cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Get the latest new and information the November issue of the Cisco Small Business Monthly Newsletter

434
Views
0
Helpful
0
Replies
Highlighted
Beginner

SRTP BUG in spa5xx firmware 7.5.5

Hi,

there seems to be a bug in spa5xx 7.5.5 firmware related to srtp.

scenario

2 SPA504G phones connected to freeswitch with s-descriptor on srtp method and secure call settings ON

freeswitch by default will offer both RTP/SAVP and RTP/AVP when briding the call to phone B.

phone A calls phone B with srtp enabled.

freeswitch accepts the call and bridges the call to phone b.

since phone A started the call with srtp, freeswitch passes to phone B the option to secure the call and sends both RTP/SAVP and RTP/AVP

o=FreeSWITCH 1380857320 1380857321 IN IP4 192.168.16.128

s=FreeSWITCH

c=IN IP4 192.168.16.128

t=0 0

m=audio 22742 RTP/SAVP 0 8 9 4 101 13

a=rtpmap:101 telephone-event/8000

a=fmtp:101 0-16

a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:TT94irJQHRiPIKBxxjHiCSa15oyOhSm0Q+94UcpA

a=ptime:30

a=sendrecv

m=audio 22742 RTP/AVP 0 8 9 4 101 13

a=rtpmap:101 telephone-event/8000

a=fmtp:101 0-16

a=ptime:30

a=sendrecv

when this happens , phone will freeze and will not accept any key input (menu, numbers, etc) or calls.

the only way is to turn off/on

there is a parameter in freeswitch that allows to offer only RTP/SAVP and in that case it works very well with both sides of call being secure.

i think the phone B should check both RTP/SAVP  RTP/AVP and choose accordinly to his setup because, we don't have a way to know in advance if the phone has srtp enabled and would like to offer both methods (this works with other ip phones and softphones)

any comments ?

cheers

Everyone's tags (4)