Does anyone have an example when using type=friend in a SIP device definition would be necessary ?
The type friend is both user and peer type.
Found this somewhere:
- peer: A SIP entity to which Asterisk sends calls (a SIP provider for example). If you want a user (extension) to have multiple phones, define an extension that calls two SIP peers. The peer authenticates at registration.
- user: A SIP entity which places calls through Asterisk (A phone which can place calls only). Users authenticate to reach services with their context.
- friend: An entity which is both a user and a peer. This make sense for most desk handsets and other devices. Asterisk will create two objects, one peer and one user, with the same name.
This is jibberish.
Why would you want to have both user+peer for the same device when peer only is sufficient ?
I am really looking for a real life example.
Show me a config where type=peer does not work, but type friend does.
Another argument against using type=friend has been just posted.
Using type=friend not only allows your “extensions” to be enumerated: viewtopic.php?t=78538
The enumeration attack does not produce any meaningful entries in asterisk logs, so it is undetectable by log scanning tools like fail2ban : viewtopic.php?t=78988
Is the enumeration still present given:
Okay, compiled 220.127.116.11 and it is gone. That was quick. Now you need to upgrade the rest of the world.
It was not clear from the advisory what exactly was fixed as the CVE entry is stil not updated.
Can you find me now a sample config with type=friend in it ? It has been a month since I asked and no one came forward.