00:01.09 | ablakely | I tried --force and got [ 2362.661326] Dazed and confused, but trying to continue |
00:01.17 | ablakely | thats a first |
00:02.06 | jm|laptop | that give ms sickening memories of "rpm -i --force --nodeps" |
00:03.01 | jm|laptop | that never went particularly well either |
00:13.13 | *** join/#asterisk sawgood (~sawgood@unaffiliated/sawgood) |
00:22.34 | *** join/#asterisk fstd_ (~fstd@unaffiliated/fisted) |
00:28.51 | *** join/#asterisk drathir_tor (~drathir@gateway/tor-sasl/drathir) |
00:58.54 | *** join/#asterisk sinaowolabi (~Sina@102.134.114.1) |
01:16.33 | *** join/#asterisk Dovid (~dovid@96.56.22.146) |
01:34.31 | *** join/#asterisk pchero (~pchero@211.178.226.108) |
02:00.06 | *** join/#asterisk paulgrmn__ (~paulgrmn@c-98-250-183-21.hsd1.mi.comcast.net) |
02:22.18 | *** join/#asterisk tsal (~tsal@i59F5F664.versanet.de) |
02:50.35 | *** join/#asterisk davlefou (~davlefou@unaffiliated/davlefou) |
03:58.14 | *** join/#asterisk Janos (~textual@201.204.94.76) |
04:29.34 | igcewieling | Nothing quite like renumbering a remote network to get the adrenaline pumping! |
04:29.46 | igcewieling | (even when it goes right) |
05:18.12 | *** join/#asterisk Maliuta (maliutamat@gateway/shell/matrix.org/x-poqlkvcjpylfifbk) |
05:26.50 | *** join/#asterisk Ner0Zer0 (~Ner0Zer0@87.253.63.54) |
07:40.00 | *** join/#asterisk BakaKuna (~Thunderbi@2a02-a446-ae46-1-4496-962e-3edc-596.fixed6.kpn.net) |
08:26.48 | *** join/#asterisk sh_smith (~sh_smith@cpe-172-88-21-24.socal.res.rr.com) |
08:26.57 | *** join/#asterisk opal (~wowaname@volatile/founder/wowaname) |
08:31.37 | *** join/#asterisk guest9183 (~martin@185.32.9.250) |
08:34.37 | guest9183 | Hello! I am trying to include a external file into my [global] scope with pjsip. But it does not work, if I add the networking directly under [udp-transport] it works. I hope it is a basic thing I have overseen https://pastebin.com/raw/RBd7jzsv |
08:35.21 | guest9183 | I wish not to define the networking separetly on all transport to keep the config slim. |
08:39.19 | guest9183 | Hm, when testing I see that adding networking configurations under [global] does not affect the transport scopes |
09:08.55 | *** join/#asterisk cation21 (cation21@gateway/vpn/protonvpn/cation21) |
09:25.16 | *** join/#asterisk jkroon (~jkroon@165.16.204.100) |
10:25.45 | *** join/#asterisk drathir_tor (~drathir@gateway/tor-sasl/drathir) |
10:38.34 | *** join/#asterisk sinaowolabi (~Sina@41.190.30.26) |
12:19.40 | *** join/#asterisk rpifan (~rpifan@p200300d2672b5d0091da27f0e2edaf9f.dip0.t-ipconnect.de) |
13:01.40 | *** join/#asterisk paulgrmn__ (~paulgrmn@c-98-250-183-21.hsd1.mi.comcast.net) |
13:17.15 | *** join/#asterisk retentiveboy (~retentive@2601:cf:4500:5ea0:d7d4:5bb3:3637:fc81) |
13:18.54 | *** join/#asterisk lbazan (~LoKoMurdo@fedora/LoKoMurdoK) |
13:19.15 | *** join/#asterisk retentiveboy (~retentive@2601:cf:4500:5ea0:d7d4:5bb3:3637:fc81) |
13:49.00 | *** join/#asterisk lihora (~suporte@2804:14d:72b1:948e:7f49:c2f2:2854:320a) |
13:49.06 | *** part/#asterisk lihora (~suporte@2804:14d:72b1:948e:7f49:c2f2:2854:320a) |
14:10.57 | *** join/#asterisk kharwell (uid358942@gateway/web/irccloud.com/x-fvhnmxzjupirjrnb) |
14:10.57 | *** mode/#asterisk [+o kharwell] by ChanServ |
14:25.28 | *** join/#asterisk rpifan (~rpifan@p200300d2672b5d00dca0d45f9b9980a3.dip0.t-ipconnect.de) |
14:30.11 | *** join/#asterisk forgotmynick (uid24625@gateway/web/irccloud.com/x-ndnunpjbodzwisan) |
14:32.42 | *** join/#asterisk EmleyMoor (42b789682f@firthpark.tinsleyviaduct.com) |
14:33.22 | *** join/#asterisk bford (uid283514@gateway/web/irccloud.com/x-btarjksxptvymvni) |
14:33.22 | *** mode/#asterisk [+o bford] by ChanServ |
14:41.58 | *** join/#asterisk retentiveboy (~retentive@c-24-125-16-104.hsd1.ga.comcast.net) |
15:07.40 | *** join/#asterisk lbazan (~LoKoMurdo@fedora/LoKoMurdoK) |
15:25.59 | Kobaz | Does pjsip's sip tls have support for writing a key log file |
15:33.03 | Samot | Not sure. |
15:33.29 | Kobaz | https://wiki.wireshark.org/TLS#Using_the_.28Pre.29-Master-Secret |
15:37.26 | Samot | https://www.asterisk.org/new-pjsip-logging-functionality/ |
15:37.51 | Samot | According to that the logger function can write a pcap and even when it's TLS it's decrypted. |
15:38.03 | Samot | Since Asterisk has to decrypt the data at that point. |
15:40.20 | Kobaz | well this is for clients |
15:40.37 | Kobaz | wireshark at the soft phone level, and then load the encrypted capture, and then decrypt for troubleshooting |
15:45.43 | Samot | Why would PJSIP be involved at the phone level? |
15:46.00 | Samot | If the wireshark is being take at that side, that's where the master secret should be added. |
15:46.14 | Kobaz | writing out the key log, so the data can get decrypted at the client for troubleshooting |
15:46.32 | Samot | Well to do it encrypted you have to do it before Asterisk. |
15:46.43 | Kobaz | as far as I know, i, depending on the cipher, it might not be possible to decrypt even with the master key |
15:47.02 | Samot | True but also this has to be done before Asterisk. |
15:47.19 | Samot | So at that point PJSIP is still irrelevant. |
15:49.53 | Kobaz | it's passing the data to openssl for encryption, so... there would need to be the variables/flags passed to openssl to say 'write this key log' |
15:59.02 | Kobaz | Well, figured out the problem... didn't even have to decrypt the tls... their firewall is blocking outbound udp entirely |
16:12.05 | *** join/#asterisk sawgood (~sawgood@unaffiliated/sawgood) |
16:29.25 | *** join/#asterisk hfb (~hfb@193.36.225.16) |
17:05.21 | *** join/#asterisk jzvi12[m] (jzvi12matr@gateway/shell/matrix.org/x-eeraszeencghwsoe) |
17:14.37 | *** join/#asterisk Maliuta (maliutamat@gateway/shell/matrix.org/x-ezcgitssewwveapx) |
17:42.13 | *** join/#asterisk pchero (~pchero@211.178.226.108) |
18:01.15 | *** join/#asterisk akp55 (~akp55@c-73-148-15-158.hsd1.va.comcast.net) |
18:22.43 | *** join/#asterisk drathir_tor (~drathir@gateway/tor-sasl/drathir) |
18:25.38 | *** join/#asterisk sawgood (~sawgood@unaffiliated/sawgood) |
18:32.02 | *** join/#asterisk ilius (~ilius@c-98-33-209-27.hsd1.ut.comcast.net) |
18:34.47 | *** join/#asterisk forgotmynick (uid24625@gateway/web/irccloud.com/x-nwuluoofgbbhxmsl) |
18:45.47 | *** join/#asterisk clarjon1 (~clarjon1@unaffiliated/clarjon1) |
18:50.06 | *** join/#asterisk eXistenZ (~pectic@bzq-79-176-205-152.red.bezeqint.net) |
18:50.06 | ilius | https://www.asterisk.org/pjsip-transport-reload-fun/ <= When was that? Those blog posts don't include dates. |
18:54.43 | *** join/#asterisk infobot (ibot@96-86-209-99-static.hfc.comcastbusiness.net) |
18:54.43 | *** topic/#asterisk is #asterisk The Open Source PBX and Telephony Platform (asterisk.org) -=- LTS: 18.2.2, 16.16.2 (2021/03/04) Final Bugfix: 13.38.2, 17.9.3 (2021/03/04); DAHDI: 3.0.0 (2018/11/15); libpri 1.6.0 (2017/01/27) -=- Wiki: wiki.asterisk.org -=- Code of Conduct: bit.ly/1hH6P22 |
19:02.55 | *** join/#asterisk hfb (~hfb@193.36.225.16) |
19:13.24 | seanbright | ilius: hi |
19:13.37 | *** join/#asterisk eXistenZ (~pectic@bzq-79-176-205-152.red.bezeqint.net) |
19:13.42 | seanbright | wanted to make sure you saw https://gerrit.asterisk.org/c/asterisk/+/15689 |
19:13.48 | seanbright | courtesy of kharwell |
19:15.21 | file | ilius: there has been no change to reloading of TLS certificate as of this time |
19:20.06 | *** join/#asterisk lbazan (~LoKoMurdo@fedora/LoKoMurdoK) |
19:22.46 | *** join/#asterisk rpifan (~rpifan@p200300d2672b5d0092ffb42f9df677d7.dip0.t-ipconnect.de) |
19:30.59 | *** join/#asterisk sinaowolabi (~Sina@102.134.114.1) |
19:48.51 | *** join/#asterisk electronic_eel (~quassel@electroniceel.org) |
19:57.04 | ilius | seanbright, thank you so much! it will be nice to use that statistic! |
19:58.15 | *** join/#asterisk sinaowolabi (~Sina@41.190.30.26) |
19:58.53 | ilius | file, thank you for the update. so are most people who change certs often rebooting asterisk entirely? or are they doing the "allow_reload" thing? |
20:01.16 | *** join/#asterisk sinaowolabi (~Sina@41.190.30.26) |
20:07.08 | seanbright | ilius: kharwell did the work, i just remember you asking about it a few days/weeks ago |
20:07.55 | tripleslash | ilius: <meta property="article:published_time" content="2021-01-20T18:00:21+00:00" /> |
20:07.57 | ilius | seanbright, i am amazed that you remembered both the issue and that it was me! |
20:08.27 | seanbright | irc logs help |
20:08.48 | ilius | tripleslash, aaah, 1/20. I didn't think to look in the source, though it'd be nice if it were displayed on the page. |
20:10.09 | tripleslash | ilius, I agree. |
20:10.19 | file | ilius: I have no information or insight on the cert reloading thing |
20:13.14 | Kobaz | ilius: be wary of the allow_reload... i was warned... and i did eventually found out why allow_reload is bad. it will bite you in mysterous and unexpected ways |
20:13.24 | ilius | file, thanks |
20:13.41 | ilius | Kobaz, yeah, that's what I'm afraid of |
20:13.43 | seanbright | what does allow_reload actually do? tear down and recreate the transport? |
20:13.49 | file | seanbright: yes. |
20:13.54 | file | seanbright: except transport destruction is asynchronous. |
20:14.12 | ilius | I wonder if anyone else here is doing letsencrypt certs and how they deal with reloading |
20:14.13 | Kobaz | and you might have things that want to use that transport.. while it's going away |
20:14.28 | seanbright | the pjsip api doesn't appear to provide a way to reload certs |
20:14.43 | file | seanbright: it does now! kinda - you can restart transports |
20:15.01 | Kobaz | what version of pj supports that? |
20:15.29 | file | I don't know when it was added, it is not yet used in res_pjsip |
20:15.42 | Kobaz | ah okay, so it's there already, cool |
