[asterisk-users] IAX2 certificate based (RSA) user auth in 1.4.x

Kai-Uwe Jensen kujensen at gmail.com
Fri Mar 23 12:14:04 MST 2007


I have a working 1.2.17 installation, where calls are successfully
passed from a "slave
server" to a "master server" via IAX2. Authentication between the
slave and master server
is set up with RSA certificates (inkeys and outkey, auth=rsa). When
invoking the dialplan
(Dial(IAX2/master/${EXTEN:1},30)), everything "just works". The master
will accept an
authenticated call from slave.

Migrating the master to 1.4.2 (and 1.4.1) will break things. The call
does not get accepted
by the master anymore, however, it also does not get rejected
outright. Instead it will
time out, with repeated AUTHREQ requests made from the master to the slave.

Replacing the 1.2.17 slave with a 1.4.x slave (and using the exact
same config) will have
the call succeed against a 1.2.x master.

This appears to be an issue of not being able to match the user
(slave) of an incoming call
request on the master to a valid "friend" definition in iax.conf in
1.4.x. Can anyone confirm
that RSA certificate-based authentication has been observed working in
1.4.x? If so, is
there a secret to make it work? I have not found anything documented I deemed
relevant in this context, but I may have overlooked things.

Thanks!
-- 
"I am Dyslexic of Borg. Fusistance is retile. Your ass will be laminated!"


More information about the asterisk-users mailing list