Open ocarriles opened 8 years ago
@deruelle RTP Proxy is now functional
@deruelle Secure media termination on SBC as follows:
UAC(DMZ)--------SAVP/SRTP----->(SBC Proxy)--------AVP/RTP------>UAS(MZ)
@ocarriles You got the SRTP to work as well ? Did you try with UAC being a WebRTC client by any chance ?
@deruelle I am working on that just for SRTP on non-WEBRTC UAC. Must resolve issue#24 before, because my development environment lacks of a real public internet address. Will deploy my snapshot at cloud.eolos.la to keep on pushing forward.
This may actually work nicely for DTLS-SRTP too and ICE. Let me know if you need help here @hrosa could potentially provide some additional insights for WebRTC
@deruelle Just working with a subset of the restcomm-mediaserver.io sub-package. Seems that all the pieces I need are there. :)
@deruelle @hrosa Hi Henrique, the SBC project has to solve an issue related to secure media proxing. Seems mediaserver.io subpackage contains useful code to: a) parse/build WebRTC SDP content b) ICE helper c) DTLS encoding/decoding payload media stream.
Our goal is to remain as lightweight as possible with media related stuff. Some tips about a minimal usage of CryptoContext and SRTPTransformer would be actually very useful. Any feedback/advice would also be very valuable. Kind regards.
Hi @ocarriles
Have you looked at DtlsHandler class?
You should have one per RTP/RTCP connection. It is responsible for performing the DTLS handshake and to provide encoders/decoders for RTP/RTCP packets.
Hi @hrosa Thanks for your response. So so, I will keep on eye on it. I will need an instance of DtlsSrtpServerProvider first. Regards
@deruelle partial DTLS and NIO support
@deruelle sbc.xml is not really needed. DTLS termination could be detected looking at the routing policy. (i.e) Route A: source Connector DMZ:WSS:5083, target connector MZ:WSS:5085 (DTLS pass-thru) Route B: source Connector DMZ:WSS:5083, target connector MZ:UDP:5080 (DTLS Termination)
@deruelle Would it be enough, at least for alpha milestone, to embed a minimal RTP/SRTP proxy? Just not to deal width mediaserver complexities.