sr-users February 2010

sr-users@lists.kamailio.org

59 participants
109 discussions

[Kamailio-Users] Error in Registration with TLS on

by Hemanshu Patel

Dear friends, Since last few days i am working on Kamailio with TLS support. I had followed each and every steps in installation docs...created certificates as well. Then i started testing the server with TLS on using SIPP. First i didnt added any certificate to SIPP, and Registration wasnt happening... When i added a certificate and key to SIPP....it started working fine....i was been able to test Registrations Successfully. Then i started working with one open source soft phone supporting TLS named mumble. IT Supports. Now i hadnt added any certificate to Mumblem. In my settings of kamailio i have set clietn_verify = 0 and require_client_certificate = 0. So without certificate as well i should be able to Authenticate my self successfully. Instead it gives following error in kamailio log: Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:print_ip: tcpconn_new: new tcp connection to: 172.16.16.218 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on port 58125, type 3 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: looking up socket based TLS server domain [172.16.16.218:5091] Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_find_server_domain: socket based TLS server domain found Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: found socket based TLS server domain [172.16.16.218:5091] Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server) Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add: hashes: 929, 1 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to tcp child 0 0(3296), 0x7fd6f4a58208 Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:handle_io: received n=8 con=0x7fd6f4a58208, fd=18 Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add: io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1 Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd: New fd is 18 Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept: SSL_accept failed: SSL_ERROR_SSL Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del: io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn: releasing con 0x7fd6f4a58208, state -2, fd=18, id=1 Feb 22 09:50:51 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn: extra_data 0x7fd6f4a683a0 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy: destroying connection 0x7fd6f4a58208, flags 0002 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_close: closing SSL connection Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd: New fd is 23 Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown: shutdown successful Feb 22 09:50:51 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_clean: Cleanup function entered Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:print_ip: tcpconn_new: new tcp connection to: 172.16.16.218 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_new: on port 58126, type 3 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: entered: Creating a whole new ssl connection Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: looking up socket based TLS server domain [172.16.16.218:5091] Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_find_server_domain: socket based TLS server domain found Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: found socket based TLS server domain [172.16.16.218:5091] Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_init: Setting in ACCEPT mode (server) Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_add: hashes: 930, 2 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:handle_new_connect: new connection: 0x7fd6f4a58208 23 flags: 0002 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:send2child: to tcp child 0 0(3296), 0x7fd6f4a58208 Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:handle_io: received n=8 con=0x7fd6f4a58208, fd=18 Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_add: io_watch_add(0x73a0a0, 18, 2, 0x7fd6f4a58208), fd_no=1 Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:tls_update_fd: New fd is 18 Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: ERROR:core:tls_accept: SSL_accept failed: SSL_ERROR_SSL Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:io_watch_del: io_watch_del (0x73a0a0, 18, -1, 0x10) fd_no=2 called Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn: releasing con 0x7fd6f4a58208, state -2, fd=18, id=2 Feb 22 09:51:01 localhost ./sbin/kamailio[3296]: DBG:core:release_tcpconn: extra_data 0x7fd6f4a683a0 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:handle_tcp_child: reader response= 7fd6f4a58208, -2 from 0 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tcpconn_destroy: destroying connection 0x7fd6f4a58208, flags 0002 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_close: closing SSL connection Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_update_fd: New fd is 23 Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_shutdown: shutdown successful Feb 22 09:51:01 localhost ./sbin/kamailio[3300]: DBG:core:tls_tcpconn_clean: Cleanup function entered And in Mumble soft phone log it gives me following Error: [9:50 AM] Welcome to Mumble. [9:50 AM] Server connection failed: Error during SSL handshake: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure. [9:51 AM] Reconnecting. [9:51 AM] Server connection failed: Error during SSL handshake: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure. [9:51 AM] Reconnecting. [9:51 AM] Server connection failed: Error during SSL handshake: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure. [9:51 AM] Reconnecting. [9:51 AM] Server connection failed: Error during SSL handshake: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure. Can any one suggest what could be the problem? My Server works great with SIPP with TLS....so i dont think theres any config related error and i have set client_require_certificate = 0 thats for sure.... In real life scenario, hard or soft phones wont have certificates...so they should be able to connect to server and authenticate/Authorize themselves if server has valid certificate.But its not happening. So i need help from experienced guys.... -- Regards, Hemanshu Patel M: 09601295238

