sr-dev May 2011

sr-dev@lists.kamailio.org

28 participants
166 discussions

SDP topology hiding
by Efelin Novak 27 May '11

27 May '11

Hi Folks, I have a problem with the hiding of my topology. Topoh module works great. THX for that. However SDP is not processed by this module. I suppose that mediaproxy should be the one who should care about this. Owner(o) part of the body holds original IP of the sender, even thou Creator(c) part was modified using engage_media_proxy(). Actually this was reported as a mediaproxy bug, but till now unresolved. After engage_mediaproxy(): (mind the "o=" and "c=") v=0 o=- 102971 102971 IN IP4 192.168.0.5 s=- c=IN IP4 8.8.8.8 t=0 0 . . . So I tried fix_nated_sdp("8","8.8.8.8"). "o" part is OK now but oldmediaip attribute was added at the bottom of the body. Addition of this attribute was added to nathelper back in the 2003 for debuging purposes. Unfortunately this ruins a whole idea of the topology hiding. After fix_nated_contact(): (mid the "o=", "c=" and last "a=") v=0 o=- 102971 102971 IN IP4 8.8.8.8 s=- c=IN IP4 8.8.8.8 t=0 0 m=audio 35008 RTP/AVP 0 2 4 8 18 96 97 98 101 a=rtpmap:0 PCMU/8000 . . . a=rtpmap:101 telephone-event/8000 a=oldmediaip:192.168.0.5 The only "nice" solution I was able to do was changing the source of the nathelper module. . . body2.s = oldip.s + oldip.len; body2.len = bodylimit - body2.s; if (alter_mediaip(msg, &body1, &oldip, pf, &newip, pf,1) == -1) { LM_ERR("can't alter '%s' IP\n",line); return -1; . . On the line 1326(alter_mediaip above) in the file kamailio_k/nathelper.c I changed last argument from 1 to 0. This attribute is called preserve and adds mentioned "oldmediaip" attribute to the body. Simple changing it to 0 solved the problem. So I can live with this solution but it would be much more better to have it from the git repo. Do I phantom it wrong or this might be considered as a bug? Shouldn't it be better to have option to configure it? Tested using last night build of the kamailio. Thanks for the answer. Regards, Efelin

2 1

git:master: tmx: documented the new functions
by Daniel-Constantin Mierla 27 May '11

