freeswitchforum.com https://freeswitchforum.com/ |
|
Проблема с шифрованными звонками(tls) https://freeswitchforum.com/viewtopic.php?f=6&t=152 |
Страница 1 из 1 |
Автор: | RAlexey [ 10 май 2013 21:50 ] |
Заголовок сообщения: | Проблема с шифрованными звонками(tls) |
Вообщем решил я замутить tls на fusionpbx… и сделал как в http://wiki.freeswitch.org/wiki/Tls Создал сертификаты, Код: ./gentls_cert setup -cn pbx.freeswitch.org -alt DNS:pbx.freeswitch.org -org freeswitch.org добавил в vars.xml:./gentls_cert create_server -cn pbx.freeswitch.org -alt DNS:pbx.freeswitch.org -org freeswitch.org Код: <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=true"/> <X-PRE-PROCESS cmd="set" data="external_ssl_enable=true"/> Скопировал cafile.pem на клиентские машины. использую клиент bria: в security установил tls и make and accept only encripted calls Я уже обрадовался что работает, позвонил на (echo *9196) и на (hold_music *9664) + звонок на внутренний номер Но потом поменял security настройки на втором номере и при звонке сразу идёт hung_up: Код: 2013-05-10 17:27:45.066547 [NOTICE] switch_channel.c:978 New Channel sofia/internal/101@company-a.org [a29ec222-b964-11e2-bb74-95a8b38e9309] 2013-05-10 17:27:45.085659 [WARNING] sofia_reg.c:1524 SIP auth challenge (INVITE) on sofia profile 'internal' for [107@company-a.org] from ip 192.168.70.111 2013-05-10 17:27:45.226119 [INFO] mod_dialplan_xml.c:557 Processing 101 <101>->107 in context company-a.org 2013-05-10 17:27:45.226119 [INFO] mod_dptools.c:1240 Sending early media 2013-05-10 17:27:45.245695 [INFO] switch_rtp.c:1815 Activating Secure RTP SEND 2013-05-10 17:27:45.245695 [INFO] switch_rtp.c:1795 Activating Secure RTP RECV 2013-05-10 17:27:45.245695 [NOTICE] mod_sofia.c:2845 Pre-Answer sofia/internal/101@company-a.org! 2013-05-10 17:27:45.245695 [INFO] switch_limit.c:126 incr called: company-a.org_107 max:5, interval:0 2013-05-10 17:27:45.245695 [INFO] mod_hash.c:202 Usage for company-a.org_107 is now 1/5 2013-05-10 17:27:45.245695 [INFO] switch_ivr_async.c:3548 Bound B-Leg: *1 execute_extension::dx XML features 2013-05-10 17:27:45.245695 [INFO] switch_ivr_async.c:3540 Bound A-Leg: *2 record_session::/usr/local/freeswitch/recordings/archive/2013/May/10/a29ec222-b964-11e2-bb74-95a8b38e9309.wav 2013-05-10 17:27:45.245695 [INFO] switch_ivr_async.c:3548 Bound B-Leg: *2 record_session::/usr/local/freeswitch/recordings/archive/2013/May/10/a29ec222-b964-11e2-bb74-95a8b38e9309.wav 2013-05-10 17:27:45.245695 [INFO] switch_ivr_async.c:3548 Bound B-Leg: *3 execute_extension::cf XML features 2013-05-10 17:27:45.245695 [INFO] switch_ivr_async.c:3548 Bound B-Leg: *4 execute_extension::att_xfer XML features 2013-05-10 17:27:45.265952 [NOTICE] switch_channel.c:978 New Channel sofia/internal/sip:107@192.168.70.77:1341 [a2bc79ac-b964-11e2-bb8f-95a8b38e9309] 2013-05-10 17:27:45.465491 [NOTICE] sofia.c:6492 Hangup sofia/internal/sip:107@192.168.70.77:1341 [CS_CONSUME_MEDIA] [SERVICE_NOT_IMPLEMENTED] 2013-05-10 17:27:45.485576 [NOTICE] switch_ivr_originate.c:2650 Cannot create outgoing channel of type [user] cause: [SERVICE_NOT_IMPLEMENTED] 2013-05-10 17:27:45.485576 [INFO] mod_dptools.c:3106 Originate Failed. Cause: SERVICE_NOT_IMPLEMENTED 2013-05-10 17:27:45.485576 [NOTICE] mod_dptools.c:1205 Channel [sofia/internal/101@company-a.org] has been answered 2013-05-10 17:27:45.485576 [NOTICE] switch_core_session.c:1559 Session 10 (sofia/internal/sip:107@192.168.70.77:1341) Ended 2013-05-10 17:27:45.485576 [NOTICE] switch_core_session.c:1563 Close Channel sofia/internal/sip:107@192.168.70.77:1341 [CS_DESTROY] 2013-05-10 17:27:46.505552 [ERR] switch_core_sqldb.c:1124 SQL ERR: [SELECT * FROM v_voicemails WHERE domain_uuid = '360227c8-ef98-48c0-a473-af7fbd0a3969' AND voicemail_id = '107' AND voicemail_enabled = 'true' ] no such table: v_voicemails 2013-05-10 17:27:46.505552 [ERR] freeswitch_lua.cpp:435 DBH NOT Connected. 