[sr-dev] New Kamailio module Obfuscate

Muhammad Shahzad shaheryarkh at gmail.com
Tue Aug 5 11:55:08 CEST 2014 

OK, created the patch finally...

http://webrtc.voip-demos.com/0001-added-support-for-network-io-intercept.patch

I had to add all file i wanted to include in the commit using "git add",
even the ones that are already included in git repo, e.g. corex.xml and
corex_mod.c.

I will just let you know i hit my head on wall just 17 times to make it
work. :-(

Thank you.




On Tue, Aug 5, 2014 at 2:40 PM, Daniel-Constantin Mierla <miconda at gmail.com>
wrote:

>  You should use:
>
> git format-patch -1 <sha>
>
> The <sha> in your case appears to be f415b0c . If it is last commit,
> should work with:
>
> git format-patch -1 HEAD
>
> Cheers,
> Daniel
>
>
> On 05/08/14 11:25, Muhammad Shahzad wrote:
>
>   These commands do not seem to work for me. Can you please do the patch?
>
>  1. adding files work,
>
> git add modules/corex/corex_nio.c modules/corex/corex_nio.h
>
> git status
> # On branch master
> # Changes to be committed:
> #   (use "git reset HEAD <file>..." to unstage)
> #
> #    new file:   modules/corex/corex_nio.c
> #    new file:   modules/corex/corex_nio.h
> #
> # Changes not staged for commit:
> #   (use "git add <file>..." to update what will be committed)
> #   (use "git checkout -- <file>..." to discard changes in working
> directory)
> #
> #    modified:   modules/corex/README
> #    modified:   modules/corex/corex_mod.c
> #    modified:   modules/corex/doc/corex.xml
> #    modified:   modules/corex/doc/corex_admin.xml
> #
>
>  2. making commit seems to work,
>
> git commit -m "added support for network io intercept."
> [master f415b0c] added support for network io intercept.
>  2 files changed, 268 insertions(+)
>  create mode 100644 modules/corex/corex_nio.c
>  create mode 100644 modules/corex/corex_nio.h
>
>  3. git format-patch does not work,
>
> git format-patch
>  [no-output]
>
>  4. Also tried,
>
> git format-patch master --stdout
>  [no-output]
>
> git format-patch master --stdout > /tmp/nio.patch
> [no-output]
>
>
>  I don't know what is wrong, i have git version 1.7.10.4 on debian
> wheezy.
>
> i miss subversion so badly...
>
>  Thank you.
>
>
>
>
> On Tue, Aug 5, 2014 at 1:26 PM, Daniel-Constantin Mierla <
> miconda at gmail.com> wrote:
>
>>  Can you do a commit on your local git clone and send the patch? It is
>> easier to review the changes. Practically use:
>>
>> - git add -- to add new files
>> - git commit -- to commit changes
>> - git format-patch -- to get the commit in a file
>>
>> Cheers,
>> Daniel
>>
>>
>> On 05/08/14 01:14, Muhammad Shahzad wrote:
>>
>>  Done all changes as you suggested.
>>
>>  1. The code is embedded in corex module. Two new files added named,
>> corex_nio.h and corex_nio.c. Some minor changes to corex_mod.c to call the
>> methods defined in corex_nio.h.
>>  2. Event route name changed to event_route[network:msg].
>>  3. function name changed from is_msg_obfuscated to is_incoming.
>>  4. one additional module parameter is added, named
>> network_io_intercept, to enable disable the whole functionality. (default
>> is disabled)
>>  5. The README file and doc folder is updated with relevant
>> documentation, examples and use cases etc.
>>
>> The code is available for review and download at,
>>
>> http://webrtc.voip-demos.com/corex.tbz2
>>
>>  Regarding the actual encryption / compression etc., i am planning to
>> add some example PERL / LUA scripts later on.
>>
>>  Thank you.
>>
>>
>>
>>
>> On Mon, Aug 4, 2014 at 8:19 PM, Muhammad Shahzad <shaheryarkh at gmail.com>
>> wrote:
>>
>>>  Thank you for your valuable suggestions, i appreciate it.
>>>
>>> I agree about module name, in fact a couple friends have already sent me
>>> email privately suggesting the same. May be something like "nio_intercept"
>>> would be better, since module only intercepts the network in/output and
>>> leaves it to script writer what to do with it.
>>>
>>>  Regarding embedding in corex, that is interesting, however i need to go
>>> through its code to understand it a bit and then attempt to embed it. Later
>>> on, i will create separate module which import this functionality from
>>> corex and do specific tasks such as compression and faking http etc.
>>>
>>>  There is a good progress on doubango SDK side as well and at least
>>> idoubs would be ready soon (7 to 10 days approx). Then mobile voip
>>> developers can fully test this functionality at both ends.
>>>
>>>  Anyways let me look at corex module and see if and how can i embed
>>> this. In the meantime more suggestions and comments on this are warmly
>>> welcome from everyone.
>>>
>>> Thank you.
>>>
>>>
>>>
>>>
>>> On Mon, Aug 4, 2014 at 7:55 PM, Daniel-Constantin Mierla <
>>> miconda at gmail.com> wrote:
>>>
>>>> Hello,
>>>>
>>>> I looked at the code and my conclusion was that the name is a bit
>>>> confusing.
>>>>
>>>> While indeed you can do obfuscation using some embedded language or
>>>> other meanings from the config file, the module itself doesn't do anything
>>>> related. It executes an event route for network packet in/out.
>>>>
>>>> Such functionaly is of course useful, just to remind the given example
>>>> with obfuscation. But I think a better name to reflect the behaviour should
>>>> be given.
>>>>
>>>> Maybe obfuscate should be a module that implement some algorithms for
>>>> obfuscations, like you mentions:
>>>> - simply compressing (gz)
>>>> - compressing and encapsulation as body in a http request/reply
>>>> - itv
>>>>
>>>> My proposal would be:
>>>> - either rename the module or embed in another module (e.g., corex)
>>>> what was developed for these event route execution. The event route name
>>>> should be related to network reception/transmission (e.g., network:msg).
>>>> Also the is_obfuscated_msg() should be something like is_incoming()
>>>> - have a new module obfuscate to implement some algorithm as proof of
>>>> concept (e.g., gzip -- i guess plenty of code from gzcompress module is
>>>> very useful just to take from there). Then others may contribute more, as
>>>> they have new ideas or from what you listed (http ecapsulation is at least
>>>> interesting, considering many allow port 80 and inspect for http).
>>>>
>>>> Of course, these are my opinions, so the discussion can go on for
>>>> deciding on how to proceed.
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>>
>>>>
>>>>
>>>> On 02/08/14 23:57, Muhammad Shahzad wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> As already discussed in detail in following email thread,
>>>>>
>>>>>
>>>>> https://www.mail-archive.com/sr-users@lists.sip-router.org/msg19922.html
>>>>>
>>>>> The new Kamailio module obfuscate is ready for testing and can be
>>>>> downloaded at,
>>>>>
>>>>> http://webrtc.voip-demos.com/obfuscate.tbz2
>>>>>
>>>>> It contains full code, with documentation and usage scenarios etc.
>>>>>
>>>>> Adding Kamailio dev team, can you guys review the code and add this
>>>>> module to Kamailio trunk if possible? I will be responsible for its
>>>>> maintenance and bug fixes etc. if any.
>>>>>
>>>>> Thank you.
>>>>>
>>>>>
>>>>>
>>>>   --
>>>> Daniel-Constantin Mierla - http://www.asipto.com
>>>> http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>>>
>>>>
>>>
>>
>> --
>> Daniel-Constantin Mierla - http://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>>
>>
>
> --
> Daniel-Constantin Mierla - http://www.asipto.comhttp://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20140805/7026de31/attachment.html>

More information about the sr-dev mailing list