sr-users May 2019

sr-users@lists.kamailio.org

84 participants
97 discussions

by Phillman25 Kyriacou

Dear List I have an issue with topoh module. Specifically for in-dialog requests, if the encoded uri is altered i.e. initial encoded contact uri is Contact: <sip:X.X.X.X;line=sr-huAWi7oPBYsF.cC0L2lWOUlPwbSWOUl6wURTw24W> and UAS sends an in-dialog INVITE like this adding tgrp and user=phone: INVITE sip:X.X.X.X;line=sr-huAWi7oPBYsF.cC0L2lWOUlPwbSWOUl6wURTw24W;tgrp=1069912311;user=phone Kamailio cant seem to match/decode this and responds "404 Not Found" I have also set: modparam("topoh", "uri_prefix_checks", 0) As specified here: https://www.kamailio.org/docs/modules/4.4.x/modules/topoh.html#idp37582868 But still doesn't work. Is there a bug with this module? # ==================================================== # ================ TOPOLOGY HIDING =================== # ==================================================== modparam("topoh", "mask_key", "secret") modparam("topoh", "mask_ip", "X.X.X.X") modparam("topoh", "mask_callid", 0) modparam("topoh", "uparam_name", "line") modparam("topoh", "uparam_prefix", "sr-") modparam("topoh", "vparam_name", "branch") modparam("topoh", "vparam_prefix", "z9hG4bKsr-") modparam("topoh", "uri_prefix_checks", 0) Thanks in advance for your support Phillip

5 years, 2 months

Stack smash error when using auth_ephemeral with KEMI

by Grant Bagdasarian

Hello, I was trying out the auth_ephemeral module inside the xhttp event_route in Python KEMI, and discovered a possible bug. https://pastebin.com/4Ghumfis The following will result in the stack smash error. Whenever I leave out the unixtimestamp the module will complain about not being able to convert to an int, which make sense, but doesn't lead to a stack smash error and a complete crash of Kamailio. KSR.auth_ephemeral.autheph_authenticate("1576734089:grant", "1234"). According to the documentation this module can only be used in REQUEST_ROUTE, but I found a presentation online which also used this module and that particular function in event_route, which is what I need for WebSocket authentication. Hope this helps. Please let me know if you need more information. Regards, Grant

5 years, 2 months

Kamailio 5.2.2 IMS authorization failed by the SCSCF

by Woscek, Martin W.

Hi, We are getting a SIP 401 Unauthorized -Challenging the UE error originating by the SCSCF. It looks to be related to the nonce/cnonce. Is there something we have misconfigured in our SCSCF module? Log output: May 1 14:01:45 imskamailio /usr/local/sbin/kamailio[18489]: DEBUG: ims_auth [authorize.c:786]: authenticate(): Nonce or response missing: nonce len [-108158976], response16 len[1873606560] May 1 14:01:45 imskamailio /usr/local/sbin/kamailio[18492]: DEBUG: ims_auth [utils.c:168]: get_nonce_response(): Calling find_credentials with realm [ims522.irisims.org] May 1 14:01:45 imskamailio /usr/local/sbin/kamailio[18492]: DEBUG: ims_auth [utils.c:195]: get_nonce_response(): Found nonce response May 1 14:01:45 imskamailio /usr/local/sbin/kamailio[18492]: INFO: ims_auth [authorize.c:827]: authenticate(): uri=sip:irisims.org nonce=9863c63855c8dd888c5c18e79fc61156 response=ce7ce73872b92aff2defa76dd1aff1ac qop=auth-int nc=00000001 cnonce=4fe4daacd69fa3d609c8b396d331eae6 hbody=d41d8cd98f00b204e9800998ecf8427e May 1 14:01:45 imskamailio /usr/local/sbin/kamailio[18492]: DEBUG: ims_auth [rfc2617.c:135]: calc_response(): calc_response(_ha1=7a1b479a0513914e71bcd6d005b3e17d, _nonce=9863c63855c8dd888c5c18e79fc61156, _nc=00000001,_cnonce=4fe4daacd69fa3d609c8b396d331eae6, _qop=auth-int, _auth_int=1,_method=REGISTER,_uri=sip:irisims.org,_hentity=d41d8cd98f00b204e9800998ecf8427e) Thanks, Martin

