sr-dev October 2019

sr-dev@lists.kamailio.org

22 participants
436 discussions

git:master:743f5dca: modules: readme files regenerated - uac ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: 743f5dca220b8f1e6a863cd9f68fdeb9c2dc7237 URL: https://github.com/kamailio/kamailio/commit/743f5dca220b8f1e6a863cd9f68fdeb… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2019-10-29T09:31:25+01:00 modules: readme files regenerated - uac ... [skip ci] --- Modified: src/modules/uac/README --- Diff: https://github.com/kamailio/kamailio/commit/743f5dca220b8f1e6a863cd9f68fdeb… Patch: https://github.com/kamailio/kamailio/commit/743f5dca220b8f1e6a863cd9f68fdeb… --- diff --git a/src/modules/uac/README b/src/modules/uac/README index caeb998e93..b0e4f76f43 100644 --- a/src/modules/uac/README +++ b/src/modules/uac/README @@ -61,7 +61,7 @@ Ramona-Elena Modroiu 4.4. uac_replace_to(display,uri) 4.5. uac_replace_to(uri) 4.6. uac_restore_to() - 4.7. uac_auth() + 4.7. uac_auth([mode]) 4.8. uac_req_send() 4.9. uac_reg_lookup(uuid, dst) 4.10. uac_reg_status(uuid) @@ -179,7 +179,7 @@ Chapter 1. Admin Guide 4.4. uac_replace_to(display,uri) 4.5. uac_replace_to(uri) 4.6. uac_restore_to() - 4.7. uac_auth() + 4.7. uac_auth([mode]) 4.8. uac_req_send() 4.9. uac_reg_lookup(uuid, dst) 4.10. uac_reg_status(uuid) @@ -596,7 +596,7 @@ modparam("uac", "reg_gc_interval", 60) 4.4. uac_replace_to(display,uri) 4.5. uac_replace_to(uri) 4.6. uac_restore_to() - 4.7. uac_auth() + 4.7. uac_auth([mode]) 4.8. uac_req_send() 4.9. uac_reg_lookup(uuid, dst) 4.10. uac_reg_status(uuid) @@ -743,12 +743,16 @@ uac_replace_to("sip:batman@gotham.org"); uac_restore_to(); ... -4.7. uac_auth() +4.7. uac_auth([mode]) This function can be called only from failure route and will build the authentication response header and insert it into the request without sending anything. + If mode is set to 1, then the password has to be provided in HA1 + format. The parameter can be a static integer or a variable holding an + integer value. + This function can be used from FAILURE_ROUTE. Example 1.28. uac_auth usage @@ -773,7 +777,9 @@ failure_route[TRUNKAUTH] { if(t_check_status("401|407")) { $avp(auser) = "test"; $avp(apass) = "test"; + # $avp(apass) = "36d0a02793542b4961e8348347236dbf"; uac_auth(); + # uac_auth("1"); t_relay(); exit; } @@ -838,10 +844,16 @@ $var(status) = uac_reg_status("$rU"); This function can be used to send an authenticated request to a remote user in the uac registrations table. It sets the request-uri, dst-uri - and auth_*_avp pv's to the values that correspond to the supplied user. - - The mode indicates whether the user should match the local uuid - (mode=0), or the username (mode=1). + and auth_*_avp variables to the values that correspond to the supplied + user. + + The mode is a bitwise set of flags controlling how the matching of the + record is done and what field is used to set auth_password_avp: + * indicates whether the user should match the local uuid (bit + value=0), or the username (bit value=1, int value=1). + * indicates whether the auth_password value is used to set + auth_password_avp (bit value=0), or the auth_ha1 value (bit + value=1, int value=2). The auth_*_avp module parameters must be set to valid pv's.

5 years

[kamailio/kamailio] uac: allow ha1 to be used in uac_reg_request_to (#2102)

by Alexandru Covalschi

### Description  I'm using uac module to remote authenticate to a trunk. With the addition of ha1 used instead of plaintext password it is also would be nice to be able to use uac_reg_request_to with it. ### Expected behavior There should be auth_ha1_avp for uac module, which will use ha1 instead of plaintext to build the request #### Actual observed behavior auth_password_avp is set to empty string or dot respectively of how you specify it in database, ha1 is not used in uac_reg_request_to ### Possible Solutions  Well logically auth_ha1_avp should be prioritized over auth_password_ha1 ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` version: kamailio 5.4.0-dev1 (x86_64/linux) flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled with gcc 6.3.0``` * **Operating System**:  ``` Debian 10 in docker``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/2102

