[Freeswitch-users] SIP users
Anthony Minessale
anthmct at yahoo.com
Wed Dec 26 15:29:09 PST 2007
That approach is pretty good since it gives you a way
to grant a certain extension to a certain user.
We could also add an option to the sofia profile to insist that
all users must use the same vaule for the username and the auth
username. like
<param name="inbound-reg-force-matching-username"/>
This is less flexible but easier to setup since it does not
require modification of every user in the directory.
one or both of those solutions seem ok to me, let me know.
Anthony Minessale II
FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/
AIM: anthm
MSN:anthony_minessale at hotmail.com
GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
IRC: irc.freenode.net #freeswitch
FreeSWITCH Developer Conference
sip:888 at conference.freeswitch.org
iax:guest at conference.freeswitch.org/888
googletalk:conf+888 at conference.freeswitch.org
pstn:213-799-1400
----- Original Message ----
From: David Knell <dave at 3c.co.uk>
To: freeswitch-users at lists.freeswitch.org
Sent: Wednesday, December 26, 2007 8:02:32 AM
Subject: [Freeswitch-users] SIP users
Hi all -
Got a bit of an issue with registering endpoints - these being phones -
with FS,
which is that the username used for authentication is not necessarily
the same as
the username used for call routing. This is fine if you can trust your
users
(and their endpoints) to set them to be the same, but I can't. To be
specific,
a dialplan entry such as a bridge to sofia/sip.foo.com/2000%sip.foo.com
will call whoever has set their SIP username to be 2000, which might be
different
to who's authenticated using an authentication username of 2000.
Less wordily, any user can get any other user's calls by changing their
SIP username
to match that user's.
I've added a few lines to src/mod/endpoints/mod_sofia/sofia_reg.c (see
attached)
to allow the username for an endpoint to be forced to be something, in
the same
way as sip-force-contact allows the contact to be set. A directory
entry might now
look like:
<section name="directory">
<domain name="testing">
<user id="2000">
<params>
<param name="password" value="password" />
</params>
<variables>
<variable name="sip-force-user" value="2000" />
</variables>
</user>
</domain>
</section>
A couple of questions. Firstly, have I overlooked something blindingly
obvious
here and am I barking up completely the wrong tree? Assuming not, is
this the
right approach, or should we - instead of forcing the username to be
something -
verify that it is that something and refuse the registration if not?
Cheers --
Dave
-----Inline Attachment Follows-----
*** 344,349 ****
--- 344,350 ----
int network_port;
int cd = 0;
const char *call_id = NULL;
+ char *force_user;
/* all callers must confirm that sip, sip->sip_request and
sip->sip_contact are not NULL */
switch_assert(sip != NULL && sip->sip_contact != NULL &&
sip->sip_request != NULL);
***************
*** 419,424 ****
--- 420,433 ----
char *exp_var;
register_gateway =
switch_event_get_header(*v_event, "sip-register-gateway");
+
+ /* Allow us to force the SIP user to be
something specific - needed if
+ * we - for example - want to be able to ensure
that the username a UA can
+ * be contacted at is the same one that they
used for authentication.
+ */
+ if ((force_user =
switch_event_get_header(*v_event, "sip-force-user"))) {
+ to_user = force_user;
+ }
if ((v_contact_str =
switch_event_get_header(*v_event, "sip-force-contact"))) {
if (!strcasecmp(v_contact_str,
"nat-connectile-dysfunction") || !strcasecmp(v_contact_str,
"NDLB-connectile-dysfunction")) {
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20071226/3a0f2610/attachment-0002.html
More information about the FreeSWITCH-users
mailing list