[asterisk-dev] WSS on Same Endpoint with "Standard" UDP Device

Joshua Elson joshelson at gmail.com
Wed Sep 14 13:31:53 CDT 2016


Hey all-

I've been working on an Asterisk 13 PJSIP Realtime project that has a
requirement to have a WebSocket WSS client attached to the same ps_endpoint
device as a "standard" UDP device.

The following settings will make a WebRTC client work properly:

ice_support = yes
use_avpf = yes
force_avpf = no
media_use_received_transport = yes
media_encryption = dtls
media_encryption_optimistic = yes

A normal UDP endpoint must have these settings:

ice_support = no
use_avpf = no
force_avpf = no
media_use_received_transport = yes
media_encryption = dtls
media_encryption_optimistic = yes

So the net of it is that ice_support and use_avpf being enabled will break
a standard unencrypted SIP/UDP endpoint and vice versa.

Back in the chan_sip days, we had these settings:

Set(CHANNEL(secure_bridge_signaling)=1)
Set(CHANNEL(secure_bridge_media)=1)

Which could somewhat perform the function of ensuring encrypted calls, but
those don't quite match up to PJSIP stack and weren't implemented on this
channel type anyway.

Just curious if you guys would have any ideas about implementing some sort
of a knob to change those two settings on the fly in something like a
predial hook in dialplan, or have other ideas on how to make this work
better.  We can somewhat hack around this with SQL views and other magic,
but there are other negative effects from doubling the size of our endpoint
and AOR tables for two fields.

Happy to do some development, but want to make sure I'm thinking about the
problem correctly and the solution would have some utility outside my
particular use case.

Thoughts?

Josh
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20160914/6f93eade/attachment.html>


More information about the asterisk-dev mailing list