git:pd/websocket: modules/websocket: improved sample kamailio. cfg for WebSockets - sr-dev

29 Jun 2012

Module: sip-router
Branch: pd/websocket
Commit: dc7fa93f2e60efd2f7d428762590fa313e3fe91f
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=dc7fa93f...
Author: Peter Dunkley peter.dunkley@crocodile-rcs.com
Committer: Peter Dunkley peter.dunkley@crocodile-rcs.com
Date:   Sat Jun 30 00:02:29 2012 +0100
modules/websocket: improved sample kamailio.cfg for WebSockets
---
modules/websocket/example/kamailio.cfg |  144 ++++++++++++++++++++++---------
 1 files changed, 102 insertions(+), 42 deletions(-)

diff --git a/modules/websocket/example/kamailio.cfg b/modules/websocket/example/kamailio.cfg
index c5bfb88..48cfa4a 100644
--- a/modules/websocket/example/kamailio.cfg
+++ b/modules/websocket/example/kamailio.cfg
@@ -1,32 +1,52 @@
 #!KAMAILIO
+#
+# Simple/sample kamailio.cfg for running a proxy/registrar with TLS and
+# WebSockets support.
+
+#!substdef "!DBURL!sqlite:///db.sqlite!g"
+#!substdef "!MY_IP_ADDR!192.168.111.136!g"
+#!substdef "!MY_WS_PORT!80!g"
+#!substdef "!MY_WSS_PORT!443!g"
+#!substdef "!MY_WS_ADDR!tcp:MY_IP_ADDR:MY_WS_PORT!g"
+#!substdef "!MY_WSS_ADDR!tls:MY_IP_ADDR:MY_WSS_PORT!g"
+
+#!define LOCAL_TEST_RUN
+#!define WITH_TLS
+#!define WITH_WEBSOCKETS
-#!define DBURL		"sqlite:////etc/kamailio/db.sqlite"
####### Global Parameters #########
-debug=2
 fork=yes
 children=4
-enable_tls=1
-
 alias="example.com"
-listen=192.168.111.2:5060
-listen=tcp:192.168.111.2:80
+#!ifdef WITH_TLS
+enable_tls=1
+#!endif
-listen=tls:192.168.111.2:5061
-listen=tls:192.168.111.2:443
+listen=MY_IP_ADDR
+#!ifdef WITH_WEBSOCKETS
+listen=MY_WS_ADDR
+#!ifdef WITH_TLS
+listen=MY_WSS_ADDR
+#!endif
+#!endif
tcp_connection_lifetime=3604
 tcp_accept_no_cl=yes
-
-enable_tls=1
+tcp_rd_buf_size=16384
syn_branch=0
-#mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/"
+#!ifdef LOCAL_TEST_RUN
+debug=2
 mpath="modules_k:modules"
+#!else
+debug=0
+mpath="/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/"
+#!endif
loadmodule "db_sqlite.so"
 loadmodule "tm.so"
@@ -43,11 +63,16 @@ loadmodule "sanity.so"
 loadmodule "ctl.so"
 loadmodule "auth.so"
 loadmodule "auth_db.so"
-loadmodule "xhttp.so"
 loadmodule "kex.so"
-loadmodule "websocket.so"
 loadmodule "mi_rpc.so"
+#!ifdef WITH_TLS
 loadmodule "tls.so"
+#!endif
+#!ifdef WITH_WEBSOCKETS
+loadmodule "xhttp.so"
+loadmodule "websocket.so"
+loadmodule "nathelper.so"
+#!endif
# ----------------- setting module-specific parameters ---------------
@@ -71,51 +96,72 @@ modparam("registrar", "max_expires", 3600)
 modparam("registrar", "gruu_enabled", 0)
# ----- usrloc params -----
-modparam("usrloc", "db_url", DBURL)
+modparam("usrloc", "db_url", "DBURL")
 modparam("usrloc", "db_mode", 0)
# ----- auth_db params -----
-modparam("auth_db", "db_url", DBURL)
+modparam("auth_db", "db_url", "DBURL")
 modparam("auth_db", "calculate_ha1", yes)
 modparam("auth_db", "password_column", "password")
 modparam("auth_db", "load_credentials", "")
-# ----- websocket params -----
-modparam("websocket", "keepalive_timeout", 30)
-
+#!ifdef WITH_TLS
 # ----- tls params -----
 modparam("tls", "tls_method", "SSLv23")
 modparam("tls", "certificate", "CA/ser1_cert.pem")
 modparam("tls", "private_key", "CA/privkey.pem")
 modparam("tls", "ca_list", "CA/calist.pem")
+#!endif
-####### Routing Logic ########
+#!ifdef WITH_WEBSOCKETS
+# ----- websocket params -----
+modparam("websocket", "keepalive_timeout", 30)
+# ----- nathelper params -----
+modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
+# Note: leaving NAT pings turned off here as nathelper is _only_ being used for
+#       WebSocket connections.  NAT pings are not needed as WebSockets have
+#       their own keep-alives.
+#!endif
+
+
