[SR-Users] rtpengine - SRTP <> RTP missing a=crypto

Matthias Urlichs matthias at urlichs.de
Thu Mar 3 13:02:32 CET 2022


On 03.03.22 12:07, Rhys Hanrahan wrote:
>
> Any advice appreciated, as this is my first time dealing with SRTP 
> (and rtpengine). Feeling very stuck. Thanks!
>
Yeah, me too. ;-)

Basically you need to call "rtpengine_manage" with the correct 
parameter, i.e. either RTP/AVP or RTP/SAVP, based on whether audio to 
the destination of the message is to be encrypted or not. This applies 
to basically any message with "application/sdp" content, i.e. both the 
INVITE *and* the 183 or 200 reply.

Thus if you relay from encrypted to plaintext, the INVITE's handler 
needs to call rtpengine_manage("… RTP/AVP") and the response handler 
needs to call rtpengine_manage("… RTP/SAVP").

In my code I discover these settings (for both call source and 
destination) during the INVITE, then I save them in a couple of XAVU 
variables. All the other handlers just select source / destination based 
on whether the message's source IP address is the same as the INVITE's.

IMHO it's way easier to program the whole thing in Python instead of 
Kamailio's language. This in turn would be much simpler if Kamailio used 
threads instead of separate processes and shared memory, but apparently 
you can't have everything. :-P

-- 
-- Matthias Urlichs

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220303/a146d554/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: matthias.vcf
Type: text/x-vcard
Size: 4 bytes
Desc: not available
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220303/a146d554/attachment.vcf>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220303/a146d554/attachment.sig>


More information about the sr-users mailing list