149 Commits

Author SHA1 Message Date
Mike Jerris
dc95ee3d66 Revert "FS-11052: Allow alias for crypto suites"
This reverts commit 7cc6d5f99d16d2d63cb2548dd7b8345d579b7e9f.
2018-07-24 07:21:52 +00:00
Mike Jerris
e58ff3392f FS-10853: remove extern that is no longer needed 2018-07-24 07:21:42 +00:00
Piotr Gregor
3a502eaf6e FS-11052: Allow alias for crypto suites
For outgoing calls send AES crypto in offer using corrected names
for keys of length 192 and 256, i.e. names containing _192_CM_
and _256_CM_ instead of _CM_192_ and CM_256_. For incoming calls
accept both naming conventions, decaying to same entry in SUITES.
2018-07-24 07:21:41 +00:00
Piotr Gregor
1fdd58f533 FS-10778: Add support for MKI to SRTP
MKI support for SRTP has been tested on calls to/from
Telnyx's Skype for Business from/to local extension registered to FS
and between Skype for Business clients connected to FreeSWITCH.

SfB -> FreeSWITCH -> User 1004
   SRTP           RTP
   with
   MKI

SfB <- FreeSWITCH <- User 1004
   SRTP           RTP

SfB <-> FreeSWITCH <-> SfB
 SRTP/MKI      SRTP/MKI

Channel variable "rtp_secure_media_mki" was added to drive offering
of MKI on outbound SRTP from FS.

How to use rtp_secure_media_mki

Set rtp_secure_media_mki=true to offer MKI for outgoing SRTP (if SRTP is used) in inbound call.
Export rtp_secure_media=true to offer MKI for outgoing SRTP (if SRTP is used) on outbound call.
... or set it in the codec string for bridged calls

<action application="set" data="rtp_secure_media_mki=true"/>

<action application="export" data="rtp_secure_media_mki=true"/>

<action application="bridge" data="[absolute_codec_string=^^:PCMU:PCMA:G729,rtp_secure_media=true,rtp_secure_media_mki=true]sofia/external/+12404373253@169.55.36.24:5060;transport=tls"/>

EXAMPLES

1. Set example

 57     <extension name="telnyx_test_1_2">
 58         <condition field="destination_number" expression="^(0012404373253)$">
 59             <action application="set" data="rtp_secure_media=true"/>
 60             <action application="set" data="rtp_secure_media_mki=true"/>
 61             <action application="answer"/>
 62             <action application="bridge" data="user/1004@${domain_name}"/>
 63       </condition>
 64   </extension>

Description: SRTP will be used on outbound leg in incoming call due to rtp_secure_media=true
set and MKI will be offered in SDP. SRTP will not be used on a bridged call to extension 1004.

2. Export example

 75   <extension name="to_skype_for_business">
 76       <condition field="destination_number" expression="^(840531022)$">
 77           <action application="set" data="rtp_secure_media=optional"/>
 78           <action application="export" data="rtp_secure_media_mki=true"/>
 79           <action application="bridge" data="[absolute_codec_string=^^:PCMU:PCMA:G729,rtp_secure_media=true]sofia/external/+12404373728@169.55.36.24:5060;transport=tls"/>
 80       </condition>
 81   </extension>

Description: SRTP on inbound call has been set to optional therefore MKI will be used
on outbound SRTP in this call if SRTP is used at all. SRTP will be used on a bridged call
due to rtp_secure_media=true set in codec string and MKI will be used in offering SDP.

3. Bridging between Skype for Business clients: set

 97     <extension name="S4B_fs_S4B">
 98         <condition field="destination_number" expression="^(0012404373254)$">
 99             <action application="set" data="rtp_secure_media=true"/>
100             <action application="set" data="rtp_secure_media_mki=true"/>
101             <action application="bridge" data="[absolute_codec_string=^^:PCMU:PCMA:G729,rtp_secure_media=true]sofia/external/+12404373253@169.55.36.$
102       </condition>
103   </extension>

