[jitsi-dev] SDES not working (fix included)


#1

Using jitsi_2.4.4997-1ubuntu1 on Mint 17
Latest stable Jitsi release 2.4.4997
SDES4J release in Jitsi 2.4.4997 source tree 1.0.1
Peer is using asterisk_1:11.10.2~dfsg-1~bpo70+1_i386.deb on Debian 7

java.lang.ClassCastException: [Lch.imvs.sdes4j.SessionParam; cannot be cast to [Lch.imvs.sdes4j.srtp.SrtpSessionParam;
  at ch.imvs.sdes4j.srtp.SrtpCryptoAttribute.getSessionParams(SrtpCryptoAttribute.java:68)

That line is in file
lib/src/sdes4j/src/ch/imvs/sdes4j/srtp/SrtpCryptoAttribute.java
in class SrtpCryptoAttribute function getSessionParams()
which reads:
return (SrtpSessionParam[]) super.getSessionParams();

SrtpSessionParam is a subclass of SessionParam
and super.getSessionParams() returns an array of SessionParam
and downcasting an array will cause a ClassCastException every
time.

One solution is to create a copy of the array where each of the
elements has been downcasted individually:
return java.util.Arrays.copyOf(super.getSessionParams(), super.getSessionParams().length, SrtpSessionParam[].class);

See also:
https://stackoverflow.com/questions/1115230/casting-object-array-to-integer-array-error
http://code.stephenmorley.org/articles/java-generics-type-erasure/

After that fix is applied, outgoing SDES calls work.

This issue remains in the latest SDES4J release (1.1.1).
Please apply fix in Jitsi source tree, then pass this fix
upstream to the SDES4J project https://code.google.com/p/sdes4j/
I was unable to find a public email list or bug tracker for them.

Thank you.

Incoming SIP calls (with SDES, or without SRTP altogether) still crash Jitsi with:
/usr/bin/java: symbol lookup error: /usr/lib/jni/libjdic_misc.so: undefined symbol: JAWT_GetAWT
as described in
https://bugs.launchpad.net/ubuntu/+source/jitsi/+bug/1306901
But that is a separate issue.

- --
David Joshua Geary
Debian, The Universal Operating System <https://debian.org/>
I don't care what software you use so long as
  we only exchange files in open data formats
Open-Document <http://en.wikipedia.org/wiki/Open_Document>
Ogg <http://en.wikipedia.org/wiki/Ogg>
PDF <http://en.wikipedia.org/wiki/Pdf>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)

