Summary: | ASTERISK-18266: it should be posible to authenticate sip devices using name different than the section header | ||
Reporter: | Tim Osman (obeliks) | Labels: | |
Date Opened: | 2011-08-12 03:39:08 | Date Closed: | 2011-08-30 14:29:34 |
Priority: | Major | Regression? | No |
Status: | Closed/Complete | Components: | Channels/chan_sip/General |
Versions: | SVN | Frequency of Occurrence | |
Related Issues: | |||
Environment: | Attachments: | ||
Description: | Major part of the problem is described in http://forums.digium.com/viewtopic.php?t=79350. When authenticating a sip device, asterisk insists the From: header (before '@') be the same as the username from the Authorization: header. It should be possible to use different names. This would make password cracking much more difficult. 3 vs. 2 pieces of information. Please note most soft/hardphones support this by allowing separate fields for username and authname. | ||
Comments: | By: Leif Madsen (lmadsen) 2011-08-30 14:29:34.988-0500 This is a feature request without a patch. If you're able to implement this feature then please do submit a patch as I'm sure it would be greatly appreciated. Unfortunately I'm not sure with the way chan_sip is built architecturally this is going to be a trivial change. By: Malcolm Davenport (mdavenport) 2011-08-30 14:40:02.324-0500 +1 to the request, and to anyone that wants to work towards it |