[asterisk-bugs] [JIRA] (ASTERISK-28094) pjsip. Disable anonymous for local sip domains and force to inbound registration

Dmitriy Serov (JIRA) noreply at issues.asterisk.org
Fri Oct 5 16:35:54 CDT 2018


Dmitriy Serov created ASTERISK-28094:
----------------------------------------

             Summary: pjsip. Disable anonymous for local sip domains and force to inbound registration
                 Key: ASTERISK-28094
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28094
             Project: Asterisk
          Issue Type: Improvement
      Security Level: None
          Components: Resources/res_pjsip_endpoint_identifier_anonymous
    Affects Versions: 15.6.1
            Reporter: Dmitriy Serov
            Severity: Minor


A typical server has local users. And often the server allows incoming calls from other SIP servers that can not be authorized.
Therefore, anonymous must be allowed on the server.

But if someone makes a call using my domain (from), why should the server allow such a call without authentication?

https://blogs.asterisk.org/2018/02/07/identifying-endpoint-pjsip/
The way anonymous@<domain> does not solve this problem.

The solution would be to be able to create some anonymous at other or anonymous at external that would be used for "others" or "non-local".

Another solution would be to add the anonymous_disable=yes option to the DOMAIN_ALIAS section

But it's not easy for my level of programming. I just added just one line to the code (patch attached), which forces authentication of anyone who dares to specify my local domains in the from field



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list