[asterisk-dev] RE: SIP Peer matching on Inbound calls

Luigi Rizzo rizzo at icir.org
Sat Nov 11 00:10:11 MST 2006 

On Fri, Nov 10, 2006 at 06:10:23PM -0600, JR Richardson wrote:
> 
> > 
> > I'm having a strage problem related to the way Asterisk is matching
> > SIP peers on inbound calls to DIDs (not REGISTERed extensions).  I
> 
> I just had this same issue as well, drove me crazy.  I have a different
> setup but found that asterisk translates the CID number to a User on an
> inbound SIP call, then searches for that User context to authenticate the
> call.
> 
> I would very much like to know why this is happening, if it is normal to do
> this and how this behavior can be modified.

this is what i wrote to the original poster:

the place you want is the function check_user_full().
I did something similar recently (you find it in trunk, i am attaching
the relevant code below) to match
users from the 'Username' field in the auth field.
For your goals, you should modify (or replicate) the block
below, and do a get_header(req, "To") and a bit of parsing to
extract the string you want. At this point, you should be
able to match the request against the entry in the users list
(your entry [441612412070] is both a user and a peer, but
the match-by-name is on the users list first)

hope this helps

	cheers
	luigi

...
/*! \brief  Check if matching user or peer is defined 
 	Match user on From: user name and peer on IP/port
	This is used on first invite (not re-invites) and subscribe requests 
    \return 0 on success, non-zero on failure
*/
static enum check_auth_result check_user_full(struct sip_pvt *p, struct sip_request *req,
					      int sipmethod, char *uri, enum xmittype reliable,
					      struct sockaddr_in *sin, struct sip_peer **authpeer)
{
	...

	if (global_match_auth_username) {
		/*
		 * XXX This is experimental code to grab the search key from the
		 * Auth header's username instead of the 'From' name, if available.
		 * Do not enable this block unless you understand the side effects (if any!)
		 * Note, the search for "username" should be done in a more robust way.
		 * Note2, at the moment we chech both fields, though maybe we should
		 * pick one or another depending on the request ? XXX
		 */
		const char *hdr = get_header(req, "Authorization");
		if (ast_strlen_zero(hdr))
			hdr = get_header(req, "Proxy-Authorization");

		if ( !ast_strlen_zero(hdr) && (hdr = strstr(hdr, "username=\"")) ) {
			ast_copy_string(from, hdr + strlen("username=\""), sizeof(from));
			of = from;
			of = strsep(&of, "\"");
		}
	}

	...

	return res;
}

More information about the asterisk-dev mailing list