[Devel] TLS ...

Klaus Darilion klaus.mailinglists at pernau.at
Wed Apr 26 21:51:20 CEST 2006


Daniel-Constantin Mierla wrote:
> On 02/23/06 11:20, Klaus Darilion wrote:
>> Daniel-Constantin Mierla wrote:
>>> Hello Klaus,
>>>
>>> I believe some of those can use same static buffer and have hooks 
>>> inside the buffer to start of the pseudo-variable value and the 
>>> length. Like with sip message, there is a static buffer and for each 
>>> process and then the parser just links the hooks. What do you think?
>>
>>
>> I think I will start with one static buffer, and maybe evolve it to 
>> better performance (dedicated buffers for often used TLS parameters) 
>> once I have more insights.
>>
>> I've another question regarding extra-accounting. My idea was to have 
>> access to the the TLS parameters using pseudo variables and account 
>> them using extra-accounting.
>>
>> A typical call:
>>
>>          Proxy
>> ---INVITE-->
>>              ---INVITE--->
>>              <--180-------
>> <--180------
>>              <--200-------
>> <--200------
>>
>>
>> Which of these messages is used for accounting. E.g. if there are 2 
>> TLS connections in this scenario (INVITE in & INVITE out). Which one 
>> is used for accounting?
>> - Is it always the connection of the received INVITE?
>> - Is it possible to account parameters of the outgoing TLS connection?
> Not sure right now, I have to investigate the sources to see how the 
> outgoing and incoming connections can be accessed easyly from TM 
> callbacks. Anyhow, introducing some shortcuts if they are not yet there 
> should simplify the things.

Hi Daniel!

Did you had time to investigate how accounting works? Regarding TLS, 
accounting of TLS-parameters (certificate subject/issuer/...) is the 
only missing (after my client domain patch) thing for openser's TLS part.

regards
Klaus





More information about the Devel mailing list