### Description
As far as I know there is currently no support for [RFC-8760](https://tools.ietf.org/html/rfc8760) yet. It modifies the Digest Access Authentication scheme to add support for more secure digest algorithms, e.g., SHA-256 and SHA-512/256, to replace the obsolete MD5 algorithm. Are there any plans to implement this?
### Possible Solutions
Extending the auth module to accept these algorithms as a function parameter would be nice to have since older clients may not support them.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2668
### Description
TLSF mem manager accounting for wrong values
was trying to debug a crash and this popped up.
using a lot of small allocs until pkg_alloc returns NULL (when exhausted)
when NULL is returned the memory **used+overhead** exceeds the heap allocated.
<!--
-->
### Troubleshooting
#### Reproduction
use frequent small memory allocs until pool is exausted (returns NULL) , check tlsf status.
static void do_test_mem()
{
void* chunk;
tlsf_t pool = NULL;
size_t total = 16 * 1024 * 1024;
size_t half = 8 * 1024 * 1024;
size_t sz = 6;
int x;
void* mem = malloc(total);
char* mem2 = tlsf_cast(char*, tlsf_cast(ptrdiff_t, mem) + half);
memset(mem2, 'X', half);
assert(*mem2 == 'X');
pool = tlsf_create_with_pool(mem, half);
do { chunk = tlsf_malloc(pool, sz); } while(chunk != NULL);
tlsf_status(pool);
for(x=0; x < half; x++) {
assert(*mem2 == 'X');
mem2++;
}
free(mem);
}
<!--
If the issue can be reproduced, describe how it can be done.
-->
<!--
If you got a core dump, use gdb to extract troubleshooting data - full backtrace,
local variables and the list of the code at the issue location.
gdb /path/to/kamailio /path/to/corefile
bt full
info locals
list
If you are familiar with gdb, feel free to attach more of what you consider to
be relevant.
-->
```
heap size= **8388592**
used= **6285144**, used+overhead=**12578696**, free=**18446744073705361512**, fragments=0
max used (+overhead)=12578696, max fragments=1
Free blocks matrix ('.': none, 'X': between 2^X and (2^(X+1)-1) free blocks, X=A..Z, A=0, B=1, ...)
> first-level: 32 block list arrays between 2^fl and 2^(fl+1) bytes (fl=8..39)
v second-level: 32 block lists between 2^fl+sl*2^(fl-5) and 2^fl+(sl+1)*2^(fl-5)-1 bytes (sl=0..31)
0|................................|
1|................................|
2|................................|
3|................................|
4|................................|
5|................................|
6|................................|
7|................................|
8|................................|
9|................................|
10|................................|
11|................................|
12|................................|
13|................................|
14|................................|
15|................................|
16|................................|
17|................................|
18|................................|
19|................................|
20|................................|
21|................................|
22|................................|
23|................................|
24|................................|
25|................................|
26|................................|
27|................................|
28|................................|
29|................................|
30|................................|
31|................................|
```
#### Log Messages
<!--
Check the syslog file and if there are relevant log messages printed by Kamailio, add them next, or attach to issue, or provide a link to download them (e.g., to a pastebin site).
-->
```
identical to reproduce step when calling mem debug on a running instance
```
### Possible Solutions
<!--
If you found a solution or workaround for the issue, describe it. Ideally, provide a pull request with a fix.
-->
### Additional Information
```
* **Kamailio Version** - built from master
```
* **Operating System**:
<!--
Details about the operating system, the type: Linux (e.g.,: Debian 8.4, Ubuntu 16.04, CentOS 7.1, ...), MacOS, xBSD, Solaris, ...;
Kernel details (output of `uname -a`)
-->
```
CentOS7 and alpine
```
## comments
heap size= **8388592** shouldn't it be **8388608** ?
