Open GoogleCodeExporter opened 8 years ago
Don't know how you have captured logs from the browser but there is no useful
information in "browser.log". To get javascript logs: Right click on the
webpage -> inspect Element -> Select "console" tab.
In you report you're talking about DTLS but webrtc2sip shows that the issue is
about SSL (instead of DTLS) and no call logs at all. In short: what you're
describing doesn't match with the logs.
Original comment by boss...@yahoo.fr
on 30 May 2014 at 3:24
Thanks for the reply, the dev who is performing the testing says that the
output given is from the Javascript console, so new output would be useless.
I am posting our config.xml file, but past that the problem remains that we
cannot get an SSL handshake between the client and server. We are using the
recommended OpenSSL versions. Please let me know if you can help in any way, or
if you have further suggestions for better output to help you understand the
issue
Original comment by sherwood...@gmail.com
on 30 May 2014 at 3:46
Attachments:
We get a failure after Client HELLO in the SSL conversation, stating "no shared
ciphers" as the issue.....
This is the main issue we are facing the "no shared ciphers" error. We have
self signed certificates. When we open a connection to wss://208.95.61.51:10062
the handshake fails with a server side error of "no shared ciphers". We get no
further as evidenced in the browser log.
__tsip_transport_ws_onerror tsk_utils.js?svn=224:116
__tsip_transport_ws_onclose tsk_utils.js?svn=224:116
Original comment by ch...@nctech.co
on 30 May 2014 at 3:52
It's too confusing because in the description you're talking about DTLS and
fingerprint. You cannot use self-signed certificates for WSS. Last time I test
chrome it allows it but not Firefox. This was a security issue in Chrome. I
guess Google fixed it. Two solutions:
- use trusted certificates
- or, open "https://208.95.61.51:10062" (notice the "https://") in the browser
and when you get a warning, say you want to have the address trusted. Then, try
SIPML5 (with WSS).
Original comment by boss...@yahoo.fr
on 30 May 2014 at 4:00
Please also note that with such config.xml you'll not be able to make calls if
you're using Chrome 35+ or Firefox. DTLS requires a public cert key
(self-signed or not) and you're not providing one but only a CA.
Original comment by boss...@yahoo.fr
on 30 May 2014 at 4:04
Hi boss
There is nothing confusing but there is no help or instructions about this that
it won't work with Self Signed certs.
People require DTLS as its required by the Proprietary/freeswicth ,hence
needed. FYI using https://sipml5.org/call.htm?svn=224# throws the same error.
Webrtc error log:
SSL is enabled :)
DTLS supported: yes
DTLS-SRTP supported: yes
*INFO: transport = udp://*:10060
*INFO: transport = ws://*:10060
*INFO: transport = wss://*:10062
*INFO: transport = tcp://*:10063
*INFO: transport = tls://*:10064
*INFO: enable-rtp-symetric = yes
*INFO: enable-100rel = no
*INFO: enable-media-coder = no
*INFO: enable-videojb = yes
*INFO: video-size-pref = vga
*INFO: rtp-buffsize = 65535
*INFO: avpf-tail-length = [100-400]
*INFO: srtp-mode = optional
*INFO: srtp-type = sdes;dtls
*INFO: dtmf-type = rfc4733
*INFO: codecs = opus;pcma;pcmu;gsm;vp8;h264-bp;h264-mp;h263;h263+
