date:20211104

Re: [SR-Users] Suppressing part of the xlog line

2021-11-04 Thread Sergey Safarov

If your dist has systemd and journalctl then you can try

journalctl -lu kamailio -o

On Thu, Nov 4, 2021, 8:13 PM Karsten Horsmann  wrote:

> Hi,
>
> In kamailio.cfg place
>
> log_name="kamailio"
>
> to have only kamailio as log stuff
>
> And just for the records - how to get rid off the rsyslog prefix time/date
> stuff:
> Depends on your syslog facility in config
>
> # /etc/rsyslog.d/kamailio.conf
> # drop :msg from rtpengine with "timer run time" - debugging only:
> :msg, contains, "timer run time" ~
> # Template only msg:
> $template myFormat,"%msg%\n"
> # log only to local* and NOT to /var/log/messages
> local6.*;local6.!=info -/var/log/platform/voip/kamailio/rtpengine.log
> local6.* stop
> local5.* -/var/log/platform/voip/kamailio/rtpengine-cdr.log; myFormat
> local5.* stop
> local4.* -/var/log/platform/voip/kamailio/kamailio.log
> local4.* stop
> local2.* -/var/log/platform/voip/kamailio/kamailio-cdr.log; myFormat
> local2.* stop
> local1.* -/var/log/platform/voip/kamailio/kamailio-cdr-json.log; myFormat
>
> Hope that helps a bit.
>
> Steve Wilkins  schrieb am Do., 4. Nov. 2021, 18:07:
>
>> Hello,
>>
>>
>>
>> Is there a way to suppress the printing  “date & time, host, and Kamailio
>> execution path”  at the begging of each xlog line?
>>
>>
>>
>> Example current xlog line:
>>
>> *Nov  4 16:54:52 myserver  /usr/local/sbin/kamailio[7021]: INFO:
>>

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread David Villasmil

Hello guys,

So the PA sent us 3 files:

1- out cert
2- the intermediate cert
3- the root cert

Should i copy those into a single file in that order and then publish that
as the cert.pem in

*secsipid_add_identity("$fU", "$rU", "A", "",
"https://kamailio.org/stir/$rd/cert.pem
", "/secsipid/$rd/key.pem");*


??
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Thu, Nov 4, 2021 at 6:55 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Yep, that much was clear from the outset.
> The wording on the docs confused me, because it reads "public key". BUt
> now i see it's the cert and the client will get the pk from the cert.
> Thanks for taking the time to explain!
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Thu, Nov 4, 2021 at 6:35 PM Ben Kaufman  wrote:
>
>> Not sure if it was clarified or not, but it should be an https URL from
>> where your certificate can be downloaded, not the actual certificate itself.
>>
>>
>>
>> *Ben Kaufman*
>>
>>
>>
>> *From:* sr-users  * On Behalf Of *David
>> Villasmil
>> *Sent:* Thursday, November 4, 2021 12:00 PM
>> *To:* Kamailio (SER) - Users Mailing List 
>> *Subject:* Re: [SR-Users] STIR/SHAKEN public key
>>
>>
>>
>> Thanks Oleg, i misunderstood all that.
>>
>> Regards,
>>
>>
>>
>> David Villasmil
>>
>> email: david.villasmil.w...@gmail.com
>>
>> phone: +34669448337
>>
>>
>>
>>
>>
>> On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov  wrote:
>>
>> Hi.
>>
>> It should be certificate issued by CA certified by the Shaken Policy
>> Administrator (iConnective in US)..
>>
>> --
>> obelousov.tel
>> 
>>
>>
>>
>>
>>
>> On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
>> david.villasmil.w...@gmail.com> wrote:
>>
>> Hello guys,
>>
>> I'm testing with 2 providers right now, and one of them is asking me to
>> include my whole certificate on the
>>
>> *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*
>>
>> like:
>>
>> *secsipid_add_identity("$fU", "$rU", "A", "",
>> "https://kamailio.org/stir/$rd/cert.pem
>> ",
>> "/secsipid/$rd/key.pem");*
>>
>> but it is stated that:
>>
>> *x5u is the HTTP URL referencing to the public key that should be used to
>> verify the signature;*
>>
>> One provider is asking to put the cert there, the other hasn't asked that
>> yet.
>>
>> So i'm  a little confused, should the x5u be the actual cert (with its
>> intermediary?) or only the public key?
>>
>> Regards,
>>
>> David Villasmil
>>
>> email: david.villasmil.w...@gmail.com
>>
>> phone: +34669448337
>>
>> __
>> Kamailio - Users Mailing List - Non Commercial Discussions
>>   * sr-users@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>> 
>>
>> __
>> Kamailio - Users Mailing List - Non Commercial Discussions
>>   * sr-users@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>> 
>>
>> __
>>

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread David Villasmil

Yep, that much was clear from the outset.
The wording on the docs confused me, because it reads "public key". BUt now
i see it's the cert and the client will get the pk from the cert.
Thanks for taking the time to explain!

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Thu, Nov 4, 2021 at 6:35 PM Ben Kaufman  wrote:

> Not sure if it was clarified or not, but it should be an https URL from
> where your certificate can be downloaded, not the actual certificate itself.
>
>
>
> *Ben Kaufman*
>
>
>
> *From:* sr-users  * On Behalf Of *David
> Villasmil
> *Sent:* Thursday, November 4, 2021 12:00 PM
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* Re: [SR-Users] STIR/SHAKEN public key
>
>
>
> Thanks Oleg, i misunderstood all that.
>
> Regards,
>
>
>
> David Villasmil
>
> email: david.villasmil.w...@gmail.com
>
> phone: +34669448337
>
>
>
>
>
> On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov  wrote:
>
> Hi.
>
> It should be certificate issued by CA certified by the Shaken Policy
> Administrator (iConnective in US)..
>
> --
> obelousov.tel
> 
>
>
>
>
>
> On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
> david.villasmil.w...@gmail.com> wrote:
>
> Hello guys,
>
> I'm testing with 2 providers right now, and one of them is asking me to
> include my whole certificate on the
>
> *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*
>
> like:
>
> *secsipid_add_identity("$fU", "$rU", "A", "",
> "https://kamailio.org/stir/$rd/cert.pem
> ",
> "/secsipid/$rd/key.pem");*
>
> but it is stated that:
>
> *x5u is the HTTP URL referencing to the public key that should be used to
> verify the signature;*
>
> One provider is asking to put the cert there, the other hasn't asked that
> yet.
>
> So i'm  a little confused, should the x5u be the actual cert (with its
> intermediary?) or only the public key?
>
> Regards,
>
> David Villasmil
>
> email: david.villasmil.w...@gmail.com
>
> phone: +34669448337
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> 
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> 
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread David Villasmil

Thanks Oleg,

Yes i have the certificate. The public key was my confusion.

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Thu, Nov 4, 2021 at 6:19 PM Oleg Belousov  wrote:

> Sorry, David if I was not clear.
> x5u should keep the url to the service provider certificate. As per shaken
> framework that certificate to be issued by Certificate Authority (CA), That
> CA is a company which is approved by Policy Administrator to issue shake
> certificates. It is indeed a bit complicated - please check ATIS-180.
> --
> obelousov.tel
>
>
> On Thu, Nov 4, 2021 at 6:03 PM David Villasmil <
> david.villasmil.w...@gmail.com> wrote:
>
>> Thanks Oleg, i misunderstood all that.
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.w...@gmail.com
>> phone: +34669448337
>>
>>
>> On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov  wrote:
>>
>>> Hi.
>>> It should be certificate issued by CA certified by the Shaken Policy
>>> Administrator (iConnective in US)..
>>> --
>>> obelousov.tel
>>>
>>>
>>> On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
>>> david.villasmil.w...@gmail.com> wrote:
>>>
 Hello guys,

 I'm testing with 2 providers right now, and one of them is asking me to
 include my whole certificate on the

 *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*

 like:

 *secsipid_add_identity("$fU", "$rU", "A", "",
 "https://kamailio.org/stir/$rd/cert.pem
 ", "/secsipid/$rd/key.pem");*

 but it is stated that:

 *x5u is the HTTP URL referencing to the public key that should be used
 to verify the signature;*

 One provider is asking to put the cert there, the other hasn't asked
 that yet.

