[asterisk-bugs] [JIRA] (ASTERISK-25835) Authentication using 'Username' field from Digest

Asterisk Team (JIRA) noreply at issues.asterisk.org
Mon Mar 7 13:46:56 CST 2016


    [ https://issues.asterisk.org/jira/browse/ASTERISK-25835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=229845#comment-229845 ] 

Asterisk Team commented on ASTERISK-25835:
------------------------------------------

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

> Authentication using 'Username' field from Digest
> -------------------------------------------------
>
>                 Key: ASTERISK-25835
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25835
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Channels/chan_pjsip
>    Affects Versions: 13.7.2
>         Environment: Centos 7
>            Reporter: Ross Beer
>
> At present 'res_pjsip_endpoint_identifier_user' only uses the 'From' header to match username, however commonly the from field contains the Caller ID instead of a username.
> The response to an unauthorised challenge contains a username field and, therefore, should be used to match and endpoint.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list