[asterisk-bugs] [JIRA] (ASTERISK-22471) Set default auth realm to challenge realm if auth object realm is empty

Mark Michelson (JIRA) noreply at issues.asterisk.org
Thu Sep 5 15:57:03 CDT 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-22471?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=209971#comment-209971 ] 

Mark Michelson commented on ASTERISK-22471:
-------------------------------------------

Looks like a good patch. Only thing to nitpick is that the get_auth_header() function can be simplified slightly. Instead of the while loop, you can call {{pjsip_msg_find_hdr(challenge->msg_info.msg, search_type, NULL)}} to find the auth header.

The only hurdle before getting this committed is ensuring that there are tests in the testsuite that cover this functionality. The testsuite has some outbound call tests, but none of them exercises authentication at the moment. I'd be willing to add some test cases that exercise authentication. That way, we'd have the new code and tests to cover it.
                
> Set default auth realm to challenge realm if auth object realm is empty
> -----------------------------------------------------------------------
>
>                 Key: ASTERISK-22471
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22471
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Resources/res_pjsip_outbound_authenticator_digest
>    Affects Versions: 12.0.0-alpha1
>         Environment: Fedora 19 x86_64
>            Reporter: George Joseph
>         Attachments: outbound_auth_realm_v3.patch
>
>
> On an outgoing authentication response, set the realm to that of the incoming challenge if one wasn't explicitly set in the endpoint's auth object.
> Outbound authentications sent for register and invite will otherwise fail if you don't know the exact realm used by the remote ahead of time.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list