sr-dev October 2023

sr-dev@lists.kamailio.org

15 participants
286 discussions

git:master:2bc2bdf2: secsipid: extended interal API with SecSIPIDSignJSONHPPrvKey()

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 2bc2bdf2ff158510f4f570a1f5abe3f72745234c URL: https://github.com/kamailio/kamailio/commit/2bc2bdf2ff158510f4f570a1f5abe3f… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-10-30T13:02:09+01:00 secsipid: extended interal API with SecSIPIDSignJSONHPPrvKey() --- Modified: src/modules/secsipid/secsipid_papi.h --- Diff: https://github.com/kamailio/kamailio/commit/2bc2bdf2ff158510f4f570a1f5abe3f… Patch: https://github.com/kamailio/kamailio/commit/2bc2bdf2ff158510f4f570a1f5abe3f… --- diff --git a/src/modules/secsipid/secsipid_papi.h b/src/modules/secsipid/secsipid_papi.h index 51b83a8ea86..8948316c716 100644 --- a/src/modules/secsipid/secsipid_papi.h +++ b/src/modules/secsipid/secsipid_papi.h @@ -29,6 +29,9 @@ typedef struct secsipid_papi int (*SecSIPIDSignJSONHP)(char *headerJSON, char *payloadJSON, char *prvkeyPath, char **outPtr); + int (*SecSIPIDSignJSONHPPrvKey)(char *headerJSON, char *payloadJSON, + char *prvkeyData, char **outPtr); + int (*SecSIPIDGetIdentity)(char *origTN, char *destTN, char *attestVal, char *origID, char *x5uVal, char *prvkeyPath, char **outPtr);

1 year

sip/voip : DID, URI, ENUM, opened networks : how to understand it better?

by hd99＠mailo.com

hello im coming back to ask on this forum, sorry if im at the wrong place, but i guess there are some sip experts around here (if it's not the right place, tell me where...) i was wondering, what about the public enum usage for sip networks? i mean, is there any type of public networks, known for having an opened/accessible users scheme? eg : here in france there are linphone and ippi, and others (providing software+service) both, offers both software+service, but can be dissociated means its possible (normally) to use another sip software with a provider, etc the idea is, there is what i think called a DID/URI, whom looks like email principle : user(a)domain.com ; but in a way, it's a bit similar for xmpp and sip : alice(a)first.com could email, call or message bob(a)second.net ; and normally, it's minded to be interoperable (or federated) on an opened-network circuit. what i try to understand is : URI or DID might be i guess, the user(a)domain.net. however, if sip is really used today, it's on closed networks. I mean, using data, only whatsapp and others, I guess uses xmpp or sip, but not in an opened-way, means not +123475(a)whatsapp.org, what would be great to be communicate with, without having to install their app. on ""real"" opened-community, such as callcentrix or voip.ms, it's the case : a user of a domain could reach another domain, using it's DID/URI email. well, I found then that there is a kind of ENUM thing I discovered few days ago. instead of defunct iNum, where it was supposed to be as an online voip accessible and free from internet (like skype) new kind of voip network, ENUM looks like to be enclosed one. As operators mainly looks for ""security"" (or security of closed-business), i found those things : https://wiki.freepbx.org/display/DIMG/SIP+Enum+Support https://en.wikibooks.org/wiki/Voice_over_IP/ENUM_and_E146_Technology https://www.lightreading.com/cable-technology/the-impact-of-enum-on-voip https://lafibre.info/images/peering/201506_efort_carrier_enum.pdf so if i understand well, mainly operators took SIP protocol to create their own voIP network, to their susbcribers ; not bad if it wasnt totally-closed? imho, i then discovered that all operators around the world have (for a part of them) a voip/sip account for all volte or even for business lines. My mind was, sip looks like to be great working. But what surprised me in the bad way : why isnt it possible, because it's 100% data usage, to call them directly from a common "voip/callcentric/linphone/other" sip account? i guess it's a question of money, but i dont understand then why people dont go directly on a sip account if their computer is internet connected h24 or even LTE/5G running permanently on their phone : it would be double unlimited plus free of charge international calls. Know people will tell me "just it's whatsapp", but no : whatsapp brings just simplicity + zero rating in some countries, not privacy-compliant and opened and federated usage. am I wrong? on my own, I would have a little question for the nerds or passionate, like me, to SIP protocol for opened-networks, to ensure it's possible to simple voip communicate with relatives, on the same scheme as email : just call a contact by it's user(a)domain.net, and it might work. How could you convince your relatives to go on a such scheme? I mean, in EU we have several voip initiative, whom are fully accessible from worldwide callers, where in N/america there are voip.ms and callcentric, maybe others.. are those users only using it for pstn-paid calls? why not skype then? in addition : is there a directory of opened-sip URI/DID/ENUM to be in touch with, to see what operators/voip service providers permits their users to be called from anywhere around the world? the main advantage of this is like email (or xmpp) : just with a voip/sip software, + a sip account, calls to any other sip user around the world, is generally totally free and unlimited. Why dont people adopt it, instead of whatsapp&etc? are they some opened-voip providers directory, where some individuals or organisations could be called from over the world, through sip? do you know some organisation, NGO or companies whom can be called from just a opened-sip network provider? thank you for reading, and much more if you share your thoughts (and sorry for bad eng..)

1 year

[kamailio/kamailio] failed `tls` module build on master (Issue #3621)

by sergey-safarov

failed `tls` module build on master ``` CC (gcc) [M crypto.so] api.o CC (gcc) [M crypto.so] crypto_aes.o CC (gcc) [M crypto.so] crypto_evcb.o CC (gcc) [M crypto.so] crypto_mod.o CC (gcc) [M crypto.so] crypto_uuid.o LD (gcc) [M crypto.so] crypto.so CC (gcc) [M tls.so] tls_bio.o CC (gcc) [M tls.so] tls_cfg.o CC (gcc) [M tls.so] tls_config.o CC (gcc) [M tls.so] tls_ct_wrq.o CC (gcc) [M tls.so] tls_domain.o CC (gcc) [M tls.so] tls_dump_vf.o CC (gcc) [M tls.so] tls_init.o CC (gcc) [M tls.so] tls_locking.o CC (gcc) [M tls.so] tls_map.o CC (gcc) [M tls.so] tls_mod.o CC (gcc) [M tls.so] tls_rand.o CC (gcc) [M tls.so] tls_rpc.o CC (gcc) [M tls.so] tls_select.o CC (gcc) [M tls.so] tls_server.o CC (gcc) [M tls.so] tls_util.o CC (gcc) [M tls.so] tls_verify.o LD (gcc) [M tls.so] tls.so CC (gcc) [M auth_identity.so] auth_crypt.o auth_crypt.c: In function 'rsa_sha1_enc': auth_crypt.c:214:9: warning: 'RSA_sign' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 214 | if(RSA_sign(NID_sha1, sstrcrypted, sizeof sstrcrypted, | ^~ In file included from /usr/include/openssl/x509.h:36, from /usr/include/openssl/pem.h:23, from auth_crypt.c:33: /usr/include/openssl/rsa.h:356:27: note: declared here 356 | OSSL_DEPRECATEDIN_3_0 int RSA_sign(int type, const unsigned char *m, | ^~~~~~~~ auth_crypt.c: In function 'rsa_sha1_dec': auth_crypt.c:258:9: warning: 'EVP_PKEY_get1_RSA' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 258 | hpubkey = EVP_PKEY_get1_RSA(pkey); | ^~~~~~~ In file included from /usr/include/openssl/pem.h:22, from auth_crypt.c:33: /usr/include/openssl/evp.h:1359:16: note: declared here 1359 | struct rsa_st *EVP_PKEY_get1_RSA(EVP_PKEY *pkey); | ^~~~~~~~~~~~~~~~~ auth_crypt.c:266:9: warning: 'RSA_verify' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 266 | if(RSA_verify(NID_sha1, (unsigned char *)ssha, sshasize, | ^~ In file included from /usr/include/openssl/x509.h:36, from /usr/include/openssl/pem.h:23, from auth_crypt.c:33: /usr/include/openssl/rsa.h:359:27: note: declared here 359 | OSSL_DEPRECATEDIN_3_0 int RSA_verify(int type, const unsigned char *m, | ^~~~~~~~~~ auth_crypt.c:273:17: warning: 'RSA_free' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 273 | RSA_free(hpubkey); | ^~~~~~~~ In file included from /usr/include/openssl/x509.h:36, from /usr/include/openssl/pem.h:23, from auth_crypt.c:33: /usr/include/openssl/rsa.h:301:28: note: declared here 301 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r); | ^~~~~~~~ auth_crypt.c:298:9: warning: 'RSA_free' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 298 | RSA_free(hpubkey); | ^~~~~~~~ In file included from /usr/include/openssl/x509.h:36, from /usr/include/openssl/pem.h:23, from auth_crypt.c:33: /usr/include/openssl/rsa.h:301:28: note: declared here 301 | OSSL_DEPRECATEDIN_3_0 void