| Werner and Guillaume,
Thanks for your suggestions. Figuring out how ZRTP was integrated into oRTP and Linphone has given me a great deal of frustration over this last week! :-)
Some additional background: I'm using a stock install of Freeswitch (current) with proxy_media enabled. I can successfully establish a one-legged ZRTP connection (Linphone shows the lock icon) with Freeswitch using an echo extension.
But, I am still unable to establish zrtp between two copies of Linphone. Both sides continuously send zrtp Hello messages until they give up, and the reason appears to be CRC failure when parsing the ZRTP message. Here's a sample, with binary data converted to hex:
2013-01-29 15:58:39.980 linphone[1450:907] sent ZRTP seq=52426 type=Hello CRC=3736532086, ln=29 2013-01-29 15:58:39.992 linphone[1450:907] sent ZRTP Hello 52426 2013-01-29 15:58:40.005 linphone[1450:907] ZRTP: Msg: 52426 (128 bytes) 2013-01-29 15:58:40.008 linphone[1450:907] DATA: 1000ccca5a52545068cbb6c9505a001d48656c6c6f202020312e31304c494e50484f4e 2013-01-29 15:58:40.017 linphone[1450:907] DATA: 452d5a525450435050be5fb815a84faf732d91f113c561035105746cc4b0a204852ada 2013-01-29 15:58:40.020 linphone[1450:907] DATA: 4970ce0a375564a90f09e1e83963ab3ee86e0001122153323536414553314853333248 2013-01-29 15:58:40.026 linphone[1450:907] DATA: 5338304448336b4d756c744233322086f7a88252c057a6
and the recipient:
2013-01-29 15:58:36.808 linphone[1100:9307] received ZRTP seq=52426 type=Hello CRC=3736532086, ln=29 2013-01-29 15:58:36.810 linphone[1100:9307] received ZRTP Hello 52426 2013-01-29 15:58:36.812 linphone[1100:9307] ZRTP: Msg: 52426 (128 bytes) 2013-01-29 15:58:36.814 linphone[1100:9307] DATA: 1000ccca5a5254501e895c35505a001d48656c6c6f202020312e31304c494e50484f4e 2013-01-29 15:58:36.815 linphone[1100:9307] DATA: 452d5a525450435050be5fb815a84faf732d91f113c561035105746cc4b0a204852ada 2013-01-29 15:58:36.820 linphone[1100:9307] DATA: 4970ce0a375564a90f09e1e83963ab3ee86e0001122153323536414553314853333248 2013-01-29 15:58:36.821 linphone[1100:9307] DATA: 5338304448336b4d756c744233322086f7a88252c057a6 2013-01-29 15:58:40.245 linphone[1450:6707] Bad ZRTP packet checksum 3736532086 total 132
I've highlighted the place where the messages differ: the ZRTP Source Identifier (bytes 9-12).
I haven't yet pinpointed where it's getting altered, but perhaps someone with more knowledge of RTP can tell me if this is normal or if something aside from Linphone (Freeswitch) is behaving in a non-standard manner.
-Eli
Am 17.01.2013 22:43, schrieb Eli Burke:
I have compiled linphone-iphone from source, using "make all enable_gpl_third_parties=yes enable_zrtp=yes" and am now trying to verify the functionality of the ZRTP integration. So far, I am not able to establish a ZRTP-secured connection (SRTP works fine).
Has anyone successfully used linphone with ZRTP since Linphone 2.0 was released? I know ZRTP is not enabled in the App store version, so it would have to be tested using a version you've built yourself.
Some additional background: we are using Freeswitch and can successfully establish ZRTP calls using the Groundwire app. When I try to call between Groundwire and Linphone, I either get an unprotected phone call, or if I set Groundwire to require ZRTP, it immediately hangs up. I also tried calling between two instances of Linphone, and got the 'insecure call' icon. (vs SRTP which showed the 'secure' padlock)
Other notables:
So far I have only tested in the Simulator, so it is possible ZRTP only works on live hardware.
and
This is speculation, but to my untrained eye it looks like during an outbound call 'zrtp-hash' is not listed in the SDP header, and in an incoming call it is not being parsed.
Well, the 'zrtp-hash' is optional according to the ZRTP RFC. However, some implementations
rely on it to check if the other party supports ZRTP. AFAIK FreeSwitch uses it that
way.
An application may use 'zrtp-hash' that way, but it is not recomended and also not
the real use case for 'zrtp-hash'. An application shall use the ZRTP discovery phase
and send a ZRTP 'Hello' and if the other client replies with 'Hello'/'HelloAck' then
both support ZRTP. The application may use 'zrtp-hash' to apply additional checks, but
this is purly optional.
Does anyone have any suggestions or thoughts?
Not really :-) - except to check the ZRTP integration in Linphone, reading the source.
Werner
Thanks,
Eli
_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers
------------------------------
Message: 5
Date: Fri, 18 Jan 2013 09:33:02 +0100
From: Guillaume Beraudo <address@hidden>
To: address@hidden
Subject: Re: [Linphone-developers] Failure to establish ZRTP sessions
using linphone-iphone built from source
Message-ID: <address@hidden>
Content-Type: text/plain; charset=us-ascii
Hi,
On Thu, Jan 17, 2013 at 04:43:01PM -0500, Eli Burke wrote:
I have compiled linphone-iphone from source, using "make all
enable_gpl_third_parties=yes enable_zrtp=yes" and am now trying to
verify the functionality of the ZRTP integration. So far, I am not able
to establish a ZRTP-secured connection (SRTP works fine).
Has anyone successfully used linphone with ZRTP since Linphone 2.0 was
released? I know ZRTP is not enabled in the App store version, so it
would have to be tested using a version you've built yourself.
Yes
Some additional background: we are using Freeswitch and can
successfully establish ZRTP calls using the Groundwire app. When I try
to call between Groundwire and Linphone, I either get an unprotected
phone call, or if I set Groundwire to require ZRTP, it immediately
hangs up. I also tried calling between two instances of Linphone, and
got the 'insecure call' icon. (vs SRTP which showed the 'secure'
padlock)
It is strange that you cannot call between two Linphone instances.
You should enable debug logs and check the ZRTP discution: you should see
that some HELLO packets are sent and received.
Other notables: So far I have only tested in the Simulator, so it is
possible ZRTP only works on live hardware. and This is speculation,
but to my untrained eye it looks like during an outbound call
'zrtp-hash' is not listed in the SDP header, and in an incoming call it
is not being parsed.
We do not support this optionnal feature yet.
Patches welcomed :).
Guillaume Beraudo
------------------------------
_______________________________________________
Linphone-developers mailing list
address@hidden
https://lists.nongnu.org/mailman/listinfo/linphone-developers
End of Linphone-developers Digest, Vol 119, Issue 19
****************************************************
|