Re: [OpenSER-Users] Multidomain and in-dialog REFER auth issue

15 Oct 2007


      El Monday 15 October 2007 10:13:22 Iñaki Baz Castillo escribió:
...
El Monday 15 October 2007 09:58:36 Iñaki Baz Castillo escribió:
...
How can my OpenSer know which domain this REFER goes? of course the "To"
header is not valid at all.
Could be a solution a SQL query to "location" table looking for the URI
(sip:userB@80.98.123.23:5060) and getting the username and domain of
this?
Anyway this solution wouldn't be secure since userA@domainA.com could hack
its "From" header in the REFER and appears as "@domainB.com".
Ops, there is no this issue since the "From" is checked against the auth 
username in "check_from()".
Then the only I need is to store dialog original URI domain.
-- 
Iñaki Baz Castillo
ibc@in.ilimit.es

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [OpenSER-Users] Multidomain and in-dialog REFER auth issue