
<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Hello,<div class=""><br class=""></div><div class="">Thanks for the tip Daniel. I added this before the dispatch_rpc() and other xmlrpc related stuff:</div><div class=""><br class=""></div><div class="">...</div><div class=""><div class="">if (!www_authorize(”somedomain.local", "subscriber")) {</div><div class="">          www_challenge(”somedomain.local", "1");</div><div class="">          exit;</div><div class="">    };</div><div class="">…</div><div class=""><br class=""></div><div class="">Seems to work now with the correct username and password retrieved from subscriber table:</div><div class=""><br class=""></div><div class="">After 200OK the dialplan gets reloaded in this example.</div><div class=""><br class=""></div><div class=""><div class="">POST /RPC HTTP/1.1.</div><div class="">Accept: */*.</div><div class="">Host: 127.0.0.1:5060.</div><div class="">User-Agent: xmlrpcclient.</div><div class="">Content-Type: text/xml.</div><div class="">Content-Length: 0.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">T 127.0.0.1:5060 -> 127.0.0.1:57265 [AP]</div><div class="">HTTP/1.1 401 Unauthorized.</div><div class="">Sia: SIP/2.0/TCP 127.0.0.1:57265.</div><div class="">WWW-Authenticate: Digest realm=”somedomain.local", nonce="WSSNE1kki+cE7oCG5vjVrxI/BZRRfmOmXKecloA=", qop="auth".</div><div class="">Content-Length: 0.</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">T 127.0.0.1:57265 -> 127.0.0.1:5060 [AP]</div><div class="">POST /RPC HTTP/1.1.</div><div class="">Authorization: Digest username="testuser", realm=”somedomain.local", nonce="WSSNE1kki+cE7oCG5vjVrxI/BZRRfmOmXKecloA=", uri="/RPC", cnonce="Yjg5MWU3ZjdkYzYwNmNlMTc1ZmQyMmFmYmZkNGQyN2M=", nc=00000001, qop=auth, response="c99a92d4c402ab592a908f92e82f08e1".</div><div class="">Accept: */*.</div><div class="">Host: 127.0.0.1:5060.</div><div class="">User-Agent: xmlrpcclient.</div><div class="">Content-Type: text/xml.</div><div class="">Content-Length: 167.</div><div class="">.</div><div class=""><?xml version="1.0" encoding="UTF-8"?><methodCall><methodName>dialplan.reload</methodName><params><param><value><string></string></value></param></params></methodCall></div><div class=""><br class=""></div><div class="">T 127.0.0.1:5060 -> 127.0.0.1:57265 [AP]</div><div class="">HTTP/1.1 200 OK.</div><div class="">Sia: SIP/2.0/TCP 127.0.0.1:57265.</div><div class="">Content-Length: 108.</div></div><div class=""><br class=""></div><div class="">Cheers!</div><div class=""><br class=""></div><div class="">PS. Could not help at noticing Kamailio replying with ”Sia” header in 200OK message. I dont know if this is a bug or not but it looks a lot like ”Via” … :)</div><div class=""><br class=""></div><div class="">—Olli</div><div class=""><br class=""></div><div><blockquote type="cite" class=""><div class="">Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" class="">miconda@gmail.com</a>> kirjoitti 23.5.2017 kello 21.23:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">You can use the auth/auth_db modules do the the www-digest authentication (which was actually defined first for http) like for sip traffic -- you probably want to do the www not proxy auth, so use the appropriate functions.<div class=""><br class=""></div><div class="">Cheers,<br class="">Daniel</div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Tue, May 23, 2017 at 3:09 PM, Oma <span dir="ltr" class=""><<a href="mailto:olli.attila@oatel.net" target="_blank" class="">olli.attila@oatel.net</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">Hello,<div class=""><br class=""></div><div class="">Username & password would be the desired way.</div><div class=""><br class=""></div><div class="">Cheers,</div><div class=""><br class=""></div><div class="">—Olli</div><div class=""><div class="h5"><div class=""><br class=""><div class=""><blockquote type="cite" class=""><div class="">Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" target="_blank" class="">miconda@gmail.com</a>> kirjoitti 23.5.2017 kello 15.32:</div><br class="m_4057961130878657127Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hello,<div class=""><br class=""></div><div class="">do you want authentication with username and password or IP based authorization?<div class=""><br class=""></div><div class="">Cheers,<br class="">Daniel</div></div></div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Tue, May 23, 2017 at 7:04 AM, Olli Attila <span dir="ltr" class=""><<a href="mailto:olli.attila@oatel.net" target="_blank" class="">olli.attila@oatel.net</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br class="">

<br class="">

I got the POST request working now by adding the "listen tcp:<a href="http://127.0.0.1:5060/" rel="noreferrer" target="_blank" class="">127.0.0.1:5060</a>". I tested this with dialplan.reload, dialplan.dump and htable.reload. Works ok.<br class="">

<br class="">

Is there any way to authenticate the request in Kamailio?<br class="">

<br class="">

Now all of the valid methods included in request: "<a href="http://127.0.0.1/RPC" rel="noreferrer" target="_blank" class="">http://127.0.0.1/RPC</a>" are getting executed and Kamailio returns 200 OK directly.<br class="">

<br class="">

Cheers,<br class="">

<br class="">

--Olli<div class="m_4057961130878657127HOEnZb"><div class="m_4057961130878657127h5"><br class="">

<br class="">

<br class="">

<br class="">

Diego Nadares kirjoitti 2017-05-22 15:06:<br class="">

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

Hi Olli,<br class="">

<br class="">

Did configure kamailio to listen on tcp:127.0.0.1?<br class="">

<br class="">

Diego<br class="">

<br class="">

<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

El 22 may. 2017, a las 02:54, Olli Attila <<a href="mailto:olli.attila@oatel.net" target="_blank" class="">olli.attila@oatel.net</a>> escribió:<br class="">

<br class="">

Hi,<br class="">

<br class="">

I'm using kamailio 5.0.0 and trying to use core commands through xmlrpc interface but the requests are failing towards Kamailio.<br class="">

I have compiled and enabled the xmlrpc module in config and I have this on my kamailio.cfg:<br class="">

<br class="">

<br class="">

# XMLRPC routing<br class="">

#!ifdef WITH_XMLRPC<br class="">

route[XMLRPC] {<br class="">

 # allow XMLRPC from localhost<br class="">

 if ((method=="POST" || method=="GET")<br class="">

     && (src_ip==127.0.0.1)) {<br class="">

   # close connection only for xmlrpclib user agents (there is a bug in<br class="">

   # xmlrpclib: it waits for EOF before interpreting the response).<br class="">

   if ($hdr(User-Agent) =~ "xmlrpclib")<br class="">

     set_reply_close();<br class="">

   set_reply_no_connect();<br class="">

   dispatch_rpc();<br class="">

   exit;<br class="">

 }<br class="">

 send_reply("403", "Forbidden");<br class="">

 exit;<br class="">

}<br class="">

#!endif<br class="">

<br class="">

I have tried to test this by using curl and calling "core.uptime" method in xml body (core.uptime works when executed through kamcmd commandline tool).<br class="">

The curl is called from the same machine that I have Kamailio installed on:<br class="">

<br class="">

"curl -X POST -H 'Host: <a href="http://127.0.0.1:5060/" rel="noreferrer" target="_blank" class="">127.0.0.1:5060</a>' -H 'User-Agent: xmlrpcclient' -H 'Content-Type: text/xml' -d '<?xml version='1.0'?><methodCall><me<wbr class="">thodName>core.uptime</methodNa<wbr class="">me><params></params></methodCa<wbr class="">ll>' <a href="http://127.0.0.1:5060/" rel="noreferrer" target="_blank" class="">http://127.0.0.1:5060</a>"<br class="">

<br class="">

This fails and I only get: "curl: (7) Failed to connect to 127.0.0.1 port 5060: Connection refused"<br class="">

<br class="">

network traffic shows me this.. firewall is disabled completely when doing the test:<br class="">

1   0.000000    127.0.0.1 -> 127.0.0.1    TCP 74 55630→5060 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=1347930477 TSecr=0 WS=64<br class="">

2   0.000032    127.0.0.1 -> 127.0.0.1    TCP 54 5060→55630 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0<br class="">

<br class="">

Can anyone help me to get to the right direction with this?<br class="">

<br class="">

Cheers,<br class="">

<br class="">

--Olli<br class="">

<br class="">

<br class="">

______________________________<wbr class="">_________________<br class="">

Kamailio (SER) - Users Mailing List<br class="">

<a href="mailto:sr-users@lists.kamailio.org" target="_blank" class="">sr-users@lists.kamailio.org</a><br class="">

<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank" class="">https://lists.kamailio.org/cgi<wbr class="">-bin/mailman/listinfo/sr-users</a><br class="">

</blockquote>

<br class="">

______________________________<wbr class="">_________________<br class="">

Kamailio (SER) - Users Mailing List<br class="">

<a href="mailto:sr-users@lists.kamailio.org" target="_blank" class="">sr-users@lists.kamailio.org</a><br class="">

<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank" class="">https://lists.kamailio.org/cgi<wbr class="">-bin/mailman/listinfo/sr-users</a><br class="">

</blockquote>

<br class="">

______________________________<wbr class="">_________________<br class="">

Kamailio (SER) - Users Mailing List<br class="">

<a href="mailto:sr-users@lists.kamailio.org" target="_blank" class="">sr-users@lists.kamailio.org</a><br class="">

<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank" class="">https://lists.kamailio.org/cgi<wbr class="">-bin/mailman/listinfo/sr-users</a><br class="">

</div></div></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="m_4057961130878657127gmail_signature" data-smartmail="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class="">Daniel-Constantin Mierla - <a href="http://www.asipto.com/" target="_blank" class="">http://www.asipto.com</a></div><div class=""><a href="http://twitter.com/#!/miconda" target="_blank" class="">http://twitter.com/#!/miconda</a> - <a href="http://www.linkedin.com/in/miconda" target="_blank" class="">http://www.linkedin.com/in/<wbr class="">miconda</a></div></div></div></div></div>

</div>

______________________________<wbr class="">_________________<br class="">Kamailio (SER) - Users Mailing List<br class=""><a href="mailto:sr-users@lists.kamailio.org" target="_blank" class="">sr-users@lists.kamailio.org</a><br class=""><a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" target="_blank" class="">https://lists.kamailio.org/<wbr class="">cgi-bin/mailman/listinfo/sr-<wbr class="">users</a><br class=""></div></blockquote></div><br class=""></div></div></div></div><br class="">______________________________<wbr class="">_________________<br class="">

Kamailio (SER) - Users Mailing List<br class="">

<a href="mailto:sr-users@lists.kamailio.org" class="">sr-users@lists.kamailio.org</a><br class="">

<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank" class="">https://lists.kamailio.org/<wbr class="">cgi-bin/mailman/listinfo/sr-<wbr class="">users</a><br class="">

<br class=""></blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div>-- <br class=""><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class="">Daniel-Constantin Mierla - <a href="http://www.asipto.com/" target="_blank" class="">http://www.asipto.com</a></div><div class=""><a href="http://twitter.com/#!/miconda" target="_blank" class="">http://twitter.com/#!/miconda</a> - <a href="http://www.linkedin.com/in/miconda" target="_blank" class="">http://www.linkedin.com/in/miconda</a></div></div></div></div></div>

</div>

_______________________________________________<br class="">Kamailio (SER) - Users Mailing List<br class=""><a href="mailto:sr-users@lists.kamailio.org" class="">sr-users@lists.kamailio.org</a><br class="">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users<br class=""></div></blockquote></div><br class=""></div></body></html>