[SR-Users] Fwd: Re: Fwd: Re: Kamailio and NAPTR lookup with TLS
Klaus Darilion
klaus.mailinglists at pernau.at
Wed Jul 14 15:54:56 CEST 2010
Am 14.07.2010 15:41, schrieb Matteo Campana:
> Hi Daniel,
> I have followed your instruction (I'm using kamailio 1.5) and before the
> t_relay("0x05") statement I've setted:
>
> $du="sip:" + $rd + ";transport=tls";
>
> but I get the following mesasge:
>
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790] Request leaving server,*D_-URI='sip:garr.it;transport=tls'_* - M=INVITE RURI=sip:xxx at garr.it
> F=sip:yyyyy at sip.mydomqin.it:5066 T=sip:123456789 at sip.mydomain.it:5066
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: CRITICAL:core:mk_proxy: could not resolve hostname: "garr.it"
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:uri2proxy: bad host name in URI<sip:garr.it;transport=tls>
> Jul 14 15:17:55 OVSIPP /usr/local/sbin/kamailio[7790]: ERROR:tm:t_forward_nonack: failure to add branches
The record for the TLS SRV record does not exist:
$ dig _sips._tcp.garr.it srv
; <<>> DiG 9.7.0-P1 <<>> _sip._tcp.garr.it srv
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63990
^^^^^^^^^^
Then Kamailio falls back to A records, but there is no A record for garr.it.
Conclusion: provision your DNS correctly, add SRV records.
regards
Klaus
>
>
>
> Therefore I would like to use information about TLS connection (tls
> port?) got from NAPTR record.
> Doesn't it possible with kamailio 1.5 ?
>
> Many thanks,
>
> Daniel
>
>
>
> Il 08/07/2010 18.12, Matteo Campana ha scritto:
>>
>>
>> -------- Messaggio originale --------
>> Oggetto: Re: [SR-Users] Kamailio and NAPTR lookup with TLS
>> Data: Thu, 08 Jul 2010 18:10:35 +0200
>> Mittente: Daniel-Constantin Mierla <miconda at gmail.com>
>> A: matteo.campana at klarya.it
>> CC: sr-users at lists.sip-router.org
>>
>>
>>
>> Hello,
>>
>> On 7/8/10 5:59 PM, Matteo Campana wrote:
>> >
>> > Hi all,
>> > I'm using kamailio 1.5 with TLS module.
>> > I need to make ENUM query and get NAPTR record.
>> > > From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
>> >
>> > How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
>> >
>> > I've try to set :
>> >
>> > dns_tls_pref=1
>> > dns_udp_pref=2
>> > dns_tcp_pref=3
>> >
>> > in the general section of kamailio.cfg, but I get a parse error.
>> >
>> >
>> these parameters were introduced in kamailio with version 3.0.
>>
>> If you need TLS then it is recommended to use 3.0 anyhow, it is a far
>> better implementation. That will make the life easier to migrate to
>> upcoming 3.1 that will bring asynchronous TLS.
>>
>> No matter what you have in R-URI, you can force TLS via setting outbound
>> proxy address to be a TLS uri:
>>
>> $du ="sip:__ip_or_host__;transport=tls";
>> t_relay();
>>
>> The IP or host you can take from R-URI without any problem via PV $rd.
>> Other option is to use function from tm - t_relay_to_tls():
>>
>> http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
>>
>> Cheers,
>> Daniel
>>
>> --
>> Daniel-Constantin Mierla
>> http://www.asipto.com/
>>
>>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
sdfgsdgsdfgsdgsdg
More information about the sr-users
mailing list