<div>Dear Klaus,</div> <div> </div> <div>Thank you very much for you kind-hearted to reply my message. Thank you very much.</div> <div>Klaus, I still do not understand what you mean .Maybe because I have lack skill in this system.</div> <div>So, yesterday I tried to check file tls_init.c that there is in # openser-1.1.0-tls/tls directory.</div> <div>I found the script that you write below in tls_init.c file . Both of them are same (the script that you write below and the script in tls_ini.c file).</div> <div> So, I am confused, what should I do? What I have to change so TLS can run in my openser?</div> <div>Would you mind giving me explanation, Please..</div> <div> </div> <div>Thank you very much</div> <div> </div> <div>Regards,</div> <div> </div> <div> </div> <div>Ferianto<BR><BR><B><I>Klaus Darilion <klaus.mailinglists@pernau.at></I></B> wrote:</div> <BLOCKQUOTE class=replbq style="PADDING-LEFT: 5px; MARGIN-LEFT:
5px; BORDER-LEFT: #1010ff 2px solid">Ferianto siregar wrote:<BR>> Dear all,<BR>> <BR>> I would like to say thanks to all of you for your kind-hearted read my <BR>> message. Thank you very much.<BR>> All, I need you help now.Please..<BR>> Now, I tried to build openser with TLS in Fedora Core 5. Before, I use <BR>> Redhat 9 and the openser installation can be build successfully.( I can <BR>> make a call with TLS support)<BR>> But, Why when I tried to install it in Fedora Core 5, the openser can <BR>> not run?(there is no pid for openser)<BR>> But, When I erase the TLS configuration (TLS script for enable the TLS) <BR>> in openser.cfg, the openser can run successfully.(There is a pid).<BR>> So, in my opinion, the TLS Script in openser.cfg is error.<BR>> But, I need this script to make secure openser server (openser with TLS <BR>> support).<BR>> <BR>> What should I do? I do hope anybody can give a suggestion. Please help
<BR>> me...Please..<BR><BR>Maybe the openssl library is different on fedora. The interesintg pieco <BR>of code is:<BR><BR>#if (OPENSSL_VERSION_NUMBER >= 0x00908000L) && !defined(OPENSSL_NO_COMP)<BR>/* disabling compression */<BR>LOG(L_ERR, "WARNING:init_tls: disabling compression due ZLIB problems\n");<BR>comp_methods = SSL_COMP_get_compression_methods();<BR>if (comp_methods==0) {<BR>LOG(L_ERR, "ERRRO:init_tls: null openssl compression <BR>methods\n");<BR>return -1;<BR>}<BR>sk_SSL_COMP_zero(comp_methods);<BR>#endif<BR><BR>I wonder why it is an error if the comp_methods are zero. Then we do not <BR>have to disable them.<BR><BR>regards<BR>klaus<BR><BR><BR>> <BR>> Thank you very much<BR>> <BR>> Regards,<BR>> <BR>> <BR>> Ferianto<BR>> <BR>> Note:<BR>> 1. This is the error message that I got when execute, # openser, command:<BR>> 0(8715) DEBUG:socket2str: <udp:202.95.149.251:5060><BR>> 0(8715) DEBUG:socket2str:
<tcp:202.95.149.251:5060><BR>> 0(8715) DEBUG:socket2str: <tls:202.95.149.251:5061><BR>> Listening on<BR>> udp: 202.95.149.251 [202.95.149.251]:5060<BR>> tcp: 202.95.149.251 [202.95.149.251]:5060<BR>> tls: 202.95.149.251 [202.95.149.251]:5061<BR>> Aliases:<BR>> tls: sip:5061<BR>> tls: sip.pcr.ac.id:5061<BR>> tcp: sip:5060<BR>> tcp: sip.pcr.ac.id:5060<BR>> udp: sip:5060<BR>> udp: sip.pcr.ac.id:5060<BR>> <BR>> 0(8715) fm_malloc_init: F_OPTIMIZE=16384, /ROUNDTO=2048<BR>> 0(8715) fm_malloc_init: F_HASH_SIZE=2067, fm_block size=16560<BR>> 0(8715) fm_malloc_init(0xb5fbb000, 33554432), start=0xb5fbb000<BR>> 0(8715) shm_mem_init: success<BR>> 0(8715) init_tcp: using epoll_lt as the io watch method (auto detected)<BR>> 0(8715) init_tls: Entered<BR>> 0(8715) WARNING:init_tls: disabling compression due ZLIB problems<BR>> 0(8715) ERRRO:init_tls: null openssl compression methods<BR>> 0(8715) could not initialize tls,
