6 Nov
2012
6 Nov
'12
5:44 p.m.
2012/11/6 Iñaki Baz Castillo <ibc(a)aliax.net>et>:
2012/11/5 Klaus Darilion
<klaus.mailinglists(a)pernau.at>at>:
BTW, OverSIP behavior when routing a request to cisco.com:
DEBUG: <RFC3263 4212866> DNS NAPTR error resolving 'cisco.com':
dns_error_nodata
DEBUG: <RFC3263 4212866> no NAPTR records, performing SRV queries
DEBUG: <RFC3263 4212866> DNS SRV succeeded for domain 'cisco.com',
service 'sips' and protocol 'tcp'
DEBUG: <RFC3263 4212866> DNS A succeeded for domain 'vcsgw.cisco.com'
DEBUG: <RFC3263 4212866> DNS SRV succeeded for domain 'cisco.com',
service 'sip' and protocol 'tcp'
DEBUG: <RFC3263 4212866> DNS A succeeded for domain 'vcsgw.cisco.com'
DEBUG: <RFC3263 4212866> DNS SRV error resolving domain 'cisco.com',
service 'sip' and protocol 'udp': dns_error_nxdomain
DEBUG: <Proxy proxy_out 4212866> DNS result has multiple values, randomizing
DEBUG: <Proxy proxy_out 4212866> trying target 1 of 2: tls:64.103.25.132:5061
DEBUG: <SIP TLS IPv4 client> TLS handshake not completed yet, waiting
before sending the message
DEBUG: <SIP TLS IPv4 client> received certificate num 1 from server
DEBUG: <SIP TLS IPv4 client> TLS connection established to 64.103.25.132:5061
DEBUG: <SIP TLS IPv4 client> running
OverSIP::SipEvents.on_server_tls_handshake()...
INFO: <SipEvents> [user] validating TLS connection to IP 64.103.25.132
and port 5061
NOTICE: <SipEvents> [user] server provides an invalid TLS certificate
with SIP identities ["tandberg"] (TLS error: 18, description: "self
signed certificate")
It was hard to properly implement full RFC 3263 but it's done. What is
the exact issue in Kamailio with this?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
Indeed, this is not implemented correctly.
What is not implemented correctly? It MUST be correctly implemented,
what is the exact problem? RFC 3263 is very clear in the steps to
perform (first NAPTR and when not present try SRV in order of
preperence based on local policy).
Could you please describe the exact issue in Kamailio about this?
Thanks a lot.