Hi all!
How are you?
I have a kamailio instance and some users are having issues connecting
via websocket using TLS. The logs show SSLv3 errors. Cannot find why
that error would show up if SSLv2/3 is not enabled. Double checked it
via SSLLabs that only TLSv1.2 is allowed in the service.
Error sample:
```
15(36) ERROR: tls [tls_util.h:42]: tls_err_ret(): TLS
accept:error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert
certificate unknown
15(36) ERROR: <core> [core/tcp_read.c:1512]: tcp_read_req(): ERROR:
tcp_read_req: error reading - c: 0x7fafc8768190 r: 0x7fafc8768278 (-1)
```
This instance has close to 400 websocket connections opened during the
day. I have a high log level enabled. I was not able to identify any
reason why this happens. The certificate is a Letsencrypt certificate.
The issue is that sometimes clients have a hard time connecting to the
websocket and that maybe related. Below are a few more details about
the config. Please let me know if you have any pointers on how to
debug those connection issues.
8<-----
TLS config:
modparam("tls", "tls_method", "TLSv1.2+")
modparam("tls", "verify_certificate", 0)
modparam("tls", "require_certificate", 0)
modparam("tls", "low_mem_threshold1", 0)
modparam("tls", "low_mem_threshold2", 0)
modparam("tls", "private_key", "/etc/certs/tls.key")
modparam("tls", "certificate", "/etc/certs/tls.crt")
version: kamailio 5.3.9 (x86_64/linux)
8<-----
This is related to the issue
https://github.com/kamailio/kamailio/issues/3085 (as pointed out it is
not a problem in Kamailio code).
Thanks,
Vinicius
Hello to everyone,
we have a Kamailio 5.5 + RTPEngine deployment.
Some devices will send an invite with both audio and video in the offer and
we are trying to disable the video portion of the invite by either setting
the video port to 0 or by setting a=inactive in the video portion of the
SDP packet.
We know that sdpops has a function that would be able to remove the video
portion but it violates standards so we can't use it.
We need to disable the video in the SDP offers because one of the pstn
providers we are using doesn't accept invites that contain a video offer.
I've spent days searching but I can't find an obvious way of achieving this.
We were originally doing it with textops but we've been having some issues
where the sdp wouldn't be modified correctly in reinvites after the
original call is in place so we're looking for alternatives.
Can someone please help us?
Thanks in advance
Simone de Blasiis
Hello guys,
We have a cluster of about 10 kamilios 5.4 with several million htable
records.
Restarting any server is not a problem, CPU goes ip for a second but
everything comes back down to normal.
We added a 5.5 by mistake and it won't start, it'll just eat up memory
until it bails out with
qm_malloc(): qm_malloc(0x149dd5ebb000, 16016) called from tm: h_table.c:
build_cell(334), module: tm; Free fragment not found!
Is there any known issue between DMQ 5.4 and 5.5?
Regards,
David Villasmil
email: david.villasmil.work(a)gmail.com
phone: +34669448337
Hello,
we noticed the exact behaviour on Kamailio 5.5.4 and topos.
If we disable topos the UPDATE messages are being recognized as loose in
the WITHINDLG route and everything works.
When topos is enabled the UPDATE messages fail the loose_route() check and
even if we force the record_route() the message is still not being
forwarded.
I had just posted my own thread here
<https://lists.kamailio.org/pipermail/sr-users/2022-April/114710.html> because
I didn't see this one.
I'll proceed opening an issue on GitHub so we can track this.
Best regards
Simone
Hello,
we noticed the exact behaviour on Kamailio 5.5.4 and topos.
If we disable topos the UPDATE messages are being recognized as loose in
the WITHINDLG route and everything works.
When topos is enabled the UPDATE messages fail the loose_route() check and
even if we force the record_route() the message is still not being
forwarded.
I had just posted my own thread here
<https://lists.kamailio.org/pipermail/sr-users/2022-April/114710.html> because
I didn't see this one.
I'll proceed opening an issue on GitHub so we can track this.
Best regards
Simone
Hello to everyone,
we are experiencing some issues with UPDATE messages being sent by the PSTN
after an early media announcement.
To reproduce the issue I have to call a specific number that has an early
media announcement, since it's a paid phone number it has to announce how
much it would cost before picking up the call. In this initial part the
call is being negotiated in g711a.
As soon as the announcement ends, the PSTN sends an UPDATE message
containing the new desidered codec from the callee which is g729.
At this moment Kamailio doesn't route the UPDATE message to the destination
and it actually replies with a 404 message.
I've attached a pcap with anonymized IPs to make it harder for bots.
Here is a legend for the IPs:
-
- 12.34.123.123 is Kamailio
- 62.23.19.74 is the PSTN
- 1.2.130.40 is the client making the call
I found a similar report <https://github.com/kamailio/kamailio/issues/2659>
in the GitHub issues of the repository and we tried forcing the
record_route() as suggested but, as the OP reported in his last message,
it's not working.
As soon as we disable topos, the UPDATE message is correctly relayed to the
caller.
In the documentation we can't find anything that could give us a hint on
what's happening.
Does anyone have any idea on what could be happening?
Thanks in advance
Simone
Hi all
I've been checking for adding rcd info to te stir/shaken stuff using secspid
module. I've only found this thread:
https://lists.kamailio.org/pipermail/sr-dev/2021-June/063156.html
I'd like to know if someone has working code snippet using this function to
create/sign the json containing the rcd and creating the Identity header
instead of calling the all_in_one secsipid_add_identity function I'm using now.
cheers,
Jon
--
PekePBX, the multitenant PBX solution
https://pekepbx.com
Hello,
I'm using sql_xquery from sqlops module to execute requests on a PostgreSQL database.
This work fine.
Now, for performance reasons, I would like to use prepared statements.
I'm wondering if this is possible using sql_xquery. I've looked at the code and documentation, it seems it is not supported.
Can you confirm ?
If not possible with sql_xquery, is it possible with another existing function ?
In the code, I've searched for < PQprepare > / < PQexecPrepared >.
These can be found only in < modules/db_postgres/pg_cmd.c >, in function < pg_cmd_exec > which is exported from < modules/db_postgres/pg_mod.c > (see below).
I have no idea how to use these though... :/
Any ideas ?
/*
* Postgres module interface
*/
static cmd_export_t cmds[] = {
{"db_ctx", (cmd_function)NULL, 0, 0, 0, 0},
{"db_con", (cmd_function)pg_con, 0, 0, 0, 0},
{"db_uri", (cmd_function)pg_uri, 0, 0, 0, 0},
{"db_cmd", (cmd_function)pg_cmd, 0, 0, 0, 0},
{"db_put", (cmd_function)pg_cmd_exec, 0, 0, 0, 0},
{"db_del", (cmd_function)pg_cmd_exec, 0, 0, 0, 0},
{"db_get", (cmd_function)pg_cmd_exec, 0, 0, 0, 0},
{"db_upd", (cmd_function)pg_cmd_exec, 0, 0, 0, 0},
{"db_sql", (cmd_function)pg_cmd_exec, 0, 0, 0, 0},
{"db_res", (cmd_function)pg_res, 0, 0, 0, 0},
{"db_fld", (cmd_function)pg_fld, 0, 0, 0, 0},
{"db_first", (cmd_function)pg_cmd_first, 0, 0, 0, 0},
{"db_next", (cmd_function)pg_cmd_next, 0, 0, 0, 0},
{"db_setopt", (cmd_function)pg_setopt, 0, 0, 0, 0},
{"db_getopt", (cmd_function)pg_getopt, 0, 0, 0, 0},
{"db_bind_api", (cmd_function)db_postgres_bind_api, 0, 0, 0, 0},
{0, 0, 0, 0, 0, 0}
};
Regards,
Nicolas.
This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message.
Hello,
I am attempting to get Kamailio to run as a docker container using a docker network of type network=overlay (everything works great if network=host). The issue is that incoming calls are rejected because of 'connection refused'. I noticed that when running on an overlay network, netstat shows the following => tcp6 0 0 :::5060 :::* LISTEN 10001/docker-proxy-current
(Note that I have tcp6 disabled on the server and must leave it disabled)
I was attempting to find a workaround for this issue, but have not been successful. Does any one on the board have experience with Docker overlay networks and Kamailio? If so, I would appreciate any suggestions on how to resolve this issue.
Thank you,