RSA_free(RSA *r); | ^~~~~~~~ CC (gcc) [M auth_identity.so] auth_dynstr.o CC (gcc) [M auth_identity.so] auth_hdrs.o CC (gcc) [M auth_identity.so] auth_http.o CC (gcc) [M auth_identity.so] auth_identity.o auth_identity.c: In function 'mod_init': auth_identity.c:414:9: warning: 'PEM_read_RSAPrivateKey' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 414 | glb_hmyprivkey = PEM_read_RSAPrivateKey(hpemfile, NULL, NULL, NULL); | ^~~~~~~~~~~~~~ In file included from auth_identity.c:43: /usr/include/openssl/pem.h:447:1: note: declared here 447 | DECLARE_PEM_rw_cb_attr(OSSL_DEPRECATEDIN_3_0, RSAPrivateKey, RSA) | ^~~~~~~~~~~~~~~~~~~~~~ auth_identity.c:425:9: warning: 'RSA_size' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 425 | if(initdynstr(&glb_encedmsg, RSA_size(glb_hmyprivkey))) | ^~ In file included from /usr/include/openssl/x509.h:36, from /usr/include/openssl/pem.h:23, from auth_identity.c:43: /usr/include/openssl/rsa.h:212:27: note: declared here 212 | OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa); | ^~~~~~~~ auth_identity.c:429:9: warning: 'RSA_size' is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations] 429 | if(initdynstr(&glb_b64encedmsg, (RSA_size(glb_hmyprivkey) / 3 + 1) * 4)) | ^~ In file included from /usr/include/openssl/x509.h:36, from /usr/include/openssl/pem.h:23, from auth_identity.c:43: /usr/include/openssl/rsa.h:212:27: note: declared here 212 | OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa); | ^~~~~~~~ CC (gcc) [M auth_identity.so] auth_tables.o LD (gcc) [M auth_identity.so] auth_identity.so Makefile:49: sources = tls_bio.c tls_cfg.c tls_config.c tls_ct_wrq.c tls_domain.c tls_dump_vf.c tls_init.c tls_map.c tls_rand.c tls_rpc.c tls_select.c tls_server.c tls_util.c tls_verify.c tls_wolfssl_mod.c , auto_gen = , objs = tls_bio.o tls_cfg.o tls_config.o tls_ct_wrq.o tls_domain.o tls_dump_vf.o tls_init.o tls_map.o tls_rand.o tls_rpc.o tls_select.o tls_server.o tls_util.o tls_verify.o tls_wolfssl_mod.o Makefile:49: sources = tls_bio.c tls_cfg.c tls_config.c tls_ct_wrq.c tls_domain.c tls_dump_vf.c tls_init.c tls_map.c tls_rand.c tls_rpc.c tls_select.c tls_server.c tls_util.c tls_verify.c tls_wolfssl_mod.c , auto_gen = , objs = tls_bio.o tls_cfg.o tls_config.o tls_ct_wrq.o tls_domain.o tls_dump_vf.o tls_init.o tls_map.o tls_rand.o tls_rpc.o tls_select.o tls_server.o tls_util.o tls_verify.o tls_wolfssl_mod.o /bin/sh: line 3: ./autogen.sh: No such file or directory env: './configure': No such file or directory make[2]: *** [Makefile:21: ../../../misc/external/wolfssl/build/include/wolfssl/options.h] Error 127 make[1]: *** [Makefile:508: modules] Error 1 make[1]: Leaving directory '/root/rpmbuild/BUILD/kamailio-5.8.0-dev1/src' make: *** [Makefile:34: every-module] Error 2 ``` -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3621 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3621(a)github.com>

