[asterisk-bugs] [JIRA] (ASTERISK-25659) res_rtp_asterisk: ECDH not negotiated causing DTLS failure occurred on RTP instance
Edwin Vandamme (JIRA)
noreply at issues.asterisk.org
Wed Jun 29 03:30:58 CDT 2016
[ https://issues.asterisk.org/jira/browse/ASTERISK-25659?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=231235#comment-231235 ]
Edwin Vandamme commented on ASTERISK-25659:
-------------------------------------------
I tried the source from https://www.openssl.org/, at the time that would have been version 1.0.2e.
To make sure I did not make a mistake during installing this version, I will set up a test environment to try this again.
This is not the kind of thing I like to try on an intended production server.
In case this works, I will file a bug report at CentOS.
Yes I tried your patches, but I have the same error.
As my test PC also uses CentOS 7.2, I verified Chrome on a Windows PC and that has the same issues.
There is an OpenSSL upgrade (v1.0.1e-51) for CentOS.
For some reason this version also displays "OpenSSL 1.0.1e-fips 11 Feb 2013", though file date is May 9 2016.
Unfortunately, no fix for the problem.
> res_rtp_asterisk: ECDH not negotiated causing DTLS failure occurred on RTP instance
> -----------------------------------------------------------------------------------
>
> Key: ASTERISK-25659
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25659
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_rtp_asterisk
> Affects Versions: 11.22.0, 13.9.1
> Environment: Using the following on the server :
> CentOS 7.2 2015-11
> Asterisk 13.6 2015-10
> jansson 2.7 2014-10-02
> PJSIP (pjproject) 2.4.5 2015-08-12
> sipML5 2.0.2 2015-12
> Using the following on the client :
> CentOS 7.2 KDE desktop
> Chrome Version 47.0.2526.106 (64-bit)
> Reporter: Edwin Vandamme
> Assignee: Alexander Traud
> Severity: Minor
> Attachments: asterisk.log, dtls_centos_step_1.patch, dtls_centos_step_2.patch, ecdh.patch
>
>
> This issue has been on the forum for over a week, but I did not get any feedback, http://forums.asterisk.org/viewtopic.php?f=1&t=96461&sid=528c724d236a38e60e868817462c6f26, so I have now escalated this as a bug report.
> Using the described environment, I get the following error in my Asterisk log :
> res_rtp_asterisk.c: DTLS failure occurred on RTP instance '0x7fe8c8024178' due to reason 'missing tmp ecdh key', terminating
> res_rtp_asterisk.c: RTP Read error: Unspecified. Hanging up.
> An earlier bug report listed this as a problem on FireFox : ASTERISK-25265
> It is said to be fixed in 13.6
> WebRTC is not yet in production on my system, due to the constant changes, but in earlier tests everything worked fine. As far as I can tell, it all started when Chrome forced the usage of https over http.
> Dialing from a WebRTC peer to Asterisks works just fine.
> For various reasons I use sip.conf, not pjsip.conf.
> Certificates used are propper certificates, not self signed versions.
> I attached (asterisk.log) part of the Asterisk log file with "sip debug on", start of call till failure.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list