mQINBE0JY54BEAD2D3ckM+FTElSG6w89L1PkeB+m8+8K5ZJZKfLJXWv7NNTRS5DC
uJd/OrlQwC4Ecwkp4HqmjF8jYzCeLEnC7SR6VU3j05l1vR7pZvphUx7lYBbhXbV/
ykBQBK9AWQwf1ve3G2+hGRAeYmhSzen3Px06aBq4/nr3adF1JFekV5CyCuHxDriT
p7HMqEwCvRExnaJD45VKzCQiCYLDYkgVc5u+yBWHd92Jk0DHtm6T/CuoLsoYPIgU
Jy8sNFdGE9cC3Nb6Ay/Je4FUlKqu9xNej7KGF0SNVjfD7+bMlB37uaDSk1vLGkmg
rhnR78YTdZ2iE2hcbae8l/N9aFWUHfxnuHEew/imTJgaBOMOp6k3FGIFG+1qznnG
UlXBMR7gY5jyPKTLe0iJo5MCylKeS56uyDgGv8FtGD73MRqGxktR5b8Zv4Wjv0cz
S4yBT8dvAYohw8UeRF4EKQlmxX7rusaipXCe/lGyuytfNFJ77EHMESzVkM/da0qk
Zt2sotf83XXE+h6lsUDee1whNDtNvaYmTziKZVHJ3olP3kg+FglgoWKG/y5QQHtW
ASa4tnlnNFVGJaOBVnVOq5RsrmQ+YSmYsm/OfjzAthc3QM5BhQhB381y4lKtFo1S
G7qChNSpA29ea1Muqgz3fDlP3m4iHo1AFvBTgpvEIh/Eb8MXSmeHxmEk0QARAQAB
tEZEYXZpZCBKb3NodWEgR2VhcnkgKEdtYWlsIEVtYWlsIFNpZ25pbmcgS2V5KSA8
YmlhbmNhLnVyYW51c0BnbWFpbC5jb20+iQI4BBMBAgAiBQJNvPhPAhsjBgsJCAcD
AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDEeg4A7keCH+nREACtE2EwlJwtr6kj2nb/
XfYEaM1HgtyxlQdSFUtBcCl6ti90GX0NVo7ZkcBLZYQmE6usaQhLawBINhkgXnYY
RahxJMuCvP3+5koEpfJUgamfBmPDCJLDmWIp7IyfDhJ5VMrZ+Z06NJ5lrTeAFbK7
JZhddcBTzubzicYAqWdxoXrZ3VDrpNcxA6WRaV1dwqZhI73xIPdUzwjlTKiMsbPX
13NPCIQ3uLD9c+QqTm7GmOwr9+YfzfnKAUsqr/P3x3LNvlvKWjEScIvWpiKEhKu6
VHFCDVepKlox0HZX9CU6db3blFw+cf43+nOJCdtAjinUK5P4rTHjCv8d0sCVyK6v
1YfNHJcLZfGeDCQoI4IBpwnJ2zxrysMQxWS+Tp+HXXTOvmTtM4Wb1IV79b3fdUE8
VEJrtHCvkmQmHiKqmWIxSl55w/wFafYHruDBmhf3p0EKre8Ky3KdcqkaotN1O8+I
BFb0SCNIKwUQEudyCKE+KtUblKl2eEkj6KbgTsBhH6MovMJgpwVzL0OAd2iKGQll
ibz7gLNlpujgrok/uhEuMeIdBeH5ACtdRPRXAJEKjbg1XCDGK3PqFlP35cFUgte8
Yf2jIpVtVHSkpQJe53g3gqd88tNm/byU3qr9Yb0N2gruh5JF/JM382uKXAOlq/Dp
46eByAuZuDGPnGkunlbWhIHg47kCDQRNCWOeARAAw/oeF8kJm8nza7Jj4x5aibZm
R6I7YmWSmZyqGsHS3sfy+1yQV3zYU7tZMAldn1tR4m8lFv2uZuNR/ZHneYEnEfGx
J9NpYl3OnAHeqwDEmPR9v+fhV3Bjyalf/VSUzQvBUxAA5icx8xDSw3KYpdY15GA8
Ep+cGGLJktRrU+I7EZBmWM13qz7NyX6cUxblUFk7KHcs37PmMJzVSHAF+Mga4OVk
kT5WxwtFj1UMahVXQw6tETddftrDOgWFb5y9X1+vUzeDAD4QY22GpSLdC7PXRo5/
2ogdBNZxJ0H0XEG/d/YCUFeSyysSAnPUGvxnzBY7ejmAK2fEczLyLO1hnRVxtBrl
Pw4x0SOuVH+xHe2xmcPUtGQI2sB/KtfyXlJDbWzAs+aEb74WE1zsN1i1wnkzwCye
l1O30U2OPKyA8ab6MchOJjKDZ59WROa3CGws2tLQw9xVD2nuoujIsZ5NIVxoq8J8
D7ichYtyKM4m7TM7qI7u5doCs4WVXKeB5REYRk3BD3wmlSBst49JNJ33PoQskgOf
X137OlCuU1EYUii2/PkfzXtBcosoPAEnUvBzyLPDY8OAqaX1l+Q7OTYMBeTgC5WB
5CCo59OynPmxjvllib52X6Nn3Y4Dz7OBAmiS+y+UblbstukJzzC4AFDSS4Bo7oBq
BNKTi0sJo398TgeBpaMAEQEAAYkCHwQYAQIACQUCTQljngIbDAAKCRDEeg4A7keC
H+iwEACAMVh54Jj2db862kVWnRZ0K2K+G6QU/h858JvdR7QLqfB4LrUorpTmNSm6
a2tWr45kIjGAkUKg3jrBRoqzqJrXq21NfLF1+2ARWwE9HPqx6EnbRT9iU5EszdDn
LNZmWbi37g8Pw0gGsZaZCkFCecZ/qgDj69H19h2zXE3PZCmDzSSfZ+1rT4RuoQu3
oYx4rNo0swJtyJPuYDWY2jZB7Gp2hk38d5qP439gFBsnQdqrmD8/Axck2DeqvlWe
vlc8tPERszC1sDP0kjIU/hl64UnrgIjtumu9E9F024ZYnHFA5RujkT0Psnc5H3zU
Ad+TnyJGwPkqIg39bcXblg3icW5Wd33mKsAXIwQSVP6HxIoB99s9GTrBaVnCU7F0
gdkcqCU/mD2+NurmWGE4tmbVhnA7cEcytpVzN1iB56HbhWOSyF6udXPnD9rvGuOt
aZq5U74sRMviH1/8x370lJyQ6ZzuLAO+9KAhwVLG5lNeKD3a/ipWuu46qY7o2qdS
E0QPem3DZiuzt7ziqm5AKMuMPaIAmwR6x9f/DPokVgPtCIpvs4WEnhJoy7M3nnCC
PTB97vAktA4y4aS61+lhuxfX69MQJ3Nw7ovqgZv6tXSnpwimrlGFkYAz1F8z99qC
IsP21waf+Kim4VDiU11VZ7ODp7zzcxaAr3DUuhv92RpV/+nblA==
=C0zf
- -----END PGP PUBLIC KEY BLOCK-----

0xEE47821F.asc (3.05 KB)

0xEE47821F.asc.sig (543 Bytes)


#2

Hey

Thanks for the report. I'll try to fix that rather sooner than later, but in
the meantime, could you please post a trace of the communication between
Jitsi and Asterisk? (See https://jitsi.org/logs on how to get them). We use
SDES with Asterisk daily and have never seen any problems, so I'm curious
what is different in your setup.

Btw: The bug-tracker of SDES4j is here:
https://code.google.com/p/sdes4j/issues/list - but posting here is fine too,
AFAIK Jitsi is the only project using SDES4j anyway.

Ingo

···

-----Original Message-----
From: dev-bounces@jitsi.org [mailto:dev-bounces@jitsi.org] On Behalf Of
David Joshua Geary
Sent: Sonntag, 13. Juli 2014 10:13
To: dev@jitsi.org
Subject: [jitsi-dev] SDES not working (fix included)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Using jitsi_2.4.4997-1ubuntu1 on Mint 17 Latest stable Jitsi release
2.4.4997 SDES4J release in Jitsi 2.4.4997 source tree 1.0.1 Peer is using
asterisk_1:11.10.2~dfsg-1~bpo70+1_i386.deb on Debian 7

java.lang.ClassCastException: [Lch.imvs.sdes4j.SessionParam; cannot be cast
to [Lch.imvs.sdes4j.srtp.SrtpSessionParam;
  at
ch.imvs.sdes4j.srtp.SrtpCryptoAttribute.getSessionParams(SrtpCryptoAttribute
.java:68)

That line is in file
lib/src/sdes4j/src/ch/imvs/sdes4j/srtp/SrtpCryptoAttribute.java
in class SrtpCryptoAttribute function getSessionParams() which reads:
return (SrtpSessionParam[]) super.getSessionParams();

SrtpSessionParam is a subclass of SessionParam and super.getSessionParams()
returns an array of SessionParam and downcasting an array will cause a
ClassCastException every time.

