B2BUA not passing ACKs

classic Classic list List threaded Threaded
30 messages Options
12
Reply | Threaded
Open this post in threaded view
|

B2BUA not passing ACKs

opensipslist

Hello list,

According to the example:

  http://www.opensips.org/Resources/B2buaTutorial#toc13

...implementing the prepaid service should handle INVITE, ACK, and
BYE. Strangely the XML file includes only the BYE scenario:

  <rules>
      <request>
          <bye>

I don't know enough about the B2BUA modules to say for sure, but it
would seem that the online example is missing 'ACK' at least.

When I copy the XML code and config code 1:1, my B2BUA
implementation of the prepaid service sends the initial INVITE,
receives the OK, but as the UAC (caller in the diagram) sends the
ACK the B2B (green line in the diagram) does not pass it onto the
media server.

Is there a bug in the online XML code for the prepaid scenario?

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA not passing ACKs

Anca Vamanu-2
Hi Brian,

There is a misunderstanding from your side in what the b2b scenario
documents are concerned ( please read carefully the documentation -
http://www.opensips.org/Resources/B2buaTutorial ). The important thing
is that there should only be rules in the scenario for requests that
need a special handling. In the prepaid scenario - when the BYE from the
media server is received the caller must be connected to a human
operator, so we have a rule for this. All the other requests need only
simple pass forward - so if an ACK is received from one side it only
need to be forwarded to the other. 'pass forward' is the implicit action
and it will be applied to all requests that don't match a rule.

I see that you say that the prepaid scenario does not work for you. What
version are you testing with?

Regards,

--
Anca Vamanu
www.voice-system.ro


[hidden email] wrote:

> Hello list,
>
> According to the example:
>
>   http://www.opensips.org/Resources/B2buaTutorial#toc13
>
> ...implementing the prepaid service should handle INVITE, ACK, and
> BYE. Strangely the XML file includes only the BYE scenario:
>
>   <rules>
>       <request>
>           <bye>
>
> I don't know enough about the B2BUA modules to say for sure, but it
> would seem that the online example is missing 'ACK' at least.
>
> When I copy the XML code and config code 1:1, my B2BUA
> implementation of the prepaid service sends the initial INVITE,
> receives the OK, but as the UAC (caller in the diagram) sends the
> ACK the B2B (green line in the diagram) does not pass it onto the
> media server.
>
> Is there a bug in the online XML code for the prepaid scenario?
>
> Regards,
> Brian
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>  

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: [OpenSIPS-Users] B2BUA not passing ACKs

opensipslist

Hello Anca,

Sorry for the delay.

An lun., janv 04, 2010, Anca Vamanu schrieb:
>There is a misunderstanding from your side in what the b2b scenario
>documents are concerned ( please read carefully the documentation -
>http://www.opensips.org/Resources/B2buaTutorial ).
>
It's hard to figure out which document to read, as the documents are
so unclear that they need documentation themselves. What I mean is:

Why are there two documents listed on the website for the same
thing. One called 'B2buaTutorial' and the other 'B2buaTutorial16'?
Is the second a older document only useful for OpenSIPS 1.6.0, or
is it a newer version of the document B2buaTutorial?

There are also no links to plain text config files, and everything
is HTML. A complete working route script is not available.

>The important thing is that there should only be rules in the
>scenario for requests that need a special handling. In the prepaid
>scenario - when the BYE from the media server is received the
>caller must be connected to a human operator, so we have a rule for
>this. All the other requests need only simple pass forward - so if
>an ACK is received from one side it only need to be forwarded to
>the other. 'pass forward' is the implicit action and it will be
>applied to all requests that don't match a rule.
>
Thanks for clearing that up (about the implicit action.) I think
I understand better now, but still I would like to start from the
beginning and use the supplied prepaid.xml (which I assume is
correctly written.)

>I see that you say that the prepaid scenario does not work for you.
>What version are you testing with?
>
  Solaris 11 x86 (nv-b91)
  OpenSIPS 1.6.0 with TLS

I've copied the example 'prepaid.xml' word for word from the URL:

  http://www.opensips.org/Resources/B2buaTutorial16

Here are the relevant parts of the route script:

listen = udp:name.host.tld:5060
listen = tls:name.host.tld:5061

modparam("tm", "pass_provisional_replies", 1)
modparam("b2b_entities", "server_address", "sip:[hidden email]")
modparam("b2b_logic", "script_scenario", "/pfx/etc/opensips/b2bua/prepaid.xml")

if (has_totag()) {
    if (loose_route()) {
        # code here
    }
}

if (!is_method("REGISTER|MESSAGE")) {
    record_route();
}

if (is_method("INVITE") && src_ip != myself) {  # Start of B2BUA
    if (!t_newtran()) {                         # logic block, do
        sl_reply_error();                       # media announcements
        exit;                                   # to users
    }
    b2b_init_request("prepaid", "sip:playsound@123.123.123.123:5080", "sip:playsound@123.123.123.123:5080");
    exit;
}

if (src_ip != myself) {
    if ($hdr(P-hint) != "outbound") {
        append_hf("P-hint: outbound\r\n");
    }
}

Does that look like it should work? What about the parameters
'123.123.123.123'? Is 't_newtran' necessary?