 So i'm  a little confused, should the x5u be the actual cert (with its
 intermediary?) or only the public key?

 Regards,

 David Villasmil
 email: david.villasmil.w...@gmail.com
 phone: +34669448337
 __
 Kamailio - Users Mailing List - Non Commercial Discussions
   * sr-users@lists.kamailio.org
 Important: keep the mailing list in the recipients, do not reply only
 to the sender!
 Edit mailing list options or unsubscribe:
   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

>>> __
>>> Kamailio - Users Mailing List - Non Commercial Discussions
>>>   * sr-users@lists.kamailio.org
>>> Important: keep the mailing list in the recipients, do not reply only to
>>> the sender!
>>> Edit mailing list options or unsubscribe:
>>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> __
>> Kamailio - Users Mailing List - Non Commercial Discussions
>>   * sr-users@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread Ben Kaufman

Not sure if it was clarified or not, but it should be an https URL from where 
your certificate can be downloaded, not the actual certificate itself.

Ben Kaufman

From: sr-users  On Behalf Of David 
Villasmil
Sent: Thursday, November 4, 2021 12:00 PM
To: Kamailio (SER) - Users Mailing List 
Subject: Re: [SR-Users] STIR/SHAKEN public key

Thanks Oleg, i misunderstood all that.
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337

On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov 
mailto:obelou...@gmail.com>> wrote:
Hi.
It should be certificate issued by CA certified by the Shaken Policy 
Administrator (iConnective in US)..
--
obelousov.tel

On Thu, Nov 4, 2021 at 5:39 PM David Villasmil 
mailto:david.villasmil.w...@gmail.com>> wrote:
Hello guys,

I'm testing with 2 providers right now, and one of them is asking me to include 
my whole certificate on the

secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)

like:

secsipid_add_identity("$fU", "$rU", "A", "", 
"https://kamailio.org/stir/$rd/cert.pem",
 "/secsipid/$rd/key.pem");

but it is stated that:

x5u is the HTTP URL referencing to the public key that should be used to verify 
the signature;

One provider is asking to put the cert there, the other hasn't asked that yet.

So i'm  a little confused, should the x5u be the actual cert (with its 
intermediary?) or only the public key?

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * 
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * 
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread Oleg Belousov

Sorry, David if I was not clear.
x5u should keep the url to the service provider certificate. As per shaken
framework that certificate to be issued by Certificate Authority (CA), That
CA is a company which is approved by Policy Administrator to issue shake
certificates. It is indeed a bit complicated - please check ATIS-180.
--
obelousov.tel


On Thu, Nov 4, 2021 at 6:03 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Thanks Oleg, i misunderstood all that.
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov  wrote:
>
>> Hi.
>> It should be certificate issued by CA certified by the Shaken Policy
>> Administrator (iConnective in US)..
>> --
>> obelousov.tel
>>
>>
>> On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
>> david.villasmil.w...@gmail.com> wrote:
>>
>>> Hello guys,
>>>
>>> I'm testing with 2 providers right now, and one of them is asking me to
>>> include my whole certificate on the
>>>
>>> *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*
>>>
>>> like:
>>>
>>> *secsipid_add_identity("$fU", "$rU", "A", "",
>>> "https://kamailio.org/stir/$rd/cert.pem
>>> ", "/secsipid/$rd/key.pem");*
>>>
>>> but it is stated that:
>>>
>>> *x5u is the HTTP URL referencing to the public key that should be used
>>> to verify the signature;*
>>>
>>> One provider is asking to put the cert there, the other hasn't asked
>>> that yet.
>>>
>>> So i'm  a little confused, should the x5u be the actual cert (with its
>>> intermediary?) or only the public key?
>>>
>>> Regards,
>>>
>>> David Villasmil
>>> email: david.villasmil.w...@gmail.com
>>> phone: +34669448337
>>> __
>>> Kamailio - Users Mailing List - Non Commercial Discussions
>>>   * sr-users@lists.kamailio.org
>>> Important: keep the mailing list in the recipients, do not reply only to
>>> the sender!
>>> Edit mailing list options or unsubscribe:
>>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> __
>> Kamailio - Users Mailing List - Non Commercial Discussions
>>   * sr-users@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Suppressing part of the xlog line

