Skip to main content

Error with TLS in SIP Presence Server

3 replies [Last post]
rayesh
Offline
Joined: 2006-05-03
Points: 0

I have a SIP application which uses the integrated presence server. One of my SBBs is an internal publisher also. The setup is working fine with UDP transport.

I have modified the sip11 RA to include TLS in the list of allowedTransports in the file SipResourceAdaptor.java. Generated a keystore with a self-signed certificate and started the mobicents passing -Djavax.net.ssl.keyStore=keystore -Djavax.net.ssl.keyStorePassword=password. My SBB, which uses dialog initiating INVITEs among other messages, is able to communicate with the clients without any problem. But the presence server messages are causing the following errors:

javax.sip.SipException: error sending message
at gov.nist.javax.sip.stack.SIPDialog.sendRequest(SIPDialog.java:1901)
at org.mobicents.slee.resource.sip11.wrappers.DialogWrapper.sendRequest(DialogWrapper.java:343)
at org.mobicents.slee.sipevent.server.subscription.sip.SipSubscriberNotificationHandler.createAndSendNotify(SipSubscriberNotificationHandler.java:157)
at org.mobicents.slee.sipevent.server.subscription.sip.RemoveSipSubscriptionHandler.removeSipSubscription(RemoveSipSubscriptionHandler.java:60)
at org.mobicents.slee.sipevent.server.subscription.sip.SipSubscriptionHandler.processRequest(SipSubscriptionHandler.java:220)
at org.mobicents.slee.sipevent.server.subscription.SubscriptionControlSbb.onSubscribeInDialog(SubscriptionControlSbb.java:268)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mobicents.slee.runtime.sbbentity.SbbEntity.invokeEventHandler(SbbEntity.java:871)
at org.mobicents.slee.runtime.EventRouterImpl.routeQueuedEvent(EventRouterImpl.java:892)
at org.mobicents.slee.runtime.EventRouterImpl.access$100(EventRouterImpl.java:64)
at org.mobicents.slee.runtime.EventRouterImpl$EventExecutor.run(EventRouterImpl.java:121)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1657)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:932)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1096)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at gov.nist.javax.sip.stack.IOHandler.writeChunks(IOHandler.java:110)
at gov.nist.javax.sip.stack.IOHandler.sendBytes(IOHandler.java:243)
at gov.nist.javax.sip.stack.TLSMessageChannel.sendMessage(TLSMessageChannel.java:309)
at gov.nist.javax.sip.stack.MessageChannel.sendMessage(MessageChannel.java:233)
at gov.nist.javax.sip.stack.SIPTransaction.sendMessage(SIPTransaction.java:738)
at gov.nist.javax.sip.stack.SIPClientTransaction.sendMessage(SIPClientTransaction.java:486)
at gov.nist.javax.sip.stack.SIPDialog.sendRequest(SIPDialog.java:1886)
... 16 more

