[Free-RTC] Introduction and request for help

Derek LaHousse dlahouss at mtu.edu
Sat Sep 21 21:38:01 CEST 2013 

Bas,
Have you checked out WebRTC at all?  If you've got some of the latest
Firefox or Chrome (maybe others) builds, you can try apprtc.appspot.com
to meet your immediate goal.

Derek

On Sat, 2013-09-21 at 20:54 +0200, Bas Wijnen wrote:
> On Sat, Sep 21, 2013 at 10:25:44AM +0300, Emil Ivov wrote:
> > On 21 Sep 2013 02:22, "Bas Wijnen" <wijnen at debian.org> wrote:
> > 
> > > Jitsi (SIP and XMPP): Jitsi is written
> > > in Java, which seems to be a
> > > problem on its own.
> > 
> > Well, I am afraid there's no changing this, so if you have an aversion to
> > the language, you would simply need to use something else.
> 
> I didn't mean to suggest it should be changed.  I was just getting frustrated
> that nothing worked, and a program which throws errors before it even started
> isn't helping. ;-)
> 
> I'm guessing that it's tested using a different java than I have (I'm just
> guessing it doesn't throw these errors when the developers run it).  And that
> matters more than it should.
> 
> Also:
> 
> On Sat, Sep 21, 2013 at 09:44:30AM +0200, Daniel Pocock wrote:
> > Java can also be a good thing, as it means users on Linux, Mac and
> > Windows all get the same code and it is easier for the developers to
> > make sure that every release is interoperable across all platforms.
> > 
> > For communications software, interoperability is crucial and Java helps
> > with that.
> 
> Which is entirely true.  But it would be good if it would indeed work on all
> platforms.  Random crashes are extremely frustrating, especially after trying
> so many things for so long, to achieve something which really should be simple.
> 
> I mean, what is the big problem?  I have two computers I control.  I can
> connect() from one to the other and have a working network connection.  I have
> working audio and video hardware on both sides.  How hard can it be to set up a
> link to make us see and hear each other?
> 
> > Since upgrading to wheezy, I can't communicate reliably with Empathy.
> > This is a big no-no for any communications product, once people lose
> > faith in it, it is very hard to recover
> 
> In their favor, there aren't any working alternatives.  Which isn't a good
> thing, of course.
> 
> > Empathy is also hard coded to use Google's TURN server, it doesn't use
> > the free software TURN servers packaged in Debian.
> 
> I consider that a very serious problem.  Google is not exactly known for being
> good with privacy.
> 
> > > Empathy (SIP): SIP connections just don't work with masquerading, it seems.
> > > I've set up an asterisk server, which works as long as no masqueraded hosts are
> > > using it.  The masqueraded hosts can call the server, get automated answers,
> > > but cannot be connected to other users (which doesn't make much sense to me,
> > > because asterisk would pass on all the traffic, so I don't see the difference
> > > between an automated answer generated by asterisk itself and a real person
> > > answering).  Anyway, it didn't work well.  Also, Asterisk seems to have very
> > > limited support for video, but I didn't really get around to trying it out.
> > 
> > I don't know if they support ICE with SIP
> 
> Asterisk does; it just ignores the reported return address and uses
> getpeername() instead.  And it works, too; it's used when making a call to an
> auto-responder, and that works.
> 
> > > but it does seem to work.  Then again, it crashes at random times.  It seems I
> > > need to disable several settings to make sure it doesn't contact Google; I
> > 
> > Can you raise a bug against the package listing those things you had to
> > disable?
> 
> Sure, but perhaps I should first ask if I am right.  In my XMPP account
> settings, "Enable Google Contacts search" was on.  I originally also disabled
> "Use Google's Jingle" and "Use JingleNodes", but now I see it again, I suppose
> that's just technology designed by Google, not actually contacting their
> servers.  Or is it?
> 
> > > really don't like that.  As for how it works: so far it doesn't really (or at
> > > least not with the masquerated hosts), but perhaps I have to try harder.
> > 
> > Did you put in the TURN server settings?
> 
> I did, but on localhost it doesn't care (it works, even if the password is
