Remove all dynamic config objects

Asterisk Asterisk SIP
1

Hi,
I have application where some configuration options (specific pjsip) are static, stored in config files others are added dynamically with ari (/asterisk/config/dynamic/{configClass}/{objectType}/{id}) interface. Sorcery is configured like this (shown only for endpoint):

[res_pjsip]
endpoint=config,pjsip.conf,criteria=type=endpoint
endpoint=memory

So is there a way to easy remove all dynamically added objects. I can found two ways:

  1. Restart asterisk. This will remove all object with sorcery wizard ‘memory’. Of course I would like to avoid asterisk restarting.
  2. I can list all endpoints. Use some name convention to distinguish static from dynamic and remove dynamic endpoints and corresponding objects (auth, aor, identify).

Is there any batter way, preferably with ari or at least with cli. From application point of view the easiest way is to dump all dynamic objects and then rebuild them.

Best regards

2

There is no way currently to do that.

3

Hi,
thx for quick answer.

Maybe good solution will be to allow this rest api:

DELETE /asterisk/config/dynamic/{configClass}/{objectType}

Note missing /{id} so that you can delete all dynamic endpoints aors,… etc at once.

thanks and nice day

4

The underlying sorcery API doesn’t allow you to delete whole groups of objects like this. It only allows you to delete individual ones.

5

Hi thanks for replay.

Because ari/endpoints returns very little info about endpoint I have to add some kind of prefix to endpoint name that can be later identified and deleted. So that I don’t delete endpoints created with other apps or from static config files. But here is a problem.

I have following pjsip configuration, which works ok.

[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

[2000]
type = aor
max_contacts = 10

[2000]
type = auth
username = 2000
password = 1

[2000]
type = endpoint
context = cty-agents
from_user=2000
aors = 2000
auth = 2000
outbound_auth = 2000
transport = transport-udp
identify_by = username
allow = !all,alaw

Now if I change [2000] to [cty-2000] I get registration error.

[Jun 20 16:00:24] NOTICE[16199]: res_pjsip/pjsip_distributor.c:649 log_failed_request: Request 'REGISTER' from '<sip:2000@localhost>' failed for '127.0.0.1:5070' (callid: 0VbQB~Oi83) - No matching endpoint found
[Jun 20 16:00:24] NOTICE[16199]: res_pjsip/pjsip_distributor.c:649 log_failed_request: Request 'REGISTER' from '<sip:2000@localhost>' failed for '127.0.0.1:5070' (callid: 0VbQB~Oi83) - Failed to authenticate

Doesn’t asterisk uses from_user or username from auth? How to change section name but still use 2000 as sip user!

thanks

6

You can configure it to use the username from auth by configuring auth_username as an endpoint identifier in pjsip.conf, otherwise it uses the name of the endpoint itself. The “from_user” option strictly configures the From username in traffic.

7

Hi, I have tried to use identify_by = auth_username but ist still doesnt works. Here is my pjsip.conf.

; *******************************************
; SIP Global configuration
; *******************************************

[global]
type=global
endpoint_identifier_order = auth_username,header

; *******************************************
; SIP Endpoints Configuration
; *******************************************

[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0

[transport-wss]
type=transport
protocol=wss
bind=0.0.0.0

[2000]
type = aor
max_contacts = 10

[2000]
type = auth
username = 2000
password = 1

[cty-2000]
type = endpoint
context = crossty-agents
aors = 2000
auth = 2000
outbound_auth = 2000
transport = transport-udp
identify_by = auth_username
allow = !all,alaw

Trace in asterisk cli:

<--- Received SIP request (519 bytes) from UDP:127.0.0.1:5070 --->
REGISTER sip:localhost SIP/2.0
Via: SIP/2.0/UDP 127.0.0.1:5070;branch=z9hG4bK.B~5wI3Su0;rport
From: <sip:2000@localhost>;tag=pFrfYFXAH
To: sip:2000@localhost
CSeq: 20 REGISTER
Call-ID: sV7nt7oZ~T
Max-Forwards: 70
Supported: replaces, outbound
Accept: application/sdp
Accept: text/plain
Accept: application/vnd.gsma.rcs-ft-http+xml
Contact: <sip:2000@127.0.0.1:5070;transport=udp>;+sip.instance="<urn:uuid:14a31e10-a824-41af-9f8f-e5ceeccf12a4>"
Expires: 3600
User-Agent: Linphone/3.9.1 (belle-sip/1.4.2)


<--- Transmitting SIP response (443 bytes) to UDP:127.0.0.1:5070 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 127.0.0.1:5070;rport=5070;received=127.0.0.1;branch=z9hG4bK.B~5wI3Su0
Call-ID: sV7nt7oZ~T
From: <sip:2000@localhost>;tag=pFrfYFXAH
To: <sip:2000@localhost>;tag=z9hG4bK.B~5wI3Su0
CSeq: 20 REGISTER
WWW-Authenticate: Digest  realm="asterisk",nonce="1529568320/1b89f07acb7fded064cf22dde7d41bba",opaque="0f0ba53029b616d9",algorithm=md5,qop="auth"
Server: Asterisk PBX 13.21.1
Content-Length:  0


<--- Received SIP request (789 bytes) from UDP:127.0.0.1:5070 --->
REGISTER sip:localhost SIP/2.0
Via: SIP/2.0/UDP 127.0.0.1:5070;branch=z9hG4bK.Yaasez5NV;rport
From: <sip:2000@localhost>;tag=pFrfYFXAH
To: sip:2000@localhost
CSeq: 21 REGISTER
Call-ID: sV7nt7oZ~T
Max-Forwards: 70
Supported: replaces, outbound
Accept: application/sdp
Accept: text/plain
Accept: application/vnd.gsma.rcs-ft-http+xml
Contact: <sip:2000@127.0.0.1:5070;transport=udp>;+sip.instance="<urn:uuid:14a31e10-a824-41af-9f8f-e5ceeccf12a4>"
Expires: 3600
User-Agent: Linphone/3.9.1 (belle-sip/1.4.2)
Authorization:  Digest realm="asterisk", nonce="1529568320/1b89f07acb7fded064cf22dde7d41bba", algorithm=md5, opaque="0f0ba53029b616d9", username="2000",  uri="sip:localhost", response="34d919311d5eca48a59eca7ce9524e63", cnonce="9g5lBKdr3n4i405d", nc=00000001, qop=auth


[Jun 21 10:05:20] NOTICE[18928]: res_pjsip/pjsip_distributor.c:649 log_failed_request: Request 'REGISTER' from '<sip:2000@localhost>' failed for '127.0.0.1:5070' (callid: sV7nt7oZ~T) - Failed to authenticate
<--- Transmitting SIP response (443 bytes) to UDP:127.0.0.1:5070 --->
SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 127.0.0.1:5070;rport=5070;received=127.0.0.1;branch=z9hG4bK.Yaasez5NV
Call-ID: sV7nt7oZ~T
From: <sip:2000@localhost>;tag=pFrfYFXAH
To: <sip:2000@localhost>;tag=z9hG4bK.Yaasez5NV
CSeq: 21 REGISTER
WWW-Authenticate: Digest  realm="asterisk",nonce="1529568320/1b89f07acb7fded064cf22dde7d41bba",opaque="6a1be9356759b905",algorithm=md5,qop="auth"
Server: Asterisk PBX 13.21.1
Content-Length:  0

Interesting is that if I change endpoint section name from [cty-2000] to [2000] it works ok even with identify_by = auth_username. It looks like that endpoint section name should match user name in any all situations.

thanks

8

Yes, sorry. I had it reversed in my head. The name of the endpoint has to match - this is because the lookup is done based on that.

9

Ok, great to know.

so there is no benefit switching to identify_by = auth_username, because you also get delayed endpoint identification. But it will be really good to remove section name dependency (OK it can be default value)
and add additional property where you can change section name.

Something like this:

[cty-2000]
type = endpoint
name= 2000

Sections should be used as placeholders and linking references, but you must be able to change them without breaking application.

thanks again

10

Doing so requires additional work, because you then have to optimize all the lookup paths for that case - or else you end up looking through every endpoint for a match. Right now it’s optimized based on the name of the endpoint - so you can directly retrieve it fast.

11

yes of course you need two indices (or dictionaries), but it will be more flexible. It will also support scenario where you have two application using same asterisk instance in sandbox manner. So each instance can create own endpoint configuration without polluting other.

thanks