[OpenSER-Users] Multidomain and in-dialog REFER auth issue
Klaus Darilion
klaus.mailinglists at pernau.at
Mon Oct 15 12:12:44 CEST 2007
Iñaki Baz Castillo schrieb:
> El Monday 15 October 2007 11:26:16 Klaus Darilion escribió:
>> Authentication of in-dialog requests in SIP is broken - you can not rely
>> on the From/To headers.
>
> I can rely on "From" since if I authenticate a caller and do "check_from()" I
> can be sure there is not spoof.
>
> But I need to know the dialog original URI domain in order to allow or not a
> REFER.
>
> Because of this issue I need to store dialog info with original URI.
What exactly do you want to achieve? Do you want to allow REFER only
intradomain?
klaus
More information about the Users
mailing list