[asterisk-bugs] [JIRA] (ASTERISK-17599) [patch] IAX can select the wrong channel name
Joshua Colp (JIRA)
noreply at issues.asterisk.org
Tue Dec 19 06:59:07 CST 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-17599?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua Colp updated ASTERISK-17599:
-----------------------------------
Affects Version/s: 13.18.4
> [patch] IAX can select the wrong channel name
> ---------------------------------------------
>
> Key: ASTERISK-17599
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-17599
> Project: Asterisk
> Issue Type: Bug
> Components: Channels/chan_iax2
> Affects Versions: 1.6.2.17, 13.18.4
> Reporter: Steve Davies
> Severity: Minor
> Attachments: iax_username.1.6.2.17-rc1.patch
>
>
> If more than one IAX user connects from the same IP address, then the wrong IAX2/"name" channel name can be allocated.
> The code path to determine which IAX user is used for authentication is different from the code path that determines which name is put into the channel-name field.
> The following IAX config (slightly edited) causes an issue for me in version 1.6.2.
> {code}
> [user1]
> type=friend
> auth=md5
> accountcode=user1
> notransfer=yes
> context=context1
> host=10.0.0.250
> username=user1
> secret=secret1
> disallow=all
> allow=alaw
> [user2]
> type=friend
> auth=md5
> accountcode=user2
> notransfer=yes
> context=context2
> host=dynamic
> deny=0.0.0.0/0.0.0.0
> permit=10.0.0.0/24
> username=user2
> secret=
> disallow=all
> allow=alaw
> {code}
> If a call comes in from 10.0.0.250, using username "user2" and with no password, then it is correctly authenticated against the {{\[user2\]}} section.
> Accountcode is set to user2
> Context is set to context2
> and the call mostly proceeds correctly, BUT the source channel name is set to IAX2/user1-nnnn, which is then seen both in the dialplan debug output, and in the CDR.
> This is because the channel name is found by using the first matching IP address in the configuration, rather than using the section that was used for authentication.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list