Re: [SR-Users] CentOS 7 TLS Unable to set the memory allocation functions
On Thu, Sep 28, 2017 at 2:37 AM, Daniel-Constantin Mierla wrote: > Hello, > > have you tried to compile and run that small test program listed in > https://lists.kamailio.org/pipermail/sr-users/2013-August/079381.html and > see if you get the issue? If yes, then you need to use another libssl > version. > > Cheers, > Daniel > > Daniel-Constantin Mierlawww.twitter.com/miconda -- www.linkedin.com/in/miconda > Kamailio Advanced Training - www.asipto.com > Kamailio World Conference - www.kamailioworld.com > > Yes the test program gives me the same "Unable to set the memory allocation functions" on both CentOS 7.3 and 7.4. Is there no way to workaround this issue in Kamailio code? How do other TLS programs work apache, haproxy, etc? What do I need to do to compile against a different libssl version? I'm assuming it would need to be statically linked. Right now I'm running the below to compile the test program. gcc -o testssl testssl.c -lssl -lcrypto Thanks, Ryan ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] CentOS 7 TLS Unable to set the memory allocation functions
I had this issue with CentOS 7.3 and chalked it up to the openssl 1.0.1e bug mentioned on the list https://lists.kamailio.org/pipermail/sr-users/2013-August/079381.html However I just updated to CentOS 7.4 with openssl 1.0.2k-8 and the issue still exists with Kamailio 4.4.6-2.2. I've tried moving the loadmodule "tls.so" to the top as well. ERROR: tls [tls_init.c:526]: tls_pre_init(): Unable to set the memory allocation functions ERROR: tls [tls_init.c:528]: tls_pre_init(): libssl current mem functions - m: 0x7fc56d19c0c0 r: 0x7fc56d19c5a0 f: 0x7fc56d19c4c0 ERROR: tls [tls_init.c:530]: tls_pre_init(): Be sure tls module is loaded before any other module using libssl (can be loaded first to be safe) Does anybody have TLS working with RHEL 7 or CentOS 7? Thanks, Ryan ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] Permission denied for /var/run/kamailio
I'm running Kamailio 4.4.6-2.1 installed from RPM on CentOS 7, where /var/run is a tmpfs (by default). After every reboot Kamailio fails to start with the following error: Aug 16 00:27:39 sbc1 /usr/sbin/kamailio[7135]: ERROR: mi_fifo [fifo_fnc.c:72]: mi_init_fifo_server(): Can't create FIFO: Permission denied (mode=432) I have the following line in my kamailio.cfg modparam("mi_fifo", "fifo_name", "/var/run/kamailio/kamailio_fifo") At this point the /var/run/kamailio directory looks like this drwx--. 2 root root 80 Aug 16 00:30 . drwxr-xr-x. 26 root root 880 Aug 16 00:30 .. srw---. 1 kamailio kamailio 0 Aug 16 00:30 kamailio_ctl If I run "chown kamailio /var/run/kamailio" and "systemctl start kamailio" I am good to go. Am I missing something in my config? It appears Kamailio is creating the /var/run/kamailio folder as root, writing the kamailio_ctl file, dropping root privileges, and then trying to write the kamailio_fifo file. Thanks, Ryan ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Dispatcher call id hash for server side invite
On Thu, Aug 10, 2017 at 9:05 AM, Daniel Tryba wrote: > On Thu, Aug 10, 2017 at 08:51:24AM -0400, Ryan Wagoner wrote: > > Thanks for the explanation! I finally got the dispatcher working in an > > active / passive Kamailio cluster in front of three FreePBX servers. I > was > > using the Asipto Kamailio and Asterisk real time guide as a starting > point > > so it had the WITHINDLG route. I ended up modifying the TOASTERISK route > to > > call ds_select_dst and the FROMASTERSK route uses an htable for matching > > IPs off a mySQL view of the Kamailio dispatcher table. > > Am I interpreting this as: you wanto check if a message is coming from a > dispatcher? > If yes, take a look at ds_is_from_list: > https://kamailio.org/docs/modules/stable/modules/ > dispatcher.html#dispatcher.f.ds_is_from_list > > > Exactly so the traffic from asterisk is trusted and isn't modified. I just swapped my while loop for that function and it's good to go. I can't believe I didn't see that earlier. In my REGFWD route I have this chunk of code to lookup the dispatcher IP/port from the same hash table before calling uac_req_send(). The regserver column contains the dispatcher set id. Is there a way I can call ds_select and then access the IP / port variables directly? #!if WITH_DISPATCHER sql_query("castdb", "select regserver from sipusers where name = '$au'","ra"); if($dbr(ra=>rows)>0) { $var(rip) = $sht(dispatcherHosts=>set::$dbr(ra=>[0,0])[0]); $var(rport) = $sht(dispatcherHosts=>port::$var(rip)); } else { return; } sql_result_free("ra"); #!else $var(rip) = $sel(cfg_get.asterisk.bindip); $var(rport) = $sel(cfg_get.asterisk.bindport); #!endif $uac_req(method)="REGISTER"; $uac_req(ruri)="sip:" + $var(rip) + ":" + $var(rport); $uac_req(furi)="sip:" + $au + "@" + $var(rip); $uac_req(turi)="sip:" + $au + "@" + $var(rip); $uac_req(hdrs)="Contact: \r\n"; if($sel(contact.expires) != $null) $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $sel(contact.expires) + "\r\n"; else $uac_req(hdrs)= $uac_req(hdrs) + "Expires: " + $hdr(Expires) + "\r\n"; uac_req_send(); Thanks, Ryan ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Dispatcher call id hash for server side invite
Thanks for the explanation! I finally got the dispatcher working in an active / passive Kamailio cluster in front of three FreePBX servers. I was using the Asipto Kamailio and Asterisk real time guide as a starting point so it had the WITHINDLG route. I ended up modifying the TOASTERISK route to call ds_select_dst and the FROMASTERSK route uses an htable for matching IPs off a mySQL view of the Kamailio dispatcher table. I also have some modifications to the REGFWD route. We'll see how performance is today as I did have to use a sqlops query to lookup the dispatcher set ID for TOASTERISK and REGFWD depending on the authentication ID. This setup is responsible for around 1000 extensions with 2000 devices for a high volume call center. Ryan On Thu, Aug 10, 2017 at 4:16 AM, Daniel Tryba wrote: > On Wed, Aug 09, 2017 at 01:21:36PM -0400, Ryan Wagoner wrote: > > How do I mark these server side invites so the call hash is known by > > kamailio? Or am I thinking about this the wrong way? > > It is the latter, in dialog replies should be routed on headers only. In > the "default" config these replies/reINVITES are handled in the > WITHINDLG route, the dispatcher should only be called for new dialogs. > > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] Dispatcher call id hash for server side invite
For a call invite from a phone to an load balanced asterisk server farm I can use ds_select_dst with hash over callid for the algorithm. What I don't understand is what happens for a server side invite. Say user A calls user B. The server will send and invite to user B's device. User B's device will reply and ds_select_dst won't have the call id hash so it will choose a random server, which might not be the server sending the invite. How do I mark these server side invites so the call hash is known by kamailio? Or am I thinking about this the wrong way? Thanks, Ryan ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users