|
|
@@ -677,10 +677,20 @@ route[AUTH] {
|
|
|
}
|
|
|
if (is_method("PUBLISH"))
|
|
|
{
|
|
|
- if ($au!=$tU) {
|
|
|
+ if ($au!=$fU || $au!=$tU) {
|
|
|
sl_send_reply("403","Forbidden auth ID");
|
|
|
exit;
|
|
|
}
|
|
|
+ if ($au!=$rU) {
|
|
|
+ sl_send_reply("403","Forbidden R-URI");
|
|
|
+ exit;
|
|
|
+ }
|
|
|
+#!ifdef WITH_MULTIDOMAIN
|
|
|
+ if ($fd!=$rd) {
|
|
|
+ sl_send_reply("403","Forbidden R-URI domain");
|
|
|
+ exit;
|
|
|
+ }
|
|
|
+#!endif
|
|
|
} else {
|
|
|
if ($au!=$fU) {
|
|
|
sl_send_reply("403","Forbidden auth ID");
|
Daniel-Constantin Mierla