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA not passing ACKs

Anca Vamanu-2
Hi Brian,

[hidden email] wrote:

> Hello Anca,
>
> Sorry for the delay.
>
> An lun., janv 04, 2010, Anca Vamanu schrieb:
>  
>> There is a misunderstanding from your side in what the b2b scenario
>> documents are concerned ( please read carefully the documentation -
>> http://www.opensips.org/Resources/B2buaTutorial ).
>>
>>    
> It's hard to figure out which document to read, as the documents are
> so unclear that they need documentation themselves. What I mean is:
>
> Why are there two documents listed on the website for the same
> thing. One called 'B2buaTutorial' and the other 'B2buaTutorial16'?
> Is the second a older document only useful for OpenSIPS 1.6.0, or
> is it a newer version of the document B2buaTutorial?
>
>  
The documentation versions, as it is normal, refer to the version of
code, so the newest version is for the devel branch. Anyhow, the only
addition in devel is support for REFER scenario.

> There are also no links to plain text config files, and everything
> is HTML. A complete working route script is not available.
>
>  
You are right about the scripts, I will add links to text files.
There is a complete working opensips script here:
http://www.opensips.org/Resources/B2bConfigExample

>> The important thing is that there should only be rules in the
>> scenario for requests that need a special handling. In the prepaid
>> scenario - when the BYE from the media server is received the
>> caller must be connected to a human operator, so we have a rule for
>> this. All the other requests need only simple pass forward - so if
>> an ACK is received from one side it only need to be forwarded to
>> the other. 'pass forward' is the implicit action and it will be
>> applied to all requests that don't match a rule.
>>
>>    
> Thanks for clearing that up (about the implicit action.) I think
> I understand better now, but still I would like to start from the
> beginning and use the supplied prepaid.xml (which I assume is
> correctly written.)
>
>  
Yes, it is correctly written.

>> I see that you say that the prepaid scenario does not work for you.
>> What version are you testing with?
>>
>>    
>   Solaris 11 x86 (nv-b91)
>   OpenSIPS 1.6.0 with TLS
>
> I've copied the example 'prepaid.xml' word for word from the URL:
>
>   http://www.opensips.org/Resources/B2buaTutorial16
>
> Here are the relevant parts of the route script:
>
> listen = udp:name.host.tld:5060
> listen = tls:name.host.tld:5061
>
> modparam("tm", "pass_provisional_replies", 1)
> modparam("b2b_entities", "server_address", "sip:[hidden email]")
> modparam("b2b_logic", "script_scenario", "/pfx/etc/opensips/b2bua/prepaid.xml")
>
> if (has_totag()) {
>     if (loose_route()) {
>         # code here
>     }
> }
>
> if (!is_method("REGISTER|MESSAGE")) {
>     record_route();
> }
>
> if (is_method("INVITE") && src_ip != myself) {  # Start of B2BUA
>     if (!t_newtran()) {                         # logic block, do
>         sl_reply_error();                       # media announcements
>         exit;                                   # to users
>     }
>     b2b_init_request("prepaid", "sip:playsound@123.123.123.123:5080", "sip:playsound@123.123.123.123:5080");
>     exit;
> }
>
> if (src_ip != myself) {
>     if ($hdr(P-hint) != "outbound") {
>         append_hf("P-hint: outbound\r\n");
>     }
> }
>
> Does that look like it should work? What about the parameters
> '123.123.123.123'? Is 't_newtran' necessary?
>  
t_newtran is necessary because b2b should not handle retransmissions.
And yes, the configuration file seems correct and should work. If it
doesn't, try to find the exact problem. Check if there are errors in
opensips log and watch the network traffic.
If you see something not working as in the schema from the
documentation, send a detailed report.

Regards,

--
Anca Vamanu
www.voice-system.ro


> Regards,
> Brian
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>  

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

opensipslist

Hello Anca,

An ven., janv 29, 2010, Anca Vamanu schrieb:

>[hidden email] wrote:
>> An lun., janv 04, 2010, Anca Vamanu schrieb:
>>> I see that you say that the prepaid scenario does not work for you.
>>> What version are you testing with?
>>>
>>   Solaris 11 x86 (nv-b91)
>>   OpenSIPS 1.6.0 with TLS
>>
>> I've copied the example 'prepaid.xml' word for word from the URL:
>>
>>   http://www.opensips.org/Resources/B2buaTutorial16
>>
>> Here are the relevant parts of the route script:
>>
>> listen = udp:name.host.tld:5060
>> listen = tls:name.host.tld:5061
>>
>> modparam("tm", "pass_provisional_replies", 1)
>> modparam("b2b_entities", "server_address", "sip:[hidden email]")
>> modparam("b2b_logic", "script_scenario", "/pfx/etc/opensips/b2bua/prepaid.xml")
>>
>> if (has_totag()) {
>>     if (loose_route()) {
>>         # code here
>>     }
>> }
>>
>> if (!is_method("REGISTER|MESSAGE")) {
>>     record_route();
>> }
>>
>> if (is_method("INVITE") && src_ip != myself) {  # Start of B2BUA
>>     if (!t_newtran()) {                         # logic block, do
>>         sl_reply_error();                       # media announcements
>>         exit;                                   # to users
>>     }
>>     b2b_init_request("prepaid", "sip:[hidden email]:5080", "sip:[hidden email]:5080");
>>     exit;
>> }
>>
>> if (src_ip != myself) {
>>     if ($hdr(P-hint) != "outbound") {
>>         append_hf("P-hint: outbound\r\n");
>>     }
>> }
>>
>> Does that look like it should work? Is 't_newtran' necessary?
>>
>t_newtran is necessary because b2b should not handle retransmissions.
>And yes, the configuration file seems correct and should work. If it
>doesn't, try to find the exact problem. Check if there are errors in
>opensips log and watch the network traffic.
>
I've changed the parameters to:

  b2b_init_request("prepaid", "sip:[hidden email]:5080;transport=tcp", "sip:[hidden email]:5080;transport=tcp");

...because name.host.tld is listening on TCP port 5080. Before,
the B2BUA modules were sending over TLS, which is how the original
INVITE from the UAC is sent. Is there a better way to tell the B2BUA
modules to use TCP rather than another transport?