Result:
2017-11-27 19:00:26.977704 [NOTICE] switch_ivr_originate.c:527 Ring Ready sofia/external/+12404373728@telnyxlab.com!
2017-11-27 19:00:32.657687 [NOTICE] switch_core_media.c:1534 Skipping MKI due to empty index
2017-11-27 19:00:32.657687 [INFO] switch_rtp.c:4079 Activating audio Secure RTP SEND
2017-11-27 19:00:32.657687 [INFO] switch_rtp.c:4057 Activating audio Secure RTP RECV
2017-11-27 19:00:32.657687 [NOTICE] sofia.c:8419 Channel [sofia/external/%2B12404373253@169.55.36.24:5060] has been answered
2017-11-27 19:00:35.317702 [INFO] switch_rtp.c:4079 Activating audio Secure RTP SEND (with MKI)
2017-11-27 19:00:35.317702 [INFO] switch_rtp.c:4057 Activating audio Secure RTP RECV (with MKI)
2017-11-27 19:00:35.317702 [NOTICE] sofia_media.c:92 Pre-Answer sofia/external/+12404373728@telnyxlab.com!

Description: SRTP with MKI is used on outbound leg of inbound call (due to use on inbound leg of this call and "set").
Standard SRTP is used in both legs of outbound call, because rtp_secure_media_mki wasn't exported
or set in codec string for the outbound call.

4. Bridging between Skype for Business clients: Set and export

 97     <extension name="S4B_fs_S4B">
 98         <condition field="destination_number" expression="^(0012404373254)$">
 99             <action application="set" data="rtp_secure_media=true"/>
100             <action application="set" data="rtp_secure_media_mki=true"/>
101             <action application="export" data="rtp_secure_media_mki=true"/>
102             <action application="bridge" data="[absolute_codec_string=^^:PCMU:PCMA:G729,rtp_secure_media=true]sofia/external/+12404373253@169.55.36.24:5060;transport=tls"/>
103       </condition>
104   </extension>

Result:
2017-11-27 18:51:29.017689 [NOTICE] switch_ivr_originate.c:527 Ring Ready sofia/external/+12404373728@telnyxlab.com!
2017-11-27 18:51:35.097729 [INFO] switch_rtp.c:4079 Activating audio Secure RTP SEND (with MKI)
2017-11-27 18:51:35.097729 [INFO] switch_rtp.c:4057 Activating audio Secure RTP RECV (with MKI)
2017-11-27 18:51:35.097729 [NOTICE] sofia.c:8419 Channel [sofia/external/%2B12404373253@169.55.36.24:5060] has been answered
2017-11-27 18:51:37.797706 [INFO] switch_rtp.c:4079 Activating audio Secure RTP SEND (with MKI)
2017-11-27 18:51:37.797706 [INFO] switch_rtp.c:4057 Activating audio Secure RTP RECV (with MKI)

Description: Connecting Skype For Business client to Skype for Business client.
Send SRTP with MKI in both outbound streams:
	- for inbound call: MKI was offered in incoming call and enabled for outbound leg with "set"
	- for outbound call: MKI was enabled with "export"

5. Other examples

Setup to use SRTP with MKI only on the inbound SRTP on incoming call from Telnyx SfB
Tested dialing 0012404373253 from SfB to FS, leg SfB <-> FS uses SRTP with MKI
on inbound SRTP only

57     <extension name="telnyx_test_1_2">
58         <condition field="destination_number" expression="^(0012404373253)$">
59              <action application="set" data="rtp_secure_media=true"/>
61              <action application="answer"/>
62              <action application="bridge" data="user/1004@${domain_name}"/>
63       </condition>
64   </extension>

Result:
2017-11-23 20:44:35.406026 [INFO] mod_dialplan_xml.c:637 Processing Test02 <+12404373728>->0012404373253 in context public
2017-11-23 20:44:38.566022 [INFO] switch_rtp.c:4107 Activating audio Secure RTP SEND
2017-11-23 20:44:38.566022 [INFO] switch_rtp.c:4085 Activating audio Secure RTP RECV (with MKI)

Setup to send and receive SRTP with MKI on incoming call from Telnyx SfB
Tested dialing 0012404373253 from SfB to FS, leg SfB <-> FS uses SRTP with MKI
in both directions

57     <extension name="telnyx_test_1_2">
58         <condition field="destination_number" expression="^(0012404373253)$">
59     		<action application="set" data="rtp_secure_media=true"/>
60     		<action application="set" data="rtp_secure_media_mki"/>
61     		<action application="answer"/>
62     		<action application="bridge" data="user/1004@${domain_name}"/>
63       </condition>
64   </extension>

