[SR-Users] Re: Serial Forking with differing next hop for each branch?
> On 6 Oct 2023, at 10:39, Barry Flanagan via sr-users > wrote: > > On 06/10/2023 15:23, Alex Balashov via sr-users wrote: >> Hello, >> >> If you can't key by R-URI, perhaps then just store a list of routes in a >> database table or similar? > > Thanks. The routes are received via an API call, and are dynamic. Trying to > avoid the overhead of a database. Ah. Then the easiest approach is probably to buffer them into an XAVP array and just iterate through them. R-URI can be one attribute of each, while the destination URI/next-hop can be another. $var(i) = 0; while(defined $xavp(route_set[$var(i)])) { $ru = $xavp(route_set[$var(i)]=>ruri); $du = $xavp(route_set[$var(i)]=>duri); $var(i) = $var(i) + 1; } -- Alex -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800 __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
[SR-Users] Re: Crypto module AES algorithm details
Hi Henning, Thanks for your responses. The exact use case is as follows: - In a custom SIP header, I'll have the number that is supposed to be dialed out in AES encrypted format - I will have to decrypt it using the shared key and IV that was used to encrypt this phone number on Kamailio - Once decrypted, I will have the number to call. - So the encryption algorithm used by a third party should be same as what is being used to decrypt in kamailio. Any other way of doing this? I can request to change the encryption mechanism to the third party if needed. Any suggestions on how to achieve this. Thanks, - Jayesh On Thu, Oct 5, 2023 at 3:13 PM Henning Westerholt wrote: > (Please keep the list in CC) > > > > Hello, > > > > The web tools might use another logic internally. I had some success with > a java library use case and also with PostgreSQL, I think. > > > > A usual use-case is to have an encrypted password value in a DB, for data > at rest encryption. The password is encrypted from something else. Then > inside the Kamailio cfg you want to encrypt it on the fly, to use it for > example for challenging a phone with username/password. > > > > Maybe you can give it a try with some python or other script languages, > where you can play with the different crypto system parameter more easily. > > > > Cheers, > > > > Henning > > > > -- > > Henning Westerholt – https://skalatan.de/blog/ > > Kamailio services – https://gilawa.com > > > > > > *From:* Jayesh Nambiar > *Sent:* Donnerstag, 5. Oktober 2023 06:41 > *To:* Henning Westerholt > *Subject:* Re: [SR-Users] Crypto module AES algorithm details > > > > *Hello Henning,* > > Thanks for the super fast reply. > > I tested this within kamailio 5.3.4 and I can successfully encrypt a > header value and also the same encrypted value decrypts to proper plain > text when. > > But when I compare the encrypted text with online resources like > https://www.devglan.com/online-tools/aes-encryption-decryption and > https://www.javainuse.com/aesgenerator, their encrypted text value is > different from what I see from kamailio. > > Both these resources produce the same encrypted text while the encrypted > text from kamailio is different. > > How do I validate this? > > My use case is as follows: > > -- I get an encrypted text in a SIP Header > > -- I decrypt it and validate it against some DB > > -- If valid proceed or else exit > > > > Now if the algorithm doesnt match exactly, there are chances of error, > hence asking question on how to validate it. > > > > > > On Wed, Oct 4, 2023 at 1:43 PM Henning Westerholt wrote: > > Hello Jayesh, > > > > AFAIK its uses AES 256 with CBC mode. The IV is generated from OpenSSL, > e.g. https://www.openssl.org/docs/man3.0/man3/EVP_BytesToKey.html > > > > For newer versions I have added the init_vector functionality to enable > interoperability with other crypto functions, e.g. some databases, java > frameworks etc. If you want to use this functionality, I’d suggest to > update, as the 5.3. is also end of life since some time. Otherwise you can > of course also backport this feature. > > > > Cheers, > > > > Henning > > > > > > -- > > Henning Westerholt – https://skalatan.de/blog/ > > Kamailio services – https://gilawa.com > > > > > > > > *From:* Jayesh Nambiar via sr-users > *Sent:* Mittwoch, 4. Oktober 2023 08:54 > *To:* Kamailio (SER) - Users Mailing List > *Cc:* Jayesh Nambiar > *Subject:* [SR-Users] Crypto module AES algorithm details > > > > *Hello,* > > I am running kamailio-5.3.4 on one of my setup and I intend to use the > crypto module in the same. > > I wanted to understand the following details when the module is used: > > I understand it uses the AES algorithm, is that correct? > > Does it use AES 128, 192 or 256 bit algorithms? > > Does it use CBC or ECB mode for AES? > > The 5.3 version does not have an parameter for init-vector, so does > kamailio use any init vector internally in this case? > > > > When i compared the encrypted text that kamailio produces and the ones > available online, they were producing different outputs even when same > shared secret was used. Hence asking for more clarification > > > > PS: Upgrading kamailio is my very last option as this is one af an old > setup which only needs this feature without much changes. > > > > Thanks for any valuable response. > > > > *-- Jayesh* > > > > > > __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
[SR-Users] Re: Serial Forking with differing next hop for each branch?
On 06/10/2023 15:23, Alex Balashov via sr-users wrote: Hello, If you can't key by R-URI, perhaps then just store a list of routes in a database table or similar? Thanks. The routes are received via an API call, and are dynamic. Trying to avoid the overhead of a database. -Barry On 6 Oct 2023, at 08:35, Barry Flanagan via sr-users wrote: Hi, Anyone have a clue how the below can be acheived? Thanks! -Barry On Thu, 21 Sep 2023, at 13:52, Barry Flanagan wrote: Hi I have a scenario where I need to implement serial forking but each destination has also a next hop proxy. I can do the forking using append_branch, but how can I set the destination URI for each branch? In some cases the R-URI does not change, only the next hop proxy. Example: R-URI Next Hop us...@domain.com XXX.XXX.XXX.XXX us...@domain.com YYY.YYY.YYY.YYY us...@domain.com XXX.XXX.XXX.XXX I was thinking I could use a htable to store the next hop using the R-URI as the key, but as can be seen above there are possibly duplicate R-URIs with only the next hop changing. Thanks. -- -Barry __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: -- -Barry __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
[SR-Users] Re: Serial Forking with differing next hop for each branch?
Hello, If you can't key by R-URI, perhaps then just store a list of routes in a database table or similar? > On 6 Oct 2023, at 08:35, Barry Flanagan via sr-users > wrote: > > Hi, > Anyone have a clue how the below can be acheived? > > Thanks! > > -Barry > > On Thu, 21 Sep 2023, at 13:52, Barry Flanagan wrote: >> Hi >> >> I have a scenario where I need to implement serial forking but each >> destination has also a next hop proxy. I can do the forking using >> append_branch, but how can I set the destination URI for each branch? In >> some cases the R-URI does not change, only the next hop proxy. >> >> Example: >> >> R-URI Next Hop >> us...@domain.com XXX.XXX.XXX.XXX >> us...@domain.com YYY.YYY.YYY.YYY >> us...@domain.com XXX.XXX.XXX.XXX >> >> I was thinking I could use a htable to store the next hop using the >> R-URI as the key, but as can be seen above there are possibly duplicate >> R-URIs with only the next hop changing. >> >> Thanks. >> >> -- >> -Barry > __ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to sr-users-le...@lists.kamailio.org > Important: keep the mailing list in the recipients, do not reply only to the > sender! > Edit mailing list options or unsubscribe: -- Alex Balashov Principal Consultant Evariste Systems LLC Web: https://evaristesys.com Tel: +1-706-510-6800 __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
[SR-Users] Re: Serial Forking with differing next hop for each branch?
