[sr-dev] git:andrei/cancel_reason: tm: Reason header copy for received CANCELs
Iñaki Baz Castillo
ibc at aliax.net
Wed Mar 3 16:20:00 CET 2010
El Miércoles, 3 de Marzo de 2010, Andrei Pelinescu-Onciul escribió:
> On Mar 02, 2010 at 20:10, I?aki Baz Castillo <ibc at aliax.net> wrote:
> > El Martes, 2 de Marzo de 2010, Andrei Pelinescu-Onciul escribi?:
> > > tm: Reason header copy for received CANCELs
> > >
> > > When canceling branches due to a received CANCEL, use the Reason
> > > headers in the received CANCEL (all the Reason headers from the
> > > received CANCEL will be copied in the generated CANCELs, see
> > > RFC3326 for more details).
> >
> > Hi Andrei, great addition. However there could be a minor security issue:
> >
> > Perhaps it wouldn't be safe to propagate any Reason header coming in a
> > CANCEL from any sender (imagine you receive a malicius call at 5 o'clock
> > in the night and the hacker added "Reason" header to the CANCEL so you
> > don't find that call in the missed calls list of the phone).
> >
> > - This local policy could be implemented as follows:
> >
> > a) Enabling a flag in t_relay() that only makes sense for CANCEL rather
> > than INVITE, so:
>
> I've added support for it. It can be turned on/off per transaction by
> using t_set_no_e2e_cancel_reason(0|1). The default state is controlled
> by e2e_cancel_reason modparam or runtime config variable
> (e.g. sercmd cfg.set_now_int tm e2e_cancel_reason 0 # disable).
Great :)
> > if (is_method("CANCEL")) {
> > if ($si == MY_APPLICATION_SERVER_IP)
> > # Allow propagating "Reason" header.
> > t_relay(0x12);
>
> ^^^^^^^^^^^^^
> this would look like this:
> t_set_no_e2e_cancel_reason(1);
> t_relay();
>
> > else
> > t_relay();
> > }
>
> Note that you could use t_set_no_e2e_cancel_reason() at any time, before
> or after creating the transaction.
So this can be set during INVITE transaction, right? this is really better
than what I suggested.
> local_cancel_reason can be turned on/off independently, but only
> globally (I couldn't find any reason for wanting to do it per
> transaction).
Neither me as such "Reason" header is trusted (it has been created locally by
SR, so it's safe to allow it always).
Thanks a lot.
--
Iñaki Baz Castillo <ibc at aliax.net>
More information about the sr-dev
mailing list