[asterisk-bugs] [JIRA] (ASTERISK-21666) auth_username_match option in sip.conf

Walter Doekes (JIRA) noreply at issues.asterisk.org
Tue Apr 23 03:55:38 CDT 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-21666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=205674#comment-205674 ] 

Walter Doekes commented on ASTERISK-21666:
------------------------------------------

(1) Can you elaborate on the "not that nice name on display" problem?

(2) Technically it'd be wrong to use the auth username to match the peer. After all, in theory should be possible to use auth token X to register peer location Y and Z. With that flag enabled, you'd silently ignore a request to register Y and be registering X instead.

If it does solve a real world problem (see (1)), it might be useful. But I wouldn't want it enabled whenever auth_username_match is enabled.

----

I'm assuming you're waiting for your license to get approved so you can post your patch. RFEs without a patch get closed.
                
> auth_username_match option in sip.conf
> --------------------------------------
>
>                 Key: ASTERISK-21666
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-21666
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/Registration
>    Affects Versions: 11.3.0
>         Environment: centos 6, 64 bit
>            Reporter: Wolfgang Pichler
>            Severity: Minor
>
> i have taken a look at the auth_username_match option in sip.conf - and in the chan_sip.c implementation.
> chan_sip does implement the username check in the Authorization header for subscribes and invites and so on - but not for REGISTER.
> Why is that so ? That does not make sense for me.
> I have patched the register function in chan_sip - so it now does also accept the username in the authorization header. Does work as expected - and does solve some little "not that nice name on display" problems...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list