Hi again,
I've done TLS setup and it seems everything is working for me. I used this ser.cfg file: route{ log("L_E","@tls=%@tls \n"); if (dst_port==5060) { forward_tls(127.0.0.1,5061); } else { sl_send_reply("404","Not found"); } }
sent one message to the UDP port and got this as output: 2(5862) ERROR: tls_select.c:68: Transport protocol is not TLS (bug in config) 2(5862) INFO: tls_select.c:226: TLS connection not found in select_desc 2(5862) @tls= 11(5871) tls_accept: new connection from 127.0.0.1:52820 using TLSv1/SSLv3 AES256-SHA 256 11(5871) tls_accept: local socket: 127.0.0.1:5061 11(5871) tls_accept: client did not present a certificate 2(5862) tls_connect: new connection to 127.0.0.1:5061 using TLSv1/SSLv3 AES256-SHA 256 2(5862) tls_connect: sending socket: 127.0.0.1:5061 2(5862) tls_connect: server certificate subject:/C=CT/ST=SipUserland/O=SipSerUser/OU=HumanBeing/CN=Alice/emailAddress=alice@sipuser.org 2(5862) tls_connect: server certificate issuer:/CN=SER.Certs.Inc/ST=SipLand/C=NL/emailAddress=cesc@sipland.sl/O=CA.ffeine Inc./OU=Certification Services 2(5862) WARNING: tls_connect: server certificate verification failed!!! 2(5862) verification failure: unable to get local issuer certificate 11(5871) @tls=AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
Try to update your sources from CVS, cross your fingers and run it again. In case of troubles increase the debug level and post output.
Michal
On Wed, Feb 22, 2006 at 09:48:27PM +0100, Michal Matyska wrote:
Hi,
yes it should work that way. Do you use the latest CVS version? I'll reply myself, yes you do, you'd get "ERROR: wrong format" in case if not.
As I don't have TLS set up, could you please try to use other tls selects (tls.my.name etc.) in the xlog vs. avp and send me output of that?
Michal
On Wed, Feb 22, 2006 at 07:33:08PM +0100, Klaus Darilion wrote:
Hi!
I want to log some TLS parameters. I've tried: xlog("L_ERR","@tls = %@tls (String description of the TLS layer)\n");
but all I get is: ser[20222]: @tls = <null>tls (String description of the TLS layer)
using avps it works: %avp1=@tls; print_sattr("avp1"); xlog("L_ERR","avp1 = %$avp1\n");
What is the correct syntax for using the select framework?
thanks klaus
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers