[asterisk-bugs] [JIRA] (ASTERISK-21666) auth_username_match option in sip.conf

Wolfgang Pichler (JIRA) noreply at issues.asterisk.org
Tue Apr 23 07:11:38 CDT 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-21666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=205677#comment-205677 ] 

Wolfgang Pichler commented on ASTERISK-21666:
---------------------------------------------

about (1): I have seen it on a bigger setup for a customer, which does use snom phones. Our setup does generate random sip peers for every snom phone (for security reason we do not use a extension=username mapping). To be able to register the snom phones with asterisk - you have to specifiy the auth user in the from tag. But with this - you will get the these account name when redirecting a call to an other phone.

Beside of that - i think when there is an option auth_username_match - then it should get applied to all parts - not only some parts. In my opinion there are two options here - remove it complete - or add it also to the SIP REGISTER method.

about (2): This would require that asterisk does distinguish between the authentication object - and the peer object. So it would also be possible to register with the same authentication object different phones on different locations - this would really be fine...

I will attach the diff now - i do already have a license - but forgot to attach it - sorry
                
> auth_username_match option in sip.conf
> --------------------------------------
>
>                 Key: ASTERISK-21666
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-21666
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/Registration
>    Affects Versions: 11.3.0
>         Environment: centos 6, 64 bit
>            Reporter: Wolfgang Pichler
>            Severity: Minor
>
> i have taken a look at the auth_username_match option in sip.conf - and in the chan_sip.c implementation.
> chan_sip does implement the username check in the Authorization header for subscribes and invites and so on - but not for REGISTER.
> Why is that so ? That does not make sense for me.
> I have patched the register function in chan_sip - so it now does also accept the username in the authorization header. Does work as expected - and does solve some little "not that nice name on display" problems...

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list