[OpenSIPS-Users] Mid Registrar error
Prathibha B
prathibhab.tvm at gmail.com
Sat Feb 15 13:41:22 UTC 2025
opensips.cfg
####### Global Parameters #########
log_level=7
xlog_level=7
stderror_enabled=no
syslog_enabled=yes
syslog_facility=LOG_LOCAL0
udp_workers=4
open_files_limit=4096
tcp_connect_timeout=1000
/* comment the next line to enable the auto discovery of local aliases
based on revers DNS on IPs */
auto_aliases=no
socket=udp:x.x.x.x:5060
socket=wss:x.x.x.x:443
alias="wss:xxxxx:443"
advertised_address="xxxxx"
advertised_address="x.x.x.x"
####### Modules Section ########
#set module path
mpath="/usr/local/lib64/opensips/modules/"
loadmodule "uac.so"
loadmodule "mid_registrar.so"
modparam("mid_registrar", "mode", 2) /* 0 = mirror / 1 = ct / 2 = AoR */
modparam("mid_registrar", "outgoing_expires", 7200)
modparam("mid_registrar", "received_avp", "$avp(received)")
modparam("mid_registrar", "pn_enable", true)
modparam("mid_registrar", "pn_providers", "apns,fcm,webpush")
modparam("mid_registrar", "min_expires", 300)
modparam("mid_registrar", "contact_id_insertion", "ct-username")
modparam("mid_registrar", "contact_id_param", "ctid")
#### SIGNALING module
loadmodule "signaling.so"
#### StateLess module
loadmodule "sl.so"
#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)
loadmodule "nathelper.so"
modparam("nathelper", "received_avp", "$avp(received)")
#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 1)
#### MAX ForWarD module
loadmodule "maxfwd.so"
loadmodule "path.so"
#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"
#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/var/run/opensips/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)
#### URI module
#loadmodule "uri.so"
#modparam("uri", "use_uri_table", 0)
loadmodule "db_mysql.so"
#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "UAS_NAT")
modparam("usrloc", "working_mode_preset", "single-instance-sql-write-back")
modparam("usrloc", "db_url",
"mysql://root:root@localhost:3306/opensips")
#### REGISTRAR module
#loadmodule "registrar.so"
/* uncomment the next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)
#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
if you enable this parameter, be sure the enable "append_fromtag"
in "rr" module */
modparam("acc", "detect_direction", 0)
#### UDP protocol
loadmodule "proto_udp.so"
#loadmodule "proto_tcp.so"
#modparam("proto_tcp","tcp_async",1)
loadmodule "proto_tls.so"
# WS and WSS module
loadmodule "proto_wss.so"
loadmodule "proto_ws.so"
modparam("proto_wss", "wss_max_msg_chunks", 16)
#modparam("proto_wss", "require_origin", no)
#modparam("proto_ws", "require_origin", no)
#modparam("proto_wss", "wss_port", 443)
#modparam("proto_wss", "wss_handshake_timeout", 500)
#modparam("proto_wss", "wss_tls_handshake_timeout", 500)
#modparam("proto_wss", "wss_resource", "/")
#modparam("proto_wss", "tls_method", "TLSv1")
#modparam("proto_wss", "trace_on", 1)
loadmodule "textops.so"
## TLS Management
loadmodule "tls_openssl.so"
loadmodule "tls_mgm.so"
modparam("tls_mgm", "tls_library", "openssl")
modparam("tls_mgm", "client_domain","dom")
modparam("tls_mgm", "ca_dir", "[dom]/etc/certs/")
modparam("tls_mgm", "ca_list", "[dom]/etc/certs/isrgrootx1.pem")
#modparam("tls_mgm", "ca_list", "[dom]/etc/certs/fullchain.pem")
#modparam("tls_mgm", "ca_list",
"[dom]/etc/certs/isrg-root-x1-cross-signed.pem")
modparam("tls_mgm", "verify_cert", "[dom]0")
modparam("tls_mgm", "require_cert", "[dom]0")
modparam("tls_mgm", "match_sip_domain", "[dom]*")
modparam("tls_mgm", "match_ip_address", "[dom]*")
modparam("tls_mgm", "certificate","[dom]/etc/certs/fullchain.pem")
modparam("tls_mgm","private_key","[dom]/etc/certs/privkey.pem")
#modparam("tls_mgm", "ciphers_list", "[dom]AES128-SHA256:AES256-SHA")
modparam("tls_mgm","server_domain", "dom1")
modparam("tls_mgm", "match_sip_domain", "[dom1]xxxxx")
modparam("tls_mgm", "match_ip_address", "[dom1]x.x.x.x:443")
modparam("tls_mgm", "verify_cert", "[dom1]0")
modparam("tls_mgm", "require_cert", "[dom1]0")
modparam("tls_mgm", "ca_dir", "[dom1]/etc/certs/")
#modparam("tls_mgm", "ca_list", "[dom1]/etc/certs/fullchain.pem")
modparam("tls_mgm", "ca_list", "[dom1]/etc/certs/isrgrootx1.pem")
#modparam("tls_mgm", "ca_list",
"[xxxxx]/etc/certs/isrg-root-x1-cross-signed.pem")
modparam("tls_mgm", "certificate","[dom1]/etc/certs/fullchain.pem")
modparam("tls_mgm","private_key","[dom1]/etc/certs/privkey.pem")
modparam("tls_mgm", "tls_method", "[dom1]TLSv1_3")
#modparam("tls_mgm", "tls_method", "[dom]TLSv1_3")
#modparam("tls_mgm", "ciphers_list", "[dom1]AES128-SHA256:AES256-SHA")