Result:
2017-11-23 20:42:06.026034 [INFO] mod_dialplan_xml.c:637 Processing Test02 <+12404373728>->0012404373253 in context public
2017-11-23 20:42:09.526034 [INFO] switch_rtp.c:4107 Activating audio Secure RTP SEND (with MKI)
2017-11-23 20:42:09.526034 [INFO] switch_rtp.c:4085 Activating audio Secure RTP RECV (with MKI)

Setup to offer MKI on outbound call to extension 1001 (X-Lite -> FS -> linphone)
Tested dialing 0012404373253 from user 1004, leg FS <-> 1001 uses SRTP with MKI

782     <extension name="telnyx_test_1_2">
783         <condition field="destination_number" expression="^(0012404373253)$">
784             <action application="export" data="rtp_secure_media_outbound=true"/>
785             <action application="export" data="rtp_secure_media_mki"/>
786             <action application="answer"/>
797             <action application="bridge" data="user/1001@${domain_name}"/>
798       </condition>
799   </extension>

Result:
2017-11-23 20:23:26.266034 [INFO] mod_dialplan_xml.c:637 Processing 1000 windows <1000>->0012404373253 in context default
2017-11-23 20:23:26.366035 [INFO] switch_rtp.c:4107 Activating audio Secure RTP SEND (with MKI)
2017-11-23 20:23:26.366035 [INFO] switch_rtp.c:4085 Activating audio Secure RTP RECV

SfB sometimes offers crypto with LIFETIME but no MKI index, e.g.:
a=crypto:5 AES_CM_128_HMAC_SHA1_80 inline:9OtFWi17H9E8ywlm0iazemjAqXu2RhJ3DZyo+VLJ|2^31

Defaulting to no-mki SRTP in case key material doesn't contain MKI index.
2018-07-24 07:21:34 +00:00
Dragos Oancea
85cd705b23 FS-10264: extend switch_rtp_packet_t to fix jitter buffer bug triggered by RTP ext headers (RFC5285) 2017-04-25 08:20:31 +01:00
Sergey Safarov
df1ab07ca4 FS-9924: Removed extra space in source files 2017-02-09 23:59:49 -05:00
Anthony Minessale
2c111bbdb5 FS-9697 #resolve [Video compat changes to support older clients] 2016-11-03 17:38:31 -05:00
Anthony Minessale
fe6182260b FS-9013 #resolve [Add vad talk time logging channel vars] 2016-03-31 19:25:56 -05:00
Anthony Minessale
30fa89e008 FS-8713 #resolve [crash on bad video rtp stream] #comment Pushed a patch to make the sizes match. This was the original intention since we want to preserve the packet as-is while in the jb 2016-01-15 11:26:30 -06:00
Anthony Minessale
56a68e3ad9 FS-8677 #resolve [Crash (possible memory corruption) after codec change] 2016-01-06 10:10:14 -06:00
Anthony Minessale
eea76c8856 FS-8130
Port video buffer to also support audio and remove original STFU jitter buffer
Add some more resilience to video packet loss
Add codec control mechanism for both call-specific debug and codec/call specfic params
Make opus function better in packet loss and latent situations
Use new codec control prams to make JB lookahead FEC optionally enabled or disabled mid-call
Add Param to allow JB lookahead to be enabled.
2015-09-14 13:30:08 -05:00
William King
1442aeb425 FS-7860 #resolve 2015-07-20 21:09:25 -07:00
Anthony Minessale
6c135e15c1 FS-7602 FS-7499 FS-7587 #comment another refactoring pass on candidate parsing and ipv4/6 parsing 2015-06-03 15:54:21 -05:00
Anthony Minessale
3b2d00f3e6 FS-7587 Add ipv6 support to Verto / Websockets 2015-06-01 13:39:47 -05:00
Anthony Minessale
4a76c0f8c6 FS-7499 second pass at adding TMMBR (WIP) 2015-05-28 12:47:31 -05:00
Anthony Minessale
6388926291 FS-7499: start of tmmbr/n 2015-05-28 12:47:30 -05:00
Anthony Minessale
dc4c38dab5 FS-7499 FS-7508 FS-7501 some more general improvements for initial call setup 2015-05-28 12:47:29 -05:00
Anthony Minessale
3e24ac5e6b FS-7501: add auto sync of jb and fps detection 2015-05-28 12:47:18 -05:00
Michael jerris
1cd9e52b9e FS-7499: add enum for various rtcp related types 2015-05-28 12:47:10 -05:00
Anthony Minessale
17aa836403 FS-7499: add generic nack support to rtp stack 2015-05-28 12:46:53 -05:00
Anthony Minessale
2a50c6d55c FS-7501: use vidderbuffer in rtp 2015-05-28 12:46:52 -05:00
Anthony Minessale
76ec99ed97 FS-7500: poll rtp on answer until dtls is negotiated 2015-05-28 12:46:51 -05:00
Anthony Minessale
659c1e474e FS-7500: Work in progress. Added codec config params that can be set from session and made vpx codec re-init on size change. Also add periodic key frame timer 2015-05-28 12:46:44 -05:00
Anthony Minessale
365a5dd820 FS-7500: major refactoring pass. Push concepts from mod_vlc as deep as possible and flesh out api to use everywhere else. Round 2 will be to convert the bridge and other places using the same code 2015-05-28 12:46:44 -05:00
Travis Cross
52892b312a Fix misspelled function
switch_rtp_set_invalid_handler has been misspelled as
switch_rtp_set_invald_handler going all the way back to the
beginning.  So while it's possible that someone somewhere could be
relying on this misspelling, I think it's more likely that no one has
used it much and that's why it wasn't spotted.  We don't even use it
ourselves anywhere anymore.

