[Kamailio-Devel] [ openser-Feature Requests-2726791 ] check r-r header of reply
Iñaki Baz Castillo
ibc at aliax.net
Thu Apr 2 18:45:41 CEST 2009
2009/4/2 Juha Heinanen <jh at tutpro.com>:
> Iñaki Baz Castillo writes:
> > In case c), there is nothing to do.
>
> uac could check that 200 ok came from the same address where it send
> the invite.
Not sure of that. Imagine two proxies doing load balancing and adding
a SRV record in the VIA.
Proxy_1 routes a request to UAS and crashes so when UAS sends the 200
to the "received" address it will fail (ICMP error) and since it
doesn't receive ACK it must re-sed the 200 to the address in Via. This
is a SRV record so now it gets Proxy_2, sends the 200 there and
Proxy_2 routes it to UAC. This 200 arrives to UAC from an address
different than the destination.
Well, I hate what I've said. It's just a hyper-exotic and useless
specification in RFC3261. XD
Some phones (as Linksys) include an option to drop SIP traffic from
any address but the configured proxy/outbound-proxy.
> my point is that IF uac receives a reply from its proxy, it must be able
> to trust its r-r header.
>
> now proxy does not do any checking and as result, uac_replace_from
> function, for example, is totally useless.
I don't understand why you mention "uac_replace_from". Isn't enough
the risk of spoofed RR in the 200?
Regards.
--
Iñaki Baz Castillo
<ibc at aliax.net>
More information about the Devel
mailing list