[asterisk-dev] [Code Review] 2431: Add outbound authentication for outbound registrations
Joshua Colp
reviewboard at asterisk.org
Tue Apr 9 08:29:26 CDT 2013
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2431/#review8210
-----------------------------------------------------------
/team/group/pimp_my_sip/res/res_sip_outbound_registration.c
<https://reviewboard.asterisk.org/r/2431/#comment15839>
As recent and past discussions have brought up - this should probably be made configurable with a sane default.
/team/group/pimp_my_sip/res/res_sip_outbound_registration.c
<https://reviewboard.asterisk.org/r/2431/#comment15840>
There's a memory leak here. It's possible for the state to be reused (for example - if a reload occurs with only minimal changes). This will then overwrite the old sip_outbound_auths.
- Joshua Colp
On April 8, 2013, 9:22 p.m., Mark Michelson wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/2431/
> -----------------------------------------------------------
>
> (Updated April 8, 2013, 9:22 p.m.)
>
>
> Review request for Asterisk Developers and Joshua Colp.
>
>
> Repository: Asterisk
>
>
> Description
> -------
>
> Outbound registration and outbound auth were completed in parallel, but now the two have intersected. This adds outbound authentication support to the outbound registration module. It works by having the registration configuration point to an authentication section in order to determine credentials, exactly like an endpoint does.
>
> One problem I encountered was that outbound authentication code relied on being given an endpoint in order to look up auth credentials. In actuality, there is no need for this since the only piece of information it was using from the endpoint was the names of the auth sections to find in sorcery. I have changed the outbound authenticator API to no longer take an endpoint and instead take an array of auth sorcery IDs and the number of IDs in the array.
>
> The actual changes to res_sip_outbound_registration are not that much. It just reads the configuration and then uses it if a 401 or 407 response arrives for a registration.
>
> There is a some duplication of code between sip_configuration.c and res_sip_outbound_registration.c since both read a list of authentication IDs from configuration. For now, I'm more interested in the approach taken in this review. If this is approved, I'll remove the duplicated auth parsing code from res_sip_outbound_registration.c and put it in a place accessible by all.
>
>
> Diffs
> -----
>
> /team/group/pimp_my_sip/res/res_sip_outbound_registration.c 384967
> /team/group/pimp_my_sip/res/res_sip_outbound_authenticator_digest.c 384967
> /team/group/pimp_my_sip/res/res_sip/sip_outbound_auth.c 384967
> /team/group/pimp_my_sip/res/res_sip.exports.in 384967
> /team/group/pimp_my_sip/res/res_sip.c 384967
> /team/group/pimp_my_sip/include/asterisk/res_sip.h 384967
>
> Diff: https://reviewboard.asterisk.org/r/2431/diff/
>
>
> Testing
> -------
>
> Tested with outbound authentication configured and not configured. With no outbound authentication configured, a 401/407 results in a failed registration. I do not treat this as a temporal failure, but as a permanent one. With outbound authentication configured, a 401/407 results in an auth request being sent properly.
>
>
> Thanks,
>
> Mark Michelson
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130409/58553bf1/attachment-0001.htm>
More information about the asterisk-dev
mailing list