[Freeswitch-users] HELP DTLS HANDSHAKE to FAIL chromeV87

Ciprian Dosoftei ciprian.dosoftei at gmail.com
Fri Dec 4 21:45:08 UTC 2020


Check the length of the dtls-srtp.pem key, if its length is short (< 4096)
you can run into handshake issues.

You can also remove the pem file and allow FreeSWITCH to create a fresh one
upon restart.

On Fri, 4 Dec 2020 at 14:36, Eberl Guenther <guenther.eberl at besharp.at>
wrote:

> Hi,
>
>
>
> I guess it is the freeswitch bug were TLS V 1.0 for audio streams is
> hardcoded in older versions.
>
>
>
> You should see it on your data traces on the audio ports.
>
>
>
> Bye
>
> Gunther
>
>
>
>
>
> *Von:* FreeSWITCH-users <freeswitch-users-bounces at lists.freeswitch.org> *Im
> Auftrag von *Jazmin Marina Florez Marino
> *Gesendet:* Freitag, 4. Dezember 2020 18:24
> *An:* FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>;
> freeswitch-dev at lists.freeswitch.org;
> freeswitch-users-request at lists.freeswitch.org
> *Betreff:* [Freeswitch-users] HELP DTLS HANDSHAKE to FAIL chromeV87
>
>
>
> Hi
>
> I have a verto client trying to connect to FS using Chrome V87 but we have
> DTLS problems.
>
> The openssl version we are using on FS side is OpenSSL 1.0.2k-fips
>
> FreeSWITCH (Version 1.8.4  64bit)
>
>
>
>
>
> FS LOG - Chrome V87  FAILED CONNECTION
>
>
>
> 2020-12-03 11:23:06.762291 [ERR] switch_rtp.c:3199 video Handshake failure
> 1
>
> 2020-12-03 11:23:06.762291 [INFO] switch_rtp.c:3200 Changing video DTLS
> state from HANDSHAKE to FAIL
>
> 2020-12-03 11:23:06.832295 [ERR] switch_rtp.c:3199 audio Handshake failure
> 1
>
> 2020-12-03 11:23:06.832295 [INFO] switch_rtp.c:3200 Changing audio DTLS
> state from HANDSHAKE to FAIL
>
> 2020-12-03 11:23:06.852295 [NOTICE] switch_rtp.c:3181 Hangup
> verto.rtc/3520 [CS_EXECUTE] [DESTINATION_OUT_OF_ORDER]
>
> 2020-12-03 11:23:06.852295 [DEBUG] switch_core_media.c:7470 verto.rtc/3520
> Video thread ended
>
> 2020-12-03 11:23:06.872305 [INFO] conference_loop.c:1670 Channel leaving
> conference, cause: DESTINATION_OUT_OF_ORDER
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_session.c:2639
> verto.rtc/3520 skip receive message [DISPLAY] (channel is hungup already)
>
> 2020-12-03 11:23:06.872305 [DEBUG] mod_conference.c:2467 verto.rtc/3520
> skip receive message [TRANSFER] (channel is hungup already)
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_media.c:12220
> verto.rtc/3520 skip receive message [BITRATE_REQ] (channel is hungup
> already)
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_codec.c:248 verto.rtc/3520
> Restore previous codec opus:116.
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_session.c:2886
> verto.rtc/3520 skip receive message [PHONE_EVENT] (channel is hungup
> already)
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:650
> (verto.rtc/3520) State EXECUTE going to sleep
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:584
> (verto.rtc/3520) Running State Change CS_HANGUP (Cur 1 Tot 3)
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:847
> (verto.rtc/3520) Callstate Change ACTIVE -> HANGUP
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:849
> (verto.rtc/3520) State HANGUP
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:60
> verto.rtc/3520 Standard HANGUP, cause: DESTINATION_OUT_OF_ORDER
>
> 2020-12-03 11:23:06.872305 [DEBUG] switch_core_state_machine.c:849
> (verto.rtc/3520) State HANGUP going to sleep
>
>
>
> The weird thing is the connection works ok when the version of chrome is
> V86. Some weeks ago chrome was updated and we detected this issue.
>
>
>
> FS LOG - ChromeV86 CONNECTION OK
>
>
>
> 2020-12-03 11:19:19.622294 [INFO] switch_rtp.c:3206 Changing video DTLS
> state from HANDSHAKE to SETUP
>
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:3113 video Fingerprint
> Verified.
>
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:4104 Activating video
> Secure RTP SEND
>
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:4082 Activating video
> Secure RTP RECV
>
> 2020-12-03 11:19:19.672317 [DEBUG] switch_core_sqldb.c:2617 Secure Type:
> srtp:dtls:AES_CM_128_HMAC_SHA1_80
>
> 2020-12-03 11:19:19.672317 [INFO] switch_rtp.c:3155 Changing video DTLS
> state from SETUP to READY
>
> 2020-12-03 11:19:19.672317 [DEBUG] switch_rtp.c:1890 rtcp_stats_init:
> video ssrc[2719546543] base_seq[1999]
>
> 2020-12-03 11:19:19.672317 [DEBUG] switch_core_sqldb.c:2617 Secure Type:
> srtp:dtls:AES_CM_128_HMAC_SHA1_80
>
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:3206 Changing audio DTLS
> state from HANDSHAKE to SETUP
>
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:3113 audio Fingerprint
> Verified.
>
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:4104 Activating audio
> Secure RTP SEND
>
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:4082 Activating audio
> Secure RTP RECV
>
> 2020-12-03 11:19:19.702298 [DEBUG] switch_core_sqldb.c:2617 Secure Type:
> srtp:dtls:AES_CM_128_HMAC_SHA1_80
>
> 2020-12-03 11:19:19.702298 [INFO] switch_rtp.c:3155 Changing audio DTLS
> state from SETUP to READY
>
> 2020-12-03 11:19:19.702298 [DEBUG] switch_core_sqldb.c:2617 Secure Type:
> srtp:dtls:AES_CM_128_HMAC_SHA1_80
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com



-- 
Best Regards,
Ciprian Dosoftei

The information transmitted is intended only for the addressee and may
contain privileged and/or confidential material. If you are not the
intended recipient, kindly contact the sender and delete the message.

Any disclosure, distribution or copying of this message is strictly
prohibited without the expressed permission of the sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20201204/b38940bd/attachment.html>


More information about the FreeSWITCH-users mailing list