SRTP
hoisinboi:
Ok, I got it working. Turns out that I had to compile from libsrtp (http://srtp.sourceforge.net/download.html) instead of relying on the ubuntu repo (libsrtp0-dev). I didn't have to use the fPIC CFLAG option.
I've attached the patch for ignorecryptolifetime that I modified for Asterisk 11.7.0.
You have to have TLS set up and working in the first place. No need to import cert into the Obi, since there is no way to.
Code:
== Using SIP RTP CoS mark 5
[Feb 14 13:58:45] DEBUG[16102][C-00000000]: sip/sdp_crypto.c:285 sdp_crypto_process: Accepting crypto tag 1
[Feb 14 13:58:45] DEBUG[16102][C-00000000]: sip/sdp_crypto.c:310 sdp_crypto_offer: Crypto line: a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:3Ezr72xlH3KGxeH0IYFdZ59hc+OxE6M2IxFKH9ry
-- Executing [1703xxxxxxx@dialplan:1] Set("SIP/1000-00000000", "DIALEDNUMBER=1703xxxxxxx”) in new stack
[Feb 14 13:58:45] NOTICE[16107][C-00000000]: ast_expr2.y:763 compose_func_args: argbuf allocated 148 bytes;
[Feb 14 13:58:45] NOTICE[16107][C-00000000]: ast_expr2.y:782 compose_func_args: argbuf uses 147 bytes;
-- Executing [1703xxxxxxx@dialplan:2] GotoIf("SIP/1000-00000000", "0?d-Canada,1:d-USA,1") in new stack
-- Goto (dialplan,d-USA,1)
-- Executing [d-USA@dialplan:1] Macro("SIP/1000-00000000", "FallbackDial,1703xxxxxxx,USA") in new stack
-- Executing [s@macro-FallbackDial:1] Set("SIP/1000-00000000", "ARRAY(line1,line2,line3)=localphone,didlogic,anveo") in new stack
-- Executing [s@macro-FallbackDial:2] Dial("SIP/1000-00000000", "SIP/localphone/1703xxxxxxx") in new stack
== Using SIP RTP CoS mark 5
-- Called SIP/localphone/1703xxxxxxx
> 0xb6d0fad0 -- Probation passed - setting RTP source address to 69.87.158.8:52420
-- SIP/localphone-00000001 is making progress passing it to SIP/1000-00000000
[Feb 14 13:58:47] DEBUG[16107][C-00000000]: sip/sdp_crypto.c:310 sdp_crypto_offer: Crypto line: a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:3Ezr72xlH3KGxeH0IYFdZ59hc+OxE6M2IxFKH9ry
> 0xb6d0fad0 -- Probation passed - setting RTP source address to 69.87.158.8:52420
> 0xb6b247b0 -- Probation passed - setting RTP source address to 192.168.88.29:16614
-- SIP/localphone-00000001 is ringing
-- SIP/localphone-00000001 is making progress passing it to SIP/1000-00000000
-- SIP/localphone-00000001 answered SIP/1000-00000000
[Feb 14 13:58:54] DEBUG[16107][C-00000000]: sip/sdp_crypto.c:310 sdp_crypto_offer: Crypto line: a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:3Ezr72xlH3KGxeH0IYFdZ59hc+OxE6M2IxFKH9ry
== Spawn extension (macro-FallbackDial, s, 2) exited non-zero on 'SIP/1000-00000000' in macro 'FallbackDial'
== Spawn extension (dialplan, d-USA, 1) exited non-zero on 'SIP/1000-00000000'
giqcass:
Congratulations! In light or recent privacy concerns I'm sure other will find this useful.
hoisinboi:
I got ahead of myself. It looks like it only works on outbound. On inbound, it fails. I tested this with my Bria softphone and it works both ways, so it has to be something in the Obihai side. Perhaps it's looking for a cryptolifetime and Asterisk isn't sending one because it doesn't support it? Who knows. Will a developer please chime in?
rsriram22:
any updates on this.. i still do not know how to attach a certificate to obi if i want it to connect to my tls+SRTP enabled asterisk server like here https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial#SecureCallingTutorial-Part2%28SRTP%29
Goldenmeadow:
Hi!
I'm in the same boat. Need to establish connection to the server using TLS with certificate on OBi200. Any help?????
Navigation
[0] Message Index
[#] Next page
[*] Previous page