From 9ec4d26505b3e5166bcf18b4b9786218f35df423 Mon Sep 17 00:00:00 2001 From: karl anderson Date: Tue, 20 May 2014 18:23:11 -0400 Subject: [PATCH] KAZOO-1513: add tls bindings --- kamailio/local.cfg | 4 +++- kamailio/tls-role.cfg | 3 +++ kamailio/websockets-role.cfg | 18 ++++++++++++------ 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/kamailio/local.cfg b/kamailio/local.cfg index c11bc19..c9fae27 100644 --- a/kamailio/local.cfg +++ b/kamailio/local.cfg @@ -61,10 +61,12 @@ debug = L_INFO ## NOTE: You should not have to change these definitions #!substdef "!UDP_SIP!udp:MY_IP_ADDRESS:5060!g" #!substdef "!TCP_SIP!tcp:MY_IP_ADDRESS:5060!g" +#!substdef "!TLS_SIP!tls:MY_IP_ADDRESS:5061!g" #!substdef "!UDP_AGL_SIP!udp:MY_IP_ADDRESS:7000!g" #!substdef "!TCP_AGL_SIP!tcp:MY_IP_ADDRESS:7000!g" +#!substdef "!TLS_AGL_SIP!tls:MY_IP_ADDRESS:7001!g" #!substdef "!TCP_WS!tcp:MY_IP_ADDRESS:8080!g" -#!substdef "!TCP_WSS!tcp:MY_IP_ADDRESS:8080!g" +#!substdef "!TLS_WS!tcp:MY_IP_ADDRESS:8081!g" ## NOTE: This parameter is OPTIONAL. It will try to ## locate outbound interface on multihomed host. diff --git a/kamailio/tls-role.cfg b/kamailio/tls-role.cfg index 6752fab..c36b577 100644 --- a/kamailio/tls-role.cfg +++ b/kamailio/tls-role.cfg @@ -1,5 +1,8 @@ enable_tls = yes +listen=TLS_SIP +listen=TLS_ALG_SIP + ####### TLS Parameters ######### loadmodule "tls.so" modparam("tls", "config", "/etc/kazoo/kamailio/tls.cfg") diff --git a/kamailio/websockets-role.cfg b/kamailio/websockets-role.cfg index 7e4453d..737b112 100644 --- a/kamailio/websockets-role.cfg +++ b/kamailio/websockets-role.cfg @@ -1,6 +1,10 @@ -listen=TCP_WS tcp_accept_no_cl=yes +listen=TCP_WS +#!ifdef TLS-ROLE +listen=TLS_WS +#!endif + ######## Generic Hash Table container in shared memory ######## modparam("htable", "htable", "websockets=>size=16;autoexpire=7200") @@ -78,11 +82,13 @@ event_route[xhttp:request] exit; } -# if (!($hdr(Origin) =~ "www.2600hz.com")) { -# xlog("L_INFO", "websocket|log|rejecting HTTP request with unknown origin $hdr(Origin) from $si:$sp\n"); -# xhttp_reply("400", "Bad Request", "", ""); -# exit; -# } + #!ifdef MY_WEBSOCKET_DOMAIN + if (!($hdr(Origin) =~ "MY_WEBSOCKET_DOMAIN")) { + xlog("L_INFO", "websocket|log|rejecting HTTP request with unknown origin $hdr(Origin) from $si:$sp\n"); + xhttp_reply("400", "Bad Request", "", ""); + exit; + } + #!endif if($sht(websockets=>$si::count) == $null) { $var(count) = 1;