sr-dev December 2023

sr-dev@lists.kamailio.org

14 participants
234 discussions

git:master:c79f28b1: pv: Add PPI and PAI support to hfl and hflc

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: c79f28b11f2683d11aafa72427efb15c95196b8b URL: https://github.com/kamailio/kamailio/commit/c79f28b11f2683d11aafa72427efb15… Author: Xenofon Karamanos <xk(a)gilawa.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-12-08T09:46:56+01:00 pv: Add PPI and PAI support to hfl and hflc --- Modified: src/modules/pv/pv_core.c --- Diff: https://github.com/kamailio/kamailio/commit/c79f28b11f2683d11aafa72427efb15… Patch: https://github.com/kamailio/kamailio/commit/c79f28b11f2683d11aafa72427efb15…

1 year

[kamailio/kamailio] uac: fix socket length settings (PR #3664)

by Péter Barabás

#### Pre-Submission Checklist - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [x] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist: - [x] PR should be backported to stable branches - [ ] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description This PR fixes the setting of uac_req object's socket length. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3664 -- Commit Summary -- * uac: fix socket length settings -- File Changes -- M src/modules/uac/uac_send.c (3) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3664.patch https://github.com/kamailio/kamailio/pull/3664.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3664 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3664(a)github.com>

1 year

git:master:10519d19: uac: fix socket length settings

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 10519d199f6cac116399f4473bd82f2b08de72ba URL: https://github.com/kamailio/kamailio/commit/10519d199f6cac116399f4473bd82f2… Author: Pe��ter Baraba��s <peter.barabas(a)securesoft.hu> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-12-08T09:42:08+01:00 uac: fix socket length settings - set _uac_req.s_sock.len value to 0 in pv_set_uac_req() method in case of "all" case - change setting of _uac_req.s_apasswd.len to _uac_req.s_sock.len in pv_set_uac_req() method in case of "sock" case --- Modified: src/modules/uac/uac_send.c --- Diff: https://github.com/kamailio/kamailio/commit/10519d199f6cac116399f4473bd82f2… Patch: https://github.com/kamailio/kamailio/commit/10519d199f6cac116399f4473bd82f2… --- diff --git a/src/modules/uac/uac_send.c b/src/modules/uac/uac_send.c index c098feacff2..b2cdaad9066 100644 --- a/src/modules/uac/uac_send.c +++ b/src/modules/uac/uac_send.c @@ -210,6 +210,7 @@ int pv_set_uac_req( _uac_req.s_body.len = 0; _uac_req.s_method.len = 0; _uac_req.s_callid.len = 0; + _uac_req.s_sock.len = 0; _uac_req.evroute = 0; _uac_req.evtype = 0; _uac_req.evcode = 0; @@ -399,7 +400,7 @@ int pv_set_uac_req( break; case 12: if(tval == NULL) { - _uac_req.s_apasswd.len = 0; + _uac_req.s_sock.len = 0; return 0; } if(!(tval->flags & PV_VAL_STR)) {

1 year

[kamailio/kamailio] sslv3 errors showing up with 'tls_method' set as 'TLSv1.2+' (Issue #3085)

by Vinicius K. Ruoso

### Description Some users are having issues connecting to kamailio websocket using TLS. The logs show SSLv3 errors. Cannot find why that error would show up if SSLv2/3 is not enabled. Double checked it via SSLLabs that only TLSv1.2 is allowed in the service. Any pointers would be appreciated. Also, let me know if more debug information is needed. ### Troubleshooting #### Debugging Data This is the TLS config: ``` modparam("tls", "tls_method", "TLSv1.2+") modparam("tls", "verify_certificate", 0) modparam("tls", "require_certificate", 0) modparam("tls", "low_mem_threshold1", 0) modparam("tls", "low_mem_threshold2", 0) modparam("tls", "private_key", "/etc/certs/tls.key") modparam("tls", "certificate", "/etc/certs/tls.crt") ``` This is the output from tls module in kamcmd: ``` kamcmd> tls.info { max_connections: 2048 opened_connections: 353 clear_text_write_queued_bytes: 0 } kamcmd> tls.options { force_run: 0 method: TLSv1.2+ verify_certificate: 0 verify_depth: 9 require_certificate: 0 private_key: /etc/certs/tls.key ca_list: <null string> certificate: /etc/certs/tls.crt cipher_list: <null string> session_cache: 0 session_id: kamailio-tls-5.x.y config: <null string> log: 3 debug: 3 connection_timeout: 600 disable_compression: 1 ssl_release_buffers: -1 ssl_freelist_max: -1 ssl_max_send_fragment: -1 ssl_read_ahead: 0 send_close_notify: 0 low_mem_threshold1: 0 low_mem_threshold2: 0 ct_wq_max: 10485760 con_ct_wq_max: 65536 ct_wq_blk_size: 4096 } ``` #### Log Messages I see this log messages related to SSLv3: ``` 15(36) ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS accept:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown 15(36) ERROR: <core> [core/tcp_read.c:1512]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: 0x7fafc8768190 r: 0x7fafc8768278 (-1) ``` ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` version: kamailio 5.3.9 (x86_64/linux) flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: unknown compiled with gcc 6.3.0 ``` * **Operating System**: Debian 9.13. ``` Linux 4.19.112+ #1 SMP Wed Sep 23 07:53:39 PDT 2020 x86_64 GNU/Linux ``` -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3085 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3085(a)github.com>

