<div>And what about if we ensure that the RL is on the same host than the rls-services, for example an RLS which is configured like this :<br>&nbsp;<br>integrated_xcap_server = 0<br>xcap_root = <a href="http://10.26.52.122/xcap-root:8080">http://10.26.52.122/xcap-root:8080</a><br>
&nbsp;<br>In that circumstance, RLS may handle resource-list tag, check if the host is equal to xcap_root, and then download the RL.<br>Do you agree ?<br>&nbsp;<br>Regards,</div>
<div>Eric.<br><br></div>
<div class="gmail_quote">2008/12/15 Adrian Georgescu <span dir="ltr">&lt;<a href="mailto:ag@ag-projects.com">ag@ag-projects.com</a>&gt;</span><br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div style="WORD-WRAP: break-word">
<div style="WORD-WRAP: break-word">
<div>
<div class="Ih2E3d">
<div>
<div><br></div></div>
<blockquote type="cite">&nbsp;&nbsp;&lt;service uri=&quot;<a>sip:alice@domain;pres-list=Default</a>&quot;&gt;</blockquote>
<div><br></div></div>
<div>
<div>The above should read<a><font color="#000000">&nbsp;</font></a><a>sip:alice@domain.com</a></div>
<div><br></div></div>
<div>
<div class="Ih2E3d">
<blockquote type="cite">&nbsp;&nbsp; &nbsp;&lt;resource-list&gt;<a href="http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d" target="_blank">http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d</a>&lt;/resource-list&gt;<br>
</blockquote>
<div><br></div></div>
<div>I will not allow this document to be stored in the server&nbsp;as this would open Pandera&#39;s box of foreign URLs that can be injected in the system. The fact that RFC mentioned that is possible does not mean is sane to do it as &nbsp;Presence server operator.</div>

<div><br></div>
<div>Only &lt;one&gt; entries containing individual and valid SIP URIs will be allowed in rls-services document.</div>
<div><br></div><font color="#888888">
<div>Adrian</div>
<div><br></div></font></div></div></div>
<div>
<div></div>
<div class="Wj3C7c">
<div>
<div><br></div>
<div>On Dec 15, 2008, at 4:53 PM, Eric PTAK wrote:</div><br>
<blockquote type="cite">
<div>Thanks you Anca and Adrian for your answer.</div>
<div>Regading the issue with the parameter in the R-URI, I was asking if&nbsp;the PS&nbsp;shouldn&#39;t use the To header, but I don&#39;t find&nbsp;references on &nbsp;that any more...</div>
<div>&nbsp;</div>
<div>I&#39;ll feed back to Mercuro developers in order to remove parameters from services URI.</div>
<div>&nbsp;</div>
<div>Adrian, when you&#39;re talking about external XCAP documents, do you mean the use of resource-list tag in rls-services document ?</div>
<div>&nbsp;</div>
<div>Eric.</div>
<div><br><br>&nbsp;</div>
<div class="gmail_quote">2008/12/15 Adrian Georgescu <span dir="ltr">&lt;<a href="mailto:ag@ag-projects.com" target="_blank">ag@ag-projects.com</a>&gt;</span><br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div style="WORD-WRAP: break-word">Hello Eric, 
<div><br></div>
<div>To avoid backdoors and possibility of&nbsp;exploiting&nbsp;the Presence server code by end-user provisioning we will actually add checks in OpenXCAP server for the actual content of RLS services document so that it contins only routable sip uris, without any parameters. Also pointers to external XCAP documents even if they are mentioned in the RFC will no be allowed&nbsp;in our server as it could generate endless loops.</div>

<div><br></div>
<div>So I encourage you not to use any SIP Uris&nbsp;different&nbsp;than user@domain as you will not be able to manipulate them in the next version.</div>
<div><br></div>
<div>Regards,</div>
<div>Adrian</div><font color="#888888">
<div><br></div></font>
<div>
<div>
<div>
<div></div>
<div>
