sr-dev September 2023

sr-dev@lists.kamailio.org

17 participants
298 discussions

[kamailio/kamailio] Presentity tabla, faster update when drop TCP/TLS connection (#915)

by jresende

Hello, I'm testing kamailio with a SIP client with presence support, when I get a connection drop from a client (i.e when the client lost the access to the Internet connection) I do not receive the change in the status to offline immediately, I just received when the timeout from the presentity database finishes. I know that I'm able to change the expiry parameter from the presentity table, but that increases my battery consumption and the data exchange, the same happens if I reduce the publish interval on the client side. The connection with the server are connected with the TLS or TCP. @miconda Suggested that a solution could be: "For TCP/TLS, what can work, it's to use tcpops module which can execute an event route when a tcp/tls connection is dropped. If you track the association of connection id with the call-id of the presence publish, then you may be able to do some tricks and lower the expires of the published presence state. I haven't had the time to see what's possible there, but could worth investing. An alternative would be to enhance presence module to behave as registrar/usrloc (which can delete contact records on connection drop) to expire documents when tcp/tls connection is closed (not sure if anyone already added it)." -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/915

1 year

[kamailio/kamailio] support valgrind when *_MALLOC is used (#949)

by Victor Seva

As explain at https://www.kamailio.org/wiki/tutorials/troubleshooting/memory#pkg_with_sys… valgrind can be used to check memory leaks if kamailio is compiled without ``*_MALLOC``. I would like to support valgrind even if kamailio is compiled to use its own memory managers. In order to archive this, valgrind has to be informed of how those managers control the memory as described at http://valgrind.org/docs/manual/mc-manual.html#mc-manual.mempools -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/949

1 year

[kamailio/kamailio] dnssec: stop using libdnsval-dev for DNSSEC validation (#851)

by Victor Seva

From https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843477 > From: Ondřej Surý <ondrej(a)debian.org> > To: Debian Bug Tracking System <submit(a)bugs.debian.org> > Subject: src:kamailio: stop using libval-dev for DNSSEC validation > > Package: src:kamailio > Version: 4.4.3-2 > Severity: serious > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Dear maintainer, > > please stop using libdnsval-dev for DNSSEC validation. src:dnsval > is very poorly upstream maintained (SVN repository, issue tracker, > mailing list are non-functional) and I am going to schedule it for > removal for stretch. > > In a long term you should migrated to better and maintained library > (preferrably getdns or just libunbound), but now please just drop > it. > > Cheers, > Ondrej > > - -- System Information: > Debian Release: 8.6 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.2.0-41-generic (SMP w/24 CPU cores) > Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > Init: systemd (via /run/systemd/system) > > -----BEGIN PGP SIGNATURE----- So I'm going to remove **dnssec** module from the official Debian package -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/851

1 year

[kamailio/kamailio] track_cseq_updates does not update Rack SIP header in PRACK. (#801)

by scfcplummy

Hi, When using dialog module and track_cseq_updates when needing to update CSeq for authenticated invites, if early media is present the CSeq in the Rack header is not also incremented. Kamailio version: version: kamailio 4.4.2 (x86_64/linux) 892ad6 flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: 892ad6 compiled on 11:18:36 Sep 28 2016 with gcc 5.4.0 -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/801

1 year

[kamailio/kamailio] sca: implement db_mode only (#781)

by Victor Seva

Sipwise hat ON: We have more than one server and we need to keep things in db in order to share sca subscription/appearance between servers -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/781

1 year

[kamailio/kamailio] sca: update rr if necessary for subscriptions (PR #3571)

by Victor Seva

#### Pre-Submission Checklist    - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [x] Small bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [x] PR should be backported to stable branches - [ ] Tested changes locally #### Description From https://github.com/kamailio/kamailio/pull/3569 After initial subscription by the SCA device, if we power off and on again, we won't get an unsubscribe notification and we are getting a new record-route with sca-subscription. In this case kamailio not updating the new record-route for the SCA Device. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3571 -- Commit Summary -- * sca: update rr if necessary for subscriptions -- File Changes -- M src/modules/sca/sca_subscribe.c (11) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3571.patch https://github.com/kamailio/kamailio/pull/3571.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3571 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3571(a)github.com>

1 year

[kamailio/kamailio] 5.6.4 debian htable dbmode=1 not writing at shutdown (Issue #3536)

by ednt

### Description I use debian 11 and Kamailio 5.6.x modparam("htable", "htable", "callpush=>size=10;autoexpire=86400;dbtable=callpush;dbmode=1") I can store the values in the table, but if I shutdown kamailio, the current values are not stored in the table. #### Reproduction Use a htable and dbtable and dbmode=1 and shutdown kamailio. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3536 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3536(a)github.com>

