aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorfile <file@f38db490-d61c-443f-a65b-d21fe96a405b>2009-11-04 19:23:01 +0000
committerfile <file@f38db490-d61c-443f-a65b-d21fe96a405b>2009-11-04 19:23:01 +0000
commita85c136a0540b5fb247558a356a517991b25df48 (patch)
treef750cb1a529520fbf45367847fd24995074f9803
parent130ceb2dcc3d3833bd713b65e67348cbb7622d1f (diff)
Merged revisions 227712 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk ................ r227712 | file | 2009-11-04 15:20:46 -0400 (Wed, 04 Nov 2009) | 12 lines Merged revisions 227700 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r227700 | file | 2009-11-04 15:17:39 -0400 (Wed, 04 Nov 2009) | 5 lines Fix a security issue where sending a REGISTER with a differing username in the From URI and Authorization header would reveal whether it was valid or not. (AST-2009-008) ........ ................ git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.1@227723 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat
-rw-r--r--channels/chan_sip.c9
1 files changed, 2 insertions, 7 deletions
diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 93b56daf8..0a3bca596 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -12111,11 +12111,6 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
Asterisk uses the From: username for authentication. We need the
devices to use the same authentication user name until we support
proper authentication by digest auth name */
- transmit_response(p, "403 Authentication user name does not match account name", &p->initreq);
- if (global_authfailureevents)
- manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Rejected\r\nCause: AUTH_USERNAME_MISMATCH\r\nAddress: %s\r\nPort: %d\r\n",
- name, ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
- break;
case AUTH_NOT_FOUND:
case AUTH_PEER_NOT_DYNAMIC:
case AUTH_ACL_FAILED:
@@ -12132,8 +12127,8 @@ static enum check_auth_result register_verify(struct sip_pvt *p, struct sockaddr
else
transmit_response(p, "404 Not found", &p->initreq);
if (global_authfailureevents)
- manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Rejected\r\nCause: URI_NOT_FOUND\r\nAddress: %s\r\nPort: %d\r\n",
- name, ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
+ manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Rejected\r\nCause: %s\r\nAddress: %s\r\nPort: %d\r\n",
+ (res == AUTH_USERNAME_MISMATCH) ? "AUTH_USERNAME_MISMATCH" : "URI_NOT_FOUND", name, ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
}
break;
case AUTH_BAD_TRANSPORT:
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 14:18:54 +0000