-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'Mickaelh51-stir-and-shaken-acc'
- Loading branch information
Showing
172 changed files
with
14,163 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# Diagram | ||
```mermaid | ||
sequenceDiagram | ||
uac-sipp-stir-shaken->>+opensips: With identity header | ||
opensips->>+uas-sipp: Without identity header | ||
uas-sipp-->>-opensips: 200 OK | ||
opensips-->>-uac-sipp-stir-shaken: 200 OK | ||
``` | ||
|
||
# Explanations: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,159 @@ | ||
# | ||
# OpenSIPS residential configuration script | ||
# by OpenSIPS Solutions <team@opensips-solutions.com> | ||
# | ||
# This script was generated via "make menuconfig", from | ||
# the "Residential" scenario. | ||
# You can enable / disable more features / functionalities by | ||
# re-generating the scenario with different options.# | ||
# | ||
# Please refer to the Core CookBook at: | ||
# https://opensips.org/Resources/DocsCookbooks | ||
# for a explanation of possible statements, functions and parameters. | ||
# | ||
|
||
|
||
####### Global Parameters ######### | ||
###################################################################### | ||
/* uncomment the following lines to enable debugging */ | ||
#debug_mode=yes | ||
|
||
log_level=4 | ||
xlog_level=4 | ||
log_stderror=yes | ||
|
||
udp_workers=4 | ||
|
||
####### Modules Section ######## | ||
|
||
#set module path | ||
mpath="/usr/lib/x86_64-linux-gnu/opensips/modules/" | ||
|
||
#### SIGNALING module | ||
loadmodule "signaling.so" | ||
|
||
#### StateLess module | ||
loadmodule "sl.so" | ||
|
||
#### Transaction Module | ||
loadmodule "tm.so" | ||
modparam("tm", "fr_timeout", 5) | ||
modparam("tm", "fr_inv_timeout", 30) | ||
modparam("tm", "restart_fr_on_each_reply", 0) | ||
modparam("tm", "onreply_avp_mode", 1) | ||
|
||
#### SIP MSG OPerationS module | ||
loadmodule "sipmsgops.so" | ||
|
||
#### MySQL module | ||
#loadmodule "db_mysql.so" | ||
|
||
#### Dialog module | ||
loadmodule "dialog.so" | ||
#modparam("dialog", "db_mode", 2) | ||
#modparam("dialog", "db_update_period", 2) | ||
#modparam("dialog", "db_url", "mysql://root@192.168.52.2/opensips") | ||
|
||
#### MAX ForWarD module | ||
loadmodule "maxfwd.so" | ||
|
||
#### Record Route Module | ||
loadmodule "rr.so" | ||
/* do not append from tag to the RR (no need for this script) */ | ||
modparam("rr", "append_fromtag", 0) | ||
|
||
loadmodule "proto_udp.so" | ||
|
||
loadmodule "httpd.so" | ||
loadmodule "mi_http.so" | ||
|
||
#### Stir and Shaken | ||
loadmodule "stir_shaken.so" | ||
modparam("stir_shaken", "ca_list", "/etc/opensips/stir-shaken-ca/ca-cert.pem") | ||
modparam("stir_shaken", "require_date_hdr", 0) | ||
modparam("stir_shaken", "verify_date_freshness", 300) # => please change to 60 for French reglementation | ||
|
||
|
||
include_file "stir_shaken_verify.cfg" | ||
|
||
|
||
####### Routing Logic ######## | ||
|
||
# main request routing logic | ||
|
||
route { | ||
|
||
$var(cert) = "-----BEGIN CERTIFICATE----- | ||
MIIByzCCAXGgAwIBAgIUWfW2wiP6QMbm7OlahCyplooFTl0wCgYIKoZIzj0EAwIw | ||
RTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGElu | ||
dGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMzA1MDkwOTE2NThaFw0yNTA4MTEw | ||
OTE2NThaMGoxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJWQTESMBAGA1UEBwwJU29t | ||
ZXdoZXJlMRowGAYDVQQKDBFBY21lVGVsZWNvbSwgSW5jLjENMAsGA1UECwwEVk9J | ||
UDEPMA0GA1UEAwwGU0hBS0VOMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuyQP | ||
0hteN1oKDUxo/2zvTp+0ppJ2IntNSdu36QFsUPDsCWlr4iTUMsjPtD+XQ58xQEf6 | ||
n/zTE9cwZhs46NJWdKMaMBgwFgYIKwYBBQUHARoECjAIoAYWBDEwMDEwCgYIKoZI | ||
zj0EAwIDSAAwRQIga2buNdRtI/56SZ0pBOUd21UxVNacFelmTpnda145zYICIQDz | ||
yWoJxs18OGdJL0sfcw2JKiWQ9i6AKQAgGh31oKxXHg== | ||
-----END CERTIFICATE-----"; | ||
|
||
if (!mf_process_maxfwd_header(10)) { | ||
send_reply(483,"Too Many Hops"); | ||
exit; | ||
} | ||
|
||
if (has_totag()) { | ||
|
||
# handle hop-by-hop ACK (no routing required) | ||
if (is_method("ACK") && t_check_trans()) { | ||
t_relay(); | ||
exit; | ||
} | ||
|
||
# sequential request within a dialog should | ||
# take the path determined by record-routing | ||
if (!loose_route() && !match_dialog()) { | ||
# we do record-routing for all our traffic, so we should not | ||
# receive any sequential requests without Route hdr. | ||
send_reply(404,"Not here"); | ||
exit; | ||
} | ||
|
||
# route it out to whatever destination was set by loose_route() | ||
# in $du (destination URI). | ||
|
||
t_relay(); | ||
exit; | ||
} | ||
|
||
# CANCEL processing | ||
if (is_method("CANCEL")) { | ||
if (t_check_trans()) | ||
t_relay(); | ||
exit; | ||
} | ||
|
||
# accept just INVITE requests | ||
if (!is_method("INVITE")) { | ||
send_reply(503, "Service Unavailable"); | ||
exit; | ||
} | ||
else | ||
{ | ||
$var(kill_calls) = false; | ||
route(stir_shaken_verify); | ||
} | ||
|
||
if (!create_dialog()) { | ||
send_reply(500, "Internal Server Error"); | ||
exit; | ||
} | ||
record_route(); | ||
|
||
if (!t_relay()) | ||
send_reply(500, "Internal Error"); | ||
exit; | ||
|
||
|
||
|
||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
--- | ||
# generate CA: https://blog.opensips.org/2022/10/31/how-to-generate-self-signed-stir-shaken-certificates/ | ||
|
||
timeout: 30 | ||
|
||
tasks: | ||
- name: OpenSIPS | ||
type: opensips | ||
|
||
- name: SIPP UAS | ||
type: uas-sipp | ||
username: "+33987654321" | ||
config_file: scripts/uas.xml | ||
require: OpenSIPS | ||
|
||
- name: SIPP UAC | ||
type: uac-sipp-stir-shaken | ||
service: "+33987654321" | ||
config_file: scripts/uac.xml | ||
remote: {{ uas_ip }}:{{ uas_port }} | ||
caller: "+33612345678" | ||
duration: 10000 | ||
stir_shaken_origid: "toto" | ||
stir_shaken_private_key: | | ||
-----BEGIN EC PRIVATE KEY----- | ||
MHcCAQEEIIOvgr23lbJ5rIOhiF+LR/VU4piEc1EYLT1CF5SN5HtZoAoGCCqGSM49 | ||
AwEHoUQDQgAEuyQP0hteN1oKDUxo/2zvTp+0ppJ2IntNSdu36QFsUPDsCWlr4iTU | ||
MsjPtD+XQ58xQEf6n/zTE9cwZhs46NJWdA== | ||
-----END EC PRIVATE KEY----- | ||
require: | ||
- started: | ||
task: SIPP UAS | ||
wait: 0.5 | ||
- after: | ||
task: OpenSIPS | ||
wait: 0.5 |
Oops, something went wrong.