[Freeswitch-users] Accepting an "optional" SRTP offer (crypto in RTP/AVP) and establishing SRTP
Alexey Sibyakin
alex at freeswitch.com
Thu Oct 11 01:56:53 UTC 2018
Take a close look to default.xml of vanilla dialplan. There are some
examples of SDP parsing here, you can use them in condition to detect your
special case. To enforce SRTP you just need to set rtp_secure_media. Don't
forget to reread documentation on the last one:
https://freeswitch.org/confluence/display/FREESWITCH/rtp_secure_media
Alex
On Thu, Oct 11, 2018 at 12:54 AM William Simon <wsimon at stratusvideo.com>
wrote:
> Can anyone offer insight into this matter?
>
> Endpoint offers RTP/AVP with crypto. We want Freeswitch to respond to the
> RTP/AVP and agree to the crypto and do SRTP.
>
>
> > On Oct 5, 2018, at 10:27 AM, William Simon <wsimon at stratusvideo.com>
> wrote:
> >
> > We are working with an endpoint that offers optional SRTP in the
> non-RFC-compliant way of an a=crypto attribute within RTP/AVP.
> >
> > I have told FreeSWITCH to allow this with rtp_allow_crypto_in_avp=true
> at the right place in the dialplan.
> >
> > Immediately after that in the dialplan I have to reject SRTP by using
> rtp_secure_media=forbidden, otherwise the call setup still fails. By
> setting the value to forbidden, the call does proceed unencrypted.
> >
> > We want FreeSWITCH to proceed with media encryption. Setting
> rtp_secure_media to any other value results in FreeSWITCH rejecting the
> offer like this:
> >
> > v=0
> > o=FreeSWITCH 1538660754 1538660755 IN IP4 192.168.100.104
> > s=FreeSWITCH
> > c=IN IP4 192.168.100.104
> > t=0 0
> > m=audio 0 RTP/AVP 19
> > m=video 0 RTP/AVP 19
> >
> > Is there anything else I can do to force SRTP in the answer?
> >
>
>
>
> “The information transmitted is intended only for the person or entity to
> which it is addressed and may contain proprietary, business-confidential
> and/or privileged material. If you are not the intended recipient of this
> message you are hereby notified that any use, review, retransmission,
> dissemination, distribution, reproduction or any action taken in reliance
> upon this message is prohibited. If you received this in error, please
> contact the sender and delete the material from any computer.”
> _________________________________________________________________________
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
--
Alex Sibyakin | Support Engineer
FreeSWITCH Solutions | 17345 Civic Drive #2531 Brookfield, WI 53045
<https://maps.google.com/?q=17345+Civic+Drive+%232531+Brookfield,+WI+53045&entry=gmail&source=g>
Email: alex at freeswitch.com
Website: https://www.FreeSWITCH.com <https://www.freeswitch.com/>
Need commercial support? Contact sales at freeswitch.com for details.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20181011/92e7d701/attachment.html>
More information about the FreeSWITCH-users
mailing list