[asterisk-bugs] [JIRA] (ASTERISK-27106) [patch] autodomain (SIP Domain Support): Add only really different domain with TLS.
Joshua Colp (JIRA)
noreply at issues.asterisk.org
Thu Jul 6 09:33:58 CDT 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-27106?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua Colp closed ASTERISK-27106.
----------------------------------
Resolution: Fixed
> [patch] autodomain (SIP Domain Support): Add only really different domain with TLS.
> -----------------------------------------------------------------------------------
>
> Key: ASTERISK-27106
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-27106
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/General
> Affects Versions: 13.16.0, 14.5.0
> Reporter: Alexander Traud
> Severity: Minor
>
> ASTERISK-4352 (Mantis 4466, [Commit 9bbf4c3|https://github.com/asterisk/asterisk/commit/9bbf4c3854e1ffbedd9368f10c63b657130b7dde]) allows to filter the incoming SIP messages in the channel driver chan_sip. This filter is enabled via the configuration file {{sip.conf}} and its parameter {{allowexternaldomains=no}}. The list itself is configured statically via the parameter {{domain=}} and/or automatically via {{autodomain=yes}}. Even without enabling this list, SIP-REGISTER messages go through this list, when at least one domain is specified, see the command-line interface (CLI): {{sip show domains}}. Furthermore, the dialplan function {{CHECKSIPDOMAIN}} works on this list, which allows as a guard in SIP-URI dialing, for example.
> With the addition of TCP, TLS, and IPv6, the original code was changed, which introduced minor errors:
> *Steps to Reproduce*
> udpbindaddr=::
> tcpbindaddr=:: (same happens without tcpbindaddr, because it defaults to bindaddr then)
> tcpenable=yes
> autodomain=yes
> externhost=example.com (not related actually, just to create a complete example)
> *Actual Results*
> <IPv4 of internip>
> ::
> <IPv4 of example.com>
> example.com
> hostname
> *Notes*
> The wildcard IP was added, which was not intended by the authors of that source code. However, subsequent code does not match any domain, therefore, this is rather cosmetic. Anyway, a bug is a bug and should be fixed.
> This was caused by:
> * [Commit 638234f|https://github.com/asterisk/asterisk/commit/638234f146c732569cab86675e1910c89218c90c] added TCP/TLS and intended to check whether the domain for UDP was different. That check was the wrong way around and therefore the TCP (or the TLS) domain was added in any case.
> * ASTERISK-16300 (Mantis 17565, [Commit cd4ebd3|https://github.com/asterisk/asterisk/commit/cd4ebd336f6fdd1fe5d2ad57f06654a9678d88d4]) added IPv6 in general but did not add IPv6 for autodomain. Instead, it introduced a copy-and-paste error with the TLS hostname.
> In ASTERISK-16543 from August 2010, [~oej] mentioned to add IPv6, which was not done, yet. In ASTERISK-17886 from May 2011, [~aeg] mentions to add ports, which was not done, yet. Furthermore, if {{externhost}} was set in {{sip.conf}}, it is added as domain – however its {{externaddr}} is not refreshed.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list