[asterisk-users] Is there a way to test SIP credentials without making a call?

John Todd jtodd at digium.com
Tue Oct 14 00:25:02 CDT 2008


At 9:37 AM -0700 2008/10/13, Eric Chamberlain wrote:
>On Oct 11, 2008, at 8:28 PM, Rob Hillis wrote:
>
>>  Eric Chamberlain wrote:
>>>>  Is there a particular reason you /can't/ register?  It would seem 
>>>>  that
>>>>  registration would provide the functionality you require, even if
>>>>  you're
>>>>  only making outbound calls.
>>>>
>>>  In the case of a server like Asterisk, wouldn't sending a register
>>>  disrupt the flow of inbound calls until the UA that normally handles
>>>  inbound calls re-registers?
>>
>>  Are you using the same credentials as existing extensions to make 
>>  calls
>>  from different extensions?  That would seem to be a particularly bad
>>  idea.  You should be configuring /one/ sip extension per SIP phone.
>>  Those extensions that handle outgoing calls only could be put in a
>>  different number range, or have a letter prefixed or suffixed to the
>  > extension, but you should /not/ be using one configured extension for
>>  two different purposes.
>
>
>We're developing the client and don't have control over the server, 
>which may or may not be Asterisk.  Adding extra extensions isn't 
>possible.
>
>Can OPTION packets be used to verify authentication?

I've never seen a system that I can recall that uses authentication 
on OPTIONS, since OPTIONS aren't generally considered to be secure. 
I'm sure some exist, but it'd be a poor test beacon.

I can't think of anything off the top of my head that wouldn't create 
some sort of record.

How about trying to call your own AOR?  At least it under most 
circumstances would be "no cost", and you'd be able to ignore your 
own call or even better, you'd get a "LOOP DETECTED" message which 
would only come after you've authenticated.

JT


-- 
John Todd
jtodd at digium.com        +1-256-428-6083
Asterisk Open Source Community Director



More information about the asterisk-users mailing list