|
@@ -40,9 +40,12 @@ modparam("usrloc", "cseq_column", "cseq")
|
|
|
modparam("usrloc", "flush_interval", 60)
|
|
modparam("usrloc", "flush_interval", 60)
|
|
|
modparam("usrloc", "db_url", "sql://csps:47csps11@dbhost/csps107")
|
|
modparam("usrloc", "db_url", "sql://csps:47csps11@dbhost/csps107")
|
|
|
|
|
|
|
|
-modparam("auth", "db_url", "sql://csps:47csps11@dbhost/csps107")
|
|
|
|
|
-modparam("auth", "table", "subscriber")
|
|
|
|
|
-modparam("auth", "user_column", "user_id")
|
|
|
|
|
|
|
+modparam("auth", "db_url", "sql://csps:47csps11@dbhost/csps107")
|
|
|
|
|
+modparam("auth", "user_column", "user_id")
|
|
|
|
|
+modparam("auth", "secret", "439tg8h349g8hq349t9384hg")
|
|
|
|
|
+modparam("auth", "calculate_ha1", false)
|
|
|
|
|
+modparam("auth", "nonce_expire", 300)
|
|
|
|
|
+modparam("auth", "retry_count", 5)
|
|
|
|
|
|
|
|
|
|
|
|
|
route{
|
|
route{
|
|
@@ -92,9 +95,9 @@ route{
|
|
|
# avoid stealing incoming calls
|
|
# avoid stealing incoming calls
|
|
|
if (method=="REGISTER") {
|
|
if (method=="REGISTER") {
|
|
|
log("Request is REGISTER\n");
|
|
log("Request is REGISTER\n");
|
|
|
- if (!authorize("iptel.org")) {
|
|
|
|
|
|
|
+ if (!www_authorize("iptel.org", "subscriber")) {
|
|
|
log("REGISTER has no credentials, sending challenge\n");
|
|
log("REGISTER has no credentials, sending challenge\n");
|
|
|
- challenge("iptel.org", "noqop");
|
|
|
|
|
|
|
+ www_challenge("iptel.org", "0");
|
|
|
break;
|
|
break;
|
|
|
};
|
|
};
|
|
|
# prohibit attempts to grab someone else's address
|
|
# prohibit attempts to grab someone else's address
|
|
@@ -124,8 +127,8 @@ route{
|
|
|
# by its IP address -- that's for sure not very strong;
|
|
# by its IP address -- that's for sure not very strong;
|
|
|
# wth confirmed that we filter packets coming from outside
|
|
# wth confirmed that we filter packets coming from outside
|
|
|
# and bearing SRC IP address of a Fokus network)
|
|
# and bearing SRC IP address of a Fokus network)
|
|
|
- if (!(src_ip==195.37.77.110) & !(authorize("iptel.org"))) {
|
|
|
|
|
- challenge("iptel.org", "noqop");
|
|
|
|
|
|
|
+ if (!(src_ip==195.37.77.110) & !(proxy_authorize("iptel.org", "subscriber"))) {
|
|
|
|
|
+ proxy_challenge("iptel.org", "0");
|
|
|
break;
|
|
break;
|
|
|
};
|
|
};
|
|
|
|
|
|
|
@@ -216,8 +219,8 @@ route{
|
|
|
# support relaying and don't like strangers bothering us
|
|
# support relaying and don't like strangers bothering us
|
|
|
# with resolving DNS
|
|
# with resolving DNS
|
|
|
log("that's a request to outside");
|
|
log("that's a request to outside");
|
|
|
- if (!(src_ip==195.37.77.110) & !(authorize("iptel.org"))) {
|
|
|
|
|
- challenge("iptel.org", "noqop");
|
|
|
|
|
|
|
+ if (!(src_ip==195.37.77.110) & !(proxy_authorize("iptel.org", "subscriber"))) {
|
|
|
|
|
+ proxy_challenge("iptel.org", "0");
|
|
|
break;
|
|
break;
|
|
|
};
|
|
};
|
|
|
# there should be check_from here too -- but I'm to tired
|
|
# there should be check_from here too -- but I'm to tired
|
Jan Janak