Asterisk SIP chan_sip2

Placeholder...

(:arrow:) See http://bugs.digium.com/bug_view_page.php?bug_id=0000759

CHAN_SIP2 DEVELOPMENT IS NO LONGER... Look forward to chan_sip3 somewhere in the future :-)



How to install

  • Add chan_sip2 to the channels/Makefile
Add the following to the Makefile (see chan_iax in the file)

CHANNEL_LIBS+=chan_sip2.so

  • Rename the file downloaded to chan_sip2.c and place it in the channels directory
  • Open the source code in an editor (even if you're not a hacker) and READ THE FIRST PART. That's the documentation for chan_sip2.
  • make / make install
  • Change your modules.conf
    • Add "noload=chan_sip.so" if you want to run chan_sip2
    • If you want to switch back, add "noload=chan_sip2.so"
  • Restart asterisk

From the source (READ THE LATEST IN THE SOURCE FILE YOU DOWNLOAD!)


  * CHAN_SIP2.C: BETA SIP CHANNEL
  *      Modified by Olle E. Johansson, Edvina.net, oej@edvina.net
  *      With help from
  *      * Flavour - testing, suggestions
  *      * PWW - new functions for externip, localnet
  *      * Geertn - Compile time warnings fixes
  *
  *  + Version: See your source file
  *
  *  + Up to date with chan_sip cvs as of <<date>>
  *    - I've not added the new sip debug options of chan_sip yet
  *    - Or the filters to SIP show peers
  *    - Nor the OSP support
  *  + Better support for SRV, we now support the port argument
  *    from the DNS SRV record
  *
  *  + A lot of the features in chan_sip2 are now ported to chan_sip :-)
 *
 *  + WARNING: This version changes a lot of functionality in regards
 *    to authentication, we use the digest auth username to check
 *    credentials for INVITES, not the username@ in the From: URI
 *    INVITEs are authenticated this new way, not REGISTER/SUBSCRIBE
 *    yet
 *    ** This is not heavily tested, please help me test this **
 *      I've been using this in production for a while, it works for me.
 *  + Authentication based on REALMs. If another SIP proxy challenges us
 *    we now check for a username/secret for that realm and use that for
 *    auth.
 *
 *    Format for authentication entry is
 *           auth=user[:secret]@realm
 *    in the [general] section or a [peer]/[user] or [friend]
 *
 *  + Sipdebugfilter function (not yet in CLI )
 *      sipdebugip=<ip address> in [general]
 *      sipdebugport=<port> in [general]
 *      both needs to be defined. Then do "sip debug" in CLI
 *      Headers are shown only for matches
 *      if sipdebugrestrict=yes, no OPTIONS or NOTIFY packets will be shown.
 *      *** The debug filter will change to the one in CVS head ***
 *  + Changed output format of sip debug
 *  + Save full contact data for later invites, which helps SNOM phones
 *    and some NAT middle boxes
 *    Now, we're not guessing or composing Contact: headers, just using
 *    what we get in registration.
 *  + Added manager SIPpeer command
*  + Template support for peers and users in sip.conf
 *    Define template [template-name]
 *    Then use it with "template=name" first in friend/user/peer definition
 *    You need to declare type= within template.
 *  + Template support for autocreatepeer
 *    Template [template-autocreatepeer] will be applied to all auto-
 *    created peers if defined in sip.conf
 *    You can use ACL for autocreatepeer to limit who can create peers
 *  + Templates implemented for users
 *  + Temporary support for MYSQL authentication - will be moved to ODBC
 *      dbname=         Database name
 *      dbpass=         Password
 *      dbhost=         Hostname
 *      dbuser=         Username for DB connection
 *
 *      dbtable=        Table to check           To be implemented *****
 *      dbfield_user=   Field for peer name
 *      dbfield_pwd=    Field for password
 *
 *    Right now defaults to 'subscriber' table, fields 'username' and 'password'
 *
 *    You still need either a peer definition or an autocreatepeer
 *       secret=<db> for database authentication for this user
 *    You need to enable MYSQL_AUTH to get this functionality
 *    The MYSQL_FRIENDS define makes asterisk reades peer definition
 *    from a database as in the original chan_sip.c
 *  + Sends "WWW-authenticate" on REGISTER
 *  + Checks for sdp Content-type: header before processing it
 *  + Trying to add full support for SIP redirects
 *  + Support for symmetricrtp  (symmetricrtp=yes in peer/user or global conf)
 *    This means that we're sending RTP to the port we receive it from
 *    not to where the SDP wants it. Good for clients that use STUN to
 *    expose their outside IP
 *    We still do not support direction in SDP, that's next on the list
 *    when I find a client that uses it.
 *  + Added manager events for SIPregistration based on code from Nicolas Gudino
 *  + Added support for realm based authentication on outbound calls
 *    Add [authentication] section in sip.conf
 *    For each realm, add
 *        auth = <user>:<secret>@<realm>
 *      like
 *        auth = oej@mypassword@edvina.net
 *
 *      Everytime someone challenges us for auth in the "edvina.net"
 *      realm, that username and password will be used for authentication.
 *  + Added new dialplan application SIPGetHeader
 *  + "Promiscredir" is meaningless in this channel, since we have a
 *     different support of 302 redirects than chan_sip. Let's try this way.
 *
 *

NEW VARIABLES TO USE IN THE DIAL PLAN

  • + Added SIPFROMURI variable that shows the callers id
  • + Added _SIPADDHEADER that adds a SIP header, any header
  • Example of use : setvar(_SIPADDHEADER=X-myheader: ${EXTEN} ${PRIORITY})
  • Requires patch http://bugs.digium.com/bug_view_page.php?bug_id=0000928
  • to work. This will be made into an application sipaddheader()

CODE FIXES

  • + Changed global variable names to global_* to make code easier to read
  • + Added many comments inline
  • + Changed global variable name "type" to "channeltype" for clarity :-)
  • + Changed a lot of "username"s to better variable/structure names
  • With too many different things using the same name, the risk of confusion
  • is too high...

NEW CLI COMMANDS/OPTIONS

  • + 'sip show xpeers' (extended) shows useragent and Contact header
  • + 'sip show active' (extended) Only shows active peers
  • i.e. those who registred or have default IP
  • + 'sip debug <peername>' also works at CLI
  • + 'sip debug all' disables filters
  • + 'sip show stats' show some statistics (work in progress)

MAJOR AUTHENTICATION CHANGES

 *  + We now *always* challenge the UA to authenticate
 *    regardless if the secret is blank or not
 *    This way, we get the auth user name from every client
 *    which is what we should match with [user] or [peer]

SUPPORT FOR OUTBOUND PROXY

  • + Support for outbound proxy
  • outboundproxy=
  • outboundproxyport=
  • This is implemented but is not heavily tested.
  • If you have configured localnet= networks, these
  • will be excluded from outbound proxy.
  • You will have to add the outbound proxy as a peer
  • Since all the traffic comes from the outbound proxy IP
  • Matching on IP address will not work.
  • + Support for domain restriction (realm + from: domain)
  • Need list of acceptable domains for incoming into default context
  • - Started with one default domain "domain=" in sip.conf, global_domain variable
  • + Default extension for peer, "extension=" in sip.conf peer definition
  • + Improved support for 302 redirects




/Olle

Placeholder...

(:arrow:) See http://bugs.digium.com/bug_view_page.php?bug_id=0000759

CHAN_SIP2 DEVELOPMENT IS NO LONGER... Look forward to chan_sip3 somewhere in the future :-)



How to install

  • Add chan_sip2 to the channels/Makefile
Add the following to the Makefile (see chan_iax in the file)

CHANNEL_LIBS+=chan_sip2.so

  • Rename the file downloaded to chan_sip2.c and place it in the channels directory
  • Open the source code in an editor (even if you're not a hacker) and READ THE FIRST PART. That's the documentation for chan_sip2.
  • make / make install
  • Change your modules.conf
    • Add "noload=chan_sip.so" if you want to run chan_sip2
    • If you want to switch back, add "noload=chan_sip2.so"
  • Restart asterisk

From the source (READ THE LATEST IN THE SOURCE FILE YOU DOWNLOAD!)


  * CHAN_SIP2.C: BETA SIP CHANNEL
  *      Modified by Olle E. Johansson, Edvina.net, oej@edvina.net
  *      With help from
  *      * Flavour - testing, suggestions
  *      * PWW - new functions for externip, localnet
  *      * Geertn - Compile time warnings fixes
  *
  *  + Version: See your source file
  *
  *  + Up to date with chan_sip cvs as of <<date>>
  *    - I've not added the new sip debug options of chan_sip yet
  *    - Or the filters to SIP show peers
  *    - Nor the OSP support
  *  + Better support for SRV, we now support the port argument
  *    from the DNS SRV record
  *
  *  + A lot of the features in chan_sip2 are now ported to chan_sip :-)
 *
 *  + WARNING: This version changes a lot of functionality in regards
 *    to authentication, we use the digest auth username to check
 *    credentials for INVITES, not the username@ in the From: URI
 *    INVITEs are authenticated this new way, not REGISTER/SUBSCRIBE
 *    yet
 *    ** This is not heavily tested, please help me test this **
 *      I've been using this in production for a while, it works for me.
 *  + Authentication based on REALMs. If another SIP proxy challenges us
 *    we now check for a username/secret for that realm and use that for
 *    auth.
 *
 *    Format for authentication entry is
 *           auth=user[:secret]@realm
 *    in the [general] section or a [peer]/[user] or [friend]
 *
 *  + Sipdebugfilter function (not yet in CLI )
 *      sipdebugip=<ip address> in [general]
 *      sipdebugport=<port> in [general]
 *      both needs to be defined. Then do "sip debug" in CLI
 *      Headers are shown only for matches
 *      if sipdebugrestrict=yes, no OPTIONS or NOTIFY packets will be shown.
 *      *** The debug filter will change to the one in CVS head ***
 *  + Changed output format of sip debug
 *  + Save full contact data for later invites, which helps SNOM phones
 *    and some NAT middle boxes
 *    Now, we're not guessing or composing Contact: headers, just using
 *    what we get in registration.
 *  + Added manager SIPpeer command
*  + Template support for peers and users in sip.conf
 *    Define template [template-name]
 *    Then use it with "template=name" first in friend/user/peer definition
 *    You need to declare type= within template.
 *  + Template support for autocreatepeer
 *    Template [template-autocreatepeer] will be applied to all auto-
 *    created peers if defined in sip.conf
 *    You can use ACL for autocreatepeer to limit who can create peers
 *  + Templates implemented for users
 *  + Temporary support for MYSQL authentication - will be moved to ODBC
 *      dbname=         Database name
 *      dbpass=         Password
 *      dbhost=         Hostname
 *      dbuser=         Username for DB connection
 *
 *      dbtable=        Table to check           To be implemented *****
 *      dbfield_user=   Field for peer name
 *      dbfield_pwd=    Field for password
 *
 *    Right now defaults to 'subscriber' table, fields 'username' and 'password'
 *
 *    You still need either a peer definition or an autocreatepeer
 *       secret=<db> for database authentication for this user
 *    You need to enable MYSQL_AUTH to get this functionality
 *    The MYSQL_FRIENDS define makes asterisk reades peer definition
 *    from a database as in the original chan_sip.c
 *  + Sends "WWW-authenticate" on REGISTER
 *  + Checks for sdp Content-type: header before processing it
 *  + Trying to add full support for SIP redirects
 *  + Support for symmetricrtp  (symmetricrtp=yes in peer/user or global conf)
 *    This means that we're sending RTP to the port we receive it from
 *    not to where the SDP wants it. Good for clients that use STUN to
 *    expose their outside IP
 *    We still do not support direction in SDP, that's next on the list
 *    when I find a client that uses it.
 *  + Added manager events for SIPregistration based on code from Nicolas Gudino
 *  + Added support for realm based authentication on outbound calls
 *    Add [authentication] section in sip.conf
 *    For each realm, add
 *        auth = <user>:<secret>@<realm>
 *      like
 *        auth = oej@mypassword@edvina.net
 *
 *      Everytime someone challenges us for auth in the "edvina.net"
 *      realm, that username and password will be used for authentication.
 *  + Added new dialplan application SIPGetHeader
 *  + "Promiscredir" is meaningless in this channel, since we have a
 *     different support of 302 redirects than chan_sip. Let's try this way.
 *
 *

NEW VARIABLES TO USE IN THE DIAL PLAN

  • + Added SIPFROMURI variable that shows the callers id
  • + Added _SIPADDHEADER that adds a SIP header, any header
  • Example of use : setvar(_SIPADDHEADER=X-myheader: ${EXTEN} ${PRIORITY})
  • Requires patch http://bugs.digium.com/bug_view_page.php?bug_id=0000928
  • to work. This will be made into an application sipaddheader()

CODE FIXES

  • + Changed global variable names to global_* to make code easier to read
  • + Added many comments inline
  • + Changed global variable name "type" to "channeltype" for clarity :-)
  • + Changed a lot of "username"s to better variable/structure names
  • With too many different things using the same name, the risk of confusion
  • is too high...

NEW CLI COMMANDS/OPTIONS

  • + 'sip show xpeers' (extended) shows useragent and Contact header
  • + 'sip show active' (extended) Only shows active peers
  • i.e. those who registred or have default IP
  • + 'sip debug <peername>' also works at CLI
  • + 'sip debug all' disables filters
  • + 'sip show stats' show some statistics (work in progress)

MAJOR AUTHENTICATION CHANGES

 *  + We now *always* challenge the UA to authenticate
 *    regardless if the secret is blank or not
 *    This way, we get the auth user name from every client
 *    which is what we should match with [user] or [peer]

SUPPORT FOR OUTBOUND PROXY

  • + Support for outbound proxy
  • outboundproxy=
  • outboundproxyport=
  • This is implemented but is not heavily tested.
  • If you have configured localnet= networks, these
  • will be excluded from outbound proxy.
  • You will have to add the outbound proxy as a peer
  • Since all the traffic comes from the outbound proxy IP
  • Matching on IP address will not work.
  • + Support for domain restriction (realm + from: domain)
  • Need list of acceptable domains for incoming into default context
  • - Started with one default domain "domain=" in sip.conf, global_domain variable
  • + Default extension for peer, "extension=" in sip.conf peer definition
  • + Improved support for 302 redirects




/Olle

Created by: oej, Last modification: Fri 08 of Jun, 2012 (23:19 UTC) by admin
Please update this page with new information, just login and click on the "Edit" or "Discussion" tab. Get a free login here: Register Thanks! - Find us on Google+