[Freeswitch-users] optional SRTP

Ken Rice krice at freeswitch.org
Fri Feb 22 19:08:40 MSK 2013

FreeSWITCH Support SIP/TLS, SRTP and ZRTP, the error message you are
refering to below is where someone has improperly implemented SRTP and is
sending the crypto headers in the wrong spots. See the Wiki for setting up
secure calling.

Also please note, if you are going to use SRTP, you _must_ use SIP/TLS as
the keys for SRTP are passed in the SDP of the SIP messaging. You can use
ZRTP without using SIP/TLS as the key exchange for ZRTP happens as a DH
exchange in the ZRTP stream, but if you want to protect the contents of the
SIP messaging you¹ll still want to use SIP/TLS.


On 2/22/13 9:36 AM, "Levend Sayar" <levend.sayar at karel.com.tr> wrote:

> Hi again.
> On my previous discussion on this  list, i learned that RTP/AVP with a
> a=crypto attribute means optional SRTP.
> I suppose FS supports optional SRTP, but when i look at the sofia code, afaiu
> fs does not support it.
> Right ?
> A code snippet from sofia_glue.c
> if (m->m_proto != sdp_proto_srtp) {
> switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_ERROR,
> "a=crypto in RTP/AVP, refer to rfc3711\n");
> match = 0;
> goto done;
> }

irc.freenode.net #freeswitch

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130222/cfea20c0/attachment.html 

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list