[Kamailio-Users] Problem with secure TLS call

Hemanshu Patel hemanshu.patel at saicare.com
Sat Mar 27 07:07:00 CET 2010 

With TLS it still is not working

Mar 27 11:39:16 [4421] INFO:core:probe_max_receive_buffer: using a UDP receive buffer of 255 kb
Mar 27 11:39:16 [4425] WARNING:usrloc:dbrow2info: non-local socket <tcp:172.16.16.218:5091>...ignoring
Mar 27 11:39:18 [4431] INFO:core:tls_accept: client did not present a certificate
Mar 27 11:39:55 [4432] INFO:core:tls_accept: client did not present a certificate
Mar 27 11:40:01 [4431] ERROR:rr:w_record_route: Double attempt to record-route
Mar 27 11:40:01 [4426] ERROR:core:tls_connect: SSL_ERROR_SYSCALL err=Connection reset by peer(104)
Mar 27 11:40:01 [4426] ERROR:core:tls_connect: something wrong in SSL: 5 (ret=-1) err=Connection reset by peer(104)
Mar 27 11:40:01 [4426] ERROR:core:tcp_send: failed to send
Mar 27 11:40:01 [4426] ERROR:core:msg_send: tcp_send failed
Mar 27 11:40:01 [4425] WARNING:core:run_actions: null action list (rec_level=1)


my doubt is that if somethings wrong with SSL certificates that i created myself (i.e my own root CA, and self signed certificates), then how come registration is working like charm?
if there is some problem with Certificates then registration should also not  work.
am i right?

----

Regards,

Hemanshu Patel
Sr. Software Engg
SIS,Ahmedabad
Mo:09601295238


On Sat 27/03/10  9:50 AM , "Hemanshu Patel" <hemanshu.patel at saicare.com> wrote:

> I havent tested over TCP, let me check it
> but hardphone, i mean hardware based phones from grandstream gvx3140
> works
> fine with same implementation on TLS.
> -- 
> Regards,
> Hemanshu Patel
> M: 09601295238
> > Does eyebeam with SIP over TCP is working?
> >
> > Am 26.03.2010 13:43, schrieb Hemanshu Patel:
> >>
> >> i am still having this problem.
> >> when i use two grandstream phone everything works fine,
> >> i can make calls on TLS and users can talk to each other.
> >>
> >> But when i use two eyebream phone, it doesnt work, gives
> following error
> >>
> >> :33 [2875] WARNING:core:init_ssl_ctx_behavior: server
> verification NOT
> >> activated. Weaker security.
> >> [ panreg-tls]$
> >> [ panreg-tls]$
> >> [ panreg-tls]$ Mar 26 18:11:59 [2889]
> >> ERROR:rr:w_record_route: Double attempt to record-route
> >> Mar 26 18:12:09 [2884] ERROR:core:tcp_blocking_connect: timeout
> 10 s
> >> elapsed from 10 s
> >> Mar 26 18:12:09 [2884] ERROR:core:tcpconn_connect:
> tcp_blocking_connect
> >> failed
> >> Mar 26 18:12:09 [2884] ERROR:core:tcp_send: connect failed
> >> Mar 26 18:12:09 [2884] ERROR:core:msg_send: tcp_send failed
> >> Mar 26 18:12:10 [2883] ERROR:core:tcp_blocking_connect: timeout
> 10 s
> >> elapsed from 10 s
> >> Mar 26 18:12:10 [2883] ERROR:core:tcpconn_connect:
> tcp_blocking_connect
> >> failed
> >> Mar 26 18:12:10 [2883] ERROR:core:tcp_send: connect failed
> >> Mar 26 18:12:10 [2883] ERROR:core:msg_send: tcp_send failed
> >> Mar 26 18:12:10 [2883] WARNING:core:run_actions: null action list
> >> (rec_level=1)
> >> Mar 26 18:12:11 [2881] ERROR:core:tcp_blocking_connect: timeout
> 10 s
> >> elapsed from 10 s
> >> Mar 26 18:12:11 [2881] ERROR:core:tcpconn_connect:
> tcp_blocking_connect
> >> failed
> >> Mar 26 18:12:11 [2881] ERROR:core:tcp_send: connect failed
> >> Mar 26 18:12:11 [2881] ERROR:core:msg_send: tcp_send failed
> >> Mar 26 18:12:13 [2882] ERROR:core:tcp_blocking_connect: timeout
> 10 s
> >> elapsed from 10 s
> >> Mar 26 18:12:13 [2882] ERROR:core:tcpconn_connect:
> tcp_blocking_connect
> >> failed
> >> Mar 26 18:12:13 [2882] ERROR:core:tcp_send: connect failed
> >> Mar 26 18:12:13 [2882] ERROR:core:msg_send: tcp_send failed
> >> Mar 26 18:12:19 [2884] ERROR:core:tcp_blocking_connect: timeout
> 10 s
> >> elapsed from 10 s
> >> Mar 26 18:12:19 [2884] ERROR:core:tcpconn_connect:
> tcp_blocking_connect
> >> failed
> >> Mar 26 18:12:19 [2884] ERROR:core:tcp_send: connect failed
> >> Mar 26 18:12:19 [2884] ERROR:core:msg_send: tcp_send failed
> >>
> >>
> >>
> >> Any idea? Same configuration works with grandstream, while they
> cant in
> >> softphone? and gives 477 errot code.
> >>
> >> my asterisk log is as below:
> >>
> >> 26 18:08:09] WARNING[2833]: chan_sip.c:1648 setup_crypto:
> Hemanshu:
> >> local_key641 jhbAJ7jFE1p/Ngn4kVxy7qTTmkJpeBiN6W98+gmM len 40
> >>      -- Called kamailio/1003
> >>      -- Got SIP response 477 "Send failed (477/SL)" back from
> >> 172.16.16.218
> >>      -- No one is available to answer at this time (1:0/0/0)
> >>      -- Executing [_default:4] Hangup("SIP/5091-8c001430", "")
> >> in
> >> new stack
> >>    == Spawn extension (hemu_default, 1003, 4) exited non-zero on
> >> 'SIP/5091-8c001430'
> >>         >  ::Disconnected form Oracle, trying to connect again..
> >>         >  ::Tried a lot, not getting connected..
> >>      -- Got SIP response 477 "Send failed (477/SL)" back from
> >> 172.16.16.218
> >>
> >>
> >> Any idea what could be the problem?
> >>
> >
> _______________________________________________
> Kamailio (OpenSER) - Users mailing list
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
> 
> 
---- SIS Blade Server, Desktop & Thin Client is now available on DGS & D rate contract. For more detail kindly visit our website http://www.saicare.com

More information about the sr-users mailing list