2013-05-10 17:27:46.526637 [NOTICE] switch_core_state_machine.c:262 sofia/internal/101@company-a.org has executed the last dialplan instruction, hanging up. 2013-05-10 17:27:46.526637 [NOTICE] switch_core_state_machine.c:264 Hangup sofia/internal/101@company-a.org [CS_EXECUTE] [NORMAL_CLEARING] 2013-05-10 17:27:46.526637 [INFO] mod_hash.c:304 Usage for company-a.org_107 is now 0 2013-05-10 17:27:46.625696 [NOTICE] switch_core_session.c:1559 Session 9 (sofia/internal/101@company-a.org) Ended 2013-05-10 17:27:46.625696 [NOTICE] switch_core_session.c:1563 Close Channel sofia/internal/101@company-a.org [CS_DESTROY] 2013-05-10 17:30:01.785542 [NOTICE] switch_channel.c:978 New Channel sofia/internal/101@company-a.org [f41ccd2e-b964-11e2-bb99-95a8b38e9309] 2013-05-10 17:30:01.806602 [WARNING] sofia_reg.c:1524 SIP auth challenge (INVITE) on sofia profile 'internal' for [*9196@company-a.org] from ip 192.168.70.111 2013-05-10 17:30:01.945802 [INFO] mod_dialplan_xml.c:557 Processing 101 <101>->*9196 in context company-a.org 2013-05-10 17:30:01.965785 [INFO] switch_rtp.c:1815 Activating Secure RTP SEND 2013-05-10 17:30:01.965785 [INFO] switch_rtp.c:1795 Activating Secure RTP RECV 2013-05-10 17:30:01.965785 [NOTICE] mod_dptools.c:1205 Channel [sofia/internal/101@company-a.org] has been answered 2013-05-10 17:30:08.205528 [NOTICE] sofia.c:716 Hangup sofia/internal/101@company-a.org [CS_EXECUTE] [NORMAL_CLEARING] 2013-05-10 17:30:08.285531 [NOTICE] switch_core_session.c:1559 Session 11 (sofia/internal/101@company-a.org) Ended 2013-05-10 17:30:08.285531 [NOTICE] switch_core_session.c:1563 Close Channel sofia/internal/101@company-a.org [CS_DESTROY] Подскажите в чём может быть проблема? |
Автор: | Vlad1983 [ 10 май 2013 22:40 ] |
Заголовок сообщения: | Re: Проблема с шифрованными звонками(tls) |
2013-05-10 17:27:45.265952 [NOTICE] switch_channel.c:978 New Channel sofia/internal/sip:107@192.168.70.77:1341 [a2bc79ac-b964-11e2-bb8f-95a8b38e9309] 2013-05-10 17:27:45.465491 [NOTICE] sofia.c:6492 Hangup sofia/internal/sip:107@192.168.70.77:1341 [CS_CONSUME_MEDIA] [SERVICE_NOT_IMPLEMENTED] sip-трейс смотрите |
Автор: | RAlexey [ 11 май 2013 10:06 ] |
Заголовок сообщения: | Re: Проблема с шифрованными звонками(tls) |
Код: ------------------------------------------------------------------------ SIP/2.0 415 Bad Security Level Via: SIP/2.0/TLS 192.168.70.25;branch=z9hG4bKQvN8F4H8806gD To: <sip:107@192.168.70.77:1399;transport=TLS;rinstance=d777603f1a85e9aa>;tag=f55b4619 From: "101"<sip:101@company-a.org>;tag=KaUNQKFXUjy4H Call-ID: 0de0904f-3468-1231-f985-08002773bc56 CSeq: 43777308 INVITE User-Agent: eyeBeam release 1102u stamp 52345 Warning: 399 devnull "User reject" Content-Length: 0 ------------------------------------------------------------------------ tport.c:3004 tport_deliver() tport_deliver(0x955bbb0): msg 0x9485588 (408 bytes) from tls/192.168.70.77:1399/sips next=(nil) nta.c:3212 agent_recv_response() nta: received 415 Bad Security Level for INVITE (43777308) nta.c:3275 agent_recv_response() nta: 415 Bad Security Level is going to a transaction nta.c:9413 outgoing_estimate_delay() nta_outgoing: RTT is 202.972 ms tport.c:4202 tport_release() tport_release(0x955bbb0): 0x9497178 by 0x948f5b0 with 0x9485588 tport.c:4568 tport_by_name() tport(0x9536a48): found 0x955bbb0 by name TLS/192.168.70.77:1399 tport.c:3238 tport_tsend() tport_tsend(0x955bbb0) tpn = TLS/192.168.70.77:1399 tport_type_tls.c:527 tport_tls_send() tport_tls_writevec: vec 0x9581a28 0x9574f40 468 (468) tport.c:3574 tport_vsend() tport_vsend(0x955bbb0): 468 bytes of 468 to