*INFO: UnRegister codec: PCMA, G.711a codec (native)
*INFO: UnRegister codec: PCMU, G.711u codec (native)
*INFO: UnRegister codec: GSM, GSM Full Rate (libgsm)
*INFO: UnRegister codec: VP8, VP8 codec (libvpx)
*INFO: UnRegister codec: H264, H264 Base Profile (FFmpeg, x264)
*INFO: UnRegister codec: H264, H264 Main Profile (FFmpeg, x264)
*INFO: UnRegister codec: H263, H263-1996 codec (FFmpeg)
*INFO: UnRegister codec: H263-1998, H263-1998 codec (FFmpeg)
*INFO: codec-opus-maxrates = 48000;48000
*INFO: stun-server = stun.l.google.com;19302;-;-
*INFO: enable-icestun = yes
*INFO: max-fds = -1
*INFO: nameserver = 8.8.8.8
*INFO: ssl-certificates =
/home/cg/myca/certs/crt.server1.pem;
/home/cg/mycert/private/key.csr.server1.pem;
no;
no
*INFO: transport = c2c://*:10070
*INFO: transport = c2cs://*:10072
*INFO: database = sqlite;*
*INFO: sqlite3_threadsafe = 1
*INFO: Database opened = TRUE
*INFO: tnet_transport_prepare()
*INFO: pipeR fd=8, pipeW=9
*INFO: Socket added[TCP/IPv4 transport]: fd=8, tail.count=1
*INFO: master fd=3
*INFO: Socket added[TCP/IPv4 transport]: fd=3, tail.count=2
*INFO: Transport::run() - enter
*INFO: Starting [TCP/IPv4 transport] server with IP {0.0.0.0} on port {10070}
using fd {3} with type {9}...
***ERROR: function: "tnet_transport_tls_set_certs()"
file: "src/tnet_transport.c"
line: "255"
MSG: SSL_CTX_use_certificate_file failed [0,error:0906D06C:PEM
routines:PEM_read_bio:no start line]
*INFO: tnet_transport_prepare()
*INFO: pipeR fd=10, pipeW=11
*INFO: Socket added[TLS/IPv4 transport]: fd=10, tail.count=1
*INFO: master fd=4
*INFO: Socket added[TLS/IPv4 transport]: fd=4, tail.count=2
*INFO: Stack running in SERVER mode
*INFO: tsk_timer_manager_start
*INFO: Transport::run() - enter
*INFO: Timer manager run()::enter
*INFO: TIMER MANAGER -- START
*INFO: Starting [TLS/IPv4 transport] server with IP {0.0.0.0} on port {10072}
using fd {4} with type {17}...
*INFO: SIP STACK::run -- START
***ERROR: function: "tnet_transport_tls_set_certs()"
file: "src/tnet_transport.c"
line: "255"
MSG: SSL_CTX_use_certificate_file failed [0,error:140AD009:SSL
routines:SSL_CTX_use_certificate_file:PEM lib]
***ERROR: function: "tnet_transport_tls_set_certs()"
file: "src/tnet_transport.c"
line: "255"
MSG: SSL_CTX_use_certificate_file failed [0,error:0906D06C:PEM
routines:PEM_read_bio:no start line]
*INFO: tnet_transport_prepare()
*INFO: pipeR fd=17, pipeW=18
*INFO: Socket added[SIP transport]: fd=17, tail.count=1
*INFO: master fd=12
*INFO: Socket added[SIP transport]: fd=12, tail.count=2
*INFO: tnet_transport_prepare()
*INFO: pipeR fd=19, pipeW=20
*INFO: Socket added[SIP transport]: fd=19, tail.count=1
*INFO: master fd=13
*INFO: Socket added[SIP transport]: fd=13, tail.count=2
*INFO: Transport::run() - enter
*INFO: tnet_transport_prepare()
*INFO: pipeR fd=21, pipeW=22
*INFO: Socket added[SIP transport]: fd=21, tail.count=1
*INFO: master fd=14
*INFO: Socket added[SIP transport]: fd=14, tail.count=2
*INFO: Starting [SIP transport] server with IP {66.175.211.140} on port {10060}
using fd {12} with type {2}...
*INFO: Transport::run() - enter
*INFO: tnet_transport_prepare()
*INFO: pipeR fd=23, pipeW=24
*INFO: Socket added[SIP transport]: fd=23, tail.count=1
*INFO: master fd=15
*INFO: Starting [SIP transport] server with IP {66.175.211.140} on port {10064}
using fd {14} with type {16}...