> wrong; of course on localhost I don't need the TURN server anyway, but I had
> expected an error nonetheless) and from the masqueraded host it says the
> password is wrong even though it isn't.
> 
> > Make sure ejabberd works well for chat first
> > 
> > Make sure you have the SRV records, e.g. for pocock.com.au:
> > 
> > _xmpp-client._tcp       IN      SRV     5 0 5222 jabber.trendhosting.net.
> > _xmpp-server._tcp       IN      SRV     5 0 5269 jabber.trendhosting.net.
> 
> Wait, what?  Do I need to change my DNS records just to start a one-on-one
> video call with a computer that can already contact me?  I can do it; I happen
> to have control over my DNS, but I really wouldn't expect to need it.
> 
> > From Debian, you can use CaCert.org certificates and the clients will
> > trust them.
> 
> Yes, I'm using those already.  Unfortunately Ubuntu, Mac and Windows aren't
> accepting them. :-(
> 
> > Multi-domain and IPv6 are slightly tricky, let me know if you need
> > examples to make them work.  I also have it linked to LDAP.
> 
> No, I don't need anything complex, thanks.
> 
> > Skip Asterisk for now, it is overkill, and as you point out, no video.
> > 
> > It is very good for building a business phone system though
> 
> Yes, it looks like it, and it works well so far, except for NAT traversal.  And
> its documentation is fantastic (except that its focus is not where I needed it).
> 
> > The config files are fully commented with instructions, but that was
> > only done after the wheezy freeze began.
> > 
> > The release team have so far not approved further uploads
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=717420
> > 
> > but upstream and the package maintainer (myself) are quite happy to
> > upload those changes when authorised to do so.
> 
> While I understand your reasoning, the usual way in Debian is not to change
> anything once it is released, except for security and really urgent things
> (virus definition updates; timezone changes).  If you have a much better
> version of the package, it might be considered for the next point release, but
> not for stable itself.  The downside of this method is that stable is always
> outdated (you're left with the state when it was frozen).  The upside is that
> it means things are indeed really stable (new "fixes" often introduce new bugs
> as well).
> 
> Anyway, to get back on topic, all this doesn't matter for me, as I'm running
> the TURN server on unstable, so I have version 1.8.13-1.
> 
> I see you have uploaded 1.9.0~beta1-1 to experimental, at high urgency, with no
> information in the changelog why this was so urgent.  Is there a big difference
> with 1.8.13?  Why didn't you upload to unstable?
> 
> > You can view the commented version of the file here:
> > 
> > https://github.com/resiprocate/resiprocate/blob/master/reTurn/reTurnServer.config
> 
> The comments didn't make it to unstable, indeed.  Thanks.
> 
> > Note that trunk has slightly changed, the version in wheezy does not
> > recognise the option "UserDatabaseFile = users.txt" and you need to keep
> > using a single set of credentials for all users, by specifying something
> > like this in reTurnServer.config:
> > 
> > LongTermAuthUsername = test
> > LongTermAuthPassword = password
> 
> It seems to be the same in sid, looking at the config file?
> 
> > I've been getting more recent versions of packages into jessie and I am
> > very hopeful that with feedback from people like yourself we will be
> > able to fine tune them further to "just work" and jessie will make a big
> > impact in this space.
> 
> I would definitely like that.  My main goal would be that two people, where at
> least one of them is reachable on a public IP (which may not be the IP the host
> thinks it has), can make an encrypted video call by:
> - both installing a package
> - one person filling in the IP (and possibly the name) of the other person
> and nothing more.  They should not need to set up any server, and they
> certainly shouldn't need to edit DNS entries.
> 
> > Please put specific comments about the problems into the bug tracker,
> > that definitely helps us too.
> 
> I'll do that.
> 
> Thanks,
> Bas
> _______________________________________________
> Free-RTC mailing list
> Free-RTC at lists.fsfe.org
> https://lists.fsfe.org/mailman/listinfo/free-rtc

More information about the Free-RTC mailing list