No TLS transport on iOS ?
perwx3 opened this issue · 11 comments
Hello all,
I have stumbled on yet another network connection issue on iOS with baresip. It seems that on iOS Baresip fails to bind the TLS socket. For example if checking 'SIP Debug' in menu on Android i get UDP, TCP and TLS transports. On iOS I'm getting only UDP and TCP. When I try to register an UA using TLS I get a error printout from Baresip saying something like: SIP register failed - transport not available.
Any suggestions on how to debug this and find the problem?
Br,
Per Enstedt - wx3 telecom
if you want support for SIP over TLS, you must cross compile OpenSSL for iOS
and make sure that libre is built with this flag:
USE_OPENSSL=yes
Ah, yes. Me stupid.... :)
Actually there are two USE_OPENSSL flags in baresip-ios/mk/contrib.mk to enable.. LIBRE_BUILD_FLAGS and BARESIP_BUILD_FLAGS. Rebuilt and TLS works fine now.
Thank you very much for Baresip and all your support, Alfred!
Br,
Per Enstedt - wx3 telecom
Hi!
I used this project: https://github.com/x2on/OpenSSL-for-iPhone
@perwx3 I tried that too, but I still get openssl/sha.h' file not found
am I missing some parts with linking or something or how do i make contrib know how to use openssl?
You need to add some stuff to baresip-ios/mk/contrib.mk to make openssl include and link.
Add a symlink to the project from baresip-ios:
cd baresip-ios
ln -s 'path to the project' openssl
Edit mk/contrib.mk, add this somewhere before EXTRA_I386:
OPENSSL := $(SOURCE_PATH)/openssl
Then you need to add a include row
-I$(OPENSSL)/include \
in all EXTRA_CFLAGS segments
And also a link row
-L$(OPENSSL)/lib \
in all EXTRA_LFLAGS segments
Save and try make contrib again
@perwx3 You sir are my hero:) I'm halfway there though, now i'm getting compile errors. Was that something you encountered as well?
src/tls/openssl/tls.c:293:23: error: implicit declaration of function 'X509_get_notBefore' is invalid
in C99 [-Werror,-Wimplicit-function-declaration]
if (!X509_gmtime_adj(X509_get_notBefore(cert), -3600*24*365) ||
^
src/tls/openssl/tls.c:293:23: warning: this function declaration is not a prototype
[-Wstrict-prototypes]
src/tls/openssl/tls.c:293:23: warning: incompatible integer to pointer conversion passing 'int' to
parameter of type 'ASN1_TIME *' (aka 'struct asn1_string_st *') [-Wint-conversion]
if (!X509_gmtime_adj(X509_get_notBefore(cert), -3600*24*365) ||
^~~~~~~~~~~~~~~~~~~~~~~~
/Users/mathiaspalm/Downloads/baresip-ios-master/openssl/include/openssl/x509.h:479:39: note: passing
argument to parameter 's' here
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);
^
src/tls/openssl/tls.c:294:23: error: implicit declaration of function 'X509_get_notAfter' is invalid
in C99 [-Werror,-Wimplicit-function-declaration]
!X509_gmtime_adj(X509_get_notAfter(cert), 3600*24*365*10))
^
src/tls/openssl/tls.c:294:23: warning: this function declaration is not a prototype
[-Wstrict-prototypes]
src/tls/openssl/tls.c:294:23: warning: incompatible integer to pointer conversion passing 'int' to
parameter of type 'ASN1_TIME *' (aka 'struct asn1_string_st *') [-Wint-conversion]
!X509_gmtime_adj(X509_get_notAfter(cert), 3600*24*365*10))
^~~~~~~~~~~~~~~~~~~~~~~
/Users/mathiaspalm/Downloads/baresip-ios-master/openssl/include/openssl/x509.h:479:39: note: passing
argument to parameter 's' here
ASN1_TIME *X509_gmtime_adj(ASN1_TIME *s, long adj);```
No compile errors that I can remember, i'll check tomorrow. Which openssl version are you using?
It seems to default to 1.0.2l
but l tried 1.1.0f
I think, not exactly sure how to change versions with no luck either. I also tried using clang instead of gcc but I got the same errors
I'm compiling baresip/libre 0.5.4 and OpenSSL 1.0.2l for iOS with no errors. I diffed my tls.c with latest libre version and there are some small changes but nothing regarding X509_get_notAfter. Soo... I'm out of suggestions.
Hmm. Have you tried with the latest version of baresip/libre?