My main question now, is that the host name.host.tld is getting the
message, but challenging the B2BUA logic with a WWW-Authenticate 401
message. This gets passed implicitly back to the UAC which sent the
INVITE, however it seems that the B2BUA modules strip the WWW-
Authenticate header so that the UAC only sees a 'sanitized'
401 SIP message and cannot authenticate.

How can I adjust the prepaid scenario to accommodate 401 challenges?

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

Anca Vamanu-2
Hi Brian,
 
[hidden email] wrote:

> Hello Anca,
>
> An ven., janv 29, 2010, Anca Vamanu schrieb:
>  
>> [hidden email] wrote:
>>    
>>> An lun., janv 04, 2010, Anca Vamanu schrieb:
>>>      
>>>> I see that you say that the prepaid scenario does not work for you.
>>>> What version are you testing with?
>>>>
>>>>        
>>>   Solaris 11 x86 (nv-b91)
>>>   OpenSIPS 1.6.0 with TLS
>>>
>>> I've copied the example 'prepaid.xml' word for word from the URL:
>>>
>>>   http://www.opensips.org/Resources/B2buaTutorial16
>>>
>>> Here are the relevant parts of the route script:
>>>
>>> listen = udp:name.host.tld:5060
>>> listen = tls:name.host.tld:5061
>>>
>>> modparam("tm", "pass_provisional_replies", 1)
>>> modparam("b2b_entities", "server_address", "sip:[hidden email]")
>>> modparam("b2b_logic", "script_scenario", "/pfx/etc/opensips/b2bua/prepaid.xml")
>>>
>>> if (has_totag()) {
>>>     if (loose_route()) {
>>>         # code here
>>>     }
>>> }
>>>
>>> if (!is_method("REGISTER|MESSAGE")) {
>>>     record_route();
>>> }
>>>
>>> if (is_method("INVITE") && src_ip != myself) {  # Start of B2BUA
>>>     if (!t_newtran()) {                         # logic block, do
>>>         sl_reply_error();                       # media announcements
>>>         exit;                                   # to users
>>>     }
>>>     b2b_init_request("prepaid", "sip:[hidden email]:5080", "sip:[hidden email]:5080");
>>>     exit;
>>> }
>>>
>>> if (src_ip != myself) {
>>>     if ($hdr(P-hint) != "outbound") {
>>>         append_hf("P-hint: outbound\r\n");
>>>     }
>>> }
>>>
>>> Does that look like it should work? Is 't_newtran' necessary?
>>>
>>>      
>> t_newtran is necessary because b2b should not handle retransmissions.
>> And yes, the configuration file seems correct and should work. If it
>> doesn't, try to find the exact problem. Check if there are errors in
>> opensips log and watch the network traffic.
>>
>>    
> I've changed the parameters to:
>
>   b2b_init_request("prepaid", "sip:[hidden email]:5080;transport=tcp", "sip:[hidden email]:5080;transport=tcp");
>
> ...because name.host.tld is listening on TCP port 5080. Before,
> the B2BUA modules were sending over TLS, which is how the original
> INVITE from the UAC is sent. Is there a better way to tell the B2BUA
> modules to use TCP rather than another transport?
>
>  
No, unfortunately there is no other way to tell b2b to use other protocol.

> My main question now, is that the host name.host.tld is getting the
> message, but challenging the B2BUA logic with a WWW-Authenticate 401
> message. This gets passed implicitly back to the UAC which sent the
> INVITE, however it seems that the B2BUA modules strip the WWW-
> Authenticate header so that the UAC only sees a 'sanitized'
> 401 SIP message and cannot authenticate.
>
> How can I adjust the prepaid scenario to accommodate 401 challenges?
>
>  
If you use the trunk svn branch, you have a parameter in b2b_logic
module - "custom_headers". You can set it to "WWW-Authenticate,
Authorization" and the content of these headers will be passed on the
other side.
> Regards,
> Brian
>
>  
Regards,

--
Anca Vamanu
www.voice-system.ro


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

opensipslist

Hello Anca,

An ven., févr 05, 2010, Anca Vamanu schrieb:

>[hidden email] wrote:
>> I've changed the parameters to:
>>
>>   b2b_init_request("prepaid", "sip:[hidden email]:5080;transport=tcp", "sip:[hidden email]:5080;transport=tcp");
>>
>> ...because name.host.tld is listening on TCP port 5080.
>> Before, the B2BUA modules were sending over TLS, which is how
>> the original INVITE from the UAC is sent. Is there a better way
>> to tell the B2BUA modules to use TCP rather than another transport?
>>
>No, unfortunately there is no other way to tell b2b to use other
>protocol.
>
It's probably enough to do it the way I described, but it seems like
there must be a more elegant/consistent way to do transport changes.

