[Yxa-devel] Changing transport to TLS/TCP
Fredrik Thulin
fredrik at thulin.net
Mon Sep 2 13:02:28 CEST 2013
On Mon, 2013-09-02 at 12:26 +0200, Johan Vikman wrote:
> Hi Fredrik,
>
> Of course, below I describe one way this could happen, the yxa stack is used in the LRF node.
>
> UE E-CSCF LRF PSAP
> 1 |--SIP INVITE TCP-->| | |
> 2 | |--SIP INVITE TCP --> | |
> 3 | |<-- SIP 300 Multiple Choices using TLS/TCP -- | |
> 4 | |--SIP INVITE TLS/TCP------------------------------------------->|
> 5 | |--200 OK --------------------------------------------------------------|
> 6 |<--- 200 OK -----------| | |
>
> 1. UE calls 112
> 2. E-CSCF does not know which PSAP to forward to, so it asks LRF
> 3. The LRF knows where the UE is and knows that for this case a PSAP using SIPS is configured for that area, and also that a location should be provided.
> Because the PSAP is uing SIPS, the LRF has to use TLS/TCP for the response.
> 4. E-CSCF forwards SIP INVITE to PSAP
> 5. PSAP 200 OK to E-CSCF
> 6. E-CSCF 200 OK to UE
>
> My problem here is at message #3, the response back to E-CSCF, I do not know how to make yxa use TCP/TLS instead of TCP, or even if it is allowed to change transport in this fashion.
Thanks - I think I understand now.
So, really, I don't think the requirement is for the 300 response in
step 3 to be sent using TLS/TCP (SIP does not support upgrading from
TCP/UDP for the response, IIRC). I think the requirement is that the
E-CSCF uses TLS when it connects to a TLS capable PSAP in step 4.
In that case, it should be as simple as making sure the LRF returns SIPS
URIs (and not SIP URIs) in the 300 response of step 3. That will result
in the E-CSCF using TLS in step 4 when it sends the INVITE to the PSAP.
/Fredrik
More information about the Yxa-devel
mailing list