[SR-Users] TLS Profiles : server_name and server_id query
mahesh b
mahesh.b.2487 at gmail.com
Tue Jan 21 13:54:59 CET 2020
Hi All,
Am using kamailio 5.1.9 version
>From http://www.kamailio.org/docs/modules/5.1.x/modules/tls.html , i
understand " The value for server_id can be any string, being used to match
TLS client config profile, overriding the match on ip:port and server_name.
"
Which suggests that the server_name and server_id can be different for a
tls profile
IN my tls.cfg i have [client:default]
verify_certificate = no
require_certificate = no
[client:10.211.160.172:5071]
method = TLSv1.2
verify_certificate = yes
require_certificate = yes
private_key = /ssl/sip/profile1/server.key
certificate = /ssl/sip/profile1/server.crt
ca_list = /ssl/sip/profile1/ca.crt
cipher_list = RSA
verify_depth = 9
server_id = profile1
server_name = btip.176.com And in sar.cfg i am doing, before sending the
request out $xavp(tls=>server_name)="btip.176.com";
$xavp(tls[0]=>server_id)="profile1"; But if i see the logs , its picking
client default profile for tls handshake, Am i missing anything in tls.cfg
or sar.cfg ?
if i see the code in tls_lookup_cfg()
while (p) {
if(srvid && srvid->len>0) {
LM_DBG("comparing addr: [%s:%d] [%s:%d] -- id: [%.*s] [%.*s]\n",
ip_addr2a(&p->ip), p->port, ip_addr2a(ip), port,
p->server_id.len, ZSW(p->server_id.s),
srvid->len, ZSW(srvid->s));
if(p->server_id.s && p->server_id.len==srvid->len
&& strncasecmp(p->server_name.s, srvid->s, srvid->len)==0) {
LM_DBG("TLS config found by server id\n");
return p;
} .... Why is that there is a strncasecmp between p->server_name.s and
srvid->s ?? the strncasecmp should be between p->server_id.s and srvid->s
right ?
Regards, Mahesh.B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200121/aeaf657b/attachment.html>
More information about the sr-users
mailing list