当我尝试将我的 iOS 项目注册到我的 Asterisk 服务器时,我遇到了这个 EOF 错误。没有 TLS 一切正常。所以我现在正在经历启用 TLS 的过程。我重新编译了 PJSIP 库并配置了 Asterisk 服务器。我相信这一切都是正确的。我可以看到通过端口 5161 以加密形式发生的流量,因此这看起来也是正确的。
1) 我很好奇是什么导致了这个错误?难道是我生成的证书?基于我在 wireshark 上看到加密流量但在 Asterisk pjsip 记录器中没有看到这一事实,这让我认为这是证书?
2) 第二个问题是如何为主机名未知的客户端创建证书(即,当他们在蜂窝网络或不同的 WIFI 网络上漫游时,他们的 IP 会明显改变)。当我根据 Asterisk 教程 (https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial) 创建它们时,它需要 -C 参数的值来指定客户端主机名。这又假设是动态的。
这是日志输出(个人信息 [已编辑])...
15:26:15.857 os_core_unix.c !pjlib 2.6 for POSIX initialized
15:26:15.858 sip_endpoint.c .Creating endpoint instance...
15:26:15.859 pjlib .select() I/O Queue created (0x11e809228)
15:26:15.859 sip_endpoint.c .Module "mod-msg-print" registered
15:26:15.859 sip_transport. .Transport manager created.
15:26:15.859 pjsua_core.c .PJSUA state changed: NULL --> CREATED
15:26:15.859 sip_endpoint.c .Module "mod-pjsua-log" registered
15:26:15.859 sip_endpoint.c .Module "mod-tsx-layer" registered
15:26:15.859 sip_endpoint.c .Module "mod-stateful-util" registered
15:26:15.859 sip_endpoint.c .Module "mod-ua" registered
15:26:15.859 sip_endpoint.c .Module "mod-100rel" registered
15:26:15.859 sip_endpoint.c .Module "mod-pjsua" registered
15:26:15.860 sip_endpoint.c .Module "mod-invite" registered
15:26:15.888 coreaudio_dev. .. dev_id 0: iPhone IO device (in=1, out=1) 8000Hz
15:26:15.888 coreaudio_dev. ..core audio initialized
15:26:15.888 pjlib ..select() I/O Queue created (0x11e16fc28)
15:26:15.888 speex_codec.c ..Adjusting quality to 5 for uwb
15:26:15.889 conference.c ..Creating conference bridge with 12 ports
15:26:15.889 Master/sound ..Using delay buffer with WSOLA.
15:26:15.907 sip_endpoint.c .Module "mod-evsub" registered
15:26:15.907 sip_endpoint.c .Module "mod-presence" registered
15:26:15.907 evsub.c .Event pkg "presence" registered by mod-presence
15:26:15.907 sip_endpoint.c .Module "mod-mwi" registered
15:26:15.907 evsub.c .Event pkg "message-summary" registered by mod-mwi
15:26:15.907 sip_endpoint.c .Module "mod-refer" registered
15:26:15.907 evsub.c .Event pkg "refer" registered by mod-refer
15:26:15.907 sip_endpoint.c .Module "mod-pjsua-pres" registered
15:26:15.907 sip_endpoint.c .Module "mod-pjsua-im" registered
15:26:15.907 sip_endpoint.c .Module "mod-pjsua-options" registered
15:26:15.908 pjsua_core.c .1 SIP worker threads created
15:26:15.908 pjsua_core.c .pjsua version 2.6 for iOS-10.2.1/arm-iPad6,7/iOS-SDK initialized
15:26:15.908 pjsua_core.c .PJSUA state changed: CREATED --> INIT
15:26:15.910 tlstp:5161 SIP TLS listener is ready for incoming connections at 10.200.154.118:5161
15:26:15.910 pjsua_core.c PJSUA state changed: INIT --> STARTING
15:26:15.910 sip_endpoint.c .Module "mod-unsolicited-mwi" registered
15:26:15.910 pjsua_core.c .PJSUA state changed: STARTING --> RUNNING
15:26:15.910 pjsua_acc.c Adding account: id=sip:[REDACTED]@[REDACTED]
15:26:15.910 pjsua_acc.c .Account sip:[REDACTED]@[REDACTED] added with id 0
15:26:15.910 pjsua_acc.c .Acc 0: setting registration..
15:26:15.912 tlsc0x11e18882 ..TLS client transport created
15:26:15.912 tlsc0x11e18882 ..TLS transport 10.200.154.118:58635 is connecting to [REDACTED]:5161...
15:26:15.912 pjsua_acc.c ..Contact for acc 0 updated: <sip:[REDACTED]@10.200.154.118:58635;transport=TLS;ob>;reg-id=1;+sip.instance="<urn:uuid:00000000-0000-0000-0000-00009c3fe9b2>"
15:26:15.912 endpoint ..Request msg REGISTER/cseq=10712 (tdta0x11e950400) created.
