[asterisk-bugs] [JIRA] (ASTERISK-28094) pjsip. Disable anonymous for local sip domains and force to inbound registration

Joshua C. Colp (JIRA) noreply at issues.asterisk.org
Tue Oct 9 05:27:54 CDT 2018 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-28094?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua C. Colp closed ASTERISK-28094.
-------------------------------------

    Resolution: Suspended

This would be a feature request and unfortunately as you've mentioned the patch provided is not acceptable as it breaks previous behavior and is not configurable. If someone else would like to pick up this issue we can reopen it and that new change can be put up for review.

> pjsip. Disable anonymous for local sip domains and force to inbound registration
> --------------------------------------------------------------------------------
>
>                 Key: ASTERISK-28094
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28094
>             Project: Asterisk
>          Issue Type: Improvement
>      Security Level: None
>          Components: Resources/res_pjsip_endpoint_identifier_anonymous
>    Affects Versions: 15.6.1
>            Reporter: Dmitriy Serov
>            Severity: Minor
>              Labels: patch, pjsip
>         Attachments: res_pjsip_endpoint_identifier_anonymous.patch
>
>
> A typical server has local users. And often the server allows incoming calls from other SIP servers that can not be authorized.
> Therefore, anonymous must be allowed on the server.
> But if someone makes a call using my domain (from), why should the server allow such a call without authentication?
> https://blogs.asterisk.org/2018/02/07/identifying-endpoint-pjsip/
> The way anonymous@<domain> does not solve this problem.
> The solution would be to be able to create some anonymous at other or anonymous at external that would be used for "others" or "non-local".
> Another solution would be to add the anonymous_disable=yes option to the DOMAIN_ALIAS section
> But it's not easy for my level of programming. I just added just one line to the code (patch attached), which forces authentication of anyone who dares to specify my local domains in the from field



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list