[SR-Users] Kamailio and XMLRPC commands with POST

Tue May 23 21:33:12 CEST 2017

Hello,

Thanks for the tip Daniel. I added this before the dispatch_rpc() and other xmlrpc related stuff:

...
if (!www_authorize(”somedomain.local", "subscriber")) {
          www_challenge(”somedomain.local", "1");
          exit;
    };
…

Seems to work now with the correct username and password retrieved from subscriber table:

After 200OK the dialplan gets reloaded in this example.

POST /RPC HTTP/1.1.
Accept: */*.
Host: 127.0.0.1:5060.
User-Agent: xmlrpcclient.
Content-Type: text/xml.
Content-Length: 0.

T 127.0.0.1:5060 -> 127.0.0.1:57265 [AP]
HTTP/1.1 401 Unauthorized.
Sia: SIP/2.0/TCP 127.0.0.1:57265.
WWW-Authenticate: Digest realm=”somedomain.local", nonce="WSSNE1kki+cE7oCG5vjVrxI/BZRRfmOmXKecloA=", qop="auth".
Content-Length: 0.

T 127.0.0.1:57265 -> 127.0.0.1:5060 [AP]
POST /RPC HTTP/1.1.
Authorization: Digest username="testuser", realm=”somedomain.local", nonce="WSSNE1kki+cE7oCG5vjVrxI/BZRRfmOmXKecloA=", uri="/RPC", cnonce="Yjg5MWU3ZjdkYzYwNmNlMTc1ZmQyMmFmYmZkNGQyN2M=", nc=00000001, qop=auth, response="c99a92d4c402ab592a908f92e82f08e1".
Accept: */*.
Host: 127.0.0.1:5060.
User-Agent: xmlrpcclient.
Content-Type: text/xml.
Content-Length: 167.
.
<?xml version="1.0" encoding="UTF-8"?><methodCall><methodName>dialplan.reload</methodName><params><param><value><string></string></value></param></params></methodCall>

T 127.0.0.1:5060 -> 127.0.0.1:57265 [AP]
HTTP/1.1 200 OK.
Sia: SIP/2.0/TCP 127.0.0.1:57265.
Content-Length: 108.

Cheers!

PS. Could not help at noticing Kamailio replying with ”Sia” header in 200OK message. I dont know if this is a bug or not but it looks a lot like ”Via” … :)

—Olli

> Daniel-Constantin Mierla <miconda at gmail.com> kirjoitti 23.5.2017 kello 21.23:
> 
> You can use the auth/auth_db modules do the the www-digest authentication (which was actually defined first for http) like for sip traffic -- you probably want to do the www not proxy auth, so use the appropriate functions.
> 
> Cheers,
> Daniel
> 
> On Tue, May 23, 2017 at 3:09 PM, Oma <olli.attila at oatel.net <mailto:olli.attila at oatel.net>> wrote:
> Hello,
> 
> Username & password would be the desired way.
> 
> Cheers,
> 
> —Olli
> 
>> Daniel-Constantin Mierla <miconda at gmail.com <mailto:miconda at gmail.com>> kirjoitti 23.5.2017 kello 15.32:
>> 
>> Hello,
>> 
>> do you want authentication with username and password or IP based authorization?
>> 
>> Cheers,
>> Daniel
>> 
>> On Tue, May 23, 2017 at 7:04 AM, Olli Attila <olli.attila at oatel.net <mailto:olli.attila at oatel.net>> wrote:
>> Hello,
>> 
>> I got the POST request working now by adding the "listen tcp:127.0.0.1:5060 <http://127.0.0.1:5060/>". I tested this with dialplan.reload, dialplan.dump and htable.reload. Works ok.
>> 
>> Is there any way to authenticate the request in Kamailio?
>> 
>> Now all of the valid methods included in request: "http://127.0.0.1/RPC <http://127.0.0.1/RPC>" are getting executed and Kamailio returns 200 OK directly.
>> 
>> Cheers,
>> 
>> --Olli
>> 
>> 
>> 
>> 
>> Diego Nadares kirjoitti 2017-05-22 15:06:
>> Hi Olli,
>> 
>> Did configure kamailio to listen on tcp:127.0.0.1?
>> 
>> Diego
>> 
>> El 22 may. 2017, a las 02:54, Olli Attila <olli.attila at oatel.net <mailto:olli.attila at oatel.net>> escribió:
>> 
>> Hi,
>> 
>> I'm using kamailio 5.0.0 and trying to use core commands through xmlrpc interface but the requests are failing towards Kamailio.
>> I have compiled and enabled the xmlrpc module in config and I have this on my kamailio.cfg:
>> 
>> 
>> # XMLRPC routing
>> #!ifdef WITH_XMLRPC
>> route[XMLRPC] {
>>  # allow XMLRPC from localhost
>>  if ((method=="POST" || method=="GET")
>>      && (src_ip==127.0.0.1)) {
>>    # close connection only for xmlrpclib user agents (there is a bug in
>>    # xmlrpclib: it waits for EOF before interpreting the response).
>>    if ($hdr(User-Agent) =~ "xmlrpclib")
>>      set_reply_close();
>>    set_reply_no_connect();
>>    dispatch_rpc();
>>    exit;
>>  }
>>  send_reply("403", "Forbidden");
>>  exit;
>> }
>> #!endif
>> 
>> I have tried to test this by using curl and calling "core.uptime" method in xml body (core.uptime works when executed through kamcmd commandline tool).
>> The curl is called from the same machine that I have Kamailio installed on:
>> 
>> "curl -X POST -H 'Host: 127.0.0.1:5060 <http://127.0.0.1:5060/>' -H 'User-Agent: xmlrpcclient' -H 'Content-Type: text/xml' -d '<?xml version='1.0'?><methodCall><methodName>core.uptime</methodName><params></params></methodCall>' http://127.0.0.1:5060 <http://127.0.0.1:5060/>"
>> 
>> This fails and I only get: "curl: (7) Failed to connect to 127.0.0.1 port 5060: Connection refused"
>> 
>> network traffic shows me this.. firewall is disabled completely when doing the test:
>> 1   0.000000    127.0.0.1 -> 127.0.0.1    TCP 74 55630→5060 [SYN] Seq=0 Win=43690 Len=0 MSS=65495 SACK_PERM=1 TSval=1347930477 TSecr=0 WS=64
>> 2   0.000032    127.0.0.1 -> 127.0.0.1    TCP 54 5060→55630 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
>> 
>> Can anyone help me to get to the right direction with this?
>> 
>> Cheers,
>> 
>> --Olli
>> 
>> 
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>> 
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>> 
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>> 
>> 
>> 
>> -- 
>> Daniel-Constantin Mierla - http://www.asipto.com <http://www.asipto.com/>
>> http://twitter.com/#!/miconda <http://twitter.com/#!/miconda> - http://www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>_______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
> 
> 
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
> 
> 
> 
> 
> -- 
> Daniel-Constantin Mierla - http://www.asipto.com <http://www.asipto.com/>
> http://twitter.com/#!/miconda <http://twitter.com/#!/miconda> - http://www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>_______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20170523/9809a8ed/attachment.html>