HP-UX C SIP Stack Programmer's Guide (Novembery 2007)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software

331

332

333

334

335

336

337

338

339

340

312 HP-UX C SIP Stack Programmer’s Guide

Using TCP Transport

The application can use the SIP Stack Transport and Resolver APIs to authorize

a connection. You can see an example of connection authorization in the

simpleConnectionReuse sample application in the the Sample Applications

chapter.

USING TCP

RANSPORT

RFC 3261 defines the use of TCP transport by using the transport=TCP

parameter in a SIP URL address that indicates the destination of the message.

When working with transactions or register-clients, the next hop is determined

by the Request-URI of the message. Therefore, to send a message with TCP, you

need to set the transport=TCP parameter in the Request-URI parameter of the

object.

For connection-oriented operations, the SIP Stack uses non-blocking sockets.

The result of using non-blocking sockets is that the sending of a message can be

completed after an API call has returned. For example, the call for

RvSipTransactionRequest() using TCP may return before the request message is

sent. The SIP Stack will manage the sending operation until it is completed.

USING TLS

RANSPORT

TLS is a security mechanism that operates on the Transport layer, on top of TCP

transport. By using TLS as a connection transport, a SIP entity can send and

receive data in a secure authenticated manner.

TLS, together with the commonly used Public Key Infrastructure certification

distribution mechanism achieves the following goals:

 Guarantees the identity of a remote computer

 Transmits messages to that remote computer in a secure

encrypted manner.

TLS uses pairs of asymmetrical encryptions keys to guarantee the identity of a

remote computer. The public key of each remote computer is published in a

certificate.

A certificate is a document digitally signed by a certificate authority that both

sides of the connection agreed to trust before the TLS connection establishment

has started. (VeriSign and Thawte are examples of such certificate authorities).

In the TLS connection establishment process, the certificate of the remote

computer is retrieved and verified and a new key and encryption algorithm is

negotiated for the specific connection.

TLS CONNECTION

ESTABLISHMENT

TLS connection establishment requires the completion of the following three

phases: