[Serusers] tls, xlog and select framework syntax

Michal Matyska michal at iptel.org
Thu Feb 23 00:08:03 CET 2006 

Hi again,

I've done TLS setup and it seems everything is working for me. I used
this ser.cfg file:
route{
	log("L_E","@tls=%@tls \n");
	if (dst_port==5060) {
        forward_tls(127.0.0.1,5061);
	} else {
        sl_send_reply("404","Not found");
	}
}

sent one message to the UDP port and got this as output:
 2(5862) ERROR: tls_select.c:68: Transport protocol is not TLS (bug in  config)
 2(5862) INFO: tls_select.c:226: TLS connection not found in select_desc 
 2(5862) @tls=
11(5871) tls_accept: new connection from 127.0.0.1:52820 using TLSv1/SSLv3 AES256-SHA 256
11(5871) tls_accept: local socket: 127.0.0.1:5061
11(5871) tls_accept: client did not present a certificate
 2(5862) tls_connect: new connection to 127.0.0.1:5061 using TLSv1/SSLv3 AES256-SHA 256
 2(5862) tls_connect: sending socket: 127.0.0.1:5061
 2(5862) tls_connect: server certificate subject:/C=CT/ST=SipUserland/O=SipSerUser/OU=HumanBeing/CN=Alice/emailAddress=alice at sipuser.org
 2(5862) tls_connect: server certificate issuer:/CN=SER.Certs.Inc/ST=SipLand/C=NL/emailAddress=cesc at sipland.sl/O=CA.ffeine Inc./OU=Certification Services
 2(5862) WARNING: tls_connect: server certificate verification failed!!!
 2(5862) verification failure: unable to get local issuer certificate
11(5871) @tls=AES256-SHA              SSLv3 Kx=RSA      Au=RSA     Enc=AES(256)  Mac=SHA1

Try to update your sources from CVS, cross your fingers and run it again.
In case of troubles increase the debug level and post output.

Michal

On Wed, Feb 22, 2006 at 09:48:27PM +0100, Michal Matyska wrote:
> Hi,
> 
> yes it should work that way. Do you use the latest CVS version? I'll
> reply myself, yes you do, you'd get "ERROR: wrong format" in case if
> not.
> 
> As I don't have TLS set up, could you please try to use other tls
> selects (tls.my.name etc.) in the xlog vs. avp and send me output of
> that?
> 
> Michal
> 
> On Wed, Feb 22, 2006 at 07:33:08PM +0100, Klaus Darilion wrote:
> > Hi!
> > 
> > I want to log some TLS parameters. I've tried:
> >   xlog("L_ERR","@tls = %@tls (String description of the TLS layer)\n");
> > 
> > but all I get is:
> >   ser[20222]: @tls = <null>tls (String description of the TLS layer)
> > 
> > using avps it works:
> >   %avp1=@tls;
> >   print_sattr("avp1");
> >   xlog("L_ERR","avp1 = %$avp1\n");
> > 
> > 
> > What is the correct syntax for using the select framework?
> > 
> > thanks
> > klaus
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers
> 
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers

More information about the sr-users mailing list