2021-11-04 Thread Karsten Horsmann

Hi,

In kamailio.cfg place

log_name="kamailio"

to have only kamailio as log stuff

And just for the records - how to get rid off the rsyslog prefix time/date
stuff:
Depends on your syslog facility in config

# /etc/rsyslog.d/kamailio.conf
# drop :msg from rtpengine with "timer run time" - debugging only:
:msg, contains, "timer run time" ~
# Template only msg:
$template myFormat,"%msg%\n"
# log only to local* and NOT to /var/log/messages
local6.*;local6.!=info -/var/log/platform/voip/kamailio/rtpengine.log
local6.* stop
local5.* -/var/log/platform/voip/kamailio/rtpengine-cdr.log; myFormat
local5.* stop
local4.* -/var/log/platform/voip/kamailio/kamailio.log
local4.* stop
local2.* -/var/log/platform/voip/kamailio/kamailio-cdr.log; myFormat
local2.* stop
local1.* -/var/log/platform/voip/kamailio/kamailio-cdr-json.log; myFormat

Hope that helps a bit.

Steve Wilkins  schrieb am Do., 4. Nov. 2021, 18:07:

> Hello,
>
>
>
> Is there a way to suppress the printing  “date & time, host, and Kamailio
> execution path”  at the begging of each xlog line?
>
>
>
> Example current xlog line:
>
> *Nov  4 16:54:52 myserver  /usr/local/sbin/kamailio[7021]: INFO:
>

[SR-Users] Suppressing part of the xlog line

2021-11-04 Thread Steve Wilkins

Hello,

Is there a way to suppress the printing  "date & time, host, and Kamailio 
execution path"  at the begging of each xlog line?

Example current xlog line:
Nov  4 16:54:52 myserver  /usr/local/sbin/kamailio[7021]: INFO:

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread David Villasmil

Thanks Oleg, i misunderstood all that.
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Thu, Nov 4, 2021 at 4:58 PM Oleg Belousov  wrote:

> Hi.
> It should be certificate issued by CA certified by the Shaken Policy
> Administrator (iConnective in US)..
> --
> obelousov.tel
>
>
> On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
> david.villasmil.w...@gmail.com> wrote:
>
>> Hello guys,
>>
>> I'm testing with 2 providers right now, and one of them is asking me to
>> include my whole certificate on the
>>
>> *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*
>>
>> like:
>>
>> *secsipid_add_identity("$fU", "$rU", "A", "",
>> "https://kamailio.org/stir/$rd/cert.pem
>> ", "/secsipid/$rd/key.pem");*
>>
>> but it is stated that:
>>
>> *x5u is the HTTP URL referencing to the public key that should be used to
>> verify the signature;*
>>
>> One provider is asking to put the cert there, the other hasn't asked that
>> yet.
>>
>> So i'm  a little confused, should the x5u be the actual cert (with its
>> intermediary?) or only the public key?
>>
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.w...@gmail.com
>> phone: +34669448337
>> __
>> Kamailio - Users Mailing List - Non Commercial Discussions
>>   * sr-users@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] STIR/SHAKEN public key

2021-11-04 Thread Oleg Belousov

Hi.
It should be certificate issued by CA certified by the Shaken Policy
Administrator (iConnective in US)..
--
obelousov.tel


On Thu, Nov 4, 2021 at 5:39 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Hello guys,
>
> I'm testing with 2 providers right now, and one of them is asking me to
> include my whole certificate on the
>
> *secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*
>
> like:
>
> *secsipid_add_identity("$fU", "$rU", "A", "",
> "https://kamailio.org/stir/$rd/cert.pem
> ", "/secsipid/$rd/key.pem");*
>
> but it is stated that:
>
> *x5u is the HTTP URL referencing to the public key that should be used to
> verify the signature;*
>
> One provider is asking to put the cert there, the other hasn't asked that
> yet.
>
> So i'm  a little confused, should the x5u be the actual cert (with its
> intermediary?) or only the public key?
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] STIR/SHAKEN public key

2021-11-04 Thread David Villasmil

Hello guys,

I'm testing with 2 providers right now, and one of them is asking me to
include my whole certificate on the

*secsipid_add_identity(origTN, destTN, attest, origID, x5u, keyPath)*

like:

*secsipid_add_identity("$fU", "$rU", "A", "",
"https://kamailio.org/stir/$rd/cert.pem
", "/secsipid/$rd/key.pem");*

but it is stated that:

*x5u is the HTTP URL referencing to the public key that should be used to
verify the signature;*

One provider is asking to put the cert there, the other hasn't asked that
yet.

So i'm  a little confused, should the x5u be the actual cert (with its
intermediary?) or only the public key?

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Is this idea even feasible?

2021-11-04 Thread David Villasmil

happy to help
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Thu, Nov 4, 2021 at 1:52 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Wednesday 18 August 2021 at 13:40:25, David Villasmil wrote:
>
> > In freeswitch you have the uuid_hold, etc api:
> >
> https://www.freeswitch.org/confluence/plugins/servlet/mobile?contentId=1966
> > 741#content/view/1966741
> >
> > You call the API uuid_hold [uuid] or uuid_hold off  [uuid] to take the
> > channel out of hold.
>
> Thank you for your assistance, and pointing in a helpful direction.
>
> I now have a working solution based on FreeSwitch.
>
> > UUID in freeswitch is what uniquely identifies a given channel.
> >
> > When you say:
> >
> > “ However, my understanding of a B2BUA is that *it* would then start
> > handling the state of the calls itself - whether they're on hold, routing
> > the transfers, etc.”
> >
> > This is correct, that’s how B2BUA works, but you can send an API to fs
> via
> > ESL (tcp connection on port 8021
> >
> https://freeswitch.org/confluence/plugins/servlet/mobile?contentId=15696286
> > #content/view/1048916 ) to put on hold not just your channel, since that
> > would simply send a reconly to your app, but also the B-leg of the call.
>
> This is indeed what happens - FreeSwitch sends a re-invite containing
> sendonly
> to the upstream PBX, which then puts the other party on hold and plays its
> own
> hold music at them.  Exactly what I needed.
>
>
> Thanks,
>
>
> Antony.
>
> --
> I want to build a machine that will be proud of me.
>
>  - Danny Hillis, creator of The Connection Machine
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Is this idea even feasible?

2021-11-04 Thread Antony Stone

On Wednesday 18 August 2021 at 13:40:25, David Villasmil wrote:

> In freeswitch you have the uuid_hold, etc api:
> https://www.freeswitch.org/confluence/plugins/servlet/mobile?contentId=1966
> 741#content/view/1966741
> 
> You call the API uuid_hold [uuid] or uuid_hold off  [uuid] to take the
> channel out of hold.

Thank you for your assistance, and pointing in a helpful direction.

I now have a working solution based on FreeSwitch.

> UUID in freeswitch is what uniquely identifies a given channel.
> 
> When you say:
> 
> “ However, my understanding of a B2BUA is that *it* would then start
> handling the state of the calls itself - whether they're on hold, routing
> the transfers, etc.”
> 
> This is correct, that’s how B2BUA works, but you can send an API to fs via
> ESL (tcp connection on port 8021
> https://freeswitch.org/confluence/plugins/servlet/mobile?contentId=15696286
> #content/view/1048916 ) to put on hold not just your channel, since that
> would simply send a reconly to your app, but also the B-leg of the call.

This is indeed what happens - FreeSwitch sends a re-invite containing sendonly 
to the upstream PBX, which then puts the other party on hold and plays its own 
hold music at them.  Exactly what I needed.

Thanks,

Antony.

-- 
I want to build a machine that will be proud of me.

 - Danny Hillis, creator of The Connection Machine

   Please reply to the list;
 please *don't* CC me.

__
Kamailio - Users Mailing List - Non Commercial Discussions
  * sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
  * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?

2021-11-04 Thread David Villasmil

So then only numerical values are to be compared, I.e.; there could be any
number of decorator on the header, as long as the number match.

