[Serusers] prevent INVITE without REGISTERing

Victor Stanescu victor at gtstelecom.ro
Mon Jul 10 12:49:06 CEST 2006 

Please read "domain" instead of "gtstelecom.ro": www_authorize("domain", 
"subscriber") and proxy_authorize("domain", "subscriber"), otherwise the 
code fragment will not be correct. I forgot to replace with a generic name.

Victor Stanescu wrote:
> I think it is easier to force him to authenticate the INVITE. If he is 
> able to authenticate the INVITE, why do you care if he is registered or 
> not?
> 
> if (method=="REGISTER") {
>     if(!src_ip=="other") {
>         if (!www_authorize("gtstelecom.ro", "subscriber")) {
>             www_challenge("domain", "0");
>             break;
>         };
>         save("location");
>         log("Replicating REGISTER\n");
>         t_replicate("other", "5060");
>     } else {
>         save("location");
>     };
>     break;
> } else {
>     # this is an INVITE
>     if (!proxy_authorize("gtstelecom.ro", "subscriber")) {
>         proxy_challenge("domain", "1");
>         break;
>     };
>     # route the call
>     ...
> };
> 
> İlker Aktuna (Koç.net) wrote:
>>
>> Hi all,
>>  
>> Is it possible to prevent any user calling without registering ? What 
>> is the best way to do this ?
>> I guess I'll have to check if the source URI exists in location table.
>> What is the easiest way to do this ?
>>  
>> If there is a more robust way to do it, please suggest...
>>  
>> Thanks,
>> ilker
>>  
>>
>>
>> <http://387555.sigclick.mailinfo.com/sigclick/000F0500/07044803/01000749/0023725214.jpg> 
>>
>> _____________________________________________________________________________________________________________________________________________ 
>>
>> Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. 
>> Eger bu e-posta mesaji size yanlislikla ulasmissa,  icerigini hic bir 
>> sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen 
>> e-posta mesajini kullaniciya hemen geri gonderiniz  ve  tum 
>> kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir 
>> sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para 
>> karsiligi satilamaz.  Bu e-posta mesaji viruslere karsi anti-virus 
>> sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta 
>> mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - 
>> virus icermedigini garanti etmez ve meydana gelebilecek zararlardan 
>> dogacak hicbir sorumlulugu kabul etmez.
>> This message is intended solely for the use of the individual or 
>> entity to whom it is addressed , and may contain confidential  
>> information. If you are not the intended recipient of this message or 
>> you receive this mail in error, you should refrain from making any use 
>> of the contents and from opening any attachment. In that case, please 
>> notify the sender immediately and return the message to the sender, 
>> then, delete and destroy all copies. This e-mail message, can not be 
>> copied, published or sold for any reason. This e-mail message has been 
>> swept by anti-virus systems for the presence of computer viruses. In 
>> doing so, however,  sender  cannot warrant that virus or other forms 
>> of data corruption may not be present and do not take any 
>> responsibility in any occurrence.
>> _____________________________________________________________________________________________________________________________________________ 
>>
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
> _______________________________________________
> Serusers mailing list
> Serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers

More information about the sr-users mailing list