[SR-Users] Fwd: enable only TLS transport on kamailio 4
Daniel-Constantin Mierla
miconda at gmail.com
Sun Jun 23 17:32:14 CEST 2013
Hello,
On 6/23/13 5:25 PM, johnc wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> I'll try and do it tonight or tomorrow night. To re-create the error I
> think you would have to drop:
>
> listen=tls:127.0.0.1:5061
>
> and add:
>
> listen=tls:192.168.0.1:5061
>
> or whatever your IP was. Adding:
>
> listen=tcp:127.0.0.1:5061 was the workaround.
I am listening on TLS not TCP, as you could see even in your text above.
The workaround is to listen to tcp indeed, but is not the case in what I
said.
Cheers,
Daniel
>
> Anyway, I will test this config and mine if necessary and supply trace.
>
> Thanks.
>
> Regards,
> John
>
>
> On 23/06/13 16:06, Daniel-Constantin Mierla wrote:
>> OpenPGP: *Parts of the message have NOT been signed or encrypted*
>>
>> Hello,
>>
>> open an issue on bug tracker so it is not forgotten - the ling is
>> on the right sidebar at kamailio.org
>>
>> Issue as known at some point I started to look at it with a simple
>> config (pasted below), but was no crashing, then I had no time to
>> get back to it. Attach the backtrace taken with gdb from coredump.
>>
>> Cheers, Daniel
>>
>> #!KAMAILIO
>>
>> debug=3 memdbg=5 memlog=5
>>
>> log_stderror=yes
>>
>> fork=yes children=2
>>
>> auto_aliases=no
>>
>> enable_tls=yes
>>
>> listen=tls:127.0.0.1:5061
>>
>> mpath="modules"
>>
>> loadmodule "mi_fifo.so" loadmodule "kex.so" loadmodule "pv.so"
>> loadmodule "xlog.so" loadmodule "tls.so"
>>
>> modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
>>
>> modparam("tls", "config", "../etc/tls.cfg")
>>
>> route { xlog("new request from $si\n"); }
>>
>> On 6/22/13 7:41 PM, johnc wrote:
>>
>> ********* *BEGIN ENCRYPTED or SIGNED PART* *********
>>
>> Sorted :-) either a regression or else this bug was never squashed
>> http://lists.kamailio.org/pipermail/sr-users/2012-November/075642.html
>>
>> I did the suggested work-around:
>>
>> added "listen=tcp:127.0.0.1:5061" to config
>>
>> Where do I fill out a bug report?
>>
>> -------- Original Message -------- Subject: [SR-Users] enable only
>> TLS transport on kamailio 4 Date: Sat, 22 Jun 2013 11:17:51 +0100
>> From: johnc <johnc at aktivix.org> Reply-To: Kamailio (SER) - Users
>> Mailing List <sr-users at lists.sip-router.org> To: sr >> "Kamailio
>> (SER) - Users Mailing List" <sr-users at lists.sip-router.org>
>>
>> Hi,
>>
>> I wish to enable only TLS transport listening on port 5061 for
>> domain xyz.com (say)
>>
>> What combination of the following do I need? alias= listen= port=
>>
>> Everything I've attempted so far has resulted in a segfault or
>> kamailio failing to start. My existing configuration works fine
>> for TLS if I don't try and disable any other transport.
>>
>> I am currently enforcing TLS via iptables as a crude hack. Any
>> help would be greatly appreciated.
>>
>> Many thanks.
>>
>> Regards, John
>>
>>
>> _______________________________________________ SIP Express Router
>> (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
>>
>> ********** *END ENCRYPTED or SIGNED PART* **********
>>
>> _______________________________________________ SIP Express Router
>> (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>>
>> iQIcBAEBAgAGBQJRxeHPAAoJELy1jPQ1KER7cRYQAMqxHhJs2nYE5uLarJf1BXy1
>> hTp4QccRO17ak4Mz9qXFf1oFDsgOwQ7eHM7aPgmQXblFRGyAoSp0qk5vx0gaiihc
>> SETs894BNNhNFchh+bJTpZLpFMzxoFs6ByoyAQhsq2I9RyA76Ol6QGIZmDWdTEq+
>> qwr7O4Ijot/hy9RctS1FZfNBSF+hVabwZOqFHST4DCbx3IRjXMp8Ux1GDTnl9Z3q
>> arUPnS+4CW/UQ8KIQ+6nTppWw9yPXhhIl+MENjBu8TXgiYPYrYm+BZrSa1fJfkXu
>> S7PR6Aj2Tnq6pUVnUljKvryMiSgiaUkndk4JH2XCmcVwUHCivY9SS1VDCrdF36i+
>> H1ooI6H+vcR68BeLg5pVAZAaGTPkt0H/okq6OiJyWC0lpPT3DZLPP2giIJCxcReb
>> DMSm3tYAaanOZRHoMErbwZ8xRcpM0I4UZ8/+YC0xmL3MniwStZR6aWYpxN7SzrK6
>> c/7aUaxv/K9M/uXkjcbsoTbB8StYLrMheiOCDidaUq6iU+1ZRzL0mDtBsjDA4mSr
>> eh27haj3s6ZJ2ET3thKc2tIBw1f4VxM+yV44Lh/EfH+9ovo2mG8Rh9prCN3SkJyZ
>> /P4vL5m0E4h/SPmUL+29SLZehgFvdV9X2O7t8n/JlbO1FKYtuTKMSzHDjwoM+KU2
>> 9MxyqXVLT+cqZCLXseCo =r2U6 -----END PGP SIGNATURE-----
>>
>> _______________________________________________ SIP Express Router
>> (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
>> -- Daniel-Constantin Mierla - http://www.asipto.com
>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>
>>
>> _______________________________________________ SIP Express Router
>> (SER) and Kamailio (OpenSER) - sr-users mailing list
>> sr-users at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.12 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBAgAGBQJRxxOFAAoJELy1jPQ1KER7oSAP/15AITmuSQlIwEb2cLt0N7p2
> 4upU/ubONRJgKUOMuUiJWdxMwX3Dh3BTPDUN1MvbrgM8J4rXWksFuj6RaBZfwnRP
> hzOKJBa6+RBJkx/v+F8WxbewM19blg9C7Ye5Y8HDNWmR1q55qT/zE77HvvhHBofa
> PuRRxujYm2FWKWUoqGACaqN6Tb6qIHMXnoiyQv/q2kebr/sWV8d10u9l1VLWOL8C
> M9MoNuBYtTVnTmx+aHIAgYqd0YT/G4vgXZnALZoN2NBzaiKxNY02aeEmmN9BlAhR
> U+cKLB9LXHUK/Wudk0Us0QArQYk5AI7rKjjwSthVf0ggKOhurldxbGpNB9e1eobk
> aSrGquREg2305lMmeg+vL1LeRr+q/Dun1ddlfNaRM4LhqaNPVuw5xrY7PbGht4gi
> DKJkyj+N9npBR4fox0bnXQNcRphyajo1dET5xtkfYi4YkkYs4nznvam0qKrUF3Hy
> VJzia6QEbPIRqEQAUc2doEFVmlCE5zdO/404O9aUZItd6l5XgsZXMFk5I6T2KgkP
> N/oeqQkXeyxJQgFUFt3Bj/uvhPxv4QxwsIU7ZtaQWOsxG75KYnVLI9C+xtDr+8FK
> YRSouBEp0B3o86l8ol302MtQ4TfpkrS1KvlhzzKofo+P7EXFEsfulVf2OnEHU/TG
> cQ5hXkYFPfFeItJGEPRC
> =oyYi
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
More information about the sr-users
mailing list