[OpenSER-Users] Multidomain and in-dialog REFER auth issue
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Oct 15 12:12:44 CEST 2007
Iñaki Baz Castillo schrieb:
> El Monday 15 October 2007 11:26:16 Klaus Darilion escribió:
>> Authentication of in-dialog requests in SIP is broken - you can not rely
>> on the From/To headers.
>
> I can rely on "From" since if I authenticate a caller and do "check_from()" I
> can be sure there is not spoof.
>
> But I need to know the dialog original URI domain in order to allow or not a
> REFER.
>
> Because of this issue I need to store dialog info with original URI.
What exactly do you want to achieve? Do you want to allow REFER only
intradomain?
klaus
More information about the sr-users
mailing list