sr-dev

sr-dev@lists.kamailio.org

13 participants
44210 discussions

[kamailio/kamailio] Outdated OpenSIPS Sources in Kamailio Project Lack Security Fixes (CVE-2023-28098) (Issue #3911)

by Garnik Khroyan

### Description The master branch of the Kamailio project contains unpatched sources from OpenSIPS, in which [CVE-2023-28098](https://github.com/OpenSIPS/opensips/security/advisories/GH… was reported. The function `parse_param_name()` from `kamailio/src/core/parser/digest/param_parser.c` does not include security patches and updates available in newer versions of OpenSIPS. The fix for CVE can be found in this commit: [OpenSIPS Commit dd9141b6](https://github.com/OpenSIPS/opensips/commit/dd9141b6f67d7df4072f3… ### Possible Solutions I strongly recommend updating the sources from OpenSIPS to the latest version available. ### Report Origin The bug is detected by a tool developed at [CAST](https://castech.am/). -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3911 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3911(a)github.com>

6 months

[kamailio/kamailio] lib/ims: added cscf_get_host_from_requri (PR #3912)

by Dragos Vingarzan

#### Pre-Submission Checklist    - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist:  - [ ] PR should be backported to stable branches - [x] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number) #### Description  On Mobile-Terminating, if the P-Called-Party-ID header is missing, getting the host (should also be an IP) from the Request-URI can help the P-CSCF when doing AAR for QoS. You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3912 -- Commit Summary -- * lib/ims: added cscf_get_host_from_requri -- File Changes -- M src/lib/ims/ims_getters.c (15) M src/lib/ims/ims_getters.h (6) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3912.patch https://github.com/kamailio/kamailio/pull/3912.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3912 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3912(a)github.com>

6 months

git:master:70fd2717: lib/ims: added cscf_get_host_from_requri

by Dragos Vingarzan

Module: kamailio Branch: master Commit: 70fd27174952fe6a67f01fca4fdc941b9fdc045a URL: https://github.com/kamailio/kamailio/commit/70fd27174952fe6a67f01fca4fdc941… Author: Dragos Vingarzan <vingarzan(a)gmail.com> Committer: Dragos Vingarzan <vingarzan(a)gmail.com> Date: 2024-07-12T13:27:21+02:00 lib/ims: added cscf_get_host_from_requri --- Modified: src/lib/ims/ims_getters.c Modified: src/lib/ims/ims_getters.h --- Diff: https://github.com/kamailio/kamailio/commit/70fd27174952fe6a67f01fca4fdc941… Patch: https://github.com/kamailio/kamailio/commit/70fd27174952fe6a67f01fca4fdc941… --- diff --git a/src/lib/ims/ims_getters.c b/src/lib/ims/ims_getters.c index cf2f618d0de..35dbdca405f 100644 --- a/src/lib/ims/ims_getters.c +++ b/src/lib/ims/ims_getters.c @@ -539,6 +539,21 @@ str cscf_get_contact_from_requri(struct sip_msg *msg) return pu; } +/** + * Get the host from the Request URI of the message. + * Useful for example on MT, to get the destination from the Request URI, if P-Called-Party-ID is not present. + */ +str cscf_get_host_from_requri(struct sip_msg *msg) +{ + if(msg->first_line.type != SIP_REQUEST || parse_sip_msg_uri(msg) < 0 + || msg->parsed_uri.type == TEL_URI_T) { + str empty = {0}; + return empty; + } + return msg->parsed_uri.host; +} + + /** * Finds if the message contains the orig parameter in the first Route header * @param msg - the SIP message diff --git a/src/lib/ims/ims_getters.h b/src/lib/ims/ims_getters.h index 77a55a6695b..03ad4bef82b 100644 --- a/src/lib/ims/ims_getters.h +++ b/src/lib/ims/ims_getters.h @@ -206,6 +206,12 @@ str cscf_get_public_identity_from_requri(struct sip_msg *msg); */ str cscf_get_contact_from_requri(struct sip_msg *msg); +/** + * Get the host from the Request URI of the message. + * Useful for example on MT, to get the destination from the Request URI, if P-Called-Party-ID is not present. + */ +str cscf_get_host_from_requri(struct sip_msg *msg); + /** * Looks for the Call-ID header * @param msg - the sip message

6 months

git:master:fc8bee5b: pua: use long for time value diff operation

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: fc8bee5b87e95e43bda2635e65457b2025eab6f9 URL: https://github.com/kamailio/kamailio/commit/fc8bee5b87e95e43bda2635e65457b2… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2024-07-12T12:05:40+02:00 pua: use long for time value diff operation --- Modified: src/modules/pua/pua.c --- Diff: https://github.com/kamailio/kamailio/commit/fc8bee5b87e95e43bda2635e65457b2… Patch: https://github.com/kamailio/kamailio/commit/fc8bee5b87e95e43bda2635e65457b2… --- diff --git a/src/modules/pua/pua.c b/src/modules/pua/pua.c index e57183427f3..a53bfd83963 100644 --- a/src/modules/pua/pua.c +++ b/src/modules/pua/pua.c @@ -1121,9 +1121,10 @@ static ua_pres_t *build_uppubl_cbparam(ua_pres_t *p) publ.pres_uri = p->pres_uri; publ.content_type = p->content_type; publ.id = p->id; - publ.expires = (p->desired_expires == 0) - ? -1 - : p->desired_expires - (int)time(NULL); + publ.expires = + (int)((p->desired_expires == 0) + ? -1 + : ((long)p->desired_expires - (long)time(NULL))); publ.flag = UPDATE_TYPE; publ.source_flag = p->flag; publ.event = p->event;

6 months

git:master:c9714586: rls: remove unnecessary assignment

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: c97145862119e9001874cd07de9b20ad8e96ff54 URL: https://github.com/kamailio/kamailio/commit/c97145862119e9001874cd07de9b20a… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2024-07-12T11:49:10+02:00 rls: remove unnecessary assignment --- Modified: src/modules/rls/resource_notify.c --- Diff: https://github.com/kamailio/kamailio/commit/c97145862119e9001874cd07de9b20a… Patch: https://github.com/kamailio/kamailio/commit/c97145862119e9001874cd07de9b20a… --- diff --git a/src/modules/rls/resource_notify.c b/src/modules/rls/resource_notify.c index c0b308a76d2..8fd388e463c 100644 --- a/src/modules/rls/resource_notify.c +++ b/src/modules/rls/resource_notify.c @@ -179,8 +179,8 @@ static void send_notifies(db1_res_t *result, int did_col, int resource_uri_col, str bstr = {0, 0}; subs_t *dialog = NULL; int len_est = 0; - int resource_added = - 0; /* Flag to indicate that we have added at least one resource */ + /* Flag to indicate that we have added at least one resource */ + int resource_added = 0; /* generate the boundary string */ boundary_string = generate_string(BOUNDARY_STRING_LEN); @@ -245,7 +245,6 @@ static void send_notifies(db1_res_t *result, int did_col, int resource_uri_col, len_est += 2 * strlen(boundary_string) + 4 + 102 + 2 + 50 + strlen(resource_uri) + 20; buf_len = 0; - resource_added = 0; /* !!!! for now I will include the auth state without checking if * it has changed - > in future check if it works */

6 months

git:master:214eaaa5: rtpengine: check fd before closing

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 214eaaa5b7a0308fd7384a41e97b1204d71c93de URL: https://github.com/kamailio/kamailio/commit/214eaaa5b7a0308fd7384a41e97b120… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2024-07-12T09:45:53+02:00 rtpengine: check fd before closing --- Modified: src/modules/rtpengine/rtpengine.c --- Diff: https://github.com/kamailio/kamailio/commit/214eaaa5b7a0308fd7384a41e97b120… Patch: https://github.com/kamailio/kamailio/commit/214eaaa5b7a0308fd7384a41e97b120… --- diff --git a/src/modules/rtpengine/rtpengine.c b/src/modules/rtpengine/rtpengine.c index 7b97a2ae1ee..8a2f6a08e8f 100644 --- a/src/modules/rtpengine/rtpengine.c +++ b/src/modules/rtpengine/rtpengine.c @@ -3770,7 +3770,8 @@ static char *send_rtpp_command( return cp; badproxy: - close(fd); + if(fd >= 0) + close(fd); return NULL; }

6 months

git:master:1e1ad4e7: sdpops: proper detect CR or LF

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 1e1ad4e74822881bb4d9cc2e9bd0f53e845bb48b URL: https://github.com/kamailio/kamailio/commit/1e1ad4e74822881bb4d9cc2e9bd0f53… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2024-07-12T08:01:37+02:00 sdpops: proper detect CR or LF --- Modified: src/modules/sdpops/sdpops_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/1e1ad4e74822881bb4d9cc2e9bd0f53… Patch: https://github.com/kamailio/kamailio/commit/1e1ad4e74822881bb4d9cc2e9bd0f53… --- diff --git a/src/modules/sdpops/sdpops_mod.c b/src/modules/sdpops/sdpops_mod.c index f40062420a7..fb9abde6be5 100644 --- a/src/modules/sdpops/sdpops_mod.c +++ b/src/modules/sdpops/sdpops_mod.c @@ -2075,7 +2075,7 @@ int sdpops_attr_val(str *payload, str *attr, str *val) /* find EoL or EoData */ eline = sline; while(eline < payload->s + payload->len) { - if(*eline == '\r' || *eline == '\r') { + if(*eline == '\r' || *eline == '\n') { break; } eline++;

6 months

git:master:87e1a4a7: stun: check message len for response

by Daniel-Constantin Mierla

Module: kamailio Branch: master Commit: 87e1a4a7f5d565a59a362f22e9372697f2f2f2af URL: https://github.com/kamailio/kamailio/commit/87e1a4a7f5d565a59a362f22e937269… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2024-07-12T08:06:36+02:00 stun: check message len for response --- Modified: src/modules/stun/kam_stun.c --- Diff: https://github.com/kamailio/kamailio/commit/87e1a4a7f5d565a59a362f22e937269… Patch: https://github.com/kamailio/kamailio/commit/87e1a4a7f5d565a59a362f22e937269… --- diff --git a/src/modules/stun/kam_stun.c b/src/modules/stun/kam_stun.c index b3c1e7877d3..3ad42ff1636 100644 --- a/src/modules/stun/kam_stun.c +++ b/src/modules/stun/kam_stun.c @@ -512,6 +512,10 @@ static int stun_create_response(struct stun_msg *req, struct stun_msg *res, } } + if(res->msg.buf.len < sizeof(struct stun_hdr)) { + LM_ERR("invalid message\n"); + return FATAL_ERROR; + } res->hdr.len = htons(res->msg.buf.len - sizeof(struct stun_hdr)); memcpy(&res->msg.buf.s[sizeof(USHORT_T)], (void *)&res->hdr.len, sizeof(USHORT_T));

6 months

[kamailio/kamailio] ims_registrar_scscf: cannot build on Fedora 40 (Issue #3855)

by sergey-safarov

### Description "ims_registrar_scscf" cannot be compiled on Fedora 40 dist. ``` CC (gcc) [M ims_registrar_scscf.so] reply.o CC (gcc) [M ims_registrar_scscf.so] rerrno.o CC (gcc) [M ims_registrar_scscf.so] save.o CC (gcc) [M ims_registrar_scscf.so] server_assignment.o CC (gcc) [M ims_registrar_scscf.so] sip_msg.o CC (gcc) [M ims_registrar_scscf.so] stats.o CC (gcc) [M ims_registrar_scscf.so] userdata_parser.o userdata_parser.c: In function ‘ifc_tDefaultHandling2char’: userdata_parser.c:126:13: error: implicit declaration of function ‘strtol’; did you mean ‘strtok’? [-Wimplicit-function-declaration] 126 | r = strtol((char *)x, (char **)NULL, 10); | ^~~~~~ | strtok userdata_parser.c: In function ‘parse_spt_extension’: userdata_parser.c:411:32: error: implicit declaration of function ‘atoi’ [-Wimplicit-function-declaration] 411 | switch(atoi((char *)x)) { | ^~~~ make[2]: *** [../../Makefile.rules:100: userdata_parser.o] Error 1 make[1]: *** [Makefile:508: modules] Error 1 make[1]: Leaving directory '/root/rpmbuild/BUILD/kamailio-5.8.1/src' make: *** [Makefile:34: every-module] Error 2 error: Bad exit status from /var/tmp/rpm-tmp.tyeQgK (%build) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.tyeQgK (%build) ``` ### Additional Information * **Kamailio Version** - output of `kamailio -v` ``` used modified 5.8.1 version ``` * **Operating System**: ``` [root@sbc-stage-a0 SPECS]# cat /etc/os-release NAME="Fedora Linux" VERSION="40 (Container Image)" ID=fedora VERSION_ID=40 VERSION_CODENAME="" PLATFORM_ID="platform:f40" PRETTY_NAME="Fedora Linux 40 (Container Image)" ANSI_COLOR="0;38;2;60;110;180" LOGO=fedora-logo-icon CPE_NAME="cpe:/o:fedoraproject:fedora:40" DEFAULT_HOSTNAME="fedora" HOME_URL="https://fedoraproject.org/" DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora/f40/system-administrators-guide/" SUPPORT_URL="https://ask.fedoraproject.org/" BUG_REPORT_URL="https://bugzilla.redhat.com/" REDHAT_BUGZILLA_PRODUCT="Fedora" REDHAT_BUGZILLA_PRODUCT_VERSION=40 REDHAT_SUPPORT_PRODUCT="Fedora" REDHAT_SUPPORT_PRODUCT_VERSION=40 SUPPORT_END=2025-05-13 VARIANT="Container Image" VARIANT_ID=container ``` -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3855 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/issues/3855(a)github.com>

6 months

[kamailio/kamailio] extented haproxy protocol support (PR #3731)

by sergey-safarov

#### Pre-Submission Checklist - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated) #### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality) #### Checklist: - [ ] PR should be backported to stable branches - [x] Tested changes locally - [x] Related to issue #3667 #### Description Allow creating Record-Route and Via header using destination address and port in the haproxy protocol header. PR created behalf @ivanuschak You can view, comment on, or merge this pull request online at: https://github.com/kamailio/kamailio/pull/3731 -- Commit Summary -- * core: extented haproxy protocol parser * rr: extented haproxy protocol suppport * path: extented haproxy protocol suppport * websocket: extented haproxy protocol suppport * siptrace: extented haproxy protocol suppport -- File Changes -- M src/core/forward.h (4) M src/core/msg_translator.c (137) M src/core/parser/msg_parser.h (1) M src/core/receive.c (6) M src/core/receive.h (3) M src/core/tcp_conn.h (1) M src/core/tcp_main.c (22) M src/core/tcp_read.c (20) M src/modules/path/path.c (2) M src/modules/rr/loose.c (4) M src/modules/rr/record.c (6) M src/modules/siptrace/siptrace.c (89) M src/modules/websocket/ws_frame.c (9) M src/modules/websocket/ws_handshake.c (3) -- Patch Links -- https://github.com/kamailio/kamailio/pull/3731.patch https://github.com/kamailio/kamailio/pull/3731.diff -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3731 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3731(a)github.com>

6 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev