MSS using 5060 as the default SIP TLS port?
29 views
Skip to first unread message
Horaci Macias
Jun 14, 2011, 12:00:40 PM6/14/11
to mobicents-public
I have a sip application that receives a message over TLS and proxies
it.
The message has a Route header:
Route: <sip:192.168.1.1;transport=tls;lr>
When mobicents receives this and the application tries to proxy it,
it's being proxied to port 5060 and not 5061 as I believe should be
(since there is no port but the transport is TLS).
2011-06-14 17:38:14,981 DEBUG [DefaultDNSServerLocator] (SIP-TCP-Core-
PipelineThreadpool-1) Resolving 192.168.1.1 transport tls
2011-06-14 17:38:14,982 DEBUG [DefaultDNSServerLocator] (SIP-TCP-Core-
PipelineThreadpool-1) host 192.168.1.1 is a numeric IP address, no DNS
SRV lookup to be done, using the hop given in param
2011-06-14 17:38:14,982 DEBUG [SipServletRequestImpl] (SIP-TCP-Core-
PipelineThreadpool-1) session transport is tls
2011-06-14 17:38:14,983 DEBUG [SipApplicationDispatcherImpl] (SIP-TCP-
Core-PipelineThreadpool-1) the triplet host/port/transport :
192.168.1.1/5060/tls is external : true
shouldn't the default port used here be 5061?
Perhaps the following code is wrong in DefaultDNSServerLocator:
// If the URI also contains a port, it uses
that port. If no port is
// specified, it uses the default port for the
particular transport
// protocol.numeric IP address, no DNS lookup
to be done
if(hopPort == -1) {
if(ListeningPoint.TLS.equals(transport) ||
(ListeningPoint.TCP.equals(transport) && sipURI.isSecure())) {
hopPort = 5061;
} else {
hopPort = 5060;
}
}
thanks,
H
it.
The message has a Route header:
Route: <sip:192.168.1.1;transport=tls;lr>
When mobicents receives this and the application tries to proxy it,
it's being proxied to port 5060 and not 5061 as I believe should be
(since there is no port but the transport is TLS).
2011-06-14 17:38:14,981 DEBUG [DefaultDNSServerLocator] (SIP-TCP-Core-
PipelineThreadpool-1) Resolving 192.168.1.1 transport tls
2011-06-14 17:38:14,982 DEBUG [DefaultDNSServerLocator] (SIP-TCP-Core-
PipelineThreadpool-1) host 192.168.1.1 is a numeric IP address, no DNS
SRV lookup to be done, using the hop given in param
2011-06-14 17:38:14,982 DEBUG [SipServletRequestImpl] (SIP-TCP-Core-
PipelineThreadpool-1) session transport is tls
2011-06-14 17:38:14,983 DEBUG [SipApplicationDispatcherImpl] (SIP-TCP-
Core-PipelineThreadpool-1) the triplet host/port/transport :
192.168.1.1/5060/tls is external : true
shouldn't the default port used here be 5061?
Perhaps the following code is wrong in DefaultDNSServerLocator:
// If the URI also contains a port, it uses
that port. If no port is
// specified, it uses the default port for the
particular transport
// protocol.numeric IP address, no DNS lookup
to be done
if(hopPort == -1) {
if(ListeningPoint.TLS.equals(transport) ||
(ListeningPoint.TCP.equals(transport) && sipURI.isSecure())) {
hopPort = 5061;
} else {
hopPort = 5060;
}
}
thanks,
H
Vladimir Ralev
Jun 14, 2011, 12:13:49 PM6/14/11
to mobicent...@googlegroups.com
The port is 5061, that is a bug. That is known issue http://code.google.com/p/mobicents/issues/detail?id=2623
Proxying doesnt work between transports due to record route being a single transport that each side sees the same way no matter what transport is used on that side. Stay tuned, this issue is being addressed right now.
Horaci Macias
Jun 15, 2011, 6:26:09 AM6/15/11
to mobicents-public
thanks; I'll keep an eye on it then.
Just to clarify, in my case the request is received over TLS and is
proxied over TLS again, so the transport doesn't change for me.
Further testing showed that the "if" block I mentioned checks if
transport equals TLS, but in my case it was "tls" which I believe
should be equivalent.
Changing ListeningPoint.TLS.equals(transport) to
ListeningPoint.TLS.equalsIgnoreCase(transport) made things work for me
(but of course this will not fix any of the other issues you mention).
thanks,
H
On Jun 14, 6:13 pm, Vladimir Ralev <vladimir.ra...@gmail.com> wrote:
> The port is 5061, that is a bug. That is known issuehttp://code.google.com/p/mobicents/issues/detail?id=2623
Just to clarify, in my case the request is received over TLS and is
proxied over TLS again, so the transport doesn't change for me.
Further testing showed that the "if" block I mentioned checks if
transport equals TLS, but in my case it was "tls" which I believe
should be equivalent.
Changing ListeningPoint.TLS.equals(transport) to
ListeningPoint.TLS.equalsIgnoreCase(transport) made things work for me
(but of course this will not fix any of the other issues you mention).
thanks,
H
On Jun 14, 6:13 pm, Vladimir Ralev <vladimir.ra...@gmail.com> wrote:
> The port is 5061, that is a bug. That is known issuehttp://code.google.com/p/mobicents/issues/detail?id=2623
>
> Proxying doesnt work between transports due to record route being a single
> transport that each side sees the same way no matter what transport is used
> on that side. Stay tuned, this issue is being addressed right now.
>
> Proxying doesnt work between transports due to record route being a single
> transport that each side sees the same way no matter what transport is used
> on that side. Stay tuned, this issue is being addressed right now.
>
Jean Deruelle
Jun 20, 2011, 8:47:10 AM6/20/11
to mobicent...@googlegroups.com
Committed the equalsIgnoreCase fix as part of http://code.google.com/p/mobicents/issues/detail?id=1053 in revision 18980
Jean
Reply all
Reply to author
Forward
0 new messages