5 years

git:master:825800e6: uac: updated docs for uac_auth()

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 825800e6d3f297076bcce90f1f82c65a91cbb583 URL: https://github.com/kamailio/kamailio/commit/825800e6d3f297076bcce90f1f82c65… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-29T09:25:06+01:00 uac: updated docs for uac_auth() --- Modified: src/modules/uac/doc/uac_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/825800e6d3f297076bcce90f1f82c65… Patch: https://github.com/kamailio/kamailio/commit/825800e6d3f297076bcce90f1f82c65… --- diff --git a/src/modules/uac/doc/uac_admin.xml b/src/modules/uac/doc/uac_admin.xml index e0ea527776..f718924dad 100644 --- a/src/modules/uac/doc/uac_admin.xml +++ b/src/modules/uac/doc/uac_admin.xml @@ -802,14 +802,18 @@ uac_restore_to(); </section> <section id="uac.f.uac_auth"> <title> - <function moreinfo="none">uac_auth()</function> + <function moreinfo="none">uac_auth([mode])</function> </title> <para> - This function can be called only from failure route and will + This function can be called only from failure route and will build the authentication response header and insert it into the request without sending anything. </para> <para> + If mode is set to 1, then the password has to be provided in HA1 format. + The parameter can be a static integer or a variable holding an integer value. + </para> + <para> This function can be used from FAILURE_ROUTE. </para> <example> @@ -836,7 +840,9 @@ failure_route[TRUNKAUTH] { if(t_check_status("401|407")) { $avp(auser) = "test"; $avp(apass) = "test"; + # $avp(apass) = "36d0a02793542b4961e8348347236dbf"; uac_auth(); + # uac_auth("1"); t_relay(); exit; }