27 May '11

Module: sip-router Branch: master Commit: b20d911d29277ad202969ade69a320a59dbb1ca7 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=b20d911… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Fri May 27 13:31:35 2011 +0200 tmx: documented the new functions - t_is_failure_route() and t_is_branch_route() --- modules_k/tmx/README | 58 +++++++++++++++++++++++++++++++++----- modules_k/tmx/doc/tmx_admin.xml | 50 +++++++++++++++++++++++++++++++++ 2 files changed, 100 insertions(+), 8 deletions(-) diff --git a/modules_k/tmx/README b/modules_k/tmx/README index 7f62959..6f9ad6f 100644 --- a/modules_k/tmx/README +++ b/modules_k/tmx/README @@ -11,7 +11,7 @@ Daniel-Constantin Mierla <miconda(a)gmail.com> - Copyright © 2009 Daniel-Constantin Mierla + Copyright � 2009 Daniel-Constantin Mierla __________________________________________________________________ Table of Contents @@ -30,6 +30,8 @@ Daniel-Constantin Mierla 3.2. t_cancel_callid(callid, cseq, flag) 3.3. t_reply_callid(callid, cseq, code, reason) 3.4. t_flush_flags() + 3.5. t_is_failure_route() + 3.6. t_is_branch_route() 4. Exported pseudo-variables 5. Exported MI Functions @@ -59,6 +61,8 @@ Daniel-Constantin Mierla 1.2. t_cancel_callid usage 1.3. t_reply_callid usage 1.4. t_flush_flags usage + 1.5. t_is_failure_route usage + 1.6. t_is_branch_route usage Chapter 1. Admin Guide @@ -76,6 +80,8 @@ Chapter 1. Admin Guide 3.2. t_cancel_callid(callid, cseq, flag) 3.3. t_reply_callid(callid, cseq, code, reason) 3.4. t_flush_flags() + 3.5. t_is_failure_route() + 3.6. t_is_branch_route() 4. Exported pseudo-variables 5. Exported MI Functions @@ -128,6 +134,8 @@ Chapter 1. Admin Guide 3.2. t_cancel_callid(callid, cseq, flag) 3.3. t_reply_callid(callid, cseq, code, reason) 3.4. t_flush_flags() + 3.5. t_is_failure_route() + 3.6. t_is_branch_route() 3.1. t_cancel_branches(which) @@ -199,6 +207,40 @@ if (t_reply_callid("123qaz", "5", "458", "Replied remotely")) { t_flush_flags(); ... +3.5. t_is_failure_route() + + Returns true if the top-executed route block is failure_route. + + This function can be used from ANY_ROUTE . + + Example 1.5. t_is_failure_route usage +... +failure_route[xyz] { + route(abc); +} + +route[abc] { + if(t_is_failure_route()) { ... } +} +... + +3.6. t_is_branch_route() + + Returns true if the top-executed route block is branch_route. + + This function can be used from ANY_ROUTE . + + Example 1.6. t_is_branch_route usage +... +branch_route[xyz] { + route(abc); +} + +route[abc] { + if(t_is_branch_route()) { ... } +} +... + 4. Exported pseudo-variables * $T_branch_idx @@ -223,13 +265,13 @@ t_flush_flags(); Parameters: * method - request method * RURI - request SIP URI - * NEXT HOP - next hop SIP URI (OBP); use “.” if no value. - * socket - local socket to be used for sending the request; use “.” + * NEXT HOP - next hop SIP URI (OBP); use "." if no value. + * socket - local socket to be used for sending the request; use "." if no value. * headers - set of additional headers to be added to the request; at - least “From” and “To” headers must be specify) + least "From" and "To" headers must be specify) * body - (optional, may not be present) request body (if present, - requires the “Content-Type” and “Content-length” headers) + requires the "Content-Type" and "Content-length" headers) 5.2. t_uac_cancel @@ -256,9 +298,9 @@ t_flush_flags(); * trans_id - transaction identifier (has the hash_entry:label format) * to_tag - To tag to be added to TO header * new_headers - extra headers to be appended to the reply; use a dot - (“.”) char only if there are no headers; + (".") char only if there are no headers; * body - (optional, may not be present) reply body (if present, - requires the “Content-Type” and “Content-length” headers) + requires the "Content-Type" and "Content-length" headers) 6. Exported statistics @@ -275,7 +317,7 @@ t_flush_flags(); 6.11. inuse_transactions Exported statistics are listed in the next sections. All statistics - except “inuse_transactions” can be reset. + except "inuse_transactions" can be reset. 6.1. received_replies diff --git a/modules_k/tmx/doc/tmx_admin.xml b/modules_k/tmx/doc/tmx_admin.xml index ccdb791..185af4f 100644 --- a/modules_k/tmx/doc/tmx_admin.xml +++ b/modules_k/tmx/doc/tmx_admin.xml @@ -192,6 +192,56 @@ t_flush_flags(); </programlisting> </example> </section> + <section> + <title> + <function moreinfo="none">t_is_failure_route()</function> + </title> + <para> + Returns true if the top-executed route block is failure_route. + </para> + <para> + This function can be used from ANY_ROUTE . + </para> + <example> + <title><function>t_is_failure_route</function> usage</title> + <programlisting format="linespecific"> +... +failure_route[xyz] { + route(abc); +} + +route[abc] { + if(t_is_failure_route()) { ... } +} +... +</programlisting> + </example> + </section> + <section> + <title> + <function moreinfo="none">t_is_branch_route()</function> + </title> + <para> + Returns true if the top-executed route block is branch_route. + </para> + <para> + This function can be used from ANY_ROUTE . + </para> + <example> + <title><function>t_is_branch_route</function> usage</title> + <programlisting format="linespecific"> +... +branch_route[xyz] { + route(abc); +} + +route[abc] { + if(t_is_branch_route()) { ... } +} +... +</programlisting> + </example> + </section> </section> <section>

1 0

git:master: tmx: two helper functions to detect route block type
by Daniel-Constantin Mierla 27 May '11

27 May '11

Module: sip-router Branch: master Commit: 0160d59ce479c40a56ecb35fc9f23537622f53c8 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=0160d59… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Fri May 27 13:21:52 2011 +0200 tmx: two helper functions to detect route block type - t_is_failure_route() - return true if it is a failure_route execution - t_is_branch_route() - return true if it is a branch_route execution - useful to check in sub-routes executed from different points of config --- modules_k/tmx/tmx_mod.c | 27 +++++++++++++++++++++++++++ 1 files changed, 27 insertions(+), 0 deletions(-) diff --git a/modules_k/tmx/tmx_mod.c b/modules_k/tmx/tmx_mod.c index 1da7fd3..36f7e6c 100644 --- a/modules_k/tmx/tmx_mod.c +++ b/modules_k/tmx/tmx_mod.c @@ -27,6 +27,7 @@ #include "../../sr_module.h" #include "../../dprint.h" #include "../../mod_fix.h" +#include "../../route.h" #include "../../modules/tm/tm_load.h" #include "../../lib/kcore/kstats_wrapper.h" @@ -54,6 +55,8 @@ static int t_reply_callid(struct sip_msg* msg, char *cid, char *cseq, static int fixup_reply_callid(void** param, int param_no); static int t_flush_flags(struct sip_msg* msg, char*, char* ); +static int t_is_failure_route(struct sip_msg* msg, char*, char* ); +static int t_is_branch_route(struct sip_msg* msg, char*, char* ); /* statistic variables */ stat_var *tm_rcv_rpls; @@ -139,6 +142,10 @@ static cmd_export_t cmds[]={ fixup_reply_callid, 0, ANY_ROUTE }, {"t_flush_flags", (cmd_function)t_flush_flags, 0, 0, 0, ANY_ROUTE }, + {"t_is_failure_route", (cmd_function)t_is_failure_route, 0, 0, + 0, ANY_ROUTE }, + {"t_is_branch_route", (cmd_function)t_is_branch_route, 0, 0, + 0, ANY_ROUTE }, {0,0,0,0,0,0} }; @@ -419,6 +426,26 @@ static int t_flush_flags(struct sip_msg* msg, char *foo, char *bar) return 1; } +/** + * + */ +static int t_is_failure_route(struct sip_msg* msg, char *foo, char *bar) +{ + if(route_type==FAILURE_ROUTE) + return 1; + return -1; +} + +/** + * + */ +static int t_is_branch_route(struct sip_msg* msg, char *foo, char *bar) +{ + if(route_type==BRANCH_ROUTE) + return 1; + return -1; +} + #ifdef STATISTICS /*** tm stats ***/

1 0

warning while compiling modules_k/p_usrloc
by Ovidiu Sas 27 May '11

27 May '11

CC (gcc) [M p_usrloc.so] udomain.o udomain.c: In function â€˜new_udomainâ€™: udomain.c:136: warning: label â€˜error2â€™ defined but not used Regards, Ovidiu Sas

2 1

git:master: p_usrloc: fix compile warning, reported from Ovidiu
by Henning Westerholt 27 May '11

27 May '11

Module: sip-router Branch: master Commit: 6bfc0187205fd4047e9410f3897ae980ab9a0553 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=6bfc018… Author: Henning Westerholt <henning.westerholt(a)1und1.de> Committer: Henning Westerholt <henning.westerholt(a)1und1.de> Date: Fri May 27 10:44:13 2011 +0200 p_usrloc: fix compile warning, reported from Ovidiu --- modules_k/p_usrloc/udomain.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/modules_k/p_usrloc/udomain.c b/modules_k/p_usrloc/udomain.c index 76bd5df..2d617c1 100644 --- a/modules_k/p_usrloc/udomain.c +++ b/modules_k/p_usrloc/udomain.c @@ -133,8 +133,11 @@ int new_udomain(str* _n, int _s, udomain_t** _d) #endif return 0; + +#ifdef STATISTICS error2: shm_free((*_d)->table); +#endif error1: shm_free(*_d); error0:

1 0

Re: [sr-dev] [SR-Users] 3.1.x and Kamailio compatibility mode
by Henning Westerholt 27 May '11

