Menu

#405 SRTP - change in SDP from a=crypto in RTP/AVP to RTP/SAVP (RFC3711)

WrongConfig
nobody
None
Medium
Defect
2010-11-23
2010-11-22
Anonymous
No

Originally created by: Ingmar.S...@googlemail.com

What steps will reproduce the problem?
1. enable TLS and SRTP
2. connect to FreeSWITCH (must be enabled for TLS/SRTP)
3. make a call

What is the expected output? What do you see instead?
Call should be connected, FreeSWITCH rejects the call because the SDP contains 'a=crypto in RTP/AVP" instead of "a=crypto RTP/SAVP". [rFC3711] defines that and FreeSWITCH is strict on that.

Other phones like i.e. Snom let you choose whether to put RTP/AVP (for broken devices) or RTP/SAVP for SRTP calls.

What version of the product are you using? On what operating system?
TLS enabled version. Note: TLS+SRTP works fine generally. Tested against other TLS/SRTP enabled devices which were not that strict.

Please either make a permanent change to RTP/SAVP or make it configurable like Snom does.

Please provide any additional information below.
http://wiki.freeswitch.org/wiki/FreeSwitch_FAQ#Q:I_see_this_on_my_console_when_calling_FreeSWITCH_with_a_Snom_phone.22a.3Dcrypto_in_RTP.2FAVP.2C_refer_to_RFC_3711.22_how_can_I_fix_this.3F

Discussion

  • Comment has been marked as spam. 
    Undo

    View and moderate all "tickets Discussion" comments posted by this user

    Mark all as spam, and block user from posting to "Tickets"

    Anonymous

    Anonymous - 2010-11-22

    Originally posted by: wheresau...@lavabit.com

    I came across this as well,  SRTP is working when set to manditory.. however fails when set to optional.

     
  • Comment has been marked as spam. 
    Undo

    View and moderate all "tickets Discussion" comments posted by this user

    Mark all as spam, and block user from posting to "Tickets"

    Anonymous

    Anonymous - 2010-11-22

    Originally posted by: wheresau...@lavabit.com

    I came across this as well,  SRTP is working when set to manditory.. however fails when set to optional.  Tested with freeswitch

     
  • Comment has been marked as spam. 
    Undo

    View and moderate all "tickets Discussion" comments posted by this user

    Mark all as spam, and block user from posting to "Tickets"

    Anonymous

    Anonymous - 2010-11-22

    Originally posted by: r3gis...@gmail.com

    Yes Austin is right, you should set the SRTP mode to "mandatory" in expert account setting.
    The INVITE is :
    With disabled ... well only RTP/AVP is sent,
    With optional, two invites are sent but AFAIK, it's not very well supported. But you could ask on pjsip mailing list why things goes this way. (What I do on csipsimple is just porting and integrating csipsimple to android).
    With mandatory, only RTP/SAVP is sent.

    Be careful about that : there is two place where to set the SRTP mode :
    On global settings (it ~should~ affect all accounts except those with wizard that explicitly set the SRTP mode).
    On expert account setting (I advise you to use this one for SRTP mode), and it actually change the mode for this account.

    Status: WrongConfig

     

Log in to post a comment.