[SR-Users] No secure attributes from rtpengine in SRTP/RTP bridge mode
Alexey Rybalko
alexey.rybalko at gmail.com
Sat Apr 26 23:32:26 CEST 2014
Hi, Richard!
Thank you for quick feedback!
There is no such attribute in SDP payload from the latest Mozilla (v.29).
v=0
o=Mozilla-SIPUA-29.0 371 0 IN IP4 0.0.0.0
s=SIP Call
t=0 0
a=ice-ufrag:083b4837
a=ice-pwd:dac461d48770be5e1dae6c450e144bf3
a=fingerprint:sha-256
C3:AA:DB:75:D7:60:FC:B6:94:A7:81:4F:74:A2:FF:44:4B:17:AE:D3:64:37:37:D1:AC:1A:F5:D4:86:1E:4F:7A
m=audio 52775 RTP/SAVPF 109 0 8 101
c=IN IP4 192.168.0.101
a=rtpmap:109 opus/48000/2
a=ptime:20
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=sendrecv
a=setup:actpass
a=candidate:0 1 UDP 2130444543 192.168.0.101 52775 typ host
a=candidate:0 2 UDP 2130444542 192.168.0.101 63139 typ host
a=rtcp-mux
But it presents in SDP from Chrome (v.34)
v=0 o=- 1634904605592690072 2 IN IP4 127.0.0.1 s=- t=0 0 a=group:BUNDLE
audio a=msid-semantic: WMS C8ATLgPd2jIcc5q799L9XU3rTROMajedYbdI m=audio
51817 RTP/SAVPF 111 103 104 0 8 106 105 13 126 c=IN IP4 192.168.0.101
a=rtcp:51817 IN IP4 192.168.0.101 a=candidate:3350409123 1 udp 2122260223
192.168.0.101 51817 typ host generation 0 a=candidate:3350409123 2 udp
2122260223 192.168.0.101 51817 typ host generation 0 a=candidate:2301678419
1 tcp 1518280447 192.168.0.101 0 typ host generation 0
a=candidate:2301678419 2 tcp 1518280447 192.168.0.101 0 typ host generation
0 a=ice-ufrag:WyHALLFH6CaQmCIA a=ice-pwd:9BMkH9d7D9pfSjZmLSkunxrW
a=ice-options:google-ice a=fingerprint:sha-256
46:6E:E0:18:4A:C5:06:A8:26:85:ED:FE:16:C1:86:5E:8D:BC:4D:D9:F2:1A:75:81:A1:A7:CE:5A:79:4D:B7:22
*a=setup:actpass* a=mid:audio a=extmap:1
urn:ietf:params:rtp-hdrext:ssrc-audio-level a=sendrecv a=rtcp-mux
a=crypto:0 AES_CM_128_HMAC_SHA1_32
inline:cDj0wVDUUZ/1etNd9MFQjeqwn/ii3RsxQLraXUln a=crypto:1
AES_CM_128_HMAC_SHA1_80 inline:KKzZx0iwM2udfGNv+pBoB/BDVBvsFsMcQczVZDOQ ....
No success for both browsers. It's should be noticed that Chrome provides
both SDES ("crypto") and DTLS ("fingerprint"+"setup:actpass") attibutes
(does DTLS have priority in a such case?). However rtpengine doesn't
provide such SRTP data. May be any suggestions?
kind regards,
Alexey
2014-04-25 18:02 GMT+04:00 Richard Fuchs <rfuchs at sipwise.com>:
> Hi,
>
> Can you check if the original offer contains an "a=setup:actpass"
> attribute? I remember Firefox having a problem with this in some
> version. This attribute is required for DTLS-SRTP and Firefox was not
> sending it. It's fixed in later versions.
>
> cheers
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140427/a1088d2b/attachment.html>
More information about the sr-users
mailing list