[sr-dev] [kamailio/kamailio] sips: uri scheme causes record_route() adding header specifying wrong transport (Issue #4092)

2 Jan 2025


      ### Description
Some UAC (notably Aastra Phones) use the sips: uri scheme without ;transport=tls when TLS is being used.
I observed kamailio 5.7.6 and most probably also 5.8.4 to insert the sips URI in the wrong Record-Route header causing replies not to reach the destination.
#### Reproduction
Find a UAC which uses the sips URI scheme when configured to use TLS. (AAstra IP Phones for example).
Important: The Registration looks like this, contains no transport attribute but the sips scheme with port 5061 and a path pointing to the SBC.
```
            "Contact" : {
               "Address" : "sips:315996608@157.161.4.237:5061",
               "CFlags" : 0,
               "CSeq" : 1446407115,
               "Call-ID" : "3abf8e6af6391e7b",
               "Expires" : 56,
               "Flags" : 0,
               "Instance" : "urn:uuid:00000000-0000-1000-8000-00085D49FB42",
               "KA-Roundtrip" : 0,
               "Keepalive" : 0,
               "Last-Keepalive" : 1735827284,
               "Last-Modified" : 1735827284,
               "Methods" : 16095,
               "Path" : "sip:157.161.23.249;lr;r2=on,sip:157.161.23.249:5061;transport=tls;lr;r2=on",
               "Q" : 0.44,
               "Received" : "[not set]",
               "Reg-Id" : 0,
               "Ruid" : "uloc-677695ae-20472d-23",
               "Server-Id" : 0,
               "Socket" : "udp:157.161.23.4:5060",
               "State" : "CS_DIRTY",
               "Tcpconn-Id" : -1,
               "User-Agent" : "Aastra 6869i/6.3.0.1020"
            }
```
Using this set-up:
UAC (TLS) - Kamailio SBC (rtpengine / nat) udp - Kamailio Registrar udp - Core Infrastructure
Call the UAC. Each hop is adding a Record-Route header which is then used by the UAC when creating a new transaction within the dialog.
In this example:
Transaction 1:
CORE => UAC: INVITE 100rel supported
UAC => CORE: 180 Ringing 100rel required
---
Transaction 2:
CORE => UAC: PRACK
During the first transaction, Record-Route header are accumulated to indicate the Route set to be taken by the in-dialog PRACK request.
In the INVITE, the UAC is presented with those Record-Route Header:
The first two header are added by the SBC (IP .249) with r2=on to indicate the change from UDP to TLS
The third header was added by the Registrar (IP .5)
The fourth header was added by the Core (IP .2)
```
02.01.2025 15:17:54.250 +01:00: 157.161.23.249:5061 -> 157.161.4.237:5061
INVITE sips:315996608@157.161.4.237:5061 SIP/2.0
Record-Route:  sips:157.161.23.249:5061;transport=tls;r2=on;lr;ftag=3944816274-1416360442
Record-Route:  sips:157.161.23.249;r2=on;lr;ftag=3944816274-1416360442
Record-Route:  sips:157.161.23.5;lr;ftag=3944816274-1416360442
Record-Route:  sip:157.161.23.2;lr;ftag=3944816274-1416360442;did=e77.89e5
```
UAC is ringing:
```
02.01.2025 15:17:54.368 +01:00: 157.161.4.237:5061 -> 157.161.23.249:5061
SIP/2.0 180 Ringing
Via:  SIP/2.0/TLS 157.161.23.249:5061;branch=z9hG4bK5b72.d42e9bf4e341f690d8b383a0a96edeb3.0
Via:  SIP/2.0/UDP 157.161.23.5;rport=5060;branch=z9hG4bK5b72.621bba23d60b529f876b92bf2ab718de.0
Via:  SIP/2.0/UDP 157.161.23.2;branch=z9hG4bK5b72.2d88c4e6630f19da5ae24efb523564bf.0
Via:  SIP/2.0/UDP 157.161.10.230:5060;branch=z9hG4bK100567609d7e7e9517ddfb1eaa7d684c
Record-Route:  sips:157.161.23.249:5061;transport=tls;r2=on;lr;ftag=3944816274-1416360442, sips:157.161.23.249;r2=on;lr;ftag=3944816274-1416360442, sips:157.161.23.5;lr;ftag=3944816274-1416360442, sip:157.161.23.2;lr;ftag=3944816274-1416360442;did=e77.89e5
[...]
Contact:  "Somebody" sips:315996608@157.161.4.237:5061;+sip.instance="urn:uuid:00000000-0000-1000-8000-00085D49FB42"
```
Origin of call takes this Record-Route to create the source Route header for new PRACK transaction:
```
02.01.2025 15:17:54.393 +01:00: 157.161.10.230:5060 -> 157.161.23.2:5060
PRACK sips:315996608@157.161.4.237:5061 SIP/2.0
Max-Forwards:  66
Route:  sip:157.161.23.2;lr;ftag=3944816274-1416360442;did=e77.89e5
Route:  sips:157.161.23.5;lr;ftag=3944816274-1416360442
Route:  sips:157.161.23.249;r2=on;lr;ftag=3944816274-1416360442
Route:  sips:157.161.23.249:5061;transport=tls;r2=on;lr;ftag=3944816274-1416360442
RAck:  1 1 INVITE
```
According to this route set, the call shall be routed from 157.161.23.2 to 157.161.23.5 via 'sips'
This fails as there is no TLS socket bound between those two instances.
`prepare_new_uac(): can't fwd to af 2, proto 3  (no corresponding listening socket)`
IMHO the issue is caused by the wrong URI scheme (sips instead of sip) being used when the registrar is adding it's Record-Route header. (And maybe also by the SBC when adding the double (r2=on) RR to indicate the change of transport.
I suspect this happens, because the UAC has registered it's contact with the sips uri scheme.
Repeating the same situation with an UAC which registers a sip:user@domain:5061;transport=tls URI when using TLS demonstrates this works fine. It only happens when an UAC uses the sips URI scheme.
If any more information is required like a SIP trace of the issue, I am glad to provide it.
-Benoît-
-- 
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/4092
You are receiving this because you are subscribed to this thread.

Message ID: kamailio/kamailio/issues/4092@github.com

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[sr-dev] [kamailio/kamailio] sips: uri scheme causes record_route() adding header specifying wrong transport (Issue #4092)