One solution is to create a copy of the array where each of the elements has
been downcasted individually:
return java.util.Arrays.copyOf(super.getSessionParams(),
super.getSessionParams().length, SrtpSessionParam[].class);

See also:
https://stackoverflow.com/questions/1115230/casting-object-array-to-integer-
array-error
http://code.stephenmorley.org/articles/java-generics-type-erasure/

After that fix is applied, outgoing SDES calls work.

This issue remains in the latest SDES4J release (1.1.1).
Please apply fix in Jitsi source tree, then pass this fix upstream to the
SDES4J project https://code.google.com/p/sdes4j/ I was unable to find a
public email list or bug tracker for them.

Thank you.

Incoming SIP calls (with SDES, or without SRTP altogether) still crash Jitsi
with:
/usr/bin/java: symbol lookup error: /usr/lib/jni/libjdic_misc.so: undefined
symbol: JAWT_GetAWT as described in
https://bugs.launchpad.net/ubuntu/+source/jitsi/+bug/1306901
But that is a separate issue.

- --
David Joshua Geary
Debian, The Universal Operating System <https://debian.org/> I don't care
what software you use so long as
  we only exchange files in open data formats Open-Document
<http://en.wikipedia.org/wiki/Open_Document>
Ogg <http://en.wikipedia.org/wiki/Ogg>
PDF <http://en.wikipedia.org/wiki/Pdf>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (GNU/Linux)

