SIPPING WG V. Gurbani, Ed. Internet-Draft Lucent Technologies/Bell Expires: August 11, 2006 Laboratories C. Boulton Ubiquity Software Corporation R. Sparks Estacado Systems February 7, 2006 Session Initiation Protocol (SIP) Torture Test Messages for Internet Protocol Version 6 (IPv6) draft-gurbani-sipping-ipv6-sip-02.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 11, 2006. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This informational document provides examples of Session Initiation Protocol (SIP) test messages designed to exercise and "torture" the IPv6 portions of a SIP implementation. Gurbani, et al. Expires August 11, 2006 [Page 1] Internet-Draft SIP IPv6 Torture Tests February 2006 This work is being discussed on the sipping@ietf.org mailing list. Table of Contents 1. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. SIP and IPv6 Network Configuration . . . . . . . . . . . . . . 3 3. Parser Torture Tests . . . . . . . . . . . . . . . . . . . . . 3 3.1 Valid SIP request with raw IPv6 addresses . . . . . . . . 4 3.2 Which port should I knock on? . . . . . . . . . . . . . . 4 3.3 Knock on this port, please . . . . . . . . . . . . . . . . 5 3.4 SIP request with IPv6 header parameter . . . . . . . . . . 5 3.5 SIP request with IPv6 identifiers in SDP body . . . . . . 5 3.6 Via headers from different networks in a request . . . . . 6 3.7 SIP request with multiple network identifiers in SDP . . . 6 3.8 More test cases . . . . . . . . . . . . . . . . . . . . . 7 4. Security Considerations . . . . . . . . . . . . . . . . . . . 7 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 7.1 Normative References . . . . . . . . . . . . . . . . . . . 8 7.2 Informative References . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 8 A. Bit-exact archive of each test message . . . . . . . . . . . . 9 A.1 Encoded Reference Messages . . . . . . . . . . . . . . . . 9 Intellectual Property and Copyright Statements . . . . . . . . 11 Gurbani, et al. Expires August 11, 2006 [Page 2] Internet-Draft SIP IPv6 Torture Tests February 2006 1. Overview This document is informational, and is NOT NORMATIVE on any aspect of SIP. This document contains test messages based on the current version (2.0) of the Session Initiation Protocol as defined in [1]. This document is expected to be used as a companion document to the more general SIP torture test document [3], which does not include specific tests for IPv6 network identifiers. This document does not attempt to catalog every way to make an invalid message, nor does it attempt to be comprehensive in exploring unusual, but valid, messages. Instead, it tries to focus on areas that may cause interoperability problems in IPv6 deployments. The messages are presented in the text using a set of markup conventions to avoid ambiguity and meet Internet-Draft layout requirements. To resolve any remaining ambiguity, a bit-accurate version of each message is encapsulated in an appendix. 2. SIP and IPv6 Network Configuration System-level issues like deploying a dual-stack proxy server, populating DNS with A and AAAA RRs, zero-configuration discovery of outbound proxies for IPv4 and IPv6 networks, when should a dual-stack proxy Record-Route itself, and media issues also play a major part in the transition to IPv6. This document does not, however, address these issues. Instead, a companion document [2] provides more guidance on these. 