[sr-dev] git:pd/websocket: modules/websocket: updated example/test kamailio. cfg to support TLS
Peter Dunkley
peter.dunkley at crocodile-rcs.com
Sat Jun 23 17:08:06 CEST 2012
Module: sip-router
Branch: pd/websocket
Commit: ad7ea60ff5e8e2a8d5b9ddeaca99a2bab7941e70
URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=ad7ea60ff5e8e2a8d5b9ddeaca99a2bab7941e70
Author: Peter Dunkley <peter.dunkley at crocodile-rcs.com>
Committer: Peter Dunkley <peter.dunkley at crocodile-rcs.com>
Date: Sat Jun 23 16:07:12 2012 +0100
modules/websocket: updated example/test kamailio.cfg to support TLS
- Basic WebSocket working over TLS
---
modules/websocket/example/kamailio.cfg | 29 +++++++++++++++++++++++------
1 files changed, 23 insertions(+), 6 deletions(-)
diff --git a/modules/websocket/example/kamailio.cfg b/modules/websocket/example/kamailio.cfg
index ba20abb..cac432c 100644
--- a/modules/websocket/example/kamailio.cfg
+++ b/modules/websocket/example/kamailio.cfg
@@ -1,6 +1,6 @@
#!KAMAILIO
-#!define DBURL "sqlite:////etc/kamailio/db.sqlite"
+#!define DBURL "sqlite:////etc/kamailio/db.sqlite"
####### Global Parameters #########
@@ -8,15 +8,21 @@ debug=2
fork=yes
children=4
+enable_tls=1
+
alias="example.com"
-listen=192.168.111.12
-port=5060
-listen=192.168.111.12
-port=80
+
+listen=192.168.111.2:5060
+listen=tcp:192.168.111.2:80
+
+listen=tls:192.168.111.2:5061
+listen=tls:192.168.111.2:443
tcp_connection_lifetime=3604
tcp_accept_no_cl=yes
+enable_tls=1
+
syn_branch=0
#mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/"
@@ -41,6 +47,7 @@ loadmodule "xhttp.so"
loadmodule "kex.so"
loadmodule "websocket.so"
loadmodule "mi_rpc.so"
+loadmodule "tls.so"
# ----------------- setting module-specific parameters ---------------
@@ -73,6 +80,14 @@ modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials", "")
+# ----- websocket params -----
+modparam("websocket", "keepalive_timeout", 30)
+
+# ----- tls params -----
+modparam("tls", "tls_method", "SSLv23")
+modparam("tls", "certificate", "CA/ser1_cert.pem")
+modparam("tls", "private_key", "CA/privkey.pem")
+modparam("tls", "ca_list", "CA/calist.pem")
####### Routing Logic ########
@@ -224,12 +239,14 @@ route[AUTH] {
}
event_route[xhttp:request] {
- if ($Rp != "80") {
+ if ($Rp != "80" && $Rp != "443") {
xlog("L_WARN", "HTTP request received on $Rp\n");
xhttp_reply("403", "Forbidden", "", "");
exit;
}
+ xlog("L_INFO", "HTTP Request Received\n");
+
if ($hdr(Upgrade)=~"websocket"
&& $hdr(Connection)=~"Upgrade"
&& $rm=~"GET") {
More information about the sr-dev
mailing list