[asterisk-bugs] [Asterisk 0019194]: sip.conf.sample incorrectly describes types (peer/user/friend)
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri Jun 3 08:43:51 CDT 2011
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=19194
======================================================================
Reported By: obeliks
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 19194
Category: Documentation
Reproducibility: always
Severity: text
Priority: normal
Status: feedback
Asterisk Version: SVN
JIRA:
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2011-04-27 14:03 CDT
Last Modified: 2011-06-03 08:43 CDT
======================================================================
Summary: sip.conf.sample incorrectly describes types
(peer/user/friend)
Description:
Could we update sip.conf.sample with proper description of what exactly the
difference between user and peer is? The current version also incorrectly
suggests using type=friend for "local SIP phones". This results in
confusion among users and software developers. E.g FreePBX uses type=friend
for extensions for "historical reasons". To make things worse using
friend/user allows extension enumeration w/INVITE packets. It would we nice
if we could hear an updated story from the horse's mouth which would clear
any perplexion that have been building over the years.
======================================================================
----------------------------------------------------------------------
(0135681) davidw (reporter) - 2011-06-03 08:43
https://issues.asterisk.org/view.php?id=19194#c135681
----------------------------------------------------------------------
I think the problem is that distinction is not at all clear to the majority
of users, with the result that an urban folklore has grown up which says
that everything must be specified as type=friend, which often works,
because over-specifying capabilities does often work. (There is a similar
urban folklore which says always use insecure=port,invite - both tend to
result in less secure systems than need be.) For most people these
categories are matic incantations.
Unnecessarily using type=friend, sometimes causes confusing failures, when
a user match actually happens in a context that needed an IP match, and
introduces a vulnerability to searching for valid user names.
I think obeliks is asking for someone who fully understands all the
nuances to write the description.
Issue History
Date Modified Username Field Change
======================================================================
2011-06-03 08:43 davidw Note Added: 0135681
======================================================================
More information about the asterisk-bugs
mailing list