Andreas,
Not sure about the registration, but for allowing calls with different CLI then the auth-user, you could maintain a list of allowed CLIs per user in usr_preferences. Let's assume you store them as integer-avp 345, then something like this could work for invites:
I've never used AVP so far, so I'll have to ask some (possibly) newbie questions ;-)
So I add to usr_preferences rows with the following contents?
user=A, domain=DOMAIN, attribute=345, type=integer, value=ALIAS_B, ALIAS_C
Or multiple rows? But then I get into trouble with the primary key on this table...
# authenticate, load usr_preferences, then: if(!check_fom() && !avp_check("$fU", "eq/$avp(i:345/g")) { sl_send_reply("403", "Invalid CLI"); }
The check could be modified for registers as well, of course.
Naturally, once the above works, I can do the same for handling the INVITES
And note that From is not the only way to transport CLIs, also check for P-Preferred/Asserted-Identity and Remote-Party-ID.
I know, but unfortunately I don't seem to have UA's that use these methods a lot.