On 12/14/06 19:42, Jiri Kuthan wrote:
[...]
Hi,
How would one determine if the From address equals the To address, or even
better, if the To address is either the same as or an alias of the From
address?
copy from uri into an AVP, copy to URI into an AVP, compare the AVPs (avp_check)
should work without the need of copy
avp_check("$fu","eq/$tu/i")
http://www.openser.org/docs/modules/1.2.x/avpops.html#AEN384
Attached is an snipplet of SER/ottendorf authenticational policy, which does
that
in a -- I believe -- more comprehensible manner. It checks if URI exists, if
so, it
checks whether the user as identified in his digest credentials is allowed to
use URI as in To header field, and it optionally checks From header field too.
Thanks for your input. 'users' mailing list is mainly for discussion
related stable releases, and avp_check("$fu","eq/$tu/i") is in OpenSER
stable since long time ago - pseudo-variables in OpenSER were introduced
in summer 2005 and become stable in October 2005, with version 1.0.0.
# check if the authenticated user is the same as the target user
if (!lookup_user("$t.uid", "@to.uri")) {
sl_send_reply("404", "Unknown user in To");
drop;
}
if ($f.uid != $t.uid) {
sl_send_reply("403", "Authentication and To-Header
mismatch");
drop;
}
[...]
Full config
file:http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/etc/ser.cfg?rev=HEAD&content-type=text/vnd.viewcvs-markup
Alas, it relies on ser/ottendorf and to my best knowledge the select feature on
which this script is based, is not available in openser. We are actively
considering
contributing select from ser to openser to avoid too big mismatches in both
projects' config files, but that unfortunately appears unlikely during this
busy end of year.
We welcome any contribution, please follow the rules from OpenSER site:
http://www.openser.org/index.php?option=com_content&task=view&id=32&Itemid=46
OpenSER pseudo-variables were designed for extensibility, as scalable
and flexible framework, for a dynamic information access. There is a
well defined plan for its future development -- features will be added
as needed, the next release (see the roadmap for timelines) will bring a
lot here. In my opinion, having them in two stable releases by now,
proves the stability and maturity, introducing something from an
under-development system is not very much justified.
If you decide to contribute to openser pseudo-variables system, openser
is 'open' :-), patches can be directly submitted to:
http://sourceforge.net/tracker/?group_id=139143
Cheers,
Daniel
-jiri
--
Jiri Kuthan http://iptel.org/~jiri/
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
