[asterisk-dev] Kill the user, kill the user!

[Klaus Darilion]

Johansson Olle E wrote:
> 7 dec 2007 kl. 17.45 skrev Igor A. Goncharovsky:
> 
>> Hi!
>>
>> Johansson Olle E wrote:
>>> Incoming calls are handled this way
>>>
>>> * First, we match on peer object name with the From username
>>> * Then we try to match on IP/Port
>>> * If we can't match, we send to the context defined in the "general"
>>> section in sip.conf or to "default".
>>>
>>> If you can find any way this may give you problems, please inform me
>>> now. Otherwise, I'm going
>>> to test this branch with all of you. I don't foresee any problems
>>> going ahead with this in trunk.
>>>
>>> Feedback is appreciated!
>>>
>> Should it solve my problems with incoming calls from my telco. I have
>> registered many lines on single SBC then incoming call have the same  
>> IP
>> and port. Difference only in To: user name. Incoming INVITE have not
>> auth, but when we send final BYE we have problem with auth name,  
>> because
>> it is wrong selected on initial INVITE. Can also peer search able by  
>> To
>> field?
> 
> Well, that is a different thing. After I've removed the user, my plan
> was to add "service" and "trunk".

What if Asterisk uses a dedicated Contact URI when registering to the 
service provider. Then, incoming requests can be distinguished based on 
the RURI. (this is what eyebeam and SNOM does by adding an instance/line 
parameter to the contact URI).

Thus:
1. check RURI if it matches an existing registration (optionally verfiy 
if requests comes from the specified IP address as additionally security 
check)

2. check From URI. If the domain correlates with the local configured 
domains then challenge the user (realm=domain) (old user behavior)

3. check source IP (optional port) (old peer behavior). Optional do 
authentication

4. use default context


regards
klaus