Dear all,
Thank you very much for this chance. Thank you.
I am sorry, I have some questions. Can I ask you, Please?
1. All, I have build openser server with TLS support. I use openser-1.1.0-tls
Now, I tried to test it by making a call by using softphone that supported TLS.
Based on the suggestion from this forum, for testing it, I can use minisip.
I have configured minisip like the installation note that I got when download it.
But, I have a problem. I have error when running minisip and make a call in Windows XP.
This is the error message :
Starting MiniSIP ... welcome!
libmutil: setupDefaultSignalHandling: No stack trace signal handler available
Initializing NetUtil
Creating SipSoftPhoneConfiguration
init 1/9: Creating timeout provider
init 2/9: Creating GUI
Creating GTK GUI
Setting contact db
Thread 2
running - doing initParseConfig
init 3/9: Parsing configuration file ()
WARNING: Could not determine home directory
Config file version checked ok!
SipIdentity::SipIdentity : cretated identity id=1
SipIdentity::setSipUri: sipUsername=<aldi> sipDomain=<pcr.ac.id>
SipIdentity::setSipProxy: autodetect is false;
userUri=aldi@pcr.ac.id; transport
= UDP; proxyAddr=sip.pcr.ac.id; proxyPort=5060
SipProxy:setProxy(str) : addr = sip.pcr.ac.id
SipIdentity::setProxy: manual sipproxy success ...
SipIdentity::setProxy: else ...
Identities:
identity=1; username=aldi; domain=pcr.ac.id proxy=[proxyString=sip.pcr.a
c.id; proxyString=sip.pcr.ac.id; port=5060; transport=UDP; autodetect=no; user=a
ldi; password=aldi; expires=1000]; isRegistered=0
init 4/9: Creating IP provider
Adapter
Name: {DAF8C45E-7B2A-4D08-98AA-5E5091C3464D}
Adapter Name: {6FFFD1E7-4BC6-426E-929D-E8292B7FC0DB}
Adapter Name: {B926ACA5-8120-42A4-BAD7-AE95AA6708F0}
SimpleIPProvider: localIp =
SimpleIPProvider: preferred network interface = {DAF8C45E-7B2A-4D08-98AA-5E5091C
3464D}
SimpleIPProvider: preferred interface found
Minisip is using IP = 202.95.149.5
init 5/9: Creating MediaHandler
Sound I/O: using Spatial Audio Mixer
Adding audio codec: G.711
init 6/9: Creating MSip SIP stack
init 7/9: Connecting GUI to SIP logic
init 8.2/9: Starting TCP transport worker thread
init 9/9: Registering Identities to registrar server
Registering user
aldi@pcr.ac.id to proxy sip.pcr.ac.id, requesting domain pcr.ac
.id
IP4Address(string): sip.pcr.ac.id
(202.95.149.251)
IP4Address(string): sip.pcr.ac.id (202.95.149.251)
IP4Address(string): sip.pcr.ac.id (202.95.149.251)
Before new mediaSession
RtpReceiver:: final trying port = 34694
After new mediaSession
Before addDialog
After addDialog
Before handleCommand
After handleCommand
Session::getSdpOffer:
v=0
o=- 3344 3344 IN IP4 202.95.149.5
s=Minisip Session
c=IN IP4 202.95.149.5
t=0 0
m=audio 34694 RTP/AVP 0 101
a=rtpmap:0 PCMU/8000/1
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
IP4Address(string): sip.pcr.ac.id (202.95.149.251)
ERROR:(in IP6Address) Unknown host: <pcr.ac.id>
What`s wrong? I have tried to analyze it, but I still do not understand about the error message.
I do hope anybody can give me a suggestion. Please help me..Please.
2. In order minisip can use TLS, I have loaded a certificate from "certificate settings" menu.
What kind of certificate that I have to load? Where I can load the certificate?
Does it means the certificate that I use in openser.cfg?
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
I mean, Do I have to copy user-cert.pem, user-privkey.pem, user-calist.pem to Client computer (using Windows XP), and load it
by using "certificate setting" menu in minisip?
Maybe my question is too much. I am sorry for that.
I do hope anybody can give me a suggestion. Please help...this newbie one..Please...