tls/192.168.70.77:1399 tport.c:3472 tport_send_msg() tport_vsend returned 468 send 468 bytes to tls/[192.168.70.77]:1399 at 22:59:05.077380: ------------------------------------------------------------------------ ACK sip:107@192.168.70.77:1399;transport=TLS;rinstance=d777603f1a85e9aa SIP/2.0 Via: SIP/2.0/TLS 192.168.70.25;branch=z9hG4bKQvN8F4H8806gD Route: <sip:107@192.168.70.77:1399>;transport=TLS;rinstance=d777603f1a85e9aa Max-Forwards: 69 From: "101" <sip:101@company-a.org>;tag=KaUNQKFXUjy4H To: <sip:107@192.168.70.77:1399;transport=TLS;rinstance=d777603f1a85e9aa>;tag=f55b4619 Call-ID: 0de0904f-3468-1231-f985-08002773bc56 CSeq: 43777308 ACK Content-Length: 0 ------------------------------------------------------------------------ tport.c:2286 tport_set_secondary_timer() tport(0x955bbb0): reset timer nta.c:8164 outgoing_send() nta: sent ACK (43777308) to TLS/192.168.70.77:1399 nta.c:8574 outgoing_free() nta: outgoing_free(0x9550270) nua_stack.c:271 nua_stack_event() nua(0xb71441b8): event r_invite 415 Bad Security Level nua_session.c:4135 signal_call_state_change() nua(0xb71441b8): call state changed: calling -> init nua_stack.c:271 nua_stack_event() nua(0xb71441b8): event i_state 415 Bad Security Level nua_stack.c:271 nua_stack_event() nua(0xb71441b8): event i_terminated 415 Bad Security Level nua_dialog.c:397 nua_dialog_usage_remove_at() nua(0xb71441b8): removing session usage nta.c:4366 nta_leg_destroy() nta_leg_destroy(0x951c1d8) tport.c:2286 tport_set_secondary_timer() tport(0x955bbb0): reset timer nua_stack.c:359 nua_application_event() nua: nua_application_event: entering nua_stack.c:359 nua_application_event() nua: nua_application_event: entering nua_stack.c:359 nua_application_event() nua: nua_application_event: entering nua.c:366 nua_handle_magic() nua: nua_handle_magic: entering nua.c:366 nua_handle_magic() nua: nua_handle_magic: entering nua.c:366 nua_handle_magic() nua: nua_handle_magic: entering 2013-05-11 04:59:05.062321 [NOTICE] sofia.c:6492 Hangup sofia/internal/sip:107@192.168.70.77:1399 [CS_CONSUME_MEDIA] [SERVICE_NOT_IMPLEMENTED] nua.c:342 nua_handle_bind() nua: nua_handle_bind: entering nua.c:921 nua_handle_destroy() nua: nua_handle_destroy: entering nua_stack.c:569 nua_stack_signal() nua(0xb71441b8): recv signal r_destroy nta.c:4366 nta_leg_destroy() nta_leg_destroy((nil)) nua_stack.c:529 nua_signal() nua(0xb71441b8): sent signal r_destroy nua.c:366 nua_handle_magic() nua: nua_handle_magic: entering nua.c:342 nua_handle_bind() nua: nua_handle_bind: entering nua.c:921 nua_handle_destroy() nua: nua_handle_destroy: entering nua.c:366 nua_handle_magic() nua: nua_handle_magic: entering nua.c:366 nua_handle_magic() nua: nua_handle_magic: entering nua.c:921 nua_handle_destroy() nua: nua_handle_destroy: entering 2013-05-11 04:59:05.082535 [NOTICE] switch_ivr_originate.c:2650 Cannot create outgoing channel of type [user] cause: [SERVICE_NOT_IMPLEMENTED] SIP/2.0 415 Bad Security Level Я честно говоря не понимаю что это может быть... В интернете нашёл только аналогичный вопрос оставшийся без ответа. |
Автор: | Vlad1983 [ 11 май 2013 13:13 ] |
Заголовок сообщения: | Re: Проблема с шифрованными звонками(tls) |
Код: openssl x509 -noout -inform pem -text -in /usr/local/freeswitch/conf/ssl/agent.pem
|
Автор: | Vlad1983 [ 11 май 2013 13:31 ] |
Заголовок сообщения: | Re: Проблема с шифрованными звонками(tls) |
http://wiki.freeswitch.org/wiki/Interop ... _TLS_Setup |
Автор: | RAlexey [ 12 май 2013 07:24 ] |
Заголовок сообщения: | Re: Проблема с шифрованными звонками(tls) |
Большое спасибо за подсказки. Попробовал на bria и всё получилось. Видать чёрт попутал у меня с этим eyebeam ) |
Страница 1 из 1 | Часовой пояс: UTC + 4 часа |
Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |