sr-users April 2022

sr-users@lists.kamailio.org

49 participants
63 discussions

by Vinicius Kwiecien Ruoso

Hi all! How are you? I have a kamailio instance and some users are having issues connecting via websocket using TLS. The logs show SSLv3 errors. Cannot find why that error would show up if SSLv2/3 is not enabled. Double checked it via SSLLabs that only TLSv1.2 is allowed in the service. Error sample: ``` 15(36) ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS accept:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown 15(36) ERROR: <core> [core/tcp_read.c:1512]: tcp_read_req(): ERROR: tcp_read_req: error reading - c: 0x7fafc8768190 r: 0x7fafc8768278 (-1) ``` This instance has close to 400 websocket connections opened during the day. I have a high log level enabled. I was not able to identify any reason why this happens. The certificate is a Letsencrypt certificate. The issue is that sometimes clients have a hard time connecting to the websocket and that maybe related. Below are a few more details about the config. Please let me know if you have any pointers on how to debug those connection issues. 8<----- TLS config: modparam("tls", "tls_method", "TLSv1.2+") modparam("tls", "verify_certificate", 0) modparam("tls", "require_certificate", 0) modparam("tls", "low_mem_threshold1", 0) modparam("tls", "low_mem_threshold2", 0) modparam("tls", "private_key", "/etc/certs/tls.key") modparam("tls", "certificate", "/etc/certs/tls.crt") version: kamailio 5.3.9 (x86_64/linux) 8<----- This is related to the issue https://github.com/kamailio/kamailio/issues/3085 (as pointed out it is not a problem in Kamailio code). Thanks, Vinicius

2 years, 7 months

How to disable video in invite with both audio and video

by Simone de Blasiis

Hello to everyone, we have a Kamailio 5.5 + RTPEngine deployment. Some devices will send an invite with both audio and video in the offer and we are trying to disable the video portion of the invite by either setting the video port to 0 or by setting a=inactive in the video portion of the SDP packet. We know that sdpops has a function that would be able to remove the video portion but it violates standards so we can't use it. We need to disable the video in the SDP offers because one of the pstn providers we are using doesn't accept invites that contain a video offer. I've spent days searching but I can't find an obvious way of achieving this. We were originally doing it with textops but we've been having some issues where the sdp wouldn't be modified correctly in reinvites after the original call is in place so we're looking for alternatives. Can someone please help us? Thanks in advance Simone de Blasiis

2 years, 7 months

DMQ sync issue between 5.4 and 5.5

by David Villasmil

Hello guys, We have a cluster of about 10 kamilios 5.4 with several million htable records. Restarting any server is not a problem, CPU goes ip for a second but everything comes back down to normal. We added a 5.5 by mistake and it won't start, it'll just eat up memory until it bails out with qm_malloc(): qm_malloc(0x149dd5ebb000, 16016) called from tm: h_table.c: build_cell(334), module: tm; Free fragment not found! Is there any known issue between DMQ 5.4 and 5.5? Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337

2 years, 7 months

"Re: TOPOS (5.1.[23]) breaks PRACK"

by Simone de Blasiis

Hello, we noticed the exact behaviour on Kamailio 5.5.4 and topos. If we disable topos the UPDATE messages are being recognized as loose in the WITHINDLG route and everything works. When topos is enabled the UPDATE messages fail the loose_route() check and even if we force the record_route() the message is still not being forwarded. I had just posted my own thread here <https://lists.kamailio.org/pipermail/sr-users/2022-April/114710.html> because I didn't see this one. I'll proceed opening an issue on GitHub so we can track this. Best regards Simone

2 years, 7 months

Re: [SR-Users] TOPOS (5.1.[23]) breaks PRACK

by Simone de Blasiis

2 years, 7 months

Problems with topos and UPDATE messages

by Simone de Blasiis

Hello to everyone, we are experiencing some issues with UPDATE messages being sent by the PSTN after an early media announcement. To reproduce the issue I have to call a specific number that has an early media announcement, since it's a paid phone number it has to announce how much it would cost before picking up the call. In this initial part the call is being negotiated in g711a. As soon as the announcement ends, the PSTN sends an UPDATE message containing the new desidered codec from the callee which is g729. At this moment Kamailio doesn't route the UPDATE message to the destination and it actually replies with a 404 message. I've attached a pcap with anonymized IPs to make it harder for bots. Here is a legend for the IPs: - - 12.34.123.123 is Kamailio - 62.23.19.74 is the PSTN - 1.2.130.40 is the client making the call I found a similar report <https://github.com/kamailio/kamailio/issues/2659> in the GitHub issues of the repository and we tried forcing the record_route() as suggested but, as the OP reported in his last message, it's not working. As soon as we disable topos, the UPDATE message is correctly relayed to the caller. In the documentation we can't find anything that could give us a hint on what's happening. Does anyone have any idea on what could be happening? Thanks in advance Simone

