[SR-Users] Bug in LDAP module?

Pan B. Christensen pan at ibidium.no
Tue Jan 18 17:44:09 CET 2011 

----- Original Message ----- 
From: "Mikko Lehto" <mikko.lehto at setera.fi>
To: "Pan B. Christensen" <pan at ibidium.no>
Cc: <sr-users at lists.sip-router.org>
Sent: Friday, January 14, 2011 6:08 AM
Subject: Re: [SR-Users] Bug in LDAP module?


> Hi Pan
>
> Do you have comment on the above patch by Daniel-Constantin?
> I plan to use ldap module soon and would like to hear if this issue
> you reported is now non existent.
>
> Thanks!
>
> -- 
> Mikko

Unfortunately, I havn't been able to test it yet, and probably won't be for 
a long time.

The customer has gone into production, and they have a fairly complicated / 
non-standard installation. They didn't want to do a new compile at this 
time.

I did compile it on the new test rig, but I can't start that instance until 
the customer gets their PGSQL server for that rig up and running.

For now, I just made a workaround with a loop check which does the 
following:
If LDAP lookup returns nothing, the call should not be to a voip user.
My original code would then check the number database to see where the 
number should be routed (one of the old Nortel PBXes or to PSTN if not 
found). If the answer is VoIP, I would normally log a line about config 
error and terminate the call because this should not happen. I edited this 
so that if the X-LDAPLOOP header is not present, add it and do not change 
$rd. If the header is present, terminate the call.

$rU was changed in failure_route before attempting to call the LDAP lookup 
route (10). By not changing $rd in this scenario, the new INVITE will be 
sent to self. The new call (INVITE from Kamailio to Kamailio) will do LDAP 
lookup just fine. It's ugly, but it works.

Here's some code snippets:

route[10] {
...
                        ldap_search("ldap://...");
                }
                if ($retcode < 1) {
                        switch ($retcode) {
                        case -1:
                                # no LDAP entry found
                                route(11);
                                return(1);
...
}

route[11] {
...
                sql_query("data1","select ...", "num");
                if ($dbr(num=>rows) > 0) {
                        $avp(s:num_node)=$dbr(num=>[0,0]);
                        if (isflagset(1)) {
                                xlog("L_INFO", "ROUTE 11: Number lookup 
results for $rU: Node: $avp(s:num_node).\n");
                        }
                        if $avp(s:num_node)=="VOIP" {
                                # VOIP number not found in LDAP. This should 
not happen. - With new workaround for LDAP bug.
                                if (is_present_hf("X-UIO-LDAPLOOP")) {
                                        xlog("L_WARN", "CONFIG ERROR: VOIP 
number still not found in LDAP after workaround. Hanging up.\n");
                                        sl_send_reply("404", "Not found");
                                        sql_result_free("num");
                                        exit;
                                }
                                xlog("L_INFO", "VOIP number not in LDAP. 
LDAP bug? Relaying to self as workaround.\n");
                                append_hf("X-UIO-LDAPLOOP: 1\r\n");
                        }
...
}

The idea is to send to self in this scenario, and when that new transaction 
(from self) is processed the driver will perform just fine.

With kind regards,
Pan B. Christensen
Senior technician
Ibidium AS
http://www.ibidium.no/

More information about the sr-users mailing list