Why do we need a refactor?
The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation. The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.
There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.
Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use. With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.
What's changed?
* Configuration objects have been refactored to be clearer about
their uses and to fix issues.
* The "general" object was renamed to "verification" since it
contains parameters specific to the incoming verification
process. It also never handled ca_path and crl_path
correctly.
* A new "attestation" object was added that controls the
outgoing attestation process. It sets default certificates,
keys, etc.
* The "certificate" object was renamed to "tn" and had it's key
change to telephone number since outgoing call attestation
needs to look up certificates by telephone number.
* The "profile" object had more parameters added to it that can
override default parameters specified in the "attestation"
and "verification" objects.
* The "store" object was removed altogther as it was never
implemented.
* We now use libjwt to create outgoing Identity headers and to
parse and validate signatures on incoming Identiy headers. Our
previous custom implementation was much of the source of the
interoperability issues.
* General code cleanup and refactor.
* Moved things to better places.
* Separated some of the complex functions to smaller ones.
* Using context objects rather than passing tons of parameters
in function calls.
* Removed some complexity and unneeded encapsuation from the
config objects.
Resolves: #351Resolves: #46
UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.
UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed. The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information. This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added. Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
Currently, there is no Caller ID available to us when
checking for an extension match when handling INVITEs.
As a result, extension patterns that depend on the Caller ID
are not matched and calls may be incorrectly rejected.
The Caller ID is not available because the supplement that
adds Caller ID to the session does not execute until after
this check. Supplement callbacks cannot yet be executed
at this point since the session is not yet in the appropriate
state.
To fix this without impacting existing behavior, the Caller ID
number is now retrieved before attempting to pattern match.
This ensures pattern matching works correctly and there is
no behavior change to the way supplements are called.
ASTERISK-28767 #close
Change-Id: Iec7f5a3b90e51b65ccf74342f96bf80314b7cfc7
This change allows TEL URI requests to come through for basic calls. The
allowed requests are INVITE, ACK, BYE, and CANCEL. The From and To
headers will now allow TEL URIs, as well as the request URI.
Support is only for TEL URIs present in traffic from a remote party.
Asterisk does not generate any TEL URIs on its own.
ASTERISK-26894
Change-Id: If5729e6cd583be7acf666373bf9f1b9d653ec29a
Fix parsing of ANI2/OLI information, since it was previously
parsing the user, when it should have been parsing other_param.
Also improves the parsing by using pjproject native functions
rather than trying to parse the parameters ourselves like
chan_sip did. A previous attempt at this caused a crash, but
this works correctly now.
ASTERISK-29703 #close
Change-Id: I8f3c79032d9ea1a21d16f8e11f22bd8d887738a1
Adds parsing of ANI II digits (Originating
Line Information) to PJSIP, on par with
what currently exists in chan_sip.
ASTERISK-29472
Change-Id: Ifc938a7a7d45ce33999ebf3656a542226f6d3847
MODULEINFO is checked while buidling/linking the module.
AST_MODULE_INFO is checked while loading/running the module.
ASTERISK-28838
Change-Id: I4bb868532ca217fec1351885d99eb55c21b58042
PJSIP assumes that these header names are not allocated, does not clone
the name strings when reusing headers.
Block unload of res_pjsip_caller_id until shutdown to ensure static
memory stays valid. It was previously unsafe to unload while any
sessions are active.
Change-Id: I190854dea943d6e441cf03733f8a0da661aea27f
This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.
The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.
The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.
The default value is 'yes' for both options.
Change-Id: I16af967815efd904597ec2f033337e4333d097cd
This change adds the "party" parameter to the Remote-Party-ID header
which indicates which party the header information is applicable
to. In Asterisk this is determined on whether we are the calling
or called party. This is added to improve interoperability with some
implementations.
ASTERISK-28006
Change-Id: I1eec3e377ffff8633b5c1dd59a05e9533122cfca
This removes references that are no longer needed due to automatic
references created by module dependencies.
In addition this removes most calls to ast_module_check as they were
checking modules which are listed as dependencies.
Change-Id: I332a6e8383d4c72c8e89d988a184ab8320c4872e
* Declare 'requires' and 'enhances' text fields on module info structure.
* Rename 'nonoptreq' to 'optional_modules'.
* Update doxygen comments.
Still need to investigate dependencies among modules I cannot compile.