modparam("tls_mgm","server_domain", "dom2")
modparam("tls_mgm", "match_sip_domain", "[dom2]xxxxx")
modparam("tls_mgm", "match_ip_address", "[dom2]x.x.x.x:1443")
modparam("tls_mgm", "verify_cert", "[dom2]0")
modparam("tls_mgm", "require_cert", "[dom2]0")
modparam("tls_mgm", "ca_dir", "[dom2]/etc/certs/")
#modparam("tls_mgm", "ca_list", "[dom2]/etc/certs/fullchain.pem")
modparam("tls_mgm", "ca_list", "[dom2]/etc/certs/isrgrootx1.pem")
#modparam("tls_mgm", "ca_list",
"[xxxxx]/etc/certs/isrg-root-x1-cross-signed.pem")
modparam("tls_mgm", "certificate","[dom2]/etc/certs/fullchain.pem")
modparam("tls_mgm","private_key","[dom2]/etc/certs/privkey.pem")
modparam("tls_mgm", "tls_method", "[dom2]TLSv1_3")
#modparam("tls_mgm", "ciphers_list", "[dom2]AES128-SHA256:AES256-SHA")
loadmodule "rest_client.so"
loadmodule "event_routing.so"
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header(10)) {
sl_send_reply(483,"Too Many Hops");
exit;
}
if (has_totag()) {
# sequential requests within a dialog should
# take the path determined by record-routing
if (loose_route()) {
if (is_method("BYE")) {
# do accunting, even if the transaction fails
do_accounting("log","failed");
} else if (is_method("INVITE")) {
xlog("In INVITE1");
# even if in most of the cases is useless, do RR for
# re-INVITEs alos, as some buggy clients do change route set
# during the dialog.
record_route();
}
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
} else {
if ( is_method("ACK") ) {
if ( t_check_trans() ) {
# non loose-route, but stateful ACK; must be an ACK after
# a 487 or e.g. 404 from upstream server
t_relay();
exit;
} else {
# ACK without matching transaction ->
# ignore and discard
exit;
}
}
sl_send_reply(404,"Not here");
}
exit;
}
# CANCEL processing
if (is_method("CANCEL"))
{
if (t_check_trans())
t_relay();
exit;
}
t_check_trans();
if (is_method("REGISTER")) {
fix_nated_register();
add_path_received();
mid_registrar_save("location",'path-received');
switch ($retcode) {
case 1:
$ru = "sip:asteriskprivateip:1443;transport=wss";
if (!t_relay()) {
xlog("L_ERR", "Failed to forward call to Asterisk \n");
send_reply(500, "Internal Server Error");
}
break;
case 2:
xlog("absorbing REGISTER! ($$ci=$ci)\n");
break;
default:
xlog("failed to save registration! ($$ci=$ci)\n");
}
exit;
}
# preloaded route checking
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
sl_send_reply(403,"Preload Route denied");
exit;
}
# record routing
if (!is_method("REGISTER|MESSAGE"))
record_route();
# account only INVITEs
if (is_method("INVITE")) {
$ru="sip:asteriskprivateip:1443;transport=wss;";
t_relay();
}
# requests for my domain
if (is_method("PUBLISH|SUBSCRIBE"))
{
sl_send_reply(503, "Service Unavailable");
exit;
}
if ($rU==NULL) {
# request with no Username in RURI
sl_send_reply(484,"Address Incomplete");
exit;
}
if (has_totag()) {
if (is_method("ACK") && t_check_trans()) {
t_relay();
exit;
}
if (!loose_route()) {
send_reply(404, "Not Found");
exit;
}
if (!is_method("ACK")) {
}
route(relay);
exit;
}
# when routing via usrloc, log the missed calls also
do_accounting("log","missed");
route(relay);
}
route[relay] {
# for INVITEs enable some additional helper routes
if (is_method("INVITE")) {
t_on_branch("per_branch_ops");
t_on_reply("handle_nat");
t_on_failure("missed_call");
}
if (!t_relay()) {
send_reply(500,"Internal Error");
};
exit;
}
branch_route[per_branch_ops] {
xlog("new branch at $ru\n");
}
onreply_route[handle_nat] {
xlog("incoming reply\n");
}
failure_route[missed_call] {
if (t_was_cancelled()) {
exit;
}
}
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free.www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
On Sat, 15 Feb 2025 at 10:51, Prathibha B <prathibhab.tvm at gmail.com> wrote:
> Hello,
>
> When calling from webrtc client to asterisk via opensips, I'm getting the
> following error message:
>
> ERROR:tls_openssl:openssl_tls_write: TLS write error:
> /usr/local/sbin/opensips[1372222]:
> ERROR:tls_openssl:openssl_tls_blocking_write: TLS failed to send data
> /usr/local/sbin/opensips[1372222]: ERROR:tls_openssl:openssl_tls_write:
> TLS connection to 10.203.0.6:55668 write failed (5:-1:9)
> ngdcs /usr/local/sbin/opensips[1372222]:
> ERROR:tls_openssl:openssl_tls_write: TLS write error:
> /usr/local/sbin/opensips[1372222]:
> ERROR:tls_openssl:openssl_tls_blocking_write: TLS failed to send data
>
> How to resolve this issue?
> --
> Regards,
> B.Prathibha
>
--
Regards,
B.Prathibha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20250215/419cdeb8/attachment-0001.html>
More information about the Users
mailing list