[Serusers] Routing users to other SIP server

Iqbal iqbal at gigo.co.uk
Mon Oct 10 12:53:18 CEST 2005 

I read the the first line without the word "this" almost fell backwards 
off my chair.....

I have looked into this also, the second sip server you need to ensure 
that no auth is done, but then this means you need to be able to trust 
what is coming from the first ser, which can be done in terms of IP, but 
then this can be spoofed.

What would be nice is to have SER itself authenticate, i.e instead of 
each call being authenticaterd, autheticate the entire box, and then 
possibly have a open connection between the two, which if no traffic 
passes for sometime is dropped, and then re-intiated when next call 
comes in.

Iqbal

Mark Aiken wrote:

> I've just been playing with this myself.
>
> There is a function, uac_auth, in the uac module which can be used to 
> authenticate a challenge from another SIP server. Unfortunately it has 
> the following problems:
>
> 1. Does not handle increment of the cseq. At least in my experience 
> this causes authentication failure, you may have better luck.
> 2. Missing quotes in the auth header sent by the other server causes 
> parse errors.
> 3. Digest comparison is case sensitive (DIGEST in auth header causes 
> parse error).
>
> 2 and 3 are easy to fix but 1 is a major problem for SER as there is 
> no dialog state kept between requests.
>
>
> Mark
>
> On 10/7/05, *KaveH Aasaraai* <asi_ka at yahoo.com 
> <mailto:asi_ka at yahoo.com>> wrote:
>
>     Hi,
>
>     I was wondering how I can route my SER users to other
>     SIP servers, without need of authentication to  other
>     server.
>
>     I mean this:
>
>     My User -> Auth -> My SER
>
>     My SER -> Auth -> Other SIP Server
>
>
>     My User --------make call--------> My SER
>     --------route call-------> Other SIP Server
>
>
>     Thank you.
>
>     Kaveh
>
>
>
>
>     __________________________________
>     Yahoo! Mail - PC Magazine Editors' Choice 2005
>     http://mail.yahoo.com
>
>     _______________________________________________
>     Serusers mailing list
>     serusers at lists.iptel.org <mailto:serusers at lists.iptel.org>
>     http://lists.iptel.org/mailman/listinfo/serusers
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Serusers mailing list
>serusers at lists.iptel.org
>http://lists.iptel.org/mailman/listinfo/serusers
>  
>

More information about the sr-users mailing list