sr-dev June 2021

sr-dev@lists.kamailio.org

15 participants
312 discussions

Interconnecting SIP servers without the PSTN

by Bill Neely

greetings all: I have long believed that VOIP and SIP will not reach their full potential until SIP servers can route calls to other SIP servers without having to go through the ancient telephone system, and pay their tolls. There is nothing of substance preventing any SIP server from calling numbers at any other SIP server. They just need to know which numbers are hosted on which servers. There have been several attempts to resolve this issue: freenum.org, e164,org, Dundi (for asterisk). All appear to be dead at this time. I think that one of the reasons for these failures was that all of these systems relied on the public DNS system to exchange server location info. Putting your SIP server address on a public system and advertising that this is the IP of a SIP server is simply begging for hackers to attempt to breach your SIP server. Its like painting a big target on your back. We at Xantek have been working on an alternate approach, using AGI calls and responses to identify routing info. This approach allows us to limit server identification to registered users of the system, and registered users will have to provide identification (something that hackers probably won't do). We also are incorporating a PIN number into the dial string, so that recipients are aware that the call is coming from a valid user. The PIN can be easily changed if fraudulent activity is suspected. We have a working model for Asterisk set up (see voipconnect.tel for details), but we would like to expand into the Kamailio-verse. What we need is a few Kamailio experts to help with the development of the system on Kamailio. If you have any interest in helping, please reply to this post. TIA, Bill

3 years, 5 months

Re: [sr-dev] [kamailio/kamailio] secsipid: docs for secsipid_check(...) function (6822bde)

by David Villasmil

Nice! -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e…

3 years, 5 months

git:master:ecc2cc69: pkg: enable RHEL7-like distros to build with OpenSSL 1.1.1

by sergey-safarov

Module: kamailio Branch: master Commit: ecc2cc69b08e797ca954af233c229ed44475ce33 URL: https://github.com/kamailio/kamailio/commit/ecc2cc69b08e797ca954af233c229ed… Author: SPChan <shihping.chan(a)gmail.com> Committer: sergey-safarov <s.safarov(a)gmail.com> Date: 2021-06-18T15:56:41+03:00 pkg: enable RHEL7-like distros to build with OpenSSL 1.1.1 --- Modified: pkg/kamailio/obs/kamailio.spec --- Diff: https://github.com/kamailio/kamailio/commit/ecc2cc69b08e797ca954af233c229ed… Patch: https://github.com/kamailio/kamailio/commit/ecc2cc69b08e797ca954af233c229ed… --- diff --git a/pkg/kamailio/obs/kamailio.spec b/pkg/kamailio/obs/kamailio.spec index 8e9483bada..b68df0eef5 100644 --- a/pkg/kamailio/obs/kamailio.spec +++ b/pkg/kamailio/obs/kamailio.spec @@ -172,6 +172,11 @@ %define _rundir %{_localstatedir}/run %endif +# build with openssl 1.1.1 on RHEL 7 based dists +%if 0%{?rhel} == 7 +%bcond_with openssl11 +%endif + # redefine buggy openSUSE Leap _sharedstatedir macro. More info at https://bugzilla.redhat.com/show_bug.cgi?id=183370 %if 0%{?suse_version} == 1315 %define _sharedstatedir /var/lib @@ -279,8 +284,13 @@ Account transaction information in a JSON dictionary. %package auth-ephemeral Summary: Functions for authentication using ephemeral credentials Group: %{PKGGROUP} +%if 0%{?rhel} == 7 && %{with openssl11} +Requires: openssl11, kamailio = %ver +BuildRequires: openssl11-devel +%else Requires: openssl, kamailio = %ver BuildRequires: openssl-devel +%endif %description auth-ephemeral Functions for authentication using ephemeral credentials. @@ -365,9 +375,14 @@ Requires: openssl BuildRequires: openssl-devel %endif %if 0%{?rhel} == 7 +%if %{with openssl11} +Requires: openssl11-libs +BuildRequires: openssl11-devel +%else Requires: openssl-libs BuildRequires: openssl-devel %endif +%endif %if 0%{?fedora} Requires: openssl-libs BuildRequires: openssl-devel @@ -673,8 +688,13 @@ MySQL database connectivity for Kamailio. %package outbound Summary: Outbound (RFC 5626) support for Kamailio Group: %{PKGGROUP} +%if 0%{?rhel} == 7 && %{with openssl11} +Requires: openssl11, kamailio = %ver +BuildRequires: openssl11-devel +%else Requires: openssl, kamailio = %ver BuildRequires: openssl-devel +%endif %description outbound RFC 5626, "Managing Client-Initiated Connections in the Session Initiation @@ -952,8 +972,13 @@ SQLite database connectivity for Kamailio. %package tls Summary: TLS transport for Kamailio Group: %{PKGGROUP} +%if 0%{?rhel} == 7 && %{with openssl11} +Requires: openssl11, kamailio = %ver +BuildRequires: openssl11-devel +%else Requires: openssl, kamailio = %ver BuildRequires: openssl-devel +%endif %description tls TLS transport for Kamailio. @@ -1008,8 +1033,13 @@ Non-SIP utitility functions for Kamailio. %package websocket Summary: WebSocket transport for Kamailio Group: %{PKGGROUP} +%if 0%{?rhel} == 7 && %{with openssl11} +Requires: libunistring, openssl11, kamailio = %ver +BuildRequires: libunistring-devel, openssl11-devel +%else Requires: libunistring, openssl, kamailio = %ver BuildRequires: libunistring-devel, openssl-devel +%endif %description websocket WebSocket transport for Kamailio. @@ -1106,6 +1136,9 @@ make cfg prefix=/usr \ make make every-module skip_modules="app_mono db_cassandra db_oracle iptrtpproxy \ jabber ndb_cassandra osp" \ +%if %{with openssl11} + SSL_BUILDER="pkg-config libssl11" \ +%endif %if 0%{?fedora} || 0%{?suse_version} || 0%{?rhel} == 8 FREERADIUS=1 \ %endif @@ -1201,6 +1234,9 @@ rm -rf %{buildroot} make install make install-modules-all skip_modules="app_mono db_cassandra db_oracle \ iptrtpproxy jabber osp" \ +%if %{with openssl11} + SSL_BUILDER="pkg-config libssl11" \ +%endif %if 0%{?fedora} || 0%{?suse_version} || 0%{?rhel} == 8 FREERADIUS=1 \ %endif

3 years, 5 months

git:master:e4527941: modules: readme files regenerated - secsipid ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: e4527941b9d16b476a60b19bd15307cdac4b530b URL: https://github.com/kamailio/kamailio/commit/e4527941b9d16b476a60b19bd15307c… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2021-06-18T14:16:22+02:00 modules: readme files regenerated - secsipid ... [skip ci] --- Modified: src/modules/secsipid/README --- Diff: https://github.com/kamailio/kamailio/commit/e4527941b9d16b476a60b19bd15307c… Patch: https://github.com/kamailio/kamailio/commit/e4527941b9d16b476a60b19bd15307c…

3 years, 5 months

git:master:6822bde4: secsipid: docs for secsipid_check(...) function

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 6822bde4dc4715043d3d416b710664e5b14637b8 URL: https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2021-06-18T14:06:42+02:00 secsipid: docs for secsipid_check(...) function --- Modified: src/modules/secsipid/doc/secsipid_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e… Patch: https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e… --- diff --git a/src/modules/secsipid/doc/secsipid_admin.xml b/src/modules/secsipid/doc/secsipid_admin.xml index bc1a8ac332..28f3dce68a 100644 --- a/src/modules/secsipid/doc/secsipid_admin.xml +++ b/src/modules/secsipid/doc/secsipid_admin.xml @@ -266,6 +266,45 @@ request_route { </programlisting> </example> </section> + <section id="secsipid.f.secsipid_check"> + <title> + <function moreinfo="none">secsipid_check(sIdentity, keyPath)</function> + </title> + <para> + Check the validity of the "sIdentity" parameter using the keys stored + in the file specified by "keyPath". If the keyPath parameter is empty, + the function is downloading the key using the URL from "info" + parameter of the sIdentity, using the value of "timeout" + parameter to limit the download time. The validity of the JWT + in the sIdentity value is also checked against the "expire" + parameter. + </para> + <para> + The parameters can contain pseudo-variables. + </para> + <para> + This function can be used from ANY_ROUTE. + </para> + <example> + <title><function>secsipid_check</function> usage</title> + <programlisting format="linespecific"> +... +request_route { + ... + if(secsipid_check_identity("...", "/secsipid/$si/cert.pem")) { ... } + ... + if(secsipid_check_identity("...", "")) { ... } + ... +} +... +</programlisting> + </example> + <para> + Further checks can be done with config operations, decoding the JWT header + and payload using {s.select} and {s.decode.base64t} transformations + together with jansson module. + </para> + </section> <section id="secsipid.f.secsipid_get_url"> <title> <function moreinfo="none">secsipid_get_url(url, ovar)</function>

3 years, 5 months

git:master:961ac613: secsipid: added secsipid_check(sidentity, keypath)

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 961ac61392fb3f916287e16380cd64b5ef499360 URL: https://github.com/kamailio/kamailio/commit/961ac61392fb3f916287e16380cd64b… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2021-06-18T14:02:07+02:00 secsipid: added secsipid_check(sidentity, keypath) - check the identity value provided in the first parameter --- Modified: src/modules/secsipid/secsipid_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/961ac61392fb3f916287e16380cd64b… Patch: https://github.com/kamailio/kamailio/commit/961ac61392fb3f916287e16380cd64b… --- diff --git a/src/modules/secsipid/secsipid_mod.c b/src/modules/secsipid/secsipid_mod.c index 1f8bc7e72c..83a1f236dc 100644 --- a/src/modules/secsipid/secsipid_mod.c +++ b/src/modules/secsipid/secsipid_mod.c @@ -52,6 +52,7 @@ static int child_init(int); static void mod_destroy(void); static int w_secsipid_check_identity(sip_msg_t *msg, char *pkeypath, char *str2); +static int w_secsipid_check(sip_msg_t *msg, char *pidentity, char *pkeypath); static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char *str2); static int w_secsipid_add_identity(sip_msg_t *msg, char *porigtn, char *pdesttn, char *pattest, char *porigid, char *px5u, char *pkeypath); @@ -82,6 +83,8 @@ static cmd_export_t cmds[]={ fixup_spve_null, fixup_free_spve_null, ANY_ROUTE}, {"secsipid_check_identity_pubkey", (cmd_function)w_secsipid_check_identity_pubkey, 1, fixup_spve_null, fixup_free_spve_null, ANY_ROUTE}, + {"secsipid_check", (cmd_function)w_secsipid_check, 2, + fixup_spve_spve, fixup_free_spve_spve, ANY_ROUTE}, {"secsipid_add_identity", (cmd_function)w_secsipid_add_identity, 6, fixup_spve_all, fixup_free_spve_all, ANY_ROUTE}, {"secsipid_build_identity", (cmd_function)w_secsipid_build_identity, 6, @@ -325,6 +328,56 @@ static int w_secsipid_check_identity_pubkey(sip_msg_t *msg, char *pkeyval, char return ki_secsipid_check_identity_pubkey(msg, &keyval); } +/** + * + */ +static int ki_secsipid_check(sip_msg_t *msg, str *sidentity, str *keypath) +{ + int ret = 1; + + if(secsipid_cache_dir.len > 0) { + _secsipid_papi.SecSIPIDSetFileCacheOptions(secsipid_cache_dir.s, + secsipid_cache_expire); + } + if(secsipid_libopt_list_used==0) { + str_list_t *sit; + for(sit=secsipid_libopt_list; sit!=NULL; sit=sit->next) { + _secsipid_papi.SecSIPIDOptSetV(sit->s.s); + } + secsipid_libopt_list_used = 1; + } + ret = _secsipid_papi.SecSIPIDCheckFull(sidentity->s, sidentity->len, + secsipid_expire, keypath->s, secsipid_timeout); + + if(ret==0) { + LM_DBG("identity check: ok\n"); + return 1; + } + + LM_DBG("identity check: failed\n"); + return ret; +} + +/** + * + */ +static int w_secsipid_check(sip_msg_t *msg, char *pidentity, char *pkeypath) +{ + str sidentity = STR_NULL; + str keypath = STR_NULL; + + if(fixup_get_svalue(msg, (gparam_t*)pidentity, &sidentity)<0) { + LM_ERR("failed to get identity value parameter\n"); + return -1; + } + + if(fixup_get_svalue(msg, (gparam_t*)pkeypath, &keypath)<0) { + LM_ERR("failed to get keypath parameter\n"); + return -1; + } + + return ki_secsipid_check(msg, &sidentity, &keypath); +} /** * @@ -704,6 +757,11 @@ static sr_kemi_t sr_kemi_secsipid_exports[] = { { SR_KEMIP_STR, SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE } }, + { str_init("secsipid"), str_init("secsipid_check"), + SR_KEMIP_INT, ki_secsipid_check, + { SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_NONE, + SR_KEMIP_NONE, SR_KEMIP_NONE, SR_KEMIP_NONE } + }, { str_init("secsipid"), str_init("secsipid_add_identity"), SR_KEMIP_INT, ki_secsipid_add_identity, { SR_KEMIP_STR, SR_KEMIP_STR, SR_KEMIP_STR,

3 years, 5 months

[kamailio/kamailio] TLS: same TLSc is used for different outbound connection when it is switched with tls_set_connect_server_id() (#2760)

by arkadiam

### Description Thank you for implementing #2413, I'm looking forward to use it. I was trying it on a dev system. It works fine when the same TLS client needs to be selected for ALL connections. Having issue with it when connection expected to alternate between multiple configured TLS clients. When configured as bellow and event_route alternates between connections (like in logs bellow) connection is always using TLSc with one of the server-ids, e.g. "domain-02". It looks like it's a race between setting server id in event_route and a "thread" that starts TLS client. In my observations only one TLS client is used. Expecting: each outbound connection use TLSc as it was set by tls_set_connect_server_id(). ``` event_route[tm:local-request] { if (is_method("OPTIONS")) { $var(contact) = "Contact: <sip:" + $fd + ":5061;transport=tls>\r\n"; append_hf("$var(contact)"); if ($fd == "domain-01") { tls_set_connect_server_id("domain-01"); xlog("L_INFO", "ID=$ci|tls_set_connect_server_id(domain-01)\n"); } else if ($fd == "domain-02") { tls_set_connect_server_id("domain-02"); xlog("L_INFO", "ID=$ci|tls_set_connect_server_id(domain-02)\n"); } } } ``` Dispatcher configured as: ``` loadmodule "dispatcher.so" modparam("dispatcher", "list_file", "/etc/kamailio/dispatcher.list") modparam("dispatcher", "ds_probing_mode", 1) modparam("dispatcher", "ds_ping_interval", 60) ``` With records like: ``` 1 sip:sip1.host.com;transport=tls 0 1 socket=tls:111.222.233.11:5061;ping_from=sip:my-domain-01.com 1 sip:sip2.host.com;transport=tls 0 2 socket=tls:111.222.233.12:5061;ping_from=sip:my-domain-01.com 1 sip:sip3.host.com;transport=tls 0 3 socket=tls:111.222.233.13:5061;ping_from=sip:my-domain-01.com 2 sip:sip1.host.com;transport=tls 0 1 socket=tls:111.222.233.21:5061;ping_from=sip:my-domain-02.com 2 sip:sip2.host.com;transport=tls 0 2 socket=tls:111.222.233.22:5061;ping_from=sip:my-domain-02.com 2 sip:sip3.host.com;transport=tls 0 3 socket=tls:111.222.233.23:5061;ping_from=sip:my-domain-02.com ``` #### Log Messages ``` Jun 3 11:57:44 INFO: <script>: ID=4eadda397f10fcb1-948(a)1.2.3.4|tls_set_connect_server_id(domain-02) Jun 3 11:57:44 INFO: <script>: ID=4eadda397f10fcb2-948(a)1.2.3.4|tls_set_connect_server_id(domain-01) Jun 3 11:57:44 INFO: <script>: ID=4eadda397f10fcb3-948(a)1.2.3.4|tls_set_connect_server_id(domain-02) Jun 3 11:57:44 INFO: <script>: ID=4eadda397f10fcb4-948(a)1.2.3.4|tls_set_connect_server_id(domain-01) Jun 3 11:57:44 INFO: <script>: ID=4eadda397f10fcb5-948(a)1.2.3.4|tls_set_connect_server_id(domain-02) Jun 3 11:57:44 INFO: <script>: ID=4eadda397f10fcb6-948(a)1.2.3.4|tls_set_connect_server_id(domain-01) ``` ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` version: kamailio 5.5.0 (x86_64/linux) flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled with gcc 7.5.0 ``` * **Operating System**: ``` Linux dev03 4.15.0-143-generic #147-Ubuntu SMP Wed Apr 14 16:10:11 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux Ubuntu 18.04.5 LTS ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/2760

3 years, 5 months

git:master:e87fd9ce: modules: readme files regenerated - secsipid ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: e87fd9ce381c73d3733c38812c86e467cf966089 URL: https://github.com/kamailio/kamailio/commit/e87fd9ce381c73d3733c38812c86e46… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2021-06-17T16:46:24+02:00 modules: readme files regenerated - secsipid ... [skip ci] --- Modified: src/modules/secsipid/README --- Diff: https://github.com/kamailio/kamailio/commit/e87fd9ce381c73d3733c38812c86e46… Patch: https://github.com/kamailio/kamailio/commit/e87fd9ce381c73d3733c38812c86e46… --- diff --git a/src/modules/secsipid/README b/src/modules/secsipid/README index 004d376fb4..5e07580ddf 100644 --- a/src/modules/secsipid/README +++ b/src/modules/secsipid/README @@ -41,6 +41,9 @@ Daniel-Constantin Mierla 4.4. secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath) + 4.5. secsipid_build_identity(origTN, destTN, attest, origID, + x5u, keyPath) + 5. Installation List of Examples @@ -55,7 +58,8 @@ Daniel-Constantin Mierla 1.8. secsipid_check_identity_pubkey usage 1.9. secsipid_get_url usage 1.10. secsipid_add_identity usage - 1.11. Libsecsipid Usage + 1.11. secsipid_build_identity usage + 1.12. Libsecsipid Usage Chapter 1. Admin Guide @@ -84,6 +88,9 @@ Chapter 1. Admin Guide 4.4. secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath) + 4.5. secsipid_build_identity(origTN, destTN, attest, origID, x5u, + keyPath) + 5. Installation 1. Overview @@ -213,6 +220,9 @@ modparam("secsipid", "libopt", "CacheExpires=0") 4.4. secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath) + 4.5. secsipid_build_identity(origTN, destTN, attest, origID, x5u, + keyPath) + 4.1. secsipid_check_identity(keyPath) Check the validity of the Identity header using the keys stored in the @@ -305,6 +315,35 @@ request_route { } ... +4.5. secsipid_build_identity(origTN, destTN, attest, origID, x5u, keyPath) + + Build Identity value using the key specified by "keyPath" to sign the + JWT body. If origID is empty, a UUID string is generated to fill the + field. The origTN represents the origination telephone number; destTN + represents the destination telephone number; x5u is the HTTP URL + referencing to the public key that should be used to verify the + signature; attest represents the attestation level (should be "A", "B" + or "C"). On success, the Indentity value is stored in variable + $secsipid(val). It also sets $secsipid(ret) to the return value of the + libsecsipid functions. + + The parameters can contain pseudo-variables. + + This function can be used from ANY_ROUTE. + + Example 1.11. secsipid_build_identity usage +... +request_route { + ... + if(secsipid_build_identity("$fU", "$rU", "A", "", + "https://kamailio.org/stir/$rd/cert.pem", "/secsipid/$rd/key.pem")) +{ + xinfo("Identity value: $secsipid(val)\n"); + } + ... +} +... + 5. Installation The module needs "secsipdi_proc.so" module that depends on @@ -319,7 +358,7 @@ request_route { installed and its environment configured, then run the following commands: - Example 1.11. Libsecsipid Usage + Example 1.12. Libsecsipid Usage ... export GO111MODULE=off go get https://github.com/asipto/secsipidx

3 years, 5 months

git:master:e6f4e929: dispatcher: print eol in some log messages

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: e6f4e929efb61a1a51aa1b4b5587999acc8dc55d URL: https://github.com/kamailio/kamailio/commit/e6f4e929efb61a1a51aa1b4b5587999… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2021-06-17T16:40:39+02:00 dispatcher: print eol in some log messages --- Modified: src/modules/dispatcher/dispatch.c --- Diff: https://github.com/kamailio/kamailio/commit/e6f4e929efb61a1a51aa1b4b5587999… Patch: https://github.com/kamailio/kamailio/commit/e6f4e929efb61a1a51aa1b4b5587999… --- diff --git a/src/modules/dispatcher/dispatch.c b/src/modules/dispatcher/dispatch.c index 78ece3fffe..674678417d 100644 --- a/src/modules/dispatcher/dispatch.c +++ b/src/modules/dispatcher/dispatch.c @@ -325,7 +325,7 @@ int ds_set_attrs(ds_dest_t *dest, str *vattrs) dest->attrs.weight = tmp_ival; } else { dest->attrs.weight = 0; - LM_ERR("weight %d not in 1-100 range - ignoring destination", + LM_ERR("weight %d not in 1-100 range - ignoring destination\n", tmp_ival); } } else if(pit->name.len == 7 @@ -350,7 +350,7 @@ int ds_set_attrs(ds_dest_t *dest, str *vattrs) dest->attrs.rweight = tmp_ival; } else { dest->attrs.rweight = 0; - LM_WARN("rweight %d not in 1-100 range - ignoring", tmp_ival); + LM_WARN("rweight %d not in 1-100 range - ignoring\n", tmp_ival); } } else if(pit->name.len == 9 && strncasecmp(pit->name.s, "ping_from", 9) == 0) {

3 years, 5 months

git:master:cf828521: secsipid: docs for secsipid_build_identity(...) function

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: cf82852199f1fee7ee01e4a25d5e79a2ab1bbf8d URL: https://github.com/kamailio/kamailio/commit/cf82852199f1fee7ee01e4a25d5e79a… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2021-06-17T16:35:55+02:00 secsipid: docs for secsipid_build_identity(...) function --- Modified: src/modules/secsipid/doc/secsipid_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/cf82852199f1fee7ee01e4a25d5e79a… Patch: https://github.com/kamailio/kamailio/commit/cf82852199f1fee7ee01e4a25d5e79a… --- diff --git a/src/modules/secsipid/doc/secsipid_admin.xml b/src/modules/secsipid/doc/secsipid_admin.xml index 527db1aecf..bc1a8ac332 100644 --- a/src/modules/secsipid/doc/secsipid_admin.xml +++ b/src/modules/secsipid/doc/secsipid_admin.xml @@ -322,6 +322,42 @@ request_route { ... } ... +</programlisting> + </example> + </section> + <section id="secsipid.f.secsipid_build_identity"> + <title> + <function moreinfo="none">secsipid_build_identity(origTN, destTN, attest, origID, x5u, keyPath)</function> + </title> + <para> + Build Identity value using the key specified by "keyPath" to sign the JWT body. + If origID is empty, a UUID string is generated to fill the field. The origTN + represents the origination telephone number; destTN represents the destination + telephone number; x5u is the HTTP URL referencing to the public key that + should be used to verify the signature; attest represents the attestation + level (should be "A", "B" or "C"). On success, the Indentity value is + stored in variable $secsipid(val). It also sets $secsipid(ret) to + the return value of the libsecsipid functions. + </para> + <para> + The parameters can contain pseudo-variables. + </para> + <para> + This function can be used from ANY_ROUTE. + </para> + <example> + <title><function>secsipid_build_identity</function> usage</title> + <programlisting format="linespecific"> +... +request_route { + ... + if(secsipid_build_identity("$fU", "$rU", "A", "", + "https://kamailio.org/stir/$rd/cert.pem", "/secsipid/$rd/key.pem")) { + xinfo("Identity value: $secsipid(val)\n"); + } + ... +} +... </programlisting> </example> </section>

3 years, 5 months

← Newer
1
...
14
15
16
17
18
19
20
...
32
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev June 2021