[SR-Users] Fwd: Re: Fwd: Re: Kamailio and NAPTR lookup with TLS

Klaus Darilion klaus.mailinglists at pernau.at
Wed Jul 14 15:54:56 CEST 2010 


Am 14.07.2010 15:41, schrieb Matteo Campana:
>   Hi Daniel,
> I have followed your instruction (I'm using kamailio 1.5) and before the
> t_relay("0x05") statement I've setted:
>
> $du="sip:" + $rd + ";transport=tls";
>
> but I get the following mesasge:
>
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790] Request leaving server,*D_-URI='sip:garr.it;transport=tls'_*  - M=INVITE RURI=sip:xxx at garr.it
> F=sip:yyyyy at sip.mydomqin.it:5066  T=sip:123456789 at sip.mydomain.it:5066
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: CRITICAL:core:mk_proxy: could not resolve hostname: "garr.it"
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:uri2proxy: bad host name in URI<sip:garr.it;transport=tls>
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:t_forward_nonack: failure to add branches

The record for the TLS SRV record does not exist:

$ dig _sips._tcp.garr.it srv

; <<>> DiG 9.7.0-P1 <<>> _sip._tcp.garr.it srv
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63990

                                       ^^^^^^^^^^

Then Kamailio falls back to A records, but there is no A record for garr.it.

Conclusion: provision your DNS correctly, add SRV records.

regards
Klaus


>
>
>
> Therefore I would like to use information about TLS connection (tls
> port?) got from NAPTR record.
> Doesn't it possible with kamailio 1.5 ?
>
> Many thanks,
>
> Daniel
>
>
>
> Il 08/07/2010 18.12, Matteo Campana ha scritto:
>>
>>
>> -------- Messaggio originale --------
>> Oggetto: 	Re: [SR-Users] Kamailio and NAPTR lookup with TLS
>> Data: 	Thu, 08 Jul 2010 18:10:35 +0200
>> Mittente: 	Daniel-Constantin Mierla <miconda at gmail.com>
>> A: 	matteo.campana at klarya.it
>> CC: 	sr-users at lists.sip-router.org
>>
>>
>>
>> Hello,
>>
>> On 7/8/10 5:59 PM, Matteo Campana wrote:
>> >
>> >  Hi all,
>> >  I'm using kamailio 1.5 with TLS module.
>> >  I need to make ENUM query and get NAPTR record.
>> >  >   From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
>> >
>> >  How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
>> >
>> >  I've try to set :
>> >
>> >  dns_tls_pref=1
>> >  dns_udp_pref=2
>> >  dns_tcp_pref=3
>> >
>> >  in the general section of kamailio.cfg, but I get a parse error.
>> >
>> >
>> these parameters were introduced in kamailio with version 3.0.
>>
>> If you need TLS then it is recommended to use 3.0 anyhow, it is a far
>> better implementation. That will make the life easier to migrate to
>> upcoming 3.1 that will bring asynchronous TLS.
>>
>> No matter what you have in R-URI, you can force TLS via setting outbound
>> proxy address to be a TLS uri:
>>
>> $du ="sip:__ip_or_host__;transport=tls";
>> t_relay();
>>
>> The IP or host you can take from R-URI without any problem via PV $rd.
>> Other option is to use function from tm - t_relay_to_tls():
>>
>> http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
>>
>> Cheers,
>> Daniel
>>
>> --
>> Daniel-Constantin Mierla
>> http://www.asipto.com/
>>
>>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
sdfgsdgsdfgsdgsdg

More information about the sr-users mailing list