[SR-Users] Kamailio and NAPTR lookup with TLS

[Daniel-Constantin Mierla]

On 7/8/10 6:44 PM, Klaus Darilion wrote:
>
>
> Am 08.07.2010 18:10, schrieb Daniel-Constantin Mierla:
>> Hello,
>>
>> On 7/8/10 5:59 PM, Matteo Campana wrote:
>>>
>>> Hi all,
>>> I'm using kamailio 1.5 with TLS module.
>>> I need to make ENUM query and get NAPTR record.
>>> > From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
>>>
>>> How can I tell Kamailio to use TLS protocol ( instead of udp) after
>>> NAPTR lookup ?
>>>
>>> I've try to set :
>>>
>>> dns_tls_pref=1
>>> dns_udp_pref=2
>>> dns_tcp_pref=3
>>>
>>> in the general section of kamailio.cfg, but I get a parse error.
>>>
>> these parameters were introduced in kamailio with version 3.0.
>>
>> If you need TLS then it is recommended to use 3.0 anyhow, it is a far
>> better implementation. That will make the life easier to migrate to
>> upcoming 3.1 that will bring asynchronous TLS.
>>
>> No matter what you have in R-URI, you can force TLS via setting outbound
>> proxy address to be a TLS uri:
>>
>> $du = "sip:__ip_or_host__;transport=tls";
>> t_relay();
>
> IIRC we do have NAPTR support in Kamailio 1.5 - don't we?

yes, it is. My observation was about tls, which has a better 
architecture in 3.0 and is the version to be improved for 3.1.

The example I gave above is valid in both versions: 1.5 and 3.0

Cheers,
Daniel


>
> Then I think it should work when putting a domain into $du and makeing 
> sure that there is no transport parameter, no port, and NAPTR TLS 
> record has highest priority.
>
> regards
> klaus
>
>>
>> The IP or host you can take from R-URI without any problem via PV $rd.
>> Other option is to use function from tm - t_relay_to_tls():
>>
>> http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
>>
>> Cheers,
>> Daniel
>>

-- 
Daniel-Constantin Mierla
http://www.asipto.com/