[SR-Users] consume_credentials not working on PRACK?

31 Oct 2022


      Hi List
I noticed, that one of our CPE copies the Proxy-Authorization HF in
almost all messages sent.
As PRACK were not authenticated, those headers were potentially sent on
to the destination disclosing the authentication username and realm.
So assuming, if credentials are present, the client wishes them to be
validated, I added:
if (has_credentials("$fd")) {
                xlog("L_INFO", "$cfg(route): got $rm with credentials. Validate them!\n");
                route(AUTH);
        }
and in route[AUTH] I call:
pv_auth_check() which returns 1 thus success upon which I use:
if(!is_method("REGISTER|PUBLISH"))
     consume_credentials();
If the method is INVITE:
Proxy-Authorization HF is removed by consume_credentials()
if the method is PRACK:
Proxy-Authorization HF is still present on the outbound leg.
Mit freundlichen Grüssen
-Benoît Panizzon-
-- 
I m p r o W a r e   A G    -    Leiter Commerce Kunden
______________________________________________________

Zurlindenstrasse 29             Tel  +41 61 826 93 00
CH-4133 Pratteln                Fax  +41 61 826 93 01
Schweiz                         Web  http://www.imp.ch
______________________________________________________

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

[SR-Users] consume_credentials not working on PRACK?