Re: [OpenSIPS-Users] registrant example

[Bogdan-Andrei Iancu]

Hi Alberto,

There is no automatic way to do the inbound detection (via the registrar 
module). What you can do is to use the permissions module, with the 
address table as a view over the registrant table, so you do the inbound 
IP auth.

Regards,

Bogdan-Andrei Iancu

OpenSIPS Founder and Developer
  https://www.opensips-solutions.com
  https://www.siphub.com

On 25.09.2024 14:00, Alberto wrote:
Thanks,

So, for n1, after ip auth I can validate the contact matches one of 
the contacts used to register, but there's no function to do that 
automatically.
So in the case where opensips is keeping 2 registrations up to the 
same server, it's up to me to validate which one was used.

n2, thanks again, I got it working by loading the credentials with 
avp_db_query.

Regards
A

On Mon, 23 Sept 2024 at 07:52, Bogdan-Andrei Iancu 
<bog...@opensips.org> wrote:

    Hi,

    1) The Registrant OpenSIPS should do an IP auth for the Remote SIP
    provider. OpenSIPS knows the server it registered with, so it
    should be able to do IP auth

    2) there is notthing standard about loading the credentials, you
    can do it in any way that works for you, like having them hard
    coded in cfg (if the same credentials are to be used for the all
    calls), or loading them from DB (using sqlops module), or HTTP
    rest query.

    Regards,

    Bogdan-Andrei Iancu

    OpenSIPS Founder and Developer
       https://www.opensips-solutions.com
       https://www.siphub.com

    On 22.09.2024 03:10, Alberto wrote:
    Hi,

    I'm trying to put together a simple script to use uac_registrant
    So I have:
    LEFT SIP SERVERS <-[ip authentication]-> OPENSIPS
    <-[uac_registrant]-> REMOTE SIP PROVIDER

    Here's the 2 problems I still have:
    I have the users for the remote sip provider in the registrant
    table, and opensips is already able to register to this remote
    sip provider,but:
    - When an INVITE comes from the remote sip provider I register
    to, how do I validate which user is it related to? Where should I
    store avp, and how should I load them?
    - When an INVITE comes from the left sip servers and I have to
    call the remote sip provider, how do I load the credentials from
    the database to authenticate the INVITE to the remote sip provider?

    I'm using the address table for the left sip servers and
    check_address, but I've stripped all that from my example below.
    I hope this makes sense, thank you.

    Here is a short example script I'm working with

    #######
    debug_mode=no

    log_level=2
    xlog_level=2
    log_stdout=yes
    stderror_enabled=yes
    syslog_facility=LOG_LOCAL0

    auto_aliases=no

    server_signature=yes

    socket=udp:0.0.0.0:5060 <http://0.0.0.0:5060>

    mpath="/usr/lib64/opensips/modules/"

    loadmodule "db_mysql.so"

    loadmodule "signaling.so"

    loadmodule "sl.so"

    loadmodule "tm.so"
    modparam("tm", "auto_100trying", 0)
    modparam("tm", "fr_inv_timeout", 120)
    modparam("tm", "fr_timeout", 30)
    modparam("tm", "onreply_avp_mode", 1)
    modparam("tm", "restart_fr_on_each_reply", 0)

    loadmodule "rr.so"
    modparam("rr", "append_fromtag", 1)

    loadmodule "dialog.so"
    modparam("dialog", "default_timeout", 14400)
    modparam("dialog", "dlg_match_mode", 1)
    modparam("dialog", "enable_stats", 1)
    modparam("dialog", "profiles_with_value", "caller")

    loadmodule "sipmsgops.so"

    loadmodule "usrloc.so"

    loadmodule "registrar.so"

    loadmodule "uac_auth.so"
    modparam("uac_auth", "credential", "username:domain:password")

    loadmodule "uac_registrant.so"
    modparam("uac_registrant", "db_url",
    "mysql://opensips:opensipsrw@localhost/opensips")

    loadmodule "proto_udp.so"

    route {
      if (has_totag()) {
        if (loose_route()) {
          if ($DLG_status != NULL && !validate_dialog()) {
            exit;
          }
        } else {
          if (is_method("ACK")) {
            if (t_check_trans()) {
              t_relay();
            }
            exit;
          }

          sl_send_reply(404, "Not Found");
          exit;
        }

        t_relay();

        exit;
      }

      if (is_method("CANCEL")) {
        if (t_check_trans()) {
          t_relay();
        }
        exit;
      }

      t_check_trans();

      if (is_method("INVITE")) {
        if (!create_dialog("B")) {
          sl_send_reply(500, "Internal Server Error");
          exit;
        }
      }

      route(relay);
    }

    route[relay] {
      if (is_method("INVITE")) {
        # VALIDATE THIS RELATES TO A USER IN THE UAC_REGISTRANT TABLE
    AND LOAD AVPS
        # OR LOAD CREDENTIALS TO SEND INVITE ONWARD TO THE REMOTE SIP
    PROVIDER

        t_on_failure("invite_failure_route");
      }

      if (!t_relay()) {
        sl_send_reply(500, "Internal Error");
      }

      exit;
    }

    failure_route[invite_failure_route] {
      if (t_was_cancelled()) {
        exit;
      }

      if (t_check_status("3[0-9][0-9]")) {
        t_reply(404, "Not found");
        exit;
      }
    }

    _______________________________________________
    Users mailing list
    Users@lists.opensips.org
    http://lists.opensips.org/cgi-bin/mailman/listinfo/users

_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users