[Serusers] Forwarding to another number if busy
Andy Blen
andy.blen at iptel.org
Fri Jun 6 16:54:27 CEST 2003
At 03:48 PM 6/6/2003, Greg Fausak wrote:
--snip--
>My code looks like:
>
>If(src_ip == my.pstn.gateway.address)
>{
> ...
>}
>Else
>{
> if(!www_authorize())
> {
> www_challenge();
> };
>}
>
>This means that calls can come from my gateway without
>authentication. Later on in the script:
> ...
>
> t_on_negative("9");
> if(!t_relay())
> {
> sl_reply_error();
> break;
> };
>}
>
>reply_route[9]
>{
> log(1,"REPLY_ROUTE:");
> revert_uri();
>
> setuser("nextnumber");
> t_relay();
>}
>
>-----
>
>This logic only works if I get rid of
>my authentication/challenge logic. Because the
>T_relay() src_ip address is NOT the pstn.gateway
>address after the reply_route executes!
? I'm puzzled -- does the script above somehow relate to the problem
you are describing? You only check src_ip in route{} which is called
only once, so why do you care about what happens after reply_route{}?
>So, I tried putting a line in the reply_route that did:
>
>setflag(9);
>
>And changed the beginning of my script:
>
>If(src_ip == my.pstn.gateway.address | isflagset(9))
>{
> ...
>}
>Else
>{
> if(!www_authorize())
> {
> www_challenge();
> };
>}
Why do you re-check authentication in reply_route? The authentication
has been already verified on the original request and it buys no
security to do it again with the same request later.
>This doesn't work. I know the flag was set in the reply_route, but
>it is not recognized in the main script.
I guess neither src_ip nor flag were copied to reply_route context
in 8.10. That should have changed in 8.11, in case you need it.
a.
More information about the sr-users
mailing list