El Viernes, 8 de Febrero de 2008, Juha Heinanen escribió: > Iñaki Baz Castillo writes: > > How to avoid it? how to avoid anyone sending a malicious BYE with > > From&To tags and Call-ID from any other already ended call? > > if you somehow can get hold of that information regarding a call, it is > hard to prevent its misuse. regarding your accounting problem, perhaps > update is not a good idea and it would be better to store stop records > separately from start records.
Not necesarialy. With some SQL conditions it's possible to avoid new and fraudulent UPDATE's: First BYE -> STOP action -> SQL query: ----------------------------------------------------------- UPDATE radacct SET [...] ConnectInfo_stop = '' WHERE [...] AND ConnectInfo_stop IS NULL ----------------------------------------------------------- Second BYE -> STOP action -> SQL query ----------------------------------------------------------- UPDATE radacct SET [...] ConnectInfo_stop = '' WHERE [...] AND ConnectInfo_stop IS NULL ----------------------------------------------------------- The second query has no effect since ConnectInfo_stop is not NULL now. The above code is already implements in "sql.conf" (at least in CDRTool proposed configuration). The issue I have reported occurs when there is not the first BYE (UAC crashes). Then MediaProxy sends an UPDATE that doesn't set ConnectInfo_stop = '' (and it shouldn't do it). So a malicious BYE could arrive much time later and perform succesfully the SQL STOP action and increase call duration. But playing a bit with UPDATE action SQL and STOP action SQL it's possible to avoid this issue (in fact I've sent a patch solving it just now). Best regards. -- Iñaki Baz Castillo _______________________________________________ Users mailing list [email protected] http://lists.openser.org/cgi-bin/mailman/listinfo/users
