[asterisk-dev] SIP Secure and Annouced Transfert Asterisk 1.8 Trunk.

Alec Davis sivad.a at paradise.net.nz
Mon Feb 21 12:12:12 CST 2011 

Bernard: Please check bug https://issues.asterisk.org/view.php?id=18837
There you will find bug18837.diff2.txt

Others: Please review the patch and comment. It's tested and works, but I
don't actually like the unlock and relock of the 'pvt' that I've done around
the call to 'transmit_reinvite_with_sdp'().

It's a simple deadlock between 
=== Thread ID: -1292625008 (do_monitor started at [24470] chan_sip.c
restart_monitor())
=== ---> Lock #0 (chan_sip.c): MUTEX 23964 handle_request_do &netlock
0xb6796e80 (1)
=== ---> Lock #1 (channel.c): MUTEX 6211 ast_do_masquerade channels
0x8d4e0c8 (1)
=== ---> Lock #2 (channel.c): MUTEX 6214 ast_do_masquerade original
0xbd98f48 (1)
=== ---> Lock #3 (channel.c): MUTEX 6234 ast_do_masquerade clonechan
0xb24bf7d0 (1)
=== ---> Waiting for Lock #4 (chan_sip.c): MUTEX 6164 sip_fixup p 0xb24bab10
(1)
=== --- ---> Locked Here: chan_sip.c line 27632 (sip_set_rtp_peer)

=== -------------------------------------------------------------------
===
=== Thread ID: -1315861616 (pbx_thread started at [ 5035] pbx.c
ast_pbx_start())
=== ---> Lock #0 (chan_sip.c): MUTEX 27632 sip_set_rtp_peer p 0xb24bab10 (1)
=== ---> Waiting for Lock #1 (pbx.c): MUTEX 9467 pbx_builtin_getvar_helper
chan 0xb24bf7d0 (1)
=== --- ---> Locked Here: channel.c line 6234 (ast_do_masquerade)

