[Freeswitch-users] SRTP disabling

Steven Ayre steveayre at gmail.com
Thu Feb 7 16:37:34 MSK 2013


m=audio 11780 RTP/SAVP 0 8 18 9 101

RTP/SAVP means SRTP is mandatory. You need to reconfigure the phone.

If the phone sends RTP/AVP then that means plain RTP, and RTP/AVP with a
a=crypto attribute means SRTP is optional.

-Steve



On 7 February 2013 13:26, Levend Sayar <levend.sayar at karel.com.tr> wrote:

> **
> Below is the SDP  offer sent by the phone.
>
> v=0
> o=- 20185 20185 IN IP4 192.168.173.69
> s=SDP data
> c=IN IP4 192.168.173.69
> t=0 0
> m=audio 11780 RTP/SAVP 0 8 18 9 101
> a=crypto:1 AES_CM_128_HMAC_SHA1_80
> inline:MTM2MjVhMGI1NDZjYmRjADU5NWVjNGVkNTNlYzA1
> a=crypto:2 AES_CM_128_HMAC_SHA1_32
> inline:YmExYmZhNQAzN2ZjNDgzYTRkNGU2ZjFiN2Q0MmE3
> a=crypto:3 F8_128_HMAC_SHA1_80
> inline:N2Q2NTRiYQAxZjA3MWY3ZjI1YTI5NjIyM2FjODYw
> a=rtpmap:0 PCMU/8000
> a=rtpmap:8 PCMA/8000
> a=rtpmap:18 G729/8000
> a=fmtp:18 annexb=no
> a=rtpmap:9 G722/8000
> a=fmtp:101 0-15
> a=rtpmap:101 telephone-event/8000
> a=ptime:20
> a=sendrecv
>
>
>
> And below is the SDP answer sent by FS
>
> v=0
> o=FreeSWITCH 1360230601 1360230602 IN IP4 192.168.169.114
> s=FreeSWITCH
> c=IN IP4 192.168.169.114
> t=0 0
> m=audio 12532 RTP/SAVP 9 101
> a=rtpmap:9 G722/8000
> a=rtpmap:101 telephone-event/8000
> a=fmtp:101 0-16
> a=silenceSupp:off - - - -
> a=ptime:20
> a=crypto:1 AES_CM_128_HMAC_SHA1_80
> inline:l8v0R64H7CP0vEx9j0Ycdbob8bgMCpLDppWGy7Dy
>
>
>
>
>   --
> İyi çalışmalar.
>
> _lvnd_
>  {^_^}
>
> KAREL`UCAP
>
>
>
>   On Thu, 2013-02-07 at 13:09 +0000, Steven Ayre wrote:
>
> What I mean is you'll see two separate m=audio lines within the callee's
> SDP, one for 'RTP/AVP' and one for 'SRTP/AVP'. If there is no m=audio line
> for RTP/AVP the caller won't know of a port that's expecting RTP. So if the
> callee only sends SRTP/AVP the caller can't send RTP.
>
>
>
>  Can you show us the SDP being sent by the phone?
>
>
>
>  -Steve
>
>
>
>
>
>
>  On 7 February 2013 11:01, Levend Sayar <levend.sayar at karel.com.tr>
> wrote:
>
>  Thanx Steven.
>
>
>
>   Caller makes the offer for SDP but callee chooses whatever it wants. So
> caller can offer SRTP but callee can prefer not to talk encrypted. In our
> case I want FS to choose non secure media.
>
>  Phone will offer SRTP on the conference call but FS must prefer RTP, not
> SRTP.
>
>
>
>   İyi çalışmalar.
>
>
>
>   _lvnd_
>
>   {^_^}
>
>
>
>   KAREL`UCAP
>
>
>
>
> On 7 Şub 2013, at 11:13, "Steven Ayre" <steveayre at gmail.com> wrote:
>
>
>   It's also going to rely on the phone actually offering RTP/AVP as well
> as SRTP/AVP in their SDP - without that there'd be nowhere to send insecure
> RTP.
>
>
>
>    -Steve
>
>
>
>
>
>    On 6 February 2013 16:09, Levend Sayar <levend.sayar at karel.com.tr>
> wrote:
>
>    Thanks Daniel for the reply.
>
>
>
>     I tried
>
>
>
>     <action application="set" data="sip_secure_media=false" />
>
>
>
>     But did not work. Upon your reply I also tried
>
>
>
>     <action application="set" data="secure_media=false" />
>
>
>
>     But did not work either. I am doing something wrong ?
>
>     İyi çalışmalar.
>
>
>
>     _lvnd_
>
>     {^_^}
>
>
>
>     KAREL`UCAP
>
>
>
>
> On 6 Şub 2013, at 18:00, "Daniel Ivanov" <sertys at gmail.com> wrote:
>
>
>
>     Of course you can. Just set the secure_media var to false and you
> will be srtp-free in sip.
>
>      On Feb 5, 2013 6:06 PM, "Levend Sayar" <levend.sayar at karel.com.tr>
> wrote:
>
>      Hi all.
>
> I am using FS as a conference server. Some of my phones are using SRTP ,
> some of them not. Both type of phone can
> join a conference. FS can talk to each peer with SRTP or not depending on
> the phone itself.
>
> My question:
>
> Is it possible to disable SRTP on FS ?
>
> I suppose if i can disable SRTP, FS will talk without SRTP with each phone
> whether they are using SRTP or not.
>
> TIA
>
>
>   --
>
> _lvnd_
>  {^_^}
>
>
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>    plain text document attachment (ATT00001)
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:consulting at freeswitch.orghttp://www.freeswitchsolutions.com
>
> FreeSWITCH-powered IP PBX: The CudaTel Communication Server
>
> Official FreeSWITCH Siteshttp://www.freeswitch.orghttp://wiki.freeswitch.orghttp://www.cluecon.com
>
> FreeSWITCH-users mailing listFreeSWITCH-users at lists.freeswitch.orghttp://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-usershttp://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130207/b7bbf26d/attachment-0001.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list