Bug#843654: Use Debian pjproject and libsrtp

Tue Nov 8 17:29:28 UTC 2016

Hello,

gnutls.patch
============

> The biggest one gnutls.patch can be dropped, since packaged pjproject
> can dynamically link to a SSL library.

The core team would like to avoid depending on two SSL implementations.
Savoir-faire Linux supports the whole stack and all pjsip bumps are
tested extensively. This would require some investigation as we are not
sure that Ring would work correctly if pjsip linked against OpenSSL.

Also, Ring is not licensed with an OpenSSL exception. As far as I can
tell, this means that we couldn't link with OpenSSL:
- https://lists.debian.org/debian-legal/2002/10/msg00113.html
- https://www.gnu.org/licenses/license-list.en.html#OpenSSL

My interpretation of this is that it would not be legal to distribute a
version of Ring that links with a version of pjsip that links with
libssl, because the combined work uses all of those libraries.

The best case scenario would be that our GnuTLS patch gets merged and
that Debian links pjsip against GnuTLS.

Related link:
 -
http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/2014-May/017492.html

Would someone like to help us move this forward?

other patches
=============

Some of the other patches are absolutely necessary and are needed for
Ring to work. Some patches have already been forwarded to upstream but
require more work.

For example, multiple_listeners.patch works for our use case but would
need further work to be applicable to the whole library.

> endianness.patch

I'll mail ring devs about this because me and Guillaume Roguez couldn't
remember exactly what this was for.

> notestsapps.patch

This isn't really needed.

> ipv6.patch

This isn't really needed, depending on how pjsip is built in Debian.

> ice_config.patch

This is absolutely needed, but might not be wanted by upstream. In our
use case, we need many more ICE candidates than what is configured by
default.

> multiple_listeners.patch

I have talked with the author and we might be able to drop this one.
However, it wouldn't hurt to have it merged You can take a look at
upstream's review here:
 -
http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/2016-April/019197.html

This one needs much more work to be applicable to all use cases.

> pj_ice_sess.patch

This is a hack to allow us to add reflective candidates ourselves to the
ice transport. This may not be the right way to do it, but we absolutely
need the feature.

If you want to help move this bug forward, that would be patch to start
with.

> fix_turn_fallback.patch

I will submit this to upstream right now. PJSIP gives up the ice
initialization if the turn server does not respond/work properly.
However, we might still be able to make a call because the other
candidates could work. Some of it is already fixed in the master branch
but their solution is incomplete.

> fix_ioqueue_ipv6_sendto.patch

I am submitting it to upstream right now. There is a structure that does
not support IPV6 addresses yet. This causes an abort.

Cheers,

-- 
Alexandre Viau
aviau at debian.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 825 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20161108/93569967/attachment.sig>