javax.sip.SipException: error sending message
at gov.nist.javax.sip.stack.SIPDialog.sendRequest(SIPDialog.java:1901)
at org.mobicents.slee.resource.sip11.wrappers.DialogWrapper.sendRequest(DialogWrapper.java:343)
at org.mobicents.slee.sipevent.server.subscription.sip.SipSubscriberNotificationHandler.notifySipSubscriber(SipSubscriberNotificationHandler.java:63)
at org.mobicents.slee.sipevent.server.subscription.SubscriptionControlSbb.notifySubscribers(SubscriptionControlSbb.java:468)
at sun.reflect.GeneratedMethodAccessor234.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mobicents.slee.container.deployment.interceptors.SbbLocalObjectInterceptor.invokeAndReturnObject(SbbLocalObjectInterceptor.java:72)
at org.mobicents.slee.container.deployment.interceptors.SbbLocalObjectInterceptor.invokeAndReturnvoid(SbbLocalObjectInterceptor.java:113)
at org.mobicents.slee.sipevent.server.subscription.SubscriptionControlSbbLocalObjectImpl.notifySubscribers(SubscriptionControlSbbLocalObjectImpl.java)
at org.mobicents.slee.sippresence.server.publication.PresencePublicationControlSbb.notifySubscribers(PresencePublicationControlSbb.java:113)
at sun.reflect.GeneratedMethodAccessor233.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mobicents.slee.container.deployment.interceptors.SbbLocalObjectInterceptor.invokeAndReturnObject(SbbLocalObjectInterceptor.java:72)
at org.mobicents.slee.container.deployment.interceptors.SbbLocalObjectInterceptor.invokeAndReturnvoid(SbbLocalObjectInterceptor.java:113)
at org.mobicents.slee.sipevent.server.publication.ImplementedPublicationControlSbbLocalObjectImpl.notifySubscribers(ImplementedPublicationControlSbbLocalObjectImpl.java)
at org.mobicents.slee.sipevent.server.publication.PublicationControlSbb.modifyPublication(PublicationControlSbb.java:526)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mobicents.slee.container.deployment.interceptors.SbbLocalObjectInterceptor.invokeAndReturnObject(SbbLocalObjectInterceptor.java:72)
at org.mobicents.slee.container.deployment.interceptors.SbbLocalObjectInterceptor.invokeAndReturnvoid(SbbLocalObjectInterceptor.java:113)
at org.mobicents.slee.sipevent.server.publication.PublicationControlSbbLocalObjectImpl.modifyPublication(PublicationControlSbbLocalObjectImpl.java)
at org.mobicents.slee.sipevent.server.publication.SipPublicationControlSbb.onPublish(SipPublicationControlSbb.java:222)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.mobicents.slee.runtime.sbbentity.SbbEntity.invokeEventHandler(SbbEntity.java:871)
at org.mobicents.slee.runtime.EventRouterImpl.routeQueuedEvent(EventRouterImpl.java:892)
at org.mobicents.slee.runtime.EventRouterImpl.access$100(EventRouterImpl.java:64)
at org.mobicents.slee.runtime.EventRouterImpl$EventExecutor.run(EventRouterImpl.java:121)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:519)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:550)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.(SSLSocketImpl.java:417)
at com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:138)
at gov.nist.core.net.DefaultNetworkLayer.createSSLSocket(DefaultNetworkLayer.java:113)
at gov.nist.javax.sip.stack.IOHandler.sendBytes(IOHandler.java:233)
at gov.nist.javax.sip.stack.TLSMessageChannel.sendMessage(TLSMessageChannel.java:309)
at gov.nist.javax.sip.stack.MessageChannel.sendMessage(MessageChannel.java:233)
at gov.nist.javax.sip.stack.SIPTransaction.sendMessage(SIPTransaction.java:738)
at gov.nist.javax.sip.stack.SIPClientTransaction.sendMessage(SIPClientTransaction.java:486)
at gov.nist.javax.sip.stack.SIPDialog.sendRequest(SIPDialog.java:1886)
... 36 more

The client is still connected to the server when the above errors happen, so it is not an error because of transport unavailable. And I am confused about the SSL handshake, because, when a connection is already established, why is it trying for a handshake again.. I suspect that there is something that I am missing. It would be great if you could please help. BTW, I'm using the snapshot of the sources from the SVN.

thanks,
rayesh

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
rayesh
Offline
Joined: 2006-05-03
Points: 0

I found out the problem. My assumption that the client is still connected through the TLS connection turned out to be wrong. The client was closing down the connection. So the messages from my SBB were reaching the client before the connection was closed, whereas, the client was not waiting for the Presence Server responses. This lead to the above behaviour. Thanks a lot for the support!

eduardomartins
Offline
Joined: 2005-10-10
Points: 0

It seems to me that it is an issue within jain sip, my recommendation is to create a junit testcase without SLEE, that is, creating the sip stack on it's own and trying to send a request over TLS. You can reuse code in the XDM Server junit SIP related test (/xdms/tests/src/test/java/org/openxdm/xcap/client/test/subscription/SubscribeDocumentTest.java) to build such a test. Then it should be easier to proceed.

rayesh
Offline
Joined: 2006-05-03
Points: 0

Ok, I will test and post back the result.