[OpenSER-Users] Multidomain and in-dialog REFER auth issue

Iñaki Baz Castillo ibc at in.ilimit.es
Mon Oct 15 11:36:03 CEST 2007


El Monday 15 October 2007 11:26:16 Klaus Darilion escribió:
> Authentication of in-dialog requests in SIP is broken - you can not rely
> on the From/To headers.

I can rely on "From" since if I authenticate a caller and do "check_from()" I 
can be sure there is not spoof.

But I need to know the dialog original URI domain in order to allow or not a 
REFER.

Because of this issue I need to store dialog info with original URI.


-- 
Iñaki Baz Castillo
ibc at in.ilimit.es




More information about the Users mailing list