[asterisk-bugs] [Asterisk 0011618]: AST-2007-027 caused a bug with outbound dialing using the SIPPEERS table

noreply at bugs.digium.com noreply at bugs.digium.com
Sun Dec 23 10:02:50 CST 2007 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=11618 
====================================================================== 
Reported By:                plack
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   11618
Category:                   Channels/chan_sip/DatabaseSupport
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     feedback
Asterisk Version:           SVN 
SVN Branch (only for SVN checkouts, not tarball releases):  1.4  
SVN Revision (number only!): 94593 
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             12-21-2007 17:15 CST
Last Modified:              12-23-2007 10:02 CST
====================================================================== 
Summary:                    AST-2007-027 caused a bug with outbound dialing
using the SIPPEERS table
Description: 
System cannot find the correct peer when the host IP address has been set
and using the name for app_dial.

The system is checking only for sippeers with the host value of dynamic.
====================================================================== 

---------------------------------------------------------------------- 
 Corydon76 - 12-23-07 10:02  
---------------------------------------------------------------------- 
plack:  besides, that fix does not work the way that you intend.  What it's
doing is forming the query "AND host != 'null'", which will match ALL
entries, unless you have a host on your local network called
'null.localdomain'.  Essentially, your patch has just undone the security
fix.

If you wanted to take this tack through realtime, then you would have had
to do:

var = ast_load_realtime("sippeers", "name", newpeername, "host IS NOT NULL
AND '1' =", "1", NULL); 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
12-23-07 10:02  Corydon76      Note Added: 0075870                          
======================================================================

More information about the asterisk-bugs mailing list