Summary: | ASTERISK-27324: [patch] Dual-Stack server cannot be used as IPv4 client via TCP/TLS | ||||
Reporter: | Alexander Traud (traud) | Labels: | patch | ||
Date Opened: | 2017-10-08 01:23:05 | Date Closed: | 2017-10-10 09:41:11 | ||
Priority: | Major | Regression? | |||
Status: | Closed/Complete | Components: | Channels/chan_sip/TCP-TLS | ||
Versions: | 13.7.2 14.6.2 15.0.0 | Frequency of Occurrence | |||
Related Issues: |
| ||||
Environment: | Attachments: | ( 0) tcp_ip_dual_stack_server_ipv4_client.patch | |||
Description: | Asterisk can be used as SIP server and client at the same time. Furthermore, Asterisk can be ran as IPv4-only, IPv6-only, or dual stack server. On default, Asterisk is an IPv4-only server and the {{bindaddr}} is null. Because I added {{bindaddr=::}} to the configuration file {{sip.conf}}, my Asterisk listens on the IPv4 and IPv6 wildcards. In that case, the {{bindaddr}} is not null but unspecified ({{INADDR_ANY}}). Similar for UDP, TCP, and TLS: On default, Asterisk is using just UDP. Therefore, I added {{tlsenable=yes}} to my {{sip.conf}}.
Since 13.16, my Asterisk is unable to connect to other IPv4-only SIP services via TLS, with the error message: bq. ast_tcptls_client_create: Unable to bind SIP socket to \[::\]:0: Address family not supported by protocol For example here in Germany, I use the VoIP/SIP provider dus.net via _secure.dus.net_ to call (traditional) phone numbers. However, IPv6 services like _securev6.dus.net_ and services based on UDP like _proxy.dus.net_ are of no issue. Consequently, this issue affects only those chan_sip which were * enabled for dual-stack {{bindaddr=::}}, and * enabled for TCP {{tcpenable=yes}} and/or TLS {{tlsenable=yes}}, and * tried to register and/or invite a IPv4-only service, * via TCP or TLS. The resolution of ASTERISK-26922 revealed this bug, which was present since day one of the IPv6 support in Asterisk seven years ago. Attached is a patch to check not only for ‘is null’ but also whether the current bind address ‘is any’. | ||||
Comments: | By: Friendly Automation (friendly-automation) 2017-10-10 07:42:22.082-0500 Change 6681 merged by Jenkins2: tcptls: Do not re-bind to wildcard on client creation. [https://gerrit.asterisk.org/6681|https://gerrit.asterisk.org/6681] By: Friendly Automation (friendly-automation) 2017-10-10 07:51:08.522-0500 Change 6683 merged by Jenkins2: tcptls: Do not re-bind to wildcard on client creation. [https://gerrit.asterisk.org/6683|https://gerrit.asterisk.org/6683] By: Friendly Automation (friendly-automation) 2017-10-10 07:53:44.452-0500 Change 6680 merged by Joshua Colp: tcptls: Do not re-bind to wildcard on client creation. [https://gerrit.asterisk.org/6680|https://gerrit.asterisk.org/6680] By: Friendly Automation (friendly-automation) 2017-10-10 08:07:59.205-0500 Change 6682 merged by Jenkins2: tcptls: Do not re-bind to wildcard on client creation. [https://gerrit.asterisk.org/6682|https://gerrit.asterisk.org/6682] |