2 years, 7 months

rcd using secspid

by Jon Bonilla (Manwe)

Hi all I've been checking for adding rcd info to te stir/shaken stuff using secspid module. I've only found this thread: https://lists.kamailio.org/pipermail/sr-dev/2021-June/063156.html I'd like to know if someone has working code snippet using this function to create/sign the json containing the rcd and creating the Identity header instead of calling the all_in_one secsipid_add_identity function I'm using now. cheers, Jon -- PekePBX, the multitenant PBX solution https://pekepbx.com

2 years, 7 months

PostgreSQL - module sqlops - working with prepared statements ?

by Chaigneau, Nicolas

Hello, I'm using sql_xquery from sqlops module to execute requests on a PostgreSQL database. This work fine. Now, for performance reasons, I would like to use prepared statements. I'm wondering if this is possible using sql_xquery. I've looked at the code and documentation, it seems it is not supported. Can you confirm ? If not possible with sql_xquery, is it possible with another existing function ? In the code, I've searched for < PQprepare > / < PQexecPrepared >. These can be found only in < modules/db_postgres/pg_cmd.c >, in function < pg_cmd_exec > which is exported from < modules/db_postgres/pg_mod.c > (see below). I have no idea how to use these though... :/ Any ideas ? /* * Postgres module interface */ static cmd_export_t cmds[] = { {"db_ctx", (cmd_function)NULL, 0, 0, 0, 0}, {"db_con", (cmd_function)pg_con, 0, 0, 0, 0}, {"db_uri", (cmd_function)pg_uri, 0, 0, 0, 0}, {"db_cmd", (cmd_function)pg_cmd, 0, 0, 0, 0}, {"db_put", (cmd_function)pg_cmd_exec, 0, 0, 0, 0}, {"db_del", (cmd_function)pg_cmd_exec, 0, 0, 0, 0}, {"db_get", (cmd_function)pg_cmd_exec, 0, 0, 0, 0}, {"db_upd", (cmd_function)pg_cmd_exec, 0, 0, 0, 0}, {"db_sql", (cmd_function)pg_cmd_exec, 0, 0, 0, 0}, {"db_res", (cmd_function)pg_res, 0, 0, 0, 0}, {"db_fld", (cmd_function)pg_fld, 0, 0, 0, 0}, {"db_first", (cmd_function)pg_cmd_first, 0, 0, 0, 0}, {"db_next", (cmd_function)pg_cmd_next, 0, 0, 0, 0}, {"db_setopt", (cmd_function)pg_setopt, 0, 0, 0, 0}, {"db_getopt", (cmd_function)pg_getopt, 0, 0, 0, 0}, {"db_bind_api", (cmd_function)db_postgres_bind_api, 0, 0, 0, 0}, {0, 0, 0, 0, 0, 0} }; Regards, Nicolas. This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.

2 years, 7 months

Update: Issue when Kamailio is running as a Docker container and the Docker network=overlay

by Steve Wilkins

If I don't use 'listen', then packets do arrive on 5060.

2 years, 7 months

Issue when Kamailio is running as a Docker container and the Docker network=overlay

by Steve Wilkins

Hello, I am attempting to get Kamailio to run as a docker container using a docker network of type network=overlay (everything works great if network=host). The issue is that incoming calls are rejected because of 'connection refused'. I noticed that when running on an overlay network, netstat shows the following => tcp6 0 0 :::5060 :::* LISTEN 10001/docker-proxy-current (Note that I have tcp6 disabled on the server and must leave it disabled) I was attempting to find a workaround for this issue, but have not been successful. Does any one on the board have experience with Docker overlay networks and Kamailio? If so, I would appreciate any suggestions on how to resolve this issue. Thank you,

2 years, 7 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users April 2022