Hi guys,
Initially i had asterisk 1.6, instead of re-installing completely, i just compiled and upgraded to asterisk 11. I am using web phone with WebRTC as the medium for transfer of audio/video codec, Now i try to make a call from one extension to other(i.e. from 1060 to 1061) i am not getting any call to destination extension, but getting the error as
"CLI> == Using SIP RTP CoS mark 5
[Apr 26 17:18:51] WARNING[19101][C-0000000e]: chan_sip.c:10454 process_sdp:
Rejecting secure audio stream without encryption details:
audio 5354 RTP/SAVPF 103 104 111 0 8 107 106 105 13 126"
It seems that WEBRTC always transfer audio in an encrypted format, But my asterisk pbx in not supporting the encrypted audio stream and so it throws the above mentioned error. While doing further research on this res_srtp.so is the module needed for this encryption to happen. i am not able to get any patch/file/module for including this.
could someone please assist me on this.
Thanks
Vijay
res_srtp.c is part of the standard source distribution.
I don’t think your problem is due to lack of that module.
You will need to provide the details of the SDP, from the SIP packets.
Thanks for the reply david,
From your comment i understand that, for the encryption of audio stream, this res_srtp.c module is not responsible. And also i don’t find any kind of this module in my asterisk installation directory. so i thought this might be a problem.
Secondly you have mentioned like provide the details of the SDP, from the SIP packets i don’t understand this and don’t know how to proceed with this comment. could you please explain a bit more, so that i can get clear and proceed further.
Regards
Vijay
res_srtp is responsible for encryption, but it is not responsible for parsing the encryption related SDP.
Information on getting debugging information from Asterisk can be found at wiki.asterisk.org/wiki/display/ … nformation
If you don’t know what SDP is, you need to do some basic reading on SIP.
From another, similar question, it may be that you are trying to negotiate encryption over an unencrypted connection. As this would expose the session keys, it is a silly thing to do.