Alec Davis

> -----Original Message-----
> From: asterisk-dev-bounces at lists.digium.com 
> [mailto:asterisk-dev-bounces at lists.digium.com] On Behalf Of 
> Bernard Merindol(F)
> Sent: Tuesday, 22 February 2011 6:09 a.m.
> To: Asterisk Mailing List Developers
> Subject: [asterisk-dev] SIP Secure and Annouced Transfert 
> Asterisk 1.8 Trunk.
> 
> Hi All,
> 
> I continue to test Asterisk 1.8 for announced Transfert.
> 
> I works with the Trunk version 
> 
> Connected to Asterisk SVN-trunk-r308371 currently running on 
> c3devsecure
> 
> For normal SIP I have a work around for announced transfert, 
> if I configure all phones without directmedia 
> (directmedia=no) the announced transfert works fine. With 
> direct media not works see 
> 
> https://issues.asterisk.org/view.php?id=18468
> 
> But, if I test the same configuration with SIPS and SRTP the 
> announced transfert not works The tree phones is configured 
> with encryption=yes directmedia=no transport=tls
> 
> A Call B
> B Annouce to C
> When B finish Transfert, the channels is connected between A 
> to C but the RTP (SRTP in this case) is not works or works 
> only beetwen A to C. Newer audio form C to A.
> 
> On full we see :
> 
> [Feb 21 17:54:47] DEBUG[15231] chan_sip.c: Sip 
> transfer:-------------------- [Feb 21 17:54:47] DEBUG[15231] 
> chan_sip.c: -- Transferer to PBX channel: SIP/1001-0000004b 
> State Up [Feb 21 17:54:47] DEBUG[15231] chan_sip.c: -- 
> Transferer to PBX second channel (target): SIP/1001-0000004c 
> State Up [Feb 21 17:54:47] DEBUG[15231] chan_sip.c: -- 
> Bridged call to transferee: SIP/1000-0000004a State Up [Feb 
> 21 17:54:47] DEBUG[15231] chan_sip.c: -- Bridged call to 
> transfer target: SIP/1002-0000004d State Up [Feb 21 17:54:47] 
> DEBUG[15231] chan_sip.c: -- END Sip transfer:--------------------
> 
> 
> [Feb 21 17:54:47] WARNING[15703] res_srtp.c: SRTP unprotect: 
> authentication failure [Feb 21 17:54:47] WARNING[15703] 
> res_srtp.c: SRTP unprotect: authentication failure
> 
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: SIP response 200 
> to RE-invite on outgoing call 
> 474496ed441d4f0636c4e0c410f10ffe at 192.168.169.60:5061
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> session-level SDP v=0... UNSUPPORTED.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> session-level SDP o=MxSIP 0 1 IN IP4 192.168.169.211... UNSUPPORTED.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> session-level SDP s=SIP Call... UNSUPPORTED.
> [Feb 21 17:54:47] DEBUG[15227] netsock2.c: Splitting 
> '192.168.169.211' gives...
> [Feb 21 17:54:47] DEBUG[15227] netsock2.c: ...host 
> '192.168.169.211' and port '(null)'.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> session-level SDP c=IN IP4 192.168.169.211... OK.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> session-level SDP t=0 0... UNSUPPORTED.
> [Feb 21 17:54:47] VERBOSE[15227] chan_sip.c: [Feb 21 
> 17:54:47] Found RTP audio format 8 [Feb 21 17:54:47] 
> DEBUG[15227] rtp_engine.c: Setting payload 8 based on m type 
> on 0xb50b8fdc [Feb 21 17:54:47] VERBOSE[15227] chan_sip.c: 
> [Feb 21 17:54:47] Found RTP audio format 101 [Feb 21 
> 17:54:47] DEBUG[15227] rtp_engine.c: Setting payload 101 
> based on m type on 0xb50b8fdc [Feb 21 17:54:47] 
> VERBOSE[15227] chan_sip.c: [Feb 21 17:54:47] Found audio 
> description format PCMA for ID 8 [Feb 21 17:54:47] 
> DEBUG[15227] chan_sip.c: Processing media-level (audio) SDP 
> a=rtpmap:8 PCMA/8000... OK.
> [Feb 21 17:54:47] VERBOSE[15227] chan_sip.c: [Feb 21 
> 17:54:47] Found audio description format telephone-event for 
> ID 101 [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> media-level (audio) SDP a=rtpmap:101 telephone-event/8000... OK.
> [Feb 21 17:54:47] DEBUG[15227] res_srtp.c: Policy already 
> exists, not re-adding [Feb 21 17:54:47] WARNING[15227] 
> sip/sdp_crypto.c: Could not set local SRTP policy [Feb 21 
> 17:54:47] DEBUG[15227] chan_sip.c: Processing media-level 
> (audio) SDP a=crypto:1 AES_CM_128_HMAC_SHA1_80 
> inline:SkxXKDBrRzh1YzchbUZnKTk8a1RKUmEjfDNNUWAo... UNSUPPORTED.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> media-level (audio) SDP a=fmtp:101 0-15... UNSUPPORTED.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> media-level (audio) SDP a=ptime:20... OK.
> [Feb 21 17:54:47] DEBUG[15227] chan_sip.c: Processing 
> media-level (audio) SDP a=sendrecv... OK.
> 
> 
> [Feb 21 17:54:59] WARNING[15703] res_srtp.c: SRTP unprotect: 
> authentication failure [Feb 21 17:54:59] WARNING[15703] 
> res_srtp.c: SRTP unprotect: authentication failure [Feb 21 
> 17:54:59] WARNING[15703] res_srtp.c: SRTP unprotect: 
> authentication failure [Feb 21 17:54:59] WARNING[15703] 
> res_srtp.c: SRTP unprotect: authentication failure [Feb 21 
> 17:54:59] WARNING[15703] res_srtp.c: SRTP unprotect: 
> authentication failure [Feb 21 17:54:59] WARNING[15703] 
> res_srtp.c: SRTP unprotect: authentication failure [Feb 21 
> 17:54:59] WARNING[15703] res_srtp.c: SRTP unprotect: 
> authentication failure [Feb 21 17:54:59] WARNING[15703] 
> res_srtp.c: SRTP unprotect: authentication failure [Feb 21 
> 17:54:59] WARNING[15703] res_srtp.c: SRTP unprotect: 
> authentication failure
> 
> 
>  I search to get the old version with asterisk 1.6 to tes but 
> the svn not works
> 
> svn co 
> http://svn.digium.com/svn/asterisk/team/group/srtp_reboot/ 
> asterisk-srtp
> svn: URL 
> 'http://svn.digium.com/svn/asterisk/team/group/srtp_reboot' 
> doesn't exist
> 
> Thank for your help.
> 
> Best regards
> Bernard Merindol
> 
> 
> 
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-dev

More information about the asterisk-dev mailing list