[asterisk-dev] [Fwd: Re: [svn-commits] kpfleming: branch 1.4 r81442 - /branches/1.4/channels/chan_sip.c]

Olle E Johansson olle at voop.com
Fri Sep 7 01:00:16 CDT 2007


7 sep 2007 kl. 03.07 skrev John Todd:

>
> Maybe:
>
> badauthrejectmode=[403,401]
>
> or
>
> badauthresponse=[403,401]
>
>
> I'm uncertain if either response method will make any difference to
> anything but the most rigorous implementations of the RFC.  Badly
> coded versions will just keep hammering away regardless of what reply
> they get.  This doesn't mean the methods should be selectable.  I
> would suggest that "403" be the standard reply.  I think the
> implication is "for this particular transaction, NEVER try again" but
> it is not anything more than that.  A 403 is not, for instance,
> saying "for ALL transactions, NEVER try again" which would mean that
> pressing the red button on your cell phone would not add your
> ex-girlfriend to a blacklist.
>
Sending a 403 for a bad auth on Invite might lead to a phone
displaying "Call rejected" which doesn't necessarily explain
that you have a bad password for your service. That would
be confusing.

Again, I don't want to have it as a default option, but would
accept it as a configuraiion option that an Asterisk admin
can use when he knows that the phone will give up, as was
the case with one of the phones Kevin is working with.

/O



More information about the asterisk-dev mailing list