Revision 13330 introduced a new behavior which challenges known system users. I think it is a step in the right direction. One comment on the actual implementation: It may not be safe to keep the Authorization header, which is a result of the challenge/response exchange, in the request as it leaves the sipXproxy towards the destination.
In the past only requests that take an "expensive" route were challenged and as a result gateways/SIP trunk destinations were typically the targets of requests that carry Authorization headers. Now most requests routed towards SIP UAs carry Authorization headers. Authorization headers contain very valuable information. If I receive a SIP request with Authorization header generated by user X, such that the Authorization header was generated within the last 5 minutes, I can turn around and craft an outgoing SIP request replaying the Authorization header. The response will be accepted by sipXproxy and permissions of user X will be applied to my request. Perhaps it would be safer to strip the Authorization header once sipXproxy is finished with the routing decision making and before the request leaves sipX to the wire. Thanks, Mark. _______________________________________________ sipx-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-dev Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev
