The re-INVITE is a new transaction on an existing dialog Kamailio acts as a proxy so in general it doesn't care about the dialog state ( even if you involve the dialog module - it still doesn't care ) Mostly re-INVITE should contain all information to how to reach the endpoint ( in Route headers) ( if topology hiding isn't involved, but if it is involved then the server knows about the dialog anyway )
So, if you receive a re-INVITE with Route set where your proxy is involved - you may consider this request belongs existing dialog and avoid authentication as it contains to and from tags, as well as the same Call-ID, which fully describes a particular session, into which your proxy is involved. Even according https://www.rfc-editor.org/rfc/rfc3261.html#section-12.2 re-INVITEs MAY contain Record-Route headers, it would not affect the initial Routes set. вт, 19 сент. 2023 г. в 11:00, Benoit Panizzon <[email protected]>: > Hi List > > At the moment, we challenge every invite (and re-invite) to make sure > the customer is authenticated. > > Now we have one kind of PBX, which never does not authenticate when we > challenge a Re-Invite. > > According to the vendor of that PBX's RFC interpretation, answering a > challenge to a re-invite is optional. If that is ignored by the PBX, > then the existing established dialog shall not end. > > Unfortunately this causes the session timer to run out. > > I am therefore wondering, if there is a safe way not to challenge > re-invites. > > A Re-Invite contains a To-Tag. So I could bypass authentication on > presence of a to-Tag. But then, how do I prevent a customer to just set > a spoofed To-Tag to circumvent authentication? > > Is there a feasible way? > > Mit freundlichen Grüssen > > -Benoît Panizzon- > -- > I m p r o W a r e A G - Leiter Commerce Kunden > ______________________________________________________ > > Zurlindenstrasse 29 Tel +41 61 826 93 00 > CH-4133 Pratteln Fax +41 61 826 93 01 > Schweiz Web http://www.imp.ch > ______________________________________________________ > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: >
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
