exec Module

Jiri Kuthan

FhG FOKUS

Daniel-Constantin Mierla

Edited by

Jan Janak


Table of Contents

1. Admin Guide
1. Overview
2. Dependencies
2.1. Kamailio Modules
2.2. External Libraries or Applications
3. Parameters
3.1. setvars (integer)
3.2. time_to_kill (integer)
4. Functions
4.1. exec_dset(command)
4.2. exec_msg(command)
4.3. exec_avp(command [, avplist])
4.4. exec_cmd(command)
5. Known Issues

List of Examples

1.1. Set setvars parameter
1.2. Set time_to_kill parameter
1.3. exec_dset usage
1.4. exec_msg usage
1.5. exec_avp usage
1.6. exec_cmd usage

Chapter 1. Admin Guide

1. Overview

The exec module allows external commands to be executed from a Kamailio script. The commands may be any valid shell commands--the command string is passed to the shell using popen command. Kamailio passes additional information about the request in environment variables:

  • SIP_HF_<hf_name> contains value of each header field in request. If a header field occurred multiple times, values are concatenated and comma-separated. <hf_name> is in capital letters. Ff a header-field name occurred in compact form, <hf_name> is canonical.

  • SIP_TID is transaction identifier. All request retransmissions or CANCELs/ACKs associated with a previous INVITE result in the same value.

  • SIP_DID is dialog identifier, which is the same as to-tag. Initially, it is empty.

  • SIP_SRCIP is source IP address from which request came.

  • SIP_ORURI is the original request URI.

  • SIP_RURI is current request URI (if unchanged, equal to original).

  • SIP_USER is userpart of current request URI.

  • SIP_OUSER is userpart of original request URI.

NOTE: The environment variables must be specified with double $ (e.g., $$SIP_OUSER) in the parameters given to exec functions. Otherwise they will be evaluated as Kamailio pseudo-variables, throwing errors.

WARNING: if the exec functions are passed variables that might include malicious input, then remote attackers may abuse the exec functions to execute arbitrary code. Specifically, this may result in OS command injection. In such cases, input validation is required to prevent the vulnerability. The following is an example of how input validation and exec module functions may be used together to prevent exploitation:

...
if !($rU =~ "^[0-9]{1,15}$") {
	xlog("Malformed R-URI username: '$rU'\n");
	exit;
}
exec_msg("echo TEST >> /tmp/$(rU).txt");
...

2. Dependencies

2.1. Kamailio Modules

The following modules must be loaded before this module:

  • No dependencies on other Kamailio modules.

2.2. External Libraries or Applications

The following libraries or applications must be installed before running Kamailio with this module loaded:

  • None.

3. Parameters

3.1. setvars (integer)

Turn off to disable setting environment variables for executed commands.

Default value is 1.

Example 1.1. Set setvars parameter

...
modparam("exec", "setvars", 1)
...

3.2.  time_to_kill (integer)

Specifies the longest time a program is allowed to execute. If the time is exceeded, the program is killed.

Default value is 0.

Example 1.2. Set time_to_kill parameter

...
modparam("exec", "time_to_kill", 20)
...

4. Functions

4.1.  exec_dset(command)

Executes an external command. Current URI is passed to the command as parameter. Output of the command is considered URI set (separated by lines).

Meaning of the parameters is as follows:

  • command - Command to be executed. It can include pseudo- variabes;

WARNING: if the var you are passing out has a bash special character in it, the var needs to be placed inside quotes, for example: exec_dset("print-contact.sh '$ct'");

This function can be used from REQUEST_ROUTE, FAILURE_ROUTE.

Example 1.3. exec_dset usage

...
exec_dset("echo TEST > /tmp/test.txt");
exec_dset("echo TEST > /tmp/$(rU).txt");
...

4.2.  exec_msg(command)

Executes an external command. The whole message is passed to it in input, no command-line parameters are added, output of the command is not processed.

The examples directory in the source tarball contains several examples that shows how to use this function.

Meaning of the parameters is as follows:

  • command - Command to be executed. It can include pseudo-variables.

WARNING: if the var you are passing out has a bash special character in it, the var needs to be placed inside quotes, for example: exec_msg("print-contact.sh '$ct'");

This function can be used from REQUEST_ROUTE, FAILURE_ROUTE.

Example 1.4. exec_msg usage

...
exec_msg("echo TEST > /tmp/test.txt");
exec_msg("echo TEST > /tmp/$(rU).txt");
...

4.3.  exec_avp(command [, avplist])

Executes an external command. Each line from output of the command is saved in an AVP from 'avplist'. If 'avplist' is missing, the AVPs are named 1, 2, 3, ...

Meaning of the parameters is as follows:

  • command - Command to be executed. It can include pseudo- variabes;

  • avplist - comma separated list with AVP names to store the result in;

WARNING: if the var you are passing out has a bash special character in it, the var needs to be placed inside quotes, for example: exec_avp("print-contact.sh '$ct'");

This function can be used from REQUEST_ROUTE, FAILURE_ROUTE.

Example 1.5. exec_avp usage

...
exec_avp("echo TEST");
exec_avp("echo TEST", "$avp(s:test)");
...

4.4.  exec_cmd(command)

Executes an external command. It is a lightweight version, which does not pass the SIP message as parameter, does not set the environment variables and it does not use the output of the command.

Meaning of the parameters is as follows:

  • command - Command to be executed. It can include pseudo-variables.

WARNING: if the var you are passing out has a bash special character in it, the var needs to be placed inside quotes, for example: exec_msg("print-contact.sh '$ct'");

This function can be used from ANY_ROUTE.

Example 1.6. exec_cmd usage

...
exec_cmd("echo TEST > /tmp/test.txt");
exec_cmd("echo TEST > /tmp/$(rU).txt");
...

5. Known Issues

There is currently no guarantee that scripts ever return and stop blocking the SIP server. (There is kill.c but it is not used along with the current mechanisms based on popen. Besides that kill.c is ugly).