[Kamailio-Users] uac_replace_from check
Juha Heinanen
jh at tutpro.com
Wed Apr 1 12:35:50 CEST 2009
Daniel-Constantin Mierla writes:
> Indeed, there can be an extra check there. Not sure how much protection
> it adds here. When X calls Y, if caller is trusted (e.g., auth user,
> trusted peer) then either call goes to costly resource (PSTN) that is
> also trusted, to a local user or untrusted destination, case in which
> you route only if does not cost you anything. If local users are not
> trustable and use "custom UA", then replies can go to first Via,
> skipping the rest of Via stack, ignoring negative replies after 200ok.
> Unless there is symmetric nat and they are forced to use the proxy, the
> safest will be a b2bua.
i don't understand, how the above relates to the security issue that i
brought up. it has nothing to do with cost, but a possibility to make
uac send in-dialog requests so that they by-pass the proxy. nasty
things documented earlier can happen if that is not prevented.
> Say you get a 200OK to an INVITE with spoofed r-r, should it be
> dropped?
definitely yes. there could, for example, be a flag that tells if the
check needs to be done, so that you don't waste resources needlessly if
uas is trusted.
-- juha
More information about the Users
mailing list