From voransoy at gmail.com Wed Jul 2 10:50:14 2025 From: voransoy at gmail.com (Volkan Oransoy) Date: Wed, 2 Jul 2025 11:50:14 +0100 Subject: [OpenSIPS-Users] Random auth realms Message-ID: Hi all I store user authentication data on a subscriber table with precalculated hashes for obvious reasons. Lately we are having issues with these new AI conversations services. They send requests with random realms, especially with IP addresses. What I understand, if I store the plain text password and calculate ha1 at request time, I can accept these requests even if the realm is different. But I don't want to do that. I tried to tweak auth_db, when I set `use_domain` to 0, Opensips does not add the realm to the query but still use is on ha1 challenge since the RFC requires I think. Is there a best practice to handle this issue? Best regards -- Volkan Oransoy -------------- next part -------------- An HTML attachment was scrubbed... URL: From joao.coucelo at celfocus.com Thu Jul 3 15:13:39 2025 From: joao.coucelo at celfocus.com (=?utf-8?B?Sm/Do28gQ291Y2Vsbw==?=) Date: Thu, 3 Jul 2025 15:13:39 +0000 Subject: [OpenSIPS-Users] b2b_logic bridge with no-late-sdp unable to get bentity1->to_uri Message-ID: Hi all, I successfully run the prepaid b2b_bridge scenario from https://opensips.org/Documentation/Tutorials-B2BUA-3-2 However, I cannot use the SDP less INVITE to initiate the connection with the "callee". Hence I was trying to use the "no-late-sdp", but I get an error when the SDPless 200 OK response from the "caller" is received. On the b2b_logic_request route I simply added two extra args: b2b_bridge("caller", "callee", "", "no-late-sdp"); The SPDless Re-INVITE 200 OK is received on process_bridge_200OK(), but it fails to get the bentity1->to_uri       DBG:b2b_logic:process_bridge_200OK: Send invite to [] Proxy [] When initiating the bridge, I can confirm that the new client entity is added correctly with the to_uri       DBG:b2b_logic:b2bl_entity_new: First new entity [callee] saved in context       opensips_1 | Jul 3 13:25:55 [10] DBG:b2b_logic:b2bl_bridge: New entity, dest = [sip:+351940026774 at 172.16.254.101:5060]       opensips_1 | Jul 3 13:25:55 [10] DBG:b2b_logic:b2bl_bridge: New entity, dest = [sip:+351940026774 at 172.16.254.101:5060]       opensips_1 | Jul 3 13:25:55 [10] DBG:b2b_logic:b2bl_create_new_entity: new entity type [1] [0x7f74039c9308]->[]       opensips_1 | Jul 3 13:25:55 [10] DBG:b2b_logic:bridging_start_old_ent: Send reInvite to old entity       opensips_1 | Jul 3 13:25:55 [10] DBG:b2b_logic:b2bl_create_new_entity: new entity type [1] [0x7f74039cb620]->[] Looking at the code, it appears to me the new_br_ent[1]->dest_uri is properly filled when preparing the bridge, and so the b2bl_create_new_entity() should be filling the to_uri and the returned entity properly stored on the tuple->bridge_entities[1] However, when receiving the 200 OK, there the same tuple->bridge_entities[1] returns no to_uri..       opensips_1 | Jul 3 13:25:55 [12] DBG:core:MD5StringArray: MD5 calculated: 38b99f724da7821223927ccebf7b95d6       opensips_1 | Jul 3 13:25:55 [12] DBG:b2b_entities:generate_tag: from_tag = 38b99f724da7821223927ccebf7b95d6-0668       opensips_1 | Jul 3 13:25:55 [12] DBG:core:parse_headers_aux: flags=ffffffffffffffff       opensips_1 | Jul 3 13:25:55 [12] DBG:tm:t_uac: next_hop=<>       opensips_1 | Jul 3 13:25:55 [12] ERROR:core:parse_uri: uri too short: <> (0)       opensips_1 | Jul 3 13:25:55 [12] ERROR:tm:uri2proxy: bad_uri:       opensips_1 | Jul 3 13:25:55 [12] ERROR:b2b_entities:_client_new: while sending request with t_request       opensips_1 | Jul 3 13:25:55 [12] ERROR:b2b_logic:b2bl_new_client: Failed to create client id       opensips_1 | Jul 3 13:25:55 [12] ERROR:b2b_logic:bridging_new_client: Failed to generate new client       opensips_1 | Jul 3 13:25:55 [12] ERROR:b2b_logic:_b2b_handle_reply: Failed to process bridging 200OK for Invite If there is an issue with the code, I cannot find it. Maybe I'm simply misusing this feature. Any thoughts? -------------- next part -------------- An HTML attachment was scrubbed... URL: From spanda at 3clogic.com Fri Jul 4 05:06:50 2025 From: spanda at 3clogic.com (Sasmita Panda) Date: Fri, 4 Jul 2025 10:36:50 +0530 Subject: [OpenSIPS-Users] Need some inforamtion on opensips change logs . Message-ID: I am using opensips 3.4 right now . I have the DB at aws RDS . If someone logged into the DB and made some changes to the table I am not getting that information stored anywhere . If I will talk about dynamic routing only (this module only can hamper my calls ) , any changes in the table at runtime , when my service get restarted Can I get the latest table information on the logs itself ? So that I can check from the logs what changes made in the DB before restart . If this is not possible , then what is the other way to do so ? Please suggest . I am stuck on soothing here before production live . *Thanks & Regards* *Sasmita Panda* *Senior Network Testing and Software Engineer* *3CLogic , ph:07827611765* -------------- next part -------------- An HTML attachment was scrubbed... URL: From david.villasmil.work at gmail.com Fri Jul 4 12:52:30 2025 From: david.villasmil.work at gmail.com (David Villasmil) Date: Fri, 4 Jul 2025 14:52:30 +0200 Subject: [OpenSIPS-Users] Need some inforamtion on opensips change logs . In-Reply-To: References: Message-ID: Hello, 1. If you suspect someone can mess up your routing tables without authorization, you have a much bigger problem that just what you’re asking about. This is the number one thing that shouldn’t happen. 