Closed AlexRomanEnflick closed 5 years ago
negbie
commented
5 years ago Hi @AlexRomanEnflick thank you for the captures. Would it be possible to open this under the captagent repo? Right now I don't have any plans to implement such a feature but @kYroL01 did a lot of work in this area so maybe he can help you.
kYroL01
commented
5 years ago Hi @AlexRomanEnflick and @negbie . Actually in captagent I add a support for TLS decryption with some encoding (I'd like more but it's not so easy), but no DTLS support yet. If you think is a good feature to add, I can begin to plan it, but I cannot give it high priority right now. Anyway, let's talk about it, of course.
negbie
commented
5 years ago When @AlexRomanEnflick opens this under the captagent repo @kYroL01 can wait and see how many thumbs up it will get before starting anything. For myself I don't think it's that useful because to make this work you have to weaken endusers security by forcing non Diffie-Hellman cipher suites. In my company I wouldn't allow it because in the long run it could be a two-edged sword.
kYroL01
commented
5 years ago Thanks @negbie for the hint.
negbie
commented
5 years ago Should be moved to captagent repo. Closing here.
Hello,
I am trying to capture RTCP data on a FreeSWITCH node which is servicing WebRTC calls. Due to their nature, the RTCP is muxed with RTP on the same port, and the stream is DTLS encrypted.
It seems to me that heplify does not support DTLS streams. I could not find an option to supply a DTLS certificate to use for decrypting. It would be great to have support for this.
I've attached a set of captures (encrypted and decrypted versions) along with the DTLS certificate from our FreeSWITCH box. This should have all that's needed to debug/troubleshoot. The captures contain 1 call with 2 legs, 1 from a WebRTC browser which is encrypted, and another to PSTN, in-clear.
Please let me know if you have any further questions I can answer, or if you need anything else for debugging.
Thanks!
heplify_srtp.zip