[asterisk-bugs] [JIRA] (ASTERISK-24205) DTLS-SRTP fails on SIP over WebSockets call from SIPML5(chrome) to Asterisk

Matt Jordan (JIRA) noreply at issues.asterisk.org
Thu Aug 14 10:33:29 CDT 2014 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-24205?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=221670#comment-221670 ] 

Matt Jordan commented on ASTERISK-24205:
----------------------------------------

I'm not sure this is a bug in Asterisk. The part where {{res_rtp_asterisk}} kicks out with the {{ERROR}} is due to {{SSL_Read}} returning an error, indicating that we couldn't read any data.

Looking at the {{pcap}}, I don't see any RTP packets flowing from the WebRTC client to Asterisk: so it's not surprising the {{SSL_Read}} would fail. Looking at the {{pcap}}, we attempted a DTLS handshake with 216.207.245.1, which is what the WebRTC client negotiated with us in the SDP:

{noformat}
�s=Doubango Telecom - chrome
�t=0 0
�a=group:BUNDLE audio
�a=msid-semantic: WMS zuV29lbCYPzZB9jBD6aWxIkJI6goGK9CUgn1
�m=audio 38999 UDP/TLS/RTP/SAVPF 111 103 104 0 8 106 105 13 126
�c=IN IP4 216.207.245.1
�a=rtcp:38999 IN IP4 216.207.245.1
{noformat}

However, as we can tell from the later STUN checks (as this is also an ICE candidate), the IP address/port negotiated with Asterisk is unreachable:

{noformat}
[Aug 11 16:53:21] DEBUG[31556] pjsip: 	icess0x7fafa00 .Sending connectivity check for check 2: [1] 10.24.18.124:16208-->216.207.245.1:38999
[Aug 11 16:53:21] DEBUG[31556] pjsip: 	stuse0x7fafa00 ...TX 144 bytes STUN message to 216.207.245.1:38999:
--- begin STUN message ---
STUN Binding request
 Hdr: length=124, magic=2112a442, tsx_id=00007b212bd74ba855651f94
 Attributes:
  PRIORITY: length=4, value=1862270975 (0x6effffff)
  ICE-CONTROLLED: length=8, data=79096e8043510184
  SOFTWARE: length=0, value="pjnath-2.2.1"
  USERNAME: length=0, value="ewmqYw3SxymyweLI:106e517c25a1e1030ddb32f52c5938a2"
  MESSAGE-INTEGRITY: length=20, data=856be49a5b68ec91fcab17cd13dbec779cfeafee
  FINGERPRINT: length=4, value=589471175 (0x23229dc7)
--- end of STUN message ---
{noformat}

...

{noformat}
[Aug 11 16:53:21] DEBUG[31812][C-00000000] pjsip: 	icess0x7fafa00 .Check 3: [2] 10.24.18.124:16209-->216.207.245.1:38999 to be failed because state is Waiting
[Aug 11 16:53:21] DEBUG[31812][C-00000000] pjsip: 	icess0x7fafa00 .Check 3: [2] 10.24.18.124:16209-->216.207.245.1:38999: state changed from Waiting to Failed
{noformat}

This matches what the pcap tells us.

This appears to be a bug in SIPml5 and/or a networking issue. It shouldn't be negotiating an unreachable IP address/port, or there is something in the network preventing us from reaching the offered IP address/port.

> DTLS-SRTP fails on SIP over WebSockets call from SIPML5(chrome) to Asterisk
> ---------------------------------------------------------------------------
>
>                 Key: ASTERISK-24205
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-24205
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General, Channels/chan_sip/WebSocket
>    Affects Versions: SVN, 12.4.0
>         Environment: Asterisk SVN-branch-12-r420805 (August 11th 2014), Chrome (38.0.2114.2 dev), Chrome (36.0.1985.125). SIPML5 live demo (?svn=224)
>            Reporter: Rusty Newton
>         Attachments: full_2.pcap, full_2.txt, full.txt, sip.conf.txt, sipDtls.conf
>
>
> Attempting to make a call from SIPML5 in Chrome to a Playback of demo-congrats in Asterisk. Call fails upon hitting the playback.
> {noformat}
>   == Using SIP RTP CoS mark 5
>     -- Executing [1000 at default:1] Answer("SIP/354-00000004", "") in new stack
>     -- Executing [1000 at default:2] Playback("SIP/354-00000004", "demo-congrats") in new stack
>     -- <SIP/354-00000004> Playing 'demo-congrats.gsm' (language 'en')
> [Aug 11 16:28:52] ERROR[31257][C-00000004]: res_rtp_asterisk.c:1732 __rtp_recvfrom: DTLS failure occurred on RTP instance '0x7f6540009138' due to reason '(null)', terminating
> [Aug 11 16:28:52] WARNING[31257][C-00000004]: res_rtp_asterisk.c:3944 ast_rtp_read: RTP Read error: Unspecified.  Hanging up.
> [Aug 11 16:28:52] WARNING[31257][C-00000004]: app_playback.c:493 playback_exec: Playback failed on SIP/354-00000004 for demo-congrats
> {noformat}
> Once Asterisk hits the sound, we see a DTLS failure and the call disconnects.
> Attached full debug file with SIP trace.
> h2. Environment detail:
> Asterisk SVN-branch-12-r420805 (August 11th 2014), Chrome (38.0.2114.2 dev), Chrome (36.0.1985.125). SIPML5 live demo (?svn=224) 
> Machines involved:
>  * Chrome(SIPML5) at 10.24.17.254
>  * Asterisk at 10.24.18.124



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list