+####### Routing Logic ########
# Main SIP request routing logic
 # - processing of any incoming SIP request starts with this route
 # - note: this is the same as route { ... }
 request_route {
-	if ($rm == "OPTIONS")
-	{
-		force_rport();
-		$du = "sip:192.168.111.2:5080;transport=udp";
-		forward();
-		exit;
-	}
-
    # per request initial checks
    route(REQINIT);
+#!ifdef WITH_WEBSOCKETS
+	if (nat_uac_test(64)) {
+		# Do NAT traversal stuff for requests from a WebSocket
+		# connection - even if it is not behind a NAT!
+		# This won't be needed in the future if Kamailio and the
+		# WebSocket client support outbound.
+		force_rport();
+		if (is_method("REGISTER"))
+			fix_nated_register();
+		else {
+			if (!add_contact_alias()) {
+				xlog("L_ERR", "Error aliasing contact <$ct>\n");
+				sl_send_reply("400", "Bad Request");
+				exit;
+			}
+			t_on_reply("WS_REPLY");
+		}
+	}
+#!endif
+
    # handle requests within SIP dialogs
    route(WITHINDLG);
### only initial requests (no To tag)
# CANCEL processing
-	if (is_method("CANCEL"))
-	{
+	if (is_method("CANCEL")) {
    	if (t_check_trans())
    		t_relay();
    	exit;
@@ -129,14 +175,13 @@ request_route {
    # record routing for dialog forming requests (in case they are routed)
    # - remove preloaded route headers
    remove_hf("Route");
-	if (is_method("INVITE|SUBSCRIBE"))
+	if (is_method("INVITE"))
    	record_route();
# handle registrations
    route(REGISTRAR);
-	if ($rU==$null)
-	{
+	if ($rU==$null) {
    	# request with no Username in RURI
    	sl_send_reply("484","Address Incomplete");
    	exit;
@@ -162,8 +207,7 @@ route[REQINIT] {
    	exit;
    }
-	if(!sanity_check("1511", "7"))
-	{
+	if(!sanity_check("1511", "7")) {
    	xlog("Malformed SIP message from $si:$sp\n");
    	exit;
    }
@@ -175,6 +219,15 @@ route[WITHINDLG] {
    	# sequential request withing a dialog should
    	# take the path determined by record-routing
    	if (loose_route()) {
+#!ifdef WITH_WEBSOCKETS
+			if ($du == "") {
+				if (!handle_ruri_alias()) {
+					xlog("L_ERR", "Bad alias <$ru>\n");
+					sl_send_reply("400", "Bad Request");
+					exit;
+				}
+			}
+#!endif
    		route(RELAY);
    	} else {
    		if ( is_method("ACK") ) {
@@ -198,8 +251,7 @@ route[WITHINDLG] {
# Handle SIP registrations
 route[REGISTRAR] {
-	if (is_method("REGISTER"))
-	{
+	if (is_method("REGISTER")) {
    	if (!save("location"))
    		sl_reply_error();
@@ -226,28 +278,35 @@ route[LOCATION] {
# Authentication route
 route[AUTH] {
-	if (is_method("REGISTER") || from_uri==myself)
-	{
+	if (is_method("REGISTER") || from_uri==myself) {
    	# authenticate requests
    	if (!auth_check("$fd", "subscriber", "1")) {
    		auth_challenge("$fd", "0");
    		exit;
    	}
    	# user authenticated - remove auth header
-		if(!is_method("REGISTER|PUBLISH"))
+		if(!is_method("REGISTER"))
    		consume_credentials();
    }
    # if caller is not local subscriber, then check if it calls
    # a local destination, otherwise deny, not an open relay here
-	if (from_uri!=myself && uri!=myself)
-	{
+	if (from_uri!=myself && uri!=myself) {
    	sl_send_reply("403","Not relaying");
    	exit;
    }
 }
+#!ifdef WITH_WEBSOCKETS
+onreply_route[WS_REPLY] {
+	# Do NAT traversal stuff for replies to a WebSocket connection - even
+	# if it is not behind a NAT!
+	# This won't be needed in the future if Kamailio and the WebSocket
+	# client support outbound.
+	add_contact_alias();
+}
+
 event_route[xhttp:request] {
-	if ($Rp != "80" && $Rp != "443") {
+	if ($Rp != MY_WS_PORT && $Rp != MY_WSS_PORT) {
    	xlog("L_WARN", "HTTP request received on $Rp\n");
    	xhttp_reply("403", "Forbidden", "", "");
    	exit;
@@ -276,3 +335,4 @@ event_route[xhttp:request] {
xhttp_reply("404", "Not found", "", "");
 }
+#!endif

    