[asterisk-users] allowguest defaults to yes for SIP

Thu Nov 12 17:19:54 CST 2009

On 13/11/09 9:37 AM, Lee Howard wrote:
> Michiel van Baak wrote:
>> When I started working with asterisk, and found my first issue, I
>> created a patch, put it on the tracker, followed up on the comments, and
>> stuff got in.
>
> I'm sincerely pleased to know that you've had a different experience
> than have I.

I've had an experience which is a little of both.

I've had some patches accepted, and other not accepted (MySQL userfield2-5).

I think it's really important that not every patch gets accepted, and I 
really like the discussion which has taken place on this one.

Basically the two sides of the argument are:

For: I put stuff in my default context, now people can use it without 
authentication - I didn't expect this.

Against: I'm a new user, I tried to get Asterisk working but had 
authentication problems, now I'm moving to Microsoft OCS (or 3cx or 
whatever).

I kinda think that you want to make it as easy as possible for new users 
to at least run an echo test (and maybe make a call through to Digium).

Once they've done that they're going to need to edit config files.

If there is strong wording in the config files explaining that they 
shouldn't be adding anything here without first reading the security 
document I think it would suffice.

Maybe the best way would be to make it that the default context only 
provides the info from the examples unless you provide an option:

read_security_document=yes

or whatever.

I know that it seems really easy for most of us to chuck a couple of sip 
devices into the config and set up some extensions, but for a new user, 
any step at all they need to make before getting a "call" working is bad.

The average new user won't know much about VoIP, nor much (if anything) 
about Linux, and seeing some text interface provide some random error 
when they try it for the first time will just turn them away.

>> If you read the page about contributing code to asterisk, it clearly
>> states that the dev mailinglist is the place to discuss development.
>> If you post comments there, people will read it, comment on it, and if
>> more people agree with the ideas it will get implemented.
>>
>> It's how all OpenSource projects work.
>
> I truly wish it were.  I've seen more than a few that didn't.

:) just consider yourself lucky it's not glibc or something you're 
trying to commit to :)

The people with commit access tend to just say no.  Even if the change 
stops something from breaking on multiple platforms (see eglibc discussion).

Basically to get a change into Asterisk, you need a reasonably good 
percentage of people agreeing that the change is worthwhile (and the 
best way to implement it).

Don't get me wrong, I understand the change you're proposing, just that 
it may not be the 100% best way to do it, and it needs to be carefully 
thought out before proceeding with something which may have a large 
impact on new users.

Think what it's like for the 3G video people who have a huge patchset 
that they wrote before bringing it up for discussion only to hear it was 
the wrong way to do it.

At least the patch is small :D

-- 
Cheers,

Matt Riddell
Director
_______________________________________________

http://www.venturevoip.com/news.php (Daily Asterisk News)
http://www.venturevoip.com/st.php (SmoothTorque Predictive Dialer)
http://www.venturevoip.com/c3.php (ConduIT3 PABX Systems)