The important part is this:

wrong char [U/85] in [$hdr( Upgrade)] at [5 (5)]

You have a unicode newline character after the opening parenthesis. You should remove this and any other instances of weird characters which have become inserted in your config.

On 24 October 2014 18:50, Nolan Darilek nolan@thewordnerd.info wrote:

Having a hard time piecing together lots of pieces out of context. Here's what I want:

1. User logs in to my web app via its own authentication mechanisms.
2. Via an authenticated REST endpoint, my web app connects to the

ephemeral auth service and returns a temporary username/password to the client. 3. The client connects to a web socket SIP interface, authenticating with the username/password it was given. 4. I'd also like to support authentication via standard SIP client using the user's default username/password, but that's a bit down the road still.

Here is my kamailio-local.cfg. I'm using the web socket example copied from the docs, with a little cleanup and a few optional checks removed for now.

loadmodule "db_mongodb.so"

#!define DBURL "mongodb://mongo/perceptron"

#!define WITH_AUTH

#!define WITH_NAT

loadmodule "xhttp.so"

#modparam("xhttp", "url_match", "^/sip/")

tcp_accept_no_cl=yes

loadmodule "msrp.so" # Only required if using MSRP over WebSockets loadmodule "websocket.so"

loadmodule "auth_ephemeral.so"

modparam("auth_ephemeral", "secret", "Kamailio rulez!!11")

event_route[xhttp:request] { set_reply_close(); set_reply_no_connect();

# xlog("L_DBG", "HTTP Request Received\n");

if ($hdr(Upgrade) =~ "websocket" && $hdr(Connection) =~ "Upgrade" && $rm=~ "GET" ) { # Validate Host - make sure the client is using the correct # alias for WebSockets if ($hdr(Host) == $null || !is_myself("sip:" + $hdr(Host))) { # xlog("L_WARN", "Bad host $hdr(Host)\n"); xhttp_reply("403", "Forbidden", "", ""); exit; }

if (ws_handle_handshake()) {
  exit;
}

}

xhttp_reply("404", "Not found", "", "");

}

When I attempt to validate this, I get:

0(1) ERROR: <core> [pvapi.c:790]: pv_parse_spec2(): error searching pvar "hdr" 0(1) ERROR: <core> [pvapi.c:994]: pv_parse_spec2(): wrong char [U/85] in [$hdr( Upgrade)] at [5 (5)] 0(1) : <core> [cfg.y:3436]: yyerror_at(): parse error in config file /usr/local /etc/kamailio/kamailio-local.cfg, line 28, column 7-19: Can't get from cache: $h dr(Upgrade) ERROR: bad config file (1 errors)

I don't know what that means. I've copied the config directly from the website.

I tried quoting "Upgrade" and such in the $hdr lines, but that gives me:

0(1) ERROR: <core> [pvapi.c:790]: pv_parse_spec2(): error searching pvar "hdr" 0(1) ERROR: <core> [pvapi.c:994]: pv_parse_spec2(): wrong char ["/34] in [$hdr( "Upgrade")] at [5 (5)] 0(1) : <core> [cfg.y:3436]: yyerror_at(): parse error in config file /usr/local /etc/kamailio/kamailio-local.cfg, line 28, column 7-21: Can't get from cache: $h dr("Upgrade") ERROR: bad config file (1 errors)

What am I missing here?

I also had to comment out the xlog lines because those gave me errors. Do I need another module loaded to use xlog?

Finally, does anyone have a working, complete example of SIP over web sockets with ephemeral auth integrated? I'm not sure if I should be checking the ephemeral auth credentials in the web sockets code, the SIP routes or somewhere else. I'm also not sure how I should set up authentication such that users can log in with both their standard credentials or those retrieved via the ephemeral auth module.

Thanks.

---

SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users