Tigase Forge
Dashboards
Projects
Pull Requests
Issues
Builds
Packages
Code Search
siskin-im
Code
Pull Requests
Issues
List
Boards
Iterations
Builds
Statistics
Child Projects
OneDev 10.9.4
Documentation Support & Bug Report RESTful API Incompatibilities License Agreement Check Update
Projects tigase _clients siskin-im Issues #538
Rejects calls that offer an `encryption` node for SRTP (#538)
Open
Unknown opened 3 years ago

While testing Siskin with Dino, I found that Siskin rejects calls that offer SRTP encryption as per XEP-0167 (7).

When Siskin receives a session-initiate like

<iq id='50b14677-2ed2-4929-94dc-0dde9abca07c' type='set' to='bla@example.com/iPad'>
  <jingle xmlns='urn:xmpp:jingle:1' action='session-initiate' initiator='user@example.com/dino' sid='fa3ffc64-7cdb-4caa-a07c-cd15efb8e181'>
    <content creator='initiator' name='audio' senders='both'>
      <description xmlns='urn:xmpp:jingle:apps:rtp:1' media='audio'>
        <encryption>
          <crypto crypto-suite='AES_CM_128_HMAC_SHA1_80' key-params='inline:Ya5dYAuXuGPVz/7XT+ym4Q05nTg+b8C9fGZSjWIL' tag='1' />
        </encryption>
        ...
      </description>
      <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1' ufrag='iNWd' pwd='6p2LnHEQLmnecwkRDfRq6t'>
        <fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' hash='sha-256' setup='actpass'>
          1C:CA:3A:BA:A5:D2:76:1C:9C:17:E9:72:96:1B:FE:70:01:2A:63:D1:E8:DB:8C:05:8A:05:85:B7:1D:D5:BA:AE
        </fingerprint>
        ...
      </transport>
    </content>
  </jingle>
</iq>

it rejects the call by directly sending a session-terminate.

Dino supports simple RTP calls with SRTP encryption and thus includes the respective information. However, this is merely an offer to the recipient and WebRTC is also supported. Everything necessary for a WebRTC connection is announced and calls establish if Dino doesn't include the <encryption> node.

It would be good if you would just ignore the presence of the <encryption> node and just proceed to negotiate a WebRTC connection.

Siskin version: 7.0.1
Unknown commented 3 years ago

I'm going to add a workaround here, however, according to WebRTC specification SRTP "crypto" attribute (used only for SDES) is forbidden and due to the fact that you are sending it, the WebRTC is rejecting the payload. So you are correct, that you are sending everything required for WebRTC to work but also are sending data that forbids WebRTC to work properly.
issue 1 of 1
Type
Bug
Issue Votes (0)
Login to vote
Watchers (0)
Reference
tigase/_clients/siskin-im#538
Please wait...
Page is in error, reload to recover