1 year

linphone, voip, gigaset, looking for SIP experts

by hd99＠mailo.com

hello, i have tried with a friend recently, im unsure if it's the proper place to talk about it, but it's one of the rare forums with a category focused about SIP/VoIP. here it is : gigaset c530ip, i guess it's among the most solt model from the last decade, from that manufacturer. on frenchy telcos forums, several nerds also have it, so i guess that device is pretty well know. What is highly less known, is the gigaset.net voip network offered by the manufacturer. I was thinking it was running about xmpp protocol. Looks like it's sip only. Well, it started like : 1. i tried to see if it was usable, alive, for a several yrs old device. So i looked into the phone's system, and saw a kind of directory, really difficult to use nowadays, regarding our smartphone's new features : it's both slow and limited in entry's public directory. well, half-public : browse it requires to get a gigaset voip professional phone. 2. when i discovered that "worldwide" directory, i tried to "call" like that, registred accounts. Uh: all were busy/unactive, no one seems available. From family-like accounts, to SMB or others usages, hundred of "sip account" are still registred, and listed. 3. well, after few months of little investigation, with a friend whom gets a such similar phone, we tried to see if it was a out of order network, or just a dormant one with thousand of forgotten accounts. we were then surprised to see that the network was working well, able to get a (unsecured) sip/voip communication. 4. thus, device looks like to get released in retail too early to support s/zrtp. however, even if between both same models, from two different cities, with two different internet access, the communication was working, but from another type of phone/service, it's not at all : i tried from both linphone/ippi software/services. Each time, the gigaset rings, shows the incoming call alert, but even when pushing the green button to hang up, isnt able to start a new communication : it's blocked on the gigast device, while the other (not gigaset, linphone) phone says its entered in communication, with no sound at all, for a while (about a minute) before the communication gets stopped. qusetion is : how could it be fixed? anyone get success to call a sip gigaset device on gigaset.net network, with a working communication? here are various logs we went about to retrieve from a friends (from linphone app or device's base with tcpdump) are here : https://e.pcloud.link/publink/show?code=kZaqksZwM00MtijVWhqlGajWiyL7RWmDwg7 i thank you vm for your help !

1 year, 1 month

Re: [kamailio/kamailio] usrloc: docs for ka_reply_codes parameter (c1bc5f7)

by Victor Seva

"200,405,486" ?? -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf… You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf7f963466a/130981248(a)github.com>

1 year, 1 month

Re: [kamailio/kamailio] usrloc: docs for ka_reply_codes parameter (c1bc5f7)

by Victor Seva

which responses are ?? -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf… You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf7f963466a/130981246(a)github.com>

