sr-dev

sr-dev@lists.kamailio.org

44307 discussions

by Klaus Feichtinger

Hello, Currently I have big troubles in the combination of PRESENCE / PRESENCE_XML (/ PUA / PUA_USRLOC) with POSTGRESQL database. During last days I've analyzed the output of Kamailio 3.0.2 and PostgreSQL (8.3) database, running on Debian Lenny OS. Following items were found: 1) The default settings of 4 PGSQL tables after initializing the database with "kamdbctl init" are not useful; the tables "PRESENTITY", "PUA", "ACC" and "MISSED_CALLS" have wrong settings for "Not NULL" characteristics of some columns. In detail following columns had to be adapted manually in the database: "acc" and "missed_calls" table : column "id" must allow "NULL" (remove "Not Null" setting) "presentity" table: the column "sender" must allow "NULL" (remove "Not Null" setting) "pua" table: the columns "extra_headers", "version", "remote_contact", "contact" and "desired_expires" must allow "NULL" (remove "Not Null" setting) E.g. 883:4451: 0(7123) ERROR: db_postgres [km_dbase.c:428]: driver error: PGRES_FATAL_ERROR, ERROR: null value in column "sender" violates not-null constraint 1008:5057: 1(7134) ERROR: db_postgres [km_dbase.c:428]: driver error: PGRES_FATAL_ERROR, ERROR: null value in column "extra_headers" violates not-null constraint 1025:5078: 1(7134) ERROR: db_postgres [km_dbase.c:428]: driver error: PGRES_FATAL_ERROR, ERROR: null value in column "version" violates not-null constraint I recommend adapting the script "utils/kamctl/postgres/presence-create.sql"! 2) I do not know if this has a direct influence on the problems I have with presence, but the column "sender" in the table "presentity" seems to be used only "half". When the pua_usrloc module is inserting an entry into the table it does NOT insert a value for the column "sender". However, when a query is sent for selecting information from this table, the column "sender" is explicitly requested...... e.g. INSERTION (no "sender" value is inserted): Jun 18 20:15:01 TestKam /usr/sbin/kamailio[3151]: DEBUG: db_postgres [km_dbase.c:149]: 0x826ba68 PQsendQuery(insert into presentity (domain,username,event,etag,expires,body,received_time ) values ('192.168.150.11','116333','presence','a.1276884785.3151.1.0',1276885262,'<?xml version="1.0"?>\\012<presence xmlns="urn:ietf:params:xml:ns:pidf" xmlns:dm="urn:ietf:params:xml:ns:pidf:data-model" xmlns:rpid="urn:ietf:params:xml:ns:pidf:rpid" xmlns:c="urn:ietf:params:xml:ns:pidf:cipid" entity="116333(a)192.168.150.11">\\012 <tuple id="0x828d7d8">\\012 <status>\\012 <basic>open</basic>\\012 </status>\\012 </tuple>\\012</presence>\\012',1276884901) <file:///%5C%5C012%3c%5Cpresence%3e%5C012%27,1276884901%29>) SELECTION (a "sender" value is explicitly queried): Jun 18 20:15:08 TestKam /usr/sbin/kamailio[3151]: DEBUG: db_postgres [km_dbase.c:149]: 0x826ba68 PQsendQuery(select body,sender from presentity where domain='192.168.150.11' AND username='116333' AND event='presence' AND etag='a.1276884785.3151.1.0') What does the column "sender" represent? In the presence description on the Kamailio homepage (version 1.5) this column still is not included. 3) The next problem I have is, that the PIDF-body, which is stored in the PGSQL database, seems to cause an error in the presence_xml module and therefore no body is attached to the NOTIFY message. The NOTIFY message contains a SIP header "Content-Type: application/pidf+xml", but no PIDF-body is sent in this message. As result of this SIP request the SIP user agent (= subscriber) is a little bit confused..... I think that problem in general has something to do with the "error" described in the new task from Friday June 18^th (http://lists.sip-router.org/pipermail/sr-dev/2010-June/007865.html). First I wondered, why this problem only occurred in case that a (subscribed) user agent de-registers from Kamailio registrar server. But I guess the NOTIFY message after registration of the user agent is created without dependency on a PGSQL query (= generated with information from memory). Another behaviour of the server was, that (after emptying all related tables) the first registration / de-registration flow didn't cause any error (both NOTIFY messages were readable and contained a PIDF-body); only beginning at the second flow the body could not be parsed. This was tested with SIPp sending register/de-register messages in a period of 3 seconds. The Kamailio error message looks like: Jun 18 13:08:16 TestKam /usr/sbin/kamailio[3167]: ERROR: presence_xml [notify_body.c:515]: while parsing xml body message Jun 18 13:08:16 TestKam /usr/sbin/kamailio[3167]: ERROR: presence_xml [notify_body.c:84]: while aggregating body 4) I don't know if the parser might be influenced by a WARNING that is generated by the postgresql daemon whenever an entry into the presentity table is done (including XML body). From Kamailio log output I saw that the special characters "#011" and "#012" are included in the XML body. I guess that is the octal notation of \t (horizontal tab) and \n (newline). However, postgresql generates an error message that looks like following: /WARNING: nonstandard use of \\ in a string literal at character 162/ HINT: Use the escape string syntax for backslashes, e.g., E'\\'. Maybe this has some influence on the parser problem, too. Because in this version of Postgresql the parameter "standard_conforming_strings" is implicitly on -- just for previous versions it could be set to off. That means, that any backslash symbol (\) is interpreted as standard character (no escape). Therefore the queried result of the database does no longer include \n and \t. As interim "solution" of this problem I changed to the MySQL database instead of PostgreSQL. The "Not NULL" violation is the same, but MySQL seems to ignore this violation. Also the XML body is stored in MySQL "as wished" -- that means: all special characters are stored and the queried body still contains it. The modules "pua" and "pua_usrloc" are used for testing purposes only, because the user agents send publish messages themselves. Therefore it is not necessary using this module. But for some regression tests I used a command line base user agent that does not support publish messages. But the problem is the same -- independent from the user agent and where the publish messages is generated. Additionally I have attached a ZIP file that contains traces of the SIP traffic to/from Kamailio and Kamailio internally (Publish) and two excerpts of Kamailio syslog. The syslog excerpts are from two register / de-register sequences, where the first sequence was okay and the second one generated the parsing error. I haven't found any essential difference that would clarify the different behaviour of Kamailio. Please give me some comments to these problems ;-) I know, PostgreSQL is only "second quality" for Kamailio, but it has some advantages against MySQL, too. Thanks in advance and regards, Klaus Feichtinger

