[OpenSIPS-Users] Having '@' in the username

Vasil Kolev vasil.kolev at attractel.com
Tue Feb 10 16:02:27 CET 2009


В 15:22 +0100 на 10.02.2009 (вт), Iñaki Baz Castillo написа:
> 2009/2/10 Vasil Kolev <vasil.kolev at attractel.com>:
> > В 15:01 +0100 на 10.02.2009 (вт), Iñaki Baz Castillo написа:
> >> 2009/2/10 Vasil Kolev <vasil.kolev at attractel.com>:
> >> > So, the question goes like this - should I even bother with this, or
> >> > should I just have the client part escape '@' and be done with it?
> >>
> >> SIP BNF grammar doesn't allow @ into the SIP URI username part. If you
> >> need it you should escape it in hexadecimal.
> >
> > Yes, this gets escaped. But it's not escaped automatically for the
> > digest username, which in turn led me to patch parse_username() and do
> > the URI hack.
> 
> According to SIP BFN, "username" field in Authentication header looks like:
> 
>   username          =  "username" EQUAL username-value
>   username-value    =  quoted-string
> 
> It's a quoted string so it doesn't need to be escaped. I think you are
> getting into SIP BNF core issues. No easy solution for it.
> 
> 

So, to rephrase my question, should OpenSIPS be able to use normally
usernames in the database in the form of user at anydomain, and to handle
presence, etc. for them? Three examples:
1) when you use presence for 'aaa at bbb.com', the username in the database
says 'aaa%40bbb.com')
2) when you try to register with aaa at bbb.com (in the digest auth.
field), it tries to check the username aaa%40bbb.com and says it's
spoofed.
3) when you try registering with aaa at bbb.com (in the digest auth.
field), it also tries to authorize it in the domain bbb.com, why?


If this should be possible, would you accept patches for this?

> > That I'll discuss with them, as they split on the first '@' (as I
> > understand the python code), which won't really work.
> 
> Do you mean the "username" field in Authentication header?
> 
Yes, and the one in the URL for the POST/GET/PUT.

> 
-- 
Regards,
Vasil Kolev
Attractel NV
dCAP #1324, LPIC2




More information about the Users mailing list