Hi guys,
I was wondering if someone can help decipher what these few lines mean?
Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:431]: tls_accept(): tls_accept: new connection from 10.94.98.18:51698 using TLSv1.3 TLS_AES_256_GCM_SHA384 256 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:434]: tls_accept(): tls_accept: local socket: 206.81.191.45:443 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:445]: tls_accept(): tls_accept: client did not present a certificate Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of connection (n:1652) (0) Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1527]: tcp_read_req(): EOF Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del (0x56367f8b8f80, 12, -1, 0x10) fd_no=2 called Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x7fcfc20c57b0, state -1, fd=12, id=23 ([10.94.98.18]:51698 -> [10.94.98.18]:443) Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fcfc2089f88 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: <core> [core/tcp_main.c:3320]: handle_tcp_child(): reader response= 7fcfc20c57b0, -1 from 16 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: tls [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fcfc2089f88
Bottom line is kamailio closed the connection and I have method setting to this:
root@sjomainkama51:/etc/kamailio # grep method tls.cfg method = TLSv1.1+
Supposedly this should work?
Hello,
looks like client side is doing renegotiation, which is disabled by default:
* https://www.kamailio.org/docs/modules/devel/modules/tls.html#tls.p.renegotia...
Cheers, Daniel
On 19.11.19 21:22, Andrew Chen wrote:
Hi guys,
I was wondering if someone can help decipher what these few lines mean?
Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:431]: tls_accept(): tls_accept: new connection from 10.94.98.18:51698 http://10.94.98.18:51698 using TLSv1.3 TLS_AES_256_GCM_SHA384 256 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:434]: tls_accept(): tls_accept: local socket: 206.81.191.45:443 http://206.81.191.45:443 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:445]: tls_accept(): tls_accept: client did not present a certificate Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of connection (n:1652) (0) Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1527]: tcp_read_req(): EOF Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del (0x56367f8b8f80, 12, -1, 0x10) fd_no=2 called Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x7fcfc20c57b0, state -1, fd=12, id=23 ([10.94.98.18]:51698 -> [10.94.98.18]:443) Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fcfc2089f88 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: <core> [core/tcp_main.c:3320]: handle_tcp_child(): reader response= 7fcfc20c57b0, -1 from 16 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: tls [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fcfc2089f88
Bottom line is kamailio closed the connection and I have method setting to this:
root@sjomainkama51:/etc/kamailio # grep method tls.cfg method = TLSv1.1+
Supposedly this should work?
-- Andy Chen Sr. Telephony Lead Engineer achen@ mailto:achen@thinkingphones.comfuze.com http://fuze.com
*Confidentiality Notice: The information contained in this e-mail and any attachments may be confidential. If you are not an intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail is strictly prohibited. If you have received this e-mail in error, please notify the sender and permanently delete the e-mail and any attachments immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. Thank you.*
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Thanks Daniel.
On Tue, Nov 19, 2019 at 5:20 PM Daniel-Constantin Mierla miconda@gmail.com wrote:
Hello,
looks like client side is doing renegotiation, which is disabled by default:
https://www.kamailio.org/docs/modules/devel/modules/tls.html#tls.p.renegotia...
Cheers, Daniel On 19.11.19 21:22, Andrew Chen wrote:
Hi guys,
I was wondering if someone can help decipher what these few lines mean?
Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:431]: tls_accept(): tls_accept: new connection from 10.94.98.18:51698 using TLSv1.3 TLS_AES_256_GCM_SHA384 256 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:434]: tls_accept(): tls_accept: local socket: 206.81.191.45:443 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:445]: tls_accept(): tls_accept: client did not present a certificate Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of connection (n:1652) (0) Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1527]: tcp_read_req(): EOF Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del (0x56367f8b8f80, 12, -1, 0x10) fd_no=2 called Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1680]: release_tcpconn(): releasing con 0x7fcfc20c57b0, state -1, fd=12, id=23 ([10.94.98.18]:51698 -> [10.94.98.18]:443) Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fcfc2089f88 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: <core> [core/tcp_main.c:3320]: handle_tcp_child(): reader response= 7fcfc20c57b0, -1 from 16 Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: tls [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fcfc2089f88
Bottom line is kamailio closed the connection and I have method setting to this:
root@sjomainkama51:/etc/kamailio # grep method tls.cfg method = TLSv1.1+
Supposedly this should work?
-- Andy Chen Sr. Telephony Lead Engineer achen@ achen@thinkingphones.comfuze.com
*Confidentiality Notice: The information contained in this e-mail and any attachments may be confidential. If you are not an intended recipient, you are hereby notified that any dissemination, distribution or copying of this e-mail is strictly prohibited. If you have received this e-mail in error, please notify the sender and permanently delete the e-mail and any attachments immediately. You should not retain, copy or use this e-mail or any attachment for any purpose, nor disclose all or any part of the contents to any other person. Thank you.*
Kamailio (SER) - Users Mailing Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
-
Andrew Chen -
Daniel-Constantin Mierla