1 year

git:5.7:63e87491: tls: rework init mode 1 to set PTHREAD_PROCESS_SHARED

by Daniel-Constantin Mierla

Module: kamailio Branch: 5.7 Commit: 63e8749132257ef1f8c8d86ec78f6db2c699f1c8 URL: https://github.com/kamailio/kamailio/commit/63e8749132257ef1f8c8d86ec78f6db… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-12-07T13:32:04+01:00 tls: rework init mode 1 to set PTHREAD_PROCESS_SHARED - pthread mutex set in shm - GH #3635 (cherry picked from commit 4b068f49b618dca5fa85a1687bd9054c1d98ae6a) --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/63e8749132257ef1f8c8d86ec78f6db… Patch: https://github.com/kamailio/kamailio/commit/63e8749132257ef1f8c8d86ec78f6db…

1 year

git:master:4b068f49: tls: rework init mode 1 to set PTHREAD_PROCESS_SHARED

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 4b068f49b618dca5fa85a1687bd9054c1d98ae6a URL: https://github.com/kamailio/kamailio/commit/4b068f49b618dca5fa85a1687bd9054… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-12-07T13:07:09+01:00 tls: rework init mode 1 to set PTHREAD_PROCESS_SHARED - pthread mutex set in shm - GH #3635 --- Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/4b068f49b618dca5fa85a1687bd9054… Patch: https://github.com/kamailio/kamailio/commit/4b068f49b618dca5fa85a1687bd9054…

1 year

git:master:964c21e1: pv_headers: rearrange module parameters

by Victor Seva

Module: kamailio Branch: master Commit: 964c21e16ab4da96d989c230ea18d95872257394 URL: https://github.com/kamailio/kamailio/commit/964c21e16ab4da96d989c230ea18d95… Author: Victor Seva <linuxmaniac(a)torreviejawireless.org> Committer: Victor Seva <linuxmaniac(a)torreviejawireless.org> Date: 2023-12-07T12:28:02+01:00 pv_headers: rearrange module parameters * pvh_ prefix for global variables --- Modified: src/modules/pv_headers/pv_headers.c Modified: src/modules/pv_headers/pv_headers.h Modified: src/modules/pv_headers/pvh_func.c Modified: src/modules/pv_headers/pvh_func.h Modified: src/modules/pv_headers/pvh_hash.c Modified: src/modules/pv_headers/pvh_hash.h Modified: src/modules/pv_headers/pvh_hdr.c Modified: src/modules/pv_headers/pvh_hdr.h Modified: src/modules/pv_headers/pvh_str.c Modified: src/modules/pv_headers/pvh_str.h Modified: src/modules/pv_headers/pvh_xavp.c Modified: src/modules/pv_headers/pvh_xavp.h --- Diff: https://github.com/kamailio/kamailio/commit/964c21e16ab4da96d989c230ea18d95… Patch: https://github.com/kamailio/kamailio/commit/964c21e16ab4da96d989c230ea18d95…

