[asterisk-bugs] [Asterisk 0012157]: Global Register vs Global Authentication error
noreply at bugs.digium.com
noreply at bugs.digium.com
Wed Apr 2 07:31:32 CDT 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=12157
======================================================================
Reported By: csabka
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 12157
Category: Channels/chan_sip/Registration
Reproducibility: always
Severity: major
Priority: normal
Status: new
Asterisk Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): 1.4
SVN Revision (number only!): 106328
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 03-06-2008 05:28 CST
Last Modified: 04-02-2008 07:31 CDT
======================================================================
Summary: Global Register vs Global Authentication error
Description:
I have a problem with global authentication based on username.
(I've tried also with match_auth_username=yes option, but nothing
changed)
The problem is the following:
I have two SIP account with different password at the same ITSP. If I
register it:
register=<user1>:<secret1>@sip.itsp.dom/<user1>
register=<user2>:<secret2>@sip.itsp.dom/<user2>
It works fine:
sip show registry
Host Username Refresh State
sip.itsp.dom:5060 <user1> 105 Registered
sip.itsp.dom:5060 <user2> 105 Registered
After I delete the secret from the register line, like this:
register=<user1>@sip.itsp.dom/<user1>
register=<user2>@sip.itsp.dom/<user2>
and add global authentication:
[authentication]
auth = <user1>:<secret1>@<realm>
auth = <user2>:<secret2>@<realm>
then:
Host Username Refresh State
sip.itsp.dom:5060 <user1> 105 Registered
sip.itsp.dom:5060 <user2> 120 Auth. Sent
After I change the order of global authentication
[authentication]
auth = <user2>:<secret2>@<realm>
auth = <user1>:<secret1>@<realm>
then:
Host Username Refresh State
sip.itsp.dom:5060 <user1> 120 Auth. Sent
sip.itsp.dom:5060 <user2> 105 Registered
I have also tried if I didn't delete the secret from register, but the
same result as above. Note that the realm is totally different from
sip.itsp.dom.
I found an interesting "solution". If I change my ITSP's password to the
same for all my accounts (user2's secret to the same as user1) then it
works.
Summary: This can only work if user[n] to user[n+1] has the same password:
secret[n]=secret[n+1]
Regards:
Csaba Lack
======================================================================
----------------------------------------------------------------------
csabka - 04-02-08 07:31
----------------------------------------------------------------------
So you mean that it won't be changed, because this is not a bug just a
design?
If it is true, why is there an option to set username?
syntax:
auth = <user>:<secret>@<realm>
so if you are right with the design in your case it should be the syntax:
auth = secret at realm (without user field)
I think if the user field exists then it should be called as a bug, a
wontfix known bug.
Regards:
Csaba Lack
Issue History
Date Modified Username Field Change
======================================================================
04-02-08 07:31 csabka Note Added: 0084914
======================================================================
More information about the asterisk-bugs
mailing list