20:15.58 | file | https://pjsip.org/pjsip/docs/html/group__PJSIP__TRANSPORT__TLS.htm#ga2a58099d6d5a3f31b1f297dda83b30c3 |
20:16.01 | Kobaz | It sounded like that was something new |
20:16.15 | seanbright | file: right, i remember in a non-restart-transports way |
20:16.19 | seanbright | rememer? meant* |
20:16.41 | file | seanbright: ah - correct |
20:16.51 | Kobaz | yeah like a reload instead of, destroy rebuild and hope for the best |
20:17.16 | Kobaz | well there's still possability of failure since it would still close the current one |
20:19.09 | ilius | file, adding pjsip_tls_transport_restart() into res_pjsip the thing you were talking about in your blog post? |
20:19.24 | file | it's a potential future change, yes |
20:19.32 | ilius | if it gets added, i hope it'll be backported to 16. :D |
20:19.48 | file | I've done bits and pieces which are pre-reqs for supporting it |
20:20.15 | ilius | yay! |
20:20.45 | Kobaz | file: do you know if the new approach will say. batch up pending sip messages until the stack is restarted? or do you lose that in transition? |
20:21.14 | *** join/#asterisk BakaKuna (~Thunderbi@2a02-a446-ae46-1-921b-9124-d7fa-5afe.fixed6.kpn.net) |
20:21.39 | file | what pending sip messages are you referring to? the restart is for TCP and TLS, established connections would remain up afaik |
20:21.58 | file | you don't restart a UDP transport |
20:22.25 | Kobaz | TLS |
20:22.46 | file | it restarts the listener transport. |
20:23.29 | Kobaz | like the documentation says it will close the socket |
20:23.46 | file | it closes the listener socket, in TCP and TLS Each accepted connection is a separate socket |
20:23.58 | file | I would expect those to remain up and untouched |
20:24.04 | Kobaz | oh right, the listener |
20:24.16 | Kobaz | yeah makes sense |
20:45.59 | joako | Has anyone ever seen an issue where you specify serveremail in voicemail.conf but the email refuses to come from anything other than username@fqdn? for e.g. asterisk@localhost.localdomain |
20:46.28 | Samot | Heh |
20:46.54 | *** join/#asterisk overyander (~overyande@216.163.21.11) |
20:47.05 | igcewieling | joako: that is your OS/mail system |
20:49.01 | Samot | Been told |
20:49.06 | Samot | Its a postfix issue |
21:00.52 | *** join/#asterisk TandyUK (~admin@TandyUK/staff/James) |
21:17.29 | joako | igcewieling, I am not convinced of that. /usr/sbin/sendmail -t is the default mailcmd. I can replace it with /usr/sbin/sendmail -t -f something@some-domain.com and the message is sent properly. I also see in the app_voicemail.conf there is a line that defaults serveremail to ASTERISK_USERNAME which is consistent with what I am seeing. |
21:18.28 | igcewieling | yes, you use -f to set the from name. |
21:19.40 | joako | per man page -f (lowercase) is sender -F is name |
21:22.05 | igcewieling | this is what I use: https://paste.nyigc.net/view/7969e7f2 |
21:22.52 | joako | Thats what I had to do. What I dont understand is why serveremail=noreply@nyigc.net does not accomplish the same result |
21:27.46 | igcewieling | *shrug* I don't care. It works. |
21:29.32 | joako | Exactly, it just took me a while to figure out the hack |
22:14.17 | *** join/#asterisk electronic_eel (~quassel@electroniceel.org) |