[SR-Users] Re: Setting $du to websocket-secure

-----Original Message----- From: James Browne via sr-users <sr-users(a)lists.kamailio.org> Sent: Donnerstag, 29. August 2024 13:35 To: Kamailio (SER) - Users Mailing List <sr-users(a)lists.kamailio.org> Cc: James Browne <james(a)frideo.com> Subject: [SR-Users] Setting $du to websocket-secure How can I set the destination URI for an INVITE to be a websocket-secure destination? Is it possible? Summary I've a proxy with tcp_connection_match=1, but websocket URIs always have transport=ws (never transport=wss) in them, so relaying a call to a WSS connection always fails. I tested running kamailio 6.0.0-dev2 compiled from a commit made this week. This proxy server uses nathelper rather than outbound module. Detail We know that "transport=ws" is used for both WS and WSS. I've a proxy server that receives an INVITE for a WSS destination, and this proxy supports both WS and WSS. This proxy server must have core parameter tcp_connection_match=1 set, and this leads the t_relay() to fail. When an INVITE comes, these are the steps. - The URI is something like sip:user@anonymous.invalid;alias=198.51.100.10~52833~6;transport=ws. - First handle_ruri_alias() removes the alias (which has ~6 in it, for wss) and sets the $du to something like sip:198.51.100.10:52833;transport=ws. - Then loose_route_preloaded() processes the Route header fields and forces the outbound socket to the TLS websocket one. - Then t_relay() fails to relay the INVITE and responds with 477 or 500. If, however, there's a non-TLS websocket connection open to the proxy, the INVITE would be erroneously relayed over that (using the wrong kamailio-side TCP port). I can go deeper with testing if required. I wonder whether this is a bug. James __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: