Hi again,
I've done TLS setup and it seems everything is working for me. I used
this ser.cfg file:
route{
log("L_E","@tls=%@tls \n");
if (dst_port==5060) {
forward_tls(127.0.0.1,5061);
} else {
sl_send_reply("404","Not found");
}
}
sent one message to the UDP port and got this as output:
2(5862) ERROR: tls_select.c:68: Transport protocol is not TLS (bug in config)
2(5862) INFO: tls_select.c:226: TLS connection not found in select_desc
2(5862) @tls=
11(5871) tls_accept: new connection from 127.0.0.1:52820 using TLSv1/SSLv3 AES256-SHA 256
11(5871) tls_accept: local socket: 127.0.0.1:5061
11(5871) tls_accept: client did not present a certificate
2(5862) tls_connect: new connection to 127.0.0.1:5061 using TLSv1/SSLv3 AES256-SHA 256
2(5862) tls_connect: sending socket: 127.0.0.1:5061
2(5862) tls_connect: server certificate
subject:/C=CT/ST=SipUserland/O=SipSerUser/OU=HumanBeing/CN=Alice/emailAddress=alice@sipuser.org
2(5862) tls_connect: server certificate
issuer:/CN=SER.Certs.Inc/ST=SipLand/C=NL/emailAddress=cesc@sipland.sl/O=CA.ffeine
Inc./OU=Certification Services
2(5862) WARNING: tls_connect: server certificate verification failed!!!
2(5862) verification failure: unable to get local issuer certificate
11(5871) @tls=AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
Try to update your sources from CVS, cross your fingers and run it again.
In case of troubles increase the debug level and post output.
Michal
On Wed, Feb 22, 2006 at 09:48:27PM +0100, Michal Matyska wrote:
Hi,
yes it should work that way. Do you use the latest CVS version? I'll
reply myself, yes you do, you'd get "ERROR: wrong format" in case if
not.
As I don't have TLS set up, could you please try to use other tls
selects (tls.my.name etc.) in the xlog vs. avp and send me output of
that?
Michal
On Wed, Feb 22, 2006 at 07:33:08PM +0100, Klaus Darilion wrote:
Hi!
I want to log some TLS parameters. I've tried:
xlog("L_ERR","@tls = %@tls (String description of the TLS
layer)\n");
but all I get is:
ser[20222]: @tls = <null>tls (String description of the TLS layer)
using avps it works:
%avp1=@tls;
print_sattr("avp1");
xlog("L_ERR","avp1 = %$avp1\n");
What is the correct syntax for using the select framework?
thanks
klaus
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers