Summary: | ASTERISK-16743: SRTP does not work if used togather with TLS | ||
Reporter: | Catalina (snomtest) | Labels: | |
Date Opened: | 2010-09-28 05:11:01 | Date Closed: | 2011-06-07 14:00:52 |
Priority: | Major | Regression? | No |
Status: | Closed/Complete | Components: | Resources/res_srtp |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ( 0) asterisklog.txt ( 1) asterisklogREPLICATED.txt ( 2) extensions.conf ( 3) pcap_trace_asterisk.pcap ( 4) pcap_trace_asteriskREPLICATED.pcap ( 5) sip.conf | |
Description: | I am testing snom phones with asterisk 1.8. I configured SRTP and managed to make it work. But as soon as I configured TLS as well, SRTP stopped working. Once I removed TLS, SRTP works again. ****** ADDITIONAL INFORMATION ****** asterisk18:/usr/src# svn info asterisk-1.8/ Path: asterisk-1.8 URL: http://svn.asterisk.org/svn/asterisk/branches/1.8 Repository Root: http://svn.asterisk.org/svn/asterisk Repository UUID: f38db490-d61c-443f-a65b-d21fe96a405b Revision: 288711 Node Kind: directory Schedule: normal Last Changed Author: tilghman Last Changed Rev: 288640 Last Changed Date: 2010-09-23 23:42:37 -0400 (Thu, 23 Sep 2010) | ||
Comments: | By: Catalina (snomtest) 2010-09-28 05:22:53 Please ignore the following attachments: asterisklog.txt pcap_trace_asterisk.pcap The correct logs are: pcap_trace_asteriskREPLICATED.pcap icon asterisklogREPLICATED.txt By: Leif Madsen (lmadsen) 2010-09-28 11:00:52 If you stopped using SRTP were you able to make TLS work? By: Catalina (snomtest) 2010-09-29 02:56:36 Yes. TLS works anyway. The problem is that I cannot get both TLS and SRTP to work at the same time. TLS without SRTP - works fine SRTP without TLS - works fine SRTP + TLS - only TLS works. SRTP is also negociated correctly but during tha call the trace shows only RTP packets an no SRTP packets By: Catalina (snomtest) 2010-09-29 03:50:29 I am afraid the source of my problem was Wireshark: during my tests, I used Wireshark to view the PCAP traces. Since the SIP packets were TLS, my Wireshark did not correctly decode them and misinterpreted the SRTP packets as being RTP. But actually the packets were always SRTP. I managed to get my Wireshark to decode everything correctly and my tests are now successfull. I can confirm now that asterisk 1.8 works with TLS+SRTP on snom phones By: Catalina (snomtest) 2010-09-29 03:51:02 Can I close this bug or will you close it? By: Leif Madsen (lmadsen) 2010-10-04 12:32:51 Thanks for the follow up! Closing the issue. |