Description of problem: Linphone fails to register the given userId with the sip proxy. After some wait the GUI times out and displays the message: "registration on sip:sip.linphne.org failed: no response timeout" Version-Release number of selected component (if applicable): version: 3.5.2 How reproducible: Every time, with multiple sip accounts/proxies (I tried accounts on sip.linphone.org and ekiga.net) Steps to Reproduce: 1.Enter your user details 2.Watch it fail to get a reply from the sip proxy. 3. Actual results: Linphone Not useable Expected results: User account should register with the remote sip proxy server. Additional info: I conducted some CLI runs without the GUI to test configuration options. Log files generated and captured show that DNS resolves the 2 sip servers I was testing with, but a tls attempt fails to return any data. :-( Possible clue from log: linphonec3_log.out from line 124: ortp-error-Cannot load certificates from Microsoft Certificate Store ortp-message-SSL_is_init_finished not already done ortp-message-SSL_connect retry ortp-message-SSL_connect (timeout not data to read) (0 ms) ortp-message-socket node:sip.linphone.org, socket 13 [pos=0], connected (ssl in progress) ortp-message-eXosip: timer sec:4 usec:10000! ortp-message-SSL_is_init_finished not already done ortp-message-SSL_connect retry ortp-message-SSL_connect (timeout not data to read) (0 ms) ortp-message-eXosip: timer sec:3 usec:936297! ortp-message-SSL_is_init_finished not already done ortp-error-verify error:num=20:unable to get local issuer certificate:depth=1:/C=FR/O=GANDI SAS/CN=Gandi Standard SSL CA ortp-error-SSL ERROR ortp-error-SSL_connect error So I straced with: strace -o /home/colin/scripts/linphonec3_strace_.out linphonec -d 1 -l /home/colin/scripts/linphonec3_log.out This cert/tls failure can be seen around line 2698 of linphonec3_strace_.out Previous runs showed that the same failure repeats on a timer, so I typed quit at the linphonec command prompt to stop from bloating the captured files.
Created attachment 778395 [details] linphonecc log file Log file generated with: 'strace -o /home/colin/scripts/linphonec3_strace_.out linphonec -d 1 -l /home/colin/scripts/linphonec3_log.out'
Created attachment 778396 [details] strace capture strace capture generated with: 'strace -o /home/colin/scripts/linphonec3_strace_.out linphonec -d 1 -l /home/colin/scripts/linphonec3_log.out' The cert error / tls failure seems to start around line 2698
Is this error appeared after recent updates? Can you please setup Linphone with clean configs and try to connect again?
Upon going to get a look at the source, I see that there exists a much more recent stable version: 3.6.1 http://www.linphone.org/eng/download/packages/linphone.html And furthermore that 'nucleo' has a koji build for fc20 Changelog * Sun Jul 07 2013 Alexey Kurov <nucleo> - 3.6.1-1 - linphone-3.6.1 http://koji.fedoraproject.org/koji/buildinfo?buildID=432018 Perhaps it would be simplest to wait until the package with build version 3.6.1 becomes available on F19? -the reason that I discovered this bug in the first place was that I was trialling a new installation of F19 in preparation for migrating from F17, but F19 has exactly the same old version, and failure. :-(
nucleo - our comments passed in flight. This was a 2 completely new insstalls, fresh as of today.
3.6.1 have compatibility problems with other kdenetwork which fails to build against new mediastreamer/ortp, so 3.6.1 will be in F20+ for now. 3.5.2 works for me at least with servers I use, but I can't test now git.linphone.org because don't have account there.
Thanks nucleo. Both ekiga.net and sip.linphone.org are free accounts from the FOSS developers. :-) Ideal to register for free and test with really. ;-) If there is anything more that I can do - feel free to leave me instructions here and i will be happy to (try to) follow them. Thanks again Colin.
What in your "Network protocol and ports" settings? Try SIP(UDP) if SIP(TLS) there.
Aha! I didn't realise that account used unencrypted UDP for authentication -time to delete it methinks. Thank you once again! Note to self and world: Always back up your working linphone config from ~/.linphonerc so that you have a working setup after upgrade/reinstall.
Maybe SIP(UDP) should be set by default. Leaving this bug open, so people can found it. If I found way to change defaults then I will fix this.
Looks like at first Linphone start network protocol set by default to SIP(UDP) but after using account assistant it becomes set to SIP(TLS), so SIP(UDP) should be set by default if manually setup account without using account assistant or after using assistant should be set back to SIP(UDP).
Switching to SIP(UDP) is only workaround real problem in coreapi/linphonecore.c #define ROOT_CA_FILE PACKAGE_DATA_DIR "/linphone/rootca.pem" #ifdef __linux sal_set_root_ca(lc->sal, lp_config_get_string(lc->config,"sip","root_ca", "/etc/ssl/certs")); #else sal_set_root_ca(lc->sal, lp_config_get_string(lc->config,"sip","root_ca", ROOT_CA_FILE)); #endif So ROOT_CA_FILE should be file /etc/ssl/certs/ca-bundle.crt or /etc/ssl/certs/ca-bundle.trust.crt but set to path /etc/ssl/certs. I will try to build fixed linphone.
linphone-3.6.1-2.fc19,ortp-0.22.0-1.fc19,kdenetwork-4.10.5-3.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/linphone-3.6.1-2.fc19,ortp-0.22.0-1.fc19,kdenetwork-4.10.5-3.fc19
Package linphone-3.6.1-2.fc19, ortp-0.22.0-1.fc19, kdenetwork-4.10.5-3.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing linphone-3.6.1-2.fc19 ortp-0.22.0-1.fc19 kdenetwork-4.10.5-3.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-13833/linphone-3.6.1-2.fc19,ortp-0.22.0-1.fc19,kdenetwork-4.10.5-3.fc19 then log in and leave karma (feedback).
Thanks nucleo. That is fantastic! Your new build 'updates-testing linphone-3.6.1-2.fc19' solved the problem with sip proxy registration and tls that prompted me to file this bug report. :-) :-) :-) Positive feedback left on bodhi as requested.
Fedora 17 changed to end-of-life (EOL) status on 2013-07-30. Fedora 17 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.
linphone-3.6.1-2.fc19, ortp-0.22.0-1.fc19, kdenetwork-4.10.5-3.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.