[Users] cancelling forked requests + forcing TLS use
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Wed Mar 7 14:11:19 CET 2007
Hi Andrew,
Andrew T Gin wrote:
> Hi
> I have two questions.
> 1. Receiver at 1.1.1.1 and Receiver at 2.2.2.2 register with ser.
> Client sends an INVITE to ser for Receiver.
> ser forks these INVITES in parallel to both Receiver at 1.1.1.1 and
> Receiver at 2.2.2.2.
> As both Receivers are online, they both reply with 200 OK.
> SER then relays BOTH 200 OK's back to the Client.
> My question: Shouldn't SER send CANCEL to one of them, and relay only
> ONE 200 OK back to the client? How would I do this?
> It is not the client's responsibility to send a CANCEL to the SER to
> relay to one of the receivers, is this correct?
>
AFAIK, the rfc state that all 200 ok must be sent to the UAC - the proxy
cannot decide which to select and more important it is not able to
terminate a call (CANCEL is used only prior to 200 OK; after that, BYE
must be used)
So, the UAC should select one of the 200 OK and for the other one, it
should send a BYE.
> 2. When I have
> tls_verify_client = 1
> tls_require_client_certificate = 1
>
> in my cfg file, ser still accepts tcp and udp connections, despite
> tls_require_client_certificate=1. I did a search, and found this way:
>
> if (proto != TLS) {
> sl_send_reply("403", "Forbidden");
> exit;
> };
>
> However SER is really still listening on UDP and TCP port 5060. Is
> there a way to configure SER such that it only listens and
> acknowledges TLS connections?
do:
disable_tcp = yes
to get rid of TCP
for UDP is not so simple as RFC make mandatory for a proxy to use UDP.
So, you have to do it from script.
regards,
bogdan
>
> Thanks
> Andrew
>
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
More information about the sr-users
mailing list