[OpenSIPS-Users] set_dlg_profile problem
Hello,
When try to use set_dlg_profile at OpanSips - 1.9 I receive follow errors:
ERROR:dialog:set_dlg_profile: dialog was not yet created - script error
ERROR:dialog:w_set_dlg_profile: failed to set profile
Here is part of my Opensips script:
modparam(dialog, profiles_with_value, caller)
.
if ( is_method(INVITE) ) {
.
set_dlg_profile(caller,$fU);
}
Where is problem?
Regards,
PlayMen
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Re: [OpenSIPS-Users] Registrar - max_contacts and 503 logging
Hello, Try the attached patch for preventing save() to stop your script. In regards to the error itself, $err is not suitable for that. The idea will be to have save() returning detailed negative codes to reflect the actual internal error. Regards, Bogdan-Andrei Iancu OpenSIPS Founder and Developer http://www.opensips-solutions.com On 08.02.2014 11:14, Martin Adrien wrote: Hello, On 07/02/2014 21:00, Bogdan-Andrei Iancu wrote: Hello, Not sure a bug or an undocumented feature, but save() function, in case of internal error, is stopping the script. Assuming we change that (to continue the script execution), you will failure from save() without actually knowing the error itself. I assume you are looking the error code/reason, right ? That's right, the code/reason is quite useful. But if it can not be known, maybe can I get the sip status sent by Opensis, with $err.rcode for example. Regards, Bogdan-Andrei Iancu OpenSIPS Founder and Developer http://www.opensips-solutions.com Regards, Adrien Martin ___ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users diff --git a/modules/registrar/save.c b/modules/registrar/save.c index c2a88fa..7e9daec 100644 --- a/modules/registrar/save.c +++ b/modules/registrar/save.c @@ -876,7 +876,7 @@ error: if (forced_c) free_contacts(forced_c); - return 0; + return -2; return_minus_one: if (forced_c) free_contacts(forced_c); ___ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Re: [OpenSIPS-Users] set_dlg_profile problem
Hello,
As the log says, the problem is you are using a dialog related function
(set_dlg_profile) before actually creating the dialog. So be sure you do
create_dialog() before using any dialog based functionality (profile,
flags, vars, etc)
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 09.02.2014 12:40, Dragomir Haralambiev wrote:
Hello,
When try to use set_dlg_profile at OpanSips - 1.9 I receive follow errors:
ERROR:dialog:set_dlg_profile: dialog was not yet created - script error
ERROR:dialog:w_set_dlg_profile: failed to set profile
Here is part of my Opensips script:
modparam(dialog, profiles_with_value, caller)
.
if ( is_method(INVITE) ) {
.
set_dlg_profile(caller,$fU);
}
Where is problem?
Regards,
PlayMen
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Re: [OpenSIPS-Users] Authentication using Username, Password, IP address or Just IP address
Hello,
The script you posted is doing the digest authentication (password
based). If you want to to do IP based authentication you should use the
permissions module (see the address table). First try to auth based on
IP and if the IP in unknown fallback to digest auth.
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 24.01.2014 02:10, Alec Doran-Twyford wrote:
Hi,
I'm currently working on authentication below is the snipped of code
used in our opensips.cfg which I believe handles all the
authentication and registering work.
With these setting only one of our endpoints works which is a SIP
phone programme called PhonerLite and the other SIP phone don't work
(unless I change the Domain IP address in the table to the Opensips
Servers IP address and FreePBX never works.
The end goal is to be able to authenticate by using just the Endpoints
IP address or else by having the IP address and a Username and Password.
## EC - auth
loadmodule auth.so
loadmodule auth_db.so
loadmodule db_mysql.so
#loadmodule alias_db.so
modparam(auth_db, db_url, mysql://opensips:test@localhost/opensips)
modparam(auth_db, calculate_ha1, 1)
modparam(auth_db, load_credentials, $avp(cred)=rpid;email_address)
modparam(auth_db, password_column, password)
# EC - enable domain auth
modparam(auth_db, use_domain, 1)
loadmodule domain.so
modparam(domain, db_url, mysql://opensips:test@localhost/opensips)
route{
if (!is_method(REGISTER)) {
# EC - auth
if (!proxy_authorize(, subscriber)) {
xlog(proxy challenge!);
proxy_challenge(, 0); # Realm will be autogenerated
exit;
}
if (!db_check_from()) {
xlog(forbidden!);
sl_send_reply(403,Forbidden auth ID);
exit;
}
consume_credentials();
}
#
if (is_method(REGISTER)){
if (!www_authorize(, subscriber)) {
xlog(www challenge!);
www_challenge(, 0); # Realm will be autogenerated
exit;
}
if (!db_check_from()) {
xlog(forbidden!);
sl_send_reply(403,Forbidden auth ID);
exit;
}
xlog(register!);
if (!save(location)) {
xlog(failed to save location!);
sl_reply_error();
}
exit;
}
}
If anyone can help that would be great! or else point me in the
direction of examples of different authentication would be greatly
appreciated .