1 year

[kamailio/kamailio] Add Username support for authentication in redis and sentinel w.r.t NDB REDIS (Issue #3552)

by hemanth-vulavala

### Description The current issue revolves around the absence of username support within the NDB REDIS KAMALIO framework when dealing with Redis, particularly concerning the Redis and Sentinel components. While Redis inherently offers the capability to utilize both usernames and passwords during authentication, this capability is not currently extended to the NDB REDIS KAMALIO setup. As a result, when attempting to establish connections to Redis instances through NDB REDIS KAMALIO, there is no provision for providing a username as part of the authentication process. Instead, the framework only accommodates the usage of passwords for authentication. This stands in contrast to Redis, which permits the inclusion of both usernames and passwords for enhanced security measures. Consequently, the limitation within NDB REDIS KAMALIO can hinder organizations seeking to ensure comprehensive security practices, especially when the requirement is to employ both usernames and passwords for authentication. This divergence between the authentication capabilities of Redis and NDB REDIS KAMALIO can potentially compromise security standards and hinder compatibility with certain authentication setups. To address this issue, it would be essential for the development team behind NDB REDIS KAMALIO to enhance the framework's capabilities by incorporating support for username-based authentication in addition to passwords. This alignment with Redis's authentication model would ensure that organizations can confidently implement secure data interactions while maintaining consistency with established security policies  ### Expected behavior The expected behavior entails an improvement within the NDB REDIS KAMALIO framework to support both usernames and passwords for authentication when interacting with Redis instances, particularly in the Redis and Sentinel components. This enhancement would bring NDB REDIS KAMALIO in line with Redis's native authentication capabilities, where both usernames and passwords are accepted during the authentication process. Upon implementing this improvement, users of NDB REDIS KAMALIO should be able to configure their connections by providing both a username and a password as part of the authentication details. This allows NDB REDIS KAMALIO to establish connections to Redis instances that require both authentication credentials, thereby enhancing security and ensuring compatibility with various authentication setups. By incorporating support for usernames in addition to passwords, NDB REDIS KAMALIO can accommodate organizations that require comprehensive security measures, especially in scenarios where username-based authentication is mandated. This alignment with Redis's authentication model would enable organizations to effectively collect, manage, and interact with data while adhering to established security policies. In summary, the expected behavior is that NDB REDIS KAMALIO should be upgraded to offer support for usernames and passwords during authentication, mirroring Redis's capabilities. This enhancement ensures a consistent and secure approach to data interactions and supports various authentication requirements within Redis environments #### Actual observed behavior The current actual behavior is that NDB REDIS KAMALIO does not have the capability to accept usernames as part of the authentication process when connecting to Redis instances, specifically in both the Redis and Sentinel components. While Redis itself allows for the usage of both usernames and passwords for authentication, this feature is not currently integrated into the NDB REDIS KAMALIO framework. As a result, when configuring connections to Redis instances using NDB REDIS KAMALIO, there is no provision to include a username alongside the authentication details. The framework only accommodates the use of passwords for authentication purposes. This deviation from Redis's authentication model could lead to compatibility issues with certain authentication setups, particularly those that mandate the use of both usernames and passwords. In essence, the actual behavior is that NDB REDIS KAMALIO falls short of aligning with Redis's authentication capabilities, thereby potentially hindering secure data interactions and limiting compatibility with certain security policies. Users attempting to adhere to comprehensive authentication practices may face challenges when utilizing NDB REDIS KAMALIO due to its inability to support usernames during authentication. To address this actual behavior, it would be necessary to enhance NDB REDIS KAMALIO's capabilities to include support for both usernames and passwords during the authentication process. This enhancement would ensure that organizations can confidently utilize NDB REDIS KAMALIO while maintaining the security standards and authentication requirements necessary for their Redis environments. #### Debugging Data ``` (paste your debugging data here) ``` #### Log Messages  ``` (paste your log messages here) ``` #### SIP Traffic  ``` (paste your sip traffic here) ``` ### Possible Solutions  ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` (paste your output here) ``` * **Operating System**:  ``` (paste your output here) ``` -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3552 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3552(a)github.com>

