Support A2Billing :

provided by Star2Billing S.L.

Support A2Billing :
It is currently Thu Mar 28, 2024 4:41 pm
Voice Broadcast System


All times are UTC




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Wed Jul 02, 2014 2:08 pm 
Offline

Joined: Wed Apr 23, 2014 9:35 am
Posts: 19
once the sip configuration created for any card, secret is set to a automatic generated password. Now if we want to change the secret password of that sip user, it does not write anything. it keeps the password blank and anyone knows the sip username will be able to make calls by leaving the password field empty. this is a serious security issue. Has anyone found it? it is happening only on v.2.0.13. Anything regarding this, pls update.


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Wed Jul 02, 2014 2:43 pm 
Offline

Joined: Fri Jun 23, 2006 3:56 pm
Posts: 4065
Hi

I cannot replicate this, can you give me step by step and click by click on your system how you make this happen.

Also, what version of PHP / Apache / OS are you using?

Joe


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Wed Jul 02, 2014 6:31 pm 
Offline

Joined: Tue Jun 18, 2013 2:30 pm
Posts: 6
I can confirm this bug too. Fresh install on a2billing 2.0.13 + UPDATE-a2billing-v2.0.12-to-v2.0.13.sql.
OS - Gentoo
PHP - PHP 5.3.28-pl3-gentoo


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Thu Jul 03, 2014 8:47 am 
Offline

Joined: Wed Apr 23, 2014 9:35 am
Posts: 19
hi Joe,

it started happening when i upgraded to v2.0.13. my platform is centos 6.5 Kernel Version 2.6.32-431.11.2.el6.x86_64 (SMP). php 5.3.3, Apache 2.2.15. you can reproduce the issue following the steps below....

1. create a card with sip config
2. modify the secret from voip settings of that card and apply changes
3. now you see your new secret is not saved, its just blank
4. your sip call will be authorised with he username of that card, no need to enter any secret for sip registration.

Please let me know if you need screenshots or find any solution. Thanks in advance.


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Fri Jul 04, 2014 8:49 am 
Offline

Joined: Wed Apr 23, 2014 9:35 am
Posts: 19
Does anyone has any update on this issue?


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Fri Jul 04, 2014 9:00 am 
Offline

Joined: Fri Jun 23, 2006 3:56 pm
Posts: 4065
Hi

2.0.14 was released yesterday which fixes this issue, however there is a small issue to be fixed in a later release that when the SIP peer is saved, it lists the IAX peers, but everything is saved as it should be.

Joe


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Wed Jul 09, 2014 10:26 am 
Offline

Joined: Wed Apr 23, 2014 9:35 am
Posts: 19
Thanks Joe. i updated and now can confirm the issue is fixed in v2.0.14.


Top
 Profile  
 
 Post subject: Re: a2billing v2.0.13 bug: Sip secret cannot be changed
PostPosted: Thu Aug 07, 2014 11:46 am 
Offline

Joined: Wed Nov 25, 2009 12:01 pm
Posts: 90
Hi joe,

I would like to fix this sip password issue. currently i have a working a2b v 2.0.13 and i don't want to update to v 2.0.14 just in case i break the production server. which file i have to update to get this issue fixed? i have looked the the file A2B_entity_password.php in customer folder but this has not been updated recently in the master branch. any hint please?


Thanks.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 
Hosted Voice Broadcast


All times are UTC


Who is online

Users browsing this forum: No registered users and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group