1 year, 1 month

git:master:55b3ce67: modules: readme files regenerated - usrloc ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: 55b3ce67709e56be116bb7077931ba7f4c79dff5 URL: https://github.com/kamailio/kamailio/commit/55b3ce67709e56be116bb7077931ba7… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2023-10-26T13:47:02+02:00 modules: readme files regenerated - usrloc ... [skip ci] --- Modified: src/modules/usrloc/README --- Diff: https://github.com/kamailio/kamailio/commit/55b3ce67709e56be116bb7077931ba7… Patch: https://github.com/kamailio/kamailio/commit/55b3ce67709e56be116bb7077931ba7… --- diff --git a/src/modules/usrloc/README b/src/modules/usrloc/README index 00b0743e9a0..fa0db1dcc66 100644 --- a/src/modules/usrloc/README +++ b/src/modules/usrloc/README @@ -97,8 +97,9 @@ Carsten Bock 3.55. ka_timeout (int) 3.56. ka_loglevel (int) 3.57. ka_logmsg (str) - 3.58. load_rank (int) - 3.59. db_clean_tcp (int) + 3.58. ka_reply_codes (str) + 3.59. load_rank (int) + 3.60. db_clean_tcp (int) 4. RPC Commands @@ -203,8 +204,9 @@ Carsten Bock 1.55. Set ka_timeout parameter 1.56. ka_loglevel parameter usage 1.57. ka_logmsg parameter usage - 1.58. load_rank parameter usage - 1.59. db_clean_tcp parameter usage + 1.58. ka_reply_codes parameter usage + 1.59. load_rank parameter usage + 1.60. db_clean_tcp parameter usage Chapter 1. Admin Guide @@ -278,8 +280,9 @@ Chapter 1. Admin Guide 3.55. ka_timeout (int) 3.56. ka_loglevel (int) 3.57. ka_logmsg (str) - 3.58. load_rank (int) - 3.59. db_clean_tcp (int) + 3.58. ka_reply_codes (str) + 3.59. load_rank (int) + 3.60. db_clean_tcp (int) 4. RPC Commands @@ -416,8 +419,9 @@ Chapter 1. Admin Guide 3.55. ka_timeout (int) 3.56. ka_loglevel (int) 3.57. ka_logmsg (str) - 3.58. load_rank (int) - 3.59. db_clean_tcp (int) + 3.58. ka_reply_codes (str) + 3.59. load_rank (int) + 3.60. db_clean_tcp (int) 3.1. nat_bflag (int) @@ -1228,19 +1232,35 @@ modparam("usrloc", "ka_loglevel", 1) modparam("usrloc", "ka_logmsg", " to-uri: [$tu] remote-addr: [$sas]") ... -3.58. load_rank (int) +3.58. ka_reply_codes (str) + + Comma separated list of reply code values or reply code classes to be + considered valid for keepalive processing. If the reply code does not + match any of them, then the reply is ignored, not considered a valid + response to keepalive request. It could be useful to skip replies from + intermediary proxies that could not forward the request. + + Default value is ��0�� (checking of reply code is not done, are responses + are considered valid). + + Example 1.58. ka_reply_codes parameter usage +... +modparam("usrloc", "ka_reply_codes", "2,405,486") +... + +3.59. load_rank (int) Allows to set the rank of the child SIP worker to load the location records. Default value is ��1�� (PROC_SIPINIT). - Example 1.58. load_rank parameter usage + Example 1.59. load_rank parameter usage ... modparam("usrloc", "load_rank", 1) ... -3.59. db_clean_tcp (int) +3.60. db_clean_tcp (int) If set to 1, when Kamailio starts it removes the contacts with transport TCP, TLS or WSS, no longer loading them. Useful when end @@ -1251,7 +1271,7 @@ modparam("usrloc", "load_rank", 1) Default value is ��0�� (do not clean tcp contacts). - Example 1.59. db_clean_tcp parameter usage + Example 1.60. db_clean_tcp parameter usage ... modparam("usrloc", "db_clean_tcp", 1) ...

1 year, 1 month

git:master:c1bc5f70: usrloc: docs for ka_reply_codes parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: c1bc5f7095659182401e6dd2b25bfaf7f963466a URL: https://github.com/kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-10-26T13:41:12+02:00 usrloc: docs for ka_reply_codes parameter --- Modified: src/modules/usrloc/doc/usrloc_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf… Patch: https://github.com/kamailio/kamailio/commit/c1bc5f7095659182401e6dd2b25bfaf… --- diff --git a/src/modules/usrloc/doc/usrloc_admin.xml b/src/modules/usrloc/doc/usrloc_admin.xml index 61491648a0c..5f244bc80e5 100644 --- a/src/modules/usrloc/doc/usrloc_admin.xml +++ b/src/modules/usrloc/doc/usrloc_admin.xml @@ -1504,6 +1504,29 @@ modparam("usrloc", "ka_logmsg", " to-uri: [$tu] remote-addr: [$sas]") </example> </section> + <section id="usrloc.p.ka_reply_codes"> + <title><varname>ka_reply_codes</varname> (str)</title> + <para> + Comma separated list of reply code values or reply code classes to be + considered valid for keepalive processing. If the reply code does not + match any of them, then the reply is ignored, not considered a valid + response to keepalive request. It could be useful to skip replies + from intermediary proxies that could not forward the request. + </para> + <para> + Default value is <quote>0</quote> (checking of reply code is not done, + are responses are considered valid). + </para> + <example> + <title><varname>ka_reply_codes</varname> parameter usage</title> + <programlisting format="linespecific"> +... +modparam("usrloc", "ka_reply_codes", "2,405,486") +... + </programlisting> + </example> + </section> + <section id="usrloc.p.load_rank"> <title><varname>load_rank</varname> (int)</title> <para>

1 year, 1 month

git:master:8797e745: usrloc: new parameter to specify reply codes for keepalive handling