2. If by some security hole in your infrastructure, it does happen, you can restore the latest backup. You should always have backups made automatically by AWS. 3. Make sure that can’t happen by implementing proper security measures like using only private RDS instead of public, narrow down security groups, use a read only user in Kamailio if possible, etc. Hope that helps Regards, David Villasmil email: david.villasmil.work at gmail.com On Fri, Jul 4, 2025 at 7:10 AM Sasmita Panda wrote: > I am using opensips 3.4 right now . I have the DB at aws RDS . > > If someone logged into the DB and made some changes to the table I am not > getting that information stored anywhere . > > If I will talk about dynamic routing only (this module only can hamper my > calls ) , any changes in the table at runtime , when my service get > restarted Can I get the latest table information on the logs itself ? So > that I can check from the logs what changes made in the DB before restart . > > If this is not possible , then what is the other way to do so ? Please > suggest . I am stuck on soothing here before production live . > > > *Thanks & Regards* > *Sasmita Panda* > *Senior Network Testing and Software Engineer* > *3CLogic , ph:07827611765* > _______________________________________________ > Users mailing list > Users at lists.opensips.org > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > -------------- next part -------------- An HTML attachment was scrubbed... URL: From david.villasmil.work at gmail.com Fri Jul 4 12:55:49 2025 From: david.villasmil.work at gmail.com (David Villasmil) Date: Fri, 4 Jul 2025 14:55:49 +0200 Subject: [OpenSIPS-Users] Need some inforamtion on opensips change logs . In-Reply-To: References: Message-ID: One last thing: opensips is a proxy, not a tool to monitor AWS/RDS audit logs. There are other ways in AWS to do that, such as cloudtrail, cloudwatch log monitor and filters, RDS logging facilities, etc. you can raise alerts based on that. I said “Kamailio” but always meant OpenSIPS. Regards, David Villasmil email: david.villasmil.work at gmail.com On Fri, Jul 4, 2025 at 2:52 PM David Villasmil < david.villasmil.work at gmail.com> wrote: > Hello, > > 1. If you suspect someone can mess up your routing tables without > authorization, you have a much bigger problem that just what you’re asking > about. This is the number one thing that shouldn’t happen. > 2. If by some security hole in your infrastructure, it does happen, you > can restore the latest backup. You should always have backups made > automatically by AWS. > 3. Make sure that can’t happen by implementing proper security measures > like using only private RDS instead of public, narrow down security groups, > use a read only user in Kamailio if possible, etc. > > Hope that helps > > Regards, > > David Villasmil > email: david.villasmil.work at gmail.com > > > > On Fri, Jul 4, 2025 at 7:10 AM Sasmita Panda wrote: > >> I am using opensips 3.4 right now . I have the DB at aws RDS . >> >> If someone logged into the DB and made some changes to the table I am not >> getting that information stored anywhere . >> >> If I will talk about dynamic routing only (this module only can hamper my >> calls ) , any changes in the table at runtime , when my service get >> restarted Can I get the latest table information on the logs itself ? So >> that I can check from the logs what changes made in the DB before restart . >> >> If this is not possible , then what is the other way to do so ? Please >> suggest . I am stuck on soothing here before production live . >> >> >> *Thanks & Regards* >> *Sasmita Panda* >> *Senior Network Testing and Software Engineer* >> *3CLogic , ph:07827611765* >> _______________________________________________ >> Users mailing list >> Users at lists.opensips.org >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mayamatakeshi at gmail.com Sun Jul 6 05:36:20 2025 From: mayamatakeshi at gmail.com (mayamatakeshi) Date: Sun, 6 Jul 2025 14:36:20 +0900 Subject: [OpenSIPS-Users] node module to help writing SIP functional/integration tests Message-ID: Over the years I have been slowly writing a node module to help me write SIP functional/integration tests: https://github.com/MayamaTakeshi/sip-lab I have been adding new features as I needed for new kinds of test but didn't have time to document it. But now I need to mentor some newcomers to the company I work for and had to do it. I asked gemini to do it for me and got: https://github.com/MayamaTakeshi/sip-lab/blob/master/DOC.md It might be of help for other people so I am sharing it. -------------- next part -------------- An HTML attachment was scrubbed... URL: