As announced on FreeSWITCH’s frontpage, version 1.0.4 has been released and now supports Skype, ZRTP, H.323 and MRCP: The FreeSWITCH team is pleased to announce the immediately availability of FreeSWITCH version 1.0.4. (Source tarball available here.) This new version contains many improvements in stability and security as well as some notable additions. More information here and digg it here.
In case you are still using Asterisk and haven’t switched to FreeSWITCH yet, Venturevoip has a nice overview of 31 great free applications for Asterisk.
This week I updated the FreeSWITCH test box and decided to hook up a Cisco 7961G phone. To my surprise the 7961G would not register to the FreeSWITCH box. Further investigation showed that the 7961G with firmware 8.3.5 sends the following register to the FreeSWITCH box:
REGISTER sip:10.9.123.36 SIP/2.0
Via: SIP/2.0/UDP 10.4.11.25:5060;branch=z9hG4bK8b5670ec
From: <sip:1000@10.9.123.36>;tag=0016467650c80002ed42b648-ff2b3abc
To: <sip:1000@10.9.123.36>
Call-ID: 00164676-50c80002-86027558-17f7cc0c@10.4.11.25
Max-Forwards: 70
Date: Tue, 15 Apr 2008 21:21:55 GMT
CSeq: 101 REGISTER
User-Agent: Cisco-CP7961G/8.3.0
Contact: <sip:1000@10.4.11.25:5060;transport=udp>;+sip.instance<urn:uuid:00000000-0000-0000-0000-0016467650c8>”;+u.sip!model.ccm.cisco.com=”30018″
Supported: (null),X-cisco-xsi-6.0.2
Content-Length: 0
Expires: 3600
What’s totally wrong with this register is the following line:
Supported: (null),X-cisco-xsi-6.0.2
The “(” and “)” are not allowed there and break the register method. So Cisco’s 8.3.5 SIP firmware is non-RFC compliant.
A correct Supported line looks something like this:
Supported: 100rel, timer, precondition, path
The 7961G register is not even close. I could not believe that Cisco would release firmware with such a bad bug in it so I started to search for anything wrong in the 7961G config files. I couldn’t find anything. Then I decided to downgrade the 7961G to firmware release 8.3.3. Same problem. Finally I decided to downgrade the 7961G even further to firmware releaseĀ 8.2.1. And guess what. The 7961G sends a correct register request and subsequently registers fine with the FreeSWITCH box.
So what’s going on here? How could Cisco’s quality control miss this one? Or couldn’t they care less about SIP because they use SCCP with their Callmanager product? I don’t know but it sure seems like a good idea to steer clear from Cisco phones when using them with a non-Cisco VoIP PBX. Seems the general opinion in the Open Source VoIP community that you better buy Polycom, Aastra or Snom holds in this case.
New Scientist has an interesting article about the vulnerability of encrypted VoIP packets: “Security researchers at Johns Hopkins report that a variable bit-rate compression scheme being rolled out on VoIP systems leaves encrypted calls vulnerable to bugging. Simpler syllables are squeezed into smaller data packets, with more complex ones taking up more space; the researchers built software that uses this to spot phrases of interest in encrypted calls simply by measuring packet size.”. Time to disable those VBR codecs when making TLS/SRTP calls.
FreeSWITCH 1.0.0 “Phoenix” has been released. Congratulations to Anthony, Mike, Brian and everybody who has contributed to make this happen! For quite some time I have witnessed FS in the making on irc and the mailinglist. The amount of effort that has gone into creating FS is quite astonishing. It’s all too easy to take great Open Source projects like FreeSWITCH for granted but let’s not forget about the time and money the team has sunk into this project. It would be great if the Community starts helping out (more) with documenting things on the Wiki, bugfixes, testing etc. I look forward to give FreeSWITCH another whirl and see what has changed since last time I messed with it.