3. Parser Torture Tests The test messages are organized into several sections. Some stress only a SIP parser and others stress both the parser and the application above it. Some messages are valid, and some are not. Each example clearly calls out what makes any invalid messages incorrect. Please refer to the ABNF in [1] on representing IPv6 addresses in SIP. IPv6 addresses are delimited by a '[' and ']'. The appendix contains an encoded binary form of all the messages and the algorithm needed to decode them into files. Gurbani, et al. Expires August 11, 2006 [Page 3] Internet-Draft SIP IPv6 Torture Tests February 2006 3.1 Valid SIP request with raw IPv6 addresses This REGISTER request is well-formatted per the grammar in [1]. An IPv6 address in presentation form appears in the Request-URI (R-URI), Via header, and Contact header. Message Details: reg-good REGISTER sip:[2001:db8::10] SIP/2.0 To: sip:user@example.com From: sip:user@example.com;tag=81x2 Via: SIP/2.0/UDP [2001:db8::9:1];branch=z9hG4bKas3-111 Call-ID: SSG9559905523997077@hlau_4100 Contact: "Caller" CSeq: 98176 REGISTER Content-Length: 0 3.2 Which port should I knock on? IPv6 uses the colon to delimit octets. This may lead to ambiguity if the port number on which to contact a SIP server is inadverdently conflated with the IPv6 address. Consider the REGISTER request below. The sender of the request intended to specify a port number (5070). Unfortunately, however, since the IPv6 address in the R-URI is compressed, it makes it hard to tell whether the 5070 is a port number or the last octet in the address. From a pure parsing point of view, the REGISTER request is well- formed. However, from a semantic point of view, it will not yield the desired result. Implementations must take care to ensure that when a raw IPv6 address appears in a SIP URI, then any port number must appear outside the closing '[' of the URI. Message Details: reg-ambigous REGISTER sip:[2001:db8::10:5070] SIP/2.0 To: sip:user@example.com From: sip:user@example.com;tag=81x2 Via: SIP/2.0/UDP [2001:db8::9:1];branch=z9hG4bKas3-111 Call-ID: SSG9559905523997077@hlau_4100 Contact: "Caller" CSeq: 98176 REGISTER Content-Length: 0 Gurbani, et al. Expires August 11, 2006 [Page 4] Internet-Draft SIP IPv6 Torture Tests February 2006 3.3 Knock on this port, please In contrast to the example in Section 3.2, the following REGISTER request leaves no ambiguity whatsover on where the IPv6 address begins and where it ends. This REGISTER request is well formatted per the grammar in [1]. Message Details: reg-good-port REGISTER sip:[2001:db8::10]:5070 SIP/2.0 To: sip:user@example.com From: sip:user@example.com;tag=81x2 Via: SIP/2.0/UDP [2001:db8::9:1];branch=z9hG4bKas3-111 Call-ID: SSG9559905523997077@hlau_4100 Contact: "Caller" CSeq: 98176 REGISTER Content-Length: 0 3.4 SIP request with IPv6 header parameter This REGISTER request contains an IPv6 address in a header parameter. The request itself is well formatted per the grammar in [1]. Message Details: reg-param REGISTER sip:[2001:db8::10] SIP/2.0 To: sip:user@example.com From: sip:user@example.com;tag=81x2 Via: SIP/2.0/UDP [2001:db8::9:1];received=[2001:db8::9:255]; branch=z9hG4bKas3-111 Call-ID: SSG9559905523997077@hlau_4100 Contact: "Caller" CSeq: 98176 REGISTER Content-Length: 0 3.5 SIP request with IPv6 identifiers in SDP body This INVITE request is valid and well-formed. Notice the IPv6 addresses in the SDP body. Message Details: inv-good Gurbani, et al. Expires August 11, 2006 [Page 5] Internet-Draft SIP IPv6 Torture Tests February 2006 INVITE sip:user@[2001:db8::10] SIP/2.0 To: sip:user@[2001:db8::10] From: sip:user@example.com;tag=81x2 Via: SIP/2.0/UDP [2001:db8::9:1];branch=z9hG4bKas3-111 Call-ID: SSG9559905523997077@hlau_4100 Contact: "Caller" CSeq: 8612 INVITE Content-Type: application/sdp Content-Length: 268 v=0 o=assistant 971731711378798081 0 IN IP6 2001:db8::20 s=Live video feed for today's meeting c=IN IP6 2001:db8::1 t=3338481189 3370017201 m=audio 6000 RTP/AVP 2 a=rtpmap:2 G726-32/8000 m=video 6024 RTP/AVP 107 a=rtpmap:107 H263-1998/90000 3.6 Via headers from different networks in a request This BYE request is valid and well-formed. The Via list contains a mix of IPv4 and IPv6 addresses. Message Details: bye-good BYE sip:user@host.example.com SIP/2.0 Via: SIP/2.0/UDP [2001:db8::9:1]:6050;branch=z9hG4bKas3-111 Via: SIP/2.0/UDP 192.0.2.1;branch=z9hG4bKjhja8781hjuaij65144 Via: SIP/2.0/TCP [2001:db8::9:255];branch=z9hG4bK451jj; received=192.0.2.200 Call-ID: 997077@lau_4100 CSeq: 89187 BYE To: sip:user@example.net;tag=9817--94 From: sip:user@example.com;tag=81x2 3.7 SIP request with multiple network identifiers in SDP This INVITE request is valid and well-formed. It contains multiple network identifiers in the SDP body. Message Details: inv-mult-sdp Gurbani, et al. Expires August 11, 2006 [Page 6] Internet-Draft SIP IPv6 Torture Tests February 2006 INVITE sip:user@[2001:db8::10] SIP/2.0 To: sip:user@[2001:db8::10] From: sip:user@example.com;tag=81x2 Via: SIP/2.0/UDP [2001:db8::9:1];branch=z9hG4bKas3-111 Call-ID: SSG9559905523997077@hlau_4100 Contact: "Caller" CSeq: 8912 INVITE Content-Type: application/sdp Content-Length: 181 v=0 o=bob 280744730 28977631 IN IP4 host.example.com s= t=0 0 m=audio 22334 RTP/AVP 0 c=IN IP4 192.0.2.1 m=video 6024 RTP/AVP 107 c=IN IP6 2001:db8::1 a=rtpmap:107 H263-1998/90000 3.8 More test cases TBD. Looking for more test cases...suggestions welcome. 4. Security Considerations This document presents NON NORMATIVE examples of SIP session establishment. The security considerations in [1] apply. Parsers must carefully consider edge conditions and malicious input as part of their design. Attacks on many Internet systems use crafted input to cause implementations to behave in undesirable ways. Many of the messages in this draft are designed to stress a parser implementation at points traditionally used for such attacks. This document does not, however, attempt to be comprehensive. It contains some common pitfalls that the authors have discovered while parsing IPv6 identifiers in SIP implementations. 5. IANA Considerations This document has no actions for IANA. 6. Acknowledgments The authors acknowledge the gracious help provided by Dennis Bijwaard, Gonzalo Camarillo, Bob Gilligan, Larry Kollasch, Erik Nordmark, Kumiko Ono and Robert Sparks. Gurbani, et al. Expires August 11, 2006 [Page 7] Internet-Draft SIP IPv6 Torture Tests February 2006 The appendix contains a bit-exact archive of each message following the convention established by Robert Sparks. 