OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 16-Nov-2005 14:26:13 Branch: HEAD Handle: 2005111613261300 Modified files: openpkg-src/openser openser.cfg openser.spec rc.openser Log: add a more complete default configuration (yes, unfortunately such a lot of stuff seems to be actually required) and add rtpproxy companion daemon Summary: Revision Changes Path 1.2 +152 -12 openpkg-src/openser/openser.cfg 1.4 +32 -11 openpkg-src/openser/openser.spec 1.2 +17 -0 openpkg-src/openser/rc.openser ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/openser/openser.cfg ============================================================================ $ cvs diff -u -r1.1 -r1.2 openser.cfg --- openpkg-src/openser/openser.cfg 9 Oct 2005 19:27:05 -0000 1.1 +++ openpkg-src/openser/openser.cfg 16 Nov 2005 13:26:13 -0000 1.2 @@ -20,7 +20,7 @@ workdir="@l_prefix@/var/openser" # network configuration -alias="example.com" +alias="sip.example.com" listen="127.0.0.1" port=5060 @@ -28,7 +28,8 @@ # EXTENSION MODULE LOADING # -loadmodule "@l_prefix@/lib/openser/modules/dbtext.so" +#loadmodule "@l_prefix@/lib/openser/modules/dbtext.so" + loadmodule "@l_prefix@/lib/openser/modules/sl.so" loadmodule "@l_prefix@/lib/openser/modules/tm.so" loadmodule "@l_prefix@/lib/openser/modules/rr.so" @@ -36,23 +37,162 @@ loadmodule "@l_prefix@/lib/openser/modules/usrloc.so" loadmodule "@l_prefix@/lib/openser/modules/registrar.so" loadmodule "@l_prefix@/lib/openser/modules/textops.so" -loadmodule "@l_prefix@/lib/openser/modules/auth.so" -loadmodule "@l_prefix@/lib/openser/modules/auth_db.so" + +#loadmodule "@l_prefix@/lib/openser/modules/auth.so" +#loadmodule "@l_prefix@/lib/openser/modules/auth_db.so" + +#loadmodule "@l_prefix@/lib/openser/modules/nathelper.so" # # EXTENSION MODULE CONFIGURATION # +# module rr: +modparam("rr", "enable_full_lr", 1) + # module usrloc: -modparam("usrloc", "db_mode", 2) -modparam("usrloc|auth_db", "db_url", "dbtext://@l_prefix@/var/openser/db") +modparam("usrloc", "db_mode", 0) +#modparam("usrloc", "db_mode", 2) +#modparam("usrloc|auth_db", "db_url", "dbtext://@l_prefix@/var/openser/db") # module auth: -modparam("auth_db", "calculate_ha1", 1) -modparam("auth_db", "password_column", "password") -modparam("auth_db", "user_column", "username") -modparam("auth_db", "domain_column", "domain") +#modparam("auth_db", "calculate_ha1", 1) +#modparam("auth_db", "password_column", "password") +#modparam("auth_db", "user_column", "username") +#modparam("auth_db", "domain_column", "domain") + +# module nathelper: +#modparam("registrar", "nat_flag", 6) +#modparam("nathelper", "natping_interval", 30) +#modparam("nathelper", "ping_nated_only", 1) +#modparam("nathelper", "rtpproxy_sock", "unix:@l_prefix@/var/openser/openser_rtpproxy.sock") +#modparam("nathelper", "rtpproxy_disable", 0) +#modparam("nathelper", "rtpproxy_disable_tout", 20) +#modparam("nathelper", "sipping_from", "sip:[EMAIL PROTECTED]") -# module rr: -modparam("rr", "enable_full_lr", 1) +# +# MAIN ROUTING LOGIC +# + +route{ + # initial sanity checks -- messages with + # max_forwards==0, or excessively long requests + if (!mf_process_maxfwd_header("10")) { + sl_send_reply("483", "Too Many Hops"); + exit; + }; + if (msg:len >= max_len) { + sl_send_reply("513", "Message too big"); + exit; + }; + + #if (method == "INVITE" && uri != myself) { + # sl_send_reply("403", "No relaying"); + # exit; + #}; + + # NAT: special handling for NAT'ed clients; first, NAT test is + # executed: it looks for via!