tracking asterisk backports uploads in Git?

Sat Jan 25 19:57:02 UTC 2014

On 24/01/14 18:28, Jeremy Lainé wrote:
> On 01/24/2014 05:21 PM, Daniel Pocock wrote:
>> I realize it is trivial, but would you consider putting those extra
>> changelog entries on a wheezy-backports branch?  It makes it really
>> obvious for any other user who wants to play with it on wheezy.
>>
> OK, I have just done so and will keep it updated in the future.
>
>> Could you also have a look at the patch from Nitish in Digium issue
>> 22961 and consider having it in Debian?  I put it on a branch (also
>> mentioned on the asterisk-dev list):
>>
>>
>> http://anonscm.debian.org/gitweb/?p=pkg-voip/asterisk.git;a=shortlog;h=refs/heads/dtls-srtp-patch
>>
>> https://issues.asterisk.org/jira/browse/ASTERISK-22961
>
> From a quick read through the bug report it does not seem that a
> consensus has been reached on the solution, or am I mistaken?

With or without consensus, the high level issue has been fairly constant
for over a year now: Mozilla/Firefox is using SHA-256, a fairly standard
algorithm offered by OpenSSL and the DTLS-SRTP standard and official
Asterisk releases don't accept it.

If you look back at where the email thread starts in January 2013,
Digium were not keen to expend effort on this for commercial rather than
technical reasons (my impression is they don't want to spend engineering
time on something that may evolve further), see the "once everything
gets settled" comment:

http://lists.digium.com/pipermail/asterisk-dev/2013-January/058222.html

This is quite logical from a commercial point of view, time spent
tweaking this every time Firefox or Chrome changes may be a big drain on
their resources.

However, a lot of Debian users are using Iceweasel/Firefox and
subsequent to my recent blog posts and experiences people had with my
test links (http://www.sip5060.net/test-calls) several people emailed me
privately expressing frustration that we appear to be favoring Chrome -
the DTLS-SRTP problem puts Firefox WebRTC completely out of reach for
them with the Asterisk package as it is.

I've already included a basic patch for this in JSCommunicator (see the
v1.0.10 diff) and providing the corresponding SHA-256 patch in the
Asterisk package would give people the ability to evaluate end-to-end
solutions using either major browser.