[Asterisk-Dev] RPID Issue

Ray Van Dolson rayvd at digitalpath.net
Thu Dec 29 18:18:32 MST 2005


I've run into a couple issues relating to RPID.  Just wanted to bring them
up one at a time here...

I have an Asterisk 1.2.1 installation doing SIP for SPA-2002 and PAP2-NA
ATA's.  From the Asterisk box, we then do SIP to a VoIP provider who handles
the SIP to PSTN translation for us.  Pretty straight forward.

I decided to try using the RPID features in 1.2.1.  Enabled all the
trustrpid directives and sendrpid as well.  However, when I dial *81
<number> on my Sipura (*81 makes the call private) I get a fast busy back
from Asterisk.

Upon further investigation, it appears that Asterisk is saying the Sipura is
unauthorized.  This only happens when I try and block caller ID from the
Sipura though.

Dug around in the source a bit and it seems that Asterisk uses the contents
of the From header to authenticate the ATA against.  Normally (when making a
non-CLID blocked call), the Sipura sends a from header like the following:

From: ROY <sip:5305715503.pw.digitalpath.net at sipproxy>;tag=cec0ff0080328e51o0

Authentication works fine in this case.

However, when the caller dials *81, the from header looks like this:

From: Anonymous <sip:anonymous at localhost>;tag=db61581ae353a8e1o0

I believe this is why authentication is failing.

Now, is this incorrect behavior by my ATA?  Seems like it should populate
the From header no matter what.  On the other hand, I see that the
5305715503.pw.digitalpath.net username is available in two other places in
the initial INVITE:

  * The Contact header:
    Contact: Anonymous <sip:5305715503.pw.digitalpath.net at 172.25.163.2:5060
  * The RPID header:
    Remote-Party-ID: ROY <sip:5305715503.pw.digitalpath.net at sipproxy>;screen=yes;privacy=full;party=calling

Maybe Asterisk should use the username in the Contact field to do
authentication on?  Or the Proxy-Authorization field?

It seems that the problem is that the "of" variable in check_user_full()
(which gets set to the contents of the From header) doesn't have the
legitimate username in it.

In any case, my solution was to modify check_user_full() and if an RPID
header is available, I copy the username out of it into the of variable and
authentication succeeds and the call works fine with or without *81.

The fix works for me, but I have a feeling there's a more "correct" way to
address this issue.  I'd like to know if my Sipura is misbehaving, or if
Asterisk should be looking somewhere other than the From field for
authentication info.

Thanks for any thoughts.

Ray



More information about the asterisk-dev mailing list