On Thu, 4 Nov 2021 at 05:17, Ben Kaufman  wrote:

> I was responding to David's statement of "it effectively mean you MUST
> remove it from the headers, since the TNs in the payload must match the TNs
> in the headers for the identity to be valid." This statement is incorrect,
> as evidenced by the ATIS docs.
>
> The clearest example is in 182 8.2.1 which describes the validation
> process, and how the orig tn and dest tn from the passport are to be
> compared to the values from the SIP To: and From: headers:
>
> Normalize to the canonical form the received in the “verificationRequest”
> “from” and “to” telephone numbers (remove visual separators and leading
> “+”) and compare them with ones extracted from the “orig” and “dest”
> claims of PASSporT payload.
>
>
>
> --
> *From:* sr-users  on behalf of
> Emilio Panighetti 
> *Sent:* Wednesday, November 3, 2021, 10:42 PM
>
> *To:* Kamailio (SER) - Users Mailing List
> *Subject:* Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?
>
> Take a look at ATIS-182:
> https://access.atis.org/apps/group_public/download.php/45032/ATIS-182.pdf
> 
>
> 6.2 Datatype:origTelephoneNumber
>
> Field
>
> Type
>
> Required?
>
> Description
>
> tn
>
> String
> Allowed Characters : [0-9],*,#,+, and
> visual separators defined in RFC 3966: “.”, “-“, “(“, “)”.
>
> Y
>
> Telephone Number of Originating identity.
>
> Server will remove all non-numeric characters if received except star (*)
> and pound (#) characters.
>
> Ex.: (+1) 235-555-12121231212
>
> Do you really trust a 3rd party server to do your job?
> The attestation is done with the bare digits as in the example above:
> 1231212 clear from all decorators including the preceding ‘+’.
>
> If you look at any identity header with an attestation, the numbers are
> always as above, without decorators.
>
> If you go to 8.1.3.2 Request Sample within the same document, all the JSON
> samples contain no decorators.
>
> What you’re quoting from ATIS-174 are SIP headers.
> The current version is
> https://access.atis.org/apps/group_public/download.php/45032/ATIS-182.pdf
> 
> It explains the overall protocol. The implementation details are in
> ATIS-182
>
> Regards
>
>
> On Nov 3, 2021, at 10:48 PM, Ben Kaufman  wrote:
>
> I don’t think so, because the examples in ATIS-174-E specifically show
> To: and From: headers with a leading plus:
>
>
>   To: 
>   From: "Alice";tag=614bdb40
>
> I think the necessity is only to logically match the values there.
>
> *Ben Kaufman*
>
> *From:* sr-users  *On Behalf Of *David
> Villasmil
> *Sent:* Wednesday, November 3, 2021 6:43 PM
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?
>
> then it effectively mean you MUST remove it from the headers, since the
> TNs in the payload must match the TNs in the headers for the identity to be
> valid.
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Wed, Nov 3, 2021 at 11:12 PM Ben Kaufman 
> wrote:
>
> According to ATIS-174-E
>
>
>
> “ the term "valid telephone number" refers to a telephone number that is a
> nationally specific service number (e.g., 611, 911), or a telephone number
> that can be converted into a globally routable E.164 number, as specified
> in section 8.3 of [RFC 8224].”
>
>
>
>
>
> From the RFC (https://datatracker.ietf.org/doc/html/rfc8224#section-8.3
> 
> )
>
>
>
> Implementations MUST drop any "+"s, internal dashes, parentheses,
>
> or other non-numeric

Re: [SR-Users] Suppressing part of the xlog line

Re: [SR-Users] STIR/SHAKEN public key

Re: [SR-Users] STIR/SHAKEN public key

Re: [SR-Users] STIR/SHAKEN public key

Re: [SR-Users] STIR/SHAKEN public key

Re: [SR-Users] STIR/SHAKEN public key

Re: [SR-Users] Suppressing part of the xlog line

[SR-Users] Suppressing part of the xlog line

Re: [SR-Users] STIR/SHAKEN public key

Re: [SR-Users] STIR/SHAKEN public key

[SR-Users] STIR/SHAKEN public key

Re: [SR-Users] Is this idea even feasible?

Re: [SR-Users] Is this idea even feasible?

Re: [SR-Users] STIR/SHAKEN, is a number format mandatory?

14 matches

Site Navigation

Mail list logo

Footer information