[asterisk-bugs] [JIRA] (ASTERISK-19379) IAX channel chooses the wrong password for authentication

Joshua Colp (JIRA) noreply at issues.asterisk.org
Tue Dec 19 06:13:09 CST 2017 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-19379?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua Colp updated ASTERISK-19379:
-----------------------------------

    Affects Version/s: 13.18.4

> IAX channel chooses the wrong password for authentication
> ---------------------------------------------------------
>
>                 Key: ASTERISK-19379
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-19379
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_iax2
>    Affects Versions: 1.8.8.2, 13.18.4
>         Environment: Operating system: Gentoo (64bit)
>            Reporter: Dirk Tilger
>         Attachments: System context.png
>
>
> I have two asterisks that are connected to each other through a non-trunked IAX2 channel (using a "switch" statement).
> {noformat}
> +------------+   IAX   +------------+
> | Asterisk 1 |---------| Asterisk 2 |
> +------------+         +------------+
>       |                      |
>       |  SIP               +-+----------+
>     +-+--------+           | SIP uplink |
>     |          |           +------------+
> +--------+ +--------+
> | User 1 | | User 2 |
> +--------+ +--------+
> {noformat}
> Asterisk1 is dynamic, Asterisk2 is not. Asterisk1 can register to Asterisk2 without problems. However, when Asterisk1 creates a call to Asterisk2 the following message is reported:
> NOTICE[1234]: chan_iax2.c:10920 socket_process: Host 192.0.2.1 failed to authenticate as Asterisk1
> The IAX link between the asterisks is configured in iax.conf. Users of Asterisk1 are configured in users.conf with hasiax=yes, but are using SIP. When User1 issues a call to Asterisk2, I see the (users.conf) password of User1 being used on the IAX channel between the asterisks (auth=plaintext).
> Note again, that the same effect does not happen with the registration. The code that performs the authentication is duplicate: the code in authenticate_verify is used for call authentication, the code in register_verify is used for registration authentication. The code in both is quite similar, the bug must come from the difference of the two.
> The bug does not happen with hasiax=no in the same setup.
> Best regards,



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list