Review Board 1.7.16


[18839] [Applications/app_voicemail] A voicemail password that starts with a '*' results in a invalid mailbox

Review Request #1316 - Created July 11, 2011 and submitted

Matt Jordan
1.8
ASTERISK-17443
Reviewers
asterisk-dev
lmadsen
Asterisk
The bug was originally reported that a voicemail user with a password beginning with the '*' character would be authenticated if their passwords matched, but the mailbox would be set to NULL.  This would cause the voicemail app to create a new mailbox at the root of the voicemail directory path, which would appear as the user's mailbox, albeit with no mail, etc.

Note that another behavior that occurs is if a user enters a voicemail mailbox beginning with '*'.  In that case, the mailbox is truncated to NULL and the user prompted with a password.  Since the mailbox is NULL, the user cannot enter a valid password, and will eventually be forced out of voicemail.

Upon further inspection, Leif noted that a '*' as the first character in either the mailbox or the password is supposed to route the call to extension 'a' if it exists.

In conversations with Russell, it was decided that a mailbox or password starting with '*' should be treated as invalid.  The code change does the following:
1. If an existing voicemail.conf defines a mailbox beginning with a '*', loading voicemail.conf will log a warning that the mailbox is invalid and should be changed.
2. If an existing voicemail.conf defines a password beginning with a '*', loading voicemail.conf will log a warning that the password is invalid and should be changed
3. Any attempt to change a password (either through new user or change password options) to a password beginning with '*' will be rejected
4. If a user logs in with a password beginning with '*', and that password matches the password in voicemail.conf, the vmu object is set to NULL to prevent a 'dummy' mailbox from being created.  This inevitably causes the login attempts to fail.

Note that since the 'reroute' option appeared to be mostly unknown, additional verbose logging was put in to let an admin know that a reroute to extension 'a' was being attempted.
Prior to making changes to load_config / change_password:
1. vm_authenticate was modified to set vmu to NULL if the password began with '*' but extension 'a' does not exist.  This was tested with a mailbox with a password set to '*'; the login attempt failed and no dummy inbox was created.

After the rest of the code changes:

2. A mailbox of *1234 => 1234,... was created.  The mailbox is dropped due to beginning with * and a warning generated.  A user attempting to log in with a mailbox of *1234 is treated as having a mailbox of '\0'.  If extension 'a' is not present, the login attempts will fail.
3. A mailbox of 1234* => *1234,... was created.  The mailbox is valid, but the password is detected as being invalid and a warning generated.  A user will be unable to authenticate with the password if extension 'a' is not defined as the vmu user will be set to NULL.
Ship it!
Posted (July 11, 2011, 10:12 a.m.)
Looks good to me, thanks!
Ship it!
Posted (July 11, 2011, 10:18 a.m.)
This seems rather voicemail.conf oriented based on your description and the warning messages.  I think you can go ahead and ship it, but I think I'll check whether it works with realtime voicemail profiles when I return.

https://reviewboard.asterisk.org/ runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to asteriskteam@digium.com.