[asterisk-commits] file: branch 1.6.2 r227733 - in /branches/1.6.2: ./ channels/chan_sip.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Wed Nov 4 13:25:13 CST 2009


Author: file
Date: Wed Nov  4 13:25:10 2009
New Revision: 227733

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=227733
Log:
Merged revisions 227712 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/trunk

................
  r227712 | file | 2009-11-04 15:20:46 -0400 (Wed, 04 Nov 2009) | 12 lines
  
  Merged revisions 227700 via svnmerge from 
  https://origsvn.digium.com/svn/asterisk/branches/1.4
  
  ........
    r227700 | file | 2009-11-04 15:17:39 -0400 (Wed, 04 Nov 2009) | 5 lines
    
    Fix a security issue where sending a REGISTER with a differing username in the From
    URI and Authorization header would reveal whether it was valid or not.
    
    (AST-2009-008)
  ........
................

Modified:
    branches/1.6.2/   (props changed)
    branches/1.6.2/channels/chan_sip.c

Propchange: branches/1.6.2/
------------------------------------------------------------------------------
Binary property 'trunk-merged' - no diff available.

Modified: branches/1.6.2/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.6.2/channels/chan_sip.c?view=diff&rev=227733&r1=227732&r2=227733
==============================================================================
--- branches/1.6.2/channels/chan_sip.c (original)
+++ branches/1.6.2/channels/chan_sip.c Wed Nov  4 13:25:10 2009
@@ -12937,11 +12937,6 @@
 			   Asterisk uses the From: username for authentication. We need the
 			   devices to use the same authentication user name until we support
 			   proper authentication by digest auth name */
-			transmit_response(p, "403 Authentication user name does not match account name", &p->initreq);
-			if (global_authfailureevents)
-				manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Rejected\r\nCause: AUTH_USERNAME_MISMATCH\r\nAddress: %s\r\nPort: %d\r\n", 
-					name, ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
-			break;
 		case AUTH_NOT_FOUND:
 		case AUTH_PEER_NOT_DYNAMIC:
 		case AUTH_ACL_FAILED:
@@ -12963,8 +12958,8 @@
 				else
 					transmit_response(p, "404 Not found", &p->initreq);
 					if (global_authfailureevents)
-						manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Rejected\r\nCause: URI_NOT_FOUND\r\nAddress: %s\r\nPort: %d\r\n", 
-							name, ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
+						manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Rejected\r\nCause: %s\r\nAddress: %s\r\nPort: %d\r\n", 
+							      name, (res == AUTH_USERNAME_MISMATCH) ? "AUTH_USERNAME_MISMATCH" : "URI_NOT_FOUND", ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
 			}
 			break;
 		case AUTH_BAD_TRANSPORT:




More information about the asterisk-commits mailing list