[sr-dev] git:master: kamailio.cfg: tighten the auth checks for PUBLISH

Daniel-Constantin Mierla miconda at gmail.com
Fri Mar 4 21:50:55 CET 2011


Module: sip-router
Branch: master
Commit: 8d16577bbcdd7bd84f1767bba76749083c2518fa
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=8d16577bbcdd7bd84f1767bba76749083c2518fa

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date:   Fri Mar  4 21:44:15 2011 +0100

kamailio.cfg: tighten the auth checks for PUBLISH

- based on a patch by Klaus Darilion

---

 etc/kamailio.cfg |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg
index 6d39ee9..5e6d9f7 100644
--- a/etc/kamailio.cfg
+++ b/etc/kamailio.cfg
@@ -677,10 +677,20 @@ route[AUTH] {
 			}
 			if (is_method("PUBLISH"))
 			{
-				if ($au!=$tU) {
+				if ($au!=$fU || $au!=$tU) {
 					sl_send_reply("403","Forbidden auth ID");
 					exit;
 				}
+				if ($au!=$rU) {
+					sl_send_reply("403","Forbidden R-URI");
+					exit;
+				}
+#!ifdef WITH_MULTIDOMAIN
+				if ($fd!=$rd) {
+					sl_send_reply("403","Forbidden R-URI domain");
+					exit;
+				}
+#!endif
 			} else {
 				if ($au!=$fU) {
 					sl_send_reply("403","Forbidden auth ID");




More information about the sr-dev mailing list