[asterisk-dev] [Code Review] SIP TCP/TLS: ensure that the contact header properly supports TLS/improved support for PAT/port redirection

David Vossel dvossel at digium.com
Tue Oct 6 16:16:59 CDT 2009 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/392/#review1151
-----------------------------------------------------------



/trunk/channels/chan_sip.c
<https://reviewboard.asterisk.org/r/392/#comment2642>

    This is really close, just a minor problem here.   Everything you are doing here makes sense, but these config options may be set differently depending on what order they are in the .conf file.
    
    For example, in sip.conf if you had the following.
    ..........sip.conf.........
    externtcpport = 9999
    externhost = 10.10.10.10:8888
    ...
    
    externtcpport would be set to 9999, then written over to be 8888 when externhost was parsed.
    
    There is a simple way to fix this. Just set externtcpport and externtlsport to 0 at the beginning of the reload.  Only set the options when they are explicitly called for (v->name, "externtcpport") or (v->name, "externtlsport"), then at the end of the reload if externtcpport or externtlsport are still 0, set the defaults appropriately (tcp will either be the externip host port if it is set or the default sip port, tls will just always default to the standard tls port).   I guess this is only really a problem for tcp, but it might be nice to make the options consistent since they are so similar... That's just my idea, you may come up with something better or find that mine doesn't make much sense.
    
    


- David


On 2009-10-06 14:56:32, ebroad wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/392/
> -----------------------------------------------------------
> 
> (Updated 2009-10-06 14:56:32)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Summary
> -------
> 
> https://issues.asterisk.org/view.php?id=15880
> 
> This patch adds support for TCP/TLS in the Contact header when using NAT, specifically externip or externhost. The original issue was that Asterisk sent 5060 as the port in the contact header whether TLS was used or not. Additionally, this patch adds 2 config options to sip.conf, specifically externtcpport and externtlsport. This allows a user to specify different external ports for TCP and TLS other than those used internally, this is especially useful in in a PAT/port redirection setup. 
> 
> 
> This addresses bug 15880.
>     https://issues.asterisk.org/view.php?id=15880
> 
> 
> Diffs
> -----
> 
>   /trunk/channels/chan_sip.c 222222 
>   /trunk/configs/sip.conf.sample 222222 
> 
> Diff: https://reviewboard.asterisk.org/r/392/diff
> 
> 
> Testing
> -------
> 
> Tested both inbound and outbound calls using Counterpath's Bria softphone, with Asterisk behind a NAT firewall(Cisco ASA), and with the appropriate ports redirected. The client was behind a NAT firewall(Cisco PIX), using STUN. 
> 
> 
> Thanks,
> 
> ebroad
> 
>

More information about the asterisk-dev mailing list