[Kamailio-Devel] [ openser-Feature Requests-2726791 ] check r-r header of reply
Iñaki Baz Castillo
ibc at aliax.net
Thu Apr 2 18:58:52 CEST 2009
2009/4/2 Juha Heinanen <jh at tutpro.com>:
> Iñaki Baz Castillo writes:
>
> > I don't understand why you mention "uac_replace_from". Isn't enough
> > the risk of spoofed RR in the 200?
>
> because if you want to, for example, anonymize from and r-r header gets
> spoofed, uas gets in-dialog requests un-anonymized.
Opsss, so:
- UAC sends a request and proxy changes From.
- UAS replies with spoofed RR and From.
- Next in-dialog request from UAC will arrive to UAS wihtout modified From.
Is it?
--
Iñaki Baz Castillo
<ibc at aliax.net>
More information about the Devel
mailing list