* You are viewing Posts Tagged ‘cert’

Can’t make call with TDM410P

Actually I can start and receive SIP calls (PC client, iphone client)
but I have an issue with calling external number throught PSTN
(certified-asterisk-1.8.11-cert2).

I’m having this  error when making a call:

*CLI>   == Using SIP RTP CoS mark 5
    — Executing [9000@local:1] Dial(“SIP/3000-00000006″,
“DAHDI/1/4384019357,10″) in new stack
[Jun 23 16:18:09] WARNING[28781]: app_dial.c:2218 dial_exec_full:
Unable to create channel of type ‘DAHDI’ (cause 0 – Unknown)
  == Everyone is busy/congested at this time (1:0/0/1)
    — Executing [9000@local:2] Hangup(“SIP/3000-00000006″, “”) in new stack
  == Spawn extension (local, 9000, 2) exited non-zero on ‘SIP/3000-00000006′

My configs :
*CLI> dahdi show channels
   Chan Extension  Context         Language   MOH Interpret
Blocked    State
 pseudo            default                    default
      In Service
*CLI> dahdi show status
Description                              Alarms  IRQ    bpviol CRC
Fra Codi Options  LBO
Wildcard TDM410P                         OK      0      0      0
CAS Unk           0 db (CSU)/0-133 feet (DSX-1)
*CLI>

root@my-PC:/usr/src/certified-asterisk-1.8.11-cert2# lsmod | grep dahdi
dahdi_echocan_mg2      12998  4
dahdi_voicebus         58608  1 wctdm24xxp
dahdi                 220595  3 dahdi_echocan_mg2,wctdm24xxp,dahdi_voicebus
crc_ccitt              12667  2 wctdm24xxp,dah

extensions.conf
[local]
exten => 100,1,Dial(gtalk/asterisk/Myaccount.voip@gmail.com)
exten => 2000,1,Dial(SIP/2000,10)
exten => 3000,1,Dial(SIP/3000,10)
exten => 9000,1,Dial(DAHDI/1/MyCellPhoneNumber,10)
exten => 9000,2,hangup()

root@My-PC:/usr/src/certified-asterisk-1.8.11-cert2# dahdi_scan
[1]
active=yes
alarms=OK
description=Wildcard TDM410P
name=WCTDM/0
manufacturer=Digium
devicetype=Wildcard TDM410P
location=PCI Bus 04 Slot 01
basechan=1
totchans=4
irq=0
type=analog
port=1,FXO
port=2,FXO
port=3,FXS
port=4,FXS

root@My-PC:/usr/src/certified-asterisk-1.8.11-cert2# dahdi_hardware
pci:0000:04:00.0 wctdm24xxp+ d161:8005 Wildcard TDM410P

Certified Asterisk 1.8.11-cert2; Asterisk 1.8.12.1, 10.4.1 Now Available (Security Release)

The Asterisk Development Team has announced security releases for Certified
Asterisk 1.8.11 and Asterisk 1.8 and 10. The available security releases are
released as versions 1.8.11-cert2, 1.8.12.1, and 10.4.1.

These releases are available for immediate download at
http://downloads.asterisk.org/pub/telephony/asterisk/releases

The release of Asterisk 1.8.11-cert2, 1.8.12.1, and 10.4.1 resolve the following
two issues:

* A remotely exploitable crash vulnerability exists in the IAX2 channel
driver if an established call is placed on hold without a suggested music
class. Asterisk will attempt to use an invalid pointer to the music
on hold class name, potentially causing a crash.

* A remotely exploitable crash vulnerability was found in the Skinny (SCCP)
Channel driver. When an SCCP client closes its connection to the server,
a pointer in a structure is set to NULL. If the client was not in the
on-hook state at the time the connection was closed, this pointer is later
dereferenced. This allows remote authenticated connections the ability to
cause a crash in the server, denying services to legitimate users.

These issues and their resolution are described in the security advisories.

For more information about the details of these vulnerabilities, please read
security advisories AST-2012-007 and AST-2012-008, which were released at the
same time as this announcement.

For a full list of changes in the current releases, please see the ChangeLogs:

http://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-1.8.11-cert2
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-1.8.12.1
http://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-10.4.1

The security advisories are available at:

* http://downloads.asterisk.org/pub/security/AST-2012-007.pdf
* http://downloads.asterisk.org/pub/security/AST-2012-008.pdf

Thank you for your continued support of Asterisk!

Sound file format and Asterisk 1.8.11-cert1

Hi All;

I installed Asterisk 1.8.11-cert1, and it look like the default is ulaw for the sound files. How I can fix this?

Athough file beep.gsm is existed under path (/var/lib/asterisk/sounds/en), but when I used the Record function, it gave me the following (so I am sure there is something that can let asterisk accept beep.gsm), what could be?

[May 5 00:44:16] WARNING[2262]: file.c:663 ast_openstream_full: File beep does not exist in any format
[May 5 00:44:16] WARNING[2262]: file.c:958 ast_streamfile: Unable to open beep (format 0x4 (ulaw)): No such file or directory
[May 5 00:44:16] WARNING[2262]: app_record.c:285 record_exec: ast_streamfile failed on DAHDI/1-1

Regards
Bilal

Commercial SSL certs on Asterisk 1.8.10.0 with Polycom phones for encrypted calls using TLS and SRTP?

Hi all,

We’re testing TLS and SRTP on Asterisk 1.8.10.0 and have it working
with a commerical (not self-sign) AlphaSSL wildcard (GlobalSign) using
Blink Lite 1.6.2 as per
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial

We’ve tested with Bria on an iPhone and that doesn’t recognised the
commercial CA (GlobalSign Root CA).

On a Yealink 28P with V60/V61 is registers over TLS, but can’t do
SRTP. Yealink are working on this and are testing against one of our
dev servers.

My question is someone (Digium) must have this working against Polycom
(which is a requirement for this project) with commercial certs since
that’s their partner of choice?

This is our relevant setup:

tlsenable=yes
tlsbindaddr=0.0.0.0
tcpbindaddr=0.0.0.0
tcpenable=yes
transport=tcp,udp,tls
tlscertfile=/etc/asterisk/ssl/test_wildcard_cert.pem
tlscafile=/etc/asterisk/ssl/AlphaSSLroot.crt
tlscipher=ALL
tlsclientmethod=tlsv1

This file has the cert and key in it:

test_wildcard_cert.pem

is as per:

http://www.alphassl.com/support/install-ssl/apache.html

and AlphaSSLroot.crt is as per:

http://www.alphassl.com/support/install-root/apache.html

We haven’t tested Snom or Aastra yet.

Thanks,

Gavin.

sip tls problem

Hi all,

i have had sip TLS with an own signed certificate (using the
ast_tls_cert script) running on asterisk-1.8.8 – i then have updated
to 1.8.9.3 – and now i get the message “FILE * open failed!”

I have already recreated the certificates with the script – but still no luck…

Does anyone here know the source of the problem ?

best regards,
Wolfgang Pichler

TLS problems – patch in Jira

I’ve just come across this issue:

https://issues.asterisk.org/jira/browse/ASTERISK-17727

I am strongly in support of TLS and I believe this issue will be a
stumbling block for more and more users – because more and more CAs are
using the intermediate certificate chains

For example, the free startssl.com certs are trusted by Android phones
now. I have a UA running on my phone against a SIP proxy with Kamailio.
I have the free cert and the intermediate cert in a single pem file.
It all works.

As noted in the bug, there may be phones that don’t supported chain
certs – but that shouldn’t prevent the rest of us using them. People
with such phones (which are becoming the minority) can just not use
chained certs.

There is no reason not to apply the supplied patch – that patch for
Asterisk just makes it use the same OpenSSL function that Kamailio is
using to load the chain