[sr-dev] git:pd/websocket: modules/websocket: updated example/test kamailio. cfg to support TLS

Module: sip-router Branch: pd/websocket Commit: ad7ea60ff5e8e2a8d5b9ddeaca99a2bab7941e70 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=ad7ea60f...

Author: Peter Dunkley peter.dunkley@crocodile-rcs.com Committer: Peter Dunkley peter.dunkley@crocodile-rcs.com Date: Sat Jun 23 16:07:12 2012 +0100

modules/websocket: updated example/test kamailio.cfg to support TLS

- Basic WebSocket working over TLS

---

modules/websocket/example/kamailio.cfg | 29 +++++++++++++++++++++++------ 1 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/modules/websocket/example/kamailio.cfg b/modules/websocket/example/kamailio.cfg index ba20abb..cac432c 100644 --- a/modules/websocket/example/kamailio.cfg +++ b/modules/websocket/example/kamailio.cfg @@ -1,6 +1,6 @@ #!KAMAILIO

-#!define DBURL "sqlite:////etc/kamailio/db.sqlite" +#!define DBURL "sqlite:////etc/kamailio/db.sqlite"

####### Global Parameters #########

@@ -8,15 +8,21 @@ debug=2 fork=yes children=4

+enable_tls=1 + alias="example.com" -listen=192.168.111.12 -port=5060 -listen=192.168.111.12 -port=80 + +listen=192.168.111.2:5060 +listen=tcp:192.168.111.2:80 + +listen=tls:192.168.111.2:5061 +listen=tls:192.168.111.2:443

tcp_connection_lifetime=3604 tcp_accept_no_cl=yes

+enable_tls=1 + syn_branch=0

#mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/" @@ -41,6 +47,7 @@ loadmodule "xhttp.so" loadmodule "kex.so" loadmodule "websocket.so" loadmodule "mi_rpc.so" +loadmodule "tls.so"

# ----------------- setting module-specific parameters ---------------

@@ -73,6 +80,14 @@ modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "")

+# ----- websocket params ----- +modparam("websocket", "keepalive_timeout", 30) + +# ----- tls params ----- +modparam("tls", "tls_method", "SSLv23") +modparam("tls", "certificate", "CA/ser1_cert.pem") +modparam("tls", "private_key", "CA/privkey.pem") +modparam("tls", "ca_list", "CA/calist.pem")

####### Routing Logic ########

@@ -224,12 +239,14 @@ route[AUTH] { }

event_route[xhttp:request] { - if ($Rp != "80") { + if ($Rp != "80" && $Rp != "443") { xlog("L_WARN", "HTTP request received on $Rp\n"); xhttp_reply("403", "Forbidden", "", ""); exit; }

+ xlog("L_INFO", "HTTP Request Received\n"); + if ($hdr(Upgrade)=~"websocket" && $hdr(Connection)=~"Upgrade" && $rm=~"GET") {