sr-dev January 2023

sr-dev@lists.kamailio.org

14 participants
276 discussions

Kamailio World 2023 - Call For Presentations

by Daniel-Constantin Mierla

Hello, I would like to announce that Call for Presentations at Kamailio World 2023 is now open. You can submit your proposal or see more details at: - https://www.kamailioworld.com/k2023/call-for-speakers/ The 11th edition of the conference returns to Berlin, Germany, during June 5-7, 2023, as an in-person event. Expect a large range of participants, developers and community members as well as representatives of other popular open source VoIP projects such as Asterisk or FreeSwitch. Looking forward to meeting many of you there! Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com

1 year, 3 months

git:master:840b4d9b: modules: readme files regenerated - tls ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: 840b4d9b1529ab8794af3472665ee110cfb3e07d URL: https://github.com/kamailio/kamailio/commit/840b4d9b1529ab8794af3472665ee11… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2023-01-23T15:31:34+01:00 modules: readme files regenerated - tls ... [skip ci] --- Modified: src/modules/tls/README --- Diff: https://github.com/kamailio/kamailio/commit/840b4d9b1529ab8794af3472665ee11… Patch: https://github.com/kamailio/kamailio/commit/840b4d9b1529ab8794af3472665ee11…

1 year, 3 months

git:master:72e4042b: tls: docs for lock_mode parameter

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 72e4042bf645650ea5275a9c46230fc131441cf3 URL: https://github.com/kamailio/kamailio/commit/72e4042bf645650ea5275a9c46230fc… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-01-23T14:55:22+01:00 tls: docs for lock_mode parameter --- Modified: src/modules/tls/doc/params.xml --- Diff: https://github.com/kamailio/kamailio/commit/72e4042bf645650ea5275a9c46230fc… Patch: https://github.com/kamailio/kamailio/commit/72e4042bf645650ea5275a9c46230fc… --- diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml index c1448fe761..d491a67cca 100644 --- a/src/modules/tls/doc/params.xml +++ b/src/modules/tls/doc/params.xml @@ -1032,6 +1032,27 @@ modparam("tls", "renegotiation", 1) </example> </section> + <section id="tls.p.lock_mode"> + <title><varname>lock_mode</varname> (int)</title> + <para> + If set to 1, the memory management operations registered for TLS are + wapped within a pthread mutex lock. It can be useful with newer versions + of libssl and libcrypto, which have a more pthread multi-threading oriented + design. + </para> + <para> + Default value is 0. + </para> + <example> + <title>Set <varname>lock_mode</varname> parameter</title> + <programlisting> +... +modparam("tls", "lock_mode", 1) +... + </programlisting> + </example> + </section> + <section id="tls.p.config"> <title><varname>config</varname> (string)</title> <para>

1 year, 3 months

git:master:c8182116: tls: option to wrap memory management operations within pthread lock

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: c8182116870fb706a750c6c4277df968aa78349d URL: https://github.com/kamailio/kamailio/commit/c8182116870fb706a750c6c4277df96… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-01-23T14:55:22+01:00 tls: option to wrap memory management operations within pthread lock --- Modified: src/modules/tls/Makefile Modified: src/modules/tls/tls_init.c Modified: src/modules/tls/tls_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/c8182116870fb706a750c6c4277df96… Patch: https://github.com/kamailio/kamailio/commit/c8182116870fb706a750c6c4277df96…

