[asterisk-dev] [Code Review] SIP: authenticate OPTIONS requests just like we would an INVITE

Klaus Darilion klaus.mailinglists at pernau.at
Tue Aug 31 02:53:29 CDT 2010



On 27.08.2010 21:09, Olle E. Johansson wrote:
>
> 27 aug 2010 kl. 21.24 skrev David Vossel:
>
>> OPTIONS requests should be treated the same as an INVITE... which includes authentication.  This patch adds the ability for incoming out of dialog OPTION requests to be authenticated before providing a response indicating whether an extension is available or not.  The authentication routine works the exact same way as it does for incoming INVITEs. This means that if a peer has 'insecure=invite' in their peer definition, the same will be true for the processing of the OPTIONS request.
>>
>
> We should also add an SDP if possible... There are applications out there who "poke" the other end to find out codec support with OPTIONS.

Which codecs SDP should be presented in the SDP? The one's configured of 
the peer sending the OPTIONS request?

btw: I guess if allowguests=yes, then sending the OPTIONS request would 
still work.

Further, if (with current behavior) there is no SDP in 200 OK response, 
there is actually no difference in receiving a 200 OK and receiving a 
401/407. The sender just knows that there is another SIP client on the 
other side.

regards
klaus



More information about the asterisk-dev mailing list