[OpenSIPS-Users] SIP CLient <- TLS --> OpenSIPS <- UDP -> SIP Server

Anil M Pannikode (hotmail) anilpannikode at hotmail.com
Fri Jun 5 18:48:01 CEST 2009 

Here are the log files from opensips server.

 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]: DBG:core:tcp_send:
no open tcp connection found, opening new one 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]: DBG:core:print_ip:
tcpconn_new: new tcp connection to: 10.10.20.206 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tcpconn_new: on port 5061, type 3 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_tcpconn_init: name based TLS client domains are disabled 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_tcpconn_init: no TLS client doman AVP set, looking for socket
based TLS client domain 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_find_client_domain: virtual TLS client domain not found, Using
default TLS client domain settings 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_tcpconn_init: found socket based TLS client domain [0.0.0.0:0] 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_tcpconn_init: Setting in CONNECT mode (client) 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7172]:
DBG:core:handle_ser_child: read response= b3f5b400, 2, fd 25 from 2 (7162) 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7172]:
DBG:core:tcpconn_add: hashes: 463, 2 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7172]:
DBG:core:io_watch_add: io_watch_add(0x826a9c0, 25, 2, 0xb3f5b400), fd_no=17 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]: DBG:core:tcp_send:
sending... 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
DBG:core:tls_update_fd: New fd is 9 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]:
ERROR:core:tls_blocking_write: too many retries with no operation 

Jun  5 16:24:45 pc10-10-10-193 /usr/sbin/opensips[7162]: DBG:core:tcp_send:
after write: c= 0xb3f5b400 n=-1 fd=9 

 

 

Wireshark shows "SSL Client helo" to server and "SSL Server helo" back from
server.

 

Is there a way to get more detailed error on the SSL Issues ?

 

Anil

 

 

 

From: users-bounces at lists.opensips.org
[mailto:users-bounces at lists.opensips.org] On Behalf Of Anil M Pannikode
(hotmail)
Sent: Wednesday, June 03, 2009 10:01 AM
To: users at lists.opensips.org
Subject: [OpenSIPS-Users] SIP CLient <- TLS --> OpenSIPS <- UDP -> SIP
Server

 

I am having the same issue as the following email which I found in the
archive, Do we know if there is solution to this issue ? I tried the
suggested solution , however still not working.

 

Anil

 

Bogdan-Andrei Iancu bogdan
<mailto:users%40lists.opensips.org?Subject=%5BOpenSIPS-Users%5D%20Problem%20
in%20sending%20outbound%20SIP%20messages%20via%0A%20TLS&In-Reply-To=c443f41b
0808200558x3bb41aaft33d6c6a45aa7d9b%40mail.gmail.com>  at voice-system.ro 
Sun Aug 31 01:10:56 CEST 2008 

*	Previous message: [OpenSIPS-Users]
<http://www.openser.org/pipermail/users/2008-August/000193.html>  Problem in
sending outbound SIP messages via TLS 
*	Next message: [OpenSIPS-Users]
<http://www.openser.org/pipermail/users/2008-August/000194.html>  Simple
question: Asterisk with Zoiper (no sound). 
*	Messages sorted by: [
<http://www.openser.org/pipermail/users/2008-August/date.html#369>  date ] [
<http://www.openser.org/pipermail/users/2008-August/thread.html#369>  thread
] [ <http://www.openser.org/pipermail/users/2008-August/subject.html#369>
subject ] [
<http://www.openser.org/pipermail/users/2008-August/author.html#369>  author
] 

  _____  

Hi,
 
have you tried with:
 
tls_verify_server = 0
tls_verify_client = 0
tls_require_client_certificate = 0
 
Regards,
Bogdan
 
Nachiket Tarate wrote:
> 
> Hi,
> 
> I am currently trying to make Secure RTP calls between my SIP client 
> and the eyeBeam. When eyeBeam is configured for encrypted calls, it 
> uses Secure RTP for media and TLS for SIP signalling.
> 
> I have configured the OpenSIPs server with TLS support.
> 
> The scenario is as shown below:
> 
> 
>  ----------------    UDP      ------------------    TLS    -------------
> |  My SIP Client |  <----->  |  OpenSIPs Server | <-----> | eyeBeam 1.5 |
>  ----------------             ------------------           -------------
>   Linux Machine                Linux Machine             Widows XP 
> machine
> 
> When a call is made from eyeBeam to My SIP client the call gets 
> established properly and the OpenSIPs server acts as a gateway.
> 
> But when a call is made from My SIP client to eyeBeam the OpenSIPs 
> returns the *477 Send failed* response to My SIP client.
> 
> By enabling the debug informaiton on OpenSIPs server, I found that it 
> couldn't do TLS handshake with the eyeBeam and so couldn't send the 
> SIP Request from My SIP client to the eyeBeam.
> 
> In brief the OpenSIPs server can accept the inbound messages via TLS 
> but *it can't send outbound messages via TLS*.
> 
> Can anybody help me to resolve this problem? Please see my 
> opensips.cfg file and OpenSIPs server logs attached with this mail.
> 
> Thanks,
> NT
>  
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
<http://lists.opensips.org/cgi-bin/mailman/listinfo/users> 
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
 
 
  _____  


*	Previous message: [OpenSIPS-Users]
<http://www.openser.org/pipermail/users/2008-August/000193.html>  Problem in
sending outbound SIP messages via TLS 
*	Next message: [OpenSIPS-Users]
<http://www.openser.org/pipermail/users/2008-August/000194.html>  Simple
question: Asterisk with Zoiper (no sound). 
*	Messages sorted by: [
<http://www.openser.org/pipermail/users/2008-August/date.html#369>  date ] [
<http://www.openser.org/pipermail/users/2008-August/thread.html#369>  thread
] [ <http://www.openser.org/pipermail/users/2008-August/subject.html#369>
subject ] [
<http://www.openser.org/pipermail/users/2008-August/author.html#369>  author
] 

  _____  

More <http://lists.opensips.org/cgi-bin/mailman/listinfo/users>  information
about the Users mailing list

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20090605/414d3a28/attachment-0001.htm

More information about the Users mailing list