Opened 6 years ago

Closed 6 years ago

#1740 closed defect (fixed)

When request URI uses sips scheme, TLS must always be used (thanks Peter Koletzki for the report)

Reported by: nanang Owned by: bennylp
Priority: normal Milestone: release-2.2.1
Component: pjsip Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

As specified in RFC3261 8.1.2:

   Independent
   of which URI is used as input to the procedures of [4], if the
   Request-URI specifies a SIPS resource, the UAC MUST follow the
   procedures of [4] as if the input URI were a SIPS URI.

   Local policy MAY specify an alternate set of destinations to attempt.
   If the Request-URI contains a SIPS URI, any alternate destinations
   MUST be contacted with TLS.

Change History (2)

comment:1 Changed 6 years ago by nanang

  • Milestone changed from release-2.2 to release-2.3

comment:2 Changed 6 years ago by nanang

  • Resolution set to fixed
  • Status changed from new to closed

In 4770:

Fixed #1740: TLS will be used whenever request URI uses "sips" scheme regardless the target-URI scheme/transport. This behavior is configurable via 'PJSIP_DONT_SWITCH_TO_TLS' in compile-time, or 'pjsip_cfg()->disable_tls_switch' in run-time.

Note: See TracTickets for help on using tickets.