[asterisk-bugs] [JIRA] (ASTERISK-20234) SRTP not working with some devices (Eg snom320) - Message "We are requesting SRTP for audio, but they responded without it!"
Alexander Traud (JIRA)
noreply at issues.asterisk.org
Fri Jul 25 01:33:56 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-20234?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alexander Traud updated ASTERISK-20234:
---------------------------------------
Attachment: srtp_patches_Asterisk12.diff
Although the attached patch still works today, I added a variant for Asterisk 12 which does not raise any questions/warnings by {{patch}}.
Optional SRTP is quite useful in combination with [RFC 3263|http://tools.ietf.org/html/rfc3263] and direct URI calling: The SIP user-agent queries DNS NAPTR to determine which transport is preferred by the SIP proxy (normally TLS over TCP over UDP). Then, the SIP user-agent uses DNS SRV to find the port and server. All this is determined from the domain part of the SIP-URI. In such a case, no outbound proxy is required.
On a SIP user-agent, this RFC allows:
SIP transport: Automatic
Media transport: SRTP preferred
This is not yet supported by Asterisk, but this is the rationale behind automatic/optional on some user-agents; those clients always use the best encryption offered by the remote proxy. If Asterisk is the fall-back outbound proxy for such a client and if Asterisk *requires* encryption, direct URI calling *breaks*.
Therefore, once again, thank you for this patch. With this my SIP user-agents are still able to do direct URI calling, still trying to negotiate TLS/SRTP.
> SRTP not working with some devices (Eg snom320) - Message "We are requesting SRTP for audio, but they responded without it!"
> ----------------------------------------------------------------------------------------------------------------------------
>
> Key: ASTERISK-20234
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-20234
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/SRTP
> Affects Versions: 10.7.0
> Environment: RHEL5 linux 2.6.18-308.11.1.el5
> Reporter: tootai
> Assignee: tootai
> Attachments: asterisk-20234-sip.conf, full, srtp_patches_Asterisk12.diff, srtp_patches.diff
>
>
> As you can see, snom 320 (latest stable firmware snom320-SIP 8.7.3.10) is annoncing crypto but asterisk doesn't recognize it.
> [Edit by Rusty Newton - removed debug excerpt since full log is now attached]
> And call is not accepted
> --
> Daniel
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list