/**
* Checks if a request comes from a trusted domain.
* If not calls function to respond with 403 to REGISTER or clean the message of
* untrusted headers
* @param msg - the SIP message
* @param str1 - not used
* @param str2 - not used
* @returns #CSCF_RETURN_TRUE if trusted, #CSCF_RETURN_FALSE if not , #CSCF_RETURN_ERROR on REGISTER or error
*/
int I_NDS_check_trusted(struct sip_msg* msg, char* str1, char* str2)
{
int result;
LM_DBG("DBG:I_NDS_check_trusted: Starting ...\n");
if (msg->first_line.type!=SIP_REQUEST) {
LM_ERR("ERR:I_NDS_check_trusted: The message is not a request\n");
result = CSCF_RETURN_TRUE;
goto done;
}
if (I_NDS_is_trusted(msg,str1,str2)){
LM_DBG("INF:I_NDS_check_trusted: Message comes from a trusted domain\n");
result = CSCF_RETURN_TRUE;
goto done;
} else {
LM_DBG("INF:I_NDS_check_trusted: Message comes from an untrusted domain\n");
result = CSCF_RETURN_FALSE;
if (msg->first_line.u.request.method.len==8 &&
memcmp(msg->first_line.u.request.method.s,"REGISTER",8)==0){
slb.sreply(msg,403,&str_msg_403);
LM_DBG("INF:I_NDS_check_trusted: REGISTER request terminated.\n");
} else {
if (!I_NDS_strip_headers(msg,str1,str2)){
result = CSCF_RETURN_ERROR;
slb.sreply(msg,500,&str_msg_500);
LM_DBG("INF:I_NDS_check_trusted: Stripping untrusted headers failed, Responding with 500.\n");
}
}
}
done:
LM_DBG("DBG:I_NDS_check_trusted: ... Done\n");
return result;
}
static int auth_send_reply(struct sip_msg *msg, int code, char *reason,
char *hdr, int hdr_len)
{
str reason_str;
/* Add new headers if there are any */
if ((hdr!=NULL) && (hdr_len>0)) {
if (add_lump_rpl(msg, hdr, hdr_len, LUMP_RPL_HDR)==0) {
LM_ERR("failed to append hdr to reply\n");
return -1;
}
}
reason_str.s = reason;
reason_str.len = strlen(reason);
return force_stateless_reply ?
slb.sreply(msg, code, &reason_str) :
slb.freply(msg, code, &reason_str);
}