<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hi Anthony,<br>
<br>
That seems like a good plan, too. The attached set of diffs implement
both ways<br>
of checking.<br>
<br>
Cheers --<br>
<br>
Dave<br>
<br>
<blockquote cite="mid:630147.80496.qm@web90608.mail.mud.yahoo.com"
type="cite">
<div
style="font-family: courier,monaco,monospace,sans-serif; font-size: 12pt;">That
approach is pretty good since it gives you a way<br>
to grant a certain extension to a certain user.<br>
<br>
We could also add an option to the sofia profile to insist that <br>
all users must use the same vaule for the username and the auth<br>
username. like <br>
<br>
<param name="inbound-reg-force-matching-username"/><br>
<br>
This is less flexible but easier to setup since it does not <br>
require modification of every user in the directory.<br>
<br>
<br>
<br>
one or both of those solutions seem ok to me, let me know.<br>
<br>
<br>
<br>
<div> <br>
<br>
</div>
<div>Anthony Minessale II<br>
<br>
<span>FreeSWITCH <a moz-do-not-send="true" target="_blank"
href="http://www.freeswitch.org/">http://www.freeswitch.org/</a></span><br>
<span>ClueCon <a moz-do-not-send="true" target="_blank"
href="http://www.cluecon.com/">http://www.cluecon.com/</a></span><br>
<br>
AIM: anthm<br>
<a class="moz-txt-link-abbreviated" href="mailto:MSN:anthony_minessale@hotmail.com">MSN:anthony_minessale@hotmail.com</a><br>
<a class="moz-txt-link-abbreviated" href="mailto:GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com">GTALK/JABBER/PAYPAL:anthony.minessale@gmail.com</a><br>
IRC: irc.freenode.net #freeswitch</div>
<div><br>
FreeSWITCH Developer Conference<br>
<a class="moz-txt-link-freetext" href="sip:888@conference.freeswitch.org">sip:888@conference.freeswitch.org</a><br>
<a class="moz-txt-link-abbreviated" href="mailto:iax:guest@conference.freeswitch.org/888">iax:guest@conference.freeswitch.org/888</a><br>
<a class="moz-txt-link-abbreviated" href="mailto:googletalk:conf+888@conference.freeswitch.org">googletalk:conf+888@conference.freeswitch.org</a><br>
pstn:213-799-1400</div>
<div
style="font-family: courier,monaco,monospace,sans-serif; font-size: 12pt;"><br>
<br>
<div
style="font-family: times new roman,new york,times,serif; font-size: 12pt;">-----
Original Message ----<br>
From: David Knell <a class="moz-txt-link-rfc2396E" href="mailto:dave@3c.co.uk"><dave@3c.co.uk></a><br>
To: <a class="moz-txt-link-abbreviated" href="mailto:freeswitch-users@lists.freeswitch.org">freeswitch-users@lists.freeswitch.org</a><br>
Sent: Wednesday, December 26, 2007 8:02:32 AM<br>
Subject: [Freeswitch-users] SIP users<br>
<br>
Hi all -<br>
<br>
Got a bit of an issue with registering endpoints - these being phones -
<br>
with FS,<br>
which is that the username used for authentication is not necessarily <br>
the same as<br>
the username used for call routing. This is fine if you can trust your
<br>
users<br>
(and their endpoints) to set them to be the same, but I can't. To be <br>
specific,<br>
a dialplan entry such as a bridge to sofia/sip.foo.com/2000%sip.foo.com<br>
will call whoever has set their SIP username to be 2000, which might be
<br>
different<br>
to who's authenticated using an authentication username of 2000.<br>
<br>
Less wordily, any user can get any other user's calls by changing their
<br>
SIP username<br>
to match that user's.<br>
<br>
I've added a few lines to src/mod/endpoints/mod_sofia/sofia_reg.c (see <br>
attached)<br>
to allow the username for an endpoint to be forced to be something, in <br>
the same<br>
way as sip-force-contact allows the contact to be set. A directory <br>
entry might now<br>
look like:<br>
<br>
<section name="directory"><br>
<domain name="testing"><br>
<user id="2000"><br>
<params><br>
<param name="password" value="password" /><br>
</params><br>
<variables><br>
<variable name="sip-force-user" value="2000" /><br>
</variables><br>
</user><br>
</domain><br>
</section><br>
<br>
A couple of questions. Firstly, have I overlooked something blindingly
<br>
obvious<br>
here and am I barking up completely the wrong tree? Assuming not, is <br>
this the<br>
right approach, or should we - instead of forcing the username to be <br>
something -<br>
verify that it is that something and refuse the registration if not?<br>
<br>
Cheers --<br>
<br>
Dave<br>
<br>
<!-- kill -->
<div><br>
<br>
-----Inline Attachment Follows-----<br>
<br>
*** 344,349 ****<br>
--- 344,350 ----<br>
int network_port;<br>
int cd = 0;<br>
const char *call_id = NULL;<br>
+ char *force_user;<br>
<br>
/* all callers must confirm that sip, sip->sip_request and
sip->sip_contact are not NULL */<br>
switch_assert(sip != NULL && sip->sip_contact !=
NULL && sip->sip_request != NULL);<br>
***************<br>
*** 419,424 ****<br>
--- 420,433 ----<br>
char *exp_var;<br>
<br>
register_gateway =
switch_event_get_header(*v_event, "sip-register-gateway");<br>
+<br>
+ /* Allow us to force the SIP user to be
something specific - needed if<br>
+ * we - for example - want to be able to ensure
that the username a UA can<br>
+ * be contacted at is the same one that they
used for authentication.<br>
+ */<br>
+ if ((force_user =
switch_event_get_header(*v_event, "sip-force-user"))) {<br>
+ to_user = force_user;<br>
+ }<br>
<br>
if ((v_contact_str =
switch_event_get_header(*v_event, "sip-force-contact"))) {<br>
if (!strcasecmp(v_contact_str,
"nat-connectile-dysfunction") || !strcasecmp(v_contact_str,
"NDLB-connectile-dysfunction")) {<br>
</div>
</div>
<br>
</div>
</div>
<br>
<hr size="1">Never miss a thing. <a moz-do-not-send="true"
href="http://us.rd.yahoo.com/evt=51438/*http://www.yahoo.com/r/hs">
Make Yahoo your homepage.</a>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Freeswitch-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeswitch-users@lists.freeswitch.org">Freeswitch-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
David Knell, Director, 3C Limited
T: 020 8114 8901 F: 020 8692 0677 M: 07773 800623
<a class="moz-txt-link-freetext" href="http://www.3c.co.uk">http://www.3c.co.uk</a> </pre>
</body>
</html>