[sr-dev] Re: [kamailio/kamailio] [WIP] ims_registrar_pcscf,ims_qos: added a parameter for trusting the bottom Via header on requests (PR #3891)

I don't have a link... but it seems logical to me. Imagine a scenario where Alice is registered. She then proceeds to send an MESSAGE with Contact: bob, Via: bob. If we identify the UE by the Contact or Via, we've just let an impersonation attack go through. Sure, there are a lot of things that need to be faked, etc, but from a security stand-point, I'm thinking that the P-CSCF should only identify the UE based on the source IP address and port of the SIP package. The IPsec functionality must also ensure that the UE didn't do IP spoofing (e.g. Alice injected a packet on her SPI, with a source IP from Bob, which is normally prevented by EPC/5GC). P.S. My PR is not trying to get compliance with this whole point. I'm actually offloading the IPsec work to an external entity, which guarantees that the bottom Via is not spoofed. So I'm adding an optional "trust-the-bottom-Via" flag. -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/pull/3891#issuecomment-2186471882 You are receiving this because you are subscribed to this thread. Message ID: <kamailio/kamailio/pull/3891/c2186471882(a)github.com>