search

showrav017 / jain-sip

Automatically exported from code.google.com/p/jain-sip
0 stars 0 forks source link

Non TLS Connection to TLS Listening Point hang #138

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
we found that SIP tls connections are not handled properly.
When we send plaintext message "\n\n\n\n" to SIPs (5061) socket, server hangs 
out (did not response to the SSL handshakes anymore) with "Unrecognized SSL 
message, plaintext connection?" (attached). HTTPs (8181) refuse plaintext 
connections correctly.
Steps to reproduce: 
telnet $host 5061 
telnet $host 8181 
(enter few newlines)
When we try to handshake with unsupported chipper, server just log exception 
and connection hangs without server response. Connections to https (8181) are 
refused correctly with "Secure Renegotiation IS NOT supported".
Steps to reproduce: 
$ openssl s_client -cipher EDH-DSS-DES-CBC-SHA -connect $host:5061 
$ openssl s_client -cipher EDH-DSS-DES-CBC-SHA -connect $host:8181 
(or whatever chipper unsupoprted by server)

Original issue reported on code.google.com by jean.der...@telestax.com on 16 Jul 2014 at 5:02

GoogleCodeExporter commented 8 years ago 
Fix + non regression test in r2861beb32c0f

Original comment by jean.der...@telestax.com on 24 Jul 2014 at 10:17