#69 SRTP Support

closed-fixed
Protocol/Other
5
2015-06-21
2013-09-13
Denis Doria
No

Hi,
Since 2013-03-20 there is srtp support on farstream: https://bugs.freedesktop.org/show_bug.cgi?id=52481

As in the faq is stated that the support issue is the lack of implementation on farstream:"Farstream (formerly known as Farsight) doesn't support SRTP and therefore SIPE is unable to create encrypted calls. The encryption must be disabled in the client you are trying to call. Please check the file contrib/media-patches/README.txt in the source code release for the details."

I would like to know if you guys have any plan to integrate this on pidgin-sipe, looks like the srtp implementation is arriving in the distribuitions, at least this is already the case for gstreamer1.0-plugins-bad that are in debian experimental.

Thanks for the awesome work so far.

Related

Bugs: #305

Discussion

  • Stefan Becker

    Stefan Becker - 2013-09-14
    • assigned_to: Jakub Adam
     
  • Stefan Becker

    Stefan Becker - 2013-09-14

    I'm not sure if there are any changes needed in SIPE now that farstream is supposed to support SRTP.

    So a stupid question: have you installed the latest gstreamer & farstream with SRTP support and simply tried to set up an encrypted call with SIPE? Does it work? If not, can you provide the --debug log for the failure?

     
  • Denis Doria

    Denis Doria - 2013-09-16

    Yep, I installed; I assumed the same as you, that the fact that I have the
    srtp installed it would make the connection works, but this is not the case.

    dpkg -l gstreamer1.0-plugins-bad
    Desired=Unknown/Install/Remove/Purge/Hold
    |
    Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
    |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
    ||/ Name Version
    Architecture Description
    +++-==========================================-==========================-==========================-==========================================================================================
    ii gstreamer1.0-plugins-bad:amd64 1.1.4-3
    amd64 GStreamer plugins from the "bad" set

    But maybe here is the problem, I'm using the libfarstream-0.1-0; and my
    repo already have the libfarstream-0.2-2; but neither my version of pidgin
    nor my version of pidgin-sipe are compiled to use the latest. So although I
    have the correct version of the plugins-bad, maybe I lack the support on
    libfarstream.

    The error that I have is the same as before the installation of the latest
    plugins-bad:
    Reason="Error parsing SDP: SRTP-encrypted media required to establish
    connection"

    Now I think I need to try to compile pidgin using the libfarstream-0.2, I'm
    going to give a shot and let you know.

     
    Last edit: Stefan Becker 2014-05-06
  • David Woodhouse

    David Woodhouse - 2013-10-09

    I don't believe farstream does support SRTP yet. If you look at the referenced bug https://bugs.freedesktop.org/show_bug.cgi?id=52481 you'll see that it's still open, in NEW state.

    The comment (#1) on 2013-03-20 speaks of SRTP now being supported in gstreamer, but there's extra work to be done to ensure that farstream can use that and expose it via its own API.

     
  • Stefan Becker

    Stefan Becker - 2013-11-27

    This is my understanding of what is missing, based on other discussion threads:

    • SRTP support in gstreamer: DONE
    • SRTP support in farstream: easy, ongoing
    • TCP TURN support in libnice: needed? patch available, ongoing?
    • SRTP support in libpurple media API: complicated, as 2.x is dead and nobody knows when 3.x comes out
    • SIPE needs to extract SRTP keys from SDP message and pass them through the new libpurple APIs down to farstream
     
  • Denis Doria

    Denis Doria - 2014-05-06

    Just to update this, since it being a long time ago.
    farstream received the commit to support srtp (some hours ago):
    http://cgit.collabora.com/git/user/tester/farstream.git/log/?h=srtp
    The bug tracker was update too:
    https://bugs.freedesktop.org/show_bug.cgi?id=52481

    So srtp should be ready in few weeks, do you guys have any plan to work on the final steps to integrate with sipe?

     
    • Stefan Becker

      Stefan Becker - 2014-05-06

      That closes only one point on the external dependencies list

       
      • Denis Doria

        Denis Doria - 2014-05-06

        The biggest problem would be libpurple.
        Is there any change necessary on libnice? From you last message looks
        like you are not so sure about it.

         
        Last edit: Stefan Becker 2014-05-06
  • Stefan Becker

    Stefan Becker - 2014-05-06

    git HEAD has some changes that are for the ongoing libnice TCP transport work. I don't know if that work is related to SRTP support.

    I don't think there will be SRTP support in libpurple until Pidgin 3.x.x is released.

     
    • Denis Doria

      Denis Doria - 2014-05-06

      Anyway I opened a ticket with pidgin to check when this will be done:
      https://developer.pidgin.im/ticket/16225

      (editors note: please stop replying to emails. They clutter the ticket system with unnecessary junk)

       
      Last edit: Stefan Becker 2014-05-06
  • Stefan Becker

    Stefan Becker - 2015-06-20
    • status: open --> closed-fixed
     
  • David Woodhouse

    David Woodhouse - 2015-06-20

    I've backported all the APIs, and the gstreamer-1.x support and should all work in the latest Pidgin 2.x (from hg; not the 2.10 release but whatever comes next).

    We are shipping those latest 2.x patches in Fedora 22. The only thing we need to get SRTP as well as file transfer and screen sharing (1:1 only; no meetings yet) is the pidgin-sipe parts. I have those in a COPR at https://copr.fedoraproject.org/coprs/dwmw2/sipecollab/builds/ (note the only thing built for Fedora 22 is pidgin-sipe).

    I think Jakub has now committed the SRTP parts to the 'mob' branch of siplcs. The file transfer and screen sharing need more work; last time I looked they were blocking the main thread by sending TCP data from it. But we're getting there, slowly...

     
  • Denis Doria

    Denis Doria - 2015-06-21

    Stefan; from the link that you sent looks like it should work on pidgin 2.x too; but it could have some problems with encryption, that can be fixed using a .reg file. Breaking the commit message:

    • minimum: pidgin >= 2.8.0, libnice >= 0.1.0, farsight2 >= 0.0.26
      if you get errors on
      incompatible encryption levels when making a call, change to peer's registry
      is needed to allow unencrypted media transfer; use the .reg file in this
      directory.

    • recommended: pidgin 3.0, libnice >= 0.1.13, farstream >= 0.2.7

    As this ticket is closed; should we open another one for meeting and sharing screen?

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks