Browse code

introduce proxy_sticky_auth feature

thanks to Tobias Lindgren for reporting

Stefan Sayer authored on 26/10/2010 14:53:59
Showing 4 changed files
... ...
@@ -71,6 +71,7 @@ int          AmConfig::LocalSIPPort            = 5060;
71 71
 string       AmConfig::LocalSIPIP              = "";
72 72
 string       AmConfig::OutboundProxy           = "";
73 73
 bool         AmConfig::ForceOutboundProxy      = false;
74
+bool         AmConfig::ProxyStickyAuth         = false;
74 75
 string       AmConfig::Signature               = "";
75 76
 unsigned int AmConfig::MaxForwards             = MAX_FORWARDS;
76 77
 bool	     AmConfig::SingleCodecInOK	       = false;
... ...
@@ -286,6 +287,10 @@ int AmConfig::readConfiguration()
286 287
   if(cfg.hasParameter("force_outbound_proxy")) {
287 288
     ForceOutboundProxy = (cfg.getParameter("force_outbound_proxy") == "yes");
288 289
   }
290
+
291
+  if(cfg.hasParameter("proxy_sticky_auth")) {
292
+    ProxyStickyAuth = (cfg.getParameter("proxy_sticky_auth") == "yes");
293
+  }
289 294
   
290 295
   // plugin_path
291 296
   if (cfg.hasParameter("plugin_path"))
... ...
@@ -102,6 +102,8 @@ struct AmConfig
102 102
   static string OutboundProxy;
103 103
   /** force Outbound Proxy to be used for in dialog requests */
104 104
   static bool ForceOutboundProxy;
105
+  /** update ruri-host to previously resolved IP:port on SIP auth */
106
+  static bool ProxyStickyAuth;
105 107
   /** Server/User-Agent header (optional) */
106 108
   static string Signature;
107 109
   /** Value of Max-Forward header field for new requests */
... ...
@@ -394,6 +394,16 @@ use_default_signature=yes
394 394
 #
395 395
 #100rel=require
396 396
 
397
+# Make SIP authenticated requests sticky to the proxy? [yes | no]
398
+#
399
+# If enabled, host of request-URI of out-of-dialog requests that are 
400
+# authenticated with SIP auth is changed to the previously resolved
401
+# next-hop IP:port.
402
+#
403
+# default: no
404
+#
405
+# proxy_sticky_auth=yes
406
+
397 407
 #
398 408
 # Accept final replies without To-tag? [yes|no]
399 409
 #
... ...
@@ -167,6 +167,17 @@ bool UACAuth::onSipReply(const AmSipReply& reply, int old_dlg_status, const stri
167 167
 	      // reset remote tag so remote party 
168 168
 	      // thinks its new dlg
169 169
 	      dlg->remote_tag = "";
170
+
171
+	      if (AmConfig::ProxyStickyAuth) {
172
+		// update remote URI to resolved IP
173
+		size_t hpos = dlg->remote_uri.find("@");
174
+		if (hpos != string::npos && reply.remote_ip.length()) {
175
+		  dlg->remote_uri = dlg->remote_uri.substr(0, hpos+1) +
176
+		    reply.remote_ip + ":"+int2str(reply.remote_port);
177
+		  DBG("updated remote URI to '%s'\n", dlg->remote_uri.c_str());
178
+		}
179
+	      }
180
+
170 181
 	    }
171 182
 	    // resend request 
172 183
 	    if (dlg->sendRequest(ri->second.method,