Marc,
just to avoid unnecessary processing, I would say the patch for the connector should look like: (authorize function, right after if MULTIPLE_PREPAID_ENGINES block
# Patch for the digest uri starting with + (openser is not able to touch that, and cdrtool not able to recognise) if to_uri.find('+') != -1: log(1, 'destination containing +, will replace it with 00...') to_uri = to_uri.replace('+', '00')
res_newsession_raw=client_prepaid.new_session(username, to_uri, SESSION_MAXDUR)
In OpenSER, I have done the following, right after radius_proxy_authorize call:
if (!radius_proxy_authorize("")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); exit; };
if (uri=~"^sip:+.*@"){ strip(1); prefix("00"); xlog("Changed RURI due to +, new one is: $rU"); };
DanB
On Mon, Mar 3, 2008 at 2:23 PM, Marc LEURENT lftsy@leurent.eu wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Thanks Dan and Iñaki for your answers:
I've changed this in the freeradius-cdrtool module of Dan: #to_uri=atrbValue(params,'Digest-URI') to_uri=atrbValue(params,'Digest-URI').replace('+','00')
- A bit dirty patch on the freeradius-cdrtool connector to replace "+"
with "00" in case of calls starting with +, before querying cdrtool in auth phase. In this case you must replace also in openser + with 00 so when the call will go out, should go with 00 (to be properly reflected later in cdrs). - this is what I did and looks like running smooth.
But I don't understand how to change the second part in OpenSER?
Otherwize I will do it in the accounting python module?
Thanks!
Dan-Cristian Bogos a écrit :
Hi Marc,
had the same issue. The problem is that CDRTool supports only one type of international prefix (in your case any of '00' or '+', so no way of specifying two). The reason you cannot replace + with 00 before authentication is that the full digest-nonce is calculated based on a series of factors (which includes original from and to uris and replacing to_uri before sending the request to radius to be authenticated would mean that radius will never recognize the nonce to be valid anymore).
There are two ways of fixing your problem, as I see them (and mines
too):
- CDRTool folks should support some sort of list of international
prefixes recognized and stripped. 2. A bit dirty patch on the freeradius-cdrtool connector to replace "+" with "00" in case of calls starting with +, before querying cdrtool in auth phase. In this case you must replace also in openser + with 00 so when the call will go out, should go with 00 (to be properly reflected later in cdrs). - this is what I did and looks like running smooth.
Cheers, DanB
On Mon, Mar 3, 2008 at 12:46 PM, Marc LEURENT <lftsy@leurent.eu mailto:lftsy@leurent.eu> wrote:
Hello I have trouble with number dialed starting with + CDRTool doesn' understand it. So I have to strip it from the request and replace it by 00! The problem is that even using this at the begenning of OpenSER script, it's not working (see CDRTool log below)
Any idea how to solve it? Thanks
# normalization to e164 if($ruri.user =~ "^\+[1-9][0-9]+") { xlog("STRIPING + For e164 NORMALIZATION \r\n"); strip(1); prefix("00"); subst('/^To:(.*)sip:\+(.*)$/To:\1sip:00\2/ig'); };Mar 3 12:24:49 krusty CDRTool[15025]: MaxSessionTime From=mleurent@sip.wifirst.net mailto:mleurent@sip.wifirst.net To=sip:+33677832975@sip.wifirst.net mailto:sip:+33677832975@sip.wifirst.net Dura tion=10800 Lock=1 Mar 3 12:24:49 krusty CDRTool[15025]: Load last minute: 1 calls @ 0.00 cps, memory: 16.77 MB, uptime: 0.6 hours Mar 3 12:24:49 krusty CDRTool[15025]: Call to +33677832975@sip.wifirst.net http://sip.wifirst.net, no limit imposed Mar 3 12:24:49 krusty CDRTool[15025]: GetBalance From=mleurent@sip.wifirst.net mailto:mleurent@sip.wifirst.net Mar 3 12:24:51 krusty /usr/sbin/openser[18637]: ACC: call missed: timestamp=1204543491;method=INVITE;from_tag=xirvq;to_tag= ;call_id=cpvrqboancqnuii@192.168.95.139 mailto:cpvrqboancqnuii@192.168.95.139;code=487;reason=Request Terminated Mar 3 12:24:51 krusty CDRTool[15025]: DebitBalance From=mleurent@sip.wifirst.net mailto:mleurent@sip.wifirst.net To=sip:0033677832975@sip.wifirst.net mailto:sip:0033677832975@sip.wifirst.net Durat ion=0
OpenSER config extract:
# ATTENTION: DO NOT PUT ; at the end of the radius_extra attribute modparam("acc", "radius_extra", " Called-Station-Id=$tu; Calling-Station-Id=$fu; Canonical-URI=$avp(to_destination); User-Name=$avp(user_name); Billing-Party=$avp(billing_party); Sip-User-Realm=$ar; SIP-Proxy-IP=$Ri; Source-IP=$si; Source-Port=$sp; Acct-Authentic=$avp(s:authentic); From-Header=$hdr(from); User-Agent=$hdr(user-agent); Contact=$hdr(contact); Event=$hdr(event)")
# Set the acc flags xlog("JUSTE BEFORE SETTING FLAGS FOR RADIUS\r\n"); if(is_method("INVITE") && !has_totag()) { xlog("L_INFO", "I AM SETTING THE FLAGS FOR RADIUS \r\n");# $avp(s:authentic) = 1; # $avp(can_uri) = $ru; # SIP Request's URI $avp(user_name) = $au + "@" + $ar; $avp(billing_party) = $au + "@" + $ar; $avp(to_destination) = $tu; xlog("SETTING FLAGS 1 FOR RADIUS \r\n"); setflag(1); # radius_flag xlog("SETTING FLAGS 2 FOR RADIUS \r\n"); setflag(2); # radius_missed_flag };
Users mailing list Users@lists.openser.org mailto:Users@lists.openser.org http://lists.openser.org/cgi-bin/mailman/listinfo/users
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHy/vbrxOjjFYWQtoRAsrUAKCDWa3PPsuBCGy6Op9O0sr7Fk9uugCffchO p7WCUKUX3skiyPUcgqc8c/Y= =SWwN -----END PGP SIGNATURE-----