exiting...<BR>> 0(8715) DEBUG: tm_shutdown : start<BR>> 0(8715) DEBUG: tm_shutdown : emptying hash table<BR>> 0(8715) DEBUG: tm_shutdown : releasing timers<BR>> 0(8715) DEBUG: tm_shutdown : removing semaphores<BR>> 0(8715) DEBUG: tm_shutdown : destroying tmcb lists<BR>> 0(8715) DEBUG: tm_shutdown : done<BR>> 0(8715) destroy_tls: Entered<BR>> 0(8715) shm_mem_destroy<BR>> 0(8715) destroying the shared memory lock<BR>> <BR>> 2. This is the contain part of openser.cfg<BR>> <BR>> listen=202.95.149.250<BR>> port=5060<BR>> children=4<BR>> dns=no # (cmd. line: -r)<BR>> rev_dns=no # (cmd. line: -R)<BR>> fifo="/tmp/openser_fifo" <BR>> fifo_db_url="mysql://openser:openserrw@localhost/openser"<BR>> fifo_mode=0666<BR>> alias="pcr.ac.id"<BR>> <BR>> # uncomment the following lines for TLS support<BR>> disable_tls = 0<BR>> listen = tls:202.95.149.250:5061<BR>> tls_verify_client = on<BR>>
tls_require_client_certificate = on<BR>> tls_verify_server=on<BR>> tls_method = TLSv1<BR>> tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"<BR>> tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"<BR>> tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"<BR>> <BR>> # ------------------ module loading ----------------------------------<BR>> # Uncomment this if you want to use SQL database loadmodule <BR>> "/usr/local/lib/openser/modules/mysql.so" loadmodule <BR>> "/usr/local/lib/openser/modules/sl.so" loadmodule <BR>> "/usr/local/lib/openser/modules/tm.so" loadmodule <BR>> "/usr/local/lib/openser/modules/rr.so" loadmodule <BR>> "/usr/local/lib/openser/modules/maxfwd.so" loadmodule <BR>> "/usr/local/lib/openser/modules/usrloc.so" loadmodule <BR>> "/usr/local/lib/openser/modules/registrar.so" loadmodule <BR>> "/usr/local/lib/openser/modules/auth.so" loadmodule <BR>>
"/usr/local/lib/openser/modules/auth_db.so" loadmodule <BR>> "/usr/local/lib/openser/modules/uri.so" loadmodule <BR>> "/usr/local/lib/openser/modules/uri_db.so" loadmodule <BR>> "/usr/local/lib/openser/modules/mediaproxy.so" loadmodule <BR>> "/usr/local/lib/openser/modules/nathelper.so" loadmodule <BR>> "/usr/local/lib/openser/modules/textops.so" loadmodule <BR>> "/usr/local/lib/openser/modules/avpops.so" loadmodule <BR>> "/usr/local/lib/openser/modules/domain.so" loadmodule <BR>> "/usr/local/lib/openser/modules/permissions.so"<BR>> <BR>> ------------------------------------------------------------------------<BR>> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great <BR>> rates starting at 1¢/min. <BR>> <HTTP: evt="39666/*http://messenger.yahoo.com" us.rd.yahoo.com *http: postman7 taglines mail_us><BR>> <BR>> <BR>> <HTTP: evt="39666/*http://messenger.yahoo.com" us.rd.yahoo.com *http: postman7 taglines
mail_us><BR>> ------------------------------------------------------------------------<BR>> <BR>> _______________________________________________<BR>> Devel mailing list<BR>> Devel@openser.org<BR>> http://openser.org/cgi-bin/mailman/listinfo/devel<BR>> <HTTP: evt="39666/*http://messenger.yahoo.com" us.rd.yahoo.com *http: postman7 taglines mail_us><BR><BR></BLOCKQUOTE><BR></tls:202.95.149.251:5061></tcp:202.95.149.251:5060></udp:202.95.149.251:5060><p> 
                <hr size=1>Stay in the know. Pulse on the new Yahoo.com. <a href="http://us.rd.yahoo.com/evt=42974/*http://www.yahoo.com/preview"> Check it out.</a>