Professional Documents
Culture Documents
ALTANAI BISHT
tara181989@gmail.com
http://altanaitelecom.wordpress.com
Original Slides by Alan Johnston and Henry Sinnreich, MCI (at VON’03)
Contents
SIP Overview
SIP in detail
SIP Call Flow Scenarios
SIP Security
SIP Programming
2
SIP Overview
100
90
80
70
60 electromech
50 analog
40 digital
30
20
10
0
1980 1985 1987 1990 1995 2000 2001
4
Session Initiation Protocol Overview
Application Layer Signaling Protocol
Used to establish, modify, and terminate
multimedia sessions
Part of Internet Multimedia Architecture
Can use UDP, TCP, TLS, SCTP, etc.
Based on HTTP (Web)
Similar text-based structure
Uses URIs (Uniform Resource Indicators)
Applications include (but not limited to):
Voice, video, gaming, instant messaging, presence, call
control, etc.
5
Security & Privacy
SIP Authentication
Challenge/Response based on shared secret - SIP Digest
Mechanism also used by HTTP
Used for client devices
Encryption using private/public keys
Used between servers
Privacy and security
SIP signaling can be encrypted
S/MIME (Secure/Multipurpose Internet Mail Extensions)
Defined in RFC 2633
SIP can be transported over
IPSec
Defined in RFC 2401
TLS (Transport Layer Security)
Defined in RFC 2246
6
Internet Multimedia Protocols
RTSP
7
SIP Requests and Responses
SIP Responses use a
SIP Request types are
numerical code and a
called “methods” “reason phrase”
8
Related Protocols: SDP
SIP carries (encapsulates) SDP messages
SDP specifies codecs and media termination points
Only one of many possible MIME attachments carried by
SIP
SDP – Session Description Protocol
Used to describe media session.
Carried as a message body in SIP messages.
Is a text-based protocol
Uses RTP/AVP Profiles for common media types
Defined by RFC 2327
E.g. RFC 3551 “RTP Profile for Audio and Video Conferences with
Minimal Control”
9
Related Protocol: RTP
RTP – Real-time Transport Protocol
Used to transport media packets over IP
RTP adds a bit-oriented header containing:
name of media source
timestamp
codec type
sequence number
Defined by H. Schulzrinne et al, RFC 1889.
Profiles defined by RFC 1890.
RTCP for exchange of participant and quality reports.
10
SIP Uniform Resource Indicators (URIs)
Same form as email addresses: user@domain
Two URI schemes:
sip:henry@siptest.mci.com is a SIP URI
Most common form introduced in RFC 2543
sips:henry@siptest.mci.com is a Secure SIP URI
New scheme introduced in RFC 3261
Requires TLS over TCP as transport for security
11
(Which needs no resolution for routing)
SIP “Trapezoid”
DNS Server Location
Server
DNS
SIP
Outbound Inbound
Proxy Server Proxy Server
SIP
SIP
SIP
Media (RTP)
12
SIP Elements – User Agents
DNS Server Location
Capable of sending
Server and receiving SIP
requests.
DNS UAC – User Agent Client
UAS – User Agent Server
End Devices
SIP
Outbound Inbound SIP phone
Proxy Server Proxy Server
PC/laptop with
SIP Client
SIP
PDA
SIP
mobile phone
SIP PSTN Gateways
Media (RTP) are a type of User
Agent
User Agent A
User Agent B
13
SIP Elements – Proxy Servers
DNS Server Location
Server Forward or “proxy”
requests on behalf of
DNS User Agents
Consult databases:
SIP DNS
Outbound Inbound
Proxy Server Proxy Server Location Server
Types:
SIP Stateless
Transaction Stateful
SIP
Call Stateful
SIP
No media capabilities
Media (RTP)
Ignore SDP.
User Agent A User Agent B Normally bypassed once
dialog established, but
can Record-Route to
14 stay in path.
SIP Elements – Other Servers
DNS Server Location
Server
Location Server
DNS
Database of locations of
SIP User Agents
SIP Queried by Proxies in
Outbound Inbound
Proxy Server Proxy Server routing
Updated by User Agents
SIP by Registration
SIP
16
SIP Registrar, 1
17
SIP Registrar, 2
SIP Registrars store the location of SIP endpoints
Each SIP endpoint Registers
with a Registrar using it’s Address of Record and Contact address
Address of Record for John Smith in From: header
From: John Smith <sip:jsmith@zultys.com
Contact: header tells Registrar where to send messages
Contact: John Smith <sip:jsmith@192.168.1.100>
SIP Proxies
query SIP Registrars for routing information
Incoming calls addressed to sip:jsmith@zultys.com
now routed by the Proxy to the Contact: header URL
sip:jsmith@192.168.1.100
18
Proxy Server
SIP Proxy servers route SIP messages
Stateless Proxies use stateless protocols like UDP to talk
to endpoints
Low Proxy overhead
Ephemeral connections, dropped as soon as message is forwarded
Stateful Proxies use TCP or other stateful protocols to set
up a permanent connection
High Proxy overhead
Endpoint connection must be set up, maintained and torn down for
the duration of the session
19
SIP Proxy Server
SIP Server which acts on behalf of User Agents
Receives a SIP request
Adds some headers
Modifies some of the headers
Forwards request to next hop server or client
20
Stateless vs. Stateful Proxy
Stateless Proxy
Forwards every request downstream and response upstream
Keeps no state (does not have any notion of a transaction)
Never performs message retransmissions
Stateless proxies scale very well
can be very fast
good for network cores
Stateful Proxy
Maintains state information for the duration of either the:
Transaction (request)
Transaction Stateful
Dialogue (from INVITE to BYE)
Dialogue Stateful
Performs message retransmission
21
SIP Redirect Server
22
Locating SIP Servers
Manual provisioning
DHCP SIP Option 120
RFC 3361
Multicast (deprecated)
DNS SRV method
Get local domain name automatically from DHCP server
Perform SRV record query through DNS on that domain for
_sip._udp.<domain name>
Send SIP REGISTER message to resolved server
phone is up and running without user intervention
23
SIP in detail
25
SIP Request Methods, 2
REGISTER
Register contact with Registrar
INVITE/ACK/BYE/CANCEL/UPDATE
Creates, negotiates and tears down a call (dialogue)
MESSAGE
Creates an Instant Messaging session
SUBSCRIBE
Subscribe to a service (like message waiting indication)
NOTIFY
Notify a change in service state (new Voicemail)
26
SIP Methods - INVITE, 1
27
SIP Methods - INVITE, 2
28
SIP Methods - ACK
29
SIP Methods - OPTIONS
30
SIP Methods – BYE and CANCEL
31
SIP Methods - REGISTER
32
SIP Request URI
The Request-URI indicates the destination address of the
request
Proxies and other servers route requests based on Request-
URI.
