Review Board 1.7.16


WebRTC: Add SHA-256 support, change DTLS-SRTP negotiation, add finer grain control of things.

Review Request #3679 - Created June 26, 2014 and submitted

Joshua Colp
sha256-a-harsh-reality
ASTERISK-22961, ASTERISK-23026
Reviewers
asterisk-dev
Asterisk
This change does the following:

1. Adds SHA-256 support for DTLS-SRTP. This is done in an extensible way so if we need to add other hashes it should be relatively easy to.
2. Adds the ability to force "AVP" for DTLS streams for greater interoperability.
3. Sets the ICE role to controlled or controlling depending on offer/answer.
4. Provides the ability to verify only fingerprint, certificate, or both.
5. Adds DTLS negotiation to RTCP.
6. Changes DTLS negotiation to occur after ICE negotiation completes.
7. Adds handling of DTLS traffic before ICE negotiation has formally completed.
Tested inbound and outbound calls against:

Chrome
Yandex Browser
Opera
Maxthon
Firefox

Note that hold/unhold only currently works against Chrome based browsers.

Changes between revision 2 and 3

1 2 3
1 2 3

  1. /UPGRADE.txt: Loading...
  2. /channels/chan_sip.c: Loading...
  3. /channels/sip/include/sip.h: Loading...
  4. /configs/sip.conf.sample: Loading...
  5. /include/asterisk/rtp_engine.h: Loading...
  6. /main/rtp_engine.c: Loading...
  7. /res/res_rtp_asterisk.c: Loading...
/branches/11/UPGRADE.txt /UPGRADE.txt
Revision 417586 New Change
[20] 23 lines
[+20]
24
 - Added a compatibility option for chan_sip, 'websocket_write_timeout'.
24
 - Added a compatibility option for chan_sip, 'websocket_write_timeout'.
25
   When a websocket connection exists where Asterisk writes a substantial
25
   When a websocket connection exists where Asterisk writes a substantial
26
   amount of data to the connected client, and the connected client is slow
26
   amount of data to the connected client, and the connected client is slow
27
   to process the received data, the socket may be disconnected. In such
27
   to process the received data, the socket may be disconnected. In such
28
   cases, it may be necessary to adjust this value. Default is 100 ms.
28
   cases, it may be necessary to adjust this value. Default is 100 ms.

    
   
29
 - Added a 'force_avp' option for chan_sip. When enabled this option will

    
   
30
   cause the media transport in the offer or answer SDP to be 'RTP/AVP',

    
   
31
   'RTP/AVPF', 'RTP/SAVP', or 'RTP/SAVPF' even if a DTLS stream has been

    
   
32
   configured. This option can be set to improve interoperability with WebRTC

    
   
33
   clients that don't use the RFC defined transport for DTLS.

    
   
34
 - The 'dtlsverify' option in chan_sip now has additional values besides

    
   
35
   'yes' and 'no'. If 'yes' is specified both the certificate and fingerprint

    
   
36
   will be verified. If 'no' is specified then neither the certificate or

    
   
37
   fingerprint is verified. If 'certificate' is specified then only the

    
   
38
   certificate is verified. If 'fingerprint' is specified then only the

    
   
39
   fingerprint is verified.

    
   
40
 - A 'dtlsfingerprint' option has been added to chan_sip which allows the

    
   
41
   hash to be specified for the DTLS fingerprint placed in SDP. Supported

    
   
42
   values are 'sha-1' and 'sha-256' with 'sha-256' being the default.
29

    
   
43

   
30
from 11.10.0 to 11.10.1
44
from 11.10.0 to 11.10.1
31
 - MixMonitor AMI actions now require users to have authorization classes.
45
 - MixMonitor AMI actions now require users to have authorization classes.
32
   * MixMonitor - system
46
   * MixMonitor - system
33
   * MixMonitorMute - call or system
47
   * MixMonitorMute - call or system
[+20] [20] 380 lines
/branches/11/channels/chan_sip.c
Diff Revision 2 Diff Revision 3
 
/branches/11/channels/sip/include/sip.h
Diff Revision 2 Diff Revision 3
 
/branches/11/configs/sip.conf.sample
Diff Revision 2 Diff Revision 3
 
/branches/11/include/asterisk/rtp_engine.h
Diff Revision 2 Diff Revision 3
 
/branches/11/main/rtp_engine.c
Diff Revision 2 Diff Revision 3
 
/branches/11/res/res_rtp_asterisk.c
Diff Revision 2 Diff Revision 3
 
  1. /UPGRADE.txt: Loading...
  2. /channels/chan_sip.c: Loading...
  3. /channels/sip/include/sip.h: Loading...
  4. /configs/sip.conf.sample: Loading...
  5. /include/asterisk/rtp_engine.h: Loading...
  6. /main/rtp_engine.c: Loading...
  7. /res/res_rtp_asterisk.c: Loading...

https://reviewboard.asterisk.org/ runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to asteriskteam@digium.com.