[asterisk-dev] Username found for SIP incoming calls also in "type=peer" sections

Enzo Michelangeli enzomich at gmail.com
Thu Feb 2 20:54:06 MST 2006 

----- Original Message ----- 
From: "Olle E Johansson" <oej at edvina.net>
Sent: Friday, February 03, 2006 12:35 AM
Subject: Re: [asterisk-dev] Has the meaning of the "s" extension
changedrecently?
[...]
> >    Looking for jaxhk.hn.org in default (domain )
>
> Looks and smells like a bug, since the source actually have code for
> routing to "s" in this
> specific situation.
>
> Please open a bug report and we'll look at it.

OK, I'll do. And now another case of strange behaviour in Asterisk 1.2.4
(and perhaps earlier versions as well):

It appears that, for incoming SIP calls, Asterisk looks for usernames
not only in "type=user" and "type=friend" sections of sip.conf, but also
"type=peer", which, AFAIK, should only affect outgoing calls. In my
sip.conf I have sections like:

[myuser]
type=user               ; to receive incoming calls
insecure=port,invite    ; disable authentication for incoming calls
context=from-remotepeer
disallow=all
allow=alaw
allow=ulaw
allow=gsm
canreinvite=no
dtmfmode=inband
nat=yes

[remotepeer]
type=peer               ; to send out calls
username=myuser
fromuser=myuser
secret=mysecret
host=sip.remotepeer.com
disallow=all
allow=alaw
allow=ulaw
allow=gsm
qualify=yes
canreinvite=no
dtmfmode=inband
nat=yes

The remote peer sends INVITEs addressed to myuser at anotherdomain (yes, the
domain is wrong due to a quirk in the remote peer, but
allowexternalinvites is yes by default): however, Asterisk insists in
finding "myuser" inside [remotepeer] (which has "type=peer" and should be
ignored!) disregarding the section [myuser]; and, as [remotepeer] contains
no "insecure" line but has a "secret" one, Asterisk replies with a "407
Proxy Authentication Required":

Using INVITE request as basis request -
64adba3efe8c409e9a7707919e900959 at xxx.yyy.zzz.www
Sending to xxx.yyy.zzz.www : 5060 (non-NAT)
Found peer 'remotepeer'
Reliably Transmitting (NAT) to xxx.yyy.zzz.www:5060:
SIP/2.0 407 Proxy Authentication Required

The caller remotepeer is unable to authenticate, and the call fails.

Any idea?

Enzo

More information about the asterisk-dev mailing list