>> My main question now, is that the host name.host.tld is getting the
>> message, but challenging the B2BUA logic with a WWW-Authenticate 401
>> message. This gets passed implicitly back to the UAC which sent the
>> INVITE, however it seems that the B2BUA modules strip the WWW-
>> Authenticate header so that the UAC only sees a 'sanitized'
>> 401 SIP message and cannot authenticate.
>>
>> How can I adjust the prepaid scenario to accommodate 401 challenges?
>>
>If you use the trunk svn branch, you have a parameter in b2b_logic
>module - "custom_headers". You can set it to "WWW-Authenticate,
>Authorization" and the content of these headers will be passed on
>the other side.
>
That's great, thanks Anca. I'll try out the new 'custom_headers'
parameter.

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

b2b_key match found

marieGre

I have this error when I make a call via a b2b :


ERROR:b2b_logic:b2b_logic_notify: No b2b_key match found

I don't find anything on it on the internet ...

Pieddemail
_______________________________________________
Users mailing list
Users@...
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

opensipslist
In reply to this post by opensipslist

Hello Anca,

An ven., févr 05, 2010, [hidden email] schrieb:
>An ven., févr 05, 2010, Anca Vamanu schrieb:
>>If you use the trunk svn branch, you have a parameter in b2b_logic
>>module - "custom_headers". You can set it to "WWW-Authenticate,
>>Authorization" and the content of these headers will be passed on
>>the other side.
>>
>That's great, thanks Anca. I'll try out the new 'custom_headers'
>parameter.
>
I integrated your changes from revision 6291:

  'new feature - possibility to define costum headers to be
  passed from the dialog of one side to the other'

...and finally the WWW-Authenticate header arrived at my UAC (which
sent the first INVITE.) It sucessfully builds a Authorization string
and sends a second INVITE.

Unfortunately, b2b_logic doesn't pass on the Authorization header
from the client to the server so authorization is failing. The
module parameters of my script are:

  modparam("b2b_logic", "custom_headers", "WWW-Authenticate;Proxy-Authenticate;Authorization;Subject")

The page 'B2buaTutorial' says:

  If type node with message value is present, it means that the
  client will be created using the info from received SIP message:
  the body, the caller URI, some SIP headers(Accept, Supported,
  Content-Type).

It seems as if custom_headers are only passed from the server to the
client, or maybe b2b_logic only recognizes them in dialog (after the
first INVITE is accepted?)

Is it possible that the custom headers code from revision 6291 is
incomplete and that I should integrate SVN code from another
revision as well? Am I doing something else wrong when testing your
prepaid.xml scenario?

By the way your suggestion to separate headers with a comma probably
does not work because:

  p = strchr(custom_headers.s, ';');

...is what you wrote in b2b_logic.c.

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: b2b_key match found

Anca Vamanu-2
In reply to this post by marieGre
Hi Marie,

Do not expect to find something on the internet since this is a new
feature.
What opensips version are you using? Please use the svn version:

|svn co https://opensips.svn.sourceforge.net/svnroot/opensips/branches/1.6 opensips_1_6

|

|I can not help you if you use something else.|
||
|Regards,|
||

--
Anca Vamanu
www.voice-system.ro

marie.gremillot wrote:

>
> I have this error when I make a call via a b2b :
>
>
> ERROR:b2b_logic:b2b_logic_notify: No b2b_key match found
>
> I don't find anything on it on the internet ...
>
> Pieddemail
> <https://compte.laposte.net/inscription/index.do?jeux=201001FOOTER>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

Anca Vamanu-2
In reply to this post by opensipslist
Hi Brian,


[hidden email] wrote:

> Hello Anca,
>
> An ven., févr 05, 2010, [hidden email] schrieb:
>  
>> An ven., févr 05, 2010, Anca Vamanu schrieb:
>>    
>>> If you use the trunk svn branch, you have a parameter in b2b_logic
>>> module - "custom_headers". You can set it to "WWW-Authenticate,
>>> Authorization" and the content of these headers will be passed on
>>> the other side.
>>>
>>>      
>> That's great, thanks Anca. I'll try out the new 'custom_headers'
>> parameter.
>>
>>    
> I integrated your changes from revision 6291:
>
>   'new feature - possibility to define costum headers to be
>   passed from the dialog of one side to the other'
>
> ...and finally the WWW-Authenticate header arrived at my UAC (which
> sent the first INVITE.) It sucessfully builds a Authorization string
> and sends a second INVITE.
>
> Unfortunately, b2b_logic doesn't pass on the Authorization header
> from the client to the server so authorization is failing. The
> module parameters of my script are:
>
>   modparam("b2b_logic", "custom_headers", "WWW-Authenticate;Proxy-Authenticate;Authorization;Subject")
>
> The page 'B2buaTutorial' says:
>
>   If type node with message value is present, it means that the
>   client will be created using the info from received SIP message:
>   the body, the caller URI, some SIP headers(Accept, Supported,
>   Content-Type).
>
> It seems as if custom_headers are only passed from the server to the
> client, or maybe b2b_logic only recognizes them in dialog (after the
> first INVITE is accepted?)
>
>  
No, these are not the cases. The Authorization header should be passed
from the first Invite(it's the same processing function as for the 200OK
reply - b2b_logic_notify). Do you see something in the log? Any Error?
However, there will be a problem in the second call setup if
authorization will be requested again, because there is no way to get
that authorization information from the caller in the middle of the call..