5 years

git:master:981d787a: uac: optional param for uac_auth() to specify auth mode

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 981d787acf5f598f185d0d0ce8091b4e202f4d86 URL: https://github.com/kamailio/kamailio/commit/981d787acf5f598f185d0d0ce8091b4… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-29T09:15:49+01:00 uac: optional param for uac_auth() to specify auth mode - if mode is set to 1, then the password is provided in ha1 format --- Modified: src/modules/uac/auth.c Modified: src/modules/uac/auth.h Modified: src/modules/uac/uac.c --- Diff: https://github.com/kamailio/kamailio/commit/981d787acf5f598f185d0d0ce8091b4… Patch: https://github.com/kamailio/kamailio/commit/981d787acf5f598f185d0d0ce8091b4… --- diff --git a/src/modules/uac/auth.c b/src/modules/uac/auth.c index a412dae975..0f5e6d4a9b 100644 --- a/src/modules/uac/auth.c +++ b/src/modules/uac/auth.c @@ -375,9 +375,10 @@ static inline int apply_urihdr_changes( struct sip_msg *req, return -1; } - - -int uac_auth(sip_msg_t *msg) +/** + * + */ +int uac_auth_mode(sip_msg_t *msg, int mode) { static struct authenticate_body auth; struct uac_credential *crd; @@ -451,6 +452,10 @@ int uac_auth(sip_msg_t *msg) goto error; } + if(mode & UACAUTH_MODE_HA1) { + crd->aflags |= UAC_FLCRED_HA1; + } + /* do authentication */ do_uac_auth( &msg->first_line.u.request.method, &t->uac[branch].uri, crd, &auth, response); @@ -489,5 +494,10 @@ int uac_auth(sip_msg_t *msg) return -1; } - - +/** + * + */ +int uac_auth(sip_msg_t *msg) +{ + return uac_auth_mode(msg, 0); +} \ No newline at end of file diff --git a/src/modules/uac/auth.h b/src/modules/uac/auth.h index 274b32e85d..67d6406b7a 100644 --- a/src/modules/uac/auth.h +++ b/src/modules/uac/auth.h @@ -47,6 +47,8 @@ typedef struct authenticate_body { str *cnonce; } uac_authenticate_body_t; +#define UACAUTH_MODE_HA1 (1<<0) + #define AUTHENTICATE_MD5 (1<<0) #define AUTHENTICATE_MD5SESS (1<<1) #define AUTHENTICATE_STALE (1<<2) @@ -67,7 +69,8 @@ void destroy_credentials(void); struct hdr_field *get_autenticate_hdr(struct sip_msg *rpl, int rpl_code); -int uac_auth( struct sip_msg *msg); +int uac_auth(sip_msg_t *msg); +int uac_auth_mode(sip_msg_t *msg, int mode); void do_uac_auth(str *method, str *uri, struct uac_credential *crd, diff --git a/src/modules/uac/uac.c b/src/modules/uac/uac.c index 7692600b0f..3212960f4e 100644 --- a/src/modules/uac/uac.c +++ b/src/modules/uac/uac.c @@ -98,6 +98,7 @@ static int w_restore_from(struct sip_msg* msg, char* p1, char* p2); static int w_replace_to(struct sip_msg* msg, char* p1, char* p2); static int w_restore_to(struct sip_msg* msg, char* p1, char* p2); static int w_uac_auth(struct sip_msg* msg, char* str, char* str2); +static int w_uac_auth_mode(struct sip_msg* msg, char* pmode, char* str2); static int w_uac_reg_lookup(struct sip_msg* msg, char* src, char* dst); static int w_uac_reg_status(struct sip_msg* msg, char* src, char* dst); static int w_uac_reg_request_to(struct sip_msg* msg, char* src, char* mode_s); @@ -132,6 +133,8 @@ static cmd_export_t cmds[]={ REQUEST_ROUTE | BRANCH_ROUTE }, {"uac_restore_to", (cmd_function)w_restore_to, 0, 0, 0, REQUEST_ROUTE }, {"uac_auth", (cmd_function)w_uac_auth, 0, 0, 0, FAILURE_ROUTE }, + {"uac_auth_mode", (cmd_function)w_uac_auth_mode, 1, + fixup_igp_null, fixup_free_igp_null, FAILURE_ROUTE }, {"uac_req_send", (cmd_function)w_uac_req_send, 0, 0, 0, ANY_ROUTE}, {"uac_reg_lookup", (cmd_function)w_uac_reg_lookup, 2, fixup_spve_pvar, fixup_free_spve_pvar, ANY_ROUTE }, @@ -615,6 +618,22 @@ static int ki_uac_auth(struct sip_msg* msg) return (uac_auth(msg)==0)?1:-1; } +static int w_uac_auth_mode(struct sip_msg* msg, char* pmode, char* str2) +{ + int imode = 0; + + if(fixup_get_ivalue(msg, (gparam_t*)pmode, &imode)<0) { + LM_ERR("failed to get the mode parameter\n"); + return -1; + } + return (uac_auth_mode(msg, imode)==0)?1:-1; +} + +static int ki_uac_auth_mode(sip_msg_t* msg, int mode) +{ + return (uac_auth_mode(msg, mode)==0)?1:-1; +} + static int w_uac_reg_lookup(struct sip_msg* msg, char* src, char* dst) { pv_spec_t *dpv; @@ -757,6 +776,11 @@ static sr_kemi_t sr_kemi_uac_exports[] = { { SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE } }, + { str_init("uac"), str_init("uac_auth_mode"), + SR_KEMIP_INT, ki_uac_auth_mode, + { SR_KEMIP_INT, SR_KEMIP_NONE, SR_KEMIP_NONE, + SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE } + }, { str_init("uac"), str_init("uac_req_send"), SR_KEMIP_INT, ki_uac_req_send, { SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE,

5 years

git:master:08e67665: uac: updated docs for uac_req_request_to()

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 08e676654d901644724f52478a88c6d0258304cc URL: https://github.com/kamailio/kamailio/commit/08e676654d901644724f52478a88c6d… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-29T08:49:27+01:00 uac: updated docs for uac_req_request_to() --- Modified: src/modules/uac/doc/uac_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/08e676654d901644724f52478a88c6d… Patch: https://github.com/kamailio/kamailio/commit/08e676654d901644724f52478a88c6d… --- diff --git a/src/modules/uac/doc/uac_admin.xml b/src/modules/uac/doc/uac_admin.xml index 8ddf26ca0f..e0ea527776 100644 --- a/src/modules/uac/doc/uac_admin.xml +++ b/src/modules/uac/doc/uac_admin.xml @@ -951,12 +951,27 @@ $var(status) = uac_reg_status("$rU"); <function moreinfo="none">uac_reg_request_to(user, mode)</function> </title> <para> - This function can be used to send an authenticated request to a remote user in + This function can be used to send an authenticated request to a remote user in the uac registrations table. It sets the request-uri, dst-uri and auth_*_avp - pv's to the values that correspond to the supplied user. + variables to the values that correspond to the supplied user. </para> <para> - The mode indicates whether the user should match the local uuid (mode=0), or the username (mode=1). + The mode is a bitwise set of flags controlling how the matching of + the record is done and what field is used to set auth_password_avp: + <itemizedlist> + <listitem> + <para> + indicates whether the user should match the local uuid (bit value=0), + or the username (bit value=1, int value=1). + </para> + </listitem> + <listitem> + <para> + indicates whether the auth_password value is used to set auth_password_avp + (bit value=0), or the auth_ha1 value (bit value=1, int value=2). + </para> + </listitem> + </itemizedlist> </para> <para> The auth_*_avp module parameters must be set to valid pv's.

5 years

git:master:82a196ca: uac: extended use of mode param for uac_reg_request_to()

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 82a196ca567e9dbe89806626ee4d8dba7e9a7533 URL: https://github.com/kamailio/kamailio/commit/82a196ca567e9dbe89806626ee4d8db… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-29T08:37:02+01:00 uac: extended use of mode param for uac_reg_request_to() - not it is interpreted as a bitwise set of flags - if first bit is set, then the match is done on username, otherwise on uuid (still backward compatible in this aspect) - if the second bit is set, fetch the auth_ha1 and set it in uac_auth() password avp; if not set, fetch the auth_password (like it was done so far) --- Modified: src/modules/uac/uac.c Modified: src/modules/uac/uac_reg.c Modified: src/modules/uac/uac_reg.h --- Diff: https://github.com/kamailio/kamailio/commit/82a196ca567e9dbe89806626ee4d8db… Patch: https://github.com/kamailio/kamailio/commit/82a196ca567e9dbe89806626ee4d8db… --- diff --git a/src/modules/uac/uac.c b/src/modules/uac/uac.c index 7e39c46229..7692600b0f 100644 --- a/src/modules/uac/uac.c +++ b/src/modules/uac/uac.c @@ -715,7 +715,7 @@ static int w_uac_reg_request_to(struct sip_msg* msg, char* src, char* pmode) return -1; } - if (imode > 1) { + if (imode > (UACREG_REQTO_MASK_USER|UACREG_REQTO_MASK_AUTH)) { LM_ERR("invalid mode\n"); return -1; } diff --git a/src/modules/uac/uac_reg.c b/src/modules/uac/uac_reg.c index fb45a4fd3d..907ed721fd 100644 --- a/src/modules/uac/uac_reg.c +++ b/src/modules/uac/uac_reg.c @@ -1678,8 +1678,13 @@ int uac_reg_request_to(struct sip_msg *msg, str *src, unsigned int mode) pv_value_t val; struct action act; struct run_act_ctx ra_ctx; + unsigned int umode; + unsigned int amode; - switch(mode) + umode = mode & UACREG_REQTO_MASK_USER; + amode = mode & UACREG_REQTO_MASK_AUTH; + + switch(umode) { case 0: reg = reg_ht_get_byuuid(src); @@ -1745,13 +1750,17 @@ int uac_reg_request_to(struct sip_msg *msg, str *src, unsigned int mode) goto error; } - // Set auth_password - val.rs = reg->auth_password; + if(amode) { + // set auth_ha1 + val.rs = reg->auth_ha1; + } else { + // set auth_password + val.rs = reg->auth_password; + } if(pv_set_spec_value(msg, &auth_password_spec, 0, &val)!=0) { - LM_ERR("error while setting auth_password\n"); + LM_ERR("error while setting auth password (mode: %d)\n", amode); goto error; } - lock_release(reg->lock); return 1; diff --git a/src/modules/uac/uac_reg.h b/src/modules/uac/uac_reg.h index 9dd9ab8cfe..6f6b5d7590 100644 --- a/src/modules/uac/uac_reg.h +++ b/src/modules/uac/uac_reg.h @@ -25,6 +25,9 @@ #define UACREG_TABLE_VERSION 4 +#define UACREG_REQTO_MASK_USER 1 +#define UACREG_REQTO_MASK_AUTH 2 + extern int reg_timer_interval; extern int reg_retry_interval; extern int reg_htable_size;

5 years

git:master:f3277f27: tcpops: new varaibale $tcp(key)

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: f3277f27cef07e6d33cafcdf149fc34d1b3b079a URL: https://github.com/kamailio/kamailio/commit/f3277f27cef07e6d33cafcdf149fc34… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-28T12:55:59+01:00 tcpops: new varaibale $tcp(key) - return attributes related to tcp connection - the key can be: - c_si - connection source ip (useful with HAProxy connections) - c_sp - connection source port (useful with HAProxy connections) - conid - connection id - GH #2103 --- Modified: src/modules/tcpops/tcpops_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/f3277f27cef07e6d33cafcdf149fc34… Patch: https://github.com/kamailio/kamailio/commit/f3277f27cef07e6d33cafcdf149fc34… --- diff --git a/src/modules/tcpops/tcpops_mod.c b/src/modules/tcpops/tcpops_mod.c index e5ac55d660..b95a642f8d 100644 --- a/src/modules/tcpops/tcpops_mod.c +++ b/src/modules/tcpops/tcpops_mod.c @@ -65,6 +65,16 @@ static int fixup_numpv(void** param, int param_no); str tcpops_event_callback = STR_NULL; +static int pv_get_tcp(sip_msg_t *msg, pv_param_t *param, pv_value_t *res); +static int pv_parse_tcp_name(pv_spec_p sp, str *in); + +static pv_export_t mod_pvs[] = { + { {"tcp", (sizeof("tcp")-1)}, PVT_CONTEXT, pv_get_tcp, + 0, pv_parse_tcp_name, 0, 0, 0}, + + { {0, 0}, 0, 0, 0, 0, 0, 0, 0 } +}; + static cmd_export_t cmds[]={ {"tcp_keepalive_enable", (cmd_function)w_tcp_keepalive_enable4, 4, fixup_numpv, 0, ANY_ROUTE}, @@ -105,7 +115,7 @@ struct module_exports exports = { cmds, /* exported functions to config */ params, /* exported parameters to config */ 0, /* RPC method exports */ - 0, /* exported pseudo-variables */ + mod_pvs, /* exported pseudo-variables */ 0, /* response function */ mod_init, /* module initialization function */ child_init, /* per child init function */ @@ -602,6 +612,75 @@ static int w_tcp_get_conid(sip_msg_t* msg, char *paddr, char *pvn) return ki_tcp_get_conid_helper(msg, &saddr, (pv_spec_t*)pvn); } +/** + * + */ +static int pv_get_tcp(sip_msg_t *msg, pv_param_t *param, pv_value_t *res) +{ + tcp_connection_t *con; + int ival; + str sval; + + if (msg == NULL) { + return -1; + } + + if ((con = tcpconn_get(msg->rcv.proto_reserved1, 0, 0, 0, 0)) == NULL) { + return pv_get_null(msg, param, res); + } + + switch(param->pvn.u.isname.name.n) { + case 1: + sval.s = ip_addr2a(&con->cinfo.src_ip); + tcpconn_put(con); + sval.len = strlen(sval.s); + return pv_get_strval(msg, param, res, &sval); + case 2: + ival = con->cinfo.src_port; + tcpconn_put(con); + return pv_get_sintval(msg, param, res, ival); + default: + ival = con->id; + tcpconn_put(con); + return pv_get_sintval(msg, param, res, ival); + } +} + + +/** + * + */ +static int pv_parse_tcp_name(pv_spec_p sp, str *in) +{ + if(sp==NULL || in==NULL || in->len<=0) + return -1; + + switch(in->len) { + case 4: + if(strncmp(in->s, "c_si", 4)==0) { + sp->pvp.pvn.u.isname.name.n = 1; + } else if(strncmp(in->s, "c_sp", 4)==0) { + sp->pvp.pvn.u.isname.name.n = 2; + } else { goto error; } + break; + case 5: + if(strncmp(in->s, "conid", 5)==0) { + sp->pvp.pvn.u.isname.name.n = 0; + } else { goto error; } + break; + default: + goto error; + } + sp->pvp.pvn.type = PV_NAME_INTSTR; + sp->pvp.pvn.u.isname.type = 0; + + return 0; + +error: + LM_ERR("unknown pv key: %.*s\n", in->len, in->s); + return -1; +} + /** * */

5 years

git:master:2bb8598e: core: tcp - keep original connection info for haproxy tunnels

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 2bb8598edef41470f45bccb7a4b4715eed647a44 URL: https://github.com/kamailio/kamailio/commit/2bb8598edef41470f45bccb7a4b4715… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-28T10:23:40+01:00 core: tcp - keep original connection info for haproxy tunnels --- Modified: src/core/ip_addr.h Modified: src/core/tcp_conn.h Modified: src/core/tcp_main.c --- Diff: https://github.com/kamailio/kamailio/commit/2bb8598edef41470f45bccb7a4b4715… Patch: https://github.com/kamailio/kamailio/commit/2bb8598edef41470f45bccb7a4b4715… --- diff --git a/src/core/ip_addr.h b/src/core/ip_addr.h index 0d26e7e756..9a7b67ac5d 100644 --- a/src/core/ip_addr.h +++ b/src/core/ip_addr.h @@ -172,6 +172,15 @@ typedef struct dest_info { } dest_info_t; +typedef struct ksr_coninfo { + ip_addr_t src_ip; + ip_addr_t dst_ip; + unsigned short src_port; /* host byte order */ + unsigned short dst_port; /* host byte order */ + int proto; + socket_info_t *csocket; +} ksr_coninfo_t; + typedef struct sr_net_info { str data; receive_info_t* rcv; diff --git a/src/core/tcp_conn.h b/src/core/tcp_conn.h index a428c43f1f..d9a69b6929 100644 --- a/src/core/tcp_conn.h +++ b/src/core/tcp_conn.h @@ -200,6 +200,7 @@ typedef struct tcp_connection { * reply-ing */ int reader_pid; /* pid of the active reader process */ struct receive_info rcv; /* src & dst ip, ports, proto a.s.o*/ + ksr_coninfo_t cinfo; /* connection info (e.g., for haproxy ) */ struct tcp_req req; /* request data */ atomic_t refcnt; enum sip_protos type; /* PROTO_TCP or a protocol over it, e.g. TLS */ diff --git a/src/core/tcp_main.c b/src/core/tcp_main.c index 99d33ee719..403c0c6adf 100644 --- a/src/core/tcp_main.c +++ b/src/core/tcp_main.c @@ -1021,6 +1021,14 @@ int tcpconn_read_haproxy(struct tcp_connection *c) { bytes = recv(c->s, &hdr, sizeof(hdr), MSG_PEEK); } while (bytes == -1 && (errno == EINTR || errno == EAGAIN)); + /* copy original tunnel address details */ + memcpy(&c->cinfo.src_ip, &c->rcv.src_ip, sizeof(ip_addr_t)); + memcpy(&c->cinfo.dst_ip, &c->rcv.dst_ip, sizeof(ip_addr_t)); + c->cinfo.src_port = c->rcv.src_port; + c->cinfo.dst_port = c->rcv.dst_port; + c->cinfo.proto = (int)c->rcv.proto; + c->cinfo.csocket = c->rcv.bind_address; + src_ip = &c->rcv.src_ip; dst_ip = &c->rcv.dst_ip;

5 years

git:master:1296bb22: core: pad some fields in contained structs for 4 byte alignment

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 1296bb2270985a1bf3af04f35e4cdae1fe4b184a URL: https://github.com/kamailio/kamailio/commit/1296bb2270985a1bf3af04f35e4cdae… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2019-10-28T10:00:28+01:00 core: pad some fields in contained structs for 4 byte alignment - safety for sigbus on strict cpu architectures when accesing fields by address --- Modified: src/core/ip_addr.h --- Diff: https://github.com/kamailio/kamailio/commit/1296bb2270985a1bf3af04f35e4cdae… Patch: https://github.com/kamailio/kamailio/commit/1296bb2270985a1bf3af04f35e4cdae… --- diff --git a/src/core/ip_addr.h b/src/core/ip_addr.h index afbaece075..0d26e7e756 100644 --- a/src/core/ip_addr.h +++ b/src/core/ip_addr.h @@ -91,6 +91,7 @@ typedef struct addr_info { typedef struct advertise_info { str name; /* name - eg.: foo.bar or 10.0.0.1 */ unsigned short port_no; /* port number */ + short port_pad; /* padding field */ str port_no_str; /* port number converted to string -- optimization*/ str address_str; /*ip address converted to string -- optimization*/ struct ip_addr address; /* ip address */ @@ -109,6 +110,8 @@ typedef struct socket_info { struct socket_info* prev; unsigned short port_no; /* port number */ char proto; /* tcp or udp*/ + char proto_pad0; /* padding field */ + short proto_pad1; /* padding field */ str sock_str; /* Socket proto, ip, and port as string */ struct addr_info* addr_info_lst; /* extra addresses (e.g. SCTP mh) */ int workers; /* number of worker processes for this socket */ @@ -143,7 +146,11 @@ typedef struct receive_info { * the msg was received */ char proto; #ifdef USE_COMP + char proto_pad0; /* padding field */ short comp; /* compression */ +#else + char proto_pad0; /* padding field */ + short proto_pad1; /* padding field */ #endif /* no need for dst_su yet */ } receive_info_t; @@ -153,10 +160,14 @@ typedef struct dest_info { struct socket_info* send_sock; union sockaddr_union to; int id; /* tcp stores the connection id here */ - char proto; snd_flags_t send_flags; + char proto; #ifdef USE_COMP + char proto_pad0; /* padding field */ short comp; +#else + char proto_pad0; /* padding field */ + short proto_pad1; /* padding field */ #endif } dest_info_t;

