15 Oct
2007
15 Oct
'07
9:36 a.m.
El Monday 15 October 2007 11:26:16 Klaus Darilion escribió:
Authentication of in-dialog requests in SIP is broken - you can not rely on the From/To headers.
I can rely on "From" since if I authenticate a caller and do "check_from()" I can be sure there is not spoof.
But I need to know the dialog original URI domain in order to allow or not a REFER.
Because of this issue I need to store dialog info with original URI.
--
Iñaki Baz Castillo
ibc@in.ilimit.es