14 years, 9 months

[Kamailio-Users] acc

by Anders

Hi, Probably a simpel fix some...not for me ;-) I get this here below in the log when I try to start Kamailio on a new installation. I suspect something is wrong with the acc module. What I read elsewhere is that it needs to recompile... - could that be, and if so, how would I recompile only a module? Thanks!! //Anders Feb 19 07:52:12 vn1031 kamailio: ERROR:core:set_mod_param_regex: parameter <radius_config> not found in module <acc> Feb 19 07:52:12 vn1031 kamailio: CRITICAL:core:yyerror: parse error in config file, line 140, column 25-26: Can't set module parameter Feb 19 07:52:12 vn1031 kamailio: ERROR:core:set_mod_param_regex: parameter <radius_flag> not found in module <acc> Feb 19 07:52:12 vn1031 kamailio: CRITICAL:core:yyerror: parse error in config file, line 141, column 27-28: Can't set module parameter Feb 19 07:52:12 vn1031 kamailio: ERROR:core:set_mod_param_regex: parameter <radius_missed_flag> not found in module <acc> Feb 19 07:52:12 vn1031 kamailio: CRITICAL:core:yyerror: parse error in config file, line 142, column 20-21: Can't set module parameter Feb 19 07:52:12 vn1031 kamailio: ERROR:core:set_mod_param_regex: parameter <radius_extra> not found in module <acc> Feb 19 07:52:12 vn1031 kamailio: CRITICAL:core:yyerror: parse error in config file, line 157, column 2-3: Can't set module parameter Feb 19 07:52:12 vn1031 kamailio: ERROR:core:main: bad config file (4 errors)

14 years, 9 months

[Kamailio-Users] Demerits of using normal Authentication insted of radius or diameter auth

by Hemanshu Patel

Hello guys..... Recent now i had started taking keen interest in kamailio. I was testing kamailio, and i had test it under two scenario. first of all let me tell u about my configuration. I am testing on normal Desktop pc, installed kamailio,mysql, radius everything on same pc. I am using MYSQL anyway for both sort of testing. When i test with radius authentication, means using radius_www_authorize at max i am getting around 500 cps for Registration, but when i use normal www_authorize i am getting around 2000 CPS.... whopping difference guys..... So, i was wondering what is merits and demerits of not using Radius based authentication. Is it insecure if i use normal Authentication? Its not in my knowledge that radius do encryption...so i dont think by using radius it provides more security. What is your opinions about it? -- Regards, Hemanshu Patel M: 09601295238

14 years, 9 months

[Kamailio-Users] Username of P-Asserted-Identity header

by Marco Bungalski

Hi, all! Is there an easy possibility to get the Username of the P-Asserted-Identity header? When i use $ai i get for example "sip:+4942317769999@testdomain.de". I need only "+4942317769999" in a variable. I know for example that i can use $fU and get only the Username (and $fu gives me the whole From URI).... Cheers, Marco Marco Bungalski GmbH Traversale 5 27283 Verden Telefon: +49 4231 - 776 9999 Fax: +49 4231 - 776 9998 Mobil: +49 172 4204774 e-mail: Marco(a)Bungalski.de www.bungalski.de www.t-m-net.de Geschäftsführender Gesellschafter: Marco Bungalski Sitz der Gesellschaft: D-27283 Verden, AG Walsrode HRB 120586

14 years, 9 months

[Kamailio-Users] CANCEL goes bananas!

by Anders

Ok, "bananas" might not be the right word, but it resembles what is happening ;-) When I get a CANCEL from my customer to Kamailio, it is not passed on to my vendor - this is with a specific customer using VoipSwitch. The result is that the phone called keeps ringing even though it's been (attempted) cancelled, and a sideeffect is that it goes nuts at the carrier side because it can send anymore and returns 480 or 486. Below is the dialog from the Session Progress to when the call is cancelled - and then it goes bananas. Any ideas? Thanks a lot! U 2010/02/12 14:40:25.435793 MyKamailioIP:5060 -> MyCustomerIP:5060 SIP/2.0 183 Session Progress. To: <sip:890912551184517324@MyKamailioIP>;tag=3474974816-620042. From: "69912390" <sip:001128650136@MyCustomerIP:5060>;tag=1202461012501320412156. Contact: <sip:84370551184517324@MyVendorIP:5060>. Call-ID: GWV0iI5c5vUSEUnPBz@MyCustomerIP. CSeq: 1 INVITE. Content-Type: application/sdp. Via: SIP/2.0/UDP MyCustomerIP:5060;rport=5060;received=MyCustomerIP;branch=z9hG4bk120246101250121320412156. Content-Length: 210. . v=0. o=prxams02 0 0 IN IP4 MyVendorIP. s=sip call. c=IN IP4 62.93.140.13. t=0 0. m=audio 42972 RTP/AVP 18 101. a=rtpmap:18 G729/8000. a=fmtp:18 annexb=no. a=rtpmap:101 telephone-event/8000. a=fmtp:101 0-15. U 2010/02/12 14:40:30.625842 MyCustomerIP:5060 -> MyKamailioIP:5060 CANCEL sip:890912551184517324@MyKamailioIP SIP/2.0. CSeq: 1 CANCEL. Via: SIP/2.0/UDP MyCustomerIP:5060;branch=z9hG4bk120246101250121320412156. From: "69912390" <sip:001128650136@MyCustomerIP:5060>;tag=1202461012501320412156. Call-ID: GWV0iI5c5vUSEUnPBz@MyCustomerIP. To: <sip:890912551184517324@MyKamailioIP>;tag=3474974816-620042. Contact: <sip:MyCustomerIP:5060;transport=udp>. Content-Length: 0. . U 2010/02/12 14:41:25.496605 MyVendorIP:5060 -> MyKamailioIP:5060 SIP/2.0 480 Temporarily Unavailable. To: <sip:890912551184517324@MyKamailioIP>;tag=3474974816-620042. From: "69912390" <sip:001128650136@MyCustomerIP:5060>;tag=1202461012501320412156. Contact: <sip:84370551184517324@MyVendorIP:5060>. Call-ID: GWV0iI5c5vUSEUnPBz@MyCustomerIP. CSeq: 1 INVITE. Via: SIP/2.0/UDP MyKamailioIP;branch=z9hG4bKf18c.fa7b81d2.0. Via: SIP/2.0/UDP MyCustomerIP:5060;rport=5060;received=MyCustomerIP;branch=z9hG4bk120246101250121320412156. Content-Length: 0. . U 2010/02/12 14:41:25.496888 MyKamailioIP:5060 -> MyVendorIP:5060 ACK sip:84370551184517324@MyVendorIP:5060 SIP/2.0. Via: SIP/2.0/UDP MyKamailioIP;branch=z9hG4bKf18c.fa7b81d2.0. From: "69912390" <sip:001128650136@MyCustomerIP:5060>;tag=1202461012501320412156. Call-ID: GWV0iI5c5vUSEUnPBz@MyCustomerIP. To: <sip:890912551184517324@MyKamailioIP>;tag=3474974816-620042. CSeq: 1 ACK. Max-Forwards: 70. User-Agent: Kamailio. Content-Length: 0.

14 years, 9 months

[Kamailio-Users] Testing of Kamailio TLS with Sipp TLS

by Hemanshu Patel

Hello friendsm, I am testing TLS feature of both kamailio and Sipp. I first downloaded kamailio 1.5.x TLS supported version, uncommented TLS=1 from Makefiel and then build the kamailio. first i test kamailio without TLS with sipp for registration and everything works file. Then i follow "http://www.kamailio.org/docs/tls-devel.html" and creates rootCA, user certificates and all configuration parameters to kamailio.cfg file Config paras are as below: /* uncomment the following lines to enable TLS support (default off) */ disable_tls = no listen = tls:172.16.16.218:5091 tls_verify_server = 1 tls_verify_client = 1 tls_require_client_certificate = 1 tls_method = TLSv1 tls_certificate = "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-cert.pem" tls_private_key = "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-privkey.pem" tls_ca_list = "/data/hemanshu/install/kam-tls/etc/kamailio/tls/user/user-calist.pem" and restart kamailio server It works and i can see via netstat on port 5091. but when i starts sipp it gives me following error. [hemanshu@localhost sipp.3.1]$ ./sipp -sf ./data/rauth.xml -inf ./data/user.csv -r 1 -m 1 -trace_err -trace_stat -nd -fd 1 -i 172.16.16.218 172.16.16.218:5091 -t l1 2010-02-18 13:51:40:244 1266481300.244432: FI_init_ssl_context: SSL_CTX_use_certificate_file failed. I know i have built sipp with TLS support, then i can not figure out where is the problem. Sipp says user certification file failed ..but client doesnt need any certification file...or does it? i even tried with tls_verify_client = 1 , tls_require_client_certificate = 1, playing with different combinations...but still same ans. Can anyone suggest me what could be wrong? Have i made any mistake in configuring kamailio or theres some problem in SIPP. -- Regards, Hemanshu Patel M: 09601295238

14 years, 9 months

[Kamailio-Users] Issue with dialog module

by Santiago Gimeno

Hi, I'm using kamailio 1.5 from the branch. In a conditional forwarding scenario with this call flow: Phone A Kamailio Phone B Phone C | | | | | | | | | | | | |INVITE | | | |------------->| | | |100 Trying | | | |<-------------| | | | |INVITE | | | |------------->| | | |100 trying | | | |<-------------| | | |180 Ringing | | | |<-------------| | |180 Ringing | | | |<-------------| | | | |486 Busy Here | | | |<-------------| | | |ACK | | | |------------->| | | |INVITE | | | |---------------------------->| | |100 trying | | | |<----------------------------| | |180 Ringing | | | |<----------------------------| |180 Ringing | | | |<-------------| | | | |200 OK | | | |<----------------------------| |200 OK | | | |<-------------| | | |ACK | | | |------------->| | | | |ACK | | | |---------------------------->| | | | | | | | | What I'm observing is that when Kamailio receives the 486 from B, the dialog between A and B is not destroyed, so when the call is finally established between A and C there are two active dialogs as I could check with `kamctl fifo get_statistics active_dialogs`. Shouldn't there be only one active dialog? Is this a problem in my script or a problem with the dialog module? Thanks in advance, Santi

14 years, 9 months

[Serusers] tell me module of ser for nideo streaming..

by city spider

i want to use ser for streaming . please tell me the specific module for streaming... in streaming me using RTSP (Real Time Streaming Protocol) suggest me the specific module that will be added to fulfil my purpose.

14 years, 9 months

[Kamailio-Users] Help me on 'No matching subscription dialog found'

by Asterisk User

Hi Group, I have one more problem regarding a SIP subscribe packet. When my phone registers first time, it gets OK for SUBSCRIBE sent from phone. But after couple of hours it(phone) keeps on sending subsequent SUBSCRIBE requests but the response from Kamailio is 481 Subscription does not exist. Here are my packets, =======================> For first SUBSCRIBE SUBSCRIBE sip:ABC.com SIP/2.0 Via: SIP/2.0/UDP 172.18.100.89:5060;branch=z9hG4bK-4082dbb From: DEF <sip:307@ABC.com>;tag=802bf23e23f4741 To: DEF <sip:307@ABC.com> Call-ID: 9f465e4b-2207f239(a)172.18.100.89 CSeq: 30004 SUBSCRIBE Max-Forwards: 70 Contact: DEF <sip:307@172.18.100.89:5060> Accept: application/simple-message-summary Expires: 2147483647 Event: message-summary User-Agent: Linksys/PAP2T-3.1.15(LS) Content-Length: 0 ------------------------------------------------------- SIP/2.0 202 OK Via: SIP/2.0/UDP 172.18.100.89:5060;branch=z9hG4bK-4082dbb;rport=5060;received=220.224.237.54 From: DEF <sip:307@ABC.com>;tag=802bf23e23f4741 To: DEF <sip:307@ABC.com>;tag=0cca86077d334bd53b00d2c8eab3d5fb.dfeb Call-ID: 9f465e4b-2207f239(a)172.18.100.89 CSeq: 30004 SUBSCRIBE Expires: 3600 Contact: <sip:192.168.94.30:5060> Server: Kamailio (1.5.0-notls (i386/linux)) Content-Length: 0 =======================> For subsequent SUBSCRIBEs SUBSCRIBE sip:ABC.com SIP/2.0 Via: SIP/2.0/UDP 172.18.100.89:5060;branch=z9hG4bK-69712d2e From: DEF <sip:307@ABC.com>;tag=5d3bd6c2989f0839 To: DEF <sip:307@ABC.com>;tag=0cca86077d334bd53b00d2c8eab3d5fb.dfeb Call-ID: 7f6d2c36-97569155(a)172.18.100.89 CSeq: 55947 SUBSCRIBE Max-Forwards: 70 Contact: DEF <sip:307@172.18.100.89:5060> Accept: application/simple-message-summary Expires: 2147483647 Event: message-summary User-Agent: Linksys/PAP2T-3.1.15(LS) Content-Length: 0 ------------------------------------------------------- SIP/2.0 481 Subscription does not exist Via: SIP/2.0/UDP 172.18.100.89:5060;branch=z9hG4bK-69712d2e;rport=5060;received=220.224.237.54 From: DEF <sip:307@ABC.com>;tag=5d3bd6c2989f0839 To: DEF <sip:307@ABC.com>;tag=0cca86077d334bd53b00d2c8eab3d5fb.dfeb Call-ID: 7f6d2c36-97569155(a)172.18.100.89 CSeq: 55947 SUBSCRIBE Server: Kamailio (1.5.0-notls (i386/linux)) Content-Length: 0 ---------------------------------------------------------------------------------------------------------------------------------------------- ===>The error which I get on kamailio is, ERROR:presence:get_database_info: No matching subscription dialog found in database ===>Have already loaded the module presence.so modparam("presence", "db_url", "mysql://XYZ:XYZ@192.168.90.12/openser") modparam("presence", "max_expires", 3600) modparam("presence", "presentity_table", "presentity") modparam("presence", "active_watchers_table", "active_watchers") modparam("presence", "watchers_table", "watchers") modparam("presence", "clean_period", 100) modparam("presence", "db_update_period", 100) modparam("presence", "to_tag_pref", 'pres') modparam("presence", "expires_offset", 10) modparam("presence", "server_address", "sip:192.168.94.30:5060") modparam("presence", "fallback2db", 1) modparam("presence", "subs_htable_size", 11) modparam("presence", "pres_htable_size", 11) loadmodule "presence_mwi.so" loadmodule "presence_xml.so" modparam("presence_xml", "force_active", 1) modparam("presence_xml", "db_url", "mysql://XYZ:XYZ@192.168.90.12/openser") --------------------------------------------------------------------------------------------------------------------------------------------- Please help me on this. --SM

14 years, 9 months

[Kamailio-Users] starting

by Andrew Matthews

I'm looking for a tutorial of some sort to help me with getting openser running. What I need from it, are a basic proxy with both IP and username/password authentication, and an lcr. I've searched the net and can't seem to find what I need. I'm new to openser, I came from the asterisk world. If anyone can point me in the right direction I'd appreciate it. Thanks, Exstatica

14 years, 9 months

← Newer
1
2
3
4
5
6
7
...
11
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users February 2010