Kamrul Khan
2014-10-17 22:53:40 UTC
Hi,
Im trying to connect my WebRTC clietn
to kamailio via WSS. I successfully connected it via WS but having
trouble connecting it via WSS. My first issue is I get error messages
while i try to compile TLS module(console log in the end of the
document). But, still it creates tls.so file. So i copied the tls.so
to my kamailio modules directory and then updated my kamailio
configuration as below:
#!define WITH_TLS
.
.listen=tcp:127.0.0.1:5061
listen=tcp:192.168.146.133:5061
.
.
#!ifdef WITH_TLS
enable_tls=yes
#!endif
.
.
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config",
"/usr/local/kamailio-devel/etc/kamailio/tls.cfg")
#!endif
Now, according to this mailing
list,http://lists.sip-router.org/pipermail/sr-users/2013-March/077182.html
: when
tls module is installed, a self signed pair of certificate-private
key is generated in /usr/local/etc/kamailio
In
my case, I dont even have the /usr/local/etc/kamailio directory. So,
I followed
http://www.kamailio.org/dokuwiki/doku.php/tls:create-certificates
to create my certificate and key. And updated my tsl.cfg, this is how
my tsl.cfg looks like:
[server:192.168.146.133:5061]
method
= TLSv1
verify_certificate
= no
require_certificate
= no
private_key
= /etc/certs/sip.192.168.146.133/key.pem
certificate
= /etc/certs/sip.192.168.146.133/cert.pem
ca_list
= /etc/certs/demoCA/cert.pem
[client:192.168.146.133:5061]
verify_certificate
= yes
require_certificate
= yes
Then I restarted my kamailio server.
And i get the following errors in my kamailio log:
Im not sure what wrong im doing. Please
help me:
Oct 17 15:44:50 ubuntu kamailio: INFO:
tls [tls_init.c:385]: init_tls_compression(): tls: init_tls:
disabling compression...
Oct 17 15:44:50 ubuntu kamailio:
WARNING: <core> [socket_info.c:1397]: fix_hostname(): WARNING:
fix_hostname: could not rev. resolve 192.168.146.133
Oct 17 15:44:50 ubuntu kamailio:
message repeated 2 times: [ WARNING: <core>
[socket_info.c:1397]: fix_hostname(): WARNING: fix_hostname: could
not rev. resolve 192.168.146.133]
Oct 17 15:44:50 ubuntu kamailio: INFO:
<core> [tcp_main.c:4836]: init_tcp(): init_tcp: using epoll_lt
as the io watch method (auto detected)
Oct 17 15:44:50 ubuntu kamailio:
WARNING: <core> [daemonize.c:352]: daemonize(): pid file
contains old pid, replacing pid
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: rr
[../outbound/api.h:54]: ob_load_api(): Failed to import bind_ob
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: rr
[rr_mod.c:159]: mod_init(): outbound module not available
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: usrloc
[hslot.c:53]: ul_init_locks(): locks array size 512
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: utils
[utils.c:288]: mod_init(): forward functionality disabled
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: utils
[utils.c:197]: pres_db_init(): xcap_auth_status function is disabled
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: ERROR: tls
[tls_init.c:668]: tls_check_sockets(): TLSs<192.168.146.133:5061>:
No listening socket found
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: ERROR: <core>
[sr_module.c:970]: init_mod(): init_mod(): Error while initializing
module tls (/usr/local/kamailio-devel/lib64/kamailio/modules/tls.so)
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: : tls
[tls_locking.c:103]: locking_f(): BUG: tls: locking_f (callback):
invalid lock number: 30 (range 0 - 0), called from eng_table.c:227
Oct 17 15:44:51 ubuntu kamailio: ERROR:
<core> [daemonize.c:307]: daemonize(): Main process exited
before writing to pipe
tls module compile log
***@ubuntu:/usr/local/src/kamailio-4.1/kamailio$
sudo make -C modules/tls
make:
Entering directory
`/usr/local/src/kamailio-4.1/kamailio/modules/tls'
make:
Leaving directory
`/usr/local/src/kamailio-4.1/kamailio/modules/tls'
make:
Entering directory
`/usr/local/src/kamailio-4.1/kamailio/modules/tls'
CC
(gcc) [M tls.so]
tls_bio.o
CC
(gcc) [M tls.so]
tls_cfg.o
CC
(gcc) [M tls.so]
tls_config.o
CC
(gcc) [M tls.so]
tls_ct_wrq.o
