[asterisk-dev] [Code Review] 2554: Pimp my SIP: alwaysauthreject
Joshua Colp
reviewboard at asterisk.org
Tue May 21 10:48:27 CDT 2013
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2554/#review8681
-----------------------------------------------------------
team/group/pimp_my_sip/include/asterisk/res_sip.h
<https://reviewboard.asterisk.org/r/2554/#comment17028>
Is this really needed? I don't think so since you now allocate a single "artificial" endpoint.
team/group/pimp_my_sip/res/res_sip_authenticator_digest.c
<https://reviewboard.asterisk.org/r/2554/#comment17029>
If you allow the artificial endpoint to be retrieved (properly ref counted) you don't need a type enum on the structure, you can just do a direct pointer comparison.
team/group/pimp_my_sip/res/res_sip_authenticator_digest.c
<https://reviewboard.asterisk.org/r/2554/#comment17030>
I don't think this mirrors the exact behavior of a normal user. It will always challenge. What it should do is challenge if there are no credentials and then fail if they attempt to auth with credentials.
- Joshua Colp
On May 20, 2013, 7:47 p.m., Kevin Harwell wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/2554/
> -----------------------------------------------------------
>
> (Updated May 20, 2013, 7:47 p.m.)
>
>
> Review request for Asterisk Developers.
>
>
> Bugs: ASTERISK-21433
> https://issues.asterisk.org/jira/browse/ASTERISK-21433
>
>
> Repository: Asterisk
>
>
> Description
> -------
>
> Adds support for 'alwaysauthreject' to the new SIP channel driver. When the 'alwaysauthreject' option is set to 'yes' (default) and no matching endpoint is found for the incoming request, after challenging, Asterisk will respond with a 401 Unauthorized regardless of the reason it rejects the request.
>
> These changes also include a new global 'security' configuration section in res_sip.conf that now includes the 'alwaysauthreject' and ACL options.
>
>
> Diffs
> -----
>
> team/group/pimp_my_sip/include/asterisk/res_sip.h 389309
> team/group/pimp_my_sip/res/res_sip.c 389309
> team/group/pimp_my_sip/res/res_sip/config_security.c PRE-CREATION
> team/group/pimp_my_sip/res/res_sip/sip_configuration.c 389309
> team/group/pimp_my_sip/res/res_sip/sip_distributor.c 389309
> team/group/pimp_my_sip/res/res_sip_acl.c 389309
> team/group/pimp_my_sip/res/res_sip_authenticator_digest.c 389309
>
> Diff: https://reviewboard.asterisk.org/r/2554/diff/
>
>
> Testing
> -------
>
> Attempted to connect to an unknown endpoint in Asterisk and observed that it responded appropriately and with a correct 401 when 'alwaysauthreject' was enabled.
>
>
> Thanks,
>
> Kevin Harwell
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130521/904c83d2/attachment-0001.htm>
More information about the asterisk-dev
mailing list