12 Mar
2012
12 Mar
'12
5:31 p.m.
the snom softphone:
http://www.chip.de/downloads/360-Softphone_14364878.html
it's completely outdated. and therefore good for such backwards
compatible tests.
Kristijan
2012/3/12 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:
Hello,
thanks for reporting back it's working -- please keep the mailing list
cc-ed, so people looking for same issue will be able to find it when
searching the web archive.
I am using snom3xx with tls and kamailio 3.x a lot, never had issues, but I
have no clue about the softphone.exe
Cheers,
Daniel
On 3/11/12 8:09 PM, Kristijan Vrban wrote:
Hello Daniel,
many thanks for the fast reply, And yes, the session_cache option
solved my problem. Well... the device i used was the immemorial
snom360 softphone.exe
running with wine :) The softphone i use since years for TLS testing.
Kristijan
2012/3/11 Daniel-Constantin Mierla<miconda(a)gmail.com>om>:
>
> Hello,
>
>
> On 3/11/12 1:28 AM, Kristijan Vrban wrote:
>>
>> Hello, how to tell that Kamailio should juse a session_id for tls ?
>> See ssldump output below. I reckon that this is the reason the
>> client i use end with "handshake_failure". Because when is use
>> opensips, there is the session_id, and it's working.
>>
>> Kristijan
>>
>> 2 1 0.0228 (0.0228) C>S Handshake
>> ClientHello
>> Version 3.1
>> cipher suites
>> TLS_RSA_WITH_RC4_128_MD5
>> TLS_RSA_WITH_RC4_128_SHA
>> TLS_RSA_WITH_NULL_MD5
>> TLS_RSA_WITH_NULL_SHA
>> TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
>> TLS_DH_anon_WITH_RC4_128_MD5
>> TLS_RSA_WITH_DES_CBC_SHA
>> TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
>> TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
>> TLS_DH_anon_WITH_DES_CBC_SHA
>> compression methods
>> NULL
>> 1 0.0519 (0.0519) C>S TCP FIN
>> 2 2 0.0432 (0.0204) S>C Handshake
>> ServerHello
>> Version 3.1
>> session_id[0]=
>>
>> cipherSuite TLS_RSA_WITH_RC4_128_MD5
>> compressionMethod NULL
>> 2 3 0.0432 (0.0000) S>C Handshake
>> Certificate
>> 2 4 0.0432 (0.0000) S>C Handshake
>> ServerHelloDone
>> 2 5 0.0452 (0.0020) C>S Alert
>> level fatal
>> value handshake_failure
>> 1 0.0744 (0.0225) S>C TCP FIN
>> 2 0.0681 (0.0228) S>C TCP FIN
>
> the tls module has now the option to turn on/off session caching, which
> was
> on by default in openser 1.x. Now it is off as it does not make much
> benefits with out multi-process architecture. Try to add to your config:
>
> modparam("tls", "session_cache", 1)
>
> Let me know if works -- the module parameter is missing from the readme,
> perhaps the author forgot to add it at the time of development -- I will
> try
> to sync the sources and the readme for tls module asap.
>
> Cheers,
> Daniel
>
> --
> Daniel-Constantin Mierla
> Kamailio Advanced Training, April 23-26, 2012, Berlin, Germany
> http://www.asipto.com/index.php/kamailio-advanced-training/
>
--
Daniel-Constantin Mierla
Kamailio Advanced Training, April 23-26, 2012, Berlin, Germany
http://www.asipto.com/index.php/kamailio-advanced-training/