HP-UX C SIP Stack Programmer's Guide (Novembery 2007)
Working with the Transport Layer 311
Server Connection Reuse
Sample Code
The following sample code demonstrates an implementation of the
RvSipTransportConnectionServerReuseEv() callback function. In this
implementation, the application checks the connection authorization (out of the
scope of this sample) and if authorized, enables it.
/*==============================================================*/
void RVCALLCONV AppTransportConnectionServerReuseEv(
IN RvSipTransportMgrHandle hTransportMgr,
IN RvSipAppTransportMgrHandle hAppTransportMgr,
IN RvSipTransportConnectionHandle hConn,
IN RvSipTransportConnectionAppHandle hAppConn)
{
RvStatus rv;
RvBool bAuthorized;
bAuthorized = AppIsConnectionAuthorized(hConn, hAppConn);
if(bAuthorized == RV_TRUE)
{
rv = RvSipTransportConnectionEnableConnByAlias(hConn);
if(rv != RV_OK)
{
printf("Failed to Enable Connection By Alias");
return;
}
}
}
/*==============================================================*/
AUTHORIZING A
S
ERVER CONNECTION
Authorizing connection aliases is essential to prevent connection hijacking. The
following authorization process is recommended in draft-ietf-sip-connect-reuse-
03. To correctly authorize an alias, the SIP node authorizing the request needs to
recognize both the active connection and the alias as the same resource. The
only way to accomplish this is if both the active connection and the alias can be
authenticated by using the same credentials, using TLS mutual authentication as
follows:
Performing a DNS procedure on the subjectAltName of the
originator certificate will give the “advertised-address” of the
Via header.
Performing a DNS procedure on the advertised-address will
give the received IP address.