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 8797e7454f5948c0c8166bf2b938a489b3092f2d URL: https://github.com/kamailio/kamailio/commit/8797e7454f5948c0c8166bf2b938a48… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-10-26T13:34:51+02:00 usrloc: new parameter to specify reply codes for keepalive handling - comma separated list of reply codes or reply class to be considered valid for keepalive handling --- Modified: src/modules/usrloc/ul_keepalive.c Modified: src/modules/usrloc/ul_keepalive.h Modified: src/modules/usrloc/usrloc_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/8797e7454f5948c0c8166bf2b938a48… Patch: https://github.com/kamailio/kamailio/commit/8797e7454f5948c0c8166bf2b938a48… --- diff --git a/src/modules/usrloc/ul_keepalive.c b/src/modules/usrloc/ul_keepalive.c index 9897233ea53..02c21c0837e 100644 --- a/src/modules/usrloc/ul_keepalive.c +++ b/src/modules/usrloc/ul_keepalive.c @@ -315,6 +315,47 @@ unsigned long ul_ka_fromhex(str *shex, int *err) return v; } +/** + * + */ +#define UL_KA_REPLY_CODES_SIZE 32 +static int _ul_ka_reply_codes[UL_KA_REPLY_CODES_SIZE] = {0}; + +/** + * + */ +int ul_ka_parse_reply_codes(char *vcodes) +{ + int nb = 0; + char *p; + char *e; + + _ul_ka_reply_codes[0] = 0; + if(vcodes == NULL || strlen(vcodes) == 0) { + LM_ERR("invalid parameter\n"); + return -1; + } + p = vcodes; + while(nb < UL_KA_REPLY_CODES_SIZE && *p) { + _ul_ka_reply_codes[nb] = strtol(p, &e, 10); + if(_ul_ka_reply_codes[nb] > 0) { + nb++; + } else { + _ul_ka_reply_codes[nb] = 0; + } + while(*e == ',' || *e == ' ') { + e++; + } + p = e; + } + if(nb == UL_KA_REPLY_CODES_SIZE) { + LM_ERR("exceeded maximum number of reply code rules\n"); + return -1; + } + _ul_ka_reply_codes[nb] = 0; + return 0; +} + /** * */ @@ -329,6 +370,7 @@ int ul_ka_reply_received(sip_msg_t *msg) struct timeval tvm; struct timeval tvn; unsigned int tvdiff; + int i; if(msg->cseq == NULL) { if((parse_headers(msg, HDR_CSEQ_F, 0) == -1) || (msg->cseq == NULL)) { @@ -345,6 +387,19 @@ int ul_ka_reply_received(sip_msg_t *msg) return 1; } + for(i = 0; _ul_ka_reply_codes[i] != 0; i++) { + if(_ul_ka_reply_codes[i] == msg->first_line.u.reply.statuscode + || _ul_ka_reply_codes[i] + == (msg->first_line.u.reply.statuscode / 100)) { + break; + } + } + + if(i > 0 && _ul_ka_reply_codes[i] == 0) { + /* no match of status code */ + return 1; + } + /* there must be no second via */ if(!(parse_headers(msg, HDR_VIA2_F, 0) == -1 || (msg->via2 == 0) || (msg->via2->error != PARSE_OK))) { diff --git a/src/modules/usrloc/ul_keepalive.h b/src/modules/usrloc/ul_keepalive.h index b807d392c57..8e5e684b37a 100644 --- a/src/modules/usrloc/ul_keepalive.h +++ b/src/modules/usrloc/ul_keepalive.h @@ -35,5 +35,6 @@ int ul_ka_urecord(urecord_t *ur); int ul_ka_reply_received(sip_msg_t *msg); +int ul_ka_parse_reply_codes(char *vcodes); -#endif \ No newline at end of file +#endif diff --git a/src/modules/usrloc/usrloc_mod.c b/src/modules/usrloc/usrloc_mod.c index de75545bc78..37f4a903b86 100644 --- a/src/modules/usrloc/usrloc_mod.c +++ b/src/modules/usrloc/usrloc_mod.c @@ -220,6 +220,8 @@ int ul_hash_size = 10; int ul_db_insert_null = 0; int ul_db_timer_clean = 0; +char *ul_ka_reply_codes_str = "0"; + /* flags */ unsigned int ul_nat_bflag = (unsigned int)-1; unsigned int ul_init_flag = 0; @@ -301,6 +303,7 @@ static param_export_t params[] = { {"ka_timeout", PARAM_INT, &ul_keepalive_timeout}, {"ka_loglevel", PARAM_INT, &ul_ka_loglevel}, {"ka_logmsg", PARAM_STR, &ul_ka_logmsg}, + {"ka_reply_codes", PARAM_STRING, &ul_ka_reply_codes_str}, {"load_rank", PARAM_INT, &ul_load_rank}, {"db_clean_tcp", PARAM_INT, &ul_db_clean_tcp}, {0, 0, 0} @@ -335,6 +338,9 @@ static int mod_init(void) int i; udomain_t *d; + if(ul_ka_parse_reply_codes(ul_ka_reply_codes_str)) { + return -1; + } if(ul_rm_expired_delay != 0) { if(ul_db_mode != DB_ONLY) { LM_ERR("rm expired delay feature is available for db only mode\n");

1 year, 1 month

[kamailio/kamailio] kamailio depends on obsolete pcre3 library (Issue #2946)

by Victor Seva

>From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000134: ``` Source: kamailio Severity: important User: matthew-pcredep(a)debian.org Usertags: obsolete-pcre3 Dear maintainer, Your package still depends on the old, obsolete PCRE3[0] libraries (i.e. libpcre3-dev). This has been end of life for a while now, and upstream do not intend to fix any further bugs in it. Accordingly, I would like to remove the pcre3 libraries from Debian, preferably in time for the release of Bookworm. The newer PCRE2 library was first released in 2015, and has been in Debian since stretch. Upstream's documentation for PCRE2 is available here: https://pcre.org/current/doc/html/ Many large projects that use PCRE have made the switch now (e.g. git, php); it does involve some work, but we are now at the stage where PCRE3 should not be used, particularly if it might ever be exposed to untrusted input. This mass bug filing was discussed on debian-devel@ in https://lists.debian.org/debian-devel/2021/11/msg00176.html Regards, Matthew [0] Historical reasons mean that old PCRE is packaged as pcre3 in Debian ``` -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/2946

1 year, 1 month

← Newer
1
...
13
14
15
16
17
18
19
...
29
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev October 2023