27 May '11

On Wednesday 25 May 2011, Daniel-Constantin Mierla wrote: > [..] > > The comment "#!KAMILIO" was used to activate the compatibility mode. > > With 3.1 release this is not needed anymore. > > Is this note written somewhere? If yes, then it should be removed, but > otherwise I see no reason to bother with a comment line in order to add > more comments. Hello, (moved to devel) i did a quick check to the code, indeed all of the conditions where the mode was checked are gone now. If nobody object i'd also remove the support for this directive in the configuration parser, then its gone from the core completly. Cheers, Henning

4 9

git:mariusbucur/dmq: fixed a bug in dmq_register_peer
by Marius Ovidiu Bucur 27 May '11

27 May '11

Module: sip-router Branch: mariusbucur/dmq Commit: e7811507b27c38e34b8c05d989fcadbd55ac0fec URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=e781150… Author: Marius Bucur <marius(a)marius-bucur.ro> Committer: Marius Bucur <marius(a)marius-bucur.ro> Date: Fri May 27 09:50:42 2011 +0300 fixed a bug in dmq_register_peer --- modules_k/dmq/dmq.h | 4 +--- modules_k/dmq/dmq_funcs.c | 1 + modules_k/dmq/dmq_funcs.h | 1 + modules_k/dmq/dmqnode.h | 1 + modules_k/presence/presence.c | 16 +++++++++++++--- 5 files changed, 17 insertions(+), 6 deletions(-) diff --git a/modules_k/dmq/dmq.h b/modules_k/dmq/dmq.h index f43b53d..e4c639c 100644 --- a/modules_k/dmq/dmq.h +++ b/modules_k/dmq/dmq.h @@ -10,17 +10,15 @@ #include "bind_dmq.h" #include "peer.h" #include "worker.h" -#include "dmqnode.h" #define DEFAULT_NUM_WORKERS 2 -#define MIN_PING_INTERVAL 4 +#define MIN_PING_INTERVAL 60 extern int num_workers; extern dmq_worker_t* workers; extern dmq_peer_t* dmq_notification_peer; extern str dmq_server_address; extern dmq_peer_list_t* peer_list; -extern dmq_node_list_t* node_list; extern str dmq_request_method; extern struct sip_uri dmq_server_uri; extern str dmq_notification_address; diff --git a/modules_k/dmq/dmq_funcs.c b/modules_k/dmq/dmq_funcs.c index 8a97c99..3f15bee 100644 --- a/modules_k/dmq/dmq_funcs.c +++ b/modules_k/dmq/dmq_funcs.c @@ -7,6 +7,7 @@ dmq_peer_t* register_dmq_peer(dmq_peer_t* peer) { if(search_peer_list(peer_list, peer)) { LM_ERR("peer already exists: %.*s %.*s\n", peer->peer_id.len, peer->peer_id.s, peer->description.len, peer->description.s); + lock_release(&peer_list->lock); return NULL; } new_peer = add_peer(peer_list, peer); diff --git a/modules_k/dmq/dmq_funcs.h b/modules_k/dmq/dmq_funcs.h index d2aab2e..7c5ecf8 100644 --- a/modules_k/dmq/dmq_funcs.h +++ b/modules_k/dmq/dmq_funcs.h @@ -8,6 +8,7 @@ #include "dmq.h" #include "peer.h" #include "worker.h" +#include "dmqnode.h" void ping_servers(unsigned int ticks,void *param); diff --git a/modules_k/dmq/dmqnode.h b/modules_k/dmq/dmqnode.h index 3bd69b0..e2c2437 100644 --- a/modules_k/dmq/dmqnode.h +++ b/modules_k/dmq/dmqnode.h @@ -32,6 +32,7 @@ typedef struct dmq_node_list { } dmq_node_list_t; extern str dmq_node_status_str; +extern dmq_node_list_t* node_list; dmq_node_list_t* init_dmq_node_list(); dmq_node_t* build_dmq_node(str* uri, int shm); diff --git a/modules_k/presence/presence.c b/modules_k/presence/presence.c index e32e527..43216f5 100644 --- a/modules_k/presence/presence.c +++ b/modules_k/presence/presence.c @@ -210,9 +210,19 @@ struct module_exports exports= { child_init /* per-child init function */ }; -int dmq_callback(struct sip_msg* msg) { +int dmq_presence_callback(struct sip_msg* msg, peer_reponse_t* resp) { LM_ERR("it worked - dmq module triggered the presence callback [%ld %d]\n", time(0), my_pid()); - sleep(4); + if(update_presentity(msg, 0, (str*)msg->body, 0, 0, 0) <0) + { + LM_ERR("when updating presentity\n"); + return -1; + } + str ct = str_init("text/xml"); + str reason = str_init("200 OK"); + resp->content_type = ct; + resp->reason = reason; + resp->body.s = 0; + resp->resp_code = 200; return 0; } @@ -222,7 +232,7 @@ static void add_dmq_peer() { presence_peer.peer_id.len = 8; presence_peer.description.s = "presence"; presence_peer.description.len = 8; - presence_peer.callback = dmq_callback; + presence_peer.callback = dmq_presence_callback; register_dmq(&presence_peer); }

