PS: I'm not sure attachments are allowed on the mailing list. If not, feel free to contact me privately for the patch and more info.
Lorenzo 2013/12/4 Lorenzo Miniero <[email protected]> > Hi Nitesh, > > my chan_sip is rather messy right now, as I changed several things due to > other experiments as well. I tried to prepare a patch that only allegedly > covers the DTLS experiments: just beware that it is for asterisk-11.1.2 and > so you may need to tweak it a bit for your case. Anyway, what I did with > respect to DTLS in chan_sip as you can see wasn't much (as I explained in > that report, most of the SDP manipulation I did in my webapp), so just to > summarize: > > 1. I moved the DTLS initialization after the RTCP stuff, for the > reasons explained in the report; > 2. I made sure that sha-256 fingerprints (sent by Chrome and Firefox) > were accepted by the parser, and that sha-256 fingerprints were added in > the reply too (this needs a change in the RTP engine, of course, which by > default generates sha-1 fingerprints); > 3. a couple of fixes to an incorrect SAVPF behaviour (the wrong crypto > context was used); > 4. an ugly hack to force DTLS if it is disabled in the configuration, > but you get a fingerprint in the SDP: I chose to do it this way as enabling > it in the configuration forces DTLS for all calls, which I didn't want. > > Hope that helps, let me know if you need any further help. > > Lorenzo > > > 2013/12/4 nitesh bansal <[email protected]> > >> Hi Lorenzo, >> >> Thanks for your response. Can you share your patch on chan_sip. >> >> Regards, >> Nitesh Bansal >> >> >> On Mon, Dec 2, 2013 at 4:09 PM, Lorenzo Miniero <[email protected]>wrote: >> >>> 2013/12/2 Mark Michelson <[email protected]> >>> >>>> On 12/02/2013 05:29 AM, nitesh bansal wrote: >>>> >>>>> Hello everybody, >>>>> >>>>> I want to setup a basic Demo of WebRTC using Asterisk as WebServer and >>>>> SRTP-DTLS. >>>>> I got the demo setup using SRTP-DES with chrome, chrome is porpoising >>>>> both DTLS and DES, >>>>> Asterisk responds with DES abd call is connected. >>>>> But i want asterisk to propose DTLS also in its response, can you >>>>> please tell me if asterisk supports DTLS and if yes, is there a wiki page >>>>> with the documentation? >>>>> I could not find any relevant wikipage. >>>>> >>>>> Regards, >>>>> Nitesh >>>>> >>>>> >>>> Asterisk supports DTLS. Your best bet for documentation at the moment >>>> is to look at configs/sip.conf.sample in Asterisk 11 and grep for >>>> "DTLS-SRTP CONFIGURATION". That will direct you to a section that explains >>>> the various DTLS-related configuration options for chan_sip. >>>> >>>> Mark Michelson >>>> >>>> >>> >>> Just as an additional cue point, you may also refer to the report I >>> wrote a few months ago on making DTLS work in my case. I don't know whether >>> or not some of those points eventually made it to the documentation, and >>> some of them may be obsolete (e.g., you definitely don't need the fake >>> crypto anymore), but they may be oh help nonetheless: >>> >>> http://lists.digium.com/pipermail/asterisk-dev/2013-May/060435.html >>> >>> Lorenzo >>> >>> >>> >>>> -- >>>> _____________________________________________________________________ >>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >>>> >>>> asterisk-dev mailing list >>>> To UNSUBSCRIBE or update options visit: >>>> http://lists.digium.com/mailman/listinfo/asterisk-dev >>>> >>> >>> >>> -- >>> _____________________________________________________________________ >>> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >>> >>> asterisk-dev mailing list >>> To UNSUBSCRIBE or update options visit: >>> http://lists.digium.com/mailman/listinfo/asterisk-dev >>> >> >> >> -- >> _____________________________________________________________________ >> -- Bandwidth and Colocation Provided by http://www.api-digital.com -- >> >> asterisk-dev mailing list >> To UNSUBSCRIBE or update options visit: >> http://lists.digium.com/mailman/listinfo/asterisk-dev >> > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
