Merge remote-tracking branch 'somleng/develop' into t_jstahlbaum_audi…

…o_buffer
jstahlbaum-fibernetics · Jul 3, 2024 · 6e14ecc · 6e14ecc
2 parents a0e2495 + 6699b60
commit 6e14ecc
Show file tree

Hide file tree

Showing 8 changed files with 37 additions and 41 deletions.
diff --git a/components/app/Gemfile.lock b/components/app/Gemfile.lock
@@ -89,13 +89,13 @@ GEM
     adhearsion-loquacious (1.9.3)
     ast (2.4.2)
     aws-eventstream (1.3.0)
-    aws-partitions (1.947.0)
-    aws-sdk-core (3.199.0)
+    aws-partitions (1.949.0)
+    aws-sdk-core (3.200.0)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.651.0)
       aws-sigv4 (~> 1.8)
       jmespath (~> 1, >= 1.6.1)
-    aws-sdk-lambda (1.123.0)
+    aws-sdk-lambda (1.124.0)
       aws-sdk-core (~> 3, >= 3.199.0)
       aws-sigv4 (~> 1.1)
     aws-sdk-polly (1.89.0)
@@ -310,7 +310,7 @@ GEM
     thread_safe (0.3.6)
     tilt (2.3.0)
     timers (4.3.5)
-    twilio-ruby (7.2.0)
+    twilio-ruby (7.2.2)
       faraday (>= 0.9, < 3.0)
       jwt (>= 1.5, < 3.0)
       nokogiri (>= 1.6, < 2.0)

diff --git a/components/gateway/Dockerfile b/components/gateway/Dockerfile
@@ -6,7 +6,7 @@ USER root
 
 ENV DEBIAN_FRONTEND noninteractive
 
-ARG OPENSIPS_VERSION=3.3
+ARG OPENSIPS_VERSION=3.4
 ARG OPENSIPS_BUILD=releases
 
 RUN apt-get -y update -qq && apt-get -y install gnupg2 ca-certificates curl && \
@@ -36,7 +36,7 @@ USER root
 
 ENV DEBIAN_FRONTEND noninteractive
 
-ARG OPENSIPS_VERSION=3.3
+ARG OPENSIPS_VERSION=3.4
 ARG OPENSIPS_BUILD=releases
 
 RUN apt-get -y update -qq && apt-get -y install gnupg2 ca-certificates iproute2 curl netcat-traditional jq && \

diff --git a/components/gateway/client_gateway/docker-entrypoint.sh b/components/gateway/client_gateway/docker-entrypoint.sh
@@ -31,7 +31,7 @@ if [ "$1" = 'opensips' ]; then
   sed -i "s|LOCAL_IP|$LOCAL_IP|g" /etc/opensips/opensips.cfg
   sed -i "s|INTERFACE_NAME|$INTERFACE_NAME|g" /etc/opensips/opensips.cfg
 
-  exec "$OPENSIPS_CONTAINER_BINARY" -FE
+  exec "$OPENSIPS_CONTAINER_BINARY" -F
 fi
 
 exec "$@"
diff --git a/components/gateway/client_gateway/opensips.cfg b/components/gateway/client_gateway/opensips.cfg
@@ -96,7 +96,7 @@ modparam("usrloc", "db_url", DATABASE_URL)
 #### AUTHentication modules
 loadmodule "auth.so"
 loadmodule "auth_db.so"
-# https://opensips.org/html/docs/modules/3.3.x/auth_db.html#param_calculate_ha1
+# https://opensips.org/html/docs/modules/3.4.x/auth_db.html#param_calculate_ha1
 modparam("auth_db", "calculate_ha1", 0) # Precalculated hash in database
 modparam("auth_db", "db_url", DATABASE_URL)
 
@@ -136,26 +136,18 @@ route{
 
   # https://kb.smartvox.co.uk/opensips/nat-contact-and-via-fixing-in-sip-part-2/
   # https://www.cnblogs.com/zhangxianrong/p/14251867.html
-  # https://opensips.org/html/docs/modules/3.3.x/nathelper.html#func_nat_uac_test
-
-  # 1 - Contact header field is searched for occurrence of RFC1918 / RFC6598 addresses.
-  # 2 - the "received" test is used: address in Via is compared against source IP address of signaling
-  # 4 - Top Most VIA is searched for occurrence of RFC1918 / RFC6598 addresses
-  # 8 - SDP is searched for occurrence of RFC1918 / RFC6598 addresses
-  # 16 - test if the source port is different from the port in Via
-  # 32 - address in Contact is compared against source IP address of signaling
-  # 64 - Port in Contact is compared against source port of signaling
+  # https://opensips.org/html/docs/modules/3.4.x/nathelper.html#func_nat_uac_test
 
   # Set the NAT flag if either:
-  # The source port is different from the port in the Via header, OR
-  # The sourcce IP is different fro the IP in the Via header, OR
-  if (nat_uac_test(18)) {
+  # The source port is different from the port in the Via header OR
+  # The source IP is different fro the IP in the Via header
+  if (nat_uac_test("diff-ip-src-via,diff-port-src-via")) {
     force_rport();
     setflag("NAT_FLAG");
   }
 
   # OPTIONS requests
-  # https://opensips.org/html/docs/modules/3.3.x/options.html
+  # https://opensips.org/html/docs/modules/3.4.x/options.html
   if (is_method("OPTIONS")) {
     xlog("L_NOTICE", "Received OPTIONS from $fu\n");
 
@@ -166,7 +158,7 @@ route{
   if (is_method("REGISTER")) {
     if (isflagset("NAT_FLAG")) {
       xlog("L_NOTICE", "NATed register\n");
-      # https://opensips.org/html/docs/modules/3.3.x/nathelper.html#func_fix_nated_register
+      # https://opensips.org/html/docs/modules/3.4.x/nathelper.html#func_fix_nated_register
       # The function creates a URI consisting of the source IP, port, and protocol
       # and stores the URI in an Attribute-Value-Pair.
       # The URI will be appended as "received" parameter to Contact in 200 OK
@@ -176,9 +168,9 @@ route{
     }
 
     # authenticate the REGISTER requests
-    # https://opensips.org/html/docs/modules/3.3.x/auth_db.html#func_www_authorize
+    # https://opensips.org/html/docs/modules/3.4.x/auth_db.html#func_www_authorize
     if (!www_authorize("somleng.org", "subscriber")) {
-      # https://opensips.org/html/docs/modules/3.3.x/auth.html#func_www_challenge
+      # https://opensips.org/html/docs/modules/3.4.x/auth.html#func_www_challenge
       www_challenge("somleng.org", "auth");
       exit;
     }
@@ -248,13 +240,15 @@ route{
     xlog("L_NOTICE", "Domain is local. INVITE for an inbound call\n");
     setflag("INBOUND_FLAG");
 
+    # https://opensips.org/html/docs/modules/3.4.x/nathelper.html#func_nat_uac_test
+
     # Fix the contact if:
     # The source address is different from the address in the contact, OR
     # The source port is different from the port in the contact
 
     # Note we don't need this check for outbound calls since we
     # can assume the contact is correct
-    if (nat_uac_test(96)) {
+    if (nat_uac_test("diff-ip-src-contact,diff-port-src-contact")) {
       xlog("L_NOTICE", "Fixing nated contact\n ");
 
       fix_nated_contact();
@@ -277,7 +271,7 @@ route{
     }
 
     # Remove credentials from upstream request
-    # https://opensips.org/html/docs/modules/3.3.x/auth.html#func_consume_credentials
+    # https://opensips.org/html/docs/modules/3.4.x/auth.html#func_consume_credentials
     consume_credentials();
   }
 
@@ -290,7 +284,7 @@ route{
 
   # Some UAC send a Route Header
   # with a local proxy IP in an initial INVITE Request
-  # According to https://opensips.org/html/docs/modules/3.3.x/rr.html#func_loose_route
+  # According to https://opensips.org/html/docs/modules/3.4.x/rr.html#func_loose_route
   # The only exception is for requests with preload Route headers (intial requests, carrying a Route header):
   # if there is only one Route header indicating the local proxy, then the Route header is removed and the function returns FALSE.
   # However after testing we see loose_route() returns TRUE in this scenario.
@@ -369,12 +363,14 @@ onreply_route[RELAY] {
 
   rtpengine_manage();
 
+  # https://opensips.org/html/docs/modules/3.4.x/nathelper.html#func_nat_uac_test
+
   # Fix the contact if:
   # The source address is different from the address in the contact, OR
   # The source port is different from the port in the contact
 
   # Note: This should only happen on reply from a client behind a NAT.
-  if (nat_uac_test(96)) {
+    if (nat_uac_test("diff-ip-src-contact,diff-port-src-contact")) {
     xlog("L_NOTICE", "Fixing nated contact\n ");
 
     fix_nated_contact();

diff --git a/components/gateway/public_gateway/docker-entrypoint.sh b/components/gateway/public_gateway/docker-entrypoint.sh
@@ -25,7 +25,7 @@ if [ "$1" = 'opensips' ]; then
   sed -i "s|LOCAL_IP|$LOCAL_IP|g" /etc/opensips/opensips.cfg
   sed -i "s|INTERFACE_NAME|$INTERFACE_NAME|g" /etc/opensips/opensips.cfg
 
-  exec "$OPENSIPS_CONTAINER_BINARY" -FE
+  exec "$OPENSIPS_CONTAINER_BINARY" -F
 fi
 
 exec "$@"
diff --git a/components/gateway/public_gateway/opensips.cfg b/components/gateway/public_gateway/opensips.cfg
@@ -113,16 +113,16 @@ route{
 
   # https://kb.smartvox.co.uk/opensips/nat-contact-and-via-fixing-in-sip-part-2/
   # https://www.cnblogs.com/zhangxianrong/p/14251867.html
-  # https://opensips.org/html/docs/modules/3.3.x/nathelper.html#func_nat_uac_test
+  # https://opensips.org/html/docs/modules/3.4.x/nathelper.html#func_nat_uac_test
 
-  # 2 - the "received" test is used: address in Via is compared against source IP address of signaling
-  # 16 - test if the source port is different from the port in Via
-  if (nat_uac_test(18)) {
+  # the "received" test is used: address in Via is compared against source IP address of signaling
+  # test if the source port is different from the port in Via
+  if (nat_uac_test("diff-ip-src-via,diff-port-src-via")) {
     force_rport();
   }
 
   # OPTIONS requests
-  # https://opensips.org/html/docs/modules/3.3.x/options.html
+  # https://opensips.org/html/docs/modules/3.4.x/options.html
   if (is_method("OPTIONS")) {
     xlog("L_NOTICE", "Received OPTIONS from $fu\n");
 
@@ -189,8 +189,8 @@ route{
   t_check_trans();
 
   # Authorize Request
-  # https://opensips.org/html/docs/modules/3.3.x/permissions.html#func_check_address
-  # https://opensips.org/html/docs/modules/3.3.x/permissions.html#func_check_source_address
+  # https://opensips.org/html/docs/modules/3.4.x/permissions.html#func_check_address
+  # https://opensips.org/html/docs/modules/3.4.x/permissions.html#func_check_source_address
 
   if (!check_source_address(0)) {
     xlog("L_NOTICE", "Denying address $si\n");
@@ -200,7 +200,7 @@ route{
 
   # Some UAC send a Route Header
   # with a local proxy IP in an initial INVITE Request
-  # According to https://opensips.org/html/docs/modules/3.3.x/rr.html#func_loose_route
+  # According to https://opensips.org/html/docs/modules/3.4.x/rr.html#func_loose_route
   # The only exception is for requests with preload Route headers (intial requests, carrying a Route header):
   # if there is only one Route header indicating the local proxy, then the Route header is removed and the function returns FALSE.
   # However after testing we see loose_route() returns TRUE in this scenario.

diff --git a/components/s3_mpeg/Gemfile.lock b/components/s3_mpeg/Gemfile.lock
@@ -2,16 +2,16 @@ GEM
   remote: https://rubygems.org/
   specs:
     aws-eventstream (1.3.0)
-    aws-partitions (1.947.0)
-    aws-sdk-core (3.199.0)
+    aws-partitions (1.949.0)
+    aws-sdk-core (3.200.0)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.651.0)
       aws-sigv4 (~> 1.8)
       jmespath (~> 1, >= 1.6.1)
     aws-sdk-kms (1.87.0)
       aws-sdk-core (~> 3, >= 3.199.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.154.0)
+    aws-sdk-s3 (1.155.0)
       aws-sdk-core (~> 3, >= 3.199.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.8)

diff --git a/components/services/Gemfile.lock b/components/services/Gemfile.lock
@@ -50,7 +50,7 @@ GEM
     sentry-ruby (5.18.0)
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
-    sequel (5.81.0)
+    sequel (5.82.0)
       bigdecimal
     simplecov (0.22.0)
       docile (~> 1.1)