Change the default value for alwaysauthreject in sip.conf to "yes".

author Russell Bryant <russell@russellbryant.com>

Tue, 10 Aug 2010 21:47:31 +0000 (21:47 +0000)

committer Russell Bryant <russell@russellbryant.com>

Tue, 10 Aug 2010 21:47:31 +0000 (21:47 +0000)
author Russell Bryant <russell@russellbryant.com>
Tue, 10 Aug 2010 21:47:31 +0000 (21:47 +0000)
committer Russell Bryant <russell@russellbryant.com>
Tue, 10 Aug 2010 21:47:31 +0000 (21:47 +0000)
diff --git a/UPGRADE.txt b/UPGRADE.txt

index 677fdb7c21a1ebe160778e679f36f0696f909ca3..905681fe25b1f4c1842cfe03fa4127a37611c4f1 100644 (file)
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@@ -20,6 +20,9 @@
  
  From 1.6.2 to 1.8:
  
+* The default value for the alwaysauthreject option in sip.conf has been changed
+  from "no" to "yes".
+
  * The behavior of the 'parkedcallstimeout' has changed slightly.  The formulation
    of the extension name that a timed out parked call is delivered to when this
    option is set to 'no' was modified such that instead of converting '/' to '0',
diff --git a/channels/sip/include/sip.h b/channels/sip/include/sip.h

index 0e207ca23d40d80be8d2a05096390f27a5852c7e..cf3c0da6966693bcca9cdb16e210614c4d3aed1b 100644 (file)
--- a/channels/sip/include/sip.h
+++ b/channels/sip/include/sip.h
@@ -214,7 +214,7 @@
  #define        DEFAULT_MATCHEXTERNADDRLOCALLY FALSE /*!< Match extern IP locally default setting */
  #define DEFAULT_QUALIFY        FALSE    /*!< Don't monitor devices */
  #define DEFAULT_CALLEVENTS     FALSE    /*!< Extra manager SIP call events */
-#define DEFAULT_ALWAYSAUTHREJECT  FALSE /*!< Don't reject authentication requests always */
+#define DEFAULT_ALWAYSAUTHREJECT  TRUE  /*!< Don't reject authentication requests always */
  #define DEFAULT_REGEXTENONQUALIFY FALSE
  #define DEFAULT_T1MIN             100   /*!< 100 MS for minimal roundtrip time */
  #define DEFAULT_MAX_CALL_BITRATE (384)  /*!< Max bitrate for video */
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample

index 35f4f682ee779d8828e86d992c20c115aaeaa20c..c61e8787c2e00e29f8c027f157fb605cff06137f 100644 (file)
--- a/configs/sip.conf.sample
+++ b/configs/sip.conf.sample
@@ -356,6 +356,7 @@ srvlookup=yes                   ; Enable DNS SRV lookups on outbound calls
                                  ; instead of letting the requester know whether there was
                                  ; a matching user or peer for their request.  This reduces
                                  ; the ability of an attacker to scan for valid SIP usernames.
+                                ; This option is set to "yes" by default.
  
  ;g726nonstandard = yes          ; If the peer negotiates G726-32 audio, use AAL2 packing
                                  ; order instead of RFC3551 packing order (this is required
author	Russell Bryant <russell@russellbryant.com>
	Tue, 10 Aug 2010 21:47:31 +0000 (21:47 +0000)
committer	Russell Bryant <russell@russellbryant.com>
	Tue, 10 Aug 2010 21:47:31 +0000 (21:47 +0000)
UPGRADE.txt		patch \| blob \| blame \| history
channels/sip/include/sip.h		patch \| blob \| blame \| history
configs/sip.conf.sample		patch \| blob \| blame \| history