10 Oct
2003
10 Oct
'03
8:51 a.m.
Jiri Kuthan writes:
At iptel, we deploy the latter simple policy:
if (method=="REGISTER") {
if (!www_authorize("iptel.org", "subscriber")) {
# challenge if none or invalid credentials
www_challenge("iptel.org", "0");
break;
};
if (!check_to()) {
log("LOG: To Cheating attempt\n");
sl_send_reply("403", "That is ugly -- use To=id in
REGISTERs");
break;
};
radius_www_authorize includes the above check_to test. it checks that
the host part of To uri matches the realm in digest and passes the user
part as a check item to radius access request.
-- juha