SIP Over WebSocket Cookies

From reSIProcate
Revision as of 13:19, 19 December 2013 by Dpocock (talk | contribs) (Created page with " == Transport level == * When a WebSocket client connects, the browser sends cookies in the HTTP Upgrade request, before sending any SIP messages over the connection * All in...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Transport level

  • When a WebSocket client connects, the browser sends cookies in the HTTP Upgrade request, before sending any SIP messages over the connection
  • All individual cookie names and values are stored by the WsConnectionBase object
  • Furthermore, there are some special cookies that reSIProcate recognises, if the transport sees these cookies, it constructs an instance of WsCookieContext
    • They are WSSessionInfo, WSSessionExtra, WSSessionMAC
  • If the special cookies are found and if a connection validator has been provided, it will be asked to check the cookies. At this point, if the check is unsuccessful, the connection is dropped before any SIP messages can be passed.
    • A sample connection validator is included in the repro SIP proxy but it could be used in any other application. The sample connection validator is based on the concept of a shared secret, timestamps and a HMAC, details below.

SIP Messaging

  • Each time a SIP message is received over a WebSocket connection, the raw cookies and the WsCookieContext (if the special cookies were found) are copied from the connection into the SIP message and they are accessible using the methods SipMessage::getWsCookies() and SipMessage::getWsCookieContext()