[Freeswitch-users] Issue connecting to FS with SRTP

Oleg Stolyar olegstolyar at gmail.com
Wed Aug 17 18:36:06 MSD 2016


Is there some RFC or some other authoritative source that would say whether
"UDP/TLS/RTP/SAVP" or "RTP/SAVP" is the correct value for DLTS-SRTP for
NON-WebRTC connections?

If the former, then I'll file a Jira in FS.  If the latter, I'll work with
the SDK developers to fix.

On Wed, Aug 17, 2016 at 7:18 AM, Sergey Safarov <s.safarov at gmail.com> wrote:

> Correct way to fix on client side but if it is not possible then SDP
> rewrite can be made on server side.
> For SRD rewrite on server side i recoment use kamailio proxy server.
>
> About DTLS. I has found that use DTLS requres modern crypro lib. Try
> FreeSwitch on fedora server distr or other with modern crypto lib.
>
> Sergey.
>
> ср, 17 авг. 2016 г. в 13:23, Oleg Stolyar <olegstolyar at gmail.com>:
>
>> I think you are right Sergey.  Should it be fixed on the FS side or on
>> the client SDK side though?  Which is the right value?
>>
>> By the way, the SDK can do either dtls or sdes.  This issue happens with
>> dtls.  Sdes works fine and I can establish a call.
>>
>> On Aug 16, 2016 10:14 PM, "Sergey Safarov" <s.safarov at gmail.com> wrote:
>>
>> Think issue related to "m=audio 61434 UDP/TLS/RTP/SAVP"
>> Try "m=audio 61434 RTP/SAVP"
>>
>> ср, 17 авг. 2016 г. в 5:35, Oleg Stolyar <olegstolyar at gmail.com>:
>>
>>> Thanks Gonzalo,
>>>
>>> That setup on the FS side refers to TLS and as I said TLS is working for
>>> me, I have it set up.
>>>
>>> SRTP should work out of the box AFAIK.  I suspect there is something in
>>> the SDP I posted that FS considers to be non-compliant with the specs.  Not
>>> sure what though and whether it's a bug in FS or in the client SDK I am
>>> using.
>>>
>>> On Tue, Aug 16, 2016 at 7:22 PM, Gonzalo Gasca Meza <
>>> gascagonzalo at gmail.com> wrote:
>>>
>>>> Did you enable/configure SRTP? This
>>>> <http://twilio-marketing-prod.elasticbeanstalk.com/resources/images/docs/TwilioSecure-Freeswitch.pdf>
>>>> is a sample guide I use for Twilio TLS/SRTP which can help
>>>> Can you post all logs?
>>>>
>>>>
>>>> On Tue, Aug 16, 2016 at 6:10 PM, Oleg Stolyar <olegstolyar at gmail.com>
>>>> wrote:
>>>>
>>>>> Hi guys,
>>>>>
>>>>> I am trying to connect to FS using the CounterPath SDK for Android.  I
>>>>> use TLS for signalling.  All works well until I try to enable SRTP.  Then
>>>>> FS rejects the call the INCOMPATIBLE_DESTINATION message.  Is there
>>>>> something wrong with the SDP?  Here are the relevant SDPs from the INVITES.
>>>>>
>>>>> NON-SRTP (works)
>>>>>    v=0
>>>>>    o=- 622419737965 1 IN IP4 192.168.1.78
>>>>>    s=
>>>>>    c=IN IP4 192.168.1.78
>>>>>    t=0 0
>>>>>    m=audio 57194 RTP/AVP 3 120 123 122 121 9 8 0 84 85 18 101
>>>>>    a=rtpmap:120 opus/48000/2
>>>>>    a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000
>>>>>    a=rtpmap:123 SILK/24000
>>>>>    a=rtpmap:122 SILK/16000
>>>>>    a=rtpmap:121 SILK/8000
>>>>>    a=rtpmap:84 speex/16000
>>>>>    a=rtpmap:85 speex/8000
>>>>>    a=rtpmap:18 G729/8000
>>>>>    a=fmtp:18 annexb=yes
>>>>>    a=rtpmap:101 telephone-event/8000
>>>>>    a=fmtp:101 0-15
>>>>>    a=sendrecv
>>>>>
>>>>> SRTP (does not work)
>>>>>    v=0
>>>>>    o=- 622187157154 1 IN IP4 192.168.1.78
>>>>>    s=
>>>>>    c=IN IP4 192.168.1.78
>>>>>    t=0 0
>>>>>    a=fingerprint:SHA-256 4D:08:D6:49:9E:CA:77:A2:77:74:
>>>>> 02:A0:B9:92:32:2F:2D:76:7D:59:7F:A4:CA:85:16:BA:D0:27:0A:74:1C:0F
>>>>>    a=setup:actpass
>>>>>    m=audio 61434 UDP/TLS/RTP/SAVP 3 120 123 122 121 9 8 0 84 85 18 101
>>>>>    a=rtpmap:120 opus/48000/2
>>>>>    a=fmtp:120 useinbandfec=1; usedtx=1; maxaveragebitrate=64000
>>>>>    a=rtpmap:123 SILK/24000
>>>>>    a=rtpmap:122 SILK/16000
>>>>>    a=rtpmap:121 SILK/8000
>>>>>    a=rtpmap:84 speex/16000
>>>>>    a=rtpmap:85 speex/8000
>>>>>    a=rtpmap:18 G729/8000
>>>>>    a=fmtp:18 annexb=yes
>>>>>    a=rtpmap:101 telephone-event/8000
>>>>>    a=fmtp:101 0-15
>>>>>    a=sendrecv
>>>>>
>>>>>
>>>>> ____________________________________________________________
>>>>> _____________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/
>>>>> options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>
>>>>
>>>> ____________________________________________________________
>>>> _____________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/
>>>> options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>
>>> ____________________________________________________________
>>> _____________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160817/88bc123d/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list