[asterisk-bugs] [Asterisk 0014025]: sip register: reserved character check not RFC 3261 compliant

Asterisk Bug Tracker noreply at bugs.digium.com
Fri Dec 5 12:36:54 CST 2008


The following issue has been SUBMITTED. 
====================================================================== 
http://bugs.digium.com/view.php?id=14025 
====================================================================== 
Reported By:                ffs
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   14025
Category:                   Channels/chan_sip/Interoperability
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
Asterisk Version:           SVN 
SVN Branch (only for SVN checkouts, not tarball releases):  trunk 
SVN Revision (number only!): 161411 
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             2008-12-05 12:36 CST
Last Modified:              2008-12-05 12:36 CST
====================================================================== 
Summary:                    sip register: reserved character check not RFC 3261
compliant
Description: 
The checking of reserved characters within chan_sip.c is not RFC 3261
compliant.

According to the RFC there are different reserved characters for username
(* auth user), user (* username), password (* secret) and hostname (see
below).
chan_sip compares all above values against the SIP_RESERVED variable which
is defined as ";/?:@&=+$,# ".

This bug avoids registration to sip providers using allowed special
characters within the user part or the authentication user (eg.
bluesip.net, they use a '/' wihtin the auth user).

A backport to the 1.6.0 branch, which is affected also, would be great.
====================================================================== 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2008-12-05 12:36 ffs            New Issue                                    
2008-12-05 12:36 ffs            Asterisk Version          => SVN             
2008-12-05 12:36 ffs            SVN Branch (only for SVN checkouts, not tarball
releases) =>  trunk          
2008-12-05 12:36 ffs            SVN Revision (number only!) => 161411          
======================================================================




More information about the asterisk-bugs mailing list