mQINBE0JY54BEAD2D3ckM+FTElSG6w89L1PkeB+m8+8K5ZJZKfLJXWv7NNTRS5DC
uJd/OrlQwC4Ecwkp4HqmjF8jYzCeLEnC7SR6VU3j05l1vR7pZvphUx7lYBbhXbV/
ykBQBK9AWQwf1ve3G2+hGRAeYmhSzen3Px06aBq4/nr3adF1JFekV5CyCuHxDriT
p7HMqEwCvRExnaJD45VKzCQiCYLDYkgVc5u+yBWHd92Jk0DHtm6T/CuoLsoYPIgU
Jy8sNFdGE9cC3Nb6Ay/Je4FUlKqu9xNej7KGF0SNVjfD7+bMlB37uaDSk1vLGkmg
rhnR78YTdZ2iE2hcbae8l/N9aFWUHfxnuHEew/imTJgaBOMOp6k3FGIFG+1qznnG
UlXBMR7gY5jyPKTLe0iJo5MCylKeS56uyDgGv8FtGD73MRqGxktR5b8Zv4Wjv0cz
S4yBT8dvAYohw8UeRF4EKQlmxX7rusaipXCe/lGyuytfNFJ77EHMESzVkM/da0qk
Zt2sotf83XXE+h6lsUDee1whNDtNvaYmTziKZVHJ3olP3kg+FglgoWKG/y5QQHtW
ASa4tnlnNFVGJaOBVnVOq5RsrmQ+YSmYsm/OfjzAthc3QM5BhQhB381y4lKtFo1S
G7qChNSpA29ea1Muqgz3fDlP3m4iHo1AFvBTgpvEIh/Eb8MXSmeHxmEk0QARAQAB
tEZEYXZpZCBKb3NodWEgR2VhcnkgKEdtYWlsIEVtYWlsIFNpZ25pbmcgS2V5KSA8
YmlhbmNhLnVyYW51c0BnbWFpbC5jb20+iQI4BBMBAgAiBQJNvPhPAhsjBgsJCAcD
AgYVCAIJCgsEFgIDAQIeAQIXgAAKCRDEeg4A7keCH+nREACtE2EwlJwtr6kj2nb/
XfYEaM1HgtyxlQdSFUtBcCl6ti90GX0NVo7ZkcBLZYQmE6usaQhLawBINhkgXnYY
RahxJMuCvP3+5koEpfJUgamfBmPDCJLDmWIp7IyfDhJ5VMrZ+Z06NJ5lrTeAFbK7
JZhddcBTzubzicYAqWdxoXrZ3VDrpNcxA6WRaV1dwqZhI73xIPdUzwjlTKiMsbPX
13NPCIQ3uLD9c+QqTm7GmOwr9+YfzfnKAUsqr/P3x3LNvlvKWjEScIvWpiKEhKu6
VHFCDVepKlox0HZX9CU6db3blFw+cf43+nOJCdtAjinUK5P4rTHjCv8d0sCVyK6v
1YfNHJcLZfGeDCQoI4IBpwnJ2zxrysMQxWS+Tp+HXXTOvmTtM4Wb1IV79b3fdUE8
VEJrtHCvkmQmHiKqmWIxSl55w/wFafYHruDBmhf3p0EKre8Ky3KdcqkaotN1O8+I
BFb0SCNIKwUQEudyCKE+KtUblKl2eEkj6KbgTsBhH6MovMJgpwVzL0OAd2iKGQll
ibz7gLNlpujgrok/uhEuMeIdBeH5ACtdRPRXAJEKjbg1XCDGK3PqFlP35cFUgte8
Yf2jIpVtVHSkpQJe53g3gqd88tNm/byU3qr9Yb0N2gruh5JF/JM382uKXAOlq/Dp
46eByAuZuDGPnGkunlbWhIHg47kCDQRNCWOeARAAw/oeF8kJm8nza7Jj4x5aibZm
R6I7YmWSmZyqGsHS3sfy+1yQV3zYU7tZMAldn1tR4m8lFv2uZuNR/ZHneYEnEfGx
J9NpYl3OnAHeqwDEmPR9v+fhV3Bjyalf/VSUzQvBUxAA5icx8xDSw3KYpdY15GA8
Ep+cGGLJktRrU+I7EZBmWM13qz7NyX6cUxblUFk7KHcs37PmMJzVSHAF+Mga4OVk
kT5WxwtFj1UMahVXQw6tETddftrDOgWFb5y9X1+vUzeDAD4QY22GpSLdC7PXRo5/
2ogdBNZxJ0H0XEG/d/YCUFeSyysSAnPUGvxnzBY7ejmAK2fEczLyLO1hnRVxtBrl
Pw4x0SOuVH+xHe2xmcPUtGQI2sB/KtfyXlJDbWzAs+aEb74WE1zsN1i1wnkzwCye
l1O30U2OPKyA8ab6MchOJjKDZ59WROa3CGws2tLQw9xVD2nuoujIsZ5NIVxoq8J8
D7ichYtyKM4m7TM7qI7u5doCs4WVXKeB5REYRk3BD3wmlSBst49JNJ33PoQskgOf
X137OlCuU1EYUii2/PkfzXtBcosoPAEnUvBzyLPDY8OAqaX1l+Q7OTYMBeTgC5WB
5CCo59OynPmxjvllib52X6Nn3Y4Dz7OBAmiS+y+UblbstukJzzC4AFDSS4Bo7oBq
BNKTi0sJo398TgeBpaMAEQEAAYkCHwQYAQIACQUCTQljngIbDAAKCRDEeg4A7keC
H+iwEACAMVh54Jj2db862kVWnRZ0K2K+G6QU/h858JvdR7QLqfB4LrUorpTmNSm6
a2tWr45kIjGAkUKg3jrBRoqzqJrXq21NfLF1+2ARWwE9HPqx6EnbRT9iU5EszdDn
LNZmWbi37g8Pw0gGsZaZCkFCecZ/qgDj69H19h2zXE3PZCmDzSSfZ+1rT4RuoQu3
oYx4rNo0swJtyJPuYDWY2jZB7Gp2hk38d5qP439gFBsnQdqrmD8/Axck2DeqvlWe
vlc8tPERszC1sDP0kjIU/hl64UnrgIjtumu9E9F024ZYnHFA5RujkT0Psnc5H3zU
Ad+TnyJGwPkqIg39bcXblg3icW5Wd33mKsAXIwQSVP6HxIoB99s9GTrBaVnCU7F0
gdkcqCU/mD2+NurmWGE4tmbVhnA7cEcytpVzN1iB56HbhWOSyF6udXPnD9rvGuOt
aZq5U74sRMviH1/8x370lJyQ6ZzuLAO+9KAhwVLG5lNeKD3a/ipWuu46qY7o2qdS
E0QPem3DZiuzt7ziqm5AKMuMPaIAmwR6x9f/DPokVgPtCIpvs4WEnhJoy7M3nnCC
PTB97vAktA4y4aS61+lhuxfX69MQJ3Nw7ovqgZv6tXSnpwimrlGFkYAz1F8z99qC
IsP21waf+Kim4VDiU11VZ7ODp7zzcxaAr3DUuhv92RpV/+nblA==
=C0zf
- -----END PGP PUBLIC KEY BLOCK-----


