[sr-dev] [kamailio/kamailio] sips: uri scheme causes record_route() adding header specifying wrong transport (Issue #4092)

Thu, 02 Jan 2025 06:31:55 -0800 

### Description

Some UAC (notably Aastra Phones) use the sips: uri scheme without 
;transport=tls when TLS is being used.

I observed kamailio 5.7.6 and most probably also 5.8.4 to insert the sips URI 
in the wrong Record-Route header causing replies not to reach the destination.

#### Reproduction

Find a UAC which uses the sips URI scheme when configured to use TLS. (AAstra 
IP Phones for example).

Important: The Registration looks like this, contains no transport attribute 
but the sips scheme with port 5061 and a path pointing to the SBC.

```
            "Contact" : {
               "Address" : "sips:315996608@157.161.4.237:5061",
               "CFlags" : 0,
               "CSeq" : 1446407115,
               "Call-ID" : "3abf8e6af6391e7b",
               "Expires" : 56,
               "Flags" : 0,
               "Instance" : "<urn:uuid:00000000-0000-1000-8000-00085D49FB42>",
               "KA-Roundtrip" : 0,
               "Keepalive" : 0,
               "Last-Keepalive" : 1735827284,
               "Last-Modified" : 1735827284,
               "Methods" : 16095,
               "Path" : 
"<sip:157.161.23.249;lr;r2=on>,<sip:157.161.23.249:5061;transport=tls;lr;r2=on>",
               "Q" : 0.44,
               "Received" : "[not set]",
               "Reg-Id" : 0,
               "Ruid" : "uloc-677695ae-20472d-23",
               "Server-Id" : 0,
               "Socket" : "udp:157.161.23.4:5060",
               "State" : "CS_DIRTY",
               "Tcpconn-Id" : -1,
               "User-Agent" : "Aastra 6869i/6.3.0.1020"
            }
```

Using this set-up:

UAC (TLS) - Kamailio SBC (rtpengine / nat) udp - Kamailio Registrar udp - Core 
Infrastructure

Call the UAC. Each hop is adding a Record-Route header which is then used by 
the UAC when creating a new transaction within the dialog.

In this example:

Transaction 1:
CORE => UAC: INVITE 100rel supported
UAC => CORE: 180 Ringing 100rel required
---
Transaction 2:
CORE => UAC: PRACK

During the first transaction, Record-Route header are accumulated to indicate 
the Route set to be taken by the in-dialog PRACK request.

In the INVITE, the UAC is presented with those Record-Route Header:

The first two header are added by the SBC (IP .249) with r2=on to indicate the 
change from UDP to TLS
The third header was added by the Registrar (IP .5)
The fourth header was added by the Core (IP .2)

```
02.01.2025 15:17:54.250 +01:00: 157.161.23.249:5061 -> 157.161.4.237:5061

INVITE sips:315996608@157.161.4.237:5061 SIP/2.0
Record-Route:  
<sips:157.161.23.249:5061;transport=tls;r2=on;lr;ftag=3944816274-1416360442>
Record-Route:  <sips:157.161.23.249;r2=on;lr;ftag=3944816274-1416360442>
Record-Route:  <sips:157.161.23.5;lr;ftag=3944816274-1416360442>
Record-Route:  <sip:157.161.23.2;lr;ftag=3944816274-1416360442;did=e77.89e5>
```

UAC is ringing:

```
02.01.2025 15:17:54.368 +01:00: 157.161.4.237:5061 -> 157.161.23.249:5061

SIP/2.0 180 Ringing
Via:  SIP/2.0/TLS 
157.161.23.249:5061;branch=z9hG4bK5b72.d42e9bf4e341f690d8b383a0a96edeb3.0
Via:  SIP/2.0/UDP 
157.161.23.5;rport=5060;branch=z9hG4bK5b72.621bba23d60b529f876b92bf2ab718de.0
Via:  SIP/2.0/UDP 
157.161.23.2;branch=z9hG4bK5b72.2d88c4e6630f19da5ae24efb523564bf.0
Via:  SIP/2.0/UDP 
157.161.10.230:5060;branch=z9hG4bK100567609d7e7e9517ddfb1eaa7d684c
Record-Route:  
<sips:157.161.23.249:5061;transport=tls;r2=on;lr;ftag=3944816274-1416360442>, 
<sips:157.161.23.249;r2=on;lr;ftag=3944816274-1416360442>, 
<sips:157.161.23.5;lr;ftag=3944816274-1416360442>, 
<sip:157.161.23.2;lr;ftag=3944816274-1416360442;did=e77.89e5>
[...]
Contact:  "Somebody" 
<sips:315996608@157.161.4.237:5061>;+sip.instance="<urn:uuid:00000000-0000-1000-8000-00085D49FB42>"
```

Origin of call takes this Record-Route to create the source Route header for 
new PRACK transaction:

```
02.01.2025 15:17:54.393 +01:00: 157.161.10.230:5060 -> 157.161.23.2:5060

PRACK sips:315996608@157.161.4.237:5061 SIP/2.0
Max-Forwards:  66
Route:  <sip:157.161.23.2;lr;ftag=3944816274-1416360442;did=e77.89e5>
Route:  <sips:157.161.23.5;lr;ftag=3944816274-1416360442>
Route:  <sips:157.161.23.249;r2=on;lr;ftag=3944816274-1416360442>
Route:  
<sips:157.161.23.249:5061;transport=tls;r2=on;lr;ftag=3944816274-1416360442>
RAck:  1 1 INVITE

```

According to this route set, the call shall be routed from 157.161.23.2 to 
157.161.23.5 via 'sips'

This fails as there is no TLS socket bound between those two instances.

`prepare_new_uac(): can't fwd to af 2, proto 3  (no corresponding listening 
socket)`

IMHO the issue is caused by the wrong URI scheme (sips instead of sip) being 
used when the registrar is adding it's Record-Route header. (And maybe also by 
the SBC when adding the double (r2=on) RR to indicate the change of transport.
I suspect this happens, because the UAC has registered it's contact with the 
sips uri scheme.

Repeating the same situation with an UAC which registers a 
sip:user@domain:5061;transport=tls URI when using TLS demonstrates this works 
fine. It only happens when an UAC uses the sips URI scheme.

If any more information is required like a SIP trace of the issue, I am glad to 
provide it.

-Benoît-

-- 
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/4092
You are receiving this because you are subscribed to this thread.

Message ID: <kamailio/kamailio/issues/4...@github.com>
_______________________________________________
Kamailio - Development Mailing List -- sr-dev@lists.kamailio.org
To unsubscribe send an email to sr-dev-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!

Reply via email to