|Summary:||ASTERISK-09164: Missing warning about unknown parameters in sip.conf => No warning about misspelled "|
|Date Opened:||2007-04-01 10:17:36||Date Closed:||2007-07-09 21:20:43|
|Description:||I'm running Asterisk trunk on Fedora Core 6. I found out, that Asterisk does not warn about unknown parameters in sip.conf. This is even though I ran it with very high debug output and verbosity and I also turned on debug logging in logger.conf and sipdebug in sip.conf. Normally it wouldn't matter to me if I could insert anything into sip.conf and Asterisk will just read over it.|
The reason, I think a warning about unknown parameters would be necessary is: When I accidently mistype the parametername "secret", users are able to login without a password, which I regard as a security-risk.
Ideas to resolve the problem:
1. A warning about unknown parameters in sip.conf (and other .conf-files, if not already implemented)
2. A parameter in the [general]-section of sip.conf (or in asterisk.conf for all "protocol".conf), which would not permit the creation of users without a secret (or even better, specifying a minimum password strength) would be a very useful feature.
****** ADDITIONAL INFORMATION ******
I also filed this as a question ([HELP] Unknown parameters in sip.conf) in the "Asterisk Support" Forum and was encouraged to file it as a bug.
|Comments:||By: Clod Patry (junky) 2007-04-01 12:42:40|
Just use a template with a default password set?
If you misspell something, your default password will be used, which solve that "security risk".
By: Russell Bryant (russell) 2007-04-03 13:58:05
This issue has been resolved in 1.2, 1.4, and trunk in revisions 59916, 59936, and 59937. Thanks!
By: Olle Johansson (oej) 2007-04-03 14:05:03
This can't be done for type=user since a type=friend has a lot of options that can't be handled by the user. Implementing error messages will cause a *lot* of warnings.
By: Olle Johansson (oej) 2007-04-03 14:05:55
The feature request about "disable-without-secrets" sounds like a good thing to implement in future releases. It's added to my todo list. Thanks.