Hello, looks like client side is doing renegotiation, which is disabled by default:
* https://www.kamailio.org/docs/modules/devel/modules/tls.html#tls.p.renegotiation Cheers, Daniel On 19.11.19 21:22, Andrew Chen wrote: > Hi guys, > > I was wondering if someone can help decipher what these few lines mean? > > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls > [tls_server.c:431]: tls_accept(): tls_accept: new connection from > 10.94.98.18:51698 <http://10.94.98.18:51698> using TLSv1.3 > TLS_AES_256_GCM_SHA384 256 > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls > [tls_server.c:434]: tls_accept(): tls_accept: local socket: > 206.81.191.45:443 <http://206.81.191.45:443> > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls > [tls_server.c:445]: tls_accept(): tls_accept: client did not present a > certificate > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: tls > [tls_server.c:1189]: tls_read_f(): Reading on a renegotiation of > connection (n:1652) (0) > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> > [core/tcp_read.c:1527]: tcp_read_req(): EOF > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> > [core/io_wait.h:602]: io_watch_del(): DBG: io_watch_del > (0x56367f8b8f80, 12, -1, 0x10) fd_no=2 called > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> > [core/tcp_read.c:1680]: release_tcpconn(): releasing con > 0x7fcfc20c57b0, state -1, fd=12, id=23 ([10.94.98.18]:51698 -> > [10.94.98.18]:443) > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21501]: DEBUG: <core> > [core/tcp_read.c:1684]: release_tcpconn(): extra_data 0x7fcfc2089f88 > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: <core> > [core/tcp_main.c:3320]: handle_tcp_child(): reader response= > 7fcfc20c57b0, -1 from 16 > Nov 19 20:12:50 sjomainkama51 /usr/sbin/kamailio[21517]: DEBUG: tls > [tls_server.c:683]: tls_h_close(): Closing SSL connection 0x7fcfc2089f88 > > Bottom line is kamailio closed the connection and I have method > setting to this: > > root@sjomainkama51:/etc/kamailio # grep method tls.cfg > method = TLSv1.1+ > > Supposedly this should work? > > -- > Andy Chen > Sr. Telephony Lead Engineer > achen@ <mailto:[email protected]>fuze.com <http://fuze.com> > > > > *Confidentiality Notice: The information contained in this e-mail and any > attachments may be confidential. If you are not an intended recipient, you > are hereby notified that any dissemination, distribution or copying of > this > e-mail is strictly prohibited. If you have received this e-mail in error, > please notify the sender and permanently delete the e-mail and any > attachments immediately. You should not retain, copy or use this e-mail or > any attachment for any purpose, nor disclose all or any part of the > contents to any other person. Thank you.* > > _______________________________________________ > Kamailio (SER) - Users Mailing List > [email protected] > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
_______________________________________________ Kamailio (SER) - Users Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
