From ecc3fe1a66551d603b6ad3a42822542435c1df21 Mon Sep 17 00:00:00 2001 From: Luis Azedo Date: Tue, 1 Jun 2021 01:50:10 +0100 Subject: [PATCH] internal auth & authorization * do not handle authorization from internal sources * do not remove authorization from internal sources * when connecting to external from internal, a 401/407 may be returned and we relay that info back to media server, which will issue a new request with authorization, and we need to pass that info to external (cherry picked from commit 69df3e373de23192dd785408a112cd6c052a70a9) --- kamailio/authorization.cfg | 5 +++++ kamailio/default.cfg | 7 ++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/kamailio/authorization.cfg b/kamailio/authorization.cfg index 0dfbf4c..e409bd6 100644 --- a/kamailio/authorization.cfg +++ b/kamailio/authorization.cfg @@ -79,6 +79,11 @@ route[AUTHORIZATION_CHECK_REGISTERED] route[HANDLE_AUTHORIZATION] { + if (isflagset(FLAG_INTERNALLY_SOURCED)) { + route(MAIN); + exit; + } + if(!is_present_hf("Proxy-Authorization")) { route(MAIN); exit; diff --git a/kamailio/default.cfg b/kamailio/default.cfg index 7c2ba8e..1a41916 100644 --- a/kamailio/default.cfg +++ b/kamailio/default.cfg @@ -251,9 +251,10 @@ route route[MAIN] { - route(AUTHORIZATION); - - remove_hf("Authorization"); + if (!isflagset(FLAG_INTERNALLY_SOURCED)) { + route(AUTHORIZATION); + remove_hf("Authorization"); + } #!ifdef MESSAGE_ROLE route(HANDLE_MESSAGE);