<div>On Dec 12, 2008, at 6:13 PM, Eric PTAK wrote:</div><br></div></div>
<blockquote type="cite">
<div>
<div></div>
<div>
<div>Hi all,</div>
<div>&nbsp;</div>
<div>I&#39;m currently integrating OpenSIPS with OpenXCAP.</div>
<div>After a lot a problem with ubuntu libraries in order to setup openxcap, I&#39;m now facing to another issue with RLS module.</div>
<div>I&#39;m using Mercuro and it subsribes to <a>sip:alice@domain;pres-list=Default</a>, but the RLS looks for a service at <a>sip:alice@domain</a> so it response by a 404 Not Found error.</div>
<div>&nbsp;</div>
<div>This is the xml files from xcap :</div>
<div>&nbsp;</div>
<div><a href="mailto:eptak@rd-srv-devlnx2:~$" target="_blank">eptak@rd-srv-devlnx2:~$</a> xcapclient --app rls-services get<br>get <a href="http://10.26.52.122:8080/xcap-root/rls-services/users/sip:alice@domain/index" target="_blank">http://10.26.52.122:8080/xcap-root/rls-services/users/sip:alice@domain/index</a><br>
etag: &quot;d113935c4c7324c99077a925492251b2&quot;<br>content-type: application/rls-services+xml<br>content-length: 467<br>&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;<br>&lt;rls-services xmlns:rl=&quot;<a>urn:ietf:params:xml:ns:resource-lists</a>&quot; xmlns=&quot;<a>urn:ietf:params:xml:ns:rls-services</a>&quot;&gt;<br>
&nbsp; &lt;service uri=&quot;<a>sip:alice@domain;pres-list=Default</a>&quot;&gt;<br>&nbsp;&nbsp;&nbsp; &lt;resource-list&gt;<a href="http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d" target="_blank">http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d</a>&lt;/resource-list&gt;<br>
&nbsp;&nbsp;&nbsp; &lt;packages&gt;<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;package&gt;presence&lt;/package&gt;<br>&nbsp;&nbsp;&nbsp; &lt;/packages&gt;<br>&nbsp; &lt;/service&gt;<br>&lt;/rls-services&gt;</div>
<div><br><a href="mailto:eptak@rd-srv-devlnx2:~$" target="_blank">eptak@rd-srv-devlnx2:~$</a> xcapclient --app resource-lists get<br>get <a href="http://10.26.52.122:8080/xcap-root/resource-lists/users/sip:alice@domain/index" target="_blank">http://10.26.52.122:8080/xcap-root/resource-lists/users/sip:alice@domain/index</a><br>
etag: &quot;e153e7e4688122a04434b77cd1ecb5e1&quot;<br>content-type: application/resource-lists+xml<br>content-length: 324<br>&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;<br>&lt;resource-lists xmlns=&quot;<a>urn:ietf:params:xml:ns:resource-lists</a>&quot;&gt;<br>
&nbsp; &lt;list name=&quot;Default&quot;&gt;<br>&nbsp;&nbsp;&nbsp; &lt;display-name&gt;All Contacts&lt;/display-name&gt;<br>&nbsp; &lt;entry uri=&quot;<a>sip:bob@domain</a>&quot; xmlns=&quot;<a>urn:ietf:params:xml:ns:resource-lists</a>&quot;&gt;<br>
&nbsp; &lt;display-name&gt;bob&lt;/display-name&gt;<br>&lt;/entry&gt;&lt;/list&gt;<br>&lt;/resource-lists&gt;<br></div>
<div>and this is the stack trace :</div>
<div>&nbsp;</div>
<div>Dec 12 15:17:15 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: SUBSCRIBE presence from <a>sip:alice@domain</a> to <a>sip:alice@domain;pres-list=Default</a> (Mercuro IMS Client Beta (4.0.1011.0))<br>Dec 12 15:17:15 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:core:parse_headers: flags=ffffffffffffffff<br>