Thanks
Alec Doran-Twyford
| Junior Support Enginner for IVSTel
| E-mail: a.dorantwyf...@ivstel.com mailto:a.dorantwyf...@ivstel.com
| Phone: +61 2 9288 8890 tel:%2B61%202%209288%208890 |
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Re: [OpenSIPS-Users] Fwd: uac_auth() segfault
Hello,
Do you have still have the corefile ? Are you able to extract a
backtrace from it . See:
http://www.opensips.org/Documentation/TroubleShooting-Crash
Regards,
Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com
On 21.01.2014 15:35, Justin Zondagh wrote:
Hi All,
I'm running a compiled version of openSIPS 1.10 on Ubuntu 12.04.
I'm getting a segfault in the uac_auth() function and not too sure
why. I am setting the username, password and realm avps before I call it.
The 401 comes in back from the UAS and then hits the failure_route[1],
does some stuff and then crashes in what seems like uac_auth()...
Extract from CFG
route[1] {
xlog(L_INFO, [$ci] Routing this Request);
# for INVITEs enable some additional helper routes
if (is_method(INVITE|SUBSCRIBE|PUBLISH|INFO|MESSAGE|NOTIFY)) {
t_on_branch(2);
t_on_reply(2);
t_on_failure(1);
}
if (!t_relay()) {
sl_reply_error();
}
exit;
}
failure_route[1] {
if (t_check_status(401)) {
xlog(L_INFO,[$ci] Got 401 from Porta \n);
avp_db_query(select username from registrant_ip_map
where external_ip = '$(avp(ext_si){s.escape.common})',$avp(authuser));
xlog(L_INFO,[$ci] Auth User [$avp(authuser)]);
avp_db_query(select password from registrant where username =
'$(avp(authuser){s.escape.common})',$avp(authpass));
$avp(authrealm) = ;
$avp(www) = $(replyhdr(WWW-Authenticate));
avp_subst($avp(www), /Digest\s//);
#Get the realm from the www-auth header
$var(numkvp) = $(avp(www){csv.count});
$var(i) = 0;
while($var(i) $var(numkvp)) {
$var(temp) = $(avp(www){s.select,$var(i),,});
if ($var(temp) =~ realm.*) {
$avp(authrealm) = $var(temp);
avp_subst($avp(authrealm),/(realm=\)(.*)(\)/\2/);
}
$var(i) = $var(i) + 1;
}
xlog(L_INFO,[$ci] authrealm is [$avp(authrealm)],
authuser is [$avp(authuser)], authpass is [$avp(authpass)]\n);
#No need for loop prevention as Porta sends 183 early media recording
saying password is wrong, then sends 603
if (uac_auth()) {
xlog(L_INFO,[$ci] Built auth, sending back to Porta\n);
t_on_failure(1);
t_relay();
xlog(L_INFO,[$ci] Relay Auth in INVITE\n);
}
}
if (t_was_cancelled()) {
exit;
}
}
EXTRACT FROM syslog =
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
[NjMzOGYxMGJjMGI5NzQzNTE3OWQ1NDBhYzcxMjcxOGU] Auth User [27877009000]
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:avpops:ops_dbquery_avps: query [select password from registrant
where username = '27877009000']
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:db_mysql:mysql_raise_event: MySQL status has not changed: connected
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_new_result: allocate 28 bytes for result set at 0xb73d9a5c
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:db_mysql:db_mysql_get_columns: 1 columns returned from the query
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_allocate_columns: allocate 16 bytes for result columns at
0xb73d9a88
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0xb73d9a8c)[0]=[password]
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:db_mysql:db_mysql_get_columns: use DB_STRING result type
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_allocate_rows: allocate 28 bytes for result rows and
values at 0xb73d9aa4
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:db_mysql:db_mysql_str2val: converting STRING []
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:avpops:db_query_avp: rows [1]
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:avpops:db_query_avp: row [0]
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:avpops:db_close_query: close avp query
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_free_columns: freeing result columns at 0xb73d9a88
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_free_rows: freeing 1 rows