Change-Id: I3ad9547a0a6442409ff4e352a6d897bef2cc04bf
Currently privacy requests are only granted if the Privacy header
value is exactly "id" (defined in RFC 3325). It ignores any other
possible value (or a combination there of). This patch reverses the
logic from testing for "id" to grant privacy, to testing for "none" and
granting privacy for any other value. "none" must not be used in
combination with any other value (RFC 3323 section 4.2).
ASTERISK-27284 #close
Change-Id: If438a21f31a962da32d7a33ff33bdeb1e776fe56
It's possible for a name in a party id structure to be marked as valid, but the
name string itself be NULL (for instance this is possible to do by using the
dialplan CALLERID function). There were a couple of places where the name was
validated, but the string itself was not checked before passing it to functions
like 'strlen'. This of course caused a crashed.
This patch adds in a NULL check before attempting to pass it into a function
that is not NULL tolerant.
ASTERISK-25823 #close
Change-Id: Iaa6ffe9d92f598fe9e3c8ae373fadbe3dfbf1d4a
The res_pjsip_caller_id module wrongly assumed that a
saved From header would always exist on sessions. This
is true until an inbound call is received and a session
timer causes an UPDATE to be sent. In this case there will
be no saved From header and a crash will occur. This change
makes it fall back to the From header of the outgoing request
if no saved From header is present.
ASTERISK-26307 #close
Change-Id: Iccc3bc8d243b5ede9b81abf960292930c908d4fa
This implements the chan_sip legacy_useroption_parsing option but with a
better name.
* Made the caller-id number and redirecting number strings obtained from
incoming SIP URI user fields always truncated at the first semicolon.
People don't care about anything after the semicolon showing up on their
displays even though the RFC allows the semicolon.
ASTERISK-26316 #close
Reported by: Kevin Harwell
Change-Id: Ib42b0e940dd34d84c7b14bc2e90d1ba392624f62
When compact_headers was set, we were sending a zero-length header name
for PAI and RPID because we always forced the short header name length
to 0. We did this because we cloned the header from "From" and wanted
to clear "f" from the sname. By cloning however, we bypass pjproject's
automatic logic that sets sname to name if there's no compact form of
the header, which there isn't for PAI and RPID. So now we force sname
to be the same as name right after we set name.
res_pjsip_diversion needed the same treatment for the Diversion header.
ASTERISK-26241 #close
Change-Id: I633ec139630cd83809aae00336cee4a10077e467
When create_new_id_hdr creates a new RPID or PAI header, it starts by cloning
the From header, then it overwrites the display name and uri from the channel's
connected.id. If the connected.id.name wasn't valid, create_new_id_hdr was
leaving the display name from the From header in the new RPID or PAI header.
On an attended transfer where the originator had a caller id number set but not
a display name, the re-INVITE to the final transferee had the number of the
originator but the display name of the transferer.
Added a check to clear out the display name in the new header if
connected.id.name was invalid.
ASTERISK-25942 #close
Change-Id: I60b4bf7a7ece9b7425eba74151c0b4969cd2738b
Per RFC3325, the 'From' header is now anonymized on outgoing calls when
caller id presentation is prohibited.
TID = trust_id_outbound
PRO = Set(CALLERID(pres)=prohib)
USR = endpoint/from_user
DOM = endpoint/from_domain
PAI = YES(privacy=off), NO(not sent), PRI(privacy=full) (assumes send_pai=yes)
Conditions |Result
--------------------|----------------------------------------------------
TID PRO USR DOM |PAI FROM
--------------------|----------------------------------------------------
Y Y abc def.ghi |PRI "Anonymous" <sip:abc@def.ghi>
Y Y abc |PRI "Anonymous" <sip:abc@anonymous.invalid>
Y Y def.ghi |PRI "Anonymous" <sip:anonymous@def.ghi>
Y Y |PRI "Anonymous" <sip:anonymous@anonymous.invalid>
Y N abc def.ghi |YES <sip:abc@def.ghi>
Y N abc |YES <sip:abc@<ip_address>>
Y N def.ghi |YES "Caller Name" <sip:<caller_exten>@def.ghi>
Y N |YES "Caller Name" <sip:<caller_exten>@<ip_address>>
N Y abc def.ghi |NO "Anonymous" <sip:abc@def.ghi>
N Y abc |NO "Anonymous" <sip:abc@anonymous.invalid>
N Y def.ghi |NO "Anonymous" <sip:anonymous@def.ghi>
N Y |NO "Anonymous" <sip:anonymous@anonymous.invalid>
N N abc def.ghi |YES <sip:abc@def.ghi>
N N abc |YES <sip:abc@<ip_address>>
N N def.ghi |YES "Caller Name" <sip:<caller_exten>@def.ghi>
N N |YES "Caller Name" <sip:<caller_exten>@<ip_address>>
ASTERISK-25791 #close
Reported-by: Anthony Messina
Change-Id: I2c82a5ca1413c2c00fb62ea95b0ae8e97af54dc9
If the PJSIP_HEADER dialplan function adds a PAI or RPID header and send_rpid
or send_pai is set, res_pjsip_caller_id attemps to retrieve, parse and modify
the header added by the dialplan function. Since the header added by the
dialplan function is generic string, there are no virtual functions to parse
the uri and we get a segfault when we try. Since the modify, was really only
an overwrite, we now just delete the old header if it was type PJSIP_H_OTHER
and recreate it.
