sergey-safarov created an issue (kamailio/kamailio#4315)

Description

Use case WebRTC client connected to Kaamilio Edge proxy.

For network connectivity reasons, the flow token may no longer be valid. In this case, behavior should be described in the RFC5626, 5.3.1 Processing Incoming Requests

If the flow no longer exists, the proxy SHOULD send a 430 (Flow Failed) response to the request.

Also 9.3 Incoming Call and Proxy Crash

Bob's authoritative proxy first tries the flow to EP1, but EP1 no longer has a flow to Bob, so it responds with a 430 (Flow Failed) response.

To get it working, it will be fine to use construction like

if (!loose_route()) {
	switch($rc) {
	case -4:
		sl_send_reply("403", "Flow Failed");
		exit;
	case -2:
		sl_send_reply("403", "Forbidden");
		exit;
	default:
		xlog("L_ERR", "in request_route\n");
		sl_reply_error();
		exit;
	}
}

Where loose_route returns a new error code (-4 for example). This error code is generated when the flow token points to not existing TCP/TLS/WSS connection.

Expected behavior

Kamailio loose_route allows the check of flow token validity before messages related via non-existent TCP/TLS/WSS connections.

Actual observed behavior

For now, Kamailio tries to relay messages to non-existent client connections and generate an error message like

477 Unfortunately error on sending to next hop occurred (477/TM)
500 Message processing error (2/TM)

How to reproduce

Required to start Kamailio with a config like

listen=udp:127.0.0.1:5060
listen=tcp:127.0.0.1:5060

loadmodule "pv.so"
loadmodule "xlog.so"
loadmodule "sl.so"
loadmodule "tm.so"
loadmodule "siputils.so"
loadmodule "rr.so"

loadmodule "stun.so"
loadmodule "outbound.so"
modparam("outbound", "force_outbound_flag", 1)
modparam("outbound", "flow_token_secret", "kamailio")

loadmodule "debugger.so"
modparam("debugger", "cfgtrace", 1)
modparam("debugger", "log_level_name", "exec")

request_route {
	loose_route();
	switch($rc) {
	case -3:
		xlog("L_ERR", "loose_route code -3\n");
		break;
	case -2:
		xlog("L_ERR", "loose_route code -2\n");
		break;
	case -1:
		xlog("L_ERR", "loose_route code -1\n");
		break;
	case 1:
		xlog("L_ERR", "loose_route code 1\n");
		break;
	case 2:
		xlog("L_ERR", "loose_route code 2\n");
		break;
	}
	record_route();

	if (has_totag()) {
		t_relay();
	} else {
		t_relay_to_udp("127.0.0.1", "5080");
	}
}

Then need to start SIPp server script using the command

sipp -sf uas.xml -p 5080 -d 4000 -bind_local 127.0.0.1

And then start SIPp client script using the command

sipp -sf uac.xml -m 1 -t t1 127.0.0.1

Where uac.xml and uas.xml are attached

sipp-scripts.tar.gz

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <kamailio/kamailio/issues/4315@github.com>