Dec 12 15:17:15 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:core:parse_headers: flags=ffffffffffffffff<br>Dec 12 15:17:15 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:presence:search_event: start event= [presence]<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:rls:rls_handle_subscribe: &#39;To&#39; header ALREADY PARSED: &lt;<a>sip:alice@domain;pres-list=Default</a>&gt;<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:rls:get_resource_list: Searched RL document for user <a>sip:alice@domain</a><br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:core:db_new_result: allocate 28 bytes for result set at 0x81b52b0<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: 2 columns returned from the query<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:core:db_allocate_columns: allocate 8 bytes for result names at 0x81b5af8<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:core:db_allocate_columns: allocate 8 bytes for result types at 0x81b5360<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: allocate 8 bytes for RES_NAMES[0] at 0x81b5820<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0x81b5820)[0]=[doc]<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: use DB_BLOB result type<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: allocate 8 bytes for RES_NAMES[1] at 0x81b5838<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: RES_NAMES(0x81b5838)[1]=[etag]<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_get_columns: use DB_STRING result type<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_convert_rows: allocate 8 bytes for rows at 0x81b5948<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_convert_row: allocate 40 bytes for row values at 0x81b5860<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_str2val: converting BLOB [&lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;^M &lt;rls-services xmlns:rl=&quot;<a>urn:ietf:params:xml:ns:resource-lists</a>&quot; xmlns=&quot;<a>urn:ietf:params:xml:ns:rls-services</a>&quot;&gt;^M&nbsp;&nbsp; &lt;service uri=&quot;<a>sip:alice@domain;pres-list=Default</a>&quot;&gt;^M&nbsp;&nbsp;&nbsp;&nbsp; &lt;resource-list&gt;<a href="http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d" target="_blank">http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d</a>&lt;/resource-list&gt;^M&nbsp;&nbsp;&nbsp;&nbsp; &lt;packages&gt;^M&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;package&gt;presence&lt;/package&gt;^M&nbsp;&nbsp;&nbsp;&nbsp; &lt;/packages&gt;^M&nbsp;&nbsp; &lt;/service&gt;^M &lt;/rls-services&gt;]<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:db_mysql:db_mysql_str2val: converting STRING [d113935c4c7324c99077a925492251b2]<br>Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:rls:get_resource_list: rls_services document: &lt;?xml version=&quot;1.0&quot; encoding=&quot;utf-8&quot;?&gt;^M &lt;rls-services xmlns:rl=&quot;<a>urn:ietf:params:xml:ns:resource-lists</a>&quot; xmlns=&quot;<a>urn:ietf:params:xml:ns:rls-services</a>&quot;&gt;^M&nbsp;&nbsp; &lt;service uri=&quot;<a>sip:alice@domain;pres-list=Default</a>&quot;&gt;^M&nbsp;&nbsp;&nbsp;&nbsp; &lt;resource-list&gt;<a href="http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d" target="_blank">http://10.26.52.122:8080/xcap-root/resource-lists/users/sip%3aalice%40domain/index/~~/resource-lists/list%5b@name=%22Default%22%5d</a>&lt;/resource-list&gt;^M&nbsp;&nbsp;&nbsp;&nbsp; &lt;packages&gt;^M&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;package&gt;presence&lt;/package&gt;^M&nbsp;&nbsp;&nbsp;&nbsp; &lt;/packages&gt;^M&nbsp;&nbsp; &lt;/service&gt;^M &lt;/rls-services&gt;<br>
Dec 12 15:17:16 rd-srv-devlnx2 /usr/local/sbin/opensips[25465]: DBG:rls:get_resource_list: service uri <a>sip:alice@domain</a> not found in rl document for user <a>sip:alice@domain</a><br></div></div></div>
<div>_______________________________________________<br>Users mailing list<br><a href="mailto:Users@lists.opensips.org" target="_blank">Users@lists.opensips.org</a><br><a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div></blockquote></div><br></div></div></blockquote></div><br></blockquote></div><br></div></div></div></blockquote></div><br>