[OpenSIPS-Users] TLS discrepancy between 1.7.1 and 1.11.5

Matt Hamilton mistral9999 at hotmail.com
Sun Aug 30 17:22:53 CEST 2015



We use Opensips (with TLS) as a dispatcher to multiple Asterisk servers.  Currently we are in the process of upgrading from 1.7.1 to 1.11.5, and we ran into a discrepancy between 1.7.1 and 1.11.5 regarding SIP NOTIFY messages.


Here is the flow (both ways):

UAC    (TLS) ->     Opensips   (UDP)->     Asterisk
Asterisk     (UDP) ->     Opensips       (TLS)->    UAC


In 1.7.1,  all messages between Opensips and UAC were encrypted - didn't matter if it was originated at UAC or Asterisk.

In 1.11.5, the SIP NOTIFY messages coming from Asterisk are sent to UAC unencrypted (and not accepted by UAC). Here is the request that Opensips receives and sends to the UAC in plaintext:

Request-Line: NOTIFY sip:101 at 1.2.3.4:5075;transport=tls;nat=yes SIP/2.0

Anything we can do to have that leg encrypted as well?

Thanks,
Matt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150830/8f5bef97/attachment.htm>


More information about the Users mailing list