#3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Using jitsi_2.4.4997-1ubuntu1 on Mint 17
Latest stable Jitsi release 2.4.4997
SDES4J release in Jitsi 2.4.4997 source tree 1.0.1
Peer is using asterisk_1:11.10.2~dfsg-1~bpo70+1_i386.deb on Debian 7

java.lang.ClassCastException: [Lch.imvs.sdes4j.SessionParam; cannot be
cast to [Lch.imvs.sdes4j.srtp.SrtpSessionParam; at
ch.imvs.sdes4j.srtp.SrtpCryptoAttribute.getSessionParams(SrtpCryptoAttribu
te. java:68)

That line is in file
lib/src/sdes4j/src/ch/imvs/sdes4j/srtp/SrtpCryptoAttribute.java in class
SrtpCryptoAttribute function getSessionParams() which reads: return
(SrtpSessionParam[]) super.getSessionParams();

I released a fix in sdes4j when SrtpCryptoAttribute is created from the
constructor. However I'd still be interested to get a complete stack trace.

[...]

Thank you.

Damian, can you please update the binary in Jitsi as I cannot clone the full
repo currently. Binary and source snapshot are available here:
https://drive.google.com/folderview?id=0BwiF7kZbHitaa2JkV1RrOWk0blk

Thanks,
Ingo

···

On 2014-07-13 10:12, David Joshua Geary wrote:


#4

Hi Ingo,

it has been updated.

Thanks
damencho

···

On Tue, Jul 22, 2014 at 1:57 PM, Ingo Bauersachs <ingo@jitsi.org> wrote:

On 2014-07-13 10:12, David Joshua Geary wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Using jitsi_2.4.4997-1ubuntu1 on Mint 17
Latest stable Jitsi release 2.4.4997
SDES4J release in Jitsi 2.4.4997 source tree 1.0.1
Peer is using asterisk_1:11.10.2~dfsg-1~bpo70+1_i386.deb on Debian 7

java.lang.ClassCastException: [Lch.imvs.sdes4j.SessionParam; cannot be
cast to [Lch.imvs.sdes4j.srtp.SrtpSessionParam; at
ch.imvs.sdes4j.srtp.SrtpCryptoAttribute.getSessionParams(SrtpCryptoAttribu
te. java:68)

That line is in file
lib/src/sdes4j/src/ch/imvs/sdes4j/srtp/SrtpCryptoAttribute.java in class
SrtpCryptoAttribute function getSessionParams() which reads: return
(SrtpSessionParam[]) super.getSessionParams();

I released a fix in sdes4j when SrtpCryptoAttribute is created from the
constructor. However I'd still be interested to get a complete stack trace.

[...]

Thank you.

Damian, can you please update the binary in Jitsi as I cannot clone the full
repo currently. Binary and source snapshot are available here:
https://drive.google.com/folderview?id=0BwiF7kZbHitaa2JkV1RrOWk0blk

Thanks,
Ingo