5 years, 2 months

New voisonics.com - Kamailio related products and services

by David Cunningham

Hello, Usually it's our client's VoIP technology being updated. Fortunately we found a little spare time to completely revamp the Voisonics website as well! https://voisonics.com/ Voisonics provides products and services in the commercial VoIP and hosted PBX sector; in particular relating to Kamailio, Asterisk, and Enswitch. The business has been specialising in this area for almost 10 years. Please feel free to contact me off-list with any questions. Kind regards, -- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782

5 years, 2 months

Support for JWT token authentication?

by David Dean

I came across this thread from Jan 2015 discussing the addition of JWT token authentication to Kamailio: https://github.com/kamailio/kamailio/issues/29 Was JWT authentication ever added? Or has anyone else on this list got JWT working somehow?

5 years, 2 months

CSeq not incrementing - app_ruby

by Andrew White

Hi all, I’m still building with app_ruby and loving it - for the most part! I’m having an issue with one of my providers responding with a 482 on auth invite. Researching, it appears that my CSeq isn’t incrementing and this is the reason for the issue. I already have the relevant flag set in my kamailio.cfg however: modparam("dialog", "track_cseq_updates", 1) During my uac_auth, I’ve tried manually setting the diff, as well as running msg_iflag_reset (as suggested by Daniel - https://github.com/kamailio/kamailio/issues/1359 <https://github.com/kamailio/kamailio/issues/1359> - unfortunately the function isn’t exported in KEMI): if KSR::UAC.uac_auth() then KSR.info("UAC authed, relaying") #KSR::COREX.msg_iflag_reset("UAC_AUTH") KSR::PV.sets("$dlg_var(cseq_diff)", "1") KSR.info("CSeq diff: #{KSR::PV.gete("$dlg_var(cseq_diff)")}") KSR::TM.t_relay() Unfortunately in both cases the actual CSeq doesn’t increment in the second INVITE: INVITE 1 (unauthenticated): > CSeq: 102 INVITE INVITE 2 (with Authorization header): > CSeq: 102 INVITE I’m unsure if I’ve missed something silly around the track_cseq_updates flag, or if app_ruby somehow isn’t interacting with the dialog module when running uac_auth to trigger the increment? Thanks! Kind regards, Andrew

5 years, 2 months

listening at link local IPv6 address

by Juha Heinanen

My K host is behind a mobile WiFi hotspot and I tried to make K listen at the IPv6 address fe80::6e29:95ff:fe7d:37e6/64 that the host has received from the hotspot. Using that address on listen line gives error: Apr 21 08:55:18 salmon /usr/bin/sip-proxy[6887]: ERROR: <core> [core/udp_server.c:395]: udp_init(): bind(8, 0x7ff97dfb3fe4, 28) on FE80:0:0:0:6E29:95FF:FE7D:37E6: Invalid argument Apr 21 08:55:18 salmon /usr/bin/sip-proxy[6887]: ERROR: <core> [core/udp_server.c:401]: udp_init(): might be caused by using a link local address, try site local or global I can ping that address like this: $ ping6 fe80::6e29:95ff:fe7d:37e6%wlp1s0 PING fe80::6e29:95ff:fe7d:37e6%wlp1s0(fe80::6e29:95ff:fe7d:37e6%wlp1s0) 56 data bytes 64 bytes from fe80::6e29:95ff:fe7d:37e6%wlp1s0: icmp_seq=1 ttl=64 time=0.030 ms I then tried to add %wlp1s0 suffix to the listen address, but got error: Apr 21 09:10:35 salmon sip-proxy[7896]: 0(7948) CRITICAL: <core> [core/cfg.y:3510]: yyerror_at(): parse error in config file /etc/sip-proxy/sip-proxy.cfg, line 408, column 34: ip address, interface name or hostname expected Did I do something wrong? If not, why is it that K cannot listen at a link local address? It is something that Linux networking stack does not support? -- Juha

5 years, 2 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users May 2019