Hi, Anyone have a clue how the below can be acheived? Thanks! -Barry On Thu, 21 Sep 2023, at 13:52, Barry Flanagan wrote: > Hi > > I have a scenario where I need to implement serial forking but each > destination has also a next hop proxy. I can do the forking using > append_branch, but how can I set the destination URI for each branch? In > some cases the R-URI does not change, only the next hop proxy. > > Example: > > R-URI Next Hop > us...@domain.com XXX.XXX.XXX.XXX > us...@domain.com YYY.YYY.YYY.YYY > us...@domain.com XXX.XXX.XXX.XXX > > I was thinking I could use a htable to store the next hop using the > R-URI as the key, but as can be seen above there are possibly duplicate > R-URIs with only the next hop changing. > > Thanks. > > -- > -Barry __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
[SR-Users] Re: uac_req_send + evroute + crash
Hello, do you also get error log messages that include "failed to send request with authentication"? Which CRITICAL log appears when you call uac_req_send()? You pasted a couple of them in the initial email? Cheers, Daniel On 05.10.23 17:32, Dr. Barabás Péter wrote: > > Hello, > > > > I used kamailio version 5.6.2. I refreshed to 5.7.2 today. > > As I remember it was in kamailio long time ago therefore I could skip > evroute route. > > But this CRITICAL log appears always when I call uac_req_send(). > > I call it with settings: > > $uac_req(auser)= $var(username); > > $uac_req(apasswd)= $var(password); > > > > Where username and password are retrived from web service before call. > > In event_route I got first 401 after 200. > > > > *Peter* > > > > > > *From: *Daniel-Constantin Mierla > *Date: *Thursday, 2023. October 5. 17:25 > *To: *Kamailio (SER) - Users Mailing List > *Cc: *Dr. Barabás Péter > *Subject: *Re: [SR-Users] uac_req_send + evroute + crash > > Hello, > > On 05.10.23 16:34, Dr. Barabás Péter via sr-users wrote: > > Hi All, > > > > I use kamailio In front of Asterisk and kamailio needs to refresh > registrations periodically towards Asterisk to ensure the > availability of users from Asterisk side. > > I use uac module and call uac_req_send() for sending REGISTER > requests. > > I set $uac_req(evroute)=1 > > > > The event_route[uac:reply] is called fine, but in kamailio logs I > see the next lines: > > > > CRITICAL: [core/mem/q_malloc.c:519]: qm_free(): BUG: > freeing already freed pointer (0x7f114995ada8), called from uac: > uac_send.c: uac_send_tm_callback(860), first free uac: uac_send.c: > uac_resend_tm_callback(732) - ignoring > > > > After some time, kamailio has crashed. > > > > CRITICAL: [core/mem/q_malloc.c:519]: qm_free(): BUG: > freeing already freed pointer (0x7f114995ada8), called from uac: > uac_send.c: uac_send_tm_callback(860), first free uac: uac_send.c: > uac_resend_tm_callback(732) – ignoring > > > > CRITICAL: [core/pass_fd.c:277]: receive_fd(): EOF on 34 > > ALERT: [main.c:774]: handle_sigs(): child process 1407950 > exited by a signal 6 > > what version of Kamailio are you using? Is Asterisk challenging for > authentication? > > Does it happen every time or seldom? > > Cheers, > Daniel > > -- > Daniel-Constantin Mierla (@ asipto.com) > twitter.com/miconda -- linkedin.com/in/miconda > Kamailio Consultancy and Development Services > Kamailio Advanced Training - Online - Nov 14-16, 2023 -- asipto.com -- Daniel-Constantin Mierla (@ asipto.com) twitter.com/miconda -- linkedin.com/in/miconda Kamailio Consultancy and Development Services Kamailio Advanced Training - Online - Nov 14-16, 2023 -- asipto.com __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
[SR-Users] Re: uac_req_send + evroute + crash
Hello, I used kamailio version 5.6.2. I refreshed to 5.7.2 today. As I remember it was in kamailio long time ago therefore I could skip evroute route. But this CRITICAL log appears always when I call uac_req_send(). I call it with settings: $uac_req(auser) = $var(username); $uac_req(apasswd) = $var(password); Where username and password are retrived from web service before call. In event_route I got first 401 after 200. Peter From: Daniel-Constantin Mierla Date: Thursday, 2023. October 5. 17:25 To: Kamailio (SER) - Users Mailing List Cc: Dr. Barabás Péter Subject: Re: [SR-Users] uac_req_send + evroute + crash Hello, On 05.10.23 16:34, Dr. Barabás Péter via sr-users wrote: Hi All, I use kamailio In front of Asterisk and kamailio needs to refresh registrations periodically towards Asterisk to ensure the availability of users from Asterisk side. I use uac module and call uac_req_send() for sending REGISTER requests. I set $uac_req(evroute)=1 The event_route[uac:reply] is called fine, but in kamailio logs I see the next lines: CRITICAL: [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f114995ada8), called from uac: uac_send.c: uac_send_tm_callback(860), first free uac: uac_send.c: uac_resend_tm_callback(732) - ignoring After some time, kamailio has crashed. CRITICAL: [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7f114995ada8), called from uac: uac_send.c: uac_send_tm_callback(860), first free uac: uac_send.c: uac_resend_tm_callback(732) – ignoring CRITICAL: [core/pass_fd.c:277]: receive_fd(): EOF on 34 ALERT: [main.c:774]: handle_sigs(): child process 1407950 exited by a signal 6 what version of Kamailio are you using? Is Asterisk challenging for authentication? Does it happen every time or seldom? Cheers, Daniel -- Daniel-Constantin Mierla (@ asipto.com) twitter.com/miconda -- linkedin.com/in/miconda Kamailio Consultancy and Development Services Kamailio Advanced Training - Online - Nov 14-16, 2023 -- asipto.com __ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: