I have noticed the following issue which began with builds somewhere between
git master commits bff0a08 and 6173ef7. I did not see this issue with my
previous builds and haven't been able to pin down the problem, which is why I
haven't formally filed a bug.
Any help or guidance is appreciated, because this has crippled my use of
Kamailio. Only a restart enables it to work again until the issue recurs.
ERROR: tls [tls_server.c:189]: tls_complete_init(): tls: ssl bug #1491
workaround: not enough memory for safe operation: 8870536
ERROR: <core> [tcp_read.c:1303]: tcp_read_req(): ERROR: tcp_read_req: error
reading
I currently build against and run openssl-1.0.1k-12.fc22.x86_64.
I have a very small operation and the only change on the operational side is
that all 5 of my mobile UACs (yes, that's all) have switched from
CSipSimple/Android to Zoiper/Android, which doesn't yet have support for
client-side certificates so verify_certificate and require_certificate are off
for both the server and client config.
The server is started with:
/usr/sbin/kamailio -P /run/kamailio/kamailio.pid -m 64 -M 8
I have tried modifying the shared mem to 128 but the issue still occurs.
Even right now, I am seeing the error when only one UAC has established a TLS
connection:
# kamcmd tls.list
{
id: 572
timeout: 3475
src_ip: 10.77.79.156
src_port: 58688
dst_ip: 10.77.79.3
dst_port: 5061
cipher: ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1
ct_wq_size: 0
enc_rd_buf: 0
flags: 2
state: established
}
# kamailio.cfg
enable_tls=yes
loadmodule "tls.so"
modparam("tls", "connection_timeout", 60)
#modparam("tls", "tls_log", 1)
#modparam("tls", "tls_debug", 1)
#modparam("tls", "low_mem_threshold1", -1)
#modparam("tls", "low_mem_threshold2", 0)
modparam("tls", "session_cache", 1)
# tls.cfg
[server:default]
method = TLSv1+
verify_certificate = no
require_certificate = no
private_key = /etc/kamailio/example.org.key.pem
certificate = /etc/kamailio/example.org.crt.pem
server_name = example.org
cipher_list = ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-
AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-
SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-
SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-
SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-
SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-
SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
[client:default]
method = TLSv1+
verify_certificate = no
require_certificate = no
private_key = /etc/kamailio/example.org.key.pem
certificate = /etc/kamailio/example.org.crt.pem
cipher_list = ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-
AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-
SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-
SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-
SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-
SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-
SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
Thanks. -Anthony
--
Anthony - https://messinet.com/ - https://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
Hello,
I can't figure out why Kamailio reports hundreds of calls with the following
error:
"/usr/local/sbin/kamailio[2997]: ERROR: rtpproxy [rtpproxy.c:2727]:
force_rtp_proxy(): incorrect port 0 in reply from rtp proxy"
It seems that each time this error occurs, we got a one-way audio call.
I already check and increase the limit for opening files that the process
can open with ulimit -n 500000. But, anyway, if I look to /proc/$PID/fd, I
never see more than 1000 files open.
I also check the socket with netstat: same; I can see the error while
there's only less than 800 sockets open.
Is someone know what can be the trigger of this?
Regards,
Igor.
Hi,
We observe that the following kamailio API is trying to find out user
registration by comparing source IP and port with stored contact, if it
fails, then it compares based on incoming SIP msg contact uri.
is_registered(struct sip_msg* _m, udomain_t* _d){
getContactP(_m,_d);
}
pcontact_t * getContactP(struct sip_msg* _m, udomain_t* _d) {);
//Getting pcontact from source
IP and port
if (ul.get_pcontact_by_src(_d,
&received_host, _m->rcv.src_port, _m->rcv.proto, &c) == 1) {
LM_DBG("No
entry in usrloc for %.*s:%i (Proto %i) found!\n", received_host.len,
received_host.s, _m->rcv.src_port, _m->rcv.proto);
}
if (c == NULL) {
//Getting pcontact from
contact uri.
if (ul.get_pcontact(_d, &ct->uri, &c) == 0) {
}
}
We have use case where INVITE message is from same source IP and port but
having unregistered contact.With this scenario,is_registered() will return
success.
We would like to know reason behind comparing the source IP and port to
fetch the pcontact?
Regards,
Prashant
Hello,
I am considering to release Kamailio v4.3.4 next week on Wed, Nov 25 or
the following day. As usual, announce any issues that you are aware and
not reported to sr-dev or bug tracker. Also, if some patch was not
backported and you think it has to be, write to sr-dev mailing list.
Cheers,
Daniel
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Kamailio Advanced Training, Nov 30-Dec 2, Berlin - http://asipto.com/kat
Hello!
My problem is I need to do users authentication through API. So I need to
replace
if (!www_authenticate("$td", "subscriber")) {
www_challenge("$td", "1");
}
With
if (!my_auth_script()) {
www_challenge("$td", "1");
}
The main problem is - how can I grab or compare users password? I know
nonce, which I understand is MD5 salt. Can I, for example, grab users
password from API, then grab the MD5 string and the nonce user sent me,
calculate MD5 on base of API password and nonce - and then compare MD5
strings sent by user and calculated?
--
Alexandru Covalschi
ABRISS-Solutions
VoIP engineer and system administrator
phone: +37367398493
web: http://abs-telecom.com/
Hello,
I have configured the SNMPstats module fine in my machine because I get the
SNMP information with the new KAMAILIO MIBS but I don't understand why the
value of kamailio dialogs is always 0:
KAMAILIO-MIB::kamailioCurNumDialogs.0 = Gauge32: 0
KAMAILIO-MIB::kamailioCurNumDialogsInProgress.0 = Gauge32: 0
KAMAILIO-MIB::kamailioCurNumDialogsInSetup.0 = Gauge32: 0
KAMAILIO-MIB::kamailioTotalNumFailedDialogSetups.0 = Counter32: 0
However I can see the transactions:
KAMAILIO-SIP-COMMON-MIB::kamailioSIPSummaryTotalTransactions.0 = Counter32:
54797
Should I configure an specific parametr of the SNMPstats module?
Regards,
Hi All,
I installed kamailio on Ubuntu as IMS pCSCF/iCSCF/sCSCF. REGISTER is fine,
but when I tried to send a MESSAGE (SMS) from one user to another, it was
always not successful. I captured IP packets on the server, and it seemed
that the error was caused on pCSCF.
User1 and User2 are both behind their NAT network. Suppose User1's private
IP is Private_IP1, and User1's public IP (on router) is Public_IP1, and
User2's private and public IPs are Private_IP2 and Public_IP2:
User1 pCSCF
iCSCF sCSCF
user2
MESSAGE
---------------->
MESSAGE
--------------------->
MESSAGE
------------------->
MESSAGE
<-----------------------------------------------------
MESSAGE
----------------------------------------------------------------------------
---->
Unfortunately, from the captured data on the server, in the last step, the
MESSAGE was sent to the Private_IP2 of User2. It should be sent to the
Public_IP2. Of course, the datagram with the destination of Private_IP2
cannot reach User2 successfully.
Please help analyze why the pCSCF sent the MESSAGE packet to User2's private
IP instead of public IP. The configuration file was attached for reference.
BR.
Thierry Luo
Hi,
Sorry to ask something probably very simple but I'm difficulty finding
the right kinds of resources to learn from which are succinct enough to
not overload my head.
We have a PBX which we don't control (and hate) which expects only
certain makes/models phones to register (it checks for user agents).
I have a phone which unfortunately doesn't support tweaking its user
agent, so I'd like to pass it through an extremely SIP proxy to have
it's user agent tweaked and all other data to/from the PBX transparently
let through.
I've managed to knock up something (that isn't a proxy) using Asterisk
where I made a trunk and a peer... but obviously since this isn't a
proxy... things like BLF and transferring calls will never work.
If anyone can point me in the direction of a really simple set up to
achieve this, please let me know :)
--
Steven Maddox
Hello,
I'm testing kazoo module for use with RabbitMQ
I noticed there is a required parameter that is not listed in the
documentation:
http://kamailio.org/docs/modules/devel/modules/kazoo
modparam("kazoo", "pua_mode", 0)
The above parameter is required but not documented. Can someone please
update the documentation?
Thank you.
/V