14 years, 7 months

git:master: modules_k: dialog - update README with RPC functions

by Ovidiu Sas

Module: sip-router Branch: master Commit: 4ed0fcaf92979f6b8f88e4da6ad89c352f0594e1 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=4ed0fca… Author: Ovidiu Sas <osas(a)voipembedded.com> Committer: Ovidiu Sas <osas(a)voipembedded.com> Date: Sat Jul 3 00:38:22 2010 -0400 modules_k: dialog - update README with RPC functions --- modules_k/dialog/doc/dialog_admin.xml | 336 +++++++++++++++++++++++++-------- 1 files changed, 258 insertions(+), 78 deletions(-) Diff: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=4ed…

14 years, 7 months

git:master: modules_k: ratelimit - README file updated to reflect rl_drop() removal

by Ovidiu Sas

Module: sip-router Branch: master Commit: 9ef1e02ac525368577efeabfd650c8c102827e75 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=9ef1e02… Author: Ovidiu Sas <osas(a)voipembedded.com> Committer: Ovidiu Sas <osas(a)voipembedded.com> Date: Fri Jul 2 22:38:55 2010 -0400 modules_k: ratelimit - README file updated to reflect rl_drop() removal --- modules_k/ratelimit/doc/ratelimit_admin.xml | 122 +++------------------------ 1 files changed, 12 insertions(+), 110 deletions(-) diff --git a/modules_k/ratelimit/doc/ratelimit_admin.xml b/modules_k/ratelimit/doc/ratelimit_admin.xml index 438179e..718ebd0 100644 --- a/modules_k/ratelimit/doc/ratelimit_admin.xml +++ b/modules_k/ratelimit/doc/ratelimit_admin.xml @@ -43,7 +43,8 @@ ... if (is_method("INVITE|REGISTER|SUBSCRIBE") { if (!rl_check()) { - rl_drop(); + append_to_reply("Retry-After: 5\r\n"); + sl_send_reply("503","Limiting"); exit; }; }; @@ -264,67 +265,6 @@ modparam("ratelimit", "pipe", "4:NETWORK:10000") </programlisting> </example> </section> - <section> - <title><varname>reply_code</varname> (integer)</title> - <para> - The code of the reply sent by &kamailio; while limiting. - </para> - <para> - <emphasis> - Default value is 503. - </emphasis> - - </para> - <example> - <title>Set <varname>reply_code</varname> parameter</title> - <programlisting format="linespecific"> -... -modparam("ratelimit", "reply_code", 505) -... -</programlisting> - </example> - <para> - This value cant be modified at runtime using sercmd - </para> - <example> - <title> Set <varname>reply_code</varname> parameter at runtime </title> - <programlisting format="linespecific"> - -sercmd cfg.set_now_int ratelimit reply_code 505 - - </programlisting> - </example> - </section> - <section> - <title><varname>reply_reason</varname> (string)</title> - <para> - The reason of the reply sent by &kamailio; while limiting. - </para> - <para> - <emphasis> - Default value is "Server Unavailable". - </emphasis> - </para> - <example> - <title>Set <varname>reply_reason</varname> parameter</title> - <programlisting format="linespecific"> -... -modparam("ratelimit", "reply_reason", "Limiting") -... -</programlisting> - </example> - <para> - This value cant be modified at runtime using sercmd - </para> - <example> - <title> Set <varname>reply_reason</varname> parameter at runtime </title> - <programlisting format="linespecific"> - -sercmd cfg.set_now_string ratelimit reply_reason "Limiting" - - </programlisting> - </example> - </section> </section> <section> <title>Exported Functions</title> @@ -360,7 +300,8 @@ sercmd cfg.set_now_string ratelimit reply_reason "Limiting" ... # perform queue/pipe match for current method if (!rl_check()) { - rl_drop(); + append_to_reply("Retry-After: 5\r\n"); + sl_send_reply("503","Limiting"); exit; }; ... @@ -368,7 +309,8 @@ sercmd cfg.set_now_string ratelimit reply_reason "Limiting" # set int pvar to 1 $var(p) = 1; if (!rl_check("$var(p)")) { - rl_drop(); + append_to_reply("Retry-After: 5\r\n"); + sl_send_reply("503","Limiting"); exit; }; ... @@ -376,7 +318,8 @@ sercmd cfg.set_now_string ratelimit reply_reason "Limiting" # set str pvar to 1 $var(p) = "1"; if (!rl_check("$var(p)") { - rl_drop(); + append_to_reply("Retry-After: 5\r\n"); + sl_send_reply("503","Limiting"); exit; }; ... @@ -412,62 +355,21 @@ sercmd cfg.set_now_string ratelimit reply_reason "Limiting" ... # perform queue/pipe match for current method if (!rl_check_pipe()) { - rl_drop(); + append_to_reply("Retry-After: 5\r\n"); + sl_send_reply("503","Limiting"); exit; }; ... # use pipe no 1 for the current method if (!rl_check_pipe("1") { - rl_drop(); + append_to_reply("Retry-After: 5\r\n"); + sl_send_reply("503","Limiting"); exit; }; ... </programlisting> </example> </section> - <section> - <title> - <function moreinfo="none">rl_drop([[min ], max])</function> - </title> - <para> - For the current request, a "503 - Server Unavailable" reply is sent back. - The reply may or may not have a "Retry-After" header. If no parameter is given, - there will be no "Retry-After" header. If only the - <emphasis>max</emphasis> parameter is given, the - reply will contain a "Retry-After: <emphasis>max</emphasis>" header. If both - <emphasis>min</emphasis> and <emphasis>max</emphasis> params are given, the - reply will contain a "Retry-After: <emphasis>random</emphasis>" header with - <emphasis>random</emphasis> being a random value between the given min and max. - </para> - <para>Meaning of the parameters is as follows:</para> - <itemizedlist> - <listitem><para> - <emphasis>min</emphasis> - the minimum value of "Retry-After" header. - </para> - </listitem> - <listitem> - <para> - <emphasis>max</emphasis> - the maximum value of "Retry-After" header. - </para> - </listitem> - </itemizedlist> - <para> - This function can be used from REQUEST_ROUTE. - </para> - <example> - <title><function>rl_drop</function> usage</title> - <programlisting format="linespecific"> -... - if (!rl_check()) { - # send back a "503 - Server Unavailable" - # with a "Retry-After: 5" - rl_drop("5"); - exit; - }; -... -</programlisting> - </example> - </section> </section> <section>

14 years, 7 months

git:master: modules_k: ratelimit - rl_check(): strict pipe boundary checking

by Ovidiu Sas

Module: sip-router Branch: master Commit: 721354929365b57a1e0337dccde9d58ce8d03945 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=7213549… Author: Ovidiu Sas <osas(a)voipembedded.com> Committer: Ovidiu Sas <osas(a)voipembedded.com> Date: Fri Jul 2 19:11:40 2010 -0400 modules_k: ratelimit - rl_check(): strict pipe boundary checking --- modules_k/ratelimit/ratelimit.c | 16 ++++++++-------- 1 files changed, 8 insertions(+), 8 deletions(-) diff --git a/modules_k/ratelimit/ratelimit.c b/modules_k/ratelimit/ratelimit.c index b949c68..628a486 100644 --- a/modules_k/ratelimit/ratelimit.c +++ b/modules_k/ratelimit/ratelimit.c @@ -758,11 +758,16 @@ static int rl_check(struct sip_msg * msg, int forced_pipe) int que_id, pipe_id, ret; str method = msg->first_line.u.request.method; + if (forced_pipe >=0 && (forced_pipe>=MAX_PIPES || *pipes[forced_pipe].algo==PIPE_ALGO_NOP)) { + LM_ERR("forced pipe %d out of range or not defined", forced_pipe); + return -1; + } + LOCK_GET(rl_lock); if (forced_pipe < 0) { if (find_queue(msg, &que_id)) { pipe_id = que_id = 0; - ret = 1; + ret = -1; goto out_release; } pipe_id = *queues[que_id].pipe; @@ -817,13 +822,8 @@ static int w_rl_check_forced_pipe(struct sip_msg* msg, char *p1, char *p2) { int pipe; - if (p1) { - pipe = (int)(unsigned int)(unsigned long)p1; - LM_DBG("trying pipe %d\n", pipe); - } else { - pipe = -1; - } - + pipe = (int)(unsigned int)(unsigned long)p1; + LM_DBG("trying pipe %d\n", pipe); return rl_check(msg, pipe); }

14 years, 7 months

git:master: modules_k: ratelimit - removing MI interface from README doc file

by Ovidiu Sas

Module: sip-router Branch: master Commit: 60c69abf1faeede5ce224b861b8f0eca9a8a452a URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=60c69ab… Author: Ovidiu Sas <osas(a)voipembedded.com> Committer: Ovidiu Sas <osas(a)voipembedded.com> Date: Fri Jul 2 17:41:05 2010 -0400 modules_k: ratelimit - removing MI interface from README doc file --- modules_k/ratelimit/doc/ratelimit_admin.xml | 237 --------------------------- 1 files changed, 0 insertions(+), 237 deletions(-) diff --git a/modules_k/ratelimit/doc/ratelimit_admin.xml b/modules_k/ratelimit/doc/ratelimit_admin.xml index 7431b87..438179e 100644 --- a/modules_k/ratelimit/doc/ratelimit_admin.xml +++ b/modules_k/ratelimit/doc/ratelimit_admin.xml @@ -471,243 +471,6 @@ sercmd cfg.set_now_string ratelimit reply_reason "Limiting" </section> <section> - <title>Exported MI Functions</title> - <section> - <title> - <function moreinfo="none">rl_stats</function> - </title> - <para> - Lists the parameters and variabiles in the ratelimit module. - </para> - <para> - Name: <emphasis>rl_stats</emphasis> - </para> - <para>Parameters: <emphasis>none</emphasis></para> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_stats:_reply_fifo_file_ - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_set_pipe</function> - </title> - <para> - Sets the pipe parameters for the given pipe id. - </para> - <para> - Name: <emphasis>rl_set_pipe</emphasis> - </para> - <para>Parameters:</para> - <itemizedlist> - <listitem><para> - <emphasis>pipe_id</emphasis> - pipe id. - </para></listitem> - <listitem><para> - <emphasis>pipe_algorithm</emphasis> - the - algorithm assigned to the given pipe id. - </para></listitem> - <listitem><para> - <emphasis>pipe_limit</emphasis> - the limit - assigned to the given pipe id. - </para></listitem> - </itemizedlist> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_set_pipe:_reply_fifo_file_ - 2 - RED - 10 - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_get_pipes</function> - </title> - <para> - Gets the list of in use pipes. - </para> - <para> - Name: <emphasis>rl_get_pipes</emphasis> - </para> - <para>Parameters: <emphasis>none</emphasis></para> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_get_pipes:_reply_fifo_file_ - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_set_queue</function> - </title> - <para> - Sets the queue parameters for the given queue id. - </para> - <para> - Name: <emphasis>rl_set_queue</emphasis> - </para> - <para>Parameters:</para> - <itemizedlist> - <listitem><para> - <emphasis>queue_id</emphasis> - queue id. - </para></listitem> - <listitem><para> - <emphasis>queue_method</emphasis> - the method - assigned to the given queue id. - </para></listitem> - <listitem><para> - <emphasis>pipe_id</emphasis> - the pipe id - assigned to the given queue id. - </para></listitem> - </itemizedlist> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_set_queue:_reply_fifo_file_ - 3 - INVITE - 2 - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_get_queues</function> - </title> - <para> - Gets the list of in use queues. - </para> - <para> - Name: <emphasis>rl_get_queues</emphasis> - </para> - <para>Parameters: <emphasis>none</emphasis></para> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_get_queues:_reply_fifo_file_ - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_set_pid</function> - </title> - <para> - Sets the PID Controller parameters for the Feedback Algorithm. - </para> - <para> - Name: <emphasis>rl_set_pid</emphasis> - </para> - <para>Parameters:</para> - <itemizedlist> - <listitem><para> - <emphasis>ki</emphasis> - the integral parameter. - </para></listitem> - <listitem><para> - <emphasis>kp</emphasis> - the proportional parameter. - </para></listitem> - <listitem><para> - <emphasis>kd</emphasis> - the derivative parameter. - </para></listitem> - </itemizedlist> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_set_pid:_reply_fifo_file_ - 0.5 - 0.5 - 0.5 - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_get_pid</function> - </title> - <para> - Gets the list of in use PID Controller parameters. - </para> - <para> - Name: <emphasis>rl_get_pid</emphasis> - </para> - <para>Parameters: <emphasis>none</emphasis></para> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_get_pid:_reply_fifo_file_ - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_push_load</function> - </title> - <para> - Force the value of the load parameter. This methos is usefull - for testing the Feedback algorithm. - </para> - <para> - Name: <emphasis>rl_push_load</emphasis> - </para> - <para>Parameters:</para> - <itemizedlist> - <listitem><para> - <emphasis>load</emphasis> - the forced value of load - (it must be greater then 0.0 and smaller then 1.0). - </para></listitem> - </itemizedlist> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_push_load:_reply_fifo_file_ - 0.85 - _empty_line_ - </programlisting> - </section> - <section> - <title> - <function moreinfo="none">rl_set_dbg</function> - </title> - <para> - This MI function will enable/disable a WARNING debug log exposing the - internal counters for each pipe (useful in monitoring the ratelimit internals). - </para> - <para> - Name: <emphasis>rl_set_dbg</emphasis> - </para> - <para>Parameters:</para> - <itemizedlist> - <listitem><para> - <emphasis>dbg</emphasis> - the debug value (0 means disable and - 1 means enable). - </para></listitem> - </itemizedlist> - <para> - MI FIFO Command Format: - </para> - <programlisting format="linespecific"> - :rl_set_dbg:_reply_fifo_file_ - 1 - _empty_line_ - </programlisting> - </section> - </section> - - <section> <title>Exported RPC Functions</title> <section> <title>

14 years, 7 months

k/auth_radius module based on s/auth module

by Juha Heinanen

> My guess is that it would be easy. The differences are mainly in > exported callbacks and some missing or extra script functions. > k version has the *challenge() functions (which were removed from ser, > but could be re-added easily) and some pv stuff. andrei, i tried to add k compatible www_challenge/proxy_challenge functions to modules_s/auth and it is not easy (at least for me). i created function static inline int build_hf(struct sip_msg* msg, int stale, str* realm, str* nonce, str* algorithm, int hftype, str* hf) that just builds the hf str and then using it, it is easy to implement current build_challenge_hf function: int build_challenge_hf(struct sip_msg* msg, int stale, str* realm, str* nonce, str* algorithm, int hftype) { str hf; avp_value_t val; if (build_hf(msg, stale, realm, nonce, algorithm, hftype, &hf)) { val.s = hf; if (add_avp(challenge_avpid.flags | AVP_VAL_STR, challenge_avpid.name, val) < 0) { ERR("auth: Error while creating attribute\n"); pkg_free(hf.s); return -1; } pkg_free(hf.s); return 0; } else { return -1; } } but when i tried to implement k *_challenge functions using it, i was not able to figure out how to create nonce parameter. also, qop is module param in s auth. -- juha

14 years, 7 months

git:master: modules_k/auth_radius: fixed header name in README

by Juha Heinanen

Module: sip-router Branch: master Commit: c3a511688537893b31907b6d6d0c12603404d146 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=c3a5116… Author: Juha Heinanen <jh(a)tutpro.com> Committer: Juha Heinanen <jh(a)tutpro.com> Date: Fri Jul 2 19:42:18 2010 +0300 modules_k/auth_radius: fixed header name in README --- modules_k/auth_radius/README | 10 +++++----- modules_k/auth_radius/doc/auth_radius.xml | 2 +- modules_k/auth_radius/doc/auth_radius_admin.xml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/modules_k/auth_radius/README b/modules_k/auth_radius/README index 4bf7334..6431c80 100644 --- a/modules_k/auth_radius/README +++ b/modules_k/auth_radius/README @@ -26,7 +26,7 @@ Jan Janak Copyright © 2005 voice-system.ro - Copyright © 2008 Juha Heinanen + Copyright © 2008-2010 Juha Heinanen Revision History Revision $Revision$ $Date$ __________________________________________________________________ @@ -272,10 +272,10 @@ modparam("auth_radius", "use_ruri_flag", 22) used by some other functions). If the function was unable to verify the credentials for some reason, - it fails and assigns a WWW-Authorize header containing a new challenge - to digest_challenge AVP. The script should then respond with 407 that - includes this header, which will challenge the user again. For more - about the negative return codes, see the above function. + it fails and assigns a Proxy-Authorize header containing a new + challenge to digest_challenge AVP. The script should then respond with + 407 that includes this header, which will challenge the user again. For + more about the negative return codes, see the above function. This function will, in fact, perform sanity checks over the received credentials and then pass them along to the radius server which will diff --git a/modules_k/auth_radius/doc/auth_radius.xml b/modules_k/auth_radius/doc/auth_radius.xml index b218e91..13886d7 100644 --- a/modules_k/auth_radius/doc/auth_radius.xml +++ b/modules_k/auth_radius/doc/auth_radius.xml @@ -49,7 +49,7 @@ <holder>&voicesystem;</holder> </copyright> <copyright> - <year>2008</year> + <year>2008-2010</year> <holder>Juha Heinanen</holder> </copyright> <para></para> diff --git a/modules_k/auth_radius/doc/auth_radius_admin.xml b/modules_k/auth_radius/doc/auth_radius_admin.xml index 466f72c..0411555 100644 --- a/modules_k/auth_radius/doc/auth_radius_admin.xml +++ b/modules_k/auth_radius/doc/auth_radius_admin.xml @@ -294,7 +294,7 @@ modparam("auth_radius", "use_ruri_flag", 22) </para> <para>If the function was unable to verify the credentials for some reason, it fails and - assigns a WWW-Authorize header containing a new + assigns a Proxy-Authorize header containing a new challenge to digest_challenge AVP. The script should then respond with 407 that includes this header, which will challenge the user again.

14 years, 7 months

git:master: tm: TMCB_RESPONSE_READY executes by its own

by Daniel-Constantin Mierla

Module: sip-router Branch: master Commit: f1c35c13252d3160334e9b3f56094404f06009ba URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=f1c35c1… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: Fri Jul 2 18:21:10 2010 +0200 tm: TMCB_RESPONSE_READY executes by its own - removed the define of it to TMCB_RESPONSE_OUT - now this callback is executed before writing reply to network --- modules/tm/t_hooks.h | 16 +++++++++------- modules/tm/t_lookup.c | 3 ++- modules/tm/t_reply.c | 19 +++++++++++++++---- 3 files changed, 26 insertions(+), 12 deletions(-) diff --git a/modules/tm/t_hooks.h b/modules/tm/t_hooks.h index 32ebaa3..38ba5d4 100644 --- a/modules/tm/t_hooks.h +++ b/modules/tm/t_hooks.h @@ -74,15 +74,16 @@ struct cell; #define TMCB_DESTROY_N 15 /* called on transaction destroy */ #define TMCB_E2ECANCEL_IN_N 16 #define TMCB_E2EACK_RETR_IN_N 17 +#define TMCB_RESPONSE_READY_N 18 #ifdef WITH_AS_SUPPORT -#define TMCB_DONT_ACK_N 18 /* TM shoudn't ACK a local UAC */ +#define TMCB_DONT_ACK_N 19 /* TM shoudn't ACK a local UAC */ #endif #ifdef TMCB_ONSEND -#define TMCB_REQUEST_SENT_N 19 -#define TMCB_RESPONSE_SENT_N 20 -#define TMCB_MAX_N 20 +#define TMCB_REQUEST_SENT_N 20 +#define TMCB_RESPONSE_SENT_N 21 +#define TMCB_MAX_N 21 #else -#define TMCB_MAX_N 18 +#define TMCB_MAX_N 19 #endif @@ -104,6 +105,7 @@ struct cell; #define TMCB_DESTROY (1<<TMCB_DESTROY_N) #define TMCB_E2ECANCEL_IN (1<<TMCB_E2ECANCEL_IN_N) #define TMCB_E2EACK_RETR_IN (1<<TMCB_E2EACK_RETR_IN_N) +#define TMCB_RESPONSE_READY (1<<TMCB_RESPONSE_READY_N) #ifdef WITH_AS_SUPPORT #define TMCB_DONT_ACK (1<<TMCB_DONT_ACK_N) #endif @@ -113,8 +115,6 @@ struct cell; #endif #define TMCB_MAX ((1<<(TMCB_MAX_N+1))-1) -/* response ready - might need to be executed before sending reply out */ -#define TMCB_RESPONSE_READY TMCB_RESPONSE_OUT /* * Caution: most of the callbacks work with shmem-ized messages @@ -325,6 +325,8 @@ struct cell; * the cell* parameter (t) and the tmcb are set to 0. Only the param is * is filled inside TMCB. For dialogs callbacks t is also 0. * + * TMCB_RESPONSE_READY -- a reply is ready to be sent out. Callback is + * is executed just before writing the reply content to network. * * TMCB_DONT_ACK (requires AS support) -- for localy generated INVITEs, TM * automatically generates an ACK for the received 2xx replies. But, if this diff --git a/modules/tm/t_lookup.c b/modules/tm/t_lookup.c index ff8b4c5..be65ade 100644 --- a/modules/tm/t_lookup.c +++ b/modules/tm/t_lookup.c @@ -1026,7 +1026,8 @@ int t_reply_matching( struct sip_msg *p_msg , int *p_branch ) && p_msg->REPLY_STATUS<300 && ((!is_local(p_cell) && has_tran_tmcbs(p_cell, - TMCB_RESPONSE_OUT|TMCB_E2EACK_IN|TMCB_E2EACK_RETR_IN) ) + TMCB_RESPONSE_OUT|TMCB_RESPONSE_READY + |TMCB_E2EACK_IN|TMCB_E2EACK_RETR_IN) ) || (is_local(p_cell)&&has_tran_tmcbs(p_cell, TMCB_LOCAL_COMPLETED)) )) ) { if (parse_headers(p_msg, HDR_TO_F, 0)==-1) { diff --git a/modules/tm/t_reply.c b/modules/tm/t_reply.c index 4318886..3fc4123 100644 --- a/modules/tm/t_reply.c +++ b/modules/tm/t_reply.c @@ -596,10 +596,16 @@ static int _reply_light( struct cell *trans, char* buf, unsigned int len, /* do UAC cleanup procedures in case we generated a final answer whereas there are pending UACs */ if (code>=200) { - if (unlikely(is_local(trans) && - has_tran_tmcbs(trans, TMCB_LOCAL_COMPLETED) )) - run_trans_callbacks(TMCB_LOCAL_COMPLETED, trans, + if (unlikely(is_local(trans))) { + if(unlikely(has_tran_tmcbs(trans, TMCB_LOCAL_COMPLETED))) + run_trans_callbacks(TMCB_LOCAL_COMPLETED, trans, 0, FAKED_REPLY, code); + } else { + if(unlikely(has_tran_tmcbs(trans, TMCB_RESPONSE_READY))) { + run_trans_callbacks(TMCB_RESPONSE_READY, trans, + trans->uas.request, FAKED_REPLY, code); + } + } cleanup_uac_timers( trans ); if (is_invite(trans)){ prepare_to_cancel(trans, &cancel_bitmap, 0); @@ -1724,7 +1730,8 @@ enum rps relay_reply( struct cell *t, struct sip_msg *p_msg, int branch, if ( unlikely(is_invite(t) && relayed_msg!=FAKED_REPLY && relayed_code>=200 && relayed_code < 300 && has_tran_tmcbs( t, - TMCB_RESPONSE_OUT|TMCB_E2EACK_IN|TMCB_E2EACK_RETR_IN))) { + TMCB_RESPONSE_OUT|TMCB_RESPONSE_READY + |TMCB_E2EACK_IN|TMCB_E2EACK_RETR_IN))) { totag_retr=update_totag_set(t, relayed_msg); } }; /* if relay ... */ @@ -1733,6 +1740,10 @@ enum rps relay_reply( struct cell *t, struct sip_msg *p_msg, int branch, /* send it now (from the private buffer) */ if (relay >= 0) { + if (unlikely(!totag_retr && has_tran_tmcbs(t, TMCB_RESPONSE_READY))){ + run_trans_callbacks(TMCB_RESPONSE_READY, t, + t->uas.request, relayed_msg, relayed_code); + } /* Set retransmission timer before the reply is sent out to avoid * race conditions *

14 years, 7 months

k/auth_radius module based on s/auth module

by Juha Heinanen

i have now converted k/auth_radius module to use the famed s/auth module. all functionality of existing auth_radius is preserved except for this: If an empty string "" is used (as realm parameter) then the server will generate it from the request. In case of REGISTER requests To header field domain will be used (because this header field represents a user being registered), for all other messages From header field domain will be used. so the user needs to always give the realm ($td/$fd/...). regarding s/auth module, there are differences in parameters as compared to k auth module and www_challenge()/proxy_challenge() have been replaced by digest_challenge avp. this will be shown in README example. is it ok if i commit the changes or does anyone else care if i'm the only radius user? -- juha

14 years, 7 months

git:master: modules_k/auth_radius: module is now using api from modules_s/ auth

by Juha Heinanen

Module: sip-router Branch: master Commit: 6f5bc8bed44491c63e65f0f85c2595887fa2a073 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=6f5bc8b… Author: Juha Heinanen <jh(a)tutpro.com> Committer: Juha Heinanen <jh(a)tutpro.com> Date: Fri Jul 2 16:53:33 2010 +0300 modules_k/auth_radius: module is now using api from modules_s/auth --- modules_k/auth_radius/README | 324 +++++++++++++---------- modules_k/auth_radius/authorize.c | 94 ++++++-- modules_k/auth_radius/authrad_mod.c | 6 +- modules_k/auth_radius/authrad_mod.h | 4 +- modules_k/auth_radius/doc/auth_radius_admin.xml | 123 ++++++--- modules_k/auth_radius/sterman.c | 2 +- modules_k/auth_radius/sterman.h | 3 +- 7 files changed, 346 insertions(+), 210 deletions(-) Diff: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commitdiff;h=6f5…

14 years, 7 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

sr-dev