Module: sip-router
Branch: master
Commit: 8d16577bbcdd7bd84f1767bba76749083c2518fa
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=8d16577…
Author: Daniel-Constantin Mierla <miconda(a)gmail.com>
Committer: Daniel-Constantin Mierla <miconda(a)gmail.com>
Date: Fri Mar 4 21:44:15 2011 +0100
kamailio.cfg: tighten the auth checks for PUBLISH
- based on a patch by Klaus Darilion
---
etc/kamailio.cfg | 12 +++++++++++-
1 files changed, 11 insertions(+), 1 deletions(-)
diff --git a/etc/kamailio.cfg b/etc/kamailio.cfg
index 6d39ee9..5e6d9f7 100644
--- a/etc/kamailio.cfg
+++ b/etc/kamailio.cfg
@@ -677,10 +677,20 @@ route[AUTH] {
}
if (is_method("PUBLISH"))
{
- if ($au!=$tU) {
+ if ($au!=$fU || $au!=$tU) {
sl_send_reply("403","Forbidden auth ID");
exit;
}
+ if ($au!=$rU) {
+ sl_send_reply("403","Forbidden R-URI");
+ exit;
+ }
+#!ifdef WITH_MULTIDOMAIN
+ if ($fd!=$rd) {
+ sl_send_reply("403","Forbidden R-URI domain");
+ exit;
+ }
+#!endif
} else {
if ($au!=$fU) {
sl_send_reply("403","Forbidden auth ID");