1 year

[kamailio/kamailio] Support for Password Authentication in Sentinel for NDB Redis in kamailio (Issue #3530)

by hemanth-vulavala

### Description Currently, kamailio NDB Redis integration with Sentinel does not offer support for password authentication, leading to potential security concerns in our system. As a result, we are unable to ensure the desired level of protection for sensitive data stored in Redis. *Expected Behavior:* We expect Kamailio to allow the configuration of password authentication for Sentinel in the NDB Redis integration, enabling a secure and password-protected connection to the Redis instances. *Proposed Solution:* To address this issue, we recommend implementing a feature that enables password authentication for the Sentinel-based NDB Redis connections. This improvement will provide an added layer of security, ensuring that only authorized users can access the Redis instances. *Impact:* The absence of password authentication support poses a security risk, making our system vulnerable to potential unauthorized access and data breaches. Implementing this enhancement will safeguard sensitive information and strengthen our Redis integration's security framework. Note: as of now NDB REDIS support redis authentication using password  ### Troubleshooting #### Reproduction Steps to Reproduce:* 1. Attempt to configure password authentication for Sentinel in kamailio NDB Redis integration. ex: modparam("ndb_redis", "server", "name=srvZ;sentinel_group=group_name;sentinel_master=1;sentinel=1.2.3.4:26379;sentinel=1.2.3.5:26379";pass=mypassword") *It is failed to connect the sentinel *  #### Debugging Data  ``` (paste your debugging data here) ``` #### Log Messages  ``` (paste your log messages here) ``` #### SIP Traffic  ``` (paste your sip traffic here) ``` ### Possible Solutions  ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` (paste your output here) ``` * **Operating System**:  ``` (paste your output here) ``` -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3530 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3530(a)github.com>

1 year

[kamailio/kamailio] [rtpengine] Support syntax for new "sdp-attr" manipulations (Issue #3509)

by George Diamantopoulos

### Description Newer rtpengine versions support manipulating SDP "a=" lines directly. Although kamailio is quite versatile when it comes to editing SIP message body, this functionality is often rather frail, especially when forking and having to use msg_apply_changes several times. I believe it would be beneficial to be able to offload such functionality to rtpengine, especially if one wants to apply different manipulations per outgoing branch. ### Expected behavior There should be a way to issue rtpengine ng-control protocol commands compatible with the sdp-attr dictionary syntax. #### Actual observed behavior Currently sdp-attr tokens are not properly evaluated. For example, **doing**: > rtpengine_manage("ICE=remove rtcp-mux-demux trust-address replace-origin replace-session-connection replace-SDP-version direction=internal direction=external sdp-attr-audio-substitute=$avp(fmtp_line) sdp-attr-audio-substitute=fmtp:101 0-15"); _[NOTE: $avp(fmtp_line) seems to expand in empty string here, which is a config error, but it doesn't affect the syntax demonstration in this example IMO]_ **results in**: ``` { "supports": [ "load limit" ], "sdp": "...", "ICE": "remove", "sdp-attr-audio-substitute": "", "sdp-attr-audio-substitute": "fmtp:101", "direction": [ "internal", "external" ], "flags": [ "trust-address", "0-15" ], "replace": [ "origin", "session-connection", "SDP-version" ], "rtcp-mux": [ "demux" ], "call-id": "...", "received-from": [ "IP4", "..." ], "from-tag": "...", "to-tag": "...", "command": "answer" } ``` ### Possible Solutions Support the special syntax of sdp-attr as documented here: https://github.com/sipwise/rtpengine/blob/master/docs/ng_control_protocol.md Here's one way to do it (I guess). In order to get this: ``` "sdp-attr" : { "audio" : { "add" : [ "ptime:20", "sendrecv" ], "substitute": [["fmtp:101 0-15" , "fmtp:126 0-16" ]] }, "video": { "remove" : [ "rtpmap:101 telephone-event/8000" ] }, "none" : { "substitute": [[ "sendrecv" , "sendonly" ], [ "ptime:20" , "ptime:40" ]] } } ``` Use a syntax similar to the following: > rtpengine_manage("... sdp-attr-audio-add=ptime:20 sdp-attr-audio-add=sendrecv sdp-attr-audio-substitute=fmtp:101 0-15 sdp-attr-audio-substitute=fmtp:101 0-16 sdp-attr-video-remove=rtpmap:101 telephone-event/8000 sdp-attr-none-substitute=sendrecv sdp-attr-none-substitute=sendonly sdp-attr-none-substitute=ptime:20 sdp-attr-none-substitute=ptime:40 ..."); It's not very pretty, but it could work. Caveats: * How to handle whitespace (e.g. there's a space in "fmtp:101 0-15" and in "rtpmap:101 telephone-event/8000" ) * substitute commands must always be in pairs, data type is a list of lists containing exactly two items as value in "substitute" key Unfortunately my C skills are not up to this task, but if I can provide any other kind of help please let me know. Thanks! -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3509 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3509(a)github.com>

1 year

← Newer
1
...
8
9
10
11
12
13
14
...
30
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev September 2023