1 year, 3 months

git:master:4f296b40: modules: readme files regenerated - exec ... [skip ci]

by Kamailio Dev

Module: kamailio Branch: master Commit: 4f296b4058b75ef27b16a9f8fc2bf3ec2d8e896c URL: https://github.com/kamailio/kamailio/commit/4f296b4058b75ef27b16a9f8fc2bf3e… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2023-01-23T14:31:57+01:00 modules: readme files regenerated - exec ... [skip ci] --- Modified: src/modules/exec/README --- Diff: https://github.com/kamailio/kamailio/commit/4f296b4058b75ef27b16a9f8fc2bf3e… Patch: https://github.com/kamailio/kamailio/commit/4f296b4058b75ef27b16a9f8fc2bf3e… --- diff --git a/src/modules/exec/README b/src/modules/exec/README index c16c8c54c7..4f1a3892b8 100644 --- a/src/modules/exec/README +++ b/src/modules/exec/README @@ -97,6 +97,20 @@ Chapter 1. Admin Guide $$SIP_OUSER) in the parameters given to exec functions. Otherwise they will be evaluated as Kamailio pseudo-variables, throwing errors. + WARNING: if the exec functions are passed variables that might include + malicious input, then remote attackers may abuse the exec functions to + execute arbitrary code. Specifically, this may result in OS command + injection. In such cases, input validation is required to prevent the + vulnerability. The following is an example of how input validation and + exec module functions may be used together to prevent exploitation: +... +if !($rU =~ "^[0-9]{1,15}$") { + xlog("Malformed R-URI username: '$rU'\n"); + exit; +} +exec_msg("echo TEST >> /tmp/$(rU).txt"); +... + 2. Dependencies 2.1. Kamailio Modules @@ -167,7 +181,7 @@ modparam("exec", "time_to_kill", 20) Example 1.3. exec_dset usage ... exec_dset("echo TEST > /tmp/test.txt"); -exec_dset("echo TEST > /tmp/$rU.txt"); +exec_dset("echo TEST > /tmp/$(rU).txt"); ... 4.2. exec_msg(command) @@ -191,7 +205,7 @@ exec_dset("echo TEST > /tmp/$rU.txt"); Example 1.4. exec_msg usage ... exec_msg("echo TEST > /tmp/test.txt"); -exec_msg("echo TEST > /tmp/$rU.txt"); +exec_msg("echo TEST > /tmp/$(rU).txt"); ... 4.3. exec_avp(command [, avplist]) @@ -235,7 +249,7 @@ exec_avp("echo TEST", "$avp(s:test)"); Example 1.6. exec_cmd usage ... exec_cmd("echo TEST > /tmp/test.txt"); -exec_cmd("echo TEST > /tmp/$rU.txt"); +exec_cmd("echo TEST > /tmp/$(rU).txt"); ... 5. Known Issues

1 year, 3 months

[kamailio/kamailio] Typos (PR #3335)

by Дилян Палаузов

You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3335 -- Commit Summary -- * replace SIGINFO64_WORKARROUND with SIGINFO64_WORKAROUND * utils/kamctl: typos * doc/tutorials: typos -- File Changes -- M doc/scripts/cdefs2doc/dump_cfg_defs.pl (2) M doc/scripts/cdefs2doc/dump_counters.pl (2) M doc/scripts/cdefs2doc/dump_rpcs.pl (2) M doc/scripts/cdefs2doc/dump_selects.pl (2) M doc/tutorials/cfg_list/Makefile (2) M doc/tutorials/counter_list/Makefile (2) M doc/tutorials/dns.txt (4) M doc/tutorials/locking.txt (12) M doc/tutorials/logging-api.txt (2) M doc/tutorials/modules_init.txt (2) M doc/tutorials/parse_headers.txt (2) M doc/tutorials/presence/cfg/full_ps.cfg (8) M doc/tutorials/presence/cfg/ps.cfg (12) M doc/tutorials/presence/draft_iptel_im_rules.xml (4) M doc/tutorials/presence/install.xml (2) M doc/tutorials/presence/intro.xml (2) M doc/tutorials/presence/trouble.xml (4) M doc/tutorials/presence/xcap.xml (6) M doc/tutorials/rpc/kamailio_rpc.txt (2) M doc/tutorials/rpc/kamailio_rpc.xml (10) M doc/tutorials/rpc_list/Makefile (2) M doc/tutorials/rpc_list/docbook/rpc_malloc_test.xml (2) M doc/tutorials/rpc_list/rpc_malloc_test.txt (2) M doc/tutorials/select_list/Makefile (2) M doc/tutorials/ser_radius/ser_radius.xml (2) M doc/tutorials/serdev/db_interface.xml (2) M doc/tutorials/serdev/hfname_parser.xml (4) M doc/tutorials/serdev/locking.xml (6) M doc/tutorials/serdev/modiface.xml (6) M doc/tutorials/serdev/msg_start.xml (2) M doc/tutorials/serdev/select_module.xml (6) M doc/tutorials/serdev/startup.xml (8) M doc/tutorials/serfaq/serfaq.xml (2) M doc/tutorials/serhowto/ser-howto.xml (8) M doc/tutorials/seruser/apps.xml (2) M doc/tutorials/seruser/intro.xml (4) M doc/tutorials/seruser/otherapps.xml (2) M doc/tutorials/sip/sip_introduction.xml (8) M doc/tutorials/tcp_tunning.txt (2) M doc/tutorials/timers.txt (2) M src/Makefile.defs (2) M src/core/io_wait.h (4) M utils/kamctl/dbtextdb/dbtextdb.py (14) M utils/kamctl/kamctl.base (2) M utils/kamctl/kamctlrc (2) M utils/kamctl/kamdbctl (6) M utils/kamctl/xhttp_pi/acc-mod (6) M utils/kamctl/xhttp_pi/alias_db-mod (2) M utils/kamctl/xhttp_pi/auth_db-mod (2) M utils/kamctl/xhttp_pi/avpops-mod (2) M utils/kamctl/xhttp_pi/carrierroute-mod (8) M utils/kamctl/xhttp_pi/cpl-mod (2) M utils/kamctl/xhttp_pi/dialog-mod (4) M utils/kamctl/xhttp_pi/dialplan-mod (2) M utils/kamctl/xhttp_pi/dispatcher-mod (2) M utils/kamctl/xhttp_pi/domain-mod (4) M utils/kamctl/xhttp_pi/domainpolicy-mod (2) M utils/kamctl/xhttp_pi/drouting-mod (8) M utils/kamctl/xhttp_pi/group-mod (4) M utils/kamctl/xhttp_pi/htable-mod (2) M utils/kamctl/xhttp_pi/imc-mod (4) M utils/kamctl/xhttp_pi/lcr-mod (6) M utils/kamctl/xhttp_pi/matrix-mod (2) M utils/kamctl/xhttp_pi/mohqueue-mod (4) M utils/kamctl/xhttp_pi/msilo-mod (2) M utils/kamctl/xhttp_pi/mtree-mod (4) M utils/kamctl/xhttp_pi/pdt-mod (2) M utils/kamctl/xhttp_pi/permissions-mod (4) M utils/kamctl/xhttp_pi/pi_framework-01 (6) M utils/kamctl/xhttp_pi/pi_framework.xml (148) M utils/kamctl/xhttp_pi/pipelimit-mod (2) M utils/kamctl/xhttp_pi/presence-mod (10) M utils/kamctl/xhttp_pi/purple-mod (2) M utils/kamctl/xhttp_pi/registrar-mod (2) M utils/kamctl/xhttp_pi/rls-mod (4) M utils/kamctl/xhttp_pi/rtpengine-mod (2) M utils/kamctl/xhttp_pi/rtpproxy-mod (2) M utils/kamctl/xhttp_pi/sca-mod (2) M utils/kamctl/xhttp_pi/secfilter-mod (2) M utils/kamctl/xhttp_pi/siptrace-mod (2) M utils/kamctl/xhttp_pi/speeddial-mod (2) M utils/kamctl/xhttp_pi/standard-mod (2) M utils/kamctl/xhttp_pi/topos-mod (4) M utils/kamctl/xhttp_pi/uac-mod (2) M utils/kamctl/xhttp_pi/uid_auth_db-mod (2) M utils/kamctl/xhttp_pi/uid_avp_db-mod (2) M utils/kamctl/xhttp_pi/uid_domain-mod (4) M utils/kamctl/xhttp_pi/uid_gflags-mod (2) M utils/kamctl/xhttp_pi/uid_uri_db-mod (4) M utils/kamctl/xhttp_pi/uri_db-mod (2) M utils/kamctl/xhttp_pi/userblocklist-mod (4) M utils/kamctl/xhttp_pi/usrloc-mod (4) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3335.patch https://github.com/kamailio/kamailio/pull/3335.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3335 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3335(a)github.com>

1 year, 3 months

git:master:3e6cf06c: doc/tutorials: typos

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 3e6cf06c775eac9b55029e1820519cf1b0322122 URL: https://github.com/kamailio/kamailio/commit/3e6cf06c775eac9b55029e1820519cf… Author: �� <git-dpa(a)aegee.org> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-01-23T14:20:29+01:00 doc/tutorials: typos --- Modified: doc/tutorials/dns.txt Modified: doc/tutorials/locking.txt Modified: doc/tutorials/logging-api.txt Modified: doc/tutorials/modules_init.txt Modified: doc/tutorials/parse_headers.txt Modified: doc/tutorials/presence/cfg/full_ps.cfg Modified: doc/tutorials/presence/cfg/ps.cfg Modified: doc/tutorials/presence/draft_iptel_im_rules.xml Modified: doc/tutorials/presence/install.xml Modified: doc/tutorials/presence/intro.xml Modified: doc/tutorials/presence/trouble.xml Modified: doc/tutorials/presence/xcap.xml Modified: doc/tutorials/rpc/kamailio_rpc.txt Modified: doc/tutorials/rpc/kamailio_rpc.xml Modified: doc/tutorials/rpc_list/docbook/rpc_malloc_test.xml Modified: doc/tutorials/rpc_list/rpc_malloc_test.txt Modified: doc/tutorials/ser_radius/ser_radius.xml Modified: doc/tutorials/serdev/db_interface.xml Modified: doc/tutorials/serdev/hfname_parser.xml Modified: doc/tutorials/serdev/locking.xml Modified: doc/tutorials/serdev/modiface.xml Modified: doc/tutorials/serdev/msg_start.xml Modified: doc/tutorials/serdev/select_module.xml Modified: doc/tutorials/serdev/startup.xml Modified: doc/tutorials/serfaq/serfaq.xml Modified: doc/tutorials/serhowto/ser-howto.xml Modified: doc/tutorials/seruser/apps.xml Modified: doc/tutorials/seruser/intro.xml Modified: doc/tutorials/seruser/otherapps.xml Modified: doc/tutorials/sip/sip_introduction.xml Modified: doc/tutorials/tcp_tunning.txt Modified: doc/tutorials/timers.txt --- Diff: https://github.com/kamailio/kamailio/commit/3e6cf06c775eac9b55029e1820519cf… Patch: https://github.com/kamailio/kamailio/commit/3e6cf06c775eac9b55029e1820519cf…

1 year, 3 months

git:master:f351f9d7: utils/kamctl: typos

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: f351f9d7fc5dbebe3a78a82bd69d1c19d8914ddc URL: https://github.com/kamailio/kamailio/commit/f351f9d7fc5dbebe3a78a82bd69d1c1… Author: �� <git-dpa(a)aegee.org> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-01-23T14:20:29+01:00 utils/kamctl: typos --- Modified: utils/kamctl/dbtextdb/dbtextdb.py Modified: utils/kamctl/kamctl.base Modified: utils/kamctl/kamctlrc Modified: utils/kamctl/kamdbctl Modified: utils/kamctl/xhttp_pi/acc-mod Modified: utils/kamctl/xhttp_pi/alias_db-mod Modified: utils/kamctl/xhttp_pi/auth_db-mod Modified: utils/kamctl/xhttp_pi/avpops-mod Modified: utils/kamctl/xhttp_pi/carrierroute-mod Modified: utils/kamctl/xhttp_pi/cpl-mod Modified: utils/kamctl/xhttp_pi/dialog-mod Modified: utils/kamctl/xhttp_pi/dialplan-mod Modified: utils/kamctl/xhttp_pi/dispatcher-mod Modified: utils/kamctl/xhttp_pi/domain-mod Modified: utils/kamctl/xhttp_pi/domainpolicy-mod Modified: utils/kamctl/xhttp_pi/drouting-mod Modified: utils/kamctl/xhttp_pi/group-mod Modified: utils/kamctl/xhttp_pi/htable-mod Modified: utils/kamctl/xhttp_pi/imc-mod Modified: utils/kamctl/xhttp_pi/lcr-mod Modified: utils/kamctl/xhttp_pi/matrix-mod Modified: utils/kamctl/xhttp_pi/mohqueue-mod Modified: utils/kamctl/xhttp_pi/msilo-mod Modified: utils/kamctl/xhttp_pi/mtree-mod Modified: utils/kamctl/xhttp_pi/pdt-mod Modified: utils/kamctl/xhttp_pi/permissions-mod Modified: utils/kamctl/xhttp_pi/pi_framework-01 Modified: utils/kamctl/xhttp_pi/pi_framework.xml Modified: utils/kamctl/xhttp_pi/pipelimit-mod Modified: utils/kamctl/xhttp_pi/presence-mod Modified: utils/kamctl/xhttp_pi/purple-mod Modified: utils/kamctl/xhttp_pi/registrar-mod Modified: utils/kamctl/xhttp_pi/rls-mod Modified: utils/kamctl/xhttp_pi/rtpengine-mod Modified: utils/kamctl/xhttp_pi/rtpproxy-mod Modified: utils/kamctl/xhttp_pi/sca-mod Modified: utils/kamctl/xhttp_pi/secfilter-mod Modified: utils/kamctl/xhttp_pi/siptrace-mod Modified: utils/kamctl/xhttp_pi/speeddial-mod Modified: utils/kamctl/xhttp_pi/standard-mod Modified: utils/kamctl/xhttp_pi/topos-mod Modified: utils/kamctl/xhttp_pi/uac-mod Modified: utils/kamctl/xhttp_pi/uid_auth_db-mod Modified: utils/kamctl/xhttp_pi/uid_avp_db-mod Modified: utils/kamctl/xhttp_pi/uid_domain-mod Modified: utils/kamctl/xhttp_pi/uid_gflags-mod Modified: utils/kamctl/xhttp_pi/uid_uri_db-mod Modified: utils/kamctl/xhttp_pi/uri_db-mod Modified: utils/kamctl/xhttp_pi/userblocklist-mod Modified: utils/kamctl/xhttp_pi/usrloc-mod --- Diff: https://github.com/kamailio/kamailio/commit/f351f9d7fc5dbebe3a78a82bd69d1c1… Patch: https://github.com/kamailio/kamailio/commit/f351f9d7fc5dbebe3a78a82bd69d1c1…

1 year, 3 months

git:master:4e802245: replace SIGINFO64_WORKARROUND with SIGINFO64_WORKAROUND

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 4e8022451dcf85c62401434f1f555ad6aac36eab URL: https://github.com/kamailio/kamailio/commit/4e8022451dcf85c62401434f1f555ad… Author: �� <git-dpa(a)aegee.org> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-01-23T14:20:29+01:00 replace SIGINFO64_WORKARROUND with SIGINFO64_WORKAROUND by calling sed -i "sMSIGINFO64_WORKARROUNDMSIGINFO64_WORKAROUNDM" `git grep -l SIGINFO64_WORKARROUND` --- Modified: doc/scripts/cdefs2doc/dump_cfg_defs.pl Modified: doc/scripts/cdefs2doc/dump_counters.pl Modified: doc/scripts/cdefs2doc/dump_rpcs.pl Modified: doc/scripts/cdefs2doc/dump_selects.pl Modified: doc/tutorials/cfg_list/Makefile Modified: doc/tutorials/counter_list/Makefile Modified: doc/tutorials/rpc_list/Makefile Modified: doc/tutorials/select_list/Makefile Modified: src/Makefile.defs Modified: src/core/io_wait.h --- Diff: https://github.com/kamailio/kamailio/commit/4e8022451dcf85c62401434f1f555ad… Patch: https://github.com/kamailio/kamailio/commit/4e8022451dcf85c62401434f1f555ad…

1 year, 3 months

git:master:f81f0e77: exec: docs - added security warning

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: f81f0e77c5ab67431af1f62f0e027379a3445951 URL: https://github.com/kamailio/kamailio/commit/f81f0e77c5ab67431af1f62f0e02737… Author: Sandro Gauci <sandro(a)enablesecurity.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2023-01-23T14:18:44+01:00 exec: docs - added security warning - Added warning about potential for OS Command Injection - Updated invalid examples previous example gives the following error: pv_parse_spec2(): error searching pvar "rU.txt" --- Modified: src/modules/exec/doc/exec_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/f81f0e77c5ab67431af1f62f0e02737… Patch: https://github.com/kamailio/kamailio/commit/f81f0e77c5ab67431af1f62f0e02737… --- diff --git a/src/modules/exec/doc/exec_admin.xml b/src/modules/exec/doc/exec_admin.xml index fd0d88f4f5..93ea78cd87 100644 --- a/src/modules/exec/doc/exec_admin.xml +++ b/src/modules/exec/doc/exec_admin.xml @@ -77,6 +77,23 @@ Otherwise they will be evaluated as &kamailio; pseudo-variables, throwing errors. </para> + <para> + WARNING: if the exec functions are passed variables that might include + malicious input, then remote attackers may abuse the exec functions to + execute arbitrary code. Specifically, this may result in OS command injection. + In such cases, input validation is required to prevent the vulnerability. + The following is an example of how input validation and exec module + functions may be used together to prevent exploitation: + </para> + <programlisting format="linespecific"> +... +if !($rU =~ "^[0-9]{1,15}$") { + xlog("Malformed R-URI username: '$rU'\n"); + exit; +} +exec_msg("echo TEST >> /tmp/$(rU).txt"); +... + </programlisting> </section> <section> @@ -186,7 +203,7 @@ modparam("exec", "time_to_kill", 20) <programlisting format="linespecific"> ... exec_dset("echo TEST > /tmp/test.txt"); -exec_dset("echo TEST > /tmp/$rU.txt"); +exec_dset("echo TEST > /tmp/$(rU).txt"); ... </programlisting> </example> @@ -225,7 +242,7 @@ exec_dset("echo TEST > /tmp/$rU.txt"); <programlisting format="linespecific"> ... exec_msg("echo TEST > /tmp/test.txt"); -exec_msg("echo TEST > /tmp/$rU.txt"); +exec_msg("echo TEST > /tmp/$(rU).txt"); ... </programlisting> </example> @@ -300,7 +317,7 @@ exec_avp("echo TEST", "$avp(s:test)"); <programlisting format="linespecific"> ... exec_cmd("echo TEST > /tmp/test.txt"); -exec_cmd("echo TEST > /tmp/$rU.txt"); +exec_cmd("echo TEST > /tmp/$(rU).txt"); ... </programlisting> </example> @@ -315,4 +332,3 @@ exec_cmd("echo TEST > /tmp/$rU.txt"); </para> </section> </chapter> -

1 year, 3 months

← Newer
1
...
14
15
16
17
18
19
20
...
28
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev January 2023