25 Mar
2010
25 Mar
'10
2:46 p.m.
Hi List,
I have Kamailio 3.0.1 running from GIT with my old 1.5.3 config file.
Everything seems fine except the RPID.
I'm not getting any RPID sent in the SIP message and if I put debug=3 I see:
DEBUG: auth [rpid.c:177]: no rpid AVP
My config:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
modparam("auth", "rpid_prefix", "<sip:")
modparam("auth", "rpid_suffix","(a)asterisk.ie
;party=calling;id-type=subscriber;privacy=off;screen=yes>")
# auth_db
modparam("auth_db", "db_url",
"mysql://openser:XSXXXX@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials",
"$avp(s:rpid)=rpid")
in my route:
append_rpid_hf();
Probably missing something very simple. Any help would be appreciated.
Thanks,
Stephen.
25 Mar
25 Mar
2:57 p.m.
Sounds like $avp(s:rpid) is not set at the time that you're calling
append_rpid_hf().
On 03/25/2010 08:46 AM, dotnetdub wrote:
Hi List,
I have Kamailio 3.0.1 running from GIT with my old 1.5.3 config file.
Everything seems fine except the RPID.
I'm not getting any RPID sent in the SIP message and if I put debug=3 I see:
DEBUG: auth [rpid.c:177]: no rpid AVP
My config:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
modparam("auth", "rpid_prefix", "<sip:")
modparam("auth", "rpid_suffix","(a)asterisk.ie
<http://asterisk.ie>;party=calling;id-type=subscriber;privacy=off;screen=yes>")
# auth_db
modparam("auth_db", "db_url",
"mysql://openser:XSXXXX@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials",
"$avp(s:rpid)=rpid")
in my route:
append_rpid_hf();
Probably missing something very simple. Any help would be appreciated.
Thanks,
Stephen.
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
11:32 p.m.
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As you can see
from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this subscriber.
Thanks,
Stephen
On 25 March 2010 12:57, Alex Balashov <abalashov(a)evaristesys.com> wrote:
Sounds like $avp(s:rpid) is not set at the time that
you're calling
append_rpid_hf().
On 03/25/2010 08:46 AM, dotnetdub wrote:
Hi List,
I have Kamailio 3.0.1 running from GIT with my old 1.5.3 config file.
Everything seems fine except the RPID.
I'm not getting any RPID sent in the SIP message and if I put debug=3 I
see:
DEBUG: auth [rpid.c:177]: no rpid AVP
My config:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
modparam("auth", "rpid_prefix", "<sip:")
modparam("auth", "rpid_suffix","(a)asterisk.ie
<http://asterisk.ie
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
;party=calling;id-type=subscriber;privacy=off;screen=yes>")
# auth_db
modparam("auth_db", "db_url",
"mysql://openser:XSXXXX@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials",
"$avp(s:rpid)=rpid")
in my route:
append_rpid_hf();
Probably missing something very simple. Any help would be appreciated.
Thanks,
Stephen.
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
11:33 p.m.
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As you can
see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this subscriber.
Those AVPs are only loaded when www_authorize()/proxy_authorize() is
called. Make sure you are doing append_rpid_hf() before
consume_credentials(), also.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
11:49 p.m.
Hi Alex,
I moved it to before the consume_credentials() in my route script:
The sequence:
if(!proxy_authorize("" {
SCRIPT SCRIPT
append_rpid_hf();
consume_credentials();
Still getting:
sip[6820]: DEBUG: auth [rpid.c:177]: no rpid AVP
This worked perfectly in kamailio 1.x.x
Stephen.
On 25 March 2010 21:33, Alex Balashov <abalashov(a)evaristesys.com> wrote:
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As you can
see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this
subscriber.
Those AVPs are only loaded when www_authorize()/proxy_authorize() is
called. Make sure you are doing append_rpid_hf() before
consume_credentials(), also.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
11:51 p.m.
Can you paste the (relatively complete) code block in which all this
takes place in order to provide context?
On 03/25/2010 05:49 PM, dotnetdub wrote:
Hi Alex,
I moved it to before the consume_credentials() in my route script:
The sequence:
if(!proxy_authorize("" {
SCRIPT SCRIPT
append_rpid_hf();
consume_credentials();
Still getting:
sip[6820]: DEBUG: auth [rpid.c:177]: no rpid AVP
This worked perfectly in kamailio 1.x.x
Stephen.
On 25 March 2010 21:33, Alex Balashov <abalashov(a)evaristesys.com
<mailto:abalashov@evaristesys.com>> wrote:
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As
you can
see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this
subscriber.
Those AVPs are only loaded when www_authorize()/proxy_authorize() is
called. Make sure you are doing append_rpid_hf() before
consume_credentials(), also.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
11:53 p.m.
Attached:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
else if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
append_rpid_hf();
consume_credentials();
On 25 March 2010 21:51, Alex Balashov <abalashov(a)evaristesys.com> wrote:
Can you paste the (relatively complete) code block in
which all this takes
place in order to provide context?
On 03/25/2010 05:49 PM, dotnetdub wrote:
Hi Alex,
I moved it to before the consume_credentials() in my route script:
The sequence:
if(!proxy_authorize("" {
SCRIPT SCRIPT
append_rpid_hf();
consume_credentials();
Still getting:
sip[6820]: DEBUG: auth [rpid.c:177]: no rpid AVP
This worked perfectly in kamailio 1.x.x
Stephen.
On 25 March 2010 21:33, Alex Balashov <abalashov(a)evaristesys.com
<mailto:abalashov@evaristesys.com>> wrote:
On 03/25/2010 05:32 PM, dotnetdub wrote:
Hi Alex,
Do I need to do something different in the script to 1.5.3 ? As
you can
see from my first mail I am loading the avp from the DB as before.
I just did this in my route:
xlog("L_INFO", "[ROUTE-4 ->] rpid test: $avp(s:rpid) ");
Result:
INFO: <script>: [ROUTE-4 ->] rpid test: <null>
Not sure what I'm missing here:
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
My subscriber table has column rpid and value is valid for this
subscriber.
Those AVPs are only loaded when www_authorize()/proxy_authorize() is
called. Make sure you are doing append_rpid_hf() before
consume_credentials(), also.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
11:57 p.m.
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
else if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
append_rpid_hf();
consume_credentials();
There is no guarantee that either append_rpid_hf() or
consume_credentials() runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of logical
disjunction vis-a-vis to proxy_authorize(). While not incorrect, it
obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}
append_rpid_hf();
consume_credentials();
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
26 Mar
26 Mar
12:08 a.m.
Hi Alex,
I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4 ->]
rpid test: <null> and the rpid is not being added.
Very odd..
Stephen.
On 25 March 2010 21:57, Alex Balashov <abalashov(a)evaristesys.com> wrote:
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
else if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
append_rpid_hf();
consume_credentials();
There is no guarantee that either append_rpid_hf() or consume_credentials()
runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of logical
disjunction vis-a-vis to proxy_authorize(). While not incorrect, it
obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}
append_rpid_hf();
consume_credentials();
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
12:11 a.m.
Is the type of the 'rpid' column 'varchar'?
Odd data type incompatibility or client library version incompatibility
might explain it. I agree that it is bizarre.
Perhaps it would behoove you to turn on query logging on MySQL and
verify that the 'rpid' column is actually being selected in the query.
The only other thing I can think of would relate to one of the various
db_mode settings involved.
On 03/25/2010 06:08 PM, dotnetdub wrote:
Hi Alex,
I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4
->] rpid test: <null> and the rpid is not being added.
Very odd..
Stephen.
On 25 March 2010 21:57, Alex Balashov <abalashov(a)evaristesys.com
<mailto:abalashov@evaristesys.com>> wrote:
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("",
"subscriber")) {
proxy_challenge("", "1");
exit;
}
else if(!check_from()) {
sl_send_reply("403",
"Forbidden");
exit;
}
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
append_rpid_hf();
consume_credentials();
There is no guarantee that either append_rpid_hf() or
consume_credentials() runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of
logical disjunction vis-a-vis to proxy_authorize(). While not
incorrect, it obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
if(!check_from()) {
sl_send_reply("403",
"Forbidden");
exit;
}
append_rpid_hf();
consume_credentials();
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
2:16 a.m.
Hi Alex,
Kamailio seems to be completely ignoring the fact that auth and auth_db are
loaded. the modules are loaded but when a call is placed it doesn't do any
SQL queries (except for accounting) and the call is placed without being
authenticated.
ROR: auth [challenge.c:283]: no authorized credentials found (error in
scripts)
loadmodule "auth.so"
loadmodule "auth_db.so"
# auth_db
modparam("auth_db", "db_url",
"mysql://openser:xxxxxxxxx@localhost/openser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("auth_db", "load_credentials",
"$avp(s:rpid)=rpid")
# auth
modparam("auth", "rpid_avp", "$avp(s:rpid)")
modparam("auth", "rpid_prefix", "<sip:")
modparam("auth", "rpid_suffix","(a)xxxxxx.ie
;party=calling;id-type=subscriber;privacy=off;screen=yes>")
: DEBUG: <core> [sr_module.c:871]: DEBUG: init_mod: auth
: DEBUG: <core> [sr_module.c:871]: DEBUG: init_mod: auth_db
: DEBUG: <core> [sr_module.c:509]: find_export_record: found <bind_auth> in
module auth [/lib/kamailio/modules_k/auth.so]
: DEBUG: <core> [route.c:911]: fixing proxy_authorize()
: DEBUG: <core> [route.c:911]: fixing www_authorize()
: DEBUG: <core> [route.c:911]: fixing proxy_authorize()
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-127): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (1): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (2): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (3): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (4): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (5): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (6): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (7): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (8): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (9): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-1): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (-1): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (10): auth_db
: DEBUG: <core> [sr_module.c:807]: DEBUG: init_mod_child (0): auth_db
I have #!kamailio at the start of the config. Am I missing something really
obvious? Maybe there is much more for config compat. from 1.x.x to 3.0.x
Stephen
On 25 March 2010 22:11, Alex Balashov <abalashov(a)evaristesys.com> wrote:
Is the type of the 'rpid' column
'varchar'?
Odd data type incompatibility or client library version incompatibility
might explain it. I agree that it is bizarre.
Perhaps it would behoove you to turn on query logging on MySQL and verify
that the 'rpid' column is actually being selected in the query.
The only other thing I can think of would relate to one of the various
db_mode settings involved.
On 03/25/2010 06:08 PM, dotnetdub wrote:
Hi Alex,
I modified the script, same result. sip[8892]: INFO: <script>: [ROUTE-4
->] rpid test: <null> and the rpid is not being added.
Very odd..
Stephen.
On 25 March 2010 21:57, Alex Balashov <abalashov(a)evaristesys.com
<mailto:abalashov@evaristesys.com>> wrote:
On 03/25/2010 05:53 PM, dotnetdub wrote:
Attached:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("",
"subscriber")) {
proxy_challenge("", "1");
exit;
}
else if(!check_from()) {
sl_send_reply("403",
"Forbidden");
exit;
}
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
append_rpid_hf();
consume_credentials();
There is no guarantee that either append_rpid_hf() or
consume_credentials() runs if and only if proxy_authorize() was called.
Also, it is not clear why check_from() is at a relationship of
logical disjunction vis-a-vis to proxy_authorize(). While not
incorrect, it obfuscates the flow.
Try this and see if the problem continues:
if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}
if(!check_from()) {
sl_send_reply("403",
"Forbidden");
exit;
}
append_rpid_hf();
consume_credentials();
}
else {
sl_send_reply("403", "Forbidden");
exit;
}
}
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
2:23 a.m.
On 03/25/2010 08:16 PM, dotnetdub wrote:
Kamailio seems to be completely ignoring the fact that
auth and auth_db
are loaded. the modules are loaded but when a call is placed it doesn't
do any SQL queries (except for accounting) and the call is placed
without being authenticated.
You may have the entire call / route flow mixed up. If you like, you
can send me the entire config privately and I can look at it.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
2:11 p.m.
Hi Alex,
It was an issue with the domain table being empty. Populated the domain
table and all works as expected. I have an extra check in the script now to
make sure this doesn't happen again.
Apologies.
Stephen
On 26 March 2010 00:23, Alex Balashov <abalashov(a)evaristesys.com> wrote:
On 03/25/2010 08:16 PM, dotnetdub wrote:
Kamailio seems to be completely ignoring the fact that auth and auth_db
are loaded. the modules are loaded but when a
call is placed it doesn't
do any SQL queries (except for accounting) and the call is placed
without being authenticated.
You may have the entire call / route flow mixed up. If you like, you can
send me the entire config privately and I can look at it.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
2:27 p.m.
Ah, yes, that would do it.
On 03/26/2010 08:11 AM, dotnetdub wrote:
Hi Alex,
It was an issue with the domain table being empty. Populated the domain
table and all works as expected. I have an extra check in the script now
to make sure this doesn't happen again.
Apologies.
Stephen
On 26 March 2010 00:23, Alex Balashov <abalashov(a)evaristesys.com
<mailto:abalashov@evaristesys.com>> wrote:
On 03/25/2010 08:16 PM, dotnetdub wrote:
Kamailio seems to be completely ignoring the fact that auth and
auth_db
are loaded. the modules are loaded but when a call is placed it
doesn't
do any SQL queries (except for accounting) and the call is placed
without being authenticated.
You may have the entire call / route flow mixed up. If you like,
you can send me the entire config privately and I can look at it.
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
--
Alex Balashov - Principal
Evariste Systems LLC
Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/
5358
days inactive
5359
days old
13 comments
2 participants
participants (2)
-
Alex Balashov -
dotnetdub