5 years

[kamailio/kamailio] Malformed INVITE message crashes Kamailio (#2044)

by santoshsridhar

### Description I have sent malformed data to kamailio server and its getting crashed.  ### Troubleshooting #### Reproduction This can be easily reproducable by remove .(eol) from each line of invite packet  #### Debugging Data  ``` (paste your debugging data here) ``` #### Log Messages  ``` 32(78) CRITICAL: <core> [core/pass_fd.c:277]: receive_fd(): EOF on 13 0(46) ALERT: <core> [main.c:745]: handle_sigs(): child process 47 exited by a signal 11 0(46) ALERT: <core> [main.c:748]: handle_sigs(): core was generated 0(46) INFO: <core> [main.c:771]: handle_sigs(): terminating due to SIGCHLD 2(48) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 6(52) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 8(54) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 12(58) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 13(59) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 15(61) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 17(63) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 18(64) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 20(66) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 22(68) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 24(70) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 26(72) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 28(74) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 32(78) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 25(71) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 21(67) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 23(69) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 14(60) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 3(49) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 29(75) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 19(65) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 30(76) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 11(57) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 7(53) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 31(77) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 16(62) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 9(55) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 27(73) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 10(56) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 4(50) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 5(51) INFO: <core> [main.c:826]: sig_usr(): signal 15 received 0(46) INFO: <core> [core/sctp_core.c:53]: sctp_core_destroy(): SCTP API not initialized 2019/08/26 06:14:51.186871 [ERR] (cli) child process died with exit code 1 ``` #### SIP Traffic  ``` INVITE sip:9631793333@10.130.72.178:5060 SIP/2.0 Max-Forwards: 66 From: "9631791999" <sip:9631791999@test.santhos.com>;tag=8BpeDNKX9g7ZN To: <sip:12254431343@52.77.251.154> Call-ID: 0e61d723-400b-1238-5ea2-029e611e72cc CSeq: 8715558 INVITE Supported: timer, path, replaces Allow-Events: talk, hold, conference, refer Content-Type: application/sdp Content-Disposition: session Content-Length: 248 Remote-Party-ID: "9631791999" <sip:9631791999@test.santhos.com>;party=calling;screen=yes;privacy=off Contact: <sip:btpsh-5d5dab4f-36-1@3.82.91.199;alias=10.130.74.48~5060~1> User-Agent: NewServer Accept: application/sdp Allow: INVITE,ACK,CANCEL,BYE,UPDATE v=0 o=- 1566538700029766 7092256907260767331 IN IP4 3.220.58.181 s=X-Lite release 5.6.1 stamp 99140 c=IN IP4 3.220.58.181 t=0 0 m=audio 10030 RTP/AVP 0 101 a=rtpmap:0 PCMU/8000 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv ``` ### Possible Solutions  ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` root@test-server:/# kamailio -v version: kamailio 5.1.4 (x86_64/linux) cc647d flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: cc647d compiled on 10:09:16 Jul 29 2019 with gcc 5.4.0 ``` * **Operating System**:  ``` root@test-server:/# cat /etc/debian_version stretch/sid root@test-server:/# uname -a Linux test-server 4.14.77-69.57.amzn1.x86_64 #1 SMP Tue Nov 6 21:32:55 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/2044

5 years

← Newer
1
...
12
13
14
15
16
17
18
...
44
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev October 2019