31 Jul
2003
31 Jul
'03
12:47 p.m.
I know Jan won't be happy for this question because it may look simple.
But I have tried everything I can and after failing I decided to ask it
here.
I have realized that SER checks the username and password when a UA sends a
REGISTER command but it doesn't check the password when a user sends a
INVITE command.
This makes SER accept calls from people who did not even register.
This is true because my GATEWAY doesn't register with SER but I can make
calls from PSTN to my IP network.
So, my question is: HOW do I instruct SER to check the username and password
of the CALLER?
Thanks,
__________________________________
NZEYIMANA Emery Fabrice
NEFA Computing Services, Inc.
P.O. Box 5078 Kigali
Office Phone: +250-51 11 06
Office Fax: +250-50 15 19
Mobile: +250-08517768
Email: dg(a)nefacomp.net
http://www.nefacomp.net/
31 Jul
31 Jul
1:45 p.m.
On 31-07 12:47, Director General: NEFACOMP wrote:
I know Jan won't be happy for this question
because it may look simple.
But I have tried everything I can and after failing I decided to ask it
here.
No, I am fine with any question as long it is related to ser.
I have realized that SER checks the username and
password when a UA sends a
REGISTER command but it doesn't check the password when a user sends a
INVITE command.
Yes.
This makes SER accept calls from people who did not
even register.
Yes, you must accept such calls otherwise people who are, for
example, registered at another proxy, won't be able to call your
registered users.
This is true because my GATEWAY doesn't register
with SER but I can make
calls from PSTN to my IP network.
So, my question is: HOW do I instruct SER to check the username and password
of the CALLER?
if (method=="INVITE") {
if (!proxy_authorize("your.domain", "subscriber")) {
proxy_challenge("your.domain", "0");
break;
};
};
Jan.
1:55 p.m.
On Jul 31, 2003 at 12:47, Director General: NEFACOMP <dg(a)nefacomp.net> wrote:
Andrei
I know Jan won't be happy for this question
because it may look simple.
But I have tried everything I can and after failing I decided to ask it
here.
I have realized that SER checks the username and password when a UA sends a
REGISTER command but it doesn't check the password when a user sends a
INVITE command.
You have in your cfg. file something like:
if (method=="REGISTER") {
if (!www_authorize("iptel.org", "subscriber"))
{
www_challenge("iptel.org", "0");
break;
};
This will challenge only the registers.
Change if (method=="REGISTER") to if (method=="REGISTER" ||
method=="INVITE")
a.s.o.
Note however that you will be able to receive calls only from users
registered with your proxy.
If you plan to allow only "authorized" requests be carefull not to
challenge ACKs and CANCELs (they must not be challenged), e.g:
if (method!="ACK" && method!="CANCEL") {
[...]
1:57 p.m.
On 31-07 12:55, Andrei Pelinescu-Onciul wrote:
On Jul 31, 2003 at 12:47, Director General: NEFACOMP
<dg(a)nefacomp.net> wrote:
There is a special measure for that in auth module, it will never
challenge ACKs and CANCELs, it will always return that the
authentication was sucessful.
Jan.
I know Jan won't be happy for this question
because it may look simple.
But I have tried everything I can and after failing I decided to ask it
here.
I have realized that SER checks the username and password when a UA sends a
REGISTER command but it doesn't check the password when a user sends a
INVITE command.
You have in your cfg. file something like:
if (method=="REGISTER") {
if (!www_authorize("iptel.org", "subscriber"))
{
www_challenge("iptel.org", "0");
break;
};
This will challenge only the registers.
Change if (method=="REGISTER") to if (method=="REGISTER" ||
method=="INVITE")
a.s.o.
Note however that you will be able to receive calls only from users
registered with your proxy.
If you plan to allow only "authorized" requests be carefull not to
challenge ACKs and CANCELs (they must not be challenged), e.g:
if (method!="ACK" && method!="CANCEL") {
7785
days inactive
7785
days old
3 comments
3 participants
participants (3)
-
Andrei Pelinescu-Onciul -
Director General: NEFACOMP -
Jan Janak