[asterisk-bugs] [Asterisk 0005424]: [patch] SIP peer authentication on an external database (RADIUS - LDAP)

noreply at bugs.digium.com noreply at bugs.digium.com
Tue Nov 6 19:00:12 CST 2007 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=5424 
====================================================================== 
Reported By:                phsultan
Assigned To:                oej
====================================================================== 
Project:                    Asterisk
Issue ID:                   5424
Category:                   Channels/chan_sip
Reproducibility:            N/A
Severity:                   feature
Priority:                   normal
Status:                     feedback
Asterisk Version:           SVN 
SVN Branch (only for SVN checkouts, not tarball releases): trunk 
SVN Revision (number only!): 54702 
Disclaimer on File?:        Yes 
Request Review:              
====================================================================== 
Date Submitted:             10-11-2005 08:44 CDT
Last Modified:              11-06-2007 19:00 CST
====================================================================== 
Summary:                    [patch] SIP peer authentication on an external
database (RADIUS - LDAP)
Description: 
We have been working on integrating an existing authentication database to
our Asterisk server, for a remote access telephony solution.

We focused on RADIUS and patched Asterisk to have it working. We are
planning to have a backend LDAP server accessed through RADIUS for
authentication in a near future.

The sip.conf file does not contain any secret (clear or hashed), and we
added an attribute 'auth_type' that specifies the type of authentication,
set to PAM in the following example :

	[username]
	type=friend
	context=from-sip-remote-clients
	fromdomain=inria.fr
	auth_type=pam
	host=dynamic



We patched the chan_sip.c file, $Revision: 1.872$. We actually brought the
RADIUS client functionnality for authentication (triggered on registration)
using a PAM module : pam_radius. This is because we expect that other PAM
authentication modules than pam_radius could be used for the same purpose.

The pam_radius module needed also some slight modifications in order to
handle the digest authentication mechanism :
http://bugs.freeradius.org/show_bug.cgi?id=259

We would like to have some feedback about this, thank you in advance.

Best regards, happy Astricon to those concerned!

Philippe Sultan
INRIA

PS : Disclaimer sent on 2005-09-30
====================================================================== 

---------------------------------------------------------------------- 
 Corydon76 - 11-06-07 19:00  
---------------------------------------------------------------------- 
What is the status of this issue?  I'm noticing that the res_auth branch is
about 6 months out of date, and the most recent patch attached to this bug
is against 1.4, not against trunk.  Are there additional issues that still
need attention? 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
11-06-07 19:00  Corydon76      Note Added: 0073268                          
======================================================================

More information about the asterisk-bugs mailing list