[jitsi-users] Custom user-agent string for connecting to ISP's VoiP service


#1

Dear people,

The largest ISP in the Netherlands, Ziggo, provides free calls in their
internet subscription. However they use a protocol other than SIP in the
modems and separate the local network and the voip lan (you have to plug
in old fashioned phones into the modem's phone ports). They started
providing SIP access as well by providing a SIP app to be used over
wifi, so you can use a smartphone to make free calls from your landline
number. In April of this year, they decided to abandon the app because
it was 'not used alot' (of course SIP is not popular, all their
customers are still using their old-fashioned phone sets, and free call
subscriptions for mobile telephony are cheap and common here). However,
their online SIP server is still online and Jitsi can connect to it.

Dutch Ziggo subscribers can verify:
server: mvoip.ziggo.nl (or mvoipb.ziggo.nl)
user: <ziggo username>%2540ziggo.nl@mvoip.ziggo.nl
password: <ziggo password>
Encryption: mandatory
Transport: TLS

However, making calls is currently not working.

I found at https://blog.puckipedia.com/blog/ziggo-bapp/
that the following is required: userAgent="Ziggo Converged App #wa5hBu5THd#"

Using Wireshark I found that Jitsi sends (in my case): "Jitsi2.8.5426Linux"

Unfortunately there is no option or advanced option anywhere in Jitsi or
the config file that allows custom user agent strings to be entered.
Also I couldn't find a proxy-like tool to modify it in transit.

Is it possible that a config file variable could be added to Jitsi where
a custom user-agent could be specified? Apart from this scenarion, it
would also be useful in case Jitsi is being censored.

And if it's going to be implemented, should it be global or per-account?
It's kind of an account thing if you ask me, otherwise your sending your
ISP name to all servers. And some might rely on Jitsi being in the
string to provide 'enhanced compatibility' (although I am against this
kind of differentiation).

Greetings,
Daniël


#2

Dear people,

Apparently, overnight things changed. Now when I connect the account
Jitsi reports "Connection failed" rather than setting status to Online.
I checked with Wireshark and there is TLS handshaking going on,
certificate is exchanged etc, and there seems to be a <Fin,Ack> sent by
the server responded to with an <Ack> by the client and that's the end
of it. Not followed by SIP-protocol packets, like yesterday.

One would almost think I caused the ISP to change the server settings,
although it worked when I sent the mail yesterday at 19:22 and it
doesn't work anymore next day 06:27. Not exactly working hours.

Also, it's weird that after TLS handshaking, no UDP packets are
transferred, like they did yesterday.

I've attached the summary of the (failed) connection and the pcap file.

I still think custom User-Agent strings could be used to circumvent
censorship and vendor lock-in to 'proprietary' SIP clients which are
nothing more than slightly modified, branded clients. And it still
*might* then work for Ziggo, as indicated by

https://blog.puckipedia.com/blog/ziggo-bapp/

Greetings,
Daniël

ziggo_sip_failed_connection_summary.txt (17.2 KB)

ziggo_SIP_failed_connection.pcapng (5.72 KB)

···

On 14-07-16 19:22, Daniël wrote:

Dear people,

The largest ISP in the Netherlands, Ziggo, provides free calls in their
internet subscription. However they use a protocol other than SIP in the
modems and separate the local network and the voip lan (you have to plug
in old fashioned phones into the modem's phone ports). They started
providing SIP access as well by providing a SIP app to be used over
wifi, so you can use a smartphone to make free calls from your landline
number. In April of this year, they decided to abandon the app because
it was 'not used alot' (of course SIP is not popular, all their
customers are still using their old-fashioned phone sets, and free call
subscriptions for mobile telephony are cheap and common here). However,
their online SIP server is still online and Jitsi can connect to it.

Dutch Ziggo subscribers can verify:
server: mvoip.ziggo.nl (or mvoipb.ziggo.nl)
user: <ziggo username>%2540ziggo.nl@mvoip.ziggo.nl
password: <ziggo password>
Encryption: mandatory
Transport: TLS

However, making calls is currently not working.

I found at https://blog.puckipedia.com/blog/ziggo-bapp/
that the following is required: userAgent="Ziggo Converged App #wa5hBu5THd#"

Using Wireshark I found that Jitsi sends (in my case): "Jitsi2.8.5426Linux"

Unfortunately there is no option or advanced option anywhere in Jitsi or
the config file that allows custom user agent strings to be entered.
Also I couldn't find a proxy-like tool to modify it in transit.

Is it possible that a config file variable could be added to Jitsi where
a custom user-agent could be specified? Apart from this scenarion, it
would also be useful in case Jitsi is being censored.

And if it's going to be implemented, should it be global or per-account?
It's kind of an account thing if you ask me, otherwise your sending your
ISP name to all servers. And some might rely on Jitsi being in the
string to provide 'enhanced compatibility' (although I am against this
kind of differentiation).

Greetings,
Daniël

_______________________________________________
users mailing list
users@jitsi.org
Unsubscribe instructions and other list options:
http://lists.jitsi.org/mailman/listinfo/users


#3

Apparently, overnight things changed. Now when I connect the account
Jitsi reports "Connection failed" rather than setting status to Online.
I checked with Wireshark and there is TLS handshaking going on,
certificate is exchanged etc, and there seems to be a <Fin,Ack> sent by
the server responded to with an <Ack> by the client and that's the end
of it. Not followed by SIP-protocol packets, like yesterday.

One would almost think I caused the ISP to change the server settings,
although it worked when I sent the mail yesterday at 19:22 and it
doesn't work anymore next day 06:27. Not exactly working hours.

Also, it's weird that after TLS handshaking, no UDP packets are
transferred, like they did yesterday.

I've attached the summary of the (failed) connection and the pcap file.

I still think custom User-Agent strings could be used to circumvent
censorship and vendor lock-in to 'proprietary' SIP clients which are
nothing more than slightly modified, branded clients. And it still
*might* then work for Ziggo, as indicated by

https://blog.puckipedia.com/blog/ziggo-bapp/

It's currently not possible to change the User-Agent in Jitsi. As it's not really a priority for me, I won't spend time on implementing it, however I'd happily review a pull request on Github. Should be fairly straightforward to do (ProtocolProviderServiceSipImpl#getSipCommUserAgentHeader).

Btw: Jitsi logs its own pcap files, and the content there isn't encrypted. Wireshark traces are pretty much useless if TLS is used, and even if not they often contain other unrelated network traffic.

Greetings,
Daniël

Ingo