15:26:15.913 tsx0x11e9524a8 ...Transaction created for Request msg REGISTER/cseq=10713 (tdta0x11e950400)
15:26:15.913 tsx0x11e9524a8 ..Sending Request msg REGISTER/cseq=10713 (tdta0x11e950400) in state Null
15:26:15.913 sip_resolve.c ...Target '[REDACTED]:5161' type=TLS resolved to '[REDACTED]:5161' type=TLS (TLS transport)
15:26:15.913 pjsua_core.c ...TX 730 bytes Request msg REGISTER/cseq=10713 (tdta0x11e950400) to TLS [REDACTED]:5161:
REGISTER sip:[REDACTED]:5161;transport=tls SIP/2.0
Via: SIP/2.0/TLS 10.200.154.118:58635;rport;branch=z9hG4bKPjYEl90guBh1gvKz2dDJZlgxzyy7AzLMpx;alias
Max-Forwards: 70
From: <sip:[REDACTED]@[REDACTED]>;tag=V6bPvLX5S0jBnpssQQBhG1W2xhXz01gj
To: <sip:[REDACTED]@[REDACTED]>
Call-ID: 5h.iiZFsYAX2vtMCNx.ZmH9NsicZoQEX
CSeq: 10713 REGISTER
User-Agent: [REDACTED]
Supported: outbound, path
Contact: <sip:[REDACTED]@10.200.154.118:58635;transport=TLS;ob>;reg-id=1;+sip.instance="<urn:uuid:00000000-0000-0000-0000-00009c3fe9b2>"
Expires: 300
Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
Content-Length: 0
--end msg--
15:26:15.914 tsx0x11e9524a8 ...State changed from Null to Calling, event=TX_MSG
15:26:15.914 pjsua_acc.c ..Acc 0: Registration sent
15:26:16.001 tlsc0x11e18882 !TLS connect() error: End of file (PJ_EEOF) [code=70016]
15:26:16.001 tsx0x11e9524a8 Failed to send Request msg REGISTER/cseq=10713 (tdta0x11e950400)! err=70016 (End of file (PJ_EEOF))
15:26:16.001 tsx0x11e9524a8 State changed from Calling to Terminated, event=TRANSPORT_ERROR
15:26:16.001 pjsua_acc.c ..SIP registration failed, status=503 (End of file (PJ_EEOF))
15:26:16.001 pjsua_acc.c ..Scheduling re-registration retry for acc 0 in 2 seconds..
15:26:16.001 PJSIPInterface ..AccountID 0 reg_state=503
15:26:16.001 tlsc0x11e18882 TLS send() error, sent=-70016
15:26:16.001 pjsua_acc.c Disconnected notification for transport tlsc0x11e188828
15:26:16.001 tsx0x11e9524a8 Timeout timer event
15:26:16.001 tsx0x11e9524a8 .State changed from Terminated to Destroyed, event=TIMER
15:26:16.001 tdta0x11e95040 ..Destroying txdata Request msg REGISTER/cseq=10713 (tdta0x11e950400)
15:26:16.001 tsx0x11e9524a8 Transaction destroyed!
15:26:16.001 tlsc0x11e18882 TLS transport destroyed with reason 70016: End of file (PJ_EEOF)
这是我的 iOS 应用程序中的传输设置代码...
pjsua_transport_config tlsTransportConfig;
pjsua_transport_config_default(&tlsTransportConfig);
tlsTransportConfig.port = 5161;
tlsTransportConfig.tls_setting.ca_list_file = pj_str((char*)[[[NSBundle mainBundle] pathForResource:@"ca.crt" ofType:@"pem"] cStringUsingEncoding:NSUTF8StringEncoding]);
tlsTransportConfig.tls_setting.cert_file = pj_str((char*)[[[NSBundle mainBundle] pathForResource:@"myapp.crt" ofType:@"pem"] cStringUsingEncoding:NSUTF8StringEncoding]);
tlsTransportConfig.tls_setting.privkey_file = pj_str((char*)[[[NSBundle mainBundle] pathForResource:@"myapp.key" ofType:@"pem"] cStringUsingEncoding:NSUTF8StringEncoding]);
tlsTransportConfig.tls_setting.password = pj_str("[REDACTED]");
tlsTransportConfig.tls_setting.verify_client = PJ_TRUE;
tlsTransportConfig.tls_setting.verify_server = PJ_TRUE;
tlsTransportConfig.tls_setting.method = PJSIP_SSLV2_METHOD;
status = pjsua_transport_create(PJSIP_TRANSPORT_TLS, &tlsTransportConfig, NULL);
最佳答案
以防其他人遇到这个问题。根据我遵循的教程,我已将 tls 方法设置为 PJSIP_SSLV2_METHOD,如您在上面的代码中所见。然而,当我将其更改为 PJSIP_TLSV1_METHOD 时,一切都开始工作了。这也需要在 SSL 方法的 PJSIP 设置中进行更改。
我不确定为什么 SSLV2 不能工作,但 tlsv1 工作得很好。
关于ios - PJSIP TLS 连接()错误 : End of file (PJ_EEOF) [code=70016],我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42182718/