Introduced in commit: 828e03715f67f358671c6691c3e9c0f2a66ec6ec
2014-06-28 00:32:41 +00:00
Anthony Minessale
c0e7e7b88c add reset function to clear some state data in the rtp session 2014-06-14 07:05:00 +05:00
Anthony Minessale
5646957c5b FS-5937 2014-02-26 04:06:59 +05:00
Brian West
33780fca07 FS-5937 now with more working 2014-02-25 09:55:21 -06:00
Brian West
463f32c4e3 FS-5937: i need to build a test rig for this, go go gadget iphone commit 2014-02-24 23:44:44 -06:00
Anthony Minessale
a900eadf5b FS-5937 --resolve 2014-02-24 14:56:49 -06:00
Ken Rice
6e7d5d0897 update copyright header for 2014 2014-02-12 12:08:56 -06:00
Anthony Minessale
ae99177598 add more range to saved candidates and fix off-by-one error when total is met 2013-11-30 19:13:49 -06:00
Anthony Minessale
bb9adff511 rework media code 2013-11-08 03:48:00 +05:00
Anthony Minessale
4a172402d2 some refactoring and plumbing for 1.4 2013-10-16 02:24:32 +05:00
Anthony Minessale
5dbf2b3cf7 refactor some video code 2013-07-11 17:38:24 -05:00
Nathan Neulinger
32adc789f6 make noexpandtab explicit in all vim modelines other than xml files 2013-06-25 11:50:17 -05:00
Anthony Minessale
2fac3a8e83 refactor some of the video passthru code 2013-06-17 19:52:37 -05:00
Anthony Minessale
ff532ec311 try to ifdef so we can still build against openssl older than 1.0.1 (but dtls would not work still in this case) 2013-03-31 21:27:23 -05:00
Anthony Minessale
16fa338b49 cleanup debug and memory and add stupid code for using sep dtls session when rtcp is not mux 2013-03-31 21:27:23 -05:00
Anthony Minessale
dd9271d6b9 MILESTONE: dtls-srtp inbound 2013-03-31 21:27:22 -05:00
Anthony Minessale
dabb85c3f6 wip 2013-03-31 21:27:22 -05:00
Anthony Minessale
21408d4534 ice tweaks 2013-03-31 21:27:22 -05:00
Anthony Minessale
12e70149ff rtcp-mux 2013-03-31 21:27:18 -05:00
Anthony Minessale
7510bccd6c MILESTONE: working inbound calls 2013-03-31 21:27:17 -05:00
Anthony Minessale
cb076e6b28 fucked 2013-03-31 21:27:17 -05:00
Anthony Minessale
330f68d946 convert rtp flags to arrays 2013-03-31 21:27:13 -05:00
Anthony Minessale
d301451782 fix issue where rtp stack was not paying attn to header extensions 2012-12-13 19:49:02 -06:00
Anthony Minessale
986fede6b0 make a way to get the jitter buffer down to the codecs 2012-10-18 15:29:00 -04:00
Anthony Minessale
8b4c9dc42c FS-3659 and some refactor for rtcp ice and video ice and rtcp 2012-06-22 18:15:06 -05:00
Ken Rice
7a147e4762 Update a ton of copyright statements to make sure the dates are proper 2012-04-25 17:14:55 -05:00