Re: [Serusers] Check_from()

10 Oct 2003


      Jiri Kuthan writes:
...
At iptel, we deploy the latter simple policy:
if (method=="REGISTER") {
        if (!www_authorize("iptel.org", "subscriber")) {
            # challenge if none or invalid credentials
            www_challenge("iptel.org", "0");
            break;
        };
       if (!check_to()) {
            log("LOG: To Cheating attempt\n");
            sl_send_reply("403", "That is ugly -- use To=id in REGISTERs");
            break;
        };
radius_www_authorize includes the above check_to test.  it checks that
the host part of To uri matches the realm in digest and passes the user
part as a check item to radius access request.
-- juha

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

Re: [Serusers] Check_from()