The Request-URI is modified by proxies as the address is
resolved. Request-URI
33
SIP From and To Tags
34
SIP Method - INFO
35
SIP Method - REFER
36
SIP Method - PRACK
37
SIP Methods – SUBSCRIBE and NOTIFY
38
SIP Method - MESSAGE
39
SIP Responses
40
SIP Responses: 1xx-3xx
41
SIP Responses: 4xx
SIP Response Code Brief Description
400 Bad Request Request not understood due to malformed syntax
401 Unauthorized Request requires user authentication
402 Payment Required Reserved for future use
403 Forbidden UAS understood request and refuses to fulfill it
404 Not Found UAS finds that user doesn't exist in the domain
405 Method Not Allowed Method is understood but not allowed
406 Not Acceptable Response content not allowed by Accept header
407 Proxy Authentication Required Client must first authenticate itself with proxy
408 Request Timeout UAS could not produce response in time
410 Gone UAS resource unavailable; no forwarding addr.
413 Request Entity Too Large Request contains body longer than UAS accepts
414 Request-URI Too Long Req-URI longer than server is willing to interpret
415 Unsupported Media Type Format of the body not supported by UAS
416 Unsupported URI Scheme Scheme of URI unknown to server
420 Bad Extension UAS not understand protocol extension
421 Extension Required UAS needs particular extension process request
423 Registration Too Brief Contact header field expiration time too small
480 Temporarily Unavailable UAS contacted successfully but user unavailable
481 Call/Transaction Does Not Exist UAS Rx request not matching any existing dialog
482 Loop Detected UAS has detected a loop
483 Too Many Hops UAS received request containing Max-Forwards=0
484 Address Incomplete UAS Rx request with incomplete Request-URI
485 Ambiguous The Request-URI was ambiguous
486 Busy Here UAS contacted successfully but user busy
487 Request Terminated Request terminated by a BYE or CANCEL request
488 Not Acceptable Here Same as 606 but only applies to addressed entity
491 Request Pending UAS Rx req. & have pending req. for same dialog
493 Undecipherable UAS Rx request with encrypted MIME body & not have decryption key
42
SIP Responses: 5xx-6xx
43
SIP Message Details
INVITE sip:wh@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
45
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
47
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
49
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
50
SIP Message Details
INVITE sip:w.h@200.201.202.203 SIP/2.0
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
Max-Forwards: 69
To: Heisenberg <sip:w.heisenberg@munich.de>
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:schroed5244@100.101.102.103
Content-Type: application/sdp
Content-Length: 159
52
SIP Response Details
SIP/2.0 200 OK
Via: SIP/2.0/UDP proxy.munich.de:5060;branch=z9hG4bK8542.1
Via: SIP/2.0/UDP 100.101.102.103:5060;branch=z9hG4bK45a35h76
To: Heisenberg <sip:w.heisenberg@munich.de>;tag=24019385
From: E. Schroedinger <sip:schroed5244@aol.com>;tag=312345
Call-ID: 105637921@100.101.102.103
CSeq: 1 INVITE
Contact: sip:wh@200.201.202.203
Content-Type: application/sdp
Content-Length: 173
v=0
o=Heisenberg 2452772446 2452772446 IN IP4 200.201.202.203
s=SIP Call
c=IN IP4 200.201.202.203
t=0 0
m=audio 56321 RTP/AVP 0
a=rtpmap:0 PCMU/8000
Via, To, From, Call-ID, & CSeq are all copied from request.
To now has a tag inserted by UAS
Contact and Message Body contain UAS information.
53
SIP Call Flow Scenarios
As followings …
SIP Call Flow Scenarios
Call Attempt - Unsuccessful
Presence Subscription
Registration
Presence Notification
Instant Message Exchange
Call Setup – Successful
Call Hold
Call Transfer
55
SIP Call Setup Attempt Scenario
DNS Server Location
Server
56
SIP Call Setup Attempt Scenario
DNS Server Location
Server
1. INVITE
4. DNS responds with
Contact: A 2. 100 Trying IP address of
SDP A
mci.com Proxy
Server
57
SIP Call Setup Attempt Scenario
DNS Server Location
Server
58
SIP Call Setup Attempt Scenario
DNS Server Location
Server
59
SIP Call Setup Attempt Scenario
DNS Server Location
Server
60
SIP Call Setup Attempt Scenario
DNS Server Location
Server
61
SIP Presence Example
DNS Server
Presence
Server
3. SUBSCRIBE
1. A wants to be informed
when B signs on, so
Outbound
2. SUBSCRIBE Inbound sends a SUBSCRIBE
Proxy Server Proxy Server
2. Outbound Proxy
forwards to Inbound
1. SUBSCRIBE
Proxy
3. Inbound Proxy forwards
to B’s Presence Server
62
SIP Presence Example
DNS Server
Presence
Server
3. SUBSCRIBE 4. 200 OK
4. Presence Server
Outbound
2. SUBSCRIBE Inbound authorizes subscription
Proxy Server
Proxy Server 5. 200 OK by sending a 200 OK.
5. & 6. 200 OK proxied
1. SUBSCRIBE 6. 200 OK
back to A.