CC
(gcc) [M tls.so]
tls_domain.o
In
file included from tls_domain.c:39:0:
tls_domain.c:
In function âload_certâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:506:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_cert:");
^
tls_domain.c:
In function âload_ca_listâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:536:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_ca_list:");
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:543:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_ca_list:");
^
tls_domain.c:
In function âload_crlâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:575:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_crl:");
^
tls_domain.c:
In function âload_private_keyâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:990:5:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_private_key:");
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:998:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_private_key:");
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:1005:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_private_key:");
^
CC
(gcc) [M tls.so]
tls_dump_vf.o
CC
(gcc) [M tls.so]
tls_init.o
CC
(gcc) [M tls.so]
tls_locking.o
CC
(gcc) [M tls.so]
tls_mod.o
CC
(gcc) [M tls.so]
tls_rpc.o
CC
(gcc) [M tls.so]
tls_select.o
CC
(gcc) [M tls.so]
tls_server.o
In
file included from tls_server.c:52:0:
tls_server.c:
In function âtls_complete_initâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:192:3:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("Failed
to create SSL or BIO structure:");
^
tls_server.c:
In function âtls_shutdownâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:521:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("SSL
error:");
^
tls_server.c:
In function âtls_encode_fâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:798:5:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:832:5:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
tls_server.c:
In function âtls_read_fâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:1186:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:1220:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
CC
(gcc) [M tls.so]
tls_util.o
CC
(gcc) [M tls.so]
tls_verify.o
LD
(gcc) [M tls.so]
tls.so
make:
Leaving directory `/usr/local/src/kamailio-4.1/kamailio/modules/tls'
Im trying to connect my WebRTC clietn
to kamailio via WSS. I successfully connected it via WS but having
trouble connecting it via WSS. My first issue is I get error messages
while i try to compile TLS module(console log in the end of the
document). But, still it creates tls.so file. So i copied the tls.so
to my kamailio modules directory and then updated my kamailio
configuration as below:
#!define WITH_TLS
.
.listen=tcp:127.0.0.1:5061
listen=tcp:192.168.146.133:5061
.
.
#!ifdef WITH_TLS
enable_tls=yes
#!endif
.
.
#!ifdef WITH_TLS
# ----- tls params -----
modparam("tls", "config",
"/usr/local/kamailio-devel/etc/kamailio/tls.cfg")
#!endif
Now, according to this mailing
list,http://lists.sip-router.org/pipermail/sr-users/2013-March/077182.html
: when
tls module is installed, a self signed pair of certificate-private
key is generated in /usr/local/etc/kamailio
In
my case, I dont even have the /usr/local/etc/kamailio directory. So,
I followed
http://www.kamailio.org/dokuwiki/doku.php/tls:create-certificates
to create my certificate and key. And updated my tsl.cfg, this is how
my tsl.cfg looks like:
[server:192.168.146.133:5061]
method
= TLSv1
verify_certificate
= no
require_certificate
= no
private_key
= /etc/certs/sip.192.168.146.133/key.pem
certificate
= /etc/certs/sip.192.168.146.133/cert.pem
ca_list
= /etc/certs/demoCA/cert.pem
[client:192.168.146.133:5061]
verify_certificate
= yes
require_certificate
= yes
Then I restarted my kamailio server.
And i get the following errors in my kamailio log:
Im not sure what wrong im doing. Please
help me:
Oct 17 15:44:50 ubuntu kamailio: INFO:
tls [tls_init.c:385]: init_tls_compression(): tls: init_tls:
disabling compression...
