[sr-dev] TLS: Sip-Routers adds a Record-Route with "sip" scheme rather than "sips"
Iñaki Baz Castillo
ibc at aliax.net
Wed Jul 6 14:03:43 CEST 2011
2011/7/6 Olle E. Johansson <oej at edvina.net>:
>> 2011/7/6 Olle E. Johansson <oej at edvina.net>:
>>> So what does Kamailio say if I have SIPS target URI and my NAPTR doesn't have any entries for TLS?
>>
>> Based on RFC 3263 (which I've studied recently in deep) Kamailio
>> should discard NAPTR records whose "service" field has not SIPS+XXX.
>> So at the end it's like if there are not NAPTR records.
>> Then it should perform _sips._tcp SRV for the RURI domain. If there
>> is, use its records.
>> If not, the perform A/AAAA DNS resolution for the RURI domain and
>> choose port 5061 (default por TLS).
>>
> And what's the response code if there's no target found?
I asked fot this in sip.implementors. It would be the very same as if
the domain does not exist (A record) which also is unclear which
response deservers. Some people suggested 404, others 604...
As I hate 6XX responses I would generate a 404.
But in case the domain exists but does not listen TLS connections,
then again it's not defined which exact response code to return by the
proxy. Kamailio uses 478 custom response (maybe it's other code). Note
however that due to a limitation in TCP/TLS async mode [*] Kamailio
returns 408 after fr_timer.
[*] http://sip-router.org/tracker/index.php?do=details&task_id=136
--
Iñaki Baz Castillo
<ibc at aliax.net>
More information about the sr-dev
mailing list