*INFO: Socket added[SIP transport]: fd=15, tail.count=2
*INFO: tnet_transport_prepare()
*INFO: Transport::run() - enter
*INFO: pipeR fd=25, pipeW=26
*INFO: Socket added[SIP transport]: fd=25, tail.count=1
*INFO: master fd=16
*INFO: Socket added[SIP transport]: fd=16, tail.count=2
*INFO: Starting [SIP transport] server with IP {66.175.211.140} on port {10060}
using fd {15} with type {64}...
*INFO: Transport::run() - enter
*INFO: Starting [SIP transport] server with IP {66.175.211.140} on port {10062}
using fd {16} with type {128}...
*INFO: SIP STACK -- START
*INFO: Transport::run() - enter
*INFO: Starting [SIP transport] server with IP {66.175.211.140} on port {10063}
using fd {13} with type {8}...
*INFO: ioctlt(16), len=0 returned zero or failed
*INFO: NETWORK EVENT FOR SERVER [SIP transport] -- FD_ACCEPT(fd=27)
*INFO: Socket added[SIP transport]: fd=27, tail.count=3
*INFO: WebSocket Peer accepted/connected with fd = 27
*INFO: #1 peers in the 'SIP transport' transport
***ERROR: function: "tnet_tls_socket_accept()"
file: "src/tls/tnet_tls.c"
line: "168"
MSG: SSL_accept() failed with error code [1, error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher]
*INFO: Removing socket 27
*INFO: Socket to remove: fd=27, index=2, tail.count=3
*INFO: WebSocket Peer closed with fd = 27
*INFO: #0 peers in the 'SIP transport' transport
*INFO: *** Stream Peer destroyed ***
*INFO: CloseSocket(27)
*INFO: WebSocket Peer closed with fd = 27
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: SSL_accept() failed
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: (SYSTEM)NETWORK ERROR ==>Success
*INFO: PipeR event = 1
*INFO: ioctlt(16), len=0 returned zero or failed
*INFO: NETWORK EVENT FOR SERVER [SIP transport] -- FD_ACCEPT(fd=27)
*INFO: Socket added[SIP transport]: fd=27, tail.count=3
*INFO: WebSocket Peer accepted/connected with fd = 27
*INFO: #1 peers in the 'SIP transport' transport
***ERROR: function: "tnet_tls_socket_accept()"
file: "src/tls/tnet_tls.c"
line: "168"
MSG: SSL_accept() failed with error code [1, error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher]
*INFO: Removing socket 27
*INFO: Socket to remove: fd=27, index=2, tail.count=3
*INFO: CloseSocket(27)
*INFO: WebSocket Peer closed with fd = 27
*INFO: #0 peers in the 'SIP transport' transport
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: SSL_accept() failed
*INFO: *** Stream Peer destroyed ***
*INFO: WebSocket Peer closed with fd = 27
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: (SYSTEM)NETWORK ERROR ==>Success
*INFO: PipeR event = 1
*INFO: ioctlt(16), len=0 returned zero or failed
*INFO: NETWORK EVENT FOR SERVER [SIP transport] -- FD_ACCEPT(fd=27)
*INFO: Socket added[SIP transport]: fd=27, tail.count=3
*INFO: WebSocket Peer accepted/connected with fd = 27
*INFO: #1 peers in the 'SIP transport' transport
***ERROR: function: "tnet_tls_socket_accept()"
file: "src/tls/tnet_tls.c"
line: "168"
MSG: SSL_accept() failed with error code [1, error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher]
*INFO: Removing socket 27
*INFO: Socket to remove: fd=27, index=2, tail.count=3
*INFO: WebSocket Peer closed with fd = 27
*INFO: #0 peers in the 'SIP transport' transport
*INFO: *** Stream Peer destroyed ***
