From 5deb544d06acf821f54f61890ae1129697ff8591 Mon Sep 17 00:00:00 2001
From: Terry Wilson <twilson@digium.com>
Date: Thu, 24 Feb 2011 03:49:07 +0000
Subject: [PATCH] Merged revisions 308679 via svnmerge from
 https://origsvn.digium.com/svn/asterisk/branches/1.8

................
  r308679 | twilson | 2011-02-23 21:41:34 -0600 (Wed, 23 Feb 2011) | 15 lines

  Merged revisions 308678 via svnmerge from
  https://origsvn.digium.com/svn/asterisk/branches/1.6.2

  ........
    r308678 | twilson | 2011-02-23 21:38:22 -0600 (Wed, 23 Feb 2011) | 8 lines

    Use remotesecret to authenticate with a remote party

    The remotesecret option was only being used for outbound registration
    and not for placing calls. This patch uses remotesecret on outbound
    calls if it is set, otherwise secret is still used.

    Review: https://reviewboard.asterisk.org/r/1107/
  ........
................


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@308680 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 channels/chan_sip.c     | 4 +++-
 configs/sip.conf.sample | 4 ++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index 4d9408f386..e9ef2d695c 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -18529,7 +18529,9 @@ static int build_reply_digest(struct sip_pvt *p, int method, char* digest, int d
 	} else {
 		/* No authentication, use peer or register= config */
 		username = p->authname;
-		secret =  p->peersecret;
+ 		secret = p->relatedpeer 
+			&& !ast_strlen_zero(p->relatedpeer->remotesecret)
+			? p->relatedpeer->remotesecret : p->peersecret;
 		md5secret = p->peermd5secret;
 	}
 	if (ast_strlen_zero(username))	/* We have no authentication */
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample
index 9127628822..92e41e4403 100644
--- a/configs/sip.conf.sample
+++ b/configs/sip.conf.sample
@@ -1014,6 +1014,10 @@ srvlookup=yes                   ; Enable DNS SRV lookups on outbound calls
 ;   Asterisk only matches on IP/port, not on names. This is mostly used for SIP
 ;   trunks.
 ;
+; Use remotesecret for outbound authentication, and secret for authenticating
+; inbound requests. For historical reasons, if no remotesecret is supplied for an
+; outbound registration or call, the secret will be used. 
+;
 ; For device names, we recommend using only a-z, numerics (0-9) and underscore
 ;
 ; For local phones, type=friend works most of the time