1 year

Error during TLS handshake

by Markus Bönke

Hello ng, I currently face an issue to forward a call via tls to a destination. The check with "openssl client -connect …" to the destination is successful and it returns a valid certificate. However if I forward the call via kamailio I see an TLS error: Alert (Level: Fatal, Description: Unknown CA) I’ve compiled tls module with extra_defs="-DTLS_WR_DEBUG -DTLS_RD_DEBUG“ (with 5.4.9 and 5.5.7) and can see: Dec 7 10:46:40 mbo-debian-vm1 /usr/local/sbin/kamailio[170469]: DEBUG: TLS_TRACE: tls [tls_server.c:1141]: tls_h_read_f(): tls_h_read_f(0xffff898c8a88, 0xffffcc5fe320) tls write on read (WRITE_WANTS_READ): ct_wq_flush()=> 0 (ff=2 ssl_error=1)) Dec 7 10:46:40 mbo-debian-vm1 /usr/local/sbin/kamailio[170469]: DEBUG: TLS_TRACE: tls [tls_server.c:1268]: tls_h_read_f(): tls_h_read_f(0xffff898c8a88, 0xffffcc5fe320) tcpconn_send_unsafe 7 bytes Dec 7 10:46:40 mbo-debian-vm1 /usr/local/sbin/kamailio[170469]: ERROR: tls [tls_server.c:1329]: tls_h_read_f(): protocol level error Dec 7 10:46:40 mbo-debian-vm1 /usr/local/sbin/kamailio[170469]: ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS write:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed It looks like the error "Unknown CA“ is a subsequent error, but the main problem occurs while reading from the tls connection. I’m currently can also debug the issue in the tls module, is there anything which I can check? Maybe the certificate chain is too long? Thanks and regards Markus

1 year

git:master:890dc5f0: ims_charging: free local structure in case of errors

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 890dc5f017084481cd2b0f0d759939393fa115bc URL: https://github.com/kamailio/kamailio/commit/890dc5f017084481cd2b0f0d7599393… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-12-07T08:21:22+01:00 ims_charging: free local structure in case of errors --- Modified: src/modules/ims_charging/ims_ro.c --- Diff: https://github.com/kamailio/kamailio/commit/890dc5f017084481cd2b0f0d7599393… Patch: https://github.com/kamailio/kamailio/commit/890dc5f017084481cd2b0f0d7599393… --- diff --git a/src/modules/ims_charging/ims_ro.c b/src/modules/ims_charging/ims_ro.c index 6fe14ae3dd7..11c74169293 100644 --- a/src/modules/ims_charging/ims_ro.c +++ b/src/modules/ims_charging/ims_ro.c @@ -1721,6 +1721,7 @@ static void resume_on_initial_ccr( } Ro_free_CCA(ro_cca_data); + ro_cca_data = NULL; LM_DBG("Freeing CCA message\n"); cdpb.AAAFreeMessage(&cca); @@ -1757,9 +1758,11 @@ static void resume_on_initial_ccr( return; error1: - Ro_free_CCA(ro_cca_data); - error0: + if(ro_cca_data != NULL) { + Ro_free_CCA(ro_cca_data); + } + LM_DBG("Trying to reserve credit on initial INVITE failed on cdp " "callback\n"); // counter_add(ims_charging_cnts_h.active_ro_sessions, -1); /*we bumped active on the original initial ccr sent */

1 year

git:master:8794e509: core: tcp - set type for literals usef for time difference

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 8794e509b951658e055cc06374c0e2561debdde3 URL: https://github.com/kamailio/kamailio/commit/8794e509b951658e055cc06374c0e25… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-12-07T07:02:42+01:00 core: tcp - set type for literals usef for time difference --- Modified: src/core/tcp_main.c --- Diff: https://github.com/kamailio/kamailio/commit/8794e509b951658e055cc06374c0e25… Patch: https://github.com/kamailio/kamailio/commit/8794e509b951658e055cc06374c0e25… --- diff --git a/src/core/tcp_main.c b/src/core/tcp_main.c index 3d4a6a4e0b1..4972b7d20af 100644 --- a/src/core/tcp_main.c +++ b/src/core/tcp_main.c @@ -5489,11 +5489,11 @@ void tcp_timer_check_connections(unsigned int ticks, void *param) cidset = 0; if(con->state == S_CONN_OK) { if(con->req.tvrstart.tv_sec > 0) { - tvdiff = 1000000 + tvdiff = 1000000LL * (tvnow.tv_sec - con->req.tvrstart.tv_sec) + (tvnow.tv_usec - con->req.tvrstart.tv_usec); - if(tvdiff >= ksr_tcp_msg_read_timeout * 1000000) { + if(tvdiff >= 1000000LL * ksr_tcp_msg_read_timeout) { LM_DBG("n: %d - connection id: %d - message " "reading timeout: %lld\n", n, con->id, tvdiff);

1 year

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev December 2023