[OpenSER-Users] Multidomain and in-dialog REFER auth issue

Klaus Darilion klaus.mailinglists at pernau.at
Mon Oct 15 22:35:34 CEST 2007


Iñaki Baz Castillo wrote:
> El Monday 15 October 2007 12:12:44 Klaus Darilion escribió:
>> What exactly do you want to achieve? Do you want to allow REFER only
>> intradomain?
> 
> Exactly.
> - Imagine you admin a OpenSer that gives service to 2 independent companies 
> (domain_A and domain_B).
> - Imagine a user_A of domain_A calls to a user_B of domain_B.
> - During the call user_A does REFER.
> - OpenSer requires auth por REFER, so user_A sends auth (it can since it's a 
> local user).
> - So finally user_B is transferred by an external user. Of course this is not 
> tolerable.
> 
> So I need to allow a REFER just if the caller and called are in the same 
> domain, but REFER is in-dialog so there is not domain name in the URI.


just an idea: check if $fd of REFER is identical to domain in REFER to 
header - if not -> reject it.

Further, if B's phone send out the new INVITE, if $rd != $fd then do not 
send the call to the gateway.

regards
klaus




More information about the Users mailing list