Regards,

--
Anca Vamanu
www.voice-system.ro


> Is it possible that the custom headers code from revision 6291 is
> incomplete and that I should integrate SVN code from another
> revision as well? Am I doing something else wrong when testing your
> prepaid.xml scenario?
>
> By the way your suggestion to separate headers with a comma probably
> does not work because:
>
>   p = strchr(custom_headers.s, ';');
>
> ...is what you wrote in b2b_logic.c.
>
> Regards,
> Brian
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>  


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

opensipslist

Hello Anca,

An ven., févr 05, 2010, Anca Vamanu schrieb:

>[hidden email] wrote:
>> Unfortunately, b2b_logic doesn't pass on the Authorization header
>> from the client to the server so authorization is failing. The
>> module parameters of my script are:
>>
>>   modparam("b2b_logic", "custom_headers", "WWW-Authenticate;Proxy-Authenticate;Authorization;Subject")
>>
>> The page 'B2buaTutorial' says:
>>
>>   If type node with message value is present, it means that the
>>   client will be created using the info from received SIP message:
>>   the body, the caller URI, some SIP headers(Accept, Supported,
>>   Content-Type).
>>
>> It seems as if custom_headers are only passed from the server to the
>> client, or maybe b2b_logic only recognizes them in dialog (after the
>> first INVITE is accepted?)
>>
>No, these are not the cases. The Authorization header should be passed
>from the first Invite(it's the same processing function as for the 200OK
>reply - b2b_logic_notify). Do you see something in the log? Any Error?
>
The log has no entries at all with debug=1. When changed to debug=10
I see a ton of stuff but still no errors. I tried to find anything,
and only found the INVITE and 401 WWW-Auth that b2b_logic is
handling. All seems normal.

>However, there will be a problem in the second call setup if
>authorization will be requested again, because there is no way to
>get that authorization information from the caller in the middle of
>the call..
>
I don't understand. So far there is only one UA challenging and that
is the media server (looking at your diagram called ppaid.jpeg) By
the way, b2b_init_request("top hiding"); is working correctly.

Here is a shorthand transcription of what is happening:

Caller                  OpenSIPS B2B                  Mediaserver
  |                          |                             |
INVITE --------------------->| INVITE -------------------->|
  |                          |                             |
  |<--- 401 WWW-Authenticate |<---------------- 401 WWW-Authenticate
  |                          |                             |
INVITE + Authorization ----->| INVITE (no auth) ---------->|
  |                          |        !!!!!!!!!            |
  |                          |                             |
  |<--- 401 WWW-Authenticate |<---------------- 401 WWW-Authenticate
  |                          |                             |

I've left out ACKs of course. As you see from the line marked '!!!!'
the b2b_logic is dropping the 'Authorization' header from the INVITE.

Here's the b2b_logic config:

    modparam("b2b_logic", "custom_headers", "Proxy-Authenticate;Proxy-Authorization;WWW-Authenticate;Authorization;Subject")

Here's the route script piece:

    # sequential requests
    if (has_totag()) {
        if (loose_route()) {
            #[...]
        }
        #[...]
    }
   
    # initial requests
    if (is_method("INVITE") && src_ip != myself) {
        if (!t_newtran()) {
            sl_reply_error();
            exit;
        }
        b2b_init_request("prepaid", "sip:[hidden email]:5080;transport=tcp", "sip:[hidden email]:5080;transport=tcp");
        #b2b_init_request("top hiding");
        exit;
    }

If I print the message body from the route script (xlog...$mb) then
I can see that the Authorization header is there before calling
'b2b_init_request.' Is it a problem that b2b_init_request is being
called twice, once for the first INVITE (with no auth) and then
again for the second INVITE (with the Authorization header.)?

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

Anca Vamanu-2
Hi Brian,

The scenario that you want - authorizing the user at the media server in
a bridging scenario will not work. You can not call b2b_init twice for
the same dialog. The B2B implementation does not include the
authorization requirements. And in fact I believe that you are
complicating things by wanting the user to authorize to the media
server. The normal approach will be for the user to authorize to the
proxy and only after it has been authorize to call b2b_init function.
And for the media server not to ask for authorization because the proxy
should be in a trusted source list and the requests coming from it
should not be challenged.

Regards,

--
Anca Vamanu
www.voice-system.ro



[hidden email] wrote:

