24 Oct
2014
24 Oct
'14
10:50 p.m.
Having a hard time piecing together lots of pieces out of context.
Here's what I want:
1. User logs in to my web app via its own authentication mechanisms.
2. Via an authenticated REST endpoint, my web app connects to the
ephemeral auth service and returns a temporary username/password to the
client.
3. The client connects to a web socket SIP interface, authenticating
with the username/password it was given.
4. I'd also like to support authentication via standard SIP client using
the user's default username/password, but that's a bit down the road still.
Here is my kamailio-local.cfg. I'm using the web socket example copied
from the docs, with a little cleanup and a few optional checks removed
for now.
loadmodule "db_mongodb.so"
#!define DBURL "mongodb://mongo/perceptron"
#!define WITH_AUTH
#!define WITH_NAT
loadmodule "xhttp.so"
#modparam("xhttp", "url_match", "^/sip/")
tcp_accept_no_cl=yes
loadmodule "msrp.so" # Only required if using MSRP over WebSockets
loadmodule "websocket.so"
loadmodule "auth_ephemeral.so"
modparam("auth_ephemeral", "secret", "Kamailio rulez!!11")
event_route[xhttp:request] {
set_reply_close();
set_reply_no_connect();
# xlog("L_DBG", "HTTP Request Received\n");
if ($hdr(Upgrade) =~ "websocket" && $hdr(Connection) =~
"Upgrade" &&
$rm=~ "GET" ) {
# Validate Host - make sure the client is using the correct
# alias for WebSockets
if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) {
# xlog("L_WARN", "Bad host $hdr(Host)\n");
xhttp_reply("403", "Forbidden", "", "");
exit;
}
if (ws_handle_handshake()) {
exit;
}
}
xhttp_reply("404", "Not found", "", "");
}
When I attempt to validate this, I get:
0(1) ERROR: <core> [pvapi.c:790]: pv_parse_spec2(): error searching
pvar "hdr"
0(1) ERROR: <core> [pvapi.c:994]: pv_parse_spec2(): wrong char [U/85]
in [$hdr(
Upgrade)] at [5 (5)]
0(1) : <core> [cfg.y:3436]: yyerror_at(): parse error in config file
/usr/local
/etc/kamailio/kamailio-local.cfg, line 28, column 7-19: Can't get from
cache: $h
dr(Upgrade)
ERROR: bad config file (1 errors)
I don't know what that means. I've copied the config directly from the
website.
I tried quoting "Upgrade" and such in the $hdr lines, but that gives me:
0(1) ERROR: <core> [pvapi.c:790]: pv_parse_spec2(): error searching
pvar "hdr"
0(1) ERROR: <core> [pvapi.c:994]: pv_parse_spec2(): wrong char ["/34]
in [$hdr(
"Upgrade")] at [5 (5)]
0(1) : <core> [cfg.y:3436]: yyerror_at(): parse error in config file
/usr/local
/etc/kamailio/kamailio-local.cfg, line 28, column 7-21: Can't get from
cache: $h
dr("Upgrade")
ERROR: bad config file (1 errors)
What am I missing here?
I also had to comment out the xlog lines because those gave me errors.
Do I need another module loaded to use xlog?
Finally, does anyone have a working, complete example of SIP over web
sockets with ephemeral auth integrated? I'm not sure if I should be
checking the ephemeral auth credentials in the web sockets code, the SIP
routes or somewhere else. I'm also not sure how I should set up
authentication such that users can log in with both their standard
credentials or those retrieved via the ephemeral auth module.
Thanks.
27 Oct
27 Oct
12:18 p.m.
The important part is this:
wrong char [U/85]
in [$hdr(
Upgrade)] at [5 (5)]
You have a unicode newline character after the opening parenthesis. You
should remove this and any other instances of weird characters which have
become inserted in your config.
On 24 October 2014 18:50, Nolan Darilek <nolan(a)thewordnerd.info> wrote:
Having a hard time piecing together lots of pieces out
of context.
Here's what I want:
1. User logs in to my web app via its own authentication mechanisms.
2. Via an authenticated REST endpoint, my web app connects to the
ephemeral auth service and returns a temporary username/password to the
client.
3. The client connects to a web socket SIP interface, authenticating
with the username/password it was given.
4. I'd also like to support authentication via standard SIP client using
the user's default username/password, but that's a bit down the road still.
Here is my kamailio-local.cfg. I'm using the web socket example copied
from the docs, with a little cleanup and a few optional checks removed
for now.
loadmodule "db_mongodb.so"
#!define DBURL "mongodb://mongo/perceptron"
#!define WITH_AUTH
#!define WITH_NAT
loadmodule "xhttp.so"
#modparam("xhttp", "url_match", "^/sip/")
tcp_accept_no_cl=yes
loadmodule "msrp.so" # Only required if using MSRP over WebSockets
loadmodule "websocket.so"
loadmodule "auth_ephemeral.so"
modparam("auth_ephemeral", "secret", "Kamailio rulez!!11")
event_route[xhttp:request] {
set_reply_close();
set_reply_no_connect();
# xlog("L_DBG", "HTTP Request Received\n");
if ($hdr(Upgrade) =~ "websocket" && $hdr(Connection) =~
"Upgrade" &&
$rm=~ "GET" ) {
# Validate Host - make sure the client is using the correct
# alias for WebSockets
if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) {
# xlog("L_WARN", "Bad host $hdr(Host)\n");
xhttp_reply("403", "Forbidden", "", "");
exit;
}
if (ws_handle_handshake()) {
exit;
}
}
xhttp_reply("404", "Not found", "", "");
}
When I attempt to validate this, I get:
0(1) ERROR: <core> [pvapi.c:790]: pv_parse_spec2(): error searching
pvar "hdr"
0(1) ERROR: <core> [pvapi.c:994]: pv_parse_spec2(): wrong char [U/85]
in [$hdr(
Upgrade)] at [5 (5)]
0(1) : <core> [cfg.y:3436]: yyerror_at(): parse error in config file
/usr/local
/etc/kamailio/kamailio-local.cfg, line 28, column 7-19: Can't get from
cache: $h
dr(Upgrade)
ERROR: bad config file (1 errors)
I don't know what that means. I've copied the config directly from the
website.
I tried quoting "Upgrade" and such in the $hdr lines, but that gives me:
0(1) ERROR: <core> [pvapi.c:790]: pv_parse_spec2(): error searching
pvar "hdr"
0(1) ERROR: <core> [pvapi.c:994]: pv_parse_spec2(): wrong char ["/34]
in [$hdr(
"Upgrade")] at [5 (5)]
0(1) : <core> [cfg.y:3436]: yyerror_at(): parse error in config file
/usr/local
/etc/kamailio/kamailio-local.cfg, line 28, column 7-21: Can't get from
cache: $h
dr("Upgrade")
ERROR: bad config file (1 errors)
What am I missing here?
I also had to comment out the xlog lines because those gave me errors.
Do I need another module loaded to use xlog?
Finally, does anyone have a working, complete example of SIP over web
sockets with ephemeral auth integrated? I'm not sure if I should be
checking the ephemeral auth credentials in the web sockets code, the SIP
routes or somewhere else. I'm also not sure how I should set up
authentication such that users can log in with both their standard
credentials or those retrieved via the ephemeral auth module.
Thanks.
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
3688
days inactive
3691
days old
1 comments
2 participants
participants (2)
-
Ben Langfeld -
Nolan Darilek