Antonio Gómez Soto
2015-Jan-05 01:41 UTC
[asterisk-users] Confused by concepts behind pjsip: endpoint, aor, contact
Joshua, On Sun, Jan 4, 2015 at 6:39 PM, Joshua Colp <jcolp at digium.com> wrote: [..snip..]> Also I notice, an AOR does seem do be directly correlated with an auth >> record, so why are >> they separate in the configuration, why not unify the aor and the auth >> objects? >> > > They aren't at all. Auth = Authentication. Used to authenticate incoming > calls/registrations/other stuff, or used to authenticate outgoing things. > They are NOT the same. AOR is a name for reaching something. >I did not mean they are the same, I meant that there seems to be a one-to-one relationship. So I am wondering, since the auth does seem useless without an aor, but an aor can exist without an auth, why was the auth object created in the first place, instead of extending the aor object with username/password/etc fields? I think auth's only use would be when all the aor's would register using the exact same credentials, and even then it would only save a small amount. But I bet you're now going to say, those small amounts are going to add up.. Antonio> -- > Joshua Colp > Digium, Inc. | Senior Software Developer > 445 Jan Davis Drive NW - Huntsville, AL 35806 - US > Check us out at: www.digium.com & www.asterisk.org > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150104/cf5fac90/attachment.html>
Joshua Colp
2015-Jan-05 01:48 UTC
[asterisk-users] Confused by concepts behind pjsip: endpoint, aor, contact
Antonio G?mez Soto wrote: <snip>> > I did not mean they are the same, I meant that there seems to be a > one-to-one relationship. > > So I am wondering, since the auth does seem useless without an aor, but > an aor > can exist without an auth, why was the auth object created in the first > place, > instead of extending the aor object with username/password/etc fields?Auth is useless on its own but is used by many things - in fact it's not even used directly by an AOR. It's configured on an endpoint to do authentication of inbound traffic from that endpoint. It's also used by outbound registration and outbound publish in response to challenges. While it would be possible to combine them you've now got duplicated stuff across different configuration items, both for configuration and also from an implementation perspective. As it is done right now *all* of the authentication is the same code for everything and there is no duplication. Fix a bug in it and you fix it for everything.> > I think auth's only use would be when all the aor's would register using > the exact > same credentials, and even then it would only save a small amount.I don't understand what you mean.> > But I bet you're now going to say, those small amounts are going to add up..-- Joshua Colp Digium, Inc. | Senior Software Developer 445 Jan Davis Drive NW - Huntsville, AL 35806 - US Check us out at: www.digium.com & www.asterisk.org
Antonio Gómez Soto
2015-Jan-05 02:27 UTC
[asterisk-users] Confused by concepts behind pjsip: endpoint, aor, contact
On Sun, Jan 4, 2015 at 8:48 PM, Joshua Colp <jcolp at digium.com> wrote:> Antonio G?mez Soto wrote: > > <snip> > > >> I did not mean they are the same, I meant that there seems to be a >> one-to-one relationship. >> >> So I am wondering, since the auth does seem useless without an aor, but >> an aor >> can exist without an auth, why was the auth object created in the first >> place, >> instead of extending the aor object with username/password/etc fields? >> > > Auth is useless on its own but is used by many things - in fact it's not > even used directly by an AOR. It's configured on an endpoint to do > authentication of inbound traffic from that endpoint. It's also used by > outbound registration and outbound publish in response to challenges. > >Ok, thank you. One final question: I see that it's possible to have multiple auth's in an endpoint. For incoming traffic to be authenticated, how does pjsip know which auth to consider? By looking at the From: address in the SIP header, and matching that up with the auth id? For example if the From: header is <10000 at 10.172.0.2>, will it find the AOR from the IP address, and the auth from the '10000' ? Antonio> -- > Joshua Colp > Digium, Inc. | Senior Software Developer > 445 Jan Davis Drive NW - Huntsville, AL 35806 - US > Check us out at: www.digium.com & www.asterisk.org > > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > New to Asterisk? Join us for a live introductory webinar every Thurs: > http://www.asterisk.org/hello > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users >-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20150104/9b94413a/attachment.html>
Reasonably Related Threads
- Confused by concepts behind pjsip: endpoint, aor, contact
- Confused by concepts behind pjsip: endpoint, aor, contact
- Confused by concepts behind pjsip: endpoint, aor, contact
- Confused by concepts behind pjsip: endpoint, aor, contact
- Confused by concepts behind pjsip: endpoint, aor, contact