Hi All,
Have been trying to workout how to solve a call scenario involving
SRTP and need some help.
The scenario is:
Eyebeam ---->FS----->Eyebeam with make and accept only encrypted calls set.
What I am hoping to acheive is, if the A leg does not have SRTP set
and no SRTP Descriptors are sent in the INVITE to the B leg, when the
B leg responds with 415 Bad Security Level this is intercepted and a
re-invite is sent with the security descriptions so this call, 1,
terminates and 2, is B leg secure.
In my dialplan I have CONTINUE_ON_FAILURE set for 79 and then set
BYPASS_MEDIA=FALSE (was SET true earlier in the Dialplan) and EXPORT
SIP_SECURE_MEDIA=TRUE then finaly bridge the call once more.
What I get is
Eyebeam FS Eyebeam
---->INVITE no SRTP---->
<---100 Trying <---------
---->INVITE no SRTP---->
<---415 Bad Security<----
---->INVITE no SRTP---->
Based on the following debug snippet showing the continue on fail
occuring, the Local Key is generated, however it is not added to the
second INVITE message when sent out.
2009-05-22 13:23:40 [DEBUG] switch_ivr_originate.c:2094
switch_ivr_originate() Originate Resulted in Error Cause: 79
[SERVICE_NOT_IMPLEMENTED]
2009-05-22 13:23:40 [INFO] mod_dptools.c:2074 audio_bridge_function()
Originate Failed. Cause: SERVICE_NOT_IMPLEMENTED
2009-05-22 13:23:40 [DEBUG] mod_dptools.c:2101 audio_bridge_function()
Continue on fail [true]: Cause: SERVICE_NOT_IMPLEMENTED
EXECUTE sofia/internal/[email protected] set(bypass_media=false)
2009-05-22 13:23:40 [DEBUG] mod_dptools.c:748 set_function()
sofia/internal/[email protected] SET
[bypass_media]=[false]
EXECUTE sofia/internal/[email protected]
export(sip_secure_media=true)
2009-05-22 13:23:40 [DEBUG] mod_dptools.c:886 export_function() EXPORT
[sip_secure_media]=[true]
EXECUTE sofia/internal/[email protected]
export(sip_crypto_mandatory=true)
2009-05-22 13:23:40 [DEBUG] mod_dptools.c:886 export_function() EXPORT
[sip_crypto_mandatory]=[true]
EXECUTE sofia/internal/[email protected]
bridge({sip_from_uri=sip:[email protected]}sofia/sip.evolutiontel.net/[email protected]^[email protected])
2009-05-22 13:23:40 [DEBUG] switch_ivr_originate.c:1082
switch_ivr_originate() variable string 0 =
[sip_from_uri=sip:[email protected]]
2009-05-22 13:23:40 [NOTICE] switch_channel.c:602
switch_channel_set_name() New Channel
sofia/internal/[email protected]
[b0e7a29c-b154-4b9c-b851-4d987669571f]
2009-05-22 13:23:40 [DEBUG] mod_sofia.c:2659 sofia_outgoing_channel()
(sofia/internal/[email protected]) State Change CS_NEW -> CS_INIT
2009-05-22 13:23:40 [DEBUG] switch_core_session.c:933
switch_core_session_signal_state_change() Send signal
sofia/internal/[email protected] [BREAK]
2009-05-22 13:23:40 [NOTICE] switch_core_session.c:1085
switch_core_session_thread() Session 225
(sofia/internal/[email protected]) Ended
2009-05-22 13:23:40 [NOTICE] switch_core_session.c:1087
switch_core_session_thread() Close Channel
sofia/internal/[email protected] [CS_DESTROY]
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:559
switch_core_session_destroy_state()
(sofia/internal/[email protected]) State DESTROY
2009-05-22 13:23:40 [DEBUG] mod_sofia.c:240 sofia_on_destroy()
sofia/internal/[email protected] SOFIA DESTROY
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:60
switch_core_standard_on_destroy()
sofia/internal/[email protected] Standard DESTROY
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:559
switch_core_session_destroy_state()
(sofia/internal/[email protected]) State DESTROY going to sleep
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:397
switch_core_session_run() (sofia/internal/[email protected])
Running State Change CS_INIT
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:480
switch_core_session_run() (sofia/internal/[email protected])
State INIT
2009-05-22 13:23:40 [DEBUG] mod_sofia.c:83 sofia_on_init()
sofia/internal/[email protected] SOFIA INIT
2009-05-22 13:23:40 [DEBUG] sofia_glue.c:1972
sofia_glue_build_crypto() Set Local Key [1 AES_CM_128_HMAC_SHA1_32
inline:0mENEM7ab0d6DtmcCMgDmbHXlYIHpdXdLnVCtFYX]
2009-05-22 13:23:40 [DEBUG] mod_sofia.c:111 sofia_on_init()
(sofia/internal/[email protected]) State Change CS_INIT ->
CS_ROUTING
2009-05-22 13:23:40 [DEBUG] switch_core_session.c:933
switch_core_session_signal_state_change() Send signal
sofia/internal/[email protected] [BREAK]
2009-05-22 13:23:40 [DEBUG] sofia.c:2911 sofia_handle_sip_i_state()
Channel sofia/internal/[email protected] entering state
[calling][0]
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:480
switch_core_session_run() (sofia/internal/[email protected])
State INIT going to sleep
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:397
switch_core_session_run() (sofia/internal/[email protected])
Running State Change CS_ROUTING
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:483
switch_core_session_run() (sofia/internal/[email protected])
State ROUTING
2009-05-22 13:23:40 [DEBUG] mod_sofia.c:130 sofia_on_routing()
sofia/internal/[email protected] SOFIA ROUTING
2009-05-22 13:23:40 [DEBUG] switch_ivr_originate.c:63
originate_on_routing() (sofia/internal/[email protected]) State
Change CS_ROUTING -> CS_CONSUME_MEDIA
2009-05-22 13:23:40 [DEBUG] switch_core_session.c:933
switch_core_session_signal_state_change() Send signal
sofia/internal/[email protected] [BREAK]
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:483
switch_core_session_run() (sofia/internal/[email protected])
State ROUTING going to sleep
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:397
switch_core_session_run() (sofia/internal/[email protected])
Running State Change CS_CONSUME_MEDIA
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:502
switch_core_session_run() (sofia/internal/[email protected])
State CONSUME_MEDIA
2009-05-22 13:23:40 [DEBUG] switch_core_state_machine.c:502
switch_core_session_run() (sofia/internal/[email protected])
State CONSUME_MEDIA going to sleep
2009-05-22 13:23:40 [DEBUG] sofia.c:2911 sofia_handle_sip_i_state()
Channel sofia/internal/[email protected] entering state
[terminated][415]
If I swap and A leg is set to have SRTP and B party does not it will
be setup with only the A leg having SRTP and the B leg being normal
RTP.
Let me know if you need any further info, or if this is a fault and
will need a jira ticket opened.
FreeSWITCH Version 1.0.trunk (13232)
Thanks,
Jim
_______________________________________________
Freeswitch-users mailing list
[email protected]
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
