Hi! Meanwhile, there is an improved version of the mediasec patch, which adds a switch to enable mediasec headers for each endpoint individually. This patch is thankfully provided by André Valentin (avalen...@marcant.net / https://www.marcant.net/en/). It's the patch "2-add-mediasec-switches.patch" contained in the patchset.tar.gz container. The "3-reduced-mediasec-switches.patch" mainly removed an unnecessary switch (aor) introduced by "2-add-mediasec-switches.patch".
This is how the patches in the container should be used (tested against asterisk 16.6.x): You may apply the patches 1-mediasec-no-initial-reInvite.patch, 2-add-mediasec-switches.patch and 3-reduced-mediasec-switches.patch in the given order or you may only apply the last patch (mediasec-all-in-one.patch), which combines the first 3 patches in one patch. How should it all be used now? If you want to use SIPS and SRTP with Deutsche Telekom AllIP, you have to be sure to enable the following features in the pjsip trunk (endpoint): - transport: tls (TLS 1.2) - enable SRTP for this trunk - endpoint: support_mediasec=1 - registration: support_mediasec=1 If you are using FreePBX, you have to add the support_mediasec switches to pjsip.endpoint_custom_post.conf and pjsip.registration_custom_post.conf. This is done like this: File pjsip.endpoint_custom_post.conf: [your name of the trunk](+type=endpoint) support_mediasec=1 File pjsip.registration_custom_post.conf: [your name of the trunk](+type=registration) support_mediasec=true Thanks Regards Michael
mediasec-patchset.tar.gz
Description: application/gzip
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
