[sr-dev] git:pd/websocket: modules/websocket: updated example/test kamailio. cfg to support TLS

Peter Dunkley peter.dunkley at crocodile-rcs.com
Sat Jun 23 17:08:06 CEST 2012


Module: sip-router
Branch: pd/websocket
Commit: ad7ea60ff5e8e2a8d5b9ddeaca99a2bab7941e70
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=ad7ea60ff5e8e2a8d5b9ddeaca99a2bab7941e70

Author: Peter Dunkley <peter.dunkley at crocodile-rcs.com>
Committer: Peter Dunkley <peter.dunkley at crocodile-rcs.com>
Date:   Sat Jun 23 16:07:12 2012 +0100

modules/websocket: updated example/test kamailio.cfg to support TLS

- Basic WebSocket working over TLS

---

 modules/websocket/example/kamailio.cfg |   29 +++++++++++++++++++++++------
 1 files changed, 23 insertions(+), 6 deletions(-)

diff --git a/modules/websocket/example/kamailio.cfg b/modules/websocket/example/kamailio.cfg
index ba20abb..cac432c 100644
--- a/modules/websocket/example/kamailio.cfg
+++ b/modules/websocket/example/kamailio.cfg
@@ -1,6 +1,6 @@
 #!KAMAILIO
 
-#!define DBURL "sqlite:////etc/kamailio/db.sqlite"
+#!define DBURL		"sqlite:////etc/kamailio/db.sqlite"
 
 ####### Global Parameters #########
 
@@ -8,15 +8,21 @@ debug=2
 fork=yes
 children=4
 
+enable_tls=1
+
 alias="example.com"
-listen=192.168.111.12
-port=5060
-listen=192.168.111.12
-port=80
+
+listen=192.168.111.2:5060
+listen=tcp:192.168.111.2:80
+
+listen=tls:192.168.111.2:5061
+listen=tls:192.168.111.2:443
 
 tcp_connection_lifetime=3604
 tcp_accept_no_cl=yes
 
+enable_tls=1
+
 syn_branch=0
 
 #mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/"
@@ -41,6 +47,7 @@ loadmodule "xhttp.so"
 loadmodule "kex.so"
 loadmodule "websocket.so"
 loadmodule "mi_rpc.so"
+loadmodule "tls.so"
 
 # ----------------- setting module-specific parameters ---------------
 
@@ -73,6 +80,14 @@ modparam("auth_db", "calculate_ha1", yes)
 modparam("auth_db", "password_column", "password")
 modparam("auth_db", "load_credentials", "")
 
+# ----- websocket params -----
+modparam("websocket", "keepalive_timeout", 30)
+
+# ----- tls params -----
+modparam("tls", "tls_method", "SSLv23")
+modparam("tls", "certificate", "CA/ser1_cert.pem")
+modparam("tls", "private_key", "CA/privkey.pem")
+modparam("tls", "ca_list", "CA/calist.pem")
 
 ####### Routing Logic ########
 
@@ -224,12 +239,14 @@ route[AUTH] {
 }
 
 event_route[xhttp:request] {
-	if ($Rp != "80") {
+	if ($Rp != "80" && $Rp != "443") {
 		xlog("L_WARN", "HTTP request received on $Rp\n");
 		xhttp_reply("403", "Forbidden", "", "");
 		exit;
 	}
 
+	xlog("L_INFO", "HTTP Request Received\n");
+
 	if ($hdr(Upgrade)=~"websocket"
 			&& $hdr(Connection)=~"Upgrade"
 			&& $rm=~"GET") {




More information about the sr-dev mailing list