24 Nov
2016
24 Nov
'16
4:34 p.m.
Hello Daniel,
That good idea, I will need help with sqlops to update information properly. Make sure the
query is optimal. I will still can use if(m_store("$tu")), because it maintain
offline notification, but I can use something like this. For dump I will put uac.
route[OFFLINE_MESSAGE] {
if(!is_method("MESSAGE")) {
return;
}
if(isflagset(FLAG_FROM_PEER)) {
if(!lookup("location")) {
xlog("L_INFO", "User $tU domain $td offline. Trying store SMS for later
delivery\n");
xlog("L_INFO", "SMS received from $fU to $tU domain [$td] --> storing
using MSILO\n");
# MSILO - storing as offline message
if(m_store("$tu")) {
xlog("L_INFO", "MSILO: offline message stored\n");
# Encrypt stored offline message
crypto_aes_encrypt("$rb", "mykey", "$avp(encrypted)");
sql_pvquery("cb", "select * from silo ORDER BY id DESC LIMIT
1","$avp(id)");
sql_query_async("cb","UPDATE silo SET body = $avp(encrypted) WHERE id =
$avp(id)");
if(is_request()) {
if(!sl_send_reply("202", "Accepted")) {
sl_reply_error();
}
} else {
xlog("L_INFO", "MSILO: offline message NOT stored\n");
#if(!sl_send_reply("503", "Service Unavailable")) {
# sl_reply_error();
#}
}
}
t_on_failure("SMS_FAIL_ROUTE");
exit;
}
}
}
Slava.
From: "Daniel-Constantin Mierla" <miconda(a)gmail.com>
To: "sr-users" <sr-users(a)lists.sip-router.org>
Sent: Thursday, 24 November, 2016 06:45:48
Subject: Re: [SR-Users] msilo
I expect the encryption/decryption can be done with some triggers in mysql server.
In kamailio config you can use crypto module to encrypt a text and store it in a variable:
- https://www.kamailio.org/docs/modules/stable/modules/crypto.html
Then you can use sqlops to insert into the database. The issue comes when dumping stored
messages... probably you can just replace msilo with sqlops+uac at the expense of a more
complex configuration file.
On the other hand, probably adds some privacy to the local platform operators, which have
access only to the mysql, because the key will be in kamailio.cfg. For full privacy, the
endpoints should do the encryption/decryption with a key they agreed before, without being
known by the server.
Cheers,
Daniel
On 24/11/2016 05:28, Slava Bendersky wrote:
Sent message to mailing list
From: "volga629" <volga629(a)skillsearch.ca>
To: miconda(a)gmail.com
Sent: Thursday, 24 November, 2016 00:25:30
Subject: Re: [SR-Users] msilo
Hello Everyone,
I want to ask about another improvement for MSILO module. If possible encrypt BODY column
in database. That will improve some privacy concerns for storing body in plain text.
Slava.
--
Daniel-Constantin Mierla http://twitter.com/#!/miconda -
http://www.linkedin.com/in/miconda Kamailio Advanced Training, Berlin, Nov 28-30, 2016 -
http://www.asipto.com
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
25 Nov
25 Nov
5:59 p.m.
New subject: msilo
Hello,
the order you use to store and update the record is not safe, other
messages from different users can be stored by another kamailio process.
Use callid and username to select the last record inserted matching
them, eventually protected with lock/unlock from cfgutils.
Cheers,
Daniel
On 24/11/2016 14:34, Slava Bendersky wrote:
Hello Daniel,
That good idea, I will need help with sqlops to update information
properly. Make sure the query is optimal. I will still can
use if(m_store("$tu")), because it maintain offline notification, but
I can use something like this. For dump I will put uac.
route[OFFLINE_MESSAGE] {
if(!is_method("MESSAGE")) {
return;
}
if(isflagset(FLAG_FROM_PEER)) {
if(!lookup("location")) {
xlog("L_INFO", "User $tU domain $td offline. Trying store SMS for
later delivery\n");
xlog("L_INFO", "SMS received from $fU to $tU domain [$td] --> storing
using MSILO\n");
# MSILO - storing as offline message
if(m_store("$tu")) {
xlog("L_INFO", "MSILO: offline message stored\n");
# Encrypt stored offline message
crypto_aes_encrypt("$rb", "mykey", "$avp(encrypted)");
sql_pvquery("cb", "select * from silo ORDER BY id DESC LIMIT
1","$avp(id)");
sql_query_async("cb","UPDATE silo SET body = $avp(encrypted) WHERE id
= $avp(id)");
if(is_request()) {
if(!sl_send_reply("202", "Accepted")) {
sl_reply_error();
}
} else {
xlog("L_INFO", "MSILO: offline message NOT stored\n");
#if(!sl_send_reply("503", "Service Unavailable")) {
# sl_reply_error();
#}
}
}
t_on_failure("SMS_FAIL_ROUTE");
exit;
}
}
}
Slava.
------------------------------------------------------------------------
*From: *"Daniel-Constantin Mierla" <miconda(a)gmail.com>
*To: *"sr-users" <sr-users(a)lists.sip-router.org>
*Sent: *Thursday, 24 November, 2016 06:45:48
*Subject: *Re: [SR-Users] msilo
I expect the encryption/decryption can be done with some triggers in
mysql server.
In kamailio config you can use crypto module to encrypt a text and
store it in a variable:
- https://www.kamailio.org/docs/modules/stable/modules/crypto.html
Then you can use sqlops to insert into the database. The issue comes
when dumping stored messages... probably you can just replace msilo
with sqlops+uac at the expense of a more complex configuration file.
On the other hand, probably adds some privacy to the local platform
operators, which have access only to the mysql, because the key will
be in kamailio.cfg. For full privacy, the endpoints should do the
encryption/decryption with a key they agreed before, without being
known by the server.
Cheers,
Daniel
On 24/11/2016 05:28, Slava Bendersky wrote:
Sent message to mailing list
------------------------------------------------------------------------
*From: *"volga629" <volga629(a)skillsearch.ca>
*To: *miconda(a)gmail.com
*Sent: *Thursday, 24 November, 2016 00:25:30
*Subject: *Re: [SR-Users] msilo
Hello Everyone,
I want to ask about another improvement for MSILO module. If
possible encrypt BODY column in database. That will improve some
privacy concerns for storing body in plain text.
Slava.
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Berlin, Nov 28-30, 2016 - http://www.asipto.com
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Berlin, Nov 28-30, 2016 - http://www.asipto.com
2922
days inactive
2923
days old
1 comments
2 participants
participants (2)
-
Daniel-Constantin Mierla -
Slava Bendersky