On 25 March 2010 21:57, Alex Balashov <abalashov@evaristesys.com> wrote:

On 03/25/2010 05:53 PM, dotnetdub wrote:

Attached:

if(is_uri_host_local()) {
if(!allow_trusted()) {
if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}

else if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}
}

else {
sl_send_reply("403", "Forbidden");
exit;
}
}

append_rpid_hf();

consume_credentials();

There is no guarantee that either append_rpid_hf() or consume_credentials() runs if and only if proxy_authorize() was called.

Also, it is not clear why check_from() is at a relationship of logical disjunction vis-a-vis to proxy_authorize(). While not incorrect, it obfuscates the flow.

Try this and see if the problem continues:

if(is_uri_host_local()) {

if(!allow_trusted()) {

if(!proxy_authorize("", "subscriber")) {
proxy_challenge("", "1");
exit;
}

if(!check_from()) {
sl_send_reply("403", "Forbidden");
exit;
}

append_rpid_hf();
consume_credentials();
}

else {
sl_send_reply("403", "Forbidden");
exit;
}
}

--
Alex Balashov - Principal
Evariste Systems LLC

Tel : +1 678-954-0670
Direct : +1 678-954-0671
Web : http://www.evaristesys.com/