Release notes for SIP Express Router (ser) *********************************************** $Id: NEWS,v 1.17.2.2.2.4.2.3 2004/07/26 23:18:35 andrei Exp $ *********************************************** * Changes/fixes introduced in 0.8.14 *********************************************** +--------------------------------------------------------+ | WARNING: if you are using 0.8.12 you need to: | | - update the database: ser_mysql.sh reinstall | | (but make a backup copy first) | | - if you are using enum, replace | | enum_query("") with enum_query() | | - if you are using nathelper, switch to the | | latest rtpproxy (cvs co rtpproxy) | | - if you are using one of the radius modules | | you need to upgrade the radiusclient library| | to at least version 0.4.1 | +--------------------------------------------------------+ 0.8.14 is mainly a bug-fix release. It doesn't introduce many new features. It was created from the cvs stable tree (rel_0_8_12), so if you have an up-to-date 0.8.12 from cvs you don't need to upgrade to 0.8.14. New Features ============ - experimental OS X (darwin) support core: - basic avp support (no db conectivity yet) tm: - avp list inherit by transaction and made available in failure and onreply routes; enum: - support for multiple private enum trees, e.g.: enum_query("foo.bar.", "voice"); nathelper: - lots of improvements, new flags, bridge mode a.s.o - requires the latest rtpproxy (cvs -d:pserver:anonymous@cvs.ser.berlios.de:/cvsroot/ser co rtpproxy) usrloc: - database format changed (user agent field added); if you are upgrading from an older ser version you need to run ser_mysql.sh reinstall to update the location and alias tables *_radius: - switched to radiusclient-ng, use at least version 0.4.1 (http://developer.berlios.de/projects/radiusclient-ng) mediaproxy: - nathelper like nat traversal module *********************************************** * Changes/fixes introduced in 0.8.12-r1 *********************************************** - new config variables:$ tcp_connect_timeout= seconds$ time before an ongoing connect will be aborted$ tcp_send_timeout= seconds$ time after a tcp connection will be closed if it is not available.$ for writing in this interval (and ser wants to sen something on it) - full nathelper support (backported from HEAD) - openbsd 3.4 support - group fixed (ser crashed when started with a group) - cpl-c (fast cpl interpreter) introduced *********************************************** * Changes/fixes introduced in 0.8.12 *********************************************** +--------------------------------------------------------+ | WARNING: if you want to use a 0.8.11 config script | | with 0.8.12, replace if ( len_gt(number) ) with: | | if ( msg:len > bumber ) | +--------------------------------------------------------+ New Features ============ texops: - subst('s/re/repl/flags') support core: - added switch to check the config file (-c) - changes: removed len_gt() and replaced with if (msg:len op number|max_len) - multiple operator support: ==, != for special operations (e.g myself, ip) ==, !=, ~= for strings ==, !=, >, <, >=, <= for integers - new config variables: advertised_address= ip | string address advertised in via and in the DST_* lumps (e.g RR) This is the default value, if empty (default) the socket address will be used. WARNING: - don't set it unless you know what you are doing (e.g. nat traversal) - you can set anything here, no check is made (e.g. foo.bar will be accepted even if foo.bar doesn't exist) advertised_port= no port advertised in via and in the DST_*lumps (e.g. RR) This is the default value, if empty (default) the socket port will be used. Same warnings as above. - new script commands: set_advertised_address(ip|string) same as advertised_address but it affects only the current message: Message host/lump address= the set_advertised one if present, else advertised_address else socket address. set_advertised_port(no) same as advertised_port but it affects only the current message; see set_advertised_address & s/address/port/g usrloc: - usernames are case insensitive registrar: - lookup function succeeds when appending of a branch failed auth_db: - support for rpid stored in database (thanks to Jakob Schlyter) Bug fixes ========= - memory leak in digest credentials parser fixed - authenticathion ha1 didn't include domain if username was of the form user@domain and calculate_ha1 was set to yes (modules/auth_db) - tm reply processing race condition (modules/tm), special thanks go to Dong Liu - Many bugs in pa module fixed, works with registrar again. Security updates ================ - fifo processing code will write responses only to other fifos and only if they are not hard-linked, also default ser fifo persmissions were changed to 0600. Performance improvements ======================== - tuned internal malloc implementation parameters to better reflect the actual workload (malloc is a little bit faster now) *********************************************** * Changes introduced in 0.8.11 *********************************************** +--------------------------------------------------------+ | CAUTION: the 0.8.11 release include changes which | | are incompatible with scripts and databases used | | in previous versions. Care is advised when upgrading | | from previous releases to 0.8.11. | +--------------------------------------------------------+ New features ============= - RFC3261 support - TCP support and cross-transport forwarding [core] - loose routing support [rr module] - New modules - vm -- voicemail interface [vm] - ENUM support [enum] - presence agent [pa] - dynamic domain management -- allows to manipulate hosting of multiple domains in run-time [module] - flat-text-file database support [dbtext] - rich access control lists [permissions] - Feature Improvements - click-to-dial, which is based on improved tm/FIFO that better supports external applications [tm module] - web accounting -- acc module can report to serweb on placed calls [acc module] - improved exec module (header fields passed now as environment variables to scripts) [exec module] - Architectural Improvements - powerpc fast locking support - netbsd support - 64 bits arch. support (e.g. netbsd/sparc64). - New Experimental Features (not tested at all yet) - nathelper utility for Cisco/ATA NAT traversal [nathelper] - another NAT traversal utility [mangler] - postgress support [postgress] - fcp module [fcp] - pdt module (prefix2domain) [pdt] Changes to use of ser scripts ============================= About Multiple Transport Support -------------------------------- SER now suports multiple transport protocols: UDP and TCP. As there may be UAs which support only either protocol and cannot speak to each other directly, we recommend to alway record-route SIP requests, to keep the transport-translating SER in path. Also, if a destination transport is not known, stateful forwarding is recommended -- use of stateless forwarding for TCP2UDP would result in loss of reliability. core ---- - reply_route has been renamed to failure_route -- the old name caused too much confusion - forward_tcp and forward_udp can force SER to forward via specific transport protocol acc module: ----------- - radius and sql support integrated in this module; you need to recompile to enable it - acc_flag is now called log_flag to better reflect it relates to the syslog mode (as opposed to sql/radius); for the same reasons, the accounting action is now called "acc_log_request" and the option for missed calls "log_missed_calls" - log_fmt allows now to specify what will be printed to syslog auth module: ------------ - auth module has been split in auth, auth_db, auth_radius, group group_radius, uri and uri_radius - all the parameters that were part of former auth module are now part of auth_db module - auth_db module contains all functions needed for database authentication - auth_radius contains functions needed for radius authentication - group module contains group membership checking functions - group_radius contains radius group membeship checking functions - is_in_group has been renamed to is_user_in and places to groups module - check_to and check_from have been moved to the uri module im module: ---------- - im is no longer used and has been obsoleted by TM exec module: ------------ - exec_uri and exec_user have been obsoleted by exec_dset; exec_dset is identical to exec_uri in capabilities; it additionaly passes content of request elements (header fields and URI parts) in environment variables; users of exec_user can use exec_dset now and use the "URI_USER" variable to learn user part of URI - exec_dset and exec_msg return false, if return value of script does not euqal zero - exec_dset takes an additional parameter, which enables validation of SIP URIs returned by external application jabber module: -------------- - presence support for Jabber users is enabled loading the PA module and using handle_subscribe("jabber") for SUBSCRIBE requests to jabber user msilo module: ------------- - m_store has now a parameter to set what should be considered for storing as destination uri. This enables support for saving the messages on negative replies. radius_acc module: ------------------ - radius_acc module has been removed and radius accounting is now part of acc module registrar/usrloc modules: ------------------------- - multi domain support, the modules user username@domain as AOR if enabled - descent modification time ordering of contacts - case sensitive/insensitive comparison of URI can be enabled rr module: ---------- - addRecordRoute has been replaced with record_route - rewriteFromRoute has been replaced with loose_route() - a new option, "enable_full_lr" can be set to make life with misimplemented UAs easier and put LR in from "lr=on" - rr module can insert two Record-Route header fields when necesarry (disconnected networks, UDP->TCP and so on) tm module: ---------- - t_reply_unsafe, used in former versions within reply_routes, is deprecated; now t_reply is used from any places in script - t_on_negative is renamed to t_on_failure -- the old name just caused too much confusion - FIFO t_uac used by some applications (like serweb) has been replaced with t_uac_dlg (which allows easier use by dialog- oriented applications, like click-to-dial) - if you wish to do forward to another destination from failure_route (reply_route formerly), you need to call t_relay or t_relay_to explicitely now - t_relay_to has been replaced with t_relay_to_udp and t_relay_to_tcp