63
SIP Presence Example
DNS Server
Presence
Server
64
SIP Registration Example
DNS Server
Location
Server
2. Update database:
B = B@2.3.4.5
1. B signs on to his SIP
Phone which sends a
Outbound Outbound REGISTER message
Proxy Server
Proxy Server containing the FQDN
URI of B’s User Agent.
2. Database update is sent
1. REGISTER
Contact: B@2.3.4.5 to the Location Server
65
SIP Registration Example
DNS Server
Location
Server
2. Update database:
B = B@2.3.4.5 3. OK
3. Location Server
database update is
confirmed.
Outbound Outbound
Proxy Server Proxy Server 4. Registration is confirmed
with a 200 OK
response.
1. REGISTER 4. 200 OK
Contact: B@2.3.4.5 Contact: B@2.3.4.5
66
SIP Presence Example
DNS Server
Presence
Server
67
SIP Instant Message Scenario
DNS Server
1. A sends an Instant
Location
Server Message to B saying
“Can you talk now?”
3. LS Query: B? 4. Response: in a MESSAGE
sip:B@2.3.4.5
request.
2. MESSAGE
<Can you
2., 3. & 4. MESSAGE
Outbound
talk now?> Inbound request is proxied,
Proxy Server
Proxy Server Location Server
7. 200 OK
queried.
1. MESSAGE
<Can you 5. MESSAGE 5. Inbound Proxy
talk now?> 8. 200 OK <Can you 6. 200 OK forwards MESSAGE to
talk now?>
B.
6. User Agent B responds
with 200 OK.
7. & 8. 200 OK is proxied
User Agent A User Agent B
back to A.
68
SIP Instant Message Scenario
Location
1. B sends an Instant
DNS Server
Server Message to A saying
“Sure.” in a
5. LS Query: A? 6. Response: 2. DNS Query:
sip:A@4.5.3.2 globalipcom.com?
3. Response: 5.6.7.8 MESSAGE sent to A’s
AOR URI.
4. MESSAGE
2. & 3. DNS Server is
Inbound
<Sure.> Outbound queried.
Proxy Server Proxy Server
4. Outbound Proxy
9. 200 OK
forwards MESSAGE to
7. MESSAGE
<Sure.> 8. 200 OK Inbound Server.
1. MESSAGE
<Sure.>
10. 200 OK 5. & 6. Location Server is
queried.
7. Inbound Proxy
forwards to A.
User Agent A User Agent B
8. User Agent A responds
with 200 OK.
9. & 10. 200 OK is proxied
back to B.
69
SIP Call Setup Attempt Scenario
DNS Server Location
Server
1. to 5. A retries
5. LS Query: B 6. Response:
sip:B@2.3.4.5
INVITE to B which
routes through two
3. INVITE
Contact: A Proxy Servers.
SDP A Inbound
Outbound
Proxy Server 6. Location Server
Proxy Server
4. 100 Trying
responds with the
1. INVITE
FQDN SIP URI of B’s
Contact: A 2. 100 Trying 7. INVITE SIP Phone.
SDP A
Contact: A
SDP A 7. Inbound Proxy Server
forwards INVITE to
B’s SIP Phone.
70
SIP Call Setup Scenario
DNS Server Location
Server
71
SIP Call Setup Scenario
DNS Server Location
Server
72
SIP Call Setup Scenario
DNS Server Location
Server
Media (RTP)
73
SIP Call Hold (re-INVITE)
DNS Server Location
Server
15. B places A on hold
by sending a re-
INVITE.
16. A accepts with a
Outbound Inbound 200 OK.
Proxy Server
Proxy Server
17. B sends ACK to A.
No media between A
15. INVITE
SDP a=sendonly and B.
16. 200 OK
SDP A
17. ACK
User Agent A User Agent B
74
SIP Call Transfer Scenario
DNS Server Location
Server
18. B transfers A to C
Outbound Inbound
Proxy Server
using REFER.
Proxy Server
19. Transfer is accepted
by A with 202
Accepted response.
20. Notification of
18 REFER Refer-To: sip:C@mci.com
trying transfer is
19. 202 Accepted
sent to B in NOTIFY.
20. NOTIFY <100 Trying>
User Agent A
21. B sends 200 OK
21. 200 OK User Agent B
response to NOTIFY
75
SIP Call Transfer Scenario
DNS Server Location
Server
1. to 5. A sends new
5. LS Query: C? 6. Response: INVITE to C which
sip:C@6.7.8.9
3. INVITE routes through two
Contact: A
Ref-By: B Proxy Servers.
SDP A Inbound
Outbound
Proxy Server Proxy Server 6. Location Server
4. 100 Trying responds with the
1. INVITE
7. INVITE FQDN SIP URI of C’s
Contact: A
Contact: A 2. 100 Trying Ref-By: B SIP Phone.
Ref-By: B SDP A
SDP A 7. Inbound Proxy Server
User Agent C forwards INVITE to
C’s SIP Phone.
76
SIP Call Transfer Scenario
DNS Server Location
Server
8. User Agent C alerts C
and sends 180
Ringing response.
9. & 10. 180 Ringing
9. 180 Ringing
Inbound
is proxied back to A.
Outbound
Proxy Server Proxy Server
11. C accepts call and
12. 200 OK
Contact: C 11. 200 OK sends 200 OK
SDP C Contact: C
10. 180 Ringing
13. 200 OK SDP C response.
Contact: C 8. 180 Ringing
SDP C 12. & 13. 200 OK is
14. ACK
proxied back to A.
User Agent C
Media (RTP) 14. ACK is sent by A to
confirm setup call.
User Agent A
User Agent B
Media session between
A and C begins.
77
SIP Call Transfer Scenario
DNS Server Location
Server
20. Notification of
successful transfer is
sent to B in NOTIFY.
Outbound Inbound 21. B sends 200 OK
Proxy Server
Proxy Server
response to NOTIFY
22. B hangs up by
sending a BYE.
23. 200 OK response to
20. NOTIFY <200 OK> BYE is sent.
21. 200 OK
22. BYE
User Agent A User Agent B
23. 200 OK
78
SIP Security
Authorization
SIP uses standard HTTP Digest Authentication with minor revisions
Simple Challenge/Response scheme
REGISTER ->
<- 407 Challenge + nonce
REGISTER + MD-5 hash (pw + nonce) ->
<- 200 OK
Password is never sent in the clear, just the MD-5 hash generated with
the password and nonce
Defeats Man-in-the-middle attacks since source address can’t be spoofed
or second REGISTER will never arrive
Required by many Internet Telephony Service Providers
(ITSPs)
Service Provider supplies Username and password
SIP leverages Digest Authentication features to do this
80
TLS and sips:
Implementation of TLS is mandatory for proxies, redirect servers and
registrars
The ;transport=tls URI parameter value is deprecated
A sips: URI scheme (otherwise identical to the sip: scheme) indicates
that all hops between the requestor and the resource identified by the
URI must be encrypted with TLS.
If the request is retargeted once the resource is reached, it must use
secured transports.
81
S/MIME
Provides end-to-end security of message body and/or headers.
Certificate identified by end user address
Public key can be transported in SIP
Entire message can be protected by “tunneling” the message in an
S/MIME body
Header Fields
Header Fields
Body
Signature
82
Attacks
IPhreakers
IP knowledge
Known weaknesses
Evolution 2600Hz -> voicemail/int’l GWs -> IP telephony
Internal or external threat ?
Targets: home user, enterprise, government, etc ?
Protocol implementations
PROTOS
83
Attacks : denial of service
Denial of service
Network
Protocol (SIP INVITE)
Systems / Applications
Phone
Availability (BC/DR)
Requires: power
Alternatives (Business Continuity/Disaster Recovery) ?
E911 (laws and technical aspect)
GSM
PSTN-to-GSM
84
Attacks : fraud
Call-ID spoofing
Effects
Access to voicemail
Value added numbers
Social engineering
Replay
85
Attacks: interception
Interception
“Who talks with who” (Network sniffing, Servers (SIP, CDR, etc)
LAN
Physical access to the LAN
ARP attacks
Unauthenticated devices (phones and servers)
Different layers (MAC address, user, physical port, etc)
Where to intercept ?
Where is the user located ?
Networks crossed ?
Lawful Intercept
CALEA
ETSI standard
Architecture and risks
86
Attacks : systems
Systems
Mostly none is hardened by default
Worms, exploits, Trojan horses
Attacks : phone
(S)IP phone
Startup
DHCP, TFTP, etc.
Physical access
Hidden configuration tabs
TCP/IP stacks
Firmware/configuration
Trojan horse/rootkit
87
Defense
Signaling: SIP
Secure SIP vs SS7 (physical security)
Transport: Secure RTP (with MiKEY)
Network: QoS [LLQ] (and rate-limit)
Firewall: application level filtering
Phone: signed firmware
Identification: TLS
Clients by the server
Servers by the client
3P: project, security processes and policies
88
SIP Programming
SIP based Application Interfaces
These include :
JAIN SIP
Low level and very complex API
CNRSIP API is one of available reference implementations.
SIP Servlets
proposed within JAIN
SIP API for J2ME
intermediate level API (minimal SIP knowledge required)
SIP CGI
CPL ( Call Processing Language)
XML based
90
HTTP Servlets
HTTP Java Servlets Widely Used in Web
HTTP Servlets
Application Development War File
91
SIP Servlet API
Java extension API for SIP servers
Similar in spirit to HTTP servlet API
Server matches incoming messages against local rules in order to decide
which servlet to pass message to
The API gives full control to servlets to handle SIP messages, e.g.
has full access to headers and body
proxy or redirect requests
respond to or reject requests
forward responses upstream
initiate requests
Servers may choose to provide constrained environment to selected
servlets (e.g. using sandbox security model)
92
Basic SIP Servlet Model
servlet servlet
Servlet Engine
requests requests
SIP Server
responses responses
RTP
servlet
UAC UAS
Server
SIP SIP
94
Example: Servlet as UAS
RTP
servlet
UAC
Server
SIP
95
Benefits of Servlet Model
Powerful:
Full access to SIP signaling
Performance:
No need to fork new process for each request
The same servlet can handle many requests simultaneously
Safety: type checked; no pointers; exception handling
Convenience:
high level abstractions.
Tight integration with server: logging, security, location database
Lifecycle model allows servlets to
maintain state, e.g. database connections
manage timers
Access to wide range of APIs
96
An Example: RejectServlet
import org.ietf.sip.*;
97
Relationship to JAIN SIP
JAIN SIP is a generic, low-level
interface for accessing SIP services
Servlet
Servlet
Can be used in
Clients
Servers SIP Servlet API
Gateways
Focuses purely on the protocol SIP Servlet
Complete access to SIP capabilities Container
JAIN SIP
Supports transactions only
SIP Servlet Container is a particular
application of JAIN SIP SIP Protocol
98
Relationship to JAIN SIP
Servlets focus on high volume carrier Hide many parts of JAIN SIP
grade servers Direct access to many headers is not
Add significant, non-SIP protocol provided
functions Write access to most everything is
Lifecycle management often restricted
Domain objects Servlets should be defined to allow a
Context and configuration SIP container to be built using JAIN
Deployment descriptors SIP
Archive files SIP Objects in Servlet API defined with
Synchronization primitives interfaces that match JAIN SIP
Security signatures
Add significant SIP protocol functions Cannot directly expose JAIN SIP
Construction of requests and objects, though
responses from domain objects
99
SIP CGI
Almost identical to HTTP CGI
Language independent ( Perl, Tcl, C, C++, ... )
Any binary may be executed as a separate program
Feb. 1, 2001: RFC 3050 (Common Gateway Interface for SIP) published
100
Call Processing Language (CPL)
Designed by the IETF to support sophisticated telephony services
May be used by both SIP or H.323.
XML based scripting language for describing controlling call services
Simple Syntax
Extendible
Easily edited by GUI tools
Scripts runs on network SIP signaling server to create end user
services
Lightweight CPL interpreter is need to parser & validate scripts
101
CPL Example
A simple script that blocks anonymous callers
102