Skip to content

Commit

Permalink
KAM26-27 signal challenged requests and use info on internal redirect
Browse files Browse the repository at this point in the history 
kamailio doesn't handle well the suspend/resume transactions and we use when we check for credentials on requests

(cherry picked from commit f547a69)
  • Loading branch information
@lazedo
lazedo committed Jul 11, 2024
1 parent 9c2d1db commit d04c157
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 3 deletions.
4 changes: 3 additions & 1 deletion kamailio/authorization.cfg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ kazoo.send_auth_in_dialog_x_headers = SEND_AUTH_IN_DIALOG_X_HEADERS descr "send
kazoo.authorization_query_timeout_ms = AUTHORIZATION_QUERY_TIMEOUT_MS descr "timeout waiting for reply from authorization"

flags
FLAG_REQUIRE_IN_DIALOG_AUTHZ;
FLAG_REQUIRE_IN_DIALOG_AUTHZ,
FLAG_REQUEST_AUTHORIZED_BY_KAZOO;

route[AUTHORIZATION]
{
Expand Down Expand Up @@ -170,6 +171,7 @@ route[KZ_AUTHORIZATION_CHECK_RESPONSE]
}

xlog("L_INFO", "$(rm{s.tolower}) was authorized by kazoo via amqp\n");
setflag(FLAG_REQUEST_AUTHORIZED_BY_KAZOO);

consume_credentials();

Expand Down
8 changes: 6 additions & 2 deletions kamailio/default.cfg
View file
Original file line number Diff line number Diff line change
Expand Up @@ -912,8 +912,12 @@ failure_route[INTERNAL_FAULT]
route[INTERNAL_REDIRECT]
{
xlog("L_INFO", "redirect to $T_rpl($hdr(X-Redirect-Server))\n");
remove_hf_re_pv("$sel(cfg_get.kazoo.internal_redirect_reserved_headers)");
record_route();

if (isflagset(FLAG_REQUEST_AUTHORIZED_BY_KAZOO)) {
xlog("L_INFO", "original request was challenged, cleaning headers and record-route\n");
remove_hf_re_pv("$sel(cfg_get.kazoo.internal_redirect_reserved_headers)");
record_route();
}

if (ds_is_from_list(-1, 7, "$T_rpl($hdr(X-Redirect-Server))")) {
xlog("L_INFO", "found dispatcher redirect for $T_rpl($hdr(X-Redirect-Server)) => $var(ds_uri)\n");
Expand Down

0 comments on commit d04c157

Please sign in to comment.