> Hello Anca,
>
> An ven., févr 05, 2010, Anca Vamanu schrieb:
>  
>> [hidden email] wrote:
>>    
>>> Unfortunately, b2b_logic doesn't pass on the Authorization header
>>> from the client to the server so authorization is failing. The
>>> module parameters of my script are:
>>>
>>>   modparam("b2b_logic", "custom_headers", "WWW-Authenticate;Proxy-Authenticate;Authorization;Subject")
>>>
>>> The page 'B2buaTutorial' says:
>>>
>>>   If type node with message value is present, it means that the
>>>   client will be created using the info from received SIP message:
>>>   the body, the caller URI, some SIP headers(Accept, Supported,
>>>   Content-Type).
>>>
>>> It seems as if custom_headers are only passed from the server to the
>>> client, or maybe b2b_logic only recognizes them in dialog (after the
>>> first INVITE is accepted?)
>>>
>>>      
>> No, these are not the cases. The Authorization header should be passed
>>    
> >from the first Invite(it's the same processing function as for the 200OK
>  
>> reply - b2b_logic_notify). Do you see something in the log? Any Error?
>>
>>    
> The log has no entries at all with debug=1. When changed to debug=10
> I see a ton of stuff but still no errors. I tried to find anything,
> and only found the INVITE and 401 WWW-Auth that b2b_logic is
> handling. All seems normal.
>
>  
>> However, there will be a problem in the second call setup if
>> authorization will be requested again, because there is no way to
>> get that authorization information from the caller in the middle of
>> the call..
>>
>>    
> I don't understand. So far there is only one UA challenging and that
> is the media server (looking at your diagram called ppaid.jpeg) By
> the way, b2b_init_request("top hiding"); is working correctly.
>
> Here is a shorthand transcription of what is happening:
>
> Caller                  OpenSIPS B2B                  Mediaserver
>   |                          |                             |
> INVITE --------------------->| INVITE -------------------->|
>   |                          |                             |
>   |<--- 401 WWW-Authenticate |<---------------- 401 WWW-Authenticate
>   |                          |                             |
> INVITE + Authorization ----->| INVITE (no auth) ---------->|
>   |                          |        !!!!!!!!!            |
>   |                          |                             |
>   |<--- 401 WWW-Authenticate |<---------------- 401 WWW-Authenticate
>   |                          |                             |
>
> I've left out ACKs of course. As you see from the line marked '!!!!'
> the b2b_logic is dropping the 'Authorization' header from the INVITE.
>
> Here's the b2b_logic config:
>
>     modparam("b2b_logic", "custom_headers", "Proxy-Authenticate;Proxy-Authorization;WWW-Authenticate;Authorization;Subject")
>
> Here's the route script piece:
>
>     # sequential requests
>     if (has_totag()) {
>         if (loose_route()) {
>             #[...]
>         }
>         #[...]
>     }
>    
>     # initial requests
>     if (is_method("INVITE") && src_ip != myself) {
>         if (!t_newtran()) {
>             sl_reply_error();
>             exit;
>         }
>         b2b_init_request("prepaid", "sip:[hidden email]:5080;transport=tcp", "sip:[hidden email]:5080;transport=tcp");
>         #b2b_init_request("top hiding");
>         exit;
>     }
>
> If I print the message body from the route script (xlog...$mb) then
> I can see that the Authorization header is there before calling
> 'b2b_init_request.' Is it a problem that b2b_init_request is being
> called twice, once for the first INVITE (with no auth) and then
> again for the second INVITE (with the Authorization header.)?
>
> Regards,
> Brian
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>  

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

opensipslist

Hello Anca,

An lun., févr 08, 2010, Anca VAMANU schrieb:

>The scenario that you want - authorizing the user at the media
>server in a bridging scenario will not work. You can not call
>b2b_init twice for the same dialog. The B2B implementation does not
>include the authorization requirements. And in fact I believe that
>you are complicating things by wanting the user to authorize to the
>media server. The normal approach will be for the user to authorize
>to the proxy and only after it has been authorize to call b2b_init
>function.  And for the media server not to ask for authorization
>because the proxy should be in a trusted source list and the
>requests coming from it should not be challenged.
>
Okay now it's clear, thanks for the help. But the problem is not
solved, because there are situations in which the INVITE from your
B2B logic should be challenged. In my case, the media server is
serving voicemail as well. It must challenge incoming INVITEs
because sometimes the 'From' URI describes a voicemail user that
will be authorized to listen to their messages by way of the
standard WWW-Authenticate.

At the same time, I'm sure there's no problem in passing the
'Authorization' header if I make a new B2B module or simply patch
the existing one. Is it true that calling b2b_init a second time
will be no problem, because as b2b_logic sees the 401
WWW-AUthenticate it will close the dialog started by the INVITE?

Can you please advise me whether the needed change to pass the
'Authorization' header is in b2b_entities or b2b_logic? Do you
see any problem in doing this?

I have some other ideas of implementing B2B modules ontop of
b2b_entities, so this would be a good way to become introduced
to the code.

Regards,
Brian

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

Anca Vamanu-2
[hidden email] wrote:

> Hello Anca,
>
> An lun., févr 08, 2010, Anca VAMANU schrieb:
>  
>> The scenario that you want - authorizing the user at the media
>> server in a bridging scenario will not work. You can not call
>> b2b_init twice for the same dialog. The B2B implementation does not
>> include the authorization requirements. And in fact I believe that
>> you are complicating things by wanting the user to authorize to the
>> media server. The normal approach will be for the user to authorize
>> to the proxy and only after it has been authorize to call b2b_init
>> function.  And for the media server not to ask for authorization
>> because the proxy should be in a trusted source list and the
>> requests coming from it should not be challenged.
>>
>>    
> Okay now it's clear, thanks for the help. But the problem is not
> solved, because there are situations in which the INVITE from your
> B2B logic should be challenged. In my case, the media server is
> serving voicemail as well. It must challenge incoming INVITEs
> because sometimes the 'From' URI describes a voicemail user that
> will be authorized to listen to their messages by way of the
> standard WWW-Authenticate.
>
> At the same time, I'm sure there's no problem in passing the
> 'Authorization' header if I make a new B2B module or simply patch
> the existing one. Is it true that calling b2b_init a second time
> will be no problem, because as b2b_logic sees the 401
> WWW-AUthenticate it will close the dialog started by the INVITE?
>
> Can you please advise me whether the needed change to pass the
> 'Authorization' header is in b2b_entities or b2b_logic? Do you
> see any problem in doing this?
>
> I have some other ideas of implementing B2B modules ontop of
> b2b_entities, so this would be a good way to become introduced
> to the code.
>
> Regards,
> Brian
>  
Yes, the authorization header should pass no matter what. I will try
this myself and check if there is a bug.

