Hello,

 

  Everything works fine if I run Proxy without TLS disabled.

  I tried both TCP/UDP, it works fine.

 

  For TLS, Registration went fine however Proxy responds “513 Message too big”  to the Invite.

  I don’t see any wrong headers in the message.

 

  The length is almost same for TCP and TLS invite message, the only change is sip and sips.

 

 Any ‘C’ file or config file I need to modify?

 

 

Openser.conf:

debug=9            # debug level (cmd line: -dddddddddd)

 

/* Uncomment these lines to enter debugging mode

fork=no

log_stderror=yes

*/

 

check_via=yes  

dns=no 

rev_dns=no   

port=5061

children=4

fifo="/tmp/openser_fifo"

 

 

disable_tls = 0

listen = tls:158.218.105.138:5061

tls_verify = on

tls_require_certificate = on

tls_method = TLSv1

 

tls_certificate = "/home/mreddy/tools/cert.pem"

tls_private_key = "/home/mreddy/tools/priv.pem"

tls_ca_list = "/home/mreddy/tools/root_cert_fluffyCA.pem"

 

#loadmodule "/usr/local/lib/openser/modules/mysql.so"

 

loadmodule "/usr/local/lib/openser/modules/sl.so"

loadmodule "/usr/local/lib/openser/modules/tm.so"

loadmodule "/usr/local/lib/openser/modules/rr.so"

loadmodule "/usr/local/lib/openser/modules/maxfwd.so"

loadmodule "/usr/local/lib/openser/modules/usrloc.so"

loadmodule "/usr/local/lib/openser/modules/registrar.so"

loadmodule "/usr/local/lib/openser/modules/textops.so"

 

route{

 

            # initial sanity checks -- messages with

            # max_forwards==0, or excessively long requests

            if (!mf_process_maxfwd_header("10")) {

                        sl_send_reply("483","Too Many Hops");

                        exit;

            };

#if 1

            if (msg:len >=  4096 ) {

                        sl_send_reply("513", "Message too big");

                        exit;

            };

#endif

            # we record-route all messages -- to make sure that

            # subsequent messages will go through our proxy; that's

            # particularly good if upstream and downstream entities

            # use different transport protocol

            if (!method=="REGISTER")

                        record_route();

 

            # subsequent messages withing a dialog should take the

            # path determined by record-routing

            if (loose_route()) {

                        # mark routing logic in request

                        append_hf("P-hint: rr-enforced\r\n");

                        route(1);

            };

 

            if (!uri==myself) {

                        route(1);

            };

 

            # if the request is for other domain use UsrLoc

            # (in case, it does not work, use the following command

            # with proper names and addresses in it)

            if (uri==myself) {

 

                        if (method=="REGISTER") {

 

                                             save("location");

                                    exit;

                        };

 

                        lookup("aliases");

                        if (!uri==myself) {

                                    append_hf("P-hint: outbound alias\r\n");

                                    route(1);

                        };

 

                        if (!lookup("location")) {

                                    sl_send_reply("404", "Not Found");

                                    exit;

                        };

                        append_hf("P-hint: usrloc applied\r\n");

            };

 

            route(1);

}

 

 

route[1] {

            if (!t_relay()) {

                        sl_reply_error();

            };

            exit;

}

 

Thanks,

Murali Reddy

Texas Instruments

 

 

Murali Reddy

Texas Instruments

Germantown,MD

Phone: 301-515-3716

e-mail: mreddy@ti.com