Summary:ASTERISK-01516: Invite Authentication fails
Reporter:jht (jht)Labels:
Date Opened:2004-05-02 03:48:49Date Closed:2011-06-07 14:05:11
Versions:Frequency of
Description:The change chan_sip.c on 4/26/04 going from cvs version 1.342 to version 1.343 with the comment "Use proper token for authenticating BYE" broke INVITE authentication.

In version 1.342 The Invite sent in response to a 407 message used p->peername to set the username= field.
(See function build_reply_digest)

In version 1.343 The Invite sent in response to a 407 message uses p->username if its set.
(See function build_reply_digest)

That seems all good except that in the sip_request function there is this code:

   if (ext)
       strncpy(p->username, ext, sizeof(p->username) - 1);

that overwrites username with the extension value.

As a result when the Invite is subsequently generated in response to a 407, the username= field in the authentication information is set to the number being called instead of the correct username value.

Comments:By: twisted (twisted) 2004-05-02 04:06:27

ASTERISK-1515 brought this to light and that patch was reverted as of latest cvs.  Please update your cvs tree.

edited on: 05-02-04 03:01

By: twisted (twisted) 2004-05-02 21:56:27

If updating your cvs tree does not fix this issue, doublecheck your configuation, and post back here if it's still not working properly.