Regards,

--
Anca Vamanu
www.voice-system.ro


> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>  

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

marieGre

Hello every body,

I have installed opensips and b2bua and I often have these errors (followed by the crash of the server) :

segfault at 646e657b ip 080de8dc sp bfbcceb0 error 6 in opensips[8048000+10f000]
CRITICAL:core:receive_fd: EOF on 15


It appears at different moments : when I connect, when I call, when the server is up too many time...





> Message du 08/02/10 18:43

> De : "Anca Vamanu"
> A : "OpenSIPS users mailling list"
> Copie à :
> Objet : Re: [OpenSIPS-Users] B2BUA help
>
>
> [hidden email] wrote:
> > Hello Anca,
> >
> > An lun., févr 08, 2010, Anca VAMANU schrieb:
> >
> >> The scenario that you want - authorizing the user at the media
> >> server in a bridging scenario will not work. You can not call
> >> b2b_init twice for the same dialog. The B2B implementation does not
> >> include the authorization requirements. And in fact I believe that
> >> you are complicating things by wanting the user to authorize to the
> >> media server. The normal approach will be for the user to authorize
> >> to the proxy and only after it has been authorize to call b2b_init
> >> function. And for the media server not to ask for authorization
> >> because the proxy should be in a trusted source list and the
> >> requests coming from it should not be challenged.
> >>
> >>
> > Okay now it's clear, thanks for the help. But the problem is not
> > solved, because there are situations in which the INVITE from your
> > B2B logic should be challenged. In my case, the media server is
> > serving voicemail as well. It must challenge incoming INVITEs
> > because sometimes the 'From' URI describes a voicemail user that
> > will be authorized to listen to their messages by way of the
> > standard WWW-Authenticate.
> >
> > At the same time, I'm sure there's no problem in passing the
> > 'Authorization' header if I make a new B2B module or simply patch
> > the existing one. Is it true that calling b2b_init a second time
> > will be no problem, because as b2b_logic sees the 401
> > WWW-AUthenticate it will close the dialog started by the INVITE?
> >
> > Can you please advise me whether the needed change to pass the
> > 'Authorization' header is in b2b_entities or b2b_logic? Do you
> > see any problem in doing this?
> >
> > I have some other ideas of implementing B2B modules ontop of
> > b2b_entities, so this would be a good way to become introduced
> > to the code.
> >
> > Regards,
> > Brian
> >
> Yes, the authorization header should pass no matter what. I will try
> this myself and check if there is a bug.
>
> Regards,
>
> --
> Anca Vamanu
> www.voice-system.ro
>
>
> > _______________________________________________
> > Users mailing list
> > [hidden email]
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> >
> >
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>

Pieddemail
_______________________________________________
Users mailing list
Users@...
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

IFC and opensips

marieGre
In reply to this post by Anca Vamanu-2
hello,
I'd like to put IFC in opensips but I can't see if I can! DOes somebody know ?

thank you


Pieddemail
_______________________________________________
Users mailing list
Users@...
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

Anca Vamanu-2
In reply to this post by marieGre
Hi Marie,

Can you please investigate the core with gdb?

Regards,

--
Anca Vamanu
www.voice-system.ro


marie.gremillot wrote:

>
> Hello every body,
>
> I have installed opensips and b2bua and I often have these errors
> (followed by the crash of the server) :
>
> segfault at 646e657b ip 080de8dc sp bfbcceb0 error 6 in
> opensips[8048000+10f000]
> CRITICAL:core:receive_fd: EOF on 15
>
>
> It appears at different moments : when I connect, when I call, when
> the server is up too many time...
>
>
>
>
>
>     > Message du 08/02/10 18:43
>     > De : "Anca Vamanu"
>     > A : "OpenSIPS users mailling list"
>     > Copie à :
>     > Objet : Re: [OpenSIPS-Users] B2BUA help
>     >
>     >
>     > [hidden email] wrote:
>     > > Hello Anca,
>     > >
>     > > An lun., févr 08, 2010, Anca VAMANU schrieb:
>     > >
>     > >> The scenario that you want - authorizing the user at the media
>     > >> server in a bridging scenario will not work. You can not call
>     > >> b2b_init twice for the same dialog. The B2B implementation
>     does not
>     > >> include the authorization requirements. And in fact I believe
>     that
>     > >> you are complicating things by wanting the user to authorize
>     to the
>     > >> media server. The normal approach will be for the user to
>     authorize
>     > >> to the proxy and only after it has been authorize to call
>     b2b_init
>     > >> function. And for the media server not to ask for authorization
>     > >> because the proxy should be in a trusted source list and the
>     > >> requests coming from it should not be challenged.
>     > >>
>     > >>
>     > > Okay now it's clear, thanks for the help. But the problem is not
>     > > solved, because there are situations in which the INVITE from your
>     > > B2B logic should be challenged. In my case, the media server is
>     > > serving voicemail as well. It must challenge incoming INVITEs
>     > > because sometimes the 'From' URI describes a voicemail user that
>     > > will be authorized to listen to their messages by way of the
>     > > standard WWW-Authenticate.
>     > >
>     > > At the same time, I'm sure there's no problem in passing the
>     > > 'Authorization' header if I make a new B2B module or simply patch
>     > > the existing one. Is it true that calling b2b_init a second time
>     > > will be no problem, because as b2b_logic sees the 401
>     > > WWW-AUthenticate it will close the dialog started by the INVITE?
>     > >
>     > > Can you please advise me whether the needed change to pass the
>     > > 'Authorization' header is in b2b_entities or b2b_logic? Do you
>     > > see any problem in doing this?
>     > >
>     > > I have some other ideas of implementing B2B modules ontop of
>     > > b2b_entities, so this would be a good way to become introduced
>     > > to the code.
>     > >
>     > > Regards,
>     > > Brian
>     > >
>     > Yes, the authorization header should pass no matter what. I will
>     try
>     > this myself and check if there is a bug.
>     >
>     > Regards,
>     >
>     > --
>     > Anca Vamanu
>     > www.voice-system.ro
>     >
>     >
>     > > _______________________________________________
>     > > Users mailing list
>     > > [hidden email]
>     > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>     > >
>     > >
>     >
>     > _______________________________________________
>     > Users mailing list
>     > [hidden email]
>     > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>     >
>     >
>
>
>
> Pieddemail
> <https://compte.laposte.net/inscription/index.do?jeux=201001FOOTER>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users mailing list
> [hidden email]
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: B2BUA help