*INFO: CloseSocket(27)
*INFO: WebSocket Peer closed with fd = 27
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: SSL_accept() failed
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: (SYSTEM)NETWORK ERROR ==>Success
*INFO: PipeR event = 1
*INFO: ioctlt(16), len=0 returned zero or failed
*INFO: NETWORK EVENT FOR SERVER [SIP transport] -- FD_ACCEPT(fd=27)
*INFO: Socket added[SIP transport]: fd=27, tail.count=3
*INFO: WebSocket Peer accepted/connected with fd = 27
*INFO: #1 peers in the 'SIP transport' transport
***ERROR: function: "tnet_tls_socket_accept()"
file: "src/tls/tnet_tls.c"
line: "168"
MSG: SSL_accept() failed with error code [1, error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher]
*INFO: Removing socket 27
*INFO: Socket to remove: fd=27, index=2, tail.count=3
*INFO: WebSocket Peer closed with fd = 27
*INFO: #0 peers in the 'SIP transport' transport
*INFO: *** Stream Peer destroyed ***
*INFO: CloseSocket(27)
*INFO: WebSocket Peer closed with fd = 27
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: SSL_accept() failed
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: (SYSTEM)NETWORK ERROR ==>Success
*INFO: PipeR event = 1
*INFO: ioctlt(16), len=0 returned zero or failed
*INFO: NETWORK EVENT FOR SERVER [SIP transport] -- FD_ACCEPT(fd=27)
*INFO: Socket added[SIP transport]: fd=27, tail.count=3
*INFO: WebSocket Peer accepted/connected with fd = 27
*INFO: #1 peers in the 'SIP transport' transport
***ERROR: function: "tnet_tls_socket_accept()"
file: "src/tls/tnet_tls.c"
line: "168"
MSG: SSL_accept() failed with error code [1, error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher]
*INFO: Removing socket 27
*INFO: Socket to remove: fd=27, index=2, tail.count=3
*INFO: WebSocket Peer closed with fd = 27
*INFO: #0 peers in the 'SIP transport' transport
*INFO: CloseSocket(27)
*INFO: *** Stream Peer destroyed ***
*INFO: WebSocket Peer closed with fd = 27
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: SSL_accept() failed
***ERROR: function: "tnet_transport_mainthread()"
file: "src/tnet_transport_poll.c"
line: "708"
MSG: (SYSTEM)NETWORK ERROR ==>Success
Let us know the Workaround,if possible or should we quit using webrtc?
Chrome console logs:
s_websocket_server_url=wss:66.175.211.140:10062 SIPml-api.js?svn=224:1
s_sip_outboundproxy_url=(null) SIPml-api.js?svn=224:1
b_rtcweb_breaker_enabled=yes SIPml-api.js?svn=224:1
b_click2call_enabled=no SIPml-api.js?svn=224:1
b_early_ims=yes SIPml-api.js?svn=224:1
b_enable_media_stream_cache=no SIPml-api.js?svn=224:1
o_bandwidth={} SIPml-api.js?svn=224:1
o_video_size={} SIPml-api.js?svn=224:1
SIP stack start: proxy='ns313841.ovh.net:14062', realm='<sip:83.98.187.237>',
impi='admin1', impu='"admin1"<sip:admin1@83.98.187.237>' SIPml-api.js?svn=224:1
Connecting to 'wss:66.175.211.140:10062' SIPml-api.js?svn=224:1
==stack event = starting SIPml-api.js?svn=224:1
__tsip_transport_ws_onerror SIPml-api.js?svn=224:1
__tsip_transport_ws_onclose SIPml-api.js?svn=224:1
==stack event = failed_to_start SIPml-api.js?svn=224:1
Regards
Yusuf
Original comment by shahnazp...@gmail.com
on 12 Jun 2014 at 9:50
Original issue reported on code.google.com by
sherwood...@gmail.com
on 30 May 2014 at 2:52Attachments: