Hello,
Thanks for the tip Daniel. I added this before the dispatch_rpc() and other xmlrpc related
stuff:
...
if (!www_authorize(”somedomain.local", "subscriber")) {
www_challenge(”somedomain.local", "1");
exit;
};
…
Seems to work now with the correct username and password retrieved from subscriber table:
After 200OK the dialplan gets reloaded in this example.
POST /RPC HTTP/1.1.
Accept: */*.
Host: 127.0.0.1:5060.
User-Agent: xmlrpcclient.
Content-Type: text/xml.
Content-Length: 0.
T 127.0.0.1:5060 -> 127.0.0.1:57265 [AP]
HTTP/1.1 401 Unauthorized.
Sia: SIP/2.0/TCP 127.0.0.1:57265.
WWW-Authenticate: Digest realm=”somedomain.local",
nonce="WSSNE1kki+cE7oCG5vjVrxI/BZRRfmOmXKecloA=", qop="auth".
Content-Length: 0.
T 127.0.0.1:57265 -> 127.0.0.1:5060 [AP]
POST /RPC HTTP/1.1.
Authorization: Digest username="testuser", realm=”somedomain.local",
nonce="WSSNE1kki+cE7oCG5vjVrxI/BZRRfmOmXKecloA=", uri="/RPC",
cnonce="Yjg5MWU3ZjdkYzYwNmNlMTc1ZmQyMmFmYmZkNGQyN2M=", nc=00000001, qop=auth,
response="c99a92d4c402ab592a908f92e82f08e1".
Accept: */*.
Host: 127.0.0.1:5060.
User-Agent: xmlrpcclient.
Content-Type: text/xml.
Content-Length: 167.
.
<?xml version="1.0"
encoding="UTF-8"?><methodCall><methodName>dialplan.reload</methodName><params><param><value><string></string></value></param></params></methodCall>
T 127.0.0.1:5060 -> 127.0.0.1:57265 [AP]
HTTP/1.1 200 OK.
Sia: SIP/2.0/TCP 127.0.0.1:57265.
Content-Length: 108.
Cheers!
PS. Could not help at noticing Kamailio replying with ”Sia” header in 200OK message. I
dont know if this is a bug or not but it looks a lot like ”Via” … :)
—Olli
Daniel-Constantin Mierla <miconda(a)gmail.com>
kirjoitti 23.5.2017 kello 21.23:
You can use the auth/auth_db modules do the the www-digest authentication (which was
actually defined first for http) like for sip traffic -- you probably want to do the www
not proxy auth, so use the appropriate functions.
Cheers,
Daniel
On Tue, May 23, 2017 at 3:09 PM, Oma <olli.attila(a)oatel.net
<mailto:olli.attila@oatel.net>> wrote:
Hello,
Username & password would be the desired way.
Cheers,
—Olli
Daniel-Constantin Mierla <miconda(a)gmail.com
<mailto:miconda@gmail.com>> kirjoitti 23.5.2017 kello 15.32:
Hello,
do you want authentication with username and password or IP based authorization?
Cheers,
Daniel
On Tue, May 23, 2017 at 7:04 AM, Olli Attila <olli.attila(a)oatel.net
<mailto:olli.attila@oatel.net>> wrote:
Hello,
I got the POST request working now by adding the "listen tcp:127.0.0.1:5060
<http://127.0.0.1:5060/>". I tested this with dialplan.reload, dialplan.dump
and htable.reload. Works ok.
Is there any way to authenticate the request in Kamailio?
Now all of the valid methods included in request: "http://127.0.0.1/RPC
<http://127.0.0.1/RPC>" are getting executed and Kamailio returns 200 OK
directly.
Cheers,
--Olli
Diego Nadares kirjoitti 2017-05-22 15:06:
Hi Olli,
Did configure kamailio to listen on tcp:127.0.0.1?
Diego
El 22 may. 2017, a las 02:54, Olli Attila <olli.attila(a)oatel.net
<mailto:olli.attila@oatel.net>> escribió:
Hi,
I'm using kamailio 5.0.0 and trying to use core commands through xmlrpc interface but
the requests are failing towards Kamailio.
I have compiled and enabled the xmlrpc module in config and I have this on my
kamailio.cfg:
# XMLRPC routing
#!ifdef WITH_XMLRPC
route[XMLRPC] {
# allow XMLRPC from localhost
if ((method=="POST" || method=="GET")
&& (src_ip==127.0.0.1)) {
# close connection only for xmlrpclib user agents (there is a bug in
# xmlrpclib: it waits for EOF before interpreting the response).
if ($hdr(User-Agent) =~ "xmlrpclib")
set_reply_close();
set_reply_no_connect();
dispatch_rpc();
exit;
}
send_reply("403", "Forbidden");
exit;
}
#!endif
I have tried to test this by using curl and calling "core.uptime" method in xml
body (core.uptime works when executed through kamcmd commandline tool).
The curl is called from the same machine that I have Kamailio installed on:
"curl -X POST -H 'Host: 127.0.0.1:5060 <http://127.0.0.1:5060/>' -H
'User-Agent: xmlrpcclient' -H 'Content-Type: text/xml' -d '<?xml
version='1.0'?><methodCall><methodName>core.uptime</methodName><params></params></methodCall>'
http://127.0.0.1:5060 <http://127.0.0.1:5060/>"
This fails and I only get: "curl: (7) Failed to connect to 127.0.0.1 port 5060:
Connection refused"
network traffic shows me this.. firewall is disabled completely when doing the test:
1 0.000000 127.0.0.1 -> 127.0.0.1 TCP 74 55630→5060 [SYN] Seq=0 Win=43690
Len=0 MSS=65495 SACK_PERM=1 TSval=1347930477 TSecr=0 WS=64
2 0.000032 127.0.0.1 -> 127.0.0.1 TCP 54 5060→55630 [RST, ACK] Seq=1 Ack=1
Win=0 Len=0
Can anyone help me to get to the right direction with this?
Cheers,
--Olli
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org <mailto:sr-users@lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
<https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org <mailto:sr-users@lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
<https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org <mailto:sr-users@lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
<https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
--
Daniel-Constantin Mierla -
http://www.asipto.com <http://www.asipto.com/>
http://twitter.com/#!/miconda <http://twitter.com/#!/miconda> -
http://www.linkedin.com/in/miconda
<http://www.linkedin.com/in/miconda>_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org <mailto:sr-users@lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
<https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org <mailto:sr-users@lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
<https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
--
Daniel-Constantin Mierla -
http://www.asipto.com <http://www.asipto.com/>
http://twitter.com/#!/miconda <http://twitter.com/#!/miconda> -
http://www.linkedin.com/in/miconda
<http://www.linkedin.com/in/miconda>_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users