[SR-Users] TLS Handshake failing with WSS
Daniel-Constantin Mierla
miconda at gmail.com
Wed Sep 10 18:32:56 CEST 2014
The set_reply_close() should be removed from there.
For digest authentication, simply use the same functions as for sip
(e.g., from auth/auth_db modules).
Cheers,
Daniel
On 09/09/14 16:49, Manuel Camarg wrote:
> According to this article I mentioned in the beginning:
>
> http://nil.uniza.sk/sip/kamailio/configuring-kamailio-4x-websocket
>
> In http:request they do straight away the set_reply_close();
>
> I don't know exactly if this kamailio.cfg implementation may be useful
> for working with WSS:
>
> event_route[xhttp:request] {
> set_reply_close();
> set_reply_no_connect();
>
> if ($Rp != MY_WS_PORT
> #!ifdef WITH_TLS
> && $Rp != MY_WSS_PORT
> #!endif
> ) {
> xlog("L_WARN", "HTTP request received on $Rp\n");
> xhttp_reply("403", "Forbidden", "", "");
> exit;
> }
>
> xlog("L_DBG", "HTTP Request Received\n");
>
> if ($hdr(Upgrade)=~"websocket"
> && $hdr(Connection)=~"Upgrade"
> && $rm=~"GET") {
>
> # Validate Host - make sure the client is using the correct
> # alias for WebSockets
> if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) {
> xlog("L_WARN", "Bad host $hdr(Host)\n");
> xhttp_reply("403", "Forbidden", "", "");
> exit;
> }
>
> # Optional... validate Origin - make sure the client is from an
> # authorised website. For example,
> #
> # if ($hdr(Origin) != "http://communicator.MY_DOMAIN"
> # && $hdr(Origin) != "https://communicator.MY_DOMAIN") {
> # xlog("L_WARN", "Unauthorised client $hdr(Origin)\n");
> # xhttp_reply("403", "Forbidden", "", "");
> # exit;
> # }
>
> # Optional... perform HTTP authentication
>
> # ws_handle_handshake() exits (no further configuration file
> # processing of the request) when complete.
> if (ws_handle_handshake())
> {
> # Optional... cache some information about the
> # successful connection
> exit;
> }
> }
>
> HTTP authentication is not being properly set up. Any indications on
> how to perform this sucessfully?
>
> Kind regards
>
> Manuel
>
>
> >Hello,
> >
> >from the logs you sent now, it appears that you have set_reply_close()
> >in config, therefore the connection is closed after sending the reply.
> >
> >Cheers,
> >Daniel
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Next Kamailio Advanced Trainings 2014 - http://www.asipto.com
Sep 22-25, Berlin, Germany
More information about the sr-users
mailing list