7. References 7.1 Normative References [1] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [2] Camarillo, G., El Malki, K., and V. Gurbani, "IPv6 Transition in the Session Initiation Protocol (SIP)", draft-ietf-sipping-v6-transition-02.txt (work in progress), October 2005. 7.2 Informative References [3] Sparks, R., Hawrylyshen, A., Hawrylyshen, A., Rosenberg, J., and H. Schulzrinne, "Session Initiation Protocol Torture Test Messages", draft-ietf-sipping-torture-tests-09 (work in progress), November 2005. Authors' Addresses Vijay Gurbani (editor) Lucent Technologies/Bell Laboratories 2701 Lucent Lane Rm 9F-546 Lisle, IL 60532 USA Phone: +1 630 224 0216 Email: vkg@lucent.com Chris Boulton Ubiquity Software Corporation Building 3 West Fawr Lane St Mellons Cardiff, South Wales CF3 5EA Email: cboulton@ubiquitysoftware.com Gurbani, et al. Expires August 11, 2006 [Page 8] Internet-Draft SIP IPv6 Torture Tests February 2006 Robert J. Sparks Estacado Systems Email: RjS@estacado.net Appendix A. Bit-exact archive of each test message The following text block is an encoded, gzip compressed TAR archive of files that represent each of the example messages discussed in Section 4. To recover the compressed archive file intact, the text of this document may be passed as input to the following Perl script (the output should be redirected to a file or piped to "tar -xzvf -"). #!/usr/bin/perl use strict; my $bdata = ""; use MIME::Base64; while(<>) { if (/-- BEGIN MESSAGE ARCHIVE --/ .. /-- END MESSAGE ARCHIVE --/) { if ( m/^\s*[^\s]+\s*$/) { $bdata = $bdata . $_; } } } print decode_base64($bdata); Alternatively, the base-64 encoded block can be edited by hand to remove document structure lines and fed as input to any base-64 decoding utility. A.1 Encoded Reference Messages Gurbani, et al. Expires August 11, 2006 [Page 9] Internet-Draft SIP IPv6 Torture Tests February 2006 -- BEGIN MESSAGE ARCHIVE -- H4sICPXFRkMAA3h4LnRhcgDtWVtv2zYUzrN+BdGXPck+h6REUqmGbmmWGSsGI/YCFENQ0 DZry7Muk2Sj2a8fZVe+5Oa1qBJ00QfbMsVzdCjyfB9JaXRj3GmaTk4aBCCAz/mJ/QXG/b 3jBh7zTxAYRcp9hsyeR2oLJ9Bko2osi1LnNuTqr+mjdsfqqxthlFZHzgT7lk1sEj+/Pyd FlAXLwuRvZmlRdswnHWcL0xmnMRn0+l3aAecq0kFd6P7xtk/+pHaQgslIBoEK8DrwwYPT Ua6T8Sz8R80u+Og3XTAXEe/6InTsh3bYLYf5bK6lkDibL3U09z3k/NB5eHYrMPW861sX4 R7O56e5GZtoZSZhHQspOGd6sXB7bwOilAAh3iz08gO3qemcDczfAZEKpSC2P5xhGuz6pO 6OxJSnpZ6GSqJwXcWdX/I0vsfOdtvaTuIn6jz36B5HlKyem/9oc2fDf+D2633mP7T8fwL 0fr/qDfckYI9fCNdbATigxKHNfyLCMQF5QDu2lB0MLpTnKQWeR9ln/s52BE6TUo/LgLyq HEz+iryumjNeFw6ae/1jzXYfKdnc/NrdJKU7vMlMQHSWLaKxLqM06RaTbFv7ziTTchYQ6 kvHWYXgpKEuisimT1ISJVAwFIhMSKEkSCRgL096fZ/swlsRKsJ3VpjIKpqYlHw0ZkI+pj kp04m++aEgsTFllEydcXjHF50yZIxJLhGlIowJWyUooBOHejmJUuLb1COXw373p6s+oY4 O8zKLdRZQciGo7zLaldbCmm+C+0D51hxB7BxsgfxKfTsESsmuqjL7O1CyFl+DSv/j5aJ0 bao3FePY+k94fKP/HqfgYaX/DCr7phq0j1b/X6b+q6/Vf5RY6/8oHREqQXAuGNh/Sgi7g dnoPie3V9NW+62GA4GtYlPK2E6DoZZ9TlDZfqqWrQ+r9b1TxGMSTu7V8NxMXR2PoukyXR YN5dgx/nOG2/UfbPZ/jLKW/0+By/OL3mB4frnm7wGxAw/EQwqwn9XfJf2rXZxP6pu/w3F wXsqCp+L/cz//4ZTX/LejApv9H7CW/0+Ah/nfUv8loOa/m6V52VCML5r/q3nfzv/o+S3/ nwCP8H+9AGhF4P+Niv+ZznXcYIyj/Pd3z3/BX+//6bq+wTZt0fK/2fmfHOX+9mXNsXc7r Sy0aNGixbfDvxuXsaUAIgAA -- END MESSAGE ARCHIVE -- Gurbani, et al. Expires August 11, 2006 [Page 10] Internet-Draft SIP IPv6 Torture Tests February 2006 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Gurbani, et al. Expires August 11, 2006 [Page 11]