Closed vadimd333 closed 1 year ago
That error is coming from OpenSSL. Never seen it before and no idea what it means. What platform is this and what version of OpenSSL?
CentOS Linux release 7.9.2009 (Core)
openssl11-libs-1.1.1k-3.el7.x86_64 openssl-libs-1.0.2k-25.el7_9.x86_64 openssl-1.0.2k-25.el7_9.x86_64
Such SDP in the INVITE (to WebRTC):
v=0 o=- 432994847 432994847 IN IP4 195.216.147.147 s=P2SIP-A c=IN IP4 195.216.147.147 t=0 0 m=audio 10994 RTP/SAVPF 8 0 107 101 a=maxptime:20 a=rtpmap:8 PCMA/8000 a=rtpmap:0 PCMU/8000 a=rtpmap:107 opus/48000/2 a=fmtp:107 useinbandfec=1 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-16 a=sendrecv a=rtcp:10995 a=rtcp-mux a=setup:actpass a=fingerprint:sha-256 A1:EF:24:44:02:77:0F:A2:B3:43:83:42:0E:4D:DB:4E:F5:5D:C9:DE:E9:35:EC:12:36:C8:19:6E:34:EF:3B:80 a=ptime:20 a=ice-ufrag:5eELLAg6 a=ice-pwd:7zuWfG3a4C3zbrRkjIow0lVlGw a=candidate:3725PLA4OvYPHqQy 1 UDP 2130706431 195.216.147.147 10994 typ host a=candidate:3725PLA4OvYPHqQy 2 UDP 2130706430 195.216.147.147 10995 typ host
When i try to compile it with openssl-1.1.1k (headers) the following errors appear:
stun.o: In function
__integrity': /usr/src/rtpengine/daemon/stun.c:360: undefined reference to
HMAC_CTX_new' /usr/src/rtpengine/daemon/stun.c:374: undefined reference toHMAC_CTX_free' crypto.o: In function
hmac_sha1_rtp': /usr/src/rtpengine/daemon/crypto.c:827: undefined reference toHMAC_CTX_new' /usr/src/rtpengine/daemon/crypto.c:839: undefined reference to
HMAC_CTX_free' dtls.o: In functioncert_init': /usr/src/rtpengine/daemon/dtls.c:311: undefined reference to
X509_getm_notBefore' /usr/src/rtpengine/daemon/dtls.c:314: undefined reference toX509_getm_notAfter' dtls.o: In function
dtls_connection_init': /usr/src/rtpengine/daemon/dtls.c:645: undefined reference toSSL_set_options' /usr/src/rtpengine/daemon/dtls.c:651: undefined reference to
SSL_CTX_set_options' collect2: ошибка: выполнение ld завершилось с кодом возврата 1 make[2]: [rtpengine] Ошибка 1 rm sdp.strhash.c control_ng.strhash.c call_interfaces.strhash.c janus.strhash.c make[2]: Выход из каталога `/usr/src/rtpengine/daemon' make[1]: [all] Ошибка 2 make[1]: Выход из каталога `/usr/src/rtpengine/daemon' make: *** [all] Ошибка 2
On CentOS 8 it works. But in the log file i find such lines:
Aug 9 16:29:57 proxy-02 rtpengine[58883]: ERR: [dc6308e1-f0b8-42ca-9a13-50463cce7ca6 port 10120]: [core] SRTP output wanted, but no crypto suite was negotiated Aug 9 16:30:54 proxy-02 rtpengine[58883]: ERR: [gpouof7k5st5escn02ah port 10136]: [core] SRTP output wanted, but no crypto suite was negotiated Aug 9 16:30:59 proxy-02 rtpengine[58883]: ERR: [gpouof7k5st5escn02ah port 10137]: [rtcp] SRTCP output wanted, but no crypto suite was negotiated
i use webrtc --> dsiprouter + rtpengine --> asterisk openssl version 1.1.1
i encounted the same issue... can anyone help?
i encounted the same issue... can anyone help?
I just figured it out. please check this post for reference.
Hope it could help.
Thanks for the update. Closing this issue then. Perhaps older OpenSSL versions don't like the EC-based certificates.
Hi @rfuchs , sorry to post on this closed ticket, but I just started having this exact issue after upgrading rtpengine from 8.5.2.7 to 10.5.3.6. I'm on centos 7 and openssl 1.0.2k, this problem doesn't happen with version 8.5.2.7 but happens if I upgrade to the 10.5.3.6, would you possibly know what has changed in rtpengine that now causes this issue? You mentioned "Perhaps older OpenSSL versions don't like the EC-based certificates.", so is now RTPengine using EC certificates instead of the RSA ones?
I found I can change the dtls-cert-cipher to rsa, then the key mismatch error is gone. However, it started giving the error described here https://github.com/sipwise/rtpengine/issues/1210
Hello!
I have a schema: WebRTC (SRTP) -> OpenSIPS (SIP/RTP) -> Asterisk. When the WS-client (JsSIP) calls to the above schema i see the following lines in the log file:
The config file looks like this: rtpengine_manage("trust-address replace-origin replace-session-connection rtcp-mux-offer DTLS=passive SDES-off ICE=force RTP/SAVPF")
What do I need to do to fix this? Can anyone help me?