[Freeswitch-users] Week in Review Feb 16-23
Steve Underwood
steveu at coppice.org
Thu Feb 27 21:19:50 MSK 2014
I am amazed to hear GCM support in SRTP is still so poor. I was using it
experimentally for RTP several years ago. The guy behind AES GCM is also
the guy behind SRTP. You might have expected that alone would have
pushed GCM for SRTP forward.
Regards,
Steve
On 02/28/2014 12:17 AM, Kristian Kielhofner wrote:
> Kathleen,
>
> It is! There have been some benchmarks done in the libsrtp branch for this:
>
> https://github.com/cisco/libsrtp/tree/feature-openssl
>
> Other than that libsrtp actually includes a test utility for
> benchmarking. Now that this has been checked in I will do some
> follow-up tests with both the utility and actual FreeSWITCH usage.
>
> Unfortunately FreeSWITCH is a little bleeding edge here. The only
> other implementation that currently supports AES-GCM is pjsip, and
> even that is with a patch. I'm not aware of any hardphones that
> support it. However, with the SRTP offer/answer control that Tony has
> been working on:
>
> http://jira.freeswitch.org/browse/FS-5755
>
> I imagine various scenarios where one could use the standard (old
> skool) crypto suites on the local LAN to "dumb" devices and use
> AES-GCM between FreeSWITCH instances that support it. Of course it
> would be best if clients just supported AES-GCM natively :).
>
> If nothing else this functionality is important because when
> compared to IPSEC and other "solutions" that may support AES-GCM (or
> even "big AES" at 192 or 256 bits) the legacy SRTP crypto suites are
> slow and insecure by comparison.
>
> On Thu, Feb 27, 2014 at 12:54 AM, Kathleen King
> <kathleen.king at quentustech.com> wrote:
>> Kristian,
>>
>> This looks awesome!
>> http://en.wikipedia.org/wiki/Galois/Counter_Mode
>>
>> Do you know of any public benchmarks for it? Do you know of any SIP
>> clients or phones that support it? I'd love to set up a local demo.
>>
>>
>> On 02/26/2014 08:11 PM, Kristian Kielhofner wrote:
>>> Hi Kathleen,
>>>
>>> Excellent job (as always). I'd like to add one very recent one, FS-5937:
>>>
>>> http://jira.freeswitch.org/browse/FS-5937
>>>
>>> This has been a long time coming and makes FreeSWITCH the only fully
>>> functional AES-GCM SRTP implementation I know of. Another first for
>>> FreeSWITCH!
>>>
>>> AES-GCM offers security and performance improvements especially for
>>> CPUs that support AES-NI and larger RTP payloads (like video).
>>>
>>> On Wed, Feb 26, 2014 at 10:51 PM, Kathleen King
>>> <kathleen.king at quentustech.com> wrote:
>>>> Hello, again. This week in the FreeSWITCH master branch we had heck of a lot
>>>> of activity with 89 commits and most of those commits were touching BSD and
>>>> libsndfile. And we also saw new additions to language support with the form
>>>> of adding Swedish to mod_say and improvements to Spanish phrase macros.
>>>>
>>>> The following bugs were squashed:
>>>>
>>>> c945584 FS-6237 --resolve
>>>> --fixed a regression from December in inherit_codec
>>>> --http://jira.freeswitch.org/browse/FS-6237
>>>> 81f9303 FS-6219 --resolve
>>>> --bug: update mod_cidlookup to properly handle unknown and unavailable
>>>> --http://jira.freeswitch.org/browse/FS-6219
>>>>
>>>> New features that were added:
>>>> 0521493 Add man page for freeswitch
>>>>
>>>> --Added a man page for FreeSWITCH
>>>> 9d30007 FS-6231 add support for sending call waiting tone when a
>>>> simultaneous call is received --resolve
>>>> --feature: added support for sending call waiting tone when a simultaneous
>>>> call is received in mod_skinny
>>>> --http://jira.freeswitch.org/browse/FS-6231
>>>> 1c3001f FS-2999 --resolve
>>>> --misc: in spanish phrase macros fixed some translations and added others
>>>> --http://jira.freeswitch.org/browse/FS-2999
>>>> 97e2340 FS-6204 refactor some dtls code to generate a 1024 bit cert suitable
>>>> for dtls in all version of chrome
>>>> --feature: updated FreeSWITCH_core to support new Chrome DTLS requirements
>>>> --http://jira.freeswitch.org/browse/FS-6204
>>>> bd72cd9 Allow setting late margin on register expirations
>>>> --feature: in mod_sofia added parameter to allow for configuration of
>>>> register expiration late margin
>>>> --Thanks, Emmanuel Schmidbauer.
>>>> 19dbd07 Allow access to headers from INVITE
>>>> --feature: copies all INVITE headers to channel variables on the a leg for
>>>> inbound calls
>>>> --http://jira.freeswitch.org/browse/FS-6075
>>>> --Thanks, Peter Olsson.
>>>> Libsndfile was updated from a version from March 3rd 2009 to a version from
>>>> April 5th 2013.
>>>>
>>>> Improvements in cross platform build supports:
>>>> e209b1a left line in that breaks mod_dingaling build update and run sh
>>>> config.status from build root or do a clean build to correct
>>>>
>>>> --build: fixed build issue that broke mod_dingaling requires a clean build
>>>> to correct
>>>> f206700 FS-6189 --resolve
>>>> --build: fixed compilation issue in Ubuntu 14.04
>>>> --http://jira.freeswitch.org/browse/FS-6189
>>>> There were many commits for FreeBSD and OpenBSD build support.
>>>>
>>>> In terms of stability these were the use cases that were fixed:
>>>> f826b4b FS-5845 --resolve
>>>>
>>>> --fixed a memory leak in mod_lcr related to switch_channel_expand_variables
>>>> --http://jira.freeswitch.org/browse/FS-5845
>>>>
>>>> Feedback welcome and the referenced commits are in the attached text file
>>>> with corresponding Jira links.
>>>>
>>>> --
>>>> Kathleen King
>>>> Quentus Technologies, INC
>>>> kathleen.king at quentustech.com
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>>
>>>>
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://wiki.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>
>> --
>> Kathleen King
>> Quentus Technologies, INC
>> kathleen.king at quentustech.com
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>>
>>
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
Join us at ClueCon 2013 Aug 6-8, 2013
More information about the FreeSWITCH-users
mailing list