4 May
2005
4 May
'05
11:44 a.m.
Hi Juha!
Out of curiosity, how do you handle out-of dialog requests with a
pre-set route? If I would allow them, I would handle it this way:
if (loose_route) {
if to-tag {
# in-dialog, faked messages must
# be handled by next hop
t_relay
break;
}
# out-of dialog request
if method==CANCEL {
# that's fine
t_relay()
break;
}
# check if it is a local user
if is_from_local {
if proxy_authorize {
t_relay
} else {
proxy_challenge
}
break;
}
# don't use my proxy to relay
sl_send_reply("403","Relaying not allowed")
break;
}
Juha Heinanen wrote:
Klaus Darilion writes:
Thus, although the client is registered to C, C
can not authenticate the
INVITE as the domain enum.at does not appear in From: or To:
Proxy B (iptel.org) may request authentication from my client (as From:
conatins iptel.org). But my stupid SIP phone can not authenticate
against iptel while registered to enum.at
klaus,
i guess you misunderstood me. my original question was this:
If there is not tog-tag, I will reject the
request.
what is the benefit of rejecting the request instead of calling
loose_route() and then doing your normal (out-of-dialog) checks to the
request?
i never suggested that you should try to authenticate in-dialog requests
(which do have to-tag). what i questioned is why you would reject an
INITIAL request, just because it includes a Route header, and you still
haven't answered THAT question.
-- juha