Hi Gang
I have this code snipplet:
if (has_credentials("$fd")) {
xlog("L_INFO", "$cfg(route): got $rm with credentials. Validate them!\n");
if ($aU == $null) {
xlog("L_INFO", "$cfg(route): no auth user, send challenge\n");
}
auth_challenge("$fd", "0");
exit;
}
}
Please don't ask if this makes sense, it's a constructed snipplet to show the situation.
If $rm is INVITE, this works fine, no challenge is being sent, $au is populated.
If $rm is ACK (some CPE seem to send the Credentials with each message) then $au is $null,
auth_challenge is called and fails.
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G - Leiter Commerce Kunden
______________________________________________________
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Pratteln Fax +41 61 826 93 01
Schweiz Web http://www.imp.ch
______________________________________________________
Hi
As a first notice; I already wrote to the mailing list, but without
registration. I read afterwards that I should register first because of
spam reasons. If this is a duplicate, then I'm sorry. I'm new to mailing
lists...
I've an issue with parallel call forking together with call authentication.
I hope somebody can give me some hints about what the problem could be and
how I could solve this problem.
I'm using Kamailio 5.5.4 with the python KEMI binding.
Kamailio is in front of an Asterisk, which requires call authorization.
RTPEngine is also inplace which does SRTP to RTP bridging. Simple calls
from and to Asterisk through Kamailio and RTPEngine work without any issue.
So the basic setup seems to work fine. The problem starts when I do
parallel call forking where both calls are sent to Asterisk. If I use
"KSR.tm.t_on_failure("trunk_authentication")" for authentication, the first
branch is authenticating and the device rings, but the second branch does
not authenticate. Well, that's not 100% true, if the SIP timeout appears on
the first branch, I can see in the log, that the second branch enters the
trunk_authentication method, but then, the call is already terminated.
Call forking to two devices (not behind Asterisk and without call
authentication) works also as expected.
I made some trials with
"KSR.tm.t_on_branch_failure("trunk_authentication")" but in this case, the
behavior is strange. Then the authentication for both branches work and
both devices are ringing. If a device hooks up, the second device does not
stop ringing. And after a few seconds, the first device cancels the call,
because it did not get the ACKs. I can also see that the CANCEL is sent
from Kamailio to Asterisk, but Asterisk does not react to it.
For trunk authentication, I'm using the implementation from the well known
examples plus a few own stuff. Btw, NAT is not enabled...:
def trunk_authentication(self, msg):
scode = KSR.pv.get("$T_reply_code")
self.log('notice', 'trunk_authentication {}'.format(scode))
if WITH_NAT and self.ksr_route_natmanage(msg) == -255:
return 1
# Call manage_rtp_engine to destroy RTPEngine if it has been used.
call_context = self.get_call_context(msg=msg)
callee_object = call_context.callee.get_callee_object()
if callee_object.connection_type:
call_context.manage_rtp_engine()
if KSR.tm.t_is_canceled() > 0:
return 1
if scode in [401, 407]:
KSR.pv.sets('$avp(auser)',
KSR.pv.get('$sel(cfg_get.asterisk.trunk_username)'))
KSR.pv.sets('$avp(apass)',
KSR.pv.get('$sel(cfg_get.asterisk.trunk_password)'))
if KSR.uac.uac_auth():
# enable additional event routes for forwarded requests
# - serial forking, RTP relaying handling, a.s.o.
if KSR.is_method_in('IBSU'):
if KSR.tm.t_is_set("branch_route") < 0:
KSR.tm.t_on_branch("ksr_branch_manage")
self.log('notice', 'Authentication Asterisk trunk')
if KSR.tm.t_relay() < 0:
KSR.sl.sl_reply_error()
return 1
Any ideas?
Best regards
Mathias
Hello,
the generated src/modules.lst file contains:
# the list of modules to skip from compile list
skip_modules= …
# the list of modules to exclude from compile list
exclude_modules= …
For me excluding a module from the compile list and skipping the module when compiling is the same.
Please describe what is the difference between skipping and excluding, either in modules.lst, at
https://www.kamailio.org/wikidocs/devel/makefile-system/ or at https://kamailio.org/docs/tutorials/devel/kamailio-install-guide-git/ .
Thanks
Дилян
Hello masters,
I am a newbie who recently got to know Kamailio.
I have a scenario and I would like to know if this tool would suit: a
central asterisk server with all user accounts and three remote units
with Kamailio acting as a proxy.
Is there any module or configuration that if the central asterisk
server fails to respond, would the remote proxies act in survival
mode, allowing local communication by users
until the central asterisk server returns a response?
Att,
Joao Paulo
*** THIS E-MAIL MESSAGE AND ANY DOCUMENTS ATTACHED IS/ARE INTENDED ONLY FOR THE USE OF THE INDIVIDUAL(S) OR ENTITY TO WHICH IT IS ADDRESSED; AND MAY CONTAIN INFORMATION THAT IS LEGALLY PRIVILEGED, CONFIDENTIAL AND/OR EXEMPT FROM DISCLOSURE UNDER APPLICABLE LAW, including the Electronic Communications Privacy Act, 18 U.S.C. Secs 2510-2521 ***
On Wednesday, January 11, 2023, 01:36:44 AM PST, <sr-users-request(a)lists.kamailio.org> wrote:
Send sr-users mailing list submissions to
sr-users(a)lists.kamailio.org
To subscribe or unsubscribe via email, send a message with subject or
body 'help' to
sr-users-request(a)lists.kamailio.org
You can reach the person managing the list at
sr-users-owner(a)lists.kamailio.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of sr-users digest..."
Today's Topics:
1. Re: Performing async_http calls on stateless Loadbalancers
(Julius Flohr)
2. Re: Releasing v5.6.3 (Daniel-Constantin Mierla)
3. Performing async_http calls on stateless Load balancers
(Lewis Hutchinson)
----------------------------------------------------------------------
Message: 1
Date: Tue, 10 Jan 2023 18:50:44 +0100
From: Julius Flohr <flohr(a)sipgate.de>
Subject: [SR-Users] Re: Performing async_http calls on stateless
Loadbalancers
To: Henning Westerholt <hw(a)gilawa.com>
Cc: "Kamailio (SER) - Users Mailing List"
<sr-users(a)lists.kamailio.org>, Alles wird besser
<alleswirdbesser(a)sipgate.de>
Message-ID: <34C7487C-0900-4C49-BBB4-49A0291D83E6(a)sipgate.de>
Content-Type: multipart/alternative;
boundary=Apple-Mail-0AF7C672-1C85-4A98-9DDC-EED95FFB4B7E
A message part incompatible with plain text digests has been removed ...
Name: not available
Type: text/html
Size: 7117 bytes
Desc: not available
------------------------------
Message: 2
Date: Wed, 11 Jan 2023 08:30:17 +0100
From: Daniel-Constantin Mierla <miconda(a)gmail.com>
Subject: [SR-Users] Re: Releasing v5.6.3
To: "Kamailio (SER) - Users Mailing List"
<sr-users(a)lists.kamailio.org>, "Kamailio (SER) - Devel Mailing List"
<sr-dev(a)lists.kamailio.org>
Message-ID: <454ae3b5-a810-f393-4196-e71c4482e9d3(a)gmail.com>
Content-Type: text/plain; charset=UTF-8
Hello,
the usual note that preparing the release of Kamailio v5.6.3 starts
soon, therefore any commits to branch 5.6 should be announced first on
sr-dev mailing list and wait for the ack before pushing to repo. Once
the announcement is out, commits can go in the branch directly.
Cheers,
Daniel
On 06.01.23 16:44, Daniel-Constantin Mierla wrote:
> Hello,
>
> I am considering to release Kamailio v5.6.3 (out of branch 5.6) next
> week (likely on Wednesday, Jan 11, 2023). If anyone is aware of
> issues not yet on the bug tracker, report them there asap in order to
> have a better chance to be fixed.
>
> Cheers,
> Daniel
>
> --
> Daniel-Constantin Mierla -- www.asipto.com
> www.twitter.com/miconda -- www.linkedin.com/in/miconda
> Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
>
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
------------------------------
Message: 3
Date: Wed, 11 Jan 2023 09:20:28 +0000
From: Lewis Hutchinson <lewis.hutchinson(a)missionlabs.co.uk>
Subject: [SR-Users] Performing async_http calls on stateless Load
balancers
To: "sr-users(a)lists.kamailio.org" <sr-users(a)lists.kamailio.org>
Cc: "flohr(a)sipgate.de" <flohr(a)sipgate.de>,
"alleswirdbesser(a)sipgate.de" <alleswirdbesser(a)sipgate.de>
Message-ID: <CWXP265MB2517CB6E3E8188F3E3BB5B2AC5FC9(a)CWXP265MB2517.GBRP
265.PROD.OUTLOOK.COM>
Content-Type: text/plain; charset="us-ascii"
Hi Julius
If I have understood this correctly, I think you can achieve this using KEMI Python leveraging aiohttp & asyncio
i.e async with aiohttp.ClientSession() as session:
This can be done outside of REQUEST_ROUTE
Requires a rewrite from Native to KEMI so might be a bit excessive but would work.
Regards
Lewis
------------------------------
Subject: Digest Footer
_______________________________________________
sr-users mailing list -- sr-users(a)lists.kamailio.org
To unsubscribe send an email to sr-users-leave(a)lists.kamailio.org
------------------------------
End of sr-users Digest, Vol 212, Issue 33
*****************************************
Hi Julius
If I have understood this correctly, I think you can achieve this using KEMI Python leveraging aiohttp & asyncio
i.e async with aiohttp.ClientSession() as session:
This can be done outside of REQUEST_ROUTE
Requires a rewrite from Native to KEMI so might be a bit excessive but would work.
Regards
Lewis
Hello,
I am considering to release Kamailio v5.6.3 (out of branch 5.6) next
week (likely on Wednesday, Jan 11, 2023). If anyone is aware of
issues not yet on the bug tracker, report them there asap in order to
have a better chance to be fixed.
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
Hello everyone!
I've been struggling with a kamailio scenario with the rtpengine_delete. My
scenario is the following:
I've setup a Kamailio multihomed, since some of my vendors has provided us a
direct link using a different local subnet in eth2 and I have my public IP in
eth1. The kamailio i've been working on is using app_lua module.
SIP A <---------> 200.XXX.XXX.14 (eth1) [Kamailio 5.6] (eth2) 10.203.5.8 <------> Vendor 10.203.5.20
100.XXX.XXX.22
Basically, I receive a call from public IP eth1 and according to the logic
from the vendor I forward statefully the call to 10.203.5.20 in second branch.
I've been reading a lot of issues and documentation such as:[#840 rptengine],
[#875 rtpengine] and [#2222 kamailio], but I don't really get working the
rtpengine_delete() correctly, since I go to netstat -plan|grep rtpengine and I
see some sessions still that are not freed.
My second case is the following when I receive a 503 from another GW:
SIP A <---------> 200.XXX.XXX.14 (eth1) [Kamailio 5.6] (eth1) 200.XXX.XXX.14 <-----------> Vendor GW 233.XXX.XXX.19
100.XXX.XXX.22
In that case I still see the rtpengine ports, mostly with my public IP
200.XXX.XXX.14 but some of them with the LAN 10.203.5.8 IP.
Also, something curious I see on my 2nd use case is the following: https://pastebin.com/raw/B4vCgExX
So, it would be great if someone can point me to the right direction, how and
when I should use rtpengine_delete in order to finish the rtpengine sessions
correctly and the ports can be freed up.
Any help will be great!
[840] https://github.com/sipwise/rtpengine/issues/840
[875] https://github.com/sipwise/rtpengine/issues/875
[2222] https://github.com/kamailio/kamailio/issues/2222
--
Regards,
Jose Figueroa
Hey everyone,
Whenever I read documentation for htable usage, and other examples of other scripts in Kamailio, htable keys are typically named:
something::something
Examples are: $au::auth_count, $ci::srcip, join::$rU
Why are there two colons (as opposed to a | )? Is this just a standard semantic thing in Kamailio? Is there something about that double character that’s unusual and easy to parse with SIP values? Or is it just what people do, and that’s a good choice to continue for all other Kamailio script writers to have understanding?
Any insight would be appreciated.
Thanks!
~Noah
Hello,
I am trying to make use of crypto module. The scenario is the following:
1. Encrypt plaintext passwords on kamailio side using crypto_aes_encrypt function of crypto module
2. Decrypt them outside of kamailio using 3rd party tools, such as PHP openssl_decrypt
Crypto module parametrs are the following:
modparam("crypto", "salt", "")
modparam("crypto", "key_derivation", 0)
If encryption and decription are handled by kamailio, the initial password matches the decrypted string (initial password -> encrypted string -> decrypted string)
For example:
sql_query("ds_dburl", "select secret from kamailio_sip_buddies where username='$au'", "secret");
$avp(secret_plain) = $dbr(secret=>[0,0]); //value: 'kamailio'
crypto_aes_encrypt("$avp(secret_plain)", "YUZySHVtdlVTYjI0TGJNd3JTeVV0MlRaRWFraFNBRlM=", "$var(encrypted)"); //value: 'qfOqTMoJMgGAherGCqLRRQc4zTlqsEj3MEtcORurFf0='
crypto_aes_decrypt("$avp(secret_plain)", "YUZySHVtdlVTYjI0TGJNd3JTeVV0MlRaRWFraFNBRlM=", "$var(decrypted)"); //value: 'kamailio'
But in case I try to decrypt the value of $var(encrypted) using PHP openssl_decrypt or online tool like https://www.devglan.com/online-tools/aes-encryption-decryption, I am getting the result 'kamailio' prepended by 16 random bytes, like:
6“¤›¿Ð+IÊ\ñžïZkamailio
or
6�����+I\��Zkamailio
I believe this 16 bytes are actually random initialization vector in some encoding.
Possibly kamailio is trimming them from result here:
https://github.com/kamailio/kamailio/blob/master/src/modules/crypto/crypto_…
Moreover, if secret was encrypted using crypto_aes_encrypt and random IV, you can use any IV while decrypting and get 16 different bytes+result
Please advice if someone have used crypto module in similar way and what are the possible ways to acheive results consistency