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_free_row: freeing row values at 0xb73d9aac
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_free_rows: freeing rows at 0xb73d9aa4
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:db_free_result: freeing result set at 0xb73d9a5c
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:pv_get_spec_value: Found context function 0xb6fa4abd
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:parse_headers: flags=
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:get_hdr_field: content_length=0
Jan 17 12:52:24 opensips4 /usr/src/opensips_1_10/opensips[1939]:
DBG:core:get_hdr_field: found end of header
Jan 17
Re: [OpenSIPS-Users] Authentication using Username, Password, IP address or Just IP address
Hi,
Thanks for pointing me in the right direction with the permission module. I
have setup the modules and added information to the hosts.allow host.deny
files (in the case of the hosts.deny it is ALL : ALL and only seem to have
block my SSH connection) but call are still flowing I'm guessing I need to
add detail into the address table but I not sure or do I need to use
allow_routing(allow_file,deny_file)? Below is the current config for
register and authenticate and the newly added modules.
loadmodule permissions.so
modparam(permissions, default_allow_file, /etc/hosts.allow)
modparam(permissions, default_deny_file, /etc/hosts.deny)
modparam(permissions, check_all_branches, 0)
modparam(permissions, allow_suffix, .allow)
modparam(permissions, deny_suffix, .deny)
modparam(permissions, db_url,
mysql://opensips:test@localhost/opensips)
modparam(permissions, address_table, address)
modparam(permissions, grp_col, grp)
modparam(permissions, ip_col, ip)
modparam(permissions, mask_col, mask)
modparam(permissions, port_col, port)
modparam(permissions, proto_col, proto)
#modparam(permissions, pattern_col, pattern) /*opensips doesn't like
this modparam. possible bug? Error information at the bottom*/
modparam(permissions, info_col, context_info)
#is the IP address whitelisted?
if (allow_routing()) {
xlog(IP Allow Routing);
}
#Check to see if the endpoint can authenticate / Register with
username/password
else {
xlog(authentication required for call from $si);
if (!is_method(REGISTER)) {
# EC - auth
if (!proxy_authorize(, subscriber)) {
xlog(proxy challenge!);
proxy_challenge(, 0); # Realm will be
autogenerated
exit;
}
if (!db_check_from()) {
xlog(forbidden!);
sl_send_reply(403,Forbidden auth ID);
exit;
}
consume_credentials();
} else {
if (!www_authorize(, subscriber)) {
xlog(www challenge!);
www_challenge(, 0); # Realm will be
autogenerated
exit;
}
if (!db_check_from()) {
xlog(forbidden!);
sl_send_reply(403,Forbidden auth ID);
exit;
}
if (!save(location)) {
xlog(failed to save location!);
sl_reply_error();
}
xlog(registered - $from);
exit;
}
}
When this finally works would this be how it works?
If its in the .allow file = Just requires IP to make call
if its in the .deny file = blocks calls
if it not in either files = has to authenticate with username/password
I also had a error when setting up the permission module it didn't like
modparam(permissions, pattern_col, pattern) Below is the error
message I got from the log file.
Feb 10 15:20:34 AdaptivOpenSips opensips: ERROR:core:set_mod_param_regex:
parameter pattern_col not found in module permissions
Feb 10 15:20:34 AdaptivOpenSips opensips: CRITICAL:core:yyerror: parse error
in config file /etc/opensips/opensips.cfg, line 216, column 20-21: Parameter
pattern_col not found in module permissions - can't set
Feb 10 15:20:34 AdaptivOpenSips opensips: ERROR:core:main: bad config file
(1 errors)
It looks like this module parameters is not available
--
View this message in context:
http://opensips-open-sip-server.1449251.n2.nabble.com/Re-Authentication-using-Username-Password-IP-address-or-Just-IP-address-tp7589529p7589531.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