Oct 17 15:44:50 ubuntu kamailio:
WARNING: <core> [socket_info.c:1397]: fix_hostname(): WARNING:
fix_hostname: could not rev. resolve 192.168.146.133
Oct 17 15:44:50 ubuntu kamailio:
message repeated 2 times: [ WARNING: <core>
[socket_info.c:1397]: fix_hostname(): WARNING: fix_hostname: could
not rev. resolve 192.168.146.133]
Oct 17 15:44:50 ubuntu kamailio: INFO:
<core> [tcp_main.c:4836]: init_tcp(): init_tcp: using epoll_lt
as the io watch method (auto detected)
Oct 17 15:44:50 ubuntu kamailio:
WARNING: <core> [daemonize.c:352]: daemonize(): pid file
contains old pid, replacing pid
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: rr
[../outbound/api.h:54]: ob_load_api(): Failed to import bind_ob
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: rr
[rr_mod.c:159]: mod_init(): outbound module not available
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: usrloc
[hslot.c:53]: ul_init_locks(): locks array size 512
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: utils
[utils.c:288]: mod_init(): forward functionality disabled
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: INFO: utils
[utils.c:197]: pres_db_init(): xcap_auth_status function is disabled
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: ERROR: tls
[tls_init.c:668]: tls_check_sockets(): TLSs<192.168.146.133:5061>:
No listening socket found
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: ERROR: <core>
[sr_module.c:970]: init_mod(): init_mod(): Error while initializing
module tls (/usr/local/kamailio-devel/lib64/kamailio/modules/tls.so)
Oct 17 15:44:50 ubuntu
/usr/local/kamailio-devel//sbin/kamailio[11013]: : tls
[tls_locking.c:103]: locking_f(): BUG: tls: locking_f (callback):
invalid lock number: 30 (range 0 - 0), called from eng_table.c:227
Oct 17 15:44:51 ubuntu kamailio: ERROR:
<core> [daemonize.c:307]: daemonize(): Main process exited
before writing to pipe
tls module compile log
***@ubuntu:/usr/local/src/kamailio-4.1/kamailio$
sudo make -C modules/tls
make:
Entering directory
`/usr/local/src/kamailio-4.1/kamailio/modules/tls'
make:
Leaving directory
`/usr/local/src/kamailio-4.1/kamailio/modules/tls'
make:
Entering directory
`/usr/local/src/kamailio-4.1/kamailio/modules/tls'
CC
(gcc) [M tls.so]
tls_bio.o
CC
(gcc) [M tls.so]
tls_cfg.o
CC
(gcc) [M tls.so]
tls_config.o
CC
(gcc) [M tls.so]
tls_ct_wrq.o
CC
(gcc) [M tls.so]
tls_domain.o
In
file included from tls_domain.c:39:0:
tls_domain.c:
In function âload_certâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:506:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_cert:");
^
tls_domain.c:
In function âload_ca_listâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:536:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_ca_list:");
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:543:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_ca_list:");
^
tls_domain.c:
In function âload_crlâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:575:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_crl:");
^
tls_domain.c:
In function âload_private_keyâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:990:5:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_private_key:");
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:998:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_private_key:");
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_domain.c:1005:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("load_private_key:");
^
CC
(gcc) [M tls.so]
tls_dump_vf.o
CC
(gcc) [M tls.so]
tls_init.o
CC
(gcc) [M tls.so]
tls_locking.o
CC
(gcc) [M tls.so]
tls_mod.o
CC
(gcc) [M tls.so]
tls_rpc.o
CC
(gcc) [M tls.so]
tls_select.o
CC
(gcc) [M tls.so]
tls_server.o
In
file included from tls_server.c:52:0:
tls_server.c:
In function âtls_complete_initâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:192:3:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("Failed
to create SSL or BIO structure:");
^
tls_server.c:
In function âtls_shutdownâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:521:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR("SSL
error:");
^
tls_server.c:
In function âtls_encode_fâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:798:5:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:832:5:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
tls_server.c:
In function âtls_read_fâ:
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:1186:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
tls_util.h:52:6:
warning: variable âretâ set but not used
[-Wunused-but-set-variable]
int
ret;
\
^
tls_server.c:1220:4:
note: in expansion of macro âTLS_ERRâ
TLS_ERR(err_src);
^
CC
(gcc) [M tls.so]
tls_util.o
CC
(gcc) [M tls.so]
tls_verify.o
LD
(gcc) [M tls.so]
tls.so
make:
Leaving directory `/usr/local/src/kamailio-4.1/kamailio/modules/tls'