[sr-dev] sr-dev Digest, Vol 71, Issue 70

Muhammad Shahzad shaheryarkh at gmail.com
Sat Sep 20 21:06:55 CEST 2014 

Seems like your TCP packet itself is invalid for some reason. Possibly, you
are encrypting the payload AFTER TCP packet is created in PJSIP, which
would result in wrong TCP packet checksum and payload size etc.

Please check the encryption code you injected in PJSIP UAC side. You need
to encrypt "SIP" packet and forward it to TCP transport code which would
create TCP packet from this encrypted data as its payload.

Alternatively, if you indeed want to do encryption in TCP layer code of
PJSIP, then you need to update all TCP packet data structure member with
appropriate values with reference to encrypted payload.

Thank you.



On Sat, Sep 20, 2014 at 7:49 PM, varun pratapsingh <varunps2003 at gmail.com>
wrote:

> HI Shehzad,
>
> First of all thanks to you for writing such a nice module.
>
> I am also facing the same problem. The module works fine when UAC (PJSIP)
> sends the encoded SIP packet on UDP transport but when it sends the same
> encoded packet with TCP transport it never reaches to the
> nio_msg_received() function in corex_nio.c and so does not print anything
> in $mb when printed from the kamailio.cfg using the xlog in
> event_route[network:msg].
>
> Digging further I also found that when kamailio receives the TCP packet
> with encoded sip in file tcp_read.c in function tcp_read_headers() then it
> goes for some tcp_headers parsing and drops the packet. But it works good
> when the TCP packet data segment is not encoded that is SIP packet is not
> encoded and transmitted on TCP :
>
> 1) TCP Headers + payload (SIP Packet)  ----> this case works fine
> 2) TCP Headers + payload (encoded SIP Packet) ------> this case does not
> work fine.
>
> Any pointers where I might be wrong.
>
>
> Thanks
> Varun
>
> Regards
> Varun
>
>
>
>> Date: Sat, 20 Sep 2014 19:12:24 +0200
>> From: Muhammad Shahzad <shaheryarkh at gmail.com>
>> To: "Kamailio (SER) - Development Mailing List"
>>         <sr-dev at lists.sip-router.org>
>> Subject: Re: [sr-dev] Reqd. help on Corex (Obfuscate) - Kamailio 4.2.x
>> Message-ID:
>>         <
>> CAFZQphwxr6TbVV98tF5bGAcfi7822POMGGhadP4_x77XZw+hDg at mail.gmail.com>
>> Content-Type: text/plain; charset="utf-8"
>>
>> There is something wrong with your encryption setup, the event_route
>> [network:msg] gets raw messages that was either just received from the
>> network interface or the final message that is about to be sent over
>> network socket. The SIP parsing is done AFTER message has been processed
>> by
>> this route. So, if SIP parsing fails then it means the message was not
>> correctly decrypted in event_route [network:msg].
>>
>> Thank you.
>>
>>
>>
>> On Sat, Sep 20, 2014 at 3:25 PM, Rahul MathuR <rahul.ultimate at gmail.com>
>> wrote:
>>
>> > Hello Gents,
>> >
>> > Thanks for guiding me in the correct direction.
>> >
>> > However, it so came out that when encrypted packets come to kamailio
>> over
>> > transport 'TCP' then it gets rejected from tcp_read.c even before
>> coming to
>> > corex module.
>> > I guess, maybe it is getting rejected due to header parsing failure.
>> >
>> > Any pointers here would be very helpful !!
>> >
>> > Thanks one again..
>> >
>> >
>> >
>> > On Wed, Sep 17, 2014 at 12:44 PM, Daniel-Constantin Mierla <
>> > miconda at gmail.com> wrote:
>> >
>> >>  Hello,
>> >>
>> >> the corex has a function to tell if the message is received by kamailio
>> >> or sent out:
>> >>
>> >> - http://kamailio.org/docs/modules/devel/modules/corex.html#idp29928
>> >>
>> >> If you interconnect with other servers/gateways when you don't what to
>> do
>> >> special encoding, then you need to test src ip or look ar r-uri/dst
>> uri.
>> >>
>> >> Cheers,
>> >> Daniel
>> >>
>> >>
>> >> On 17/09/14 04:24, Rahul MathuR wrote:
>> >>
>> >> Hi,
>> >>
>> >>  Did you get some free cycles to look at it ?
>> >>
>> >> On Wed, Sep 17, 2014 at 12:12 AM, Rahul MathuR <
>> rahul.ultimate at gmail.com>
>> >> wrote:
>> >>
>> >>> Thanks for replying !
>> >>>
>> >>>  But how to check whether a particular message received by Kamailio
>> was
>> >>> sent by UAC or SIP Server ?
>> >>> Also, on the same lines - how to know whether a particular message
>> about
>> >>> to be send from Kamailio is bound to UAC or SIP Server ?
>> >>>
>> >>> On Tue, Sep 16, 2014 at 10:51 PM, Muhammad Shahzad <
>> >>> shaheryarkh at gmail.com> wrote:
>> >>>
>> >>>>  Hi,
>> >>>>
>> >>>>  The network io intercept feature basically allows kamailio script
>> >>>> writer to do whatever s/he may want to do with raw SIP packets (that
>> are
>> >>>> just received by kamailio or about to be sent out by kamailio), e.g.
>> >>>> encryption, compression or any final touches to sip message before
>> it is
>> >>>> processed by kamailio core. That is why it is purposely kept
>> abstract and
>> >>>> any particular use or implementation is left to the script writer.
>> >>>>
>> >>>>  In your case the encryption / decryption code is in C/C++, you can
>> >>>> try one of the followings,
>> >>>>
>> >>>>  1. Writeup a C/C++ program that receives outgoing SIP message as
>> text
>> >>>> (and some other parameters, e.g. encryption key) in input arguments
>> and
>> >>>> returns the encrypted message in event_route [ network:msg ] and
>> vice versa
>> >>>> (for incoming messages). You can call this program directly from
>> >>>> kamailio.cfg script.
>> >>>>
>> >>>>  2. Writeup e.g. a PERL wrapper for your encryption / decryption
>> C/C++
>> >>>> code and call it using kamailio app_perl module within event_route [
>> >>>> network:msg ] as demonstrated in this example,
>> >>>>
>> >>>> http://kamailio.org/docs/modules/devel/modules/corex.html#idp125704
>> >>>>
>> >>>>  You can also use any other kamailio language bind of you choice as
>> >>>> well, e.g. Python, LUA, JAVA and so on.
>> >>>>
>> >>>>  I would recommend the second option, as it has less processing
>> >>>> overhead for kamailio.
>> >>>>
>> >>>> Thank you.
>> >>>>
>> >>>>
>> >>>>
>> >>>>  On Tue, Sep 16, 2014 at 6:09 PM, Rahul MathuR <
>> >>>> rahul.ultimate at gmail.com> wrote:
>> >>>>
>> >>>>>  Hello,
>> >>>>>
>> >>>>>  I was going through the new features and stumbled upon this new one
>> >>>>> - developed by Mohd. Shahzad Shafi.
>> >>>>> As already mentioned on the wiki about this module, I intend to use
>> it
>> >>>>> for my custom security layer between UACs and SIP Proxy (Kamailio)
>> but the
>> >>>>> issue is - the custom security layer (encryption/decryption code) is
>> >>>>> written in C and should precisely be applied for the messages
>> between UAC
>> >>>>> and Proxy.
>> >>>>>
>> >>>>>  Is there a way I can achieve this using Corex module since it does
>> >>>>> intercept the network I/O messages ?
>> >>>>>
>> >>>>>  Any help here would be really appreciated.
>> >>>>>
>> >>>>>  --
>> >>>>> Warm Regds.
>> >>>>> MathuRahul
>> >>>>>
>> >>>>>  _______________________________________________
>> >>>>> sr-dev mailing list
>> >>>>> sr-dev at lists.sip-router.org
>> >>>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>> >>>>>
>> >>>>>
>> >>>>
>> >>>> _______________________________________________
>> >>>> sr-dev mailing list
>> >>>> sr-dev at lists.sip-router.org
>> >>>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>> >>>>
>> >>>>
>> >>>
>> >>>
>> >>>   --
>> >>> Warm Regds.
>> >>> MathuRahul
>> >>>
>> >>
>> >>
>> >>
>> >>  --
>> >> Warm Regds.
>> >> MathuRahul
>> >>
>> >>
>> >> _______________________________________________
>> >> sr-dev mailing listsr-dev at lists.sip-router.orghttp://
>> lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>> >>
>> >>
>> >> --
>> >> Daniel-Constantin Mierlahttp://twitter.com/#!/miconda -
>> http://www.linkedin.com/in/miconda
>> >> Next Kamailio Advanced Trainings 2014 - http://www.asipto.com
>> >> Sep 22-25, Berlin, Germany
>> >>
>> >>
>> >> _______________________________________________
>> >> sr-dev mailing list
>> >> sr-dev at lists.sip-router.org
>> >> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>> >>
>> >>
>> >
>> >
>> > --
>> > Warm Regds.
>> > MathuRahul
>> >
>> > _______________________________________________
>> > sr-dev mailing list
>> > sr-dev at lists.sip-router.org
>> > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>> >
>> >
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <
>> http://lists.sip-router.org/pipermail/sr-dev/attachments/20140920/2a36e616/attachment.html
>> >
>>
>> ------------------------------
>>
>> _______________________________________________
>> sr-dev mailing list
>> sr-dev at lists.sip-router.org
>> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>>
>>
>> End of sr-dev Digest, Vol 71, Issue 70
>> **************************************
>>
>
>
> _______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20140920/0f6029d4/attachment-0001.html>

More information about the sr-dev mailing list