Add "insecure=very" where we don't authenticate peers who are registered

author Mark Spencer <markster@digium.com>

Mon, 3 May 2004 05:14:52 +0000 (05:14 +0000)

committer Mark Spencer <markster@digium.com>

Mon, 3 May 2004 05:14:52 +0000 (05:14 +0000)
author Mark Spencer <markster@digium.com>
Mon, 3 May 2004 05:14:52 +0000 (05:14 +0000)
committer Mark Spencer <markster@digium.com>
Mon, 3 May 2004 05:14:52 +0000 (05:14 +0000)
diff --git a/channels/chan_sip.c b/channels/chan_sip.c

index e39ceae..30a40a0 100755 (executable)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -4502,6 +4502,11 @@ static int check_user(struct sip_pvt *p, struct sip_request *req, char *cmd, cha
                                         strncpy(p->context, peer->context, sizeof(p->context) - 1);
                                 strncpy(p->peersecret, peer->secret, sizeof(p->peersecret) - 1);
                                 strncpy(p->peermd5secret, peer->md5secret, sizeof(p->peermd5secret) - 1);
+                               if (peer->insecure > 1) {
+                                       /* Pretend there is no required authentication if insecure is "very" */
+                                       strcpy(p->peersecret, "");
+                                       strcpy(p->peermd5secret, "");
+                               }
                                 p->callgroup = peer->callgroup;
                                 p->pickupgroup = peer->pickupgroup;
                                 p->capability = peer->capability;
@@ -6704,7 +6709,12 @@ static struct sip_peer *build_peer(char *name, struct ast_variable *v)
                                 else
                                         peer->capability &= ~format;
                         } else if (!strcasecmp(v->name, "insecure")) {
-                               peer->insecure = ast_true(v->value);
+                               if (!strcasecmp(v->value, "very")) {
+                                       peer->insecure = 2;
+                               } else if (ast_true(v->value))
+                                       peer->insecure = 1;
+                               else
+                                       peer->insecure = 0;
                         } else if (!strcasecmp(v->name, "qualify")) {
                                 if (!strcasecmp(v->value, "no")) {
                                         peer->maxms = 0;
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample

index 0c9dd0e..773f371 100755 (executable)
--- a/configs/sip.conf.sample
+++ b/configs/sip.conf.sample
@@ -81,6 +81,8 @@ context = default             ; Default context for incoming calls
  ;defaultip=192.168.0.59
  ;mailbox=1234,2345             ; Mailbox for message waiting indicator
  ;restrictcid=yes               ; To have the callerid restriced -> sent as ANI
+;insecure=yes                  ; To match a peer based by IP address only and not peer
+;insecure=very                 ; To allow registered hosts to call without re-authenticating
  
  ;[pingtel]
  ;type=friend
author	Mark Spencer <markster@digium.com>
	Mon, 3 May 2004 05:14:52 +0000 (05:14 +0000)
committer	Mark Spencer <markster@digium.com>
	Mon, 3 May 2004 05:14:52 +0000 (05:14 +0000)
channels/chan_sip.c		patch \| blob \| history
configs/sip.conf.sample		patch \| blob \| history