
> <br class="">
> My current feeling is that as Zoiper ignored the crypto on the initial INVITE it should be them that then handles the Re-INVITE consistently by also ignoring the crypto lines but I'm not familiar enough with the RFCs to make a judgement.<br class="">
> <br class="">
> The workaround is to either enable SRTP in Zoiper or don't set rtp_secure_media to optional when Zoiper is in use.<br class="">
> <br class="">
> Kind regards,<br class="">
> <br class=""></blockquote></div></div></div></blockquote></div></div></div><div style="word-wrap:break-word;line-break:after-white-space" class=""><div class=""><div class=""><blockquote type="cite" class=""><div class=""><div class=""><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
=</blockquote></div></div></div></blockquote></div><br class=""></div></div>_________________________________________________________________________<br class="">
Professional FreeSWITCH Consulting Services:<br class="">
<a href="mailto:consulting@freeswitch.org" target="_blank" class="">consulting@freeswitch.org</a><br class="">
<a href="http://www.freeswitchsolutions.com/" rel="noreferrer" target="_blank" class="">http://www.freeswitchsolutions.com</a><br class="">
<br class="">
Official FreeSWITCH Sites<br class="">
<a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">http://www.freeswitch.org</a><br class="">
<a href="http://confluence.freeswitch.org/" rel="noreferrer" target="_blank" class="">http://confluence.freeswitch.org</a><br class="">
<a href="http://www.cluecon.com/" rel="noreferrer" target="_blank" class="">http://www.cluecon.com</a><br class="">
<br class="">
FreeSWITCH-users mailing list<br class="">
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank" class="">FreeSWITCH-users@lists.freeswitch.org</a><br class="">
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank" class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br class="">
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank" class="">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br class="">
<a href="http://www.freeswitch.org/" rel="noreferrer" target="_blank" class="">http://www.freeswitch.org</a></blockquote></div></div>
_________________________________________________________________________<br class="">Professional FreeSWITCH Consulting Services:<br class=""><a href="mailto:consulting@freeswitch.org" class="">consulting@freeswitch.org</a><br class="">http://www.freeswitchsolutions.com<br class=""><br class="">Official FreeSWITCH Sites<br class="">http://www.freeswitch.org<br class="">http://confluence.freeswitch.org<br class="">http://www.cluecon.com<br class=""><br class="">FreeSWITCH-users mailing list<br class="">FreeSWITCH-users@lists.freeswitch.org<br class="">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users<br class="">UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users<br class="">http://www.freeswitch.org</div></blockquote></div><br class=""></div></body></html>