[Kamailio-Devel] [ openser-Feature Requests-2726791 ] check r-r header of reply

Iñaki Baz Castillo ibc at aliax.net
Thu Apr 2 18:58:52 CEST 2009

2009/4/2 Juha Heinanen <jh at tutpro.com>:
> Iñaki Baz Castillo writes:
>  > I don't understand why you mention "uac_replace_from". Isn't enough
>  > the risk of spoofed RR in the 200?
> because if you want to, for example, anonymize from and r-r header gets
> spoofed, uas gets in-dialog requests un-anonymized.

Opsss, so:

- UAC sends a request and proxy changes From.
- UAS replies with spoofed RR and From.
- Next in-dialog request from UAC will arrive to UAS wihtout modified From.

Is it?

Iñaki Baz Castillo
<ibc at aliax.net>

More information about the Devel mailing list