[asterisk-bugs] [JIRA] (ASTERISK-27324) Dual-Stack server cannot be used as IPv4 client via TCP/TLS

Alexander Traud (JIRA) noreply at issues.asterisk.org
Sun Oct 8 01:23:38 CDT 2017


Alexander Traud created ASTERISK-27324:
------------------------------------------

             Summary: Dual-Stack server cannot be used as IPv4 client via TCP/TLS
                 Key: ASTERISK-27324
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27324
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Channels/chan_sip/TCP-TLS
    Affects Versions: 14.6.2, 13.7.2, 15.0.0
            Reporter: Alexander Traud


Asterisk can be used as SIP server and client at the same time. Furthermore, Asterisk can be ran as IPv4-only, IPv6-only, or dual stack server. On default, Asterisk is an IPv4-only server and the {{bindaddr}} is null. Because I added {{bindaddr=::}} to the configuration file {{sip.conf}}, my Asterisk listens on the IPv4 and IPv6 wildcards. In that case, the {{bindaddr}} is not null but unspecified ({{INADDR_ANY}}). Similar for UDP, TCP, and TLS: On default, Asterisk is using just UDP. Therefore, I added {{tlsenable=yes}} to my {{sip.conf}}.

Since 13.16, my Asterisk is unable to connect to other IPv4-only SIP services via TLS, with the error message:
bq. ast_tcptls_client_create: Unable to bind SIP socket to \[::\]:0: Address family not supported by protocol
For example here in Germany, I use the VoIP/SIP provider dus.net via _secure.dus.net_ to call (traditional) phone numbers. However, IPv6 services like _securev6.dus.net_ and services based on UDP like _proxy.dus.net_ are of no issue.

Consequently, this issue affects only those chan_sip which were
* enabled for dual-stack {{bindaddr=::}}, and
* enabled for TCP {{tcpenable=yes}} and/or TLS {{tlsenable=yes}}, and
* tried to register and/or invite a IPv4-only service,
* via TCP or TLS.

The resolution of ASTERISK-26922 revealed this bug, which was present since day one of the IPv6 support in Asterisk seven years ago. Attached is a patch to check not only for ‘is null’ but also whether the current bind address ‘is any’.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list