used+overhead=**12578696** misleading
free=**18446744073705361512** misleading, looks like it has a negative value
the map doesn't look ok (or i'm not understanding what it should show), its the same output before the alloc and after.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2628
Hello
I configure my kamailio.cfg to handle SLA using (SCA module) and shared presence is working but still facing some issue in case of hold invite and BYE and the reason behind of that issue is following error
Nov 26 07:38:40 SBC-4-1 /usr/local/sbin/kamailio[104107]: ERROR: sca [sca_call_info.c:1008]: sca_call_info_invite_request_handler(): Failed to update sip:4569@test.sip.abcd.com appearance-index 0 to active
actually, in Kamailio appearances, I can see the entry for this call but the index is 1 instead of 0, and Kamailio going to update with a 0 index
[root@SBC-4-1 ntcarfte-kamailio]# kamcmd sca.all_appearances
sip:4569@test.sip.abcd.com 1 active 1606376289 sip:4569@10.xx.xx.xx:5070;transport=udp sip:2003@test.sip.abcd.com 186161_mobile-rel120MTQ5OTcyZjFhMjMyNmI1ZGE1MWY4ODc2M2RkN2VmZmQ 45dc18d8 H6cS9vecZ248B
if I manually update appearances using RPC command with index 1 then the phone started blinking as I change state to held
# kamcmd sca.update_appearance sip:4569@sc4test.sip.teledge.com 1 held
# kamcmd sca.all_appearances
sip:4569@test.sip.abcd.com 1 held 1606376516 sip:4569@10.xx.xx.xx:5070;transport=udp sip:2003@test.sip.abcd.com 186161_mobile-rel120NzE5MDgyZDc1NjJiYjcwMWFlYmI3NzM3NjE2OTRhZjU 08f005cb eK9ratm83g92e
kamailio.cfg
route[SCA] {
if(is_method("SUBSCRIBE")) {
if ($hdr(Event) == "call-info" || $hdr(Event) == "line-seize") {
xlog("L_INFO","(MAIN) :HELLO ($avp(uuid)) : $avp(rsi) $sp $hdr(Event)");
xdbg("SCA: $hdr(Event) SUBSCRIBE $ru from $si:$sp");
sca_handle_subscribe();
exit;
}
return;
}
if (!is_method("BYE|CANCEL|INVITE|PRACK|REFER")) {
return;
}
sca_call_info_update();
}
route[RELAY_OUTBOUND_FS] {
xlog("L_INFO","(RELAY_OUTBOUND_FS) : ($avp(uuid)) : INSIDE ROUTE ");
if (!has_totag()){
$avp(set_h) = 1;
}
t_on_reply("REPLY_OUTBOUND_FS");
route(SCA);
if (!t_relay()) {
sl_reply_error();
}
exit;
}
route[RELAY_INBOUND_FS] {
if(is_method("INVITE|BYE|UPDATE|CANCEL|ACK")) {
$avp(s:puburis_caller) = $fu;
setflag(8);
dlg_manage();
}
if(is_method("REGISTER")) {
t_on_reply("REPLY_REGISTER");
} else {
t_on_reply("REPLY_INBOUND_FS");
}
route(SCA);
if (!t_relay()) {
sl_reply_error();
}
exit;
}
onreply_route[REPLY_INBOUND_FS] {
xdbg("incoming reply\n");
if (status =~ "[456][0-9][0-9]") {
# don't update SCA state here, since there may be
# failure route processing (e.g., call forwarding).
# update state in failure route instead.
return;
}
route(SCA);
}
onreply_route[REPLY_OUTBOUND_FS] {
xdbg("incoming reply\n");
if (status =~ "[456][0-9][0-9]") {
# don't update SCA state here, since there may be
# failure route processing (e.g., call forwarding).
# update state in failure route instead.
return;
}
route(SCA);
}
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2583
With the dialog and acc modules configured to generate CDRs to syslog, sometimes a CDR is not generated when a call ends. It appears that this is because some callers are closing the websocket just after sending the BYE. That means that when the 200 response to the BYE arrives it can't be relayed as the websocket has closed. It does seem to be timing related.
We use the websocket close event to shorten the dialog timeout to 1 second.
We also don't get a CDR if we close the websocket while a call is active. The dialog times out and sends a BYE to the callee (it fails to send to the caller, not because the websocket is closed but because the *.invalid contact address can't be resolved!) and then destroys the dialog.
[kamailio.log](https://github.com/kamailio/kamailio/files/5702715/kamailio.l…
[kamailio-sipdump-2020-12-16--11-13-52.data.log](https://github.com/kamailio…
* **Kamailio Version** - output of `kamailio -v`
version: kamailio 5.3.6 (x86_64/linux) fb26c8
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: fb26c8
compiled on 11:51:56 Nov 17 2020 with gcc 4.8.5
* **Operating System**:
Linux ip-172-30-0-66 4.14.114-83.126.amzn1.x86_64 #1 SMP Tue May 7 02:26:58 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2587
### Description
When I try to load kamailio schema into MySQL database I get an error "Duplicate entry 'dialog_vars' for key 'PRIMARY'".
I have checked the duplicated `dialog_vars` table definition at
1. [dialog-create.sql#L32-L38](https://github.com/kamailio/kamailio/blob/master…
2. [ims_dialog-create.sql#L41-L49](https://github.com/kamailio/kamailio/blob/ma…
#### Reproduction
Load schemas from dialog-create.sql and from ims_dialog-create.sql.
### Possible Solutions
Remove `dialog_vars` table definition from `ims_dialog-create.sql` shema file.
### Additional Information
* **Kamailio Version** - output of `kamailio -v`
```
@safarov-dell:/usr/share/kamailio$ kamailio -v
version: kamailio 5.5.0-dev3 (x86_64/linux)
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled on 12:51:16 Dec 4 2020 with gcc 10.2.1
```
* **Operating System**:
```
@safarov-dell:/usr/share/kamailio$ cat /etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.13.0_alpha20200917
PRETTY_NAME="Alpine Linux edge"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://bugs.alpinelinux.org/"
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2575
Hello I have problem with Kamailio presence,i have configure my kamailio.cfg to handle dialog presence and facing issue in case of subs_db_mode = 2 in case of mode 2 facing following presence issue.
1) after hangup presence is still up
2) sometimes stuck in ringing state
3) sometime presence not came..etc
but in case of subs_db_mode = 3 (DB ONLY) mode presence working fine not facing any issue with this mode.
I noticed that sometimes Kamailio will throw following message during PUBLISH processesing and it will not generate appropriate NOTIFY i also verify in active watcher subscription is thare for that user and also proper entry in dialog table.
MSG during PUBLISH processesing and it will not generate appropriate NOTIFY
Oct 30 07:42:10 NC-HOSTED-1 /usr/local/sbin/kamailio[2409]: DEBUG: presence [notify.c:1444]: publ_notify(): Could not find subs_dialog
kamailio.cfg param
modparam("pua", "db_url", DBURL_KAMAILIO)
modparam("pua", "db_mode", 2)
modparam("pua", "update_period", 100)
modparam("pua", "dlginfo_increase_version", 1)
modparam("pua", "default_expires", 3600)
modparam("pua", "fetch_rows", 1000)
modparam("pua", "outbound_proxy", SERVER_IP)
modparam("dialog", "db_url", DBURL_KAMAILIO )
modparam("dialog", "db_mode", 1)
modparam("dialog", "db_update_period", 260)
modparam("dialog", "db_fetch_rows", 500)
modparam("pua_dialoginfo", "include_callid", 1)
modparam("pua_dialoginfo", "send_publish_flag", 8)
modparam("pua_dialoginfo", "caller_confirmed", 0)
modparam("pua_dialoginfo", "include_tags", 1)
modparam("pua_dialoginfo", "use_pubruri_avps", 1)
modparam("pua_dialoginfo", "include_localremote", 1)
modparam("pua_dialoginfo", "override_lifetime", 300)
modparam("pua_dialoginfo", "pubruri_caller_avp", "$avp(s:puburis_caller)")
modparam("pua_dialoginfo", "pubruri_caller_dlg_var", "pubruri_caller")
modparam("pua_dialoginfo", "pubruri_callee_dlg_var", "pubruri_callee")
modparam("pua_dialoginfo", "pubruri_callee_avp", "$avp(s:puburis_callee)")
modparam("presence_dialoginfo", "force_single_dialog", 1)
modparam("presence", "db_table_lock_type", 0)
modparam("presence", "db_url", DBURL_KAMAILIO)
modparam("presence", "db_update_period", 5)
modparam("presence", "send_fast_notify", 1)
modparam("presence", "clean_period", 100)
modparam("presence", "subs_db_mode", 2)
//modparam("presence", "subs_db_mode", 3)
modparam("presence", "timeout_rm_subs", 1) //new/
//modparam("presence", "notifier_processes", 2) //new//
modparam("presence", "notifier_poll_rate", 20) //new//
modparam("presence", "waitn_time",1)
modparam("presence", "fetch_rows", 1000)
modparam("presence", "presentity_table", "presentity")
modparam("presence", "active_watchers_table", "active_watchers")
modparam("presence", "watchers_table", "watchers")
modparam("presence", "max_expires", 3600)
modparam("presence_xml", "db_url", DBURL_KAMAILIO)
modparam("presence_xml", "force_active", 1)
logic for presence
request_route {
if(is_method("PUBLISH") || is_method("SUBSCRIBE")) {
route(HANDLE_PRESENCE);
}
}
route[HANDLE_PRESENCE] {
if (! t_newtran())
{
sl_reply_error();
exit;
}
if(is_method("PUBLISH"))
{
handle_publish();
t_release();
} else if( is_method("SUBSCRIBE")) {
handle_subscribe();
t_release();
}
exit;
}
route[RELAY] {
if(is_method("INVITE|BYE|UPDATE|CANCEL|ACK")) {
$avp(t_ext) = $tU ;
$avp(domain) = $fd ;
$avp(et) = $_s(sip:$avp(t_ext)@$avp(domain)) ;
$avp(s:puburis_callee) = $avp(et);
setflag(8);
dlg_manage();
}
}
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2540
### Description
Apparently the remapping of 503 to 500 codes in the tm module does also change the to-tag. This behaviour breaks dialogs with yate and therefore calls hang and the 503 remains unacknowledged.
Removing to-tags seems to contradict RFC3261
"12 Dialogs
A dialog is identified at each UA with a dialog ID, which consists of a Call-ID value, a local tag **and a remote tag**…"
Due to the bug the UA cannot identify the dialog the 500 belongs to. Therefore the dialog remains open and Kamailio keeps repeating 500 messages.
### Troubleshooting
After disabling the 503 to 500 remapping with modparam("tm", "remap_503_500", 0) dialogs get properly terminated .
#### Reproduction
503 to 500 remapping is enabled by default. Inspect the to tags of the incoming 503 and outgoing 500 messages.
#### Debugging Data
Henning added this comment:
Apparently, this is the way the code works:
t_reply.c:
if (relayed_code==503 && tm_remap_503_500){
/* replace a final 503 with a 500:
* generate a "FAKE" reply and a new to_tag (for easier
* debugging)*/
### Possible Solutions
Dont change the to-tag
### Additional Information
kamailio -v
version: kamailio 5.2.3 (x86_64/linux) c36229
flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144 MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: c36229
compiled on 10:34:54 Jun 13 2019 with gcc 4.8.5
* **Operating System**:
CentOS Linux release 7.6.1810 (Core)
3.10.0-957.12.2.el7.x86_64
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2405
<!--
Kamailio Project uses GitHub Issues only for bugs in the code or feature requests. Please use this template only for feature requests.
If you have questions about using Kamailio or related to its configuration file, ask on sr-users mailing list:
* http://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
If you have questions about developing extensions to Kamailio or its existing C code, ask on sr-dev mailing list:
* http://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev
Please try to fill this template as much as possible for any issue. It helps the developers to troubleshoot the issue.
If you submit a feature request (or enhancement) add the description of what you would like to be added.
If there is no content to be filled in a section, the entire section can be removed.
You can delete the comments from the template sections when filling.
You can delete next line and everything above before submitting (it is a comment).
-->
### Description
Am using Kamailio 5.1.9 version, In my tls.cfg i have one client and server profile,
along with default client and server profile.
I have crl enabled for the non default client and server profile , the crl file size is 4 MB in my case.
I have 22 child tcp process.
With this what i observe is load_crl is taking close to 90 seconds to finish its execution and return.
### Expected behavior
load_Crl function should not take 90 seconds to complete its execution.
probably it should take in the range of 10-15 seconds to complete its execution or even lesser.
#### Actual observed behavior
load_Crl function is taking 90 seconds to complete its execution.
#### Debugging Data
It is very clear from the code, its because of this for loop.
time taken to complete load_Crl execution is 90 seconds
procs_no=get_max_procs();
for(i = 0; i < procs_no; i++) {
if (SSL_CTX_load_verify_locations(d->ctx[i], d->crl_file.s, 0) != 1) {
ERR("%s: Unable to load certificate revocation list '%s'\n",
tls_domain_str(d), d->crl_file.s);
TLS_ERR("load_crl:");
return -1;
}
store = SSL_CTX_get_cert_store(d->ctx[i]);
X509_STORE_set_flags(store,
X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
}
Is there a way this can be enhanced or as per the current kamailio design this is a must to do for each and every profile and its ssl context array list for each process and for every profile.
The same logic is seen in other load functions as well, for example load_cert,
load_ca_list,
load_crl,
set_cipher_list,
set_verification,
set_ssl_options,
set_session_cache,
ksr_tls_fix_domain,
#### Log Messages
<!--
Check the syslog file and if there are relevant log messages printed by Kamailio, add them next, or attach to issue, or provide a link to download them (e.g., to a pastebin site).
-->
```
(paste your log messages here)
```
#### SIP Traffic
<!--
If the issue is exposed by processing specific SIP messages, grab them with ngrep or save in a pcap file, then add them next, or attach to issue, or provide a link to download them (e.g., to a pastebin site).
-->
```
(paste your sip traffic here)
```
### Possible Solutions
Reply from Henning Westerholt on posting this problem to Users Mailing list
"But the code could be probably also improved, maybe it is possible to parallelize it. You can open a feature request about it,"
### Additional Information
Kamailio 5.1.9 version
* **Operating System**:
<!--
Details about the operating system, the type: Linux (e.g.,: Debian 8.4, Ubuntu 16.04, CentOS 7.1, ...), MacOS, xBSD, Solaris, ...;
Kernel details (output of `uname -a`)
-->
```
Linux Kernel version : 3.10.0-693.el7.x86_64
Centos version : CentOS Linux release 7.4.1708 (Core)
CPU : 2 cores with model name : Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
[root@miv5000 ~]# cat /proc/meminfo
MemTotal: 3882076 kB
MemFree: 811244 kB
MemAvailable: 2320356 kB
Openssl verison : OpenSSL 1.0.2k-fips 26 Jan 2017
```
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2312