[Kamailio-Users] Fwd: TLS Multiple records not read

Klaus Darilion klaus.mailinglists at pernau.at
Mon Jan 25 09:43:49 CET 2010


Hi Jijo!

- Next time, please do not send a screenshot, but the pcap file (if it 
would contain private data, send it privately)

- the screenshot shows the first message, but more interesting is the 
second message

- which version of Kamailio do you use (kamailio -V)? You mentioned that 
you compared the codebase between 1.4 and 1.1 - why? Doesn't 1.1 show 
this behavior?

regards
Klaus

Jijo Jose schrieb:
> 
> Thanks for the response.
>  
> The SIP server is reading only the first record(first sip message), the 
> _tls_read() function's log shows the length of first sip message which 
> is matching with length of first record in wireshark.. This means 
> SSL_read returns only the first record.
> I did the test using TCP which is working fine as it is reading two sip 
> messages on a single read.
>  
> Please find the log and attached print screen of wireshark traces.
>  
> 
> Jan 22 20:41:37 REGS-1a0240 openser[936]: io_wait_loop_sigio_rt: 
> siginfo: signal=35 (35), si_code=1, si_band=0x41, si_fd=37
> Jan 22 20:41:37 REGS-1a0240 openser[936]: TCPCONN: handle_io:  fd map 
> 0x1011d73c (37): {37, 2, 0x30294da0}
> Jan 22 20:41:37 REGS-1a0240 openser[936]: tls_update_fd: New fd is 37
> Jan 22 20:41:37 REGS-1a0240 openser[936]: _tls_read: 559 bytes read
> Jan 22 20:41:37 REGS-1a0240 openser[936]: read= 559 bytes, parsed=559, 
> state=4, error=1
> Jan 22 20:41:37 REGS-1a0240 openser[936]: tcp_read_req: last char=0x0A, 
> parsed msg= BYE sip:551138175007 at 21.21.81.11:6061;transport=tls 
> SIP/2.0^M To: SIP5007_TLS_SIMPLEX  <sip:551138175007 at 41.41.0.230 
> <mailto:sip%3A551138175007 at 41.41.0.230>>;tag=91c2c894c0^M From: 
> <sip:551138175008 at 41.41.0.230:5061;transport=tls>;tag=snl_G84KdX4MLT^M 
> Call-ID: 0ad3e453326a4160^M CSeq: 1 BYE^M Route: 
> <sip:21.21.27.10:5061;transport=tls;ftag=91c2c894c0;lr=on>^M Via: 
> SIP/2.0/TLS 
> 41.41.0.230:5061;branch=z9hG4bK_brancha_41.41.0.230_KonTU5DMPx^M 
> Accept-Language: en;q=0.0^M Allow: REGISTER, INVITE, ACK, BYE, CANCEL, 
> NOTIFY, REFER^M Date: Fri, 22 Jan 2010 20:41:36 GMT ^M Max-Forwards: 
> 69^M Content-Length: 0^M ^M 
> Jan 22 20:41:37 REGS-1a0240 openser[936]: tcp_read_req: end of header part
> Jan 22 20:41:37 REGS-1a0240 openser[936]: - received from: port 5061
> Jan 22 20:41:37 REGS-1a0240 openser[936]: - received from: ip 41.41.0.230
> Jan 22 20:41:37 REGS-1a0240 openser[936]: tcp_read_req: headers: BYE 
> sip:551138175007 at 21.21.81.11:6061;transport=tls SIP/2.0^M To: 
> SIP5007_TLS_SIMPLEX  <sip:551138175007 at 41.41.0.230 
> <mailto:sip%3A551138175007 at 41.41.0.230>>;tag=91c2c894c0^M From: 
> <sip:551138175008 at 41.41.0.230:5061;transport=tls>;tag=snl_G84KdX4MLT^M 
> Call-ID: 0ad3e453326a4160^M CSeq: 1 BYE^M Route: 
> <sip:21.21.27.10:5061;transport=tls;ftag=91c2c894c0;lr=on>^M Via: 
> SIP/2.0/TLS 
> 41.41.0.230:5061;branch=z9hG4bK_brancha_41.41.0.230_KonTU5DMPx^M 
> Accept-Language: en;q=0.0^M Allow: REGISTER, INVITE, ACK, BYE, CANCEL, 
> NOTIFY, REFER^M Date: Fri, 22 Jan 2010 20:41:36 GMT ^M Max-Forwards: 
> 69^M Content-Length: 0^M ^M .
> Jan 22 20:41:37 REGS-1a0240 openser[936]: tcp_read_req: content-length= 0
> Jan 22 20:41:37 REGS-1a0240 openser[936]: tcp_read_req: body: 
> Jan 22 20:41:37 REGS-1a0240 openser[936]: calling 
> receive_msg(0x30294e14, 559, )
> Jan 22 20:41:37 REGS-1a0240 openser[936]: SIP Request:
> Jan 22 20:41:37 REGS-1a0240 openser[936]:  method:  <BYE>
> Jan 22 20:41:37 REGS-1a0240 openser[936]:  uri:     
> <sip:551138175007 at 21.21.81.11:6061;transport=tls>
> Jan 22 20:41:37 REGS-1a0240 openser[936]:  version: <SIP/2.0>
>  
> Thanks
> Jijo
> 
> 
>  
> On Sun, Jan 24, 2010 at 5:53 AM, Klaus Darilion 
> <klaus.mailinglists at pernau.at <mailto:klaus.mailinglists at pernau.at>> wrote:
> 
>     I would verify if the received fragment really contains 2 complete
>     SIP messages (e.g. 2xCRLF at the end of the SIP headers and if
>     Content-Length header is correct).
> 
>     For debugging, TLS is PITA.
> 
>     Maybe the SIP server shows the same behavior when using TCP.
>     Otherwise you can try to configure the NULL:CIPHER on both servers -
>     then you see the plaintext SIP message in the TLS packets.
> 
>     regards
>     klaus
> 
>     Jijo Jose wrote:
> 
>         Hi All,
>          We have a SIP server which enabled NAGLE algorithm and proxy as
>         openser ver 1.1
>          SIP Server send a TLS multiple records( 2 SIP messages) in a
>         packet to openser. Openser is reading only the first record(
>         first SIP message). The second TLS record(sip message) is read
>         only when the next message recieved by openser from the SIP Server.
>           I would like to know anybody observed this issue.  I have
>         compared the codebase of kamailio 1.4 and openser 1.1 but
>         didin't find any diffrence for TLS.
>          I have looked at the API _tls_read() in openser which is same
>         as that of kamilio.
>          Don't we need to use SSL_pending() after SSL_read() to verify
>         any buffer is left in the SSL layer ?
>          Do you think is it due to the poll method error? The poll
>         method we use is POLL_SIGIO_RT
>          Please let me know your comments.
>          Thanks in advance.
>          Jijo
> 
> 
>         ------------------------------------------------------------------------
> 
>         _______________________________________________
>         Kamailio (OpenSER) - Users mailing list
>         Users at lists.kamailio.org <mailto:Users at lists.kamailio.org>
>         http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>         http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
> 
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 



More information about the Users mailing list