Hi Cyril, happy to hear that you solved the problem. About switching back to request_route type is not possible, it has to do with the kamailio mechanism to suspend transactions. The callback route is always a failure route. The solution for rtpengine is either to call rtpengine_offer explicitly or call rtpengine_manage in a branch_route, as you are doing and it's imho among the best practices for kamailio.
Cheers, Federico On Tue, Feb 8, 2022 at 10:34 AM Cyril Ramière <[email protected]> wrote: > Hi Federico, > > Thank you, this was the solution! > > You were right about trying to log $T(reply_code), this triggers the > critical error and sends a 500 internal server error message. > Since I was using the same xlog line across my entire code, $T(reply_code) > was called multiple times, I didn't think it would cause such an issue > since the documentation states that it returns 0 in the worst case. > > I stumbled across another issue, my rtpengine stopped working, it was due > to the fact that the http async client (so async framework) uses a > "failure_route" when triggering the callback route, so the first action of > rtpengine_manage() is to DELETE the transaction if in failure_route. > > I moved/refactored some logic to trigger rtpengine inside a branch_route, > but I'm wondering if there is a way after my http query is done to revert > back to the request_route instead of the failure_route. > > Cheers, > > Cyril > > Le ven. 4 févr. 2022 à 10:00, Federico Cabiddu <[email protected]> > a écrit : > >> Hi Cyril, >> I tried your script and changing >> sl_send_reply("200","OK"); >> with >> send_reply("200","OK") or t_reply("200","OK"); >> it works, a 200 OK reply is sent out. >> >> The message >> >> "CRITICAL: tmx [t_var.c:546]: pv_get_tm_reply_code(): no picked branch >> (-1) for a final response in MODE_ONFAILURE" >> >> comes from trying, in the xlog call, to access $T(reply_code) where there >> is actually no reply code for the transaction (no reply has been >> received/generated) >> >> Could you try the following snippet based on http_async_client? >> >> request_route { >> xlog("L_NOTICE", "ROOT - New request - M=$rm UAC-IP=$si:$sp >> LB-IP=$tcp(c_si):$tcp(c_sp) UA='$ua' ID=$ci\n"); >> >> if (is_method("REGISTER")){ >> xlog("L_NOTICE", "[ROOT] Got REGISTER. method=$rm - >> code=$T(reply_code) - Destination=$ru - Origin=[$fU@$si:$sp]\n"); >> if(!is_present_hf("Authorization")){ >> xlog("L_INFO","[ROOT::REGISTER] No auth provided, sending >> CHALLENGE for $fU ($fu) (FINAL)\n"); >> www_challenge("$td","1"); >> exit; >> } >> else{ >> xlog("L_INFO","[ROOT::REGISTER] Auth provided, Go to >> AUTH_DOQUERY using http_async_client\n"); >> t_newtran(); >> http_async_query("http://127.0.0.1:8000/","AUTH_REPLY";); >> } >> } >> >> exit; >> } >> >> route[AUTH_REPLY]{ >> xlog("L_NOTICE", "[AUTH_REPLY]: http_rs=$http_rs\n"); >> send_reply("200","OK"); >> exit; >> } >> >> (I'm running a simple http server always replying 200 on the loopback >> interface) >> >> Cheers, >> >> Federico >> >> On Thu, Feb 3, 2022 at 12:13 PM Cyril Ramière <[email protected]> >> wrote: >> >>> Okay, so I have done that, >>> >>> Please find here : >>> https://zerobin.net/?7743b78716b00c72#Jzmdq+5ZlFfZId+M/hP+52Ih0AMAMNUjeUT1cN7jL7Q= >>> >>> My full config (I redacted some parts like IPs and domains), with the >>> minimal routing blocks to reproduce and the logs. >>> >>> If you don't mind checking it, it would be great :) >>> >>> Cheers, >>> >>> Cyril >>> >>> Le jeu. 3 févr. 2022 à 11:39, Federico Cabiddu < >>> [email protected]> a écrit : >>> >>>> I have to admit that even looking at the debug logs I cannot understand >>>> what's going on in your case. >>>> As said I'm running an authentication scenario very similar to yours, >>>> being the challenge the only difference. >>>> What I can suggest to further digging is to reduce your configuration >>>> as much as possible (e.g. I see that you are using topoh) and see if we can >>>> understand better what is causing the issue. >>>> >>>> Cheers, >>>> >>>> Federico >>>> >>>> >>>> On Thu, Feb 3, 2022 at 7:58 AM Olle E. Johansson <[email protected]> >>>> wrote: >>>> >>>>> >>>>> >>>>> On 2 Feb 2022, at 23:58, Cyril Ramière <[email protected]> >>>>> wrote: >>>>> >>>>> Hi Karsten, >>>>> >>>>> Thanks for the clue, unfortunately I can't use this module because the >>>>> clients are "dumb" sip phones. >>>>> >>>>> The goal of my implementation is to use our application API to handle >>>>> the login. >>>>> >>>>> The plan was that a sip phone sends a REGISTER, I ask the API endpoint >>>>> if this user/password is ok to connect and allow/deny based on the reply >>>>> and informations provided by the API. >>>>> >>>>> Everything is relying on the fact that I can make my HTTP call when >>>>> handling the REGISTER, sadly for me, it doesn't work and I still can't >>>>> figure why. >>>>> >>>>> Try http_client. I’ve used it a lot of time for authentication. It >>>>> will block your thread while waiting for response, but you can handle some >>>>> of those issues by caching secrets for a short time with htable. >>>>> >>>>> /O >>>>> >>>>> >>>>> Cheers, >>>>> >>>>> Cyril >>>>> >>>>> Le mer. 2 févr. 2022 à 19:49, Karsten Horsmann <[email protected]> >>>>> a écrit : >>>>> >>>>>> Hi Cyril, >>>>>> >>>>>> This Kamailio module could imho do the same >>>>>> >>>>>> >>>>>> https://www.kamailio.org/docs/modules/devel/modules/auth_ephemeral.html >>>>>> >>>>>> >>>>>> Cyril Ramière <[email protected]> schrieb am Do., 27. Jan. >>>>>> 2022, 08:04: >>>>>> >>>>>>> Hi there, >>>>>>> >>>>>>> I have a weird issue with kamailio (latest docker >>>>>>> image kamailio-ci:5.5.2-alpine) and http_async_client. >>>>>>> >>>>>>> Before posting a lot of logs, let me describe what I want to achieve. >>>>>>> >>>>>>> I have a Kamailio and a SIP Phone. >>>>>>> >>>>>>> The SIP phone sends a REGISTER to kamailio, then in my routing >>>>>>> block, I check if I have an Authorization header. >>>>>>> >>>>>>> Since I don't have an Authorization (first message), I >>>>>>> use "www_challenge()". >>>>>>> This replies to the SIP phone, and then the SIP phone sends a new >>>>>>> REGISTER with the correct Authorization header. >>>>>>> >>>>>>> So far so good. >>>>>>> >>>>>>> Now, when I get the REGISTER with Authorization header, I want to >>>>>>> ask an HTTP endpoint if this user is allowed to connect and check the >>>>>>> password using http_async_query(). >>>>>>> >>>>>>> The problem is that when the transaction resumes, the tmx module is >>>>>>> unhappy and throws this error : >>>>>>> >>>>>>> 30(36) CRITICAL: tmx [t_var.c:546]: pv_get_tm_reply_code(): no >>>>>>> picked branch (-1) for a final response in MODE_ONFAILURE >>>>>>> >>>>>>> And a 500 error is sent back to the sip phone. >>>>>>> The AUTH_REPLY route is still called and I can use the $http* values. >>>>>>> >>>>>>> Do you see something that I am doing wrong or missing in my logic? >>>>>>> Is pausing/resuming to use the async http client is allowed if I'm >>>>>>> handling a REGISTER transaction? >>>>>>> >>>>>>> Here's a simplified version of my routing block (not far from >>>>>>> reality): >>>>>>> >>>>>>> ##### SNIP >>>>>>> >>>>>>> request_route{ >>>>>>> >>>>>>> route(AUTH); >>>>>>> >>>>>>> >>>>>>> route[AUTH]{ >>>>>>> >>>>>>> if (is_method("REGISTER"){ >>>>>>> >>>>>>> if(no_auth_header){ >>>>>>> >>>>>>> www_challenge("$td","1"); >>>>>>> >>>>>>> exit; >>>>>>> >>>>>>> } >>>>>>> >>>>>>> else{ >>>>>>> >>>>>>> t_newtran(); >>>>>>> >>>>>>> >>>>>>> http_async_query("http://xxx.xxx.xxx.xxx:9000/auth?foo=bar";, >>>>>>> "AUTH_REPLY"); >>>>>>> >>>>>>> } >>>>>>> >>>>>>> } >>>>>>> >>>>>>> } >>>>>>> >>>>>>> >>>>>>> route[AUTH_REPLY]{ >>>>>>> >>>>>>> xlog("L_INFO", "route[HTTP_REPLY]: status $http_rs\n"); >>>>>>> >>>>>>> } >>>>>>> >>>>>>> >>>>>>> } >>>>>>> >>>>>>> ##### END SNIP >>>>>>> >>>>>>> >>>>>>> Best regards! >>>>>>> __________________________________________________________ >>>>>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>>>>> * [email protected] >>>>>>> Important: keep the mailing list in the recipients, do not reply >>>>>>> only to the sender! >>>>>>> Edit mailing list options or unsubscribe: >>>>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>>> >>>>>> __________________________________________________________ >>>>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>>>> * [email protected] >>>>>> Important: keep the mailing list in the recipients, do not reply only >>>>>> to the sender! >>>>>> Edit mailing list options or unsubscribe: >>>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>>> >>>>> __________________________________________________________ >>>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>>> * [email protected] >>>>> Important: keep the mailing list in the recipients, do not reply only >>>>> to the sender! >>>>> Edit mailing list options or unsubscribe: >>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>> >>>>> >>>>> __________________________________________________________ >>>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>>> * [email protected] >>>>> Important: keep the mailing list in the recipients, do not reply only >>>>> to the sender! >>>>> Edit mailing list options or unsubscribe: >>>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>>> >>>> __________________________________________________________ >>>> Kamailio - Users Mailing List - Non Commercial Discussions >>>> * [email protected] >>>> Important: keep the mailing list in the recipients, do not reply only >>>> to the sender! >>>> Edit mailing list options or unsubscribe: >>>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>> >>> __________________________________________________________ >>> Kamailio - Users Mailing List - Non Commercial Discussions >>> * [email protected] >>> Important: keep the mailing list in the recipients, do not reply only to >>> the sender! >>> Edit mailing list options or unsubscribe: >>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>> >> __________________________________________________________ >> Kamailio - Users Mailing List - Non Commercial Discussions >> * [email protected] >> Important: keep the mailing list in the recipients, do not reply only to >> the sender! >> Edit mailing list options or unsubscribe: >> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > * [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: > * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
