From jaflong@yandex.com Wed Mar 19 13:26:51 2014
From: jaflong jaflong <jaflong@yandex.com>
To: sr-users@lists.kamailio.org
Subject: [SR-Users] TLS websocket problem
Date: Wed, 19 Mar 2014 16:26:44 +0400
Message-ID: <2696541395232004@web27g.yandex.ru>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2108486074=="

--===============2108486074==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable


Hi List,

Any suggestions on why I am getting the following issues.

I can get a successful tls connection when I connect with http

Tested by having this in kamailio.cfg

event_route[xhttp:request] {
    set_reply_close();
    set_reply_no_connect();

    xhttp_reply("200", "OK", "text/html","<html><body>Received HTTP request t=
o $hu from [$si:$sp] with protocol $proto</body></html>");
    xlog("L_INFO", "HTTP Request Received\n");

    ......

Going to https://10.1.2.3:6443 gives this=20
Received HTTP request to / from [10.1.1.1:58179] with protocol tls

This seems ok so far.


However problems are encounter when trying to connect by WSS.
It appears to not accept wss connections.
Any ideas please


JSSIP settings

var configuration =3D {
        'ws_servers': 'wss://10.1.2.3:6443/ws',
        'uri': 'sip:webrtc(a)10.1.2.3',                =20
        'stun_servers': '10.1.2.3',
        'turn_servers': null,
        'register': true,
        'password': 'webrtc'

	......


Browser Console log

JsSIP | UA | configuration parameters after validation: jssip-0.3.0.min.js:11
=C2=B7 via_host: "m3lmqpohnnin.invalid" jssip-0.3.0.min.js:11
=C2=B7 password: "webrtc" jssip-0.3.0.min.js:11
=C2=B7 register_expires: 600 jssip-0.3.0.min.js:11
=C2=B7 register_min_expires: 120 jssip-0.3.0.min.js:11
=C2=B7 register: true jssip-0.3.0.min.js:11
=C2=B7 registrar_server: sip:10.1.2.3 jssip-0.3.0.min.js:11
=C2=B7 ws_server_max_reconnection: 3 jssip-0.3.0.min.js:11
=C2=B7 ws_server_reconnection_timeout: 4 jssip-0.3.0.min.js:11
=C2=B7 connection_recovery_min_interval: 2 jssip-0.3.0.min.js:11
=C2=B7 connection_recovery_max_interval: 30 jssip-0.3.0.min.js:11
=C2=B7 use_preloaded_route: false jssip-0.3.0.min.js:11
=C2=B7 no_answer_timeout: 60000 jssip-0.3.0.min.js:11
=C2=B7 stun_servers: ["stun:10.1.2.3"] jssip-0.3.0.min.js:11
=C2=B7 turn_servers: [] jssip-0.3.0.min.js:11
=C2=B7 trace_sip: false jssip-0.3.0.min.js:11
=C2=B7 hack_via_tcp: false jssip-0.3.0.min.js:11
=C2=B7 hack_ip_in_contact: false jssip-0.3.0.min.js:11
=C2=B7 uri: sip:webrtc(a)10.1.2.3 jssip-0.3.0.min.js:11
=C2=B7 ws_servers: [{"ws_uri":"wss://10.1.2.3:6443/ws","sip_uri":"<sip:10.1.2=
.3:6443;transport=3Dws;lr>","weight":0,"status":0,"scheme":"WSS"}] jssip-0.3.=
0.min.js:11
=C2=B7 instance_id: "5d2898f4-af42-41cf-865b-848d2ba9a3f2" jssip-0.3.0.min.js=
:11
=C2=B7 jssip_id: "fagpa" jssip-0.3.0.min.js:11
=C2=B7 hostport_params: "10.1.2.3" jssip-0.3.0.min.js:11
=C2=B7 authorization_user: "webrtc" jssip-0.3.0.min.js:11
JsSIP | EVENT EMITTER | adding event newMessage jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event newRTCSession jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event registrationFailed jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event unregistered jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event registered jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event disconnected jssip-0.3.0.min.js:9
JsSIP | EVENT EMITTER | adding event connected jssip-0.3.0.min.js:9
JsSIP | UA | user requested startup... jssip-0.3.0.min.js:10
JsSIP | TRANSPORT | connecting to WebSocket wss:/10.1.2.3:6443/ws jssip-0.3.0=
.min.js:9
s {cache: Object, configuration: Object, dialogs: Object, registrator: null, =
applicants: Object=E2=80=A6}
 call.html:62
JsSIP | EVENT EMITTER | new listener added to event registered jssip-0.3.0.mi=
n.js:9
JsSIP | EVENT EMITTER | new listener added to event registrationFailed jssip-=
0.3.0.min.js:9
JsSIP | EVENT EMITTER | new listener added to event newRTCSession jssip-0.3.0=
.min.js:9
JsSIP | TRANSPORT | WebSocket connection error: [object Event] jssip-0.3.0.mi=
n.js:9
JsSIP | TRANSPORT | WebSocket disconnected (code: 1006) jssip-0.3.0.min.js:9
JsSIP | TRANSPORT | WebSocket abrupt disconnection jssip-0.3.0.min.js:9
JsSIP | UA | transport wss://10.1.2.3:6443/ws failed | connection state set t=
o 2 jssip-0.3.0.min.js:11
JsSIP | EVENT EMITTER | emitting event disconnected jssip-0.3.0.min.js:9
JsSIP | UA | next connection attempt in 2 seconds=20




Kamailio


[server:default]
method =3D TLSv1
verify_certificate =3D no
require_certificate =3D no
private_key =3D /usr/local/etc/kamailio/kamailio-selfsigned.key
certificate =3D /usr/local/etc/kamailio/kamailio-selfsigned.pem


DEBUG: <core> [ip_addr.c:243]: print_ip(): tcpconn_new: new tcp connection: 1=
0.1.1.1
14(17989) DEBUG: <core> [tcp_main.c:1096]: tcpconn_new(): tcpconn_new: on por=
t 50261, type 3
14(17989) DEBUG: <core> [tcp_main.c:1408]: tcpconn_add(): tcpconn_add: hashes=
: 1825:534:2831, 39
14(17989) DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x=
89af40, 25, 2, 0x7f42527a75b8), fd_no=3D19
14(17989) DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0=
x89af40, 25, -1, 0x0) fd_no=3D20 called
14(17989) DEBUG: <core> [tcp_main.c:4302]: handle_tcpconn_ev(): tcp: DBG: sen=
ding to child, events 1
14(17989) DEBUG: <core> [tcp_main.c:3973]: send2child(): selected tcp worker =
2 12(17987) for activity on [tls:10.1.2.3:6443], 0x7f42527a75b8
12(17987) DEBUG: <core> [tcp_read.c:1510]: handle_io(): received n=3D8 con=3D=
0x7f42527a75b8, fd=3D5
12(17987) DEBUG: tls [tls_server.c:178]: tls_complete_init(): Using TLS domai=
n TLSs<default>
12(17987) DEBUG: tls [tls_domain.c:609]: sr_ssl_ctx_info_callback(): SSL hand=
shake started
12(17987) DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sendi=
ng...
12(17987) DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after=
 real write: c=3D 0x7f42527a75b8 n=3D1099 fd=3D5
12(17987) DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=3D
=16=03=01
12(17987) DEBUG: <core> [io_wait.h:390]: io_watch_add(): DBG: io_watch_add(0x=
8df1e0, 5, 2, 0x7f42527a75b8), fd_no=3D1
12(17987) DEBUG: tls [tls_domain.c:621]: sr_ssl_ctx_info_callback(): SSL hand=
shake done
12(17987) DEBUG: tls [tls_domain.c:624]: sr_ssl_ctx_info_callback(): SSL disa=
ble renegotiation
12(17987) DEBUG: tls [tls_server.c:348]: tls_accept(): TLS accept successful
12(17987) DEBUG: tls [tls_server.c:355]: tls_accept(): tls_accept: new connec=
tion from 10.1.1.1:50261 using TLSv1/SSLv3 AES256-SHA 256
12(17987) DEBUG: tls [tls_server.c:358]: tls_accept(): tls_accept: local sock=
et: 10.1.2.3:6443
12(17987) DEBUG: tls [tls_server.c:369]: tls_accept(): tls_accept: client did=
 not present a certificate
12(17987) DEBUG: <core> [tcp_main.c:2556]: tcpconn_do_send(): tcp_send: sendi=
ng...
12(17987) DEBUG: <core> [tcp_main.c:2590]: tcpconn_do_send(): tcp_send: after=
 real write: c=3D 0x7f42527a75b8 n=3D250 fd=3D5
12(17987) DEBUG: <core> [tcp_main.c:2591]: tcpconn_do_send(): tcp_send: buf=3D
=16=03=01
12(17987) DEBUG: <core> [tcp_read.c:296]: tcp_read_data(): EOF on 0x7f42527a7=
5b8, FD 5
12(17987) DEBUG: <core> [tcp_read.c:1293]: tcp_read_req(): tcp_read_req: EOF
12(17987) DEBUG: <core> [io_wait.h:617]: io_watch_del(): DBG: io_watch_del (0=
x8df1e0, 5, -1, 0x10) fd_no=3D2 called
12(17987) DEBUG: <core> [tcp_read.c:1437]: release_tcpconn(): releasing con 0=
x7f42527a75b8, state -1, fd=3D5, id=3D39
12(17987) DEBUG: <core> [tcp_read.c:1438]: release_tcpconn():  extra_data 0x7=
f4252793e90
14(17989) DEBUG: <core> [tcp_main.c:3385]: handle_tcp_child(): handle_tcp_chi=
ld: reader response=3D 7f42527a75b8, -1 from 2=20
14(17989) DEBUG: tls [tls_server.c:597]: tls_h_close(): Closing SSL connectio=
n 0x7f4252793e90


--===============2108486074==--