Review Board 1.7.16


Use 'remotesecret' when it is set instead of 'secret' when authenticating to a remote party

Review Request #1107 - Created Feb. 14, 2011 and submitted

Terry Wilson
1.6.2
Reviewers
asterisk-dev
dvossel, oej
Asterisk
Asterisk 1.6.2+ has the 'remotesecret' config option which is documented to be the password we use when connecting out to a peer. The 'secret' option is supposed to be used for when we are authenticating an inbound request. 'remotesecret' currently works for registration, but for sending an INVITE the 'secret' is used instead. This patch tests if we are making an outgoing request and uses the peer remotesecret if it is set. Otherwise it still uses the secret as it always has.
Tested that a peer with a 'remotesecret' used that on an outbound call. Tested that if remotesecret is not set, secret is used.
Ship it!
Posted (Feb. 17, 2011, 5:48 a.m.)
This all looks functionally correct to me.  It would be nice if the sample config could be updated to better reflect the behavior of the 'secret' and 'remotesecret' options.  Something like "The 'remotesecret' option is only necessary if the password required to authenticate with the remote endpoint on an outgoing request is different than the one they use to authenticate with us, otherwise if left empty 'secret' will be used for both."  At least I think that makes sense.
/branches/1.6.2/channels/chan_sip.c (Diff revision 1)
 
 
 
 
 
 
Do we even have to check SIP_OUTGOING here?  Isn't this function always used for building the outbound authentication?

https://reviewboard.asterisk.org/ runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to asteriskteam@digium.com.