From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key; unprotected) header.d=irif.fr header.i=@irif.fr header.a=rsa-sha256 header.s=dkim-irif header.b=SbtedwyD Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id 16A0EB4F088 for ; Fri, 06 Jun 2025 13:44:04 +0200 (CEST) Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 556Bi3kB029968 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 6 Jun 2025 13:44:03 +0200 Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/82085) with ESMTP id 556Bi3f6008814 for ; Fri, 6 Jun 2025 13:44:03 +0200 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 9F350408BC for ; Fri, 6 Jun 2025 13:44:03 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=irif.fr; h= content-type:content-type:mime-version:user-agent:subject :subject:from:from:message-id:date:date:received:received; s= dkim-irif; t=1749210242; x=1750074243; bh=ZTpWps86o2nGEpkAQk2K1u Q2g8EFNnQ3ufTAhV1qqRA=; b=SbtedwyDNFh7N7YHU0NV/GmcoqI7VFU8tuQkX0 0x/AATyv+IzLscMgGDiwxcFUzMVbuX8Vop4hQovNPFczS5R8DeIXg8MD9H/31WJz cu/IJBCntNalCVf2Mrff+n0glCUX3WVIU+f/D9wmwoqIe98flwAxeFiDp/BDINFM HeHhytkWLDqbTVlHmtNWcw8IFAaBF7+zE2tlMP2QXmhb8xzhk64Hxqs8oTWy7uNk wdroy6xdCvAbDwrXC+fNfRtZBVFN8VutARWkAqNDxodj0pPR+P9JaRCKh88EybEY q1Nj1Be1qBftE30TQDM33MCnZCEx6aCFeXmglwOFKZwuPATw== X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id v2s06GnR6pUP for ; Fri, 6 Jun 2025 13:44:02 +0200 (CEST) Received: from pirx.irif.fr (unknown [89.64.69.113]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 5C7D14094E for ; Fri, 6 Jun 2025 13:44:02 +0200 (CEST) Date: Fri, 06 Jun 2025 13:44:01 +0200 Message-ID: <87tt4txfge.wl-jch@irif.fr> From: Juliusz Chroboczek To: galene@lists.galene.org User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/30.1 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Fri, 06 Jun 2025 13:44:03 +0200 (CEST) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Fri, 06 Jun 2025 13:44:03 +0200 (CEST) X-Miltered: at korolev with ID 6842D483.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-Miltered: at potemkin with ID 6842D483.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 6842D483.000 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/ X-j-chkmail-Enveloppe: 6842D483.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 6842D483.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Score: MSGID : 6842D483.000 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham X-j-chkmail-Status: Ham Message-ID-Hash: G3EWUAZMGGOMYVZFNKA2CGXWFZXHWHHC X-Message-ID-Hash: G3EWUAZMGGOMYVZFNKA2CGXWFZXHWHHC X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.10 Precedence: list Subject: [Galene] ANNOUNCE: galene-sip, a bridge between Galene and SIP List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Hi, I've just published a work-in-progress bridge between Galene and the SIP protocol. In short, it allows users to join a Galene discussion group just by making a phone call to a SIP provider. git clone https://github.com/jech/galene-sip This is a work in progress, and you might not find it usable in production yet. In particular, it has had very little testing, and I've omitted large parts of the SIP protocol. However, it appears to work fine with at least three SIP implementations (my self-hosted Asterisk, linphone.org, and OVH). The main issues with my SIP implementation are the following: - only server offers are supported (both server and client offers are mandatory in SIP, but I haven't yet found a server that didn't offer); - only SIP/UDP is supported (SIP/TCP is a mandatory part of the spec, and SIP/TLS is strongly recommended); - NAT traversal is fragmentary: I implement RFC 3581, but I don't do keepalives, and I don't do STUN; it turns out that this is good enough to work behind NAT, as long as the server does keepalives. SIP is a big, messy protocol (RFC 3261 is 268 pages long, but that doesn't even tell you how to find a SIP server, RFC 3263, how to behave behind NAT, RFC 5626, or to negotiate SDP, RFC 3262). For example, it takes me almost 80 lines of code to determine where to send the reply to a request (see the function "tweakVia" in sip.go). I've certainly gotten some things wrong, please let me know if you see issues. A note about privacy. SIP is an insecure protocol. While galene-sip won't leak your password, it is trivially easy to eavesdrop or to hijack a session. There are solutions (SIP/TLS and SRTP), but they are not implemented by the providers I've tested against. Please only use SIP for public meetings, and use a secure protocol (such as Galene's native protocol) for anything that's even remotely private. Please test, and let me know how it goes. -- Juliusz