[asterisk-bugs] [JIRA] (ASTERISK-18530) improper use of host LDAP attribute value as ToHost sip client value

Sean Bright (JIRA) noreply at issues.asterisk.org
Thu Dec 14 13:05:07 CST 2017


     [ https://issues.asterisk.org/jira/browse/ASTERISK-18530?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Sean Bright updated ASTERISK-18530:
-----------------------------------

    Assignee: Sean Bright  (was: Oleg Gawriloff)
      Status: Open  (was: Waiting for Feedback)

> improper use of host LDAP attribute value as ToHost sip client value
> --------------------------------------------------------------------
>
>                 Key: ASTERISK-18530
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-18530
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_config_ldap
>            Reporter: Oleg Gawriloff
>            Assignee: Sean Bright
>         Attachments: asterisk-debug.txt, ldap-server-output.txt
>
>
> On our LDAP setup user object in LDAP tree belongs to hostObject (used in our server authrorization) and AsteriskSIPUsers object classess.
> When asterisk gets user information from LDAP it fills value of last host attribute value to ToHost and after 'sip reload' and 'sip show peer gawriloff load' it requests this host instead of AstAccountIPAddress. There is no mention of host attribute in any asterisks docs. Any suggestions?
> res_ldap.conf:
> {noformat}
> [_general]
> host=ldap.telecom.by
> protocol=3
> port=389
> basedn=dc=telecom,dc=by
> user=cn=Asterisk,ou=people,dc=telecom,dc=by
> pass=<somepass>
> [sip]
> name = uid
> ;name = AstAccountName
> amaflags = AstAccountAMAFlags
> callgroup = AstAccountCallGroup
> callerid = AstAccountCallerID
> directmedia = AstAccountDirectMedia
> context = AstAccountContext
> dtmfmode = AstAccountDTMFMode
> fromuser = AstAccountFromUser
> fromdomain = AstAccountFromDomain
> fullcontact = gecos
> host = AstAccountHost
> insecure = AstAccountInsecure
> mailbox = AstAccountMailbox
> md5secret = AstAccountRealmedPassword
> nat = AstAccountNAT
> deny = AstAccountDeny
> permit = AstAccountPermit
> pickupgroup = AstAccountPickupGroup
> port = AstAccountPort
> qualify = AstAccountQualify
> restrictcid = AstAccountRestrictCID
> rtptimeout = AstAccountRTPTimeout
> rtpholdtimeout = AstAccountRTPHoldTimeout
> type = AstAccountType
> disallow = AstAccountDisallowedCodec
> allow = AstAccountAllowedCodec
> MusicOnHold = AstAccountMusicOnHold
> regseconds = AstAccountExpirationTimestamp
> regcontext = AstAccountRegistrationContext
> regexten = AstAccountRegistrationExten
> CanCallForward = AstAccountCanCallForward
> ipaddr = AstAccountIPAddress
> defaultuser = AstAccountDefaultUser
> regserver = AstAccountRegistrationServer
> lastms = AstAccountLastQualifyMilliseconds
> useragent = AstAccountUserAgent
> additionalFilter=(objectClass=AsteriskSIPUser)
> {noformat}
> extconfig:
> {noformat}
> [settings]
> sipusers => ldap,"dc=telecom,dc=by",sip
> sippeers => ldap,"dc=telecom,dc=by",sip
> {noformat}
> LDAP data:
> {noformat}
> dn:: Y249w+Di8Ojr7uIgzuvl4yxvdT3E5e/g8PLg7OXt8iD96vHv6/Pg8uD26Ogsb3U9zOjt8eosZGM
>  9dGVsZWNvbSxkYz1ieQ==
> givenName:: 0J7Qu9C10LM=
> sn:: 0JPQsNCy0YDQuNC70L7Qsg==
> initials:: 0J7Qu9C10LPQvtCy0LjRhw==
> displayName:: 0J7Qu9C10LMg0JPQsNCy0YDQuNC70L7Qsg==
> objectClass: organizationalPerson
> objectClass: inetOrgPerson
> objectClass: posixAccount
> objectClass: hostObject
> objectClass: shadowAccount
> objectClass: ldapPublicKey
> objectClass: AsteriskSIPUser
> cn:: 0JPQsNCy0YDQuNC70L7QsiDQntC70LXQsw==
> uid: gawriloff
> preferredLanguage: ru
> host: albatros2.telecom.by
> host: vulture4.telecom.by
> AstAccountContext: default
> AstAccountCanReinvite: no
> AstAccountCallerID: "Oleg Gawriloff" <528>
> AstAccountRealmedPassword: <somepassword>
> AstContext: default
> AstPriority: 1
> AstApplication: Dial
> AstApplicationData: SIP/gawriloff
> AstExtension: 528
> AstAccountDTMFMode: rfc2833
> AstAccountHost: dynamic
> AstAccountQualify: yes
> AstAccountNAT: no
> AstAccountType: friend
> AstAccountLanguage: ru
> AstAccountIPAddress: 172.17.0.39
> AstAccountPort: 46252
> AstAccountExpirationTimestamp: 1315903024
> AstAccountDefaultUser: gawriloff
> AstAccountUserAgent: eyeBeam release 1100l stamp 46320
> gecos: sip:gawriloff at 172.17.0.39:46252;rinstance=741634e136d663fb
> AstAccountRegistrationServer: voip-tmp
> AstAccountLastQualifyMilliseconds: 265
> {noformat}
> CLI output:
> {noformat}
> voip-tmp*CLI> sip show peer gawriloff
>   * Name       : gawriloff
>   Realtime peer: Yes, cached
>   Secret       : <Not set>
>   MD5Secret    : <Set>
>   Remote Secret: <Not set>
>   Context      : default
>   Subscr.Cont. : <Not set>
>   Language     :
>   AMA flags    : Unknown
>   Transfer mode: open
>   CallingPres  : Presentation Allowed, Not Screened
>   Callgroup    :
>   Pickupgroup  :
>   MOH Suggest  :
>   Mailbox      :
>   VM Extension : asterisk
>   LastMsgsSent : 32767/65535
>   Call limit   : 0
>   Max forwards : 0
>   Dynamic      : Yes
>   Callerid     : "Oleg Gawriloff" <528>
>   MaxCallBR    : 384 kbps
>   Expire       : 3455
>   Insecure     : no
>   Force rport  : No
>   ACL          : No
>   DirectMedACL : No
>   T.38 support : No
>   T.38 EC mode : Unknown
>   T.38 MaxDtgrm: -1
>   DirectMedia  : Yes
>   PromiscRedir : No
>   User=Phone   : No
>   Video Support: Yes
>   Text Support : No
>   Ign SDP ver  : No
>   Trust RPID   : No
>   Send RPID    : No
>   Subscriptions: Yes
>   Overlap dial : No
>   DTMFmode     : rfc2833
>   Timer T1     : 500
>   Timer B      : 32000
>   ToHost       : vulture4.telecom.by  <--- this is last host attribute from LDAP
>   Addr->IP     : 172.17.0.39:46252
>   Defaddr->IP  : (null)
>   Prim.Transp. : UDP
>   Allowed.Trsp : UDP
>   Reg. exten   :
>   Def. Username: gawriloff
>   SIP Options  : (none)
>   Codecs       : 0x4 (ulaw)
>   Codec Order  : (ulaw:20)
>   Auto-Framing :  No
>   100 on REG   : No
>   Status       : OK (10 ms)
>   Useragent    : eyeBeam release 1100l stamp 46320
>   Reg. Contact : sip:gawriloff at 172.17.0.39:46252;rinstance=741634e136d663fb
>   Qualify Freq : 60000 ms
>   Sess-Timers  : Accept
>   Sess-Refresh : uas
>   Sess-Expires : 1800 secs
>   Min-Sess     : 90 secs
>   RTP Engine   : asterisk
>   Parkinglot   :
>   Use Reason   : No
>   Encryption   : No
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list