Hi Daniel, I have followed your instruction (I'm using kamailio 1.5) and before the t_relay("0x05") statement I've setted:
$du="sip:" + $rd + ";transport=tls";
but I get the following mesasge:
Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790] Request leaving server, *D_-URI='sip:garr.it;transport=tls'_* - M=INVITE RURI=sip:xxx@garr.it F=sip:yyyyy@sip.mydomqin.it:5066 T=sip:123456789@sip.mydomain.it:5066 Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: CRITICAL:core:mk_proxy: could not resolve hostname: "garr.it" Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:uri2proxy: bad host name in URI sip:garr.it;transport=tls Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:t_forward_nonack: failure to add branches
Therefore I would like to use information about TLS connection (tls port?) got from NAPTR record. Doesn't it possible with kamailio 1.5 ?
Many thanks,
Daniel
Il 08/07/2010 18.12, Matteo Campana ha scritto:
-------- Messaggio originale -------- Oggetto: Re: [SR-Users] Kamailio and NAPTR lookup with TLS Data: Thu, 08 Jul 2010 18:10:35 +0200 Mittente: Daniel-Constantin Mierla miconda@gmail.com A: matteo.campana@klarya.it CC: sr-users@lists.sip-router.org
Hello,
On 7/8/10 5:59 PM, Matteo Campana wrote:
Hi all, I'm using kamailio 1.5 with TLS module. I need to make ENUM query and get NAPTR record.
From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
I've try to set :
dns_tls_pref=1 dns_udp_pref=2 dns_tcp_pref=3
in the general section of kamailio.cfg, but I get a parse error.
these parameters were introduced in kamailio with version 3.0.
If you need TLS then it is recommended to use 3.0 anyhow, it is a far better implementation. That will make the life easier to migrate to upcoming 3.1 that will bring asynchronous TLS.
No matter what you have in R-URI, you can force TLS via setting outbound proxy address to be a TLS uri:
$du = "sip:__ip_or_host__;transport=tls"; t_relay();
The IP or host you can take from R-URI without any problem via PV $rd. Other option is to use function from tm - t_relay_to_tls():
http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
Cheers, Daniel
-- Daniel-Constantin Mierla http://www.asipto.com/
Am 14.07.2010 15:41, schrieb Matteo Campana:
Hi Daniel, I have followed your instruction (I'm using kamailio 1.5) and before the t_relay("0x05") statement I've setted:
$du="sip:" + $rd + ";transport=tls";
but I get the following mesasge:
Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790] Request leaving server,*D_-URI='sip:garr.it;transport=tls'_* - M=INVITE RURI=sip:xxx@garr.it F=sip:yyyyy@sip.mydomqin.it:5066 T=sip:123456789@sip.mydomain.it:5066 Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: CRITICAL:core:mk_proxy: could not resolve hostname: "garr.it" Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:uri2proxy: bad host name in URIsip:garr.it;transport=tls Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:t_forward_nonack: failure to add branches
The record for the TLS SRV record does not exist:
$ dig _sips._tcp.garr.it srv
; <<>> DiG 9.7.0-P1 <<>> _sip._tcp.garr.it srv ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63990
^^^^^^^^^^
Then Kamailio falls back to A records, but there is no A record for garr.it.
Conclusion: provision your DNS correctly, add SRV records.
regards Klaus
Therefore I would like to use information about TLS connection (tls port?) got from NAPTR record. Doesn't it possible with kamailio 1.5 ?
Many thanks,
Daniel
Il 08/07/2010 18.12, Matteo Campana ha scritto:
-------- Messaggio originale -------- Oggetto: Re: [SR-Users] Kamailio and NAPTR lookup with TLS Data: Thu, 08 Jul 2010 18:10:35 +0200 Mittente: Daniel-Constantin Mierla miconda@gmail.com A: matteo.campana@klarya.it CC: sr-users@lists.sip-router.org
Hello,
On 7/8/10 5:59 PM, Matteo Campana wrote:
Hi all, I'm using kamailio 1.5 with TLS module. I need to make ENUM query and get NAPTR record.
From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
I've try to set :
dns_tls_pref=1 dns_udp_pref=2 dns_tcp_pref=3
in the general section of kamailio.cfg, but I get a parse error.
these parameters were introduced in kamailio with version 3.0.
If you need TLS then it is recommended to use 3.0 anyhow, it is a far better implementation. That will make the life easier to migrate to upcoming 3.1 that will bring asynchronous TLS.
No matter what you have in R-URI, you can force TLS via setting outbound proxy address to be a TLS uri:
$du ="sip:__ip_or_host__;transport=tls"; t_relay();
The IP or host you can take from R-URI without any problem via PV $rd. Other option is to use function from tm - t_relay_to_tls():
http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
Cheers, Daniel
-- Daniel-Constantin Mierla http://www.asipto.com/
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-
Klaus Darilion -
Matteo Campana