[asterisk-users] srtp issue
Szasz Szabolcs
szasz.szabolcs at gmail.com
Fri Oct 2 04:10:32 CDT 2009
Hi,
I have set up an asterisk with TLS and SRTP support. The SRTP is working
with Phonerlite softphone. I have problem with the SRTP, when I make calls
on Audiocodes gateway . I got the folloowing messages on asterisk:
[Oct 2 10:59:48] NOTICE[24868]: sdp_crypto.c:232 sdp_crypto_process: Crypto
life time unsupported: crypto:1 AES_CM_128_HMAC_SHA1_80
inline:SL+jOTOj8J1jTFgC+ETx5ORfFEWB5kxk5Ysr0XcI|2^31
[Oct 2 10:59:48] NOTICE[24868]: sdp_crypto.c:242 sdp_crypto_process: SRTP
crypto offer not acceptable
[Oct 2 10:59:48] NOTICE[24868]: sdp_crypto.c:232 sdp_crypto_process: Crypto
life time unsupported: crypto:2 AES_CM_128_HMAC_SHA1_32
inline:TyBSx7QAdczhqkuh+/eK2dWEH3c9sq7qa8r9FycS|2^31
[Oct 2 10:59:48] NOTICE[24868]: sdp_crypto.c:242 sdp_crypto_process: SRTP
crypto offer not acceptable
[Oct 2 10:59:48] WARNING[24868]: chan_sip.c:7939 process_sdp: Can't provide
secure audio requested in SDP offer
What means this?
By debugging sip messages:
<--- SIP read from TLS:UA_IP_ADDRESS:60415 --->
INVITE sips:202 at AST_IP_ADDRESS;user=phone SIP/2.0
Via: SIP/2.0/TLS 192.168.105.199:5051;branch=z9hG4bKac781732149;alias
Max-Forwards: 70
From: "201" <sips:201 at sdft;user=phone>;tag=1c781729204
To: <sips:202 at AST_IP_ADDRESS;user=phone>
Call-ID: 781728720312000192946 at 192.168.105.199
CSeq: 1 INVITE
Contact: <sips:201 at 192.168.105.199:5051;user=phone;transport=tls>
Supported:
em,100rel,timer,replaces,path,early-session,resource-priority,sdp-anat
Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE
User-Agent: Audiocodes-Sip-Gateway-Vox-Evo MP-118/v.5.60A.024.003
Content-Type: application/sdp
Content-Disposition: session
Content-Length: 528
v=0
o=AudiocodesGW 781713142 781713021 IN IP4 192.168.105.199
s=Phone-Call
c=IN IP4 192.168.105.199
t=0 0
m=audio 6000 RTP/SAVP 0 8 18 4 96
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:4 G723/8000
a=fmtp:4 annexa=no
a=rtpmap:96 telephone-event/8000
a=fmtp:96 0-15
a=ptime:20
a=sendrecv
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:EFG/GFJBnNMdfJ2/hBCyJmgdPS6MNkuOscQEJR3E|2^31
a=crypto:2 AES_CM_128_HMAC_SHA1_32
inline:IdPMZ5yfypyQPt2q0HPYnVojTSWj1el7cOB6LOEq|2^31
<------------->
--- (14 headers 19 lines) ---
Using INVITE request as basis request -
781728720312000192946 at 192.168.105.199
Found peer '201' for '201' from UA_IP_ADDRESS:60415
sbc06*CLI>
<--- Reliably Transmitting (NAT) to UA_IP_ADDRESS:60415 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 192.168.105.199:5051
;branch=z9hG4bKac781732149;alias;received=UA_IP_ADDRESS
From: "201" <sips:201 at sdft;user=phone>;tag=1c781729204
To: <sips:202 at AST_IP_ADDRESS;user=phone>;tag=as1bf72d42
Call-ID: 781728720312000192946 at 192.168.105.199
CSeq: 1 INVITE
Server: Asterisk PBX SVN-group-srtp-r183146-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces, timer
WWW-Authenticate: Digest algorithm=MD5, realm="asterisk", nonce="526064ea"
Content-Length: 0
<------------>
Scheduling destruction of SIP dialog '781728720312000192946 at 192.168.105.199'
in 32000 ms (Method: INVITE)
sbc06*CLI>
<--- SIP read from TLS:UA_IP_ADDRESS:60415 --->
ACK sips:202 at AST_IP_ADDRESS;user=phone SIP/2.0
Via: SIP/2.0/TLS 192.168.105.199:5051;branch=z9hG4bKac781732149;alias
Max-Forwards: 70
From: "201" <sips:201 at sdft;user=phone>;tag=1c781729204
To: <sips:202 at AST_IP_ADDRESS;user=phone>;tag=as1bf72d42
Call-ID: 781728720312000192946 at 192.168.105.199
CSeq: 1 ACK
Contact: <sips:201 at 192.168.105.199:5051;user=phone;transport=tls>
Supported: em,timer,replaces,path,early-session,resource-priority
Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE
User-Agent: Audiocodes-Sip-Gateway-Vox-Evo MP-118/v.5.60A.024.003
Content-Length: 0
<------------->
--- (12 headers 0 lines) ---
sbc06*CLI>
<--- SIP read from TLS:UA_IP_ADDRESS:60415 --->
INVITE sips:202 at AST_IP_ADDRESS;user=phone SIP/2.0
Via: SIP/2.0/TLS 192.168.105.199:5051;branch=z9hG4bKac781931225;alias
Max-Forwards: 70
From: "201" <sips:201 at sdft;user=phone>;tag=1c781729204
To: <sips:202 at AST_IP_ADDRESS;user=phone>
Call-ID: 781728720312000192946 at 192.168.105.199
CSeq: 2 INVITE
Authorization: Digest
username="201",realm="asterisk",nonce="526064ea",uri="sips:202 at AST_IP_ADDRESS
",algorithm=MD5,response="64f012c1334a4eb355f256c2569c61f6"
Contact: <sips:201 at 192.168.105.199:5051;user=phone;transport=tls>
Supported:
em,100rel,timer,replaces,path,early-session,resource-priority,sdp-anat
Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE
User-Agent: Audiocodes-Sip-Gateway-Vox-Evo MP-118/v.5.60A.024.003
Content-Type: application/sdp
Content-Disposition: session
Content-Length: 528
v=0
o=AudiocodesGW 781713142 781713021 IN IP4 192.168.105.199
s=Phone-Call
c=IN IP4 192.168.105.199
t=0 0
m=audio 6000 RTP/SAVP 0 8 18 4 96
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:4 G723/8000
a=fmtp:4 annexa=no
a=rtpmap:96 telephone-event/8000
a=fmtp:96 0-15
a=ptime:20
a=sendrecv
a=crypto:1 AES_CM_128_HMAC_SHA1_80
inline:EFG/GFJBnNMdfJ2/hBCyJmgdPS6MNkuOscQEJR3E|2^31
a=crypto:2 AES_CM_128_HMAC_SHA1_32
inline:IdPMZ5yfypyQPt2q0HPYnVojTSWj1el7cOB6LOEq|2^31
<------------->
--- (15 headers 19 lines) ---
Sending to UA_IP_ADDRESS : 60415 (NAT)
Using INVITE request as basis request -
781728720312000192946 at 192.168.105.199
Found peer '201' for '201' from UA_IP_ADDRESS:60415
Found RTP audio format 0
Found RTP audio format 8
Found RTP audio format 18
Found RTP audio format 4
Found RTP audio format 96
Peer audio RTP is at port 192.168.105.199:6000
Found audio description format PCMU for ID 0
Found audio description format PCMA for ID 8
Found audio description format G729 for ID 18
Found audio description format G723 for ID 4
Found audio description format telephone-event for ID 96
[Oct 2 08:37:48] NOTICE[23034]: sdp_crypto.c:232 sdp_crypto_process: Crypto
life time unsupported: crypto:1 AES_CM_128_HMAC_SHA1_80
inline:EFG/GFJBnNMdfJ2/hBCyJmgdPS6MNkuOscQEJR3E|2^31
[Oct 2 08:37:48] NOTICE[23034]: sdp_crypto.c:242 sdp_crypto_process: SRTP
crypto offer not acceptable
[Oct 2 08:37:48] NOTICE[23034]: sdp_crypto.c:232 sdp_crypto_process: Crypto
life time unsupported: crypto:2 AES_CM_128_HMAC_SHA1_32
inline:IdPMZ5yfypyQPt2q0HPYnVojTSWj1el7cOB6LOEq|2^31
[Oct 2 08:37:48] NOTICE[23034]: sdp_crypto.c:242 sdp_crypto_process: SRTP
crypto offer not acceptable
[Oct 2 08:37:48] WARNING[23034]: chan_sip.c:7939 process_sdp: Can't provide
secure audio requested in SDP offer
sbc06*CLI>
<--- Reliably Transmitting (NAT) to UA_IP_ADDRESS:60415 --->
SIP/2.0 488 Not acceptable here
Via: SIP/2.0/TLS 192.168.105.199:5051
;branch=z9hG4bKac781931225;alias;received=UA_IP_ADDRESS
From: "201" <sips:201 at sdft;user=phone>;tag=1c781729204
To: <sips:202 at AST_IP_ADDRESS;user=phone>;tag=as1bf72d42
Call-ID: 781728720312000192946 at 192.168.105.199
CSeq: 2 INVITE
Server: Asterisk PBX SVN-group-srtp-r183146-/trunk
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces, timer
Content-Length: 0
<------------>
Scheduling destruction of SIP dialog '781728720312000192946 at 192.168.105.199'
in 32000 ms (Method: INVITE)
sbc06*CLI>
<--- SIP read from TLS:UA_IP_ADDRESS:60415 --->
ACK sips:202 at AST_IP_ADDRESS;user=phone SIP/2.0
Via: SIP/2.0/TLS 192.168.105.199:5051;branch=z9hG4bKac781931225;alias
Max-Forwards: 70
From: "201" <sips:201 at sdft;user=phone>;tag=1c781729204
To: <sips:202 at AST_IP_ADDRESS;user=phone>;tag=as1bf72d42
Call-ID: 781728720312000192946 at 192.168.105.199
CSeq: 2 ACK
Contact: <sips:201 at 192.168.105.199:5051;user=phone;transport=tls>
Supported: em,timer,replaces,path,early-session,resource-priority
Allow:
REGISTER,OPTIONS,INVITE,ACK,CANCEL,BYE,NOTIFY,PRACK,REFER,INFO,SUBSCRIBE,UPDATE
User-Agent: Audiocodes-Sip-Gateway-Vox-Evo MP-118/v.5.60A.024.003
Content-Length: 0
Thanks in advance
Szasz Szabolcs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20091002/4a450177/attachment.htm
More information about the asterisk-users
mailing list