[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sipwitch-devel] Starting

From: David Sugar
Subject: Re: [Sipwitch-devel] Starting
Date: Fri, 21 Jan 2011 06:59:03 -0500
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20101208 Lightning/1.0b2 Thunderbird/3.1.7

I have no idea why I "decided" that domains absolutely had to be fqdn's.
 Certainly, realms, when used for auth digests, can be "anything".
Perhaps as a good general practice domains generally should at least be
valid "hostnames" since they are also used to form the from/to uri's,
but I agree it does not have to be "enforced".

Originally we also had separated realm and domain in sipwitch.  So
realms can be used for auth digests (and presenting "GNU Telephony" as
an auth digest makes perfect sense) while domains were to be used for
the uri requests for identifying affinity.  But the realm can still also
be a domain (like a "localnames") identifier, and can still also be
accepted as a request host.

Presently stack::reload uses registry::getDomain() is used to initialize
sip_domain, but does not seem to support the <domain> key anymore, which
would allow domain and realm to be set separately, hence allowing for a
very expressive realm string for auth, but a different valid host name
for domains, which I do think was the original implementation. At some
point instead everything was converged on using just realm for both for
simplicity, and the siprealm utility was meant to make setting both into
something like the setting a nis domain.

One answer might be to add <domain> key back into /etc/sipwitch.conf,
and also have a warning at the end of stack::reload() if sip_domain
remains NULL by the end of the routine.  The "." check in
registry::getDomain() I think is clearly unneeded, though.

On 01/20/2011 04:43 PM, Lluís Batlle i Rossell wrote:
> On Thu, Jan 20, 2011 at 03:42:54PM +0100, Steve Murphy wrote:
>> I am running sipw as root I have not tried to make it run as an
>> ordinary user yet.   Making this change I described cured the
>> problem for me , so I think you are looking in the right area at
>> least.
>> I set /etc/siprealm  to the full hostname of the server ( also
>> matching the server and authentication realms in the twinkle client
>> setups) to get over this problem, so I don't know how something like
>> "GNU Telephony" ( which is the commented out value in the default
>> config file ) could ever work.
> I finally found the annoying part of the code. I was setting a local hostname,
> not a fqdn, and look at this important part where the sip domain it's gotten
> from (registry.cpp:115):
> const char *registry::getDomain(void)
> {
>     if(!strchr(reg.realm, '.'))
>         return NULL;
>     if(strchr(reg.realm, ' '))
>         return NULL;
>     return reg.realm;
> }
> 'reg.realm' contains the realm set either in the configuration xml or in 
> /etc/siprealm.
> Notice how it has to contain at least a dot, and no spaces.
> This has been KEY to get the calls working.
> gdb helps a lot. :)
> Bye,
> Lluís.

Attachment: dyfet.vcf
Description: Vcard

reply via email to

[Prev in Thread] Current Thread [Next in Thread]