Thank you very much,
Regards,
Ferianto
Note
: Here is my openser.cfg file:
debug=4
fork=no
log_stderror=yes
listen=200.95.149.251 # put your openserver IP address here
port=5060
children=4
dns=no
rev_dns=no
fifo="/tmp/openser_fifo"
fifo_db_url="mysql://openser:openserrw@localhost/openser"
fifo_mode=0666
alias="pcr.ac.id"
tls_port_no=5061
# uncomment the following lines for TLS support
disable_tls = 0
listen = tls:200.95.149.251:5061
tls_verify_client = on
tls_require_client_certificate = on
tls_verify_server=on
tls_method = TLSv1
tls_certificate = "/usr/local/etc/openser/tls/user/user-cert.pem"
tls_private_key = "/usr/local/etc/openser/tls/user/user-privkey.pem"
tls_ca_list = "/usr/local/etc/openser/tls/user/user-calist.pem"
loadmodule "/usr/local/lib/openser/modules/mysql.so"
loadmodule
"/usr/local/lib/openser/modules/sl.so"
loadmodule "/usr/local/lib/openser/modules/tm.so"
loadmodule "/usr/local/lib/openser/modules/rr.so"
loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
loadmodule "/usr/local/lib/openser/modules/usrloc.so"
loadmodule "/usr/local/lib/openser/modules/registrar.so"
loadmodule "/usr/local/lib/openser/modules/auth.so"
loadmodule "/usr/local/lib/openser/modules/auth_db.so"
loadmodule "/usr/local/lib/openser/modules/nathelper.so"
loadmodule "/usr/local/lib/openser/modules/textops.so"
loadmodule "/usr/local/lib/openser/modules/uri_db.so"
loadmodule "/usr/local/lib/openser/modules/uri.so"
loadmodule "/usr/local/lib/openser/modules/avpops.so"
loadmodule "/usr/local/lib/openser/modules/domain.so"
loadmodule "/usr/local/lib/openser/modules/permissions.so"
modparam("auth_db|permissions|uri_db|usrloc","db_url", "mysql://openser:openserrw@localhost/openser")
modparam("auth_db|uri_db|usrloc", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("nathelper", "natping_interval", 30)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
modparam("tm", "fr_inv_timer", 27)
modparam("tm", "fr_inv_timer_avp", "s:inv_timeout")
modparam("permissions", "db_mode", 1)
modparam("permissions", "trusted_table", "trusted")
route {
# -----------------------------------------------------------------
# Sanity Check Section
# -----------------------------------------------------------------
if
(!mf_process_maxfwd_header("10")) {
sl_send_reply("483", "Too Many Hops");
return;
};
if (msg:len > max_len) {
sl_send_reply("513", "Message Overflow");
return;
};
# -----------------------------------------------------------------
# Record Route Section
# -----------------------------------------------------------------
if (method!="REGISTER") {
record_route();
};
if (method=="BYE" || method=="CANCEL") {
unforce_rtp_proxy();
}
# -----------------------------------------------------------------
# Loose Route Section
# -----------------------------------------------------------------
if (loose_route()) {
if (has_totag() && (method=="INVITE" || method=="ACK")) {
if (nat_uac_test("19")) {
setflag(6);
force_rport();
fix_nated_contact();
};
force_rtp_proxy("l");
};
route(1);
return;
};
# -----------------------------------------------------------------
# Call Type Processing Section
# -----------------------------------------------------------------
if (uri!=myself) {
route(5);
route(1);
return;
};
if (uri==myself) {
if (method=="ACK") {
route(6);
return;
} else if (method=="CANCEL")
{
route(3);
return;
} else if (method=="INVITE") {
route(3);
return;
} else if (method=="REGISTER")
{
route(2);
return;
};
lookup("aliases");
if (uri!=myself) {
route(5);
route(1);
return;
};
if (!lookup("location")) {
sl_send_reply("404", "Uopenser Not Found");
return;
};
};
route(1);
}
route[1] {
# -----------------------------------------------------------------
# Default Message Handler
#
-----------------------------------------------------------------
t_on_reply("1");
if (!t_relay()) {
if (method=="INVITE" && isflagset(6)) {
unforce_rtp_proxy();
};
sl_reply_error();
};
}
route[2] {
# -----------------------------------------------------------------
# REGISTER Message Handler
# ----------------------------------------------------------------
sl_send_reply("100", "Trying");
if (!search("^Contact:\ +\*") && nat_uac_test("19")) {
setflag(6);
fix_nated_register();
force_rport();
};
if (!www_authorize("pcr.ac.id","subscriber")) {
www_challenge("pcr.ac.id","0");
return;
};
if (!check_to())
{
sl_send_reply("401", "Unauthorized");
return;
};
consume_credentials();
if (!save("location")) {
sl_reply_error();
};
}
route[3] {
# -----------------------------------------------------------------
# CANCEL and INVITE Message Handler
# -----------------------------------------------------------------
if (nat_uac_test("19"))
{
setflag(6);
}
#if (!allow_trusted() && nat_uac_test("19")) {
# setflag(6);
#}
lookup("aliases");
if (method=="INVITE" && !allow_trusted())
{
if (!proxy_authorize("pcr.ac.id","subscriber")) {
proxy_challenge("pcr.ac.id","0");
return;
} else if (!check_from()) {
sl_send_reply("403", "Use From=ID");
return;
};
consume_credentials();
};
if (uri=~"^sip:9[0-9]*@")
{
route(4);
return;
};
if (uri!=myself) {
route(5);
route(1);
return;
};
if (!lookup("location")) {
if (uri=~"^sip:[0-9]{10}@") {
route(4);
return;
};
sl_send_reply("404", "Uopenser Not Found");
return;
};
if (method=="CANCEL")
{
route(1);
return;
}
if (isflagset(6)) {
force_rport();
fix_nated_contact();
force_rtp_proxy();
};
t_on_reply("1");
if (!t_relay()) {
if(isflagset(6)) {
unforce_rtp_proxy();
}
sl_reply_error();
};
}
route[4] {
# -----------------------------------------------------------------
# PSTN Handler
# -----------------------------------------------------------------
rewritehostport("200.95.149.254:5060"); # INOPENSERT YOUR PSTN GATEWAY IP ADDRESS
# avp_write("i:45", "inv_timeout");
#if (!allow_trusted() && isflagset(6)) {
if (isflagset(6)) {
force_rport();
fix_nated_contact();
force_rtp_proxy();
};
route(1);
}
onreply_route[1] {
if (isflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") {
if (!search("^Content-Length:\ +0")) {
force_rtp_proxy();
};
};
if (nat_uac_test("1"))
{
fix_nated_contact();
};
}
Stay in the know. Pulse on the new Yahoo.com. Check it out.
All-new Yahoo! Mail - Fire up a more powerful email and get things done faster.