marieGre

Sorry, I just see that I've put my subject here ...
What is gdb ?





> Message du 09/02/10 10:43

> De : "Anca Vamanu"
> A : "marie.gremillot" , "OpenSIPS users mailling list"
> Copie à :
> Objet : Re: [OpenSIPS-Users] B2BUA help
>
>
> Hi Marie,
>
> Can you please investigate the core with gdb?
>
> Regards,
>
> --
> Anca Vamanu
> www.voice-system.ro
>
>
> marie.gremillot wrote:
> >
> > Hello every body,
> >
> > I have installed opensips and b2bua and I often have these errors
> > (followed by the crash of the server) :
> >
> > segfault at 646e657b ip 080de8dc sp bfbcceb0 error 6 in
> > opensips[8048000+10f000]
> > CRITICAL:core:receive_fd: EOF on 15
> >
> >
> > It appears at different moments : when I connect, when I call, when
> > the server is up too many time...
> >
> >
> >
> >
> >
> > > Message du 08/02/10 18:43
> > > De : "Anca Vamanu"
> > > A : "OpenSIPS users mailling list"
> > > Copie à :
> > > Objet : Re: [OpenSIPS-Users] B2BUA help
> > >
> > >
> > > [hidden email] wrote:
> > > > Hello Anca,
> > > >
> > > > An lun., févr 08, 2010, Anca VAMANU schrieb:
> > > >
> > > >> The scenario that you want - authorizing the user at the media
> > > >> server in a bridging scenario will not work. You can not call
> > > >> b2b_init twice for the same dialog. The B2B implementation
> > does not
> > > >> include the authorization requirements. And in fact I believe
> > that
> > > >> you are complicating things by wanting the user to authorize
> > to the
> > > >> media server. The normal approach will be for the user to
> > authorize
> > > >> to the proxy and only after it has been authorize to call
> > b2b_init
> > > >> function. And for the media server not to ask for authorization
> > > >> because the proxy should be in a trusted source list and the
> > > >> requests coming from it should not be challenged.
> > > >>
> > > >>
> > > > Okay now it's clear, thanks for the help. But the problem is not
> > > > solved, because there are situations in which the INVITE from your
> > > > B2B logic should be challenged. In my case, the media server is
> > > > serving voicemail as well. It must challenge incoming INVITEs
> > > > because sometimes the 'From' URI describes a voicemail user that
> > > > will be authorized to listen to their messages by way of the
> > > > standard WWW-Authenticate.
> > > >
> > > > At the same time, I'm sure there's no problem in passing the
> > > > 'Authorization' header if I make a new B2B module or simply patch
> > > > the existing one. Is it true that calling b2b_init a second time
> > > > will be no problem, because as b2b_logic sees the 401
> > > > WWW-AUthenticate it will close the dialog started by the INVITE?
> > > >
> > > > Can you please advise me whether the needed change to pass the
> > > > 'Authorization' header is in b2b_entities or b2b_logic? Do you
> > > > see any problem in doing this?
> > > >
> > > > I have some other ideas of implementing B2B modules ontop of
> > > > b2b_entities, so this would be a good way to become introduced
> > > > to the code.
> > > >
> > > > Regards,
> > > > Brian
> > > >
> > > Yes, the authorization header should pass no matter what. I will
> > try
> > > this myself and check if there is a bug.
> > >
> > > Regards,
> > >
> > > --
> > > Anca Vamanu
> > > www.voice-system.ro
> > >
> > >
> > > > _______________________________________________
> > > > Users mailing list
> > > > [hidden email]
> > > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> > > >
> > > >
> > >
> > > _______________________________________________
> > > Users mailing list
> > > [hidden email]
> > > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
> > >
> > >
> >
> >
> >
> > Pieddemail
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Users mailing list
> > [hidden email]
> > http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>

Pieddemail
_______________________________________________
Users mailing list
Users@...
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: IFC and opensips

Bogdan-Andrei Iancu
In reply to this post by marieGre
Hi - what is IFC ?

Regards,
Bogdan

marie.gremillot wrote:
> hello,
> I'd like to put IFC in opensips but I can't see if I can! DOes
> somebody know ?
>
> thank you


--
Bogdan-Andrei Iancu
www.voice-system.ro


_______________________________________________
Users mailing list
[hidden email]
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
12