1 0

TLS inspection for authentication
by Iñaki Baz Castillo 26 May '11

26 May '11

Hi, the documentation of TLS module says: --------------------------------------- 1.7. Known Limitations The TLS certificate verifications ignores the certificate name, subject altname and ip extensions, it just checks if the certificate is signed by a recognized CA. One can use the select framework to try to overcome this limitation (check in the script for the contents of various certificate fields), but this is not only slow, but also not exactly standard conforming (the verification should happen during TLS connection establishment and not after). ----------------------------------------- The last pharse "the verification should happen during TLS connection establishment and not after" is incorrect. It's true that the SIP node receiving a TLS certificate should first verify that the certificate is signed by a recognized CA and it's not expired. This is the first step and must occur when establishing the TLS session. IF not, drop the connection. But in case a proxy/server receives a TLS connection and wants to authenticate SIP requests based on the certificate, it must extract the SIP domain identities in the certificate by inspecting each value in the subjectAltName field with type "domain". And for each SIP request coming within this TLS connection, the proxy/server could check whether the From domain matches a SIP domain present in the certificate, so the request gets automatically authenticated (no need of requiring SIP authenticationn neither checking the source IP against a list of trusted IPs). In order to implement it, I suggest the following behaviour in sip-router: - A client establishes a TLS session with sip-router. - The client presents a TLS certificate. - sip-router extracts the SIP identities of the certificate and stores them, somehow, in attributes belonging to this TLS session (maybe pseudovariables). - In the logic script, it would be possible then to match the From domain of the request (or whatever) against the list of SIP identities in the certificate (so authentication is done). This is important in order to allow real SIP federation (as already occurs in XMPP world). We all know that SIP federation is not used yet, but it should in a future. Regards. -- Iñaki Baz Castillo <ibc(a)aliax.net>

4 13

warning while compiling modules_s/auth_db
by Ovidiu Sas 26 May '11

26 May '11

CC (gcc) [M auth_db.so] authorize.o authorize.c: In function â€˜authenticateâ€™: authorize.c:334: warning: enumeration value â€˜NONCE_REUSEDâ€™ not handled in switch authorize.c:334: warning: enumeration value â€˜NO_CREDENTIALSâ€™ not handled in switch authorize.c:334: warning: enumeration value â€˜STALE_NONCEâ€™ not handled in switch Regards, Ovidiu Sas

1 0

Kamailio v3.1.4 Released
by Daniel-Constantin Mierla 26 May '11

26 May '11

Hello, Kamailio SIP Server v3.1.4 stable release is out. This is a maintenance release of latest stable branch, 3.1, that includes fixes since release of v3.1.3. There is no change to database schema or configuration language structure. Deployments running previous v3.1.x versions are strongly recommended to be upgraded to v3.1.4. For more details about version 3.1.4, visit: http://www.kamailio.org/w/2011/05/kamailio-v3-1-4-released/ Cheers, Daniel -- Daniel-Constantin Mierla -- http://www.asipto.com http://linkedin.com/in/miconda -- http://twitter.com/miconda

1 0

← Newer
1
2
3
4
5
6
7
...
17
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev May 2011