[SR-Dev] TLS merge
Andrei Pelinescu-Onciul
andrei at iptel.org
Tue Feb 24 11:12:01 CET 2009
On Feb 23, 2009 at 22:02, Jan Janak <jan at iptel.org> wrote:
> Hello,
>
> If we want to make the sip-router core usable in both projects, we would also
> need to merge both tls implementations. In SER we moved the the TLS
> implementation into tls module.
>
> In Kamailio it appears that the tls implementation is in tls subdirectory in
> the core and then there is tlsops module which contains pseudovariables used
> to retrieve information from TLS certificates.
>
> Unless somebody has a better idea, I would propose that we merge the tls
> implementation from kamailio core into ser tls module. In addition to that we
> could merge the implementation of tls related pseudovariables from tlsops into
> the tls module and then put the tls module into the sip-router repository.
I don't think there is anything to merge from kamailio tls core. It's
just basic tls which is fully supported by ser tls module (they have a
common ancestry anyway). Moreover ser tls has lots of workarounds in
place for various bugs in openssl.
Regarding tlsops: we already have extensive ser select support in tls
and as far as I understood from Daniel selects are/will be accessible via
psedo-vars too. So does it make sense to port the pseudo vars from
tlsops? Is that something extra supported by them?
>
> What do you think? I volunteer to do this if nobody objects.
I would concentrate on tlsops and see if there are any "extras".
BTW: for anybody trying to use tls with sip-router: the tls module
doesn't yet support the tcp async mode, so if you try to use it make
sure tcp_buf_write=no (there are still some changes at the tcp level
required for tls async and I haven't finished them yet).
Andrei
More information about the sr-dev
mailing list