choosing of SRV record
50 views
Skip to first unread message
Juha Heinanen
Dec 17, 2020, 4:35:50 AM12/17/20
to baresip
Some users of my baresip Android app are complaining that baresip does
not use TLS to send messages to registrar/sip proxy if there is no NAPTR
records defined for the account's domain that would prioritize TLS over
other transports.
I tested it and indeed if I remove these:
$ host -t naptr test.tutpro.com
test.tutpro.com has NAPTR record 100 10 "s" "SIPS+D2T" "" _sips._tcp.test.tutpro.com.
test.tutpro.com has NAPTR record 102 10 "s" "SIP+D2U" "" _sip._udp.test.tutpro.com.
test.tutpro.com has NAPTR record 101 10 "s" "SIP+D2T" "" _sip._tcp.test.tutpro.com.
and leave only SRV records in place:
$ host -t srv _sip._udp.test.tutpro.com.
_sip._udp.test.tutpro.com has SRV record 0 0 5060 test.tutpro.com.
$ host -t srv _sip._tcp.test.tutpro.com.
_sip._tcp.test.tutpro.com has SRV record 0 0 5060 test.tutpro.com.
$ host -t srv _sips._tcp.test.tutpro.com.
_sips._tcp.test.tutpro.com has SRV record 0 0 5061 test.tutpro.com.
baresip chooses to register over TCP.
This is not against RFC 3263:
If no NAPTR records are found, the client constructs SRV queries for
those transport protocols it supports, and does a query for
each. Queries are done using the service identifier "_sip" for SIP URIs
and "_sips" for SIPS URIs. A particular transport is supported if the
query is successful. The client MAY use any transport protocol it
desires which is supported by the server.
But the problem is that nowadays many service providers don't anymore
configure NAPTR records and, for example, this blog claims that NAPTR
records is an "older method":
https://www.nurango.ca/blog/using-sip-srv-records
So what would it take to make baresip by default prioritize TLS if there
is no NAPTR records? That kind of behavior would not break RFC 3263
that allows choosing any transport protocol.
-- Juha
not use TLS to send messages to registrar/sip proxy if there is no NAPTR
records defined for the account's domain that would prioritize TLS over
other transports.
I tested it and indeed if I remove these:
$ host -t naptr test.tutpro.com
test.tutpro.com has NAPTR record 100 10 "s" "SIPS+D2T" "" _sips._tcp.test.tutpro.com.
test.tutpro.com has NAPTR record 102 10 "s" "SIP+D2U" "" _sip._udp.test.tutpro.com.
test.tutpro.com has NAPTR record 101 10 "s" "SIP+D2T" "" _sip._tcp.test.tutpro.com.
and leave only SRV records in place:
$ host -t srv _sip._udp.test.tutpro.com.
_sip._udp.test.tutpro.com has SRV record 0 0 5060 test.tutpro.com.
$ host -t srv _sip._tcp.test.tutpro.com.
_sip._tcp.test.tutpro.com has SRV record 0 0 5060 test.tutpro.com.
$ host -t srv _sips._tcp.test.tutpro.com.
_sips._tcp.test.tutpro.com has SRV record 0 0 5061 test.tutpro.com.
baresip chooses to register over TCP.
This is not against RFC 3263:
If no NAPTR records are found, the client constructs SRV queries for
those transport protocols it supports, and does a query for
each. Queries are done using the service identifier "_sip" for SIP URIs
and "_sips" for SIPS URIs. A particular transport is supported if the
query is successful. The client MAY use any transport protocol it
desires which is supported by the server.
But the problem is that nowadays many service providers don't anymore
configure NAPTR records and, for example, this blog claims that NAPTR
records is an "older method":
https://www.nurango.ca/blog/using-sip-srv-records
So what would it take to make baresip by default prioritize TLS if there
is no NAPTR records? That kind of behavior would not break RFC 3263
that allows choosing any transport protocol.
-- Juha
Alfred E. Heggestad
Jan 10, 2021, 9:19:51 AM1/10/21
to Juha Heinanen, baresip
its own set of priority list.
please take a look at this file:
re/src/sip/request.c
you can add some debug print there to see what is going on,
I dont remember the details right now.
also, can the user specify ;transport=tls ?
/alfred
Juha Heinanen
Jan 10, 2021, 11:12:29 AM1/10/21
to Alfred E. Heggestad, baresip
Alfred E. Heggestad writes:
> also, can the user specify ;transport=tls ?
Sure that can be done, but if I remember correctly, if sip uri including
> also, can the user specify ;transport=tls ?
;transport is given, then only A query is done on the hostpart.
This is not really any important issue and not worth wasting time on it.
-- Juha
Reply all
Reply to author
Forward
0 new messages