| Summary: | ASTERISK-26891: Re-enable plain WebSockets in pjsip for reverse proxies | ||
| Reporter: | Ludovic Gasc (Eyepea) (gmludo) | Labels: | |
| Date Opened: | 2017-03-22 10:17:26 | Date Closed: | 2018-02-26 08:38:02.000-0600 |
| Priority: | Major | Regression? | Yes |
| Status: | Closed/Complete | Components: | Channels/chan_pjsip |
| Versions: | 13.15.0 | Frequency of Occurrence | |
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | In this commit, you removed the plain WebSockets support in pjsip:
https://github.com/asterisk/asterisk/commit/75ebd8f0d2cdd146ab071391334ec7106ff29e94 Your justification in your commit is: "Firefox and Chrome do not support anything other than secure websockets anymore." It's true, however, at least to us, we have a valid use case to have plain WebSocket: To share the same HTTPS port with our APIs, we have a HAProxy to handle TLS, take care about crappy TCP connections, and depends on the URL, redirect the HTTP request to the right server. We keep the internal traffic in HTTP instead of HTTPS to reduce the CPU usage, and mainly to capture easily for debugging purposes. To my knowledge, at least Kazoo does also like that, and it's a pattern used a lot in the Web world with HAProxy. Could you keep unencrypted WebSockets in pjsip ? Thank you a lot. | ||
| Comments: | By: Asterisk Team (asteriskteam) 2017-03-22 10:17:27.068-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Joshua C. Colp (jcolp) 2017-03-22 10:22:52.217-0500 The code should allow it to work, we just were not able to test and guarantee it. I'd suggest testing it and if any problems are encountered then providing the information needed to look into it. By: Ludovic Gasc (Eyepea) (gmludo) 2017-03-22 14:57:57.723-0500 Ok, thank you, we'll test that. By: Asterisk Team (asteriskteam) 2017-04-06 12:00:00.880-0500 Suspended due to lack of activity. This issue will be automatically re-opened if the reporter posts a comment. If you are not the reporter and would like this re-opened please create a new issue instead. If the new issue is related to this one a link will be created during the triage process. Further information on issue tracker usage can be found in the Asterisk Issue Guidlines [1]. [1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines By: Ludovic Gasc (Eyepea) (gmludo) 2018-02-26 08:33:48.305-0600 Hi, I have tested our setup with HAProxy + Asterisk 15.3-rc1, it works pretty well, even if I declare a transport like that: [wss_443] type=transport protocol=wss bind=0.0.0.0 Asterisk handles the HTTP without TLS from HAProxy correctly. By: Asterisk Team (asteriskteam) 2018-02-26 08:33:49.002-0600 This issue has been reopened as a result of your commenting on it as the reporter. It will be triaged once again as applicable. | ||