=received and RFC1918 addresses in + # Contact (may fail if line-folding is used); also, the received + # test should, if completed, should check all vias for presence of + # received. + #if (nat_uac_test("3")) { + # # allow RR-ed requests, as these may indicate that NAT-enabled + # # aproxy takes care of it; unless it is REGISTER + # if (method == "REGISTER" || ! search("^Record-Route:")) { + # log("LOG: Someone trying to register from private IP, rewriting\n"); + # fix_nated_contact(); # rewrite contact with source IP of signalling + # if (method == "INVITE") { + # fix_nated_sdp("1"); # add direction=active to SDP + # }; + # force_rport(); # add rport parameter to topmost Via + # setflag(6); # mark as NAT'ed + # }; + #}; + + # we record-route all messages -- to make sure that + # subsequent messages will go through our proxy; that's + # particularly good if upstream and downstream entities + # use different transport protocol + if (method != "REGISTER") { + record_route(); + }; + + # subsequent messages withing a dialog should take the + # path determined by record-routing + if (loose_route()) { + # mark routing logic in request + append_hf("P-hint: rr-enforced\r\n"); + route(1); + }; + + if (uri != myself) { + # mark routing logic in request + append_hf("P-hint: outbound\r\n"); + route(1); + }; + + # if the request is for other domain use USRLOC + # (in case, it does not work, use the following command + # with proper names and addresses in it) + if (uri == myself) { + if (method == "REGISTER") { + # uncomment this if you want to use digest authentication + #if (!www_authorize("sip.example.com", "subscriber")) { + # www_challenge("sip.example.com", "0"); + # exit; + #}; + save("location"); + exit; + }; + + lookup("aliases"); + if (uri != myself) { + append_hf("P-hint: outbound alias\r\n"); + route(1); + }; + + # native SIP destinations are handled using our USRLOC DB + if (!lookup("location")) { + sl_send_reply("404", "Not Found"); + exit; + }; + append_hf("P-hint: usrloc applied\r\n"); + }; + + route(1); +} + +route[1] { + # disable RFC1918 peers + if (uri =~ "[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" && !search("^Route:")) { + sl_send_reply("479", "We don't forward to RFC 1918 IPv4 addresses"); + exit; + }; + + # NAT: if client or server know to be behind a NAT, enable relay + #if (isflagset(6)) { + # force_rtp_proxy(); + #}; + + # NAT: processing of replies; apply to all transactions + t_on_reply("1"); + + # send it out now; use stateful forwarding as it works reliably even for UDP2TCP + if (!t_relay()) { + sl_reply_error(); + }; +} + +onreply_route[1] { + # NAT: is it a NAT'ed transaction ? + # otherwise, is it a transaction behind a NAT and we did not + # know at time of request processing ? (RFC1918 contacts) + #if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") { + # fix_nated_contact(); + # force_rtp_proxy(); + #} else if (nat_uac_test("1")) { + # fix_nated_contact(); + #}; +} @@ . patch -p0 <<'@@ .' Index: openpkg-src/openser/openser.spec ============================================================================ $ cvs diff -u -r1.3 -r1.4 openser.spec --- openpkg-src/openser/openser.spec 29 Oct 2005 07:34:49 -0000 1.3 +++ openpkg-src/openser/openser.spec 16 Nov 2005 13:26:13 -0000 1.4 @@ -22,7 +22,9 @@ ## SUCH DAMAGE. ## -# FIXME: rse: dbtext default database not sufficient?! +# package options +%define V_openser 1.0.0 +%define V_rtpproxy 20050711-062702 # package information Name: openser @@ -34,18 +36,19 @@ Class: EVAL Group: Network License: GPL -Version: 1.0.0 -Release: 20051029 +Version: %{V_openser} +Release: 20051116 # package options %option with_fsl yes # list of sources -Source0: http://openser.org/pub/openser/%{version}/src/openser-%{version}_src.tar.gz -Source1: rc.openser -Source2: fsl.openser -Source3: openser.cfg -Source4: openser.schema-dbtext.txt +Source0: http://openser.org/pub/openser/%{version}/src/openser-%{V_openser}_src.tar.gz +Source1: http://openser.org/downloads/snapshots/rtpproxy/rtpproxy-cvs-%{V_rtpproxy}.tgz +Source2: rc.openser +Source3: fsl.openser +Source4: openser.cfg +Source5: openser.schema-dbtext.txt Patch0: openser.patch # build information @@ -69,15 +72,21 @@ %track prog openser = { - version = %{version} + version = %{V_openser} url = http://openser.org/pub/openser/ regex = (\d+\.\d+\.\d+)/ url = http://openser.org/pub/openser/__NEWVER__/src/ regex = openser-(__VER__)_src\.tar\.gz } + prog openser:rtpproxy = { + version = %{V_rtpproxy} + url = http://openser.org/downloads/snapshots/rtpproxy/ + regex = rtpproxy-cvs-(__VER__)\.tgz + } %prep %setup -q + %setup -q -T -D -a 1 %patch -p0 %build @@ -99,6 +108,14 @@ modules \ skip_modules="mysql jabber" + # build rtpproxy extension + ( cd rtpproxy + CC="%{l_cc}" \ + CFLAGS="%{l_cflags -O}" \ + ./configure + %{l_make} %{l_mflags} + ) || exit $? + %install rm -rf $RPM_BUILD_ROOT @@ -123,8 +140,12 @@ install-modules \ skip_modules="mysql jabber" + # install rtpproxy extension + %{l_shtool} install -c -s -m 755 \ + rtpproxy/rtpproxy $RPM_BUILD_ROOT%{l_prefix}/sbin/openser_rtpproxy + # strip down installation - strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true + strip $RPM_BUILD_ROOT%{l_prefix}/sbin/* >/dev/null 2>&1 || true rm -f $RPM_BUILD_ROOT%{l_prefix}/sbin/openser_mysql.sh # post-adjust installation @@ -183,7 +204,7 @@ chown %{l_rusr}:%{l_rgrp} $RPM_INSTALL_PREFIX/var/openser/db chmod 755 $RPM_INSTALL_PREFIX/var/openser/db schema="$RPM_INSTALL_PREFIX/share/openser/openser.schema-dbtext.txt" - for table in `sed -e 's;\([^:]*\):.*;\1;' <$schema | sort -u`; do + for table in `sed -e '/^#.*/d' -e '/^$/d' -e 's;\([^:]*\):.*;\1;' <$schema | sort -u`; do grep "^${table}:" $schema | sed -e "s;^${table}: *;;" \ >$RPM_INSTALL_PREFIX/var/openser/db/$table done @@ . patch -p0 <<'@@ .' Index: openpkg-src/openser/rc.openser ============================================================================ $ cvs diff -u -r1.1 -r1.2 rc.openser --- openpkg-src/openser/rc.openser 9 Oct 2005 19:27:05 -0000 1.1 +++ openpkg-src/openser/rc.openser 16 Nov 2005 13:26:13 -0000 1.2 @@ -6,6 +6,7 @@ %config openser_enable="$openpkg_rc_def" openser_flags="" + openser_rtpproxy="yes" openser_log_prolog="true" openser_log_epilog="true" openser_log_numfiles="10" @@ -13,7 +14,14 @@ openser_log_complevel="9" %common + openser_cfgfile="@l_prefix@/etc/openser/openser.cfg" openser_pidfile="@l_prefix@/var/openser/openser.pid" + openser_rtpproxy_pidfile="@l_prefix@/var/openser/openser_rtpproxy.pid" + openser_rtpproxy_socket="@l_prefix@/var/openser/openser_rtpproxy.sock" + openser_rtpproxy_listen=`grep '^listen=' $openser_cfgfile | sed -e 's/^listen="\(.*\)".*/\1/'` + openser_rtpproxy_signal () { + [ -f $openser_rtpproxy_pidfile ] && kill -$1 `cat $openser_rtpproxy_pidfile` + } %status -u @l_susr@ -o openser_usable="no" @@ -31,6 +39,12 @@ %start -p 100 -u @l_susr@ rcService openser enable yes || exit 0 rcService openser active yes && exit 0 + if rcVarIsYes openser_rtpproxy; then + @l_prefix@/sbin/openser_rtpproxy \ + -l $openser_rtpproxy_listen \ + -s unix:$openser_rtpproxy_socket \ + -p $openser_rtpproxy_pidfile + fi @l_prefix@/sbin/openser \ -P $openser_pidfile \ ${openser_flags} @@ -39,6 +53,9 @@ rcService openser enable yes || exit 0 rcService openser active no && exit 0 @l_prefix@/sbin/openserctl stop + if rcVarIsYes openser_rtpproxy; then + openser_rtpproxy_signal TERM + fi sleep 2 %restart -p 100 -u @l_susr@ @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org