search

kailash-ratufa / csipsimple

Automatically exported from code.google.com/p/csipsimple
0 stars 0 forks source link

SRTP - change in SDP from a=crypto in RTP/AVP to RTP/SAVP (RFC3711) #405

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. enable TLS and SRTP
2. connect to FreeSWITCH (must be enabled for TLS/SRTP)
3. make a call

What is the expected output? What do you see instead?
Call should be connected, FreeSWITCH rejects the call because the SDP contains 
'a=crypto in RTP/AVP" instead of "a=crypto RTP/SAVP". RFC3711 defines that and 
FreeSWITCH is strict on that. 

Other phones like i.e. Snom let you choose whether to put RTP/AVP (for broken 
devices) or RTP/SAVP for SRTP calls.

What version of the product are you using? On what operating system?
TLS enabled version. Note: TLS+SRTP works fine generally. Tested against other 
TLS/SRTP enabled devices which were not that strict.

Please either make a permanent change to RTP/SAVP or make it configurable like 
Snom does.

Please provide any additional information below.
http://wiki.freeswitch.org/wiki/FreeSwitch_FAQ#Q:_I_see_this_on_my_console_when_
calling_FreeSWITCH_with_a_Snom_phone_.22a.3Dcrypto_in_RTP.2FAVP.2C_refer_to_RFC_
3711.22_how_can_I_fix_this.3F

Original issue reported on code.google.com by Ingmar.S...@googlemail.com on 22 Nov 2010 at 10:29

GoogleCodeExporter commented 9 years ago 
I came across this as well,  SRTP is working when set to manditory.. however 
fails when set to optional.

Original comment by wheresau...@lavabit.com on 22 Nov 2010 at 11:27

GoogleCodeExporter commented 9 years ago 
I came across this as well,  SRTP is working when set to manditory.. however 
fails when set to optional.  Tested with freeswitch

Original comment by wheresau...@lavabit.com on 22 Nov 2010 at 11:27

GoogleCodeExporter commented 9 years ago 
Yes Austin is right, you should set the SRTP mode to "mandatory" in expert 
account setting. 
The INVITE is :
With disabled ... well only RTP/AVP is sent, 
With optional, two invites are sent but AFAIK, it's not very well supported. 
But you could ask on pjsip mailing list why things goes this way. (What I do on 
csipsimple is just porting and integrating csipsimple to android).
With mandatory, only RTP/SAVP is sent.

Be careful about that : there is two place where to set the SRTP mode : 
On global settings (it ~should~ affect all accounts except those with wizard 
that explicitly set the SRTP mode).
On expert account setting (I advise you to use this one for SRTP mode), and it 
actually change the mode for this account.

Original comment by r3gis...@gmail.com on 22 Nov 2010 at 12:02

GoogleCodeExporter commented 9 years ago 
Perfect! Thanks a lot!!

Original comment by Ingmar.S...@googlemail.com on 23 Nov 2010 at 8:41