12 Aug
2005
12 Aug
'05
3:45 p.m.
Hummm...It seems my email didn't interested anybody...
Let's try another sub-question.
Yesterday I read the specification of the Remote-Party-ID header field
and it says that it is used "When an untrusted UAC sends an INVITE,
OPTIONS, REGISTER or extension method request". That is EVERY method
(even unknown ones) except ACK, BYE and CANCEL.
It make sense to me to follow the same rule for the authentication,
because those three methods are in practice "responses" to previous
actions, and so shouldn't be blocked.
Do you agree?
Thanks.
Federico Giannici wrote:
I'm relatively new to SIP and I'm learning how
to configure SER for a
little ISP.
I'm currently asking myself when we should authenticate users.
Obviously, I don't wont to have an open-relay SIP server. So I'm
thinking that I have to authenticate users for every message that comes
and that have a "From:" header that matches one of our domains.
Is this correct?
Then I have to call check_to() for REGISTER messages and check_from()
for all the others.
Is this correct?
So here it is a scheme of the logic I'm going to implement.
Do you think is correct?
IF uri == myself
IF method == REGISTER
www_authenticate()
check_to()
save()
ELSE
IF From == myself
proxy_authenticate()
check_from()
Normal processing
ELSE
IF From == myself
proxy_authenticate()
check_from()
t_relay()
ELSE
Error!
Thanks.
--
___________________________________________________
__
|- giannici(a)neomedia.it
|ederico Giannici http://www.neomedia.it
___________________________________________________