1 Apr
2009
1 Apr
'09
1:35 p.m.
Daniel-Constantin Mierla writes:
Indeed, there can be an extra check there. Not sure
how much protection
it adds here. When X calls Y, if caller is trusted (e.g., auth user,
trusted peer) then either call goes to costly resource (PSTN) that is
also trusted, to a local user or untrusted destination, case in which
you route only if does not cost you anything. If local users are not
trustable and use "custom UA", then replies can go to first Via,
skipping the rest of Via stack, ignoring negative replies after 200ok.
Unless there is symmetric nat and they are forced to use the proxy, the
safest will be a b2bua.
i don't understand, how the above relates to the security issue that i
brought up. it has nothing to do with cost, but a possibility to make
uac send in-dialog requests so that they by-pass the proxy. nasty
things documented earlier can happen if that is not prevented.
Say you get a 200OK to an INVITE with spoofed r-r,
should it be
dropped?
definitely yes. there could, for example, be a flag that tells if the
check needs to be done, so that you don't waste resources needlessly if
uas is trusted.
-- juha