2011/4/11 Daniel-Constantin Mierla <mico...@gmail.com>: > first, skipping authentication for within dialog requests in default > configuration file comes mainly from the early years when not many sip > endpoints supported that. But can be done, of course and perhaps it should > be enabled (or at least added as a #!define option)
I don't think that is a good option. It would break lot of scenarios: - An incoming INVITEl with RURI sip:al...@domain.org and To URI sip:2...@domain.org arrives to Kamailio which does lookup and routes the call to alice. - The call is established. - Later alice sends a REFER or a re-INVITE. Note that the request would contain "From: sip:2...@domain.org" (even if the AoR of alice us "sip:al...@domain.org". This is because From/To URI are usually unchanged whithin a dialog. - Kamailio ask for authentication to such REFER or re-INVITE. - alice's device adds "Proxy-Authorization: Digest username="alice", .....". - If Kamailio does "check_from" the request would be rejected (as "alice" doesn't match "200"). -- Iñaki Baz Castillo <i...@aliax.net> _______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
