Hi List,
I have Kamailio 3.0.1 running from GIT with my old 1.5.3 config file. Everything seems fine except the RPID.
I'm not getting any RPID sent in the SIP message and if I put debug=3 I see:
DEBUG: auth [rpid.c:177]: no rpid AVP
My config:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)") modparam("auth", "rpid_prefix", "<sip:") modparam("auth", "rpid_suffix","@asterisk.ie ;party=calling;id-type=subscriber;privacy=off;screen=yes>")
# auth_db
modparam("auth_db", "db_url", "mysql://openser:XSXXXX@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid")
in my route:
append_rpid_hf();
Probably missing something very simple. Any help would be appreciated.
Thanks, Stephen.
Sounds like $avp(s:rpid) is not set at the time that you're calling append_rpid_hf().
On 03/25/2010 08:46 AM, dotnetdub wrote:
Hi List,
I have Kamailio 3.0.1 running from GIT with my old 1.5.3 config file. Everything seems fine except the RPID.
I'm not getting any RPID sent in the SIP message and if I put debug=3 I see:
DEBUG: auth [rpid.c:177]: no rpid AVP
My config:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)") modparam("auth", "rpid_prefix", "<sip:") modparam("auth", "rpid_suffix","@asterisk.ie http://asterisk.ie;party=calling;id-type=subscriber;privacy=off;screen=yes>")
# auth_db
modparam("auth_db", "db_url", "mysql://openser:XSXXXX@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid")
in my route:
append_rpid_hf();
Probably missing something very simple. Any help would be appreciated.
Thanks, Stephen.
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As you can see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this subscriber.
Thanks, Stephen
On 25 March 2010 12:57, Alex Balashov abalashov@evaristesys.com wrote:
Sounds like $avp(s:rpid) is not set at the time that you're calling append_rpid_hf().
On 03/25/2010 08:46 AM, dotnetdub wrote:
Hi List,
I have Kamailio 3.0.1 running from GIT with my old 1.5.3 config file. Everything seems fine except the RPID.
I'm not getting any RPID sent in the SIP message and if I put debug=3 I see:
DEBUG: auth [rpid.c:177]: no rpid AVP
My config:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)") modparam("auth", "rpid_prefix", "<sip:") modparam("auth", "rpid_suffix","@asterisk.ie <http://asterisk.ie
;party=calling;id-type=subscriber;privacy=off;screen=yes>")
# auth_db
modparam("auth_db", "db_url", "mysql://openser:XSXXXX@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid")
in my route:
append_rpid_hf();
Probably missing something very simple. Any help would be appreciated.
Thanks, Stephen.
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As you can see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this subscriber.
Those AVPs are only loaded when www_authorize()/proxy_authorize() is called. Make sure you are doing append_rpid_hf() before consume_credentials(), also.
Hi Alex,
I moved it to before the consume_credentials() in my route script:
The sequence:
if(!proxy_authorize("" {
SCRIPT SCRIPT
append_rpid_hf();
consume_credentials();
Still getting:
sip[6820]: DEBUG: auth [rpid.c:177]: no rpid AVP
This worked perfectly in kamailio 1.x.x
Stephen.
On 25 March 2010 21:33, Alex Balashov abalashov@evaristesys.com wrote:
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As you can see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this subscriber.
Those AVPs are only loaded when www_authorize()/proxy_authorize() is called. Make sure you are doing append_rpid_hf() before consume_credentials(), also.
-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
Can you paste the (relatively complete) code block in which all this takes place in order to provide context?
On 03/25/2010 05:49 PM, dotnetdub wrote:
Hi Alex,
I moved it to before the consume_credentials() in my route script:
The sequence:
if(!proxy_authorize("" {
SCRIPT SCRIPT
append_rpid_hf(); consume_credentials();Still getting:
sip[6820]: DEBUG: auth [rpid.c:177]: no rpid AVP
This worked perfectly in kamailio 1.x.x
Stephen.
On 25 March 2010 21:33, Alex Balashov <abalashov@evaristesys.com mailto:abalashov@evaristesys.com> wrote:
On 03/25/2010 05:32 PM, dotnetdub wrote: Hi Alex, Do I need to do something different in the script to 1.5.3 ? As you can see from my first mail I am loading the avp from the DB as before. I just did this in my route: xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) "); Result: INFO: <script>: [ROUTE-4 ->] rpid test: <null> Not sure what I'm missing here: # auth modparam("auth", "rpid_avp", "$avp(s:rpid)") My subscriber table has column rpid and value is valid for this subscriber. Those AVPs are only loaded when www_authorize()/proxy_authorize() is called. Make sure you are doing append_rpid_hf() before consume_credentials(), also. -- Alex Balashov - Principal Evariste Systems LLC Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
Attached:
if(is_uri_host_local()) { if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; }
else if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } }
else { sl_send_reply("403", "Forbidden"); exit; } }
append_rpid_hf();
consume_credentials();
On 25 March 2010 21:51, Alex Balashov abalashov@evaristesys.com wrote:
Can you paste the (relatively complete) code block in which all this takes place in order to provide context?
On 03/25/2010 05:49 PM, dotnetdub wrote:
Hi Alex,
I moved it to before the consume_credentials() in my route script:
The sequence:
if(!proxy_authorize("" {
SCRIPT SCRIPT
append_rpid_hf(); consume_credentials();Still getting:
sip[6820]: DEBUG: auth [rpid.c:177]: no rpid AVP
This worked perfectly in kamailio 1.x.x
Stephen.
On 25 March 2010 21:33, Alex Balashov <abalashov@evaristesys.com mailto:abalashov@evaristesys.com> wrote:
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex, Do I need to do something different in the script to 1.5.3 ? As you can see from my first mail I am loading the avp from the DB as before. I just did this in my route: xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) "); Result: INFO: <script>: [ROUTE-4 ->] rpid test: <null> Not sure what I'm missing here: # auth modparam("auth", "rpid_avp", "$avp(s:rpid)") My subscriber table has column rpid and value is valid for this subscriber.Those AVPs are only loaded when www_authorize()/proxy_authorize() is called. Make sure you are doing append_rpid_hf() before consume_credentials(), also.
-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached:
if(is_uri_host_local()) { if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; } else if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } } else { sl_send_reply("403", "Forbidden"); exit; } } append_rpid_hf(); consume_credentials();
There is no guarantee that either append_rpid_hf() or consume_credentials() runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of logical disjunction vis-a-vis to proxy_authorize(). While not incorrect, it obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; }
if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; }
append_rpid_hf(); consume_credentials(); }
else { sl_send_reply("403", "Forbidden"); exit; } }
Hi Alex,
I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4 ->] rpid test: <null> and the rpid is not being added.
Very odd..
Stephen.
On 25 March 2010 21:57, Alex Balashov abalashov@evaristesys.com wrote:
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached:
if(is_uri_host_local()) { if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; }
else if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } } else { sl_send_reply("403", "Forbidden"); exit; } } append_rpid_hf(); consume_credentials();There is no guarantee that either append_rpid_hf() or consume_credentials() runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of logical disjunction vis-a-vis to proxy_authorize(). While not incorrect, it obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) {
if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; } if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } append_rpid_hf(); consume_credentials(); } else { sl_send_reply("403", "Forbidden"); exit; } }-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
Is the type of the 'rpid' column 'varchar'?
Odd data type incompatibility or client library version incompatibility might explain it. I agree that it is bizarre.
Perhaps it would behoove you to turn on query logging on MySQL and verify that the 'rpid' column is actually being selected in the query.
The only other thing I can think of would relate to one of the various db_mode settings involved.
On 03/25/2010 06:08 PM, dotnetdub wrote:
Hi Alex,
I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4 ->] rpid test: <null> and the rpid is not being added.
Very odd..
Stephen.
On 25 March 2010 21:57, Alex Balashov <abalashov@evaristesys.com mailto:abalashov@evaristesys.com> wrote:
On 03/25/2010 05:53 PM, dotnetdub wrote: Attached: if(is_uri_host_local()) { if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; } else if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } } else { sl_send_reply("403", "Forbidden"); exit; } } append_rpid_hf(); consume_credentials(); There is no guarantee that either append_rpid_hf() or consume_credentials() runs if and only if proxy_authorize() was called. Also, it is not clear why check_from() is at a relationship of logical disjunction vis-a-vis to proxy_authorize(). While not incorrect, it obfuscates the flow. Try this and see if the problem continues: if(is_uri_host_local()) { if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; } if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } append_rpid_hf(); consume_credentials(); } else { sl_send_reply("403", "Forbidden"); exit; } } -- Alex Balashov - Principal Evariste Systems LLC Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
Hi Alex,
Kamailio seems to be completely ignoring the fact that auth and auth_db are loaded. the modules are loaded but when a call is placed it doesn't do any SQL queries (except for accounting) and the call is placed without being authenticated.
ROR: auth [challenge.c:283]: no authorized credentials found (error in scripts)
loadmodule "auth.so" loadmodule "auth_db.so"
# auth_db
modparam("auth_db", "db_url", "mysql://openser:xxxxxxxxx@localhost/openser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("auth_db", "load_credentials", "$avp(s:rpid)=rpid")
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)") modparam("auth", "rpid_prefix", "<sip:") modparam("auth", "rpid_suffix","@xxxxxx.ie ;party=calling;id-type=subscriber;privacy=off;screen=yes>")
: DEBUG: <core> [sr_module.c:871]: DEBUG: init_mod: auth : DEBUG: <core> [sr_module.c:871]: DEBUG: init_mod: auth_db : DEBUG: <core> [sr_module.c:509]: find_export_record: found <bind_auth> in module auth [/lib/kamailio/modules_k/auth.so] : DEBUG: <core> [route.c:911]: fixing proxy_authorize() : DEBUG: <core> [route.c:911]: fixing www_authorize() : DEBUG: <core> [route.c:911]: fixing proxy_authorize() : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-127): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (1): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (2): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (3): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (4): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (5): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (6): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (7): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (8): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (9): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-1): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-1): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): auth_db : DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (0): auth_db
I have #!kamailio at the start of the config. Am I missing something really obvious? Maybe there is much more for config compat. from 1.x.x to 3.0.x
Stephen
On 25 March 2010 22:11, Alex Balashov abalashov@evaristesys.com wrote:
Is the type of the 'rpid' column 'varchar'?
Odd data type incompatibility or client library version incompatibility might explain it. I agree that it is bizarre.
Perhaps it would behoove you to turn on query logging on MySQL and verify that the 'rpid' column is actually being selected in the query.
The only other thing I can think of would relate to one of the various db_mode settings involved.
On 03/25/2010 06:08 PM, dotnetdub wrote:
Hi Alex,
I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4 ->] rpid test: <null> and the rpid is not being added.
Very odd..
Stephen.
On 25 March 2010 21:57, Alex Balashov <abalashov@evaristesys.com mailto:abalashov@evaristesys.com> wrote:
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached: if(is_uri_host_local()) { if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; } else if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } } else { sl_send_reply("403", "Forbidden"); exit; } } append_rpid_hf(); consume_credentials();There is no guarantee that either append_rpid_hf() or consume_credentials() runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of logical disjunction vis-a-vis to proxy_authorize(). While not incorrect, it obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) { if(!allow_trusted()) { if(!proxy_authorize("", "subscriber")) { proxy_challenge("", "1"); exit; } if(!check_from()) { sl_send_reply("403", "Forbidden"); exit; } append_rpid_hf(); consume_credentials(); } else { sl_send_reply("403", "Forbidden"); exit; } }-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
On 03/25/2010 08:16 PM, dotnetdub wrote:
Kamailio seems to be completely ignoring the fact that auth and auth_db are loaded. the modules are loaded but when a call is placed it doesn't do any SQL queries (except for accounting) and the call is placed without being authenticated.
You may have the entire call / route flow mixed up. If you like, you can send me the entire config privately and I can look at it.
Hi Alex,
It was an issue with the domain table being empty. Populated the domain table and all works as expected. I have an extra check in the script now to make sure this doesn't happen again.
Apologies.
Stephen
On 26 March 2010 00:23, Alex Balashov abalashov@evaristesys.com wrote:
On 03/25/2010 08:16 PM, dotnetdub wrote:
Kamailio seems to be completely ignoring the fact that auth and auth_db
are loaded. the modules are loaded but when a call is placed it doesn't do any SQL queries (except for accounting) and the call is placed without being authenticated.
You may have the entire call / route flow mixed up. If you like, you can send me the entire config privately and I can look at it.
-- Alex Balashov - Principal Evariste Systems LLC
Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
Ah, yes, that would do it.
On 03/26/2010 08:11 AM, dotnetdub wrote:
Hi Alex,
It was an issue with the domain table being empty. Populated the domain table and all works as expected. I have an extra check in the script now to make sure this doesn't happen again.
Apologies.
Stephen
On 26 March 2010 00:23, Alex Balashov <abalashov@evaristesys.com mailto:abalashov@evaristesys.com> wrote:
On 03/25/2010 08:16 PM, dotnetdub wrote: Kamailio seems to be completely ignoring the fact that auth and auth_db are loaded. the modules are loaded but when a call is placed it doesn't do any SQL queries (except for accounting) and the call is placed without being authenticated. You may have the entire call / route flow mixed up. If you like, you can send me the entire config privately and I can look at it. -- Alex Balashov - Principal Evariste Systems LLC Tel : +1 678-954-0670 Direct : +1 678-954-0671 Web : http://www.evaristesys.com/
-
Alex Balashov -
dotnetdub