This raises a question for another time though: What should happen with
duplicate headers? Right now res_pjsip_header_funcs doesn't check for dups
so if it's session supplement is loaded after res_pjsip_caller_id's (or any
other module that adds headers), there'll be dups in the message.
ASTERISK-25337 #close
Change-Id: I5e296b52d30f106b822c0eb27c4c2b0e0f71c7fa
Apparently some endpoints attempt to send a reINVITE before completing the
initial INVITE transaction. In this case PJSIP responds appropriately to
the reINVITE with a 491 INVITE request pending. Unfortunately chan_pjsip
is using the initial INVITE transaction state to determine if an INVITE is
the initial INVITE or a reINVITE. Since the initial INVITE transaction
has not been confirmed yet chan_pjsip thinks the reINVITE is an initial
INVITE and starts another PBX thread on the channel. The extra PBX thread
ensures that hilarity ensues.
* Fix checks for a reINVITE on incoming requests to look for the presence
of a to-tag instead of the initial INVITE transaction state.
* Made caller_id_incoming_request() determine what to do if there is a
channel on the session or not. After a channel is created it is too late
to just store the new party id on the session because the session's party
id has already been copied to the channel's caller id.
ASTERISK-25404 #close
Reported by: Chet Stevens
Change-Id: Ie78201c304a2b13226f3a4ce59908beecc2c68be
The res_pjsip modules were manually checking both name and number
presentation values when there is a function that determines the combined
presentation for a party ID struct. The function takes into account if
the name or number components are valid while the manual code rarely
checked if the data was even valid.
* Made use ast_party_id_presentation() rather than manually checking party
ID presentation values.
* Ensure that set_id_from_pai() and set_id_from_rpid() will not return
presentation values other than what is pulled out of the SIP headers. It
is best if the code doesn't assume that AST_PRES_ALLOWED and
AST_PRES_USER_NUMBER_UNSCREENED are zero.
* Fixed copy paste error in add_privacy_params() dealing with RPID
privacy.
* Pulled the id->number.valid test from add_privacy_header() and
add_privacy_params() up into the parent function add_id_headers() to skip
adding PAI/RPID headers earlier.
* Made update_connected_line_information() not send out connected line
updates if the connected line number is invalid. Lower level code would
not add the party ID information and thus the sent message would be
unnecessary.
* Eliminated RAII_VAR usage in send_direct_media_request().
Review: https://reviewboard.asterisk.org/r/4472/
........
Merged revisions 432892 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@432893 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Analyzing a one-off crash on a busy system showed that processing a REFER
request had a NULL session channel pointer. The only way I can think of
that could cause this is if an outgoing BYE transaction overlapped the
incoming REFER transaction in a collision. Asterisk sends a BYE while the
phone sends a REFER to complete an attended transfer.
* Made check the session channel pointer before processing an incoming
REFER request in res_pjsip_refer.
* Fixed similar crash potential for res_pjsip supplement incoming request
processing for res_pjsip_sdp_rtp INFO, res_pjsip_caller_id INVITE/UPDATE,
res_pjsip_messaging MESSAGE, and res_pjsip_send_to_voicemail REFER
messages.
* Made res_pjsip_messaging respond to a message body too large with a 413
instead of ignoring it.
ASTERISK-24700 #close
Reported by: Zane Conkle
Review: https://reviewboard.asterisk.org/r/4417/
........
Merged revisions 431898 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@431899 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this change, the Remote-Party-ID header took the position of
"If caller name and number are not explicitly allowed, then they are private"
and P-Asserted-Identity took the position of
"Caller name and number are only private if marked explicitly so"
Now both mechanisms of conveying party identification use the former approach.
........
Merged revisions 421778 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 421783 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@421785 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A calls B
B answers
B SIP attended transfers to C
C answers, B and C can see each other's connected line information
B completes the transfer
A has number but no name connected line information about C
while C has the full information about A
I examined the incoming and outgoing party id information handling of
chan_pjsip and found several issues:
* Fixed ast_sip_session_create_outgoing() not setting up the configured
endpoint id as the new channel's caller id. This is why party A got
default connected line information.
* Made update_initial_connected_line() use the channel's CALLERID(id)
information. The core, app_dial, or predial routine may have filled in or
changed the endpoint caller id information.
* Fixed chan_pjsip_new() not setting the full party id information
available on the caller id and ANI party id. This includes the configured
callerid_tag string and other party id fields.
* Fixed accessing channel party id information without the channel lock
held.
* Fixed using the effective connected line id without doing a deep copy
outside of holding the channel lock. Shallow copy string pointers can
become stale if the channel lock is not held.
* Made queue_connected_line_update() also update the channel's
CALLERID(id) information. Moving the channel to another bridge would need
the information there for the new bridge peer.
* Fixed off nominal memory leak in update_incoming_connected_line().
* Added pjsip.conf callerid_tag string to party id information from
enabled trust_inbound endpoint in caller_id_incoming_request().
AFS-98 #close
Reported by: Mark Michelson
Review: https://reviewboard.asterisk.org/r/3913/
........
Merged revisions 421400 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 421403 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@421404 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds Path support to chan_pjsip in res_pjsip_path.c with minimal
additions in res_pjsip_registrar.c to store the path and additions in
res_pjsip_outbound_registration.c to enable advertisement of path
support to registrars and intervening proxies.
Path information is stored on contacts and is enabled via Address of
Record (AoRs) and Registration configuration sections.
While adding path support, it became necessary to be able to add SIP
supplements that handled messages outside of sessions, so a framework
for handling these types of hooks was added in parallel to the
already-existing session supplements and several senders of
out-of-dialog requests were refactored as a result.
(closes issue ASTERISK-21084)
Review: https://reviewboard.asterisk.org/r/3050/
........
Merged revisions 405565 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@405566 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The fromuser option is used to explicitly set the user within the From header. The
res_pjsip_caller_id module did not take this setting into account when determining
if the From header could be modified or not.
(closes issue ASTERISK-22866)
Reported by: Anthony Messina
........
Merged revisions 402891 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@402892 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Connected line updates are now only sent out if an actual update needs to occur.
This happens under the following conditions:
1. The endpoint we are sending to is trusted.
2. Either a P-Asserted-Identity or Remote Party-ID header needs to be added/sent.
3. The connected id's number and name are valid.
Also added an SDP when an update is sent out.
(closes issue AST-1212)
Reported by: John Bigelow
Review: https://reviewboard.asterisk.org/r/2831/
........
Merged revisions 398806 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@398808 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The general gist is to have a clear boundary between old SIP stuff
and new SIP stuff by having the word "SIP" for old stuff and "PJSIP"
for new stuff. Here's a brief rundown of the changes:
* The word "Gulp" in dialstrings, functions, and CLI commands is now
"PJSIP"
* chan_gulp.c is now chan_pjsip.c
* Function names in chan_gulp.c that were "gulp_*" are now "chan_pjsip_*"
* All files that were "res_sip*" are now "res_pjsip*"
* The "res_sip" directory is now "res_pjsip"
* Files in the "res_pjsip" directory that began with "sip_*" are now "pjsip_*"
* The configuration file is now "pjsip.conf" instead of "res_sip.conf"
* The module info for all PJSIP-related files now uses "PJSIP" instead of "SIP"
* CLI and AMI commands created by Asterisk's PJSIP modules now have "pjsip" as
the starting word instead of "sip"
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@395764 65c4cc65-6c06-0410-ace0-fbb531ad65f3
George Joseph
Naveen Albert
Ben Ford
Alexander Traud
Corey Farrell
Alexei Gradinari
Joshua Colp
Daniel Tryba
Kevin Harwell
Richard Mudgett
George Joseph
George Joseph
Rodrigo Ramírez Norambuena
Kinsey Moore
Mark Michelson