sysmocom
/
asterisk
11
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
asterisk/main
History
George Joseph 628f8d7a43 Stir/Shaken Refactor 
Why do we need a refactor?

The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation.  The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.

There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.

Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use.  With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.

What's changed?

* Configuration objects have been refactored to be clearer about
  their uses and to fix issues.
    * The "general" object was renamed to "verification" since it
      contains parameters specific to the incoming verification
      process.  It also never handled ca_path and crl_path
      correctly.
    * A new "attestation" object was added that controls the
      outgoing attestation process.  It sets default certificates,
      keys, etc.
    * The "certificate" object was renamed to "tn" and had it's key
      change to telephone number since outgoing call attestation
      needs to look up certificates by telephone number.
    * The "profile" object had more parameters added to it that can
      override default parameters specified in the "attestation"
      and "verification" objects.
    * The "store" object was removed altogther as it was never
      implemented.

* We now use libjwt to create outgoing Identity headers and to
  parse and validate signatures on incoming Identiy headers.  Our
  previous custom implementation was much of the source of the
  interoperability issues.

* General code cleanup and refactor.
    * Moved things to better places.
    * Separated some of the complex functions to smaller ones.
    * Using context objects rather than passing tons of parameters
      in function calls.
    * Removed some complexity and unneeded encapsuation from the
      config objects.

Resolves: #351
Resolves: #46

UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.

UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed.  The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information.  This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added.  Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
 		2024-02-28 18:39:03 +00:00
..
stdtime main: Spelling fixes 2021-11-15 17:33:27 -06:00
.gitignore build-system: Allow building with static pjproject 2016-03-01 09:30:43 -07:00
Makefile ael: Regenerate lexers and parsers. 2023-04-03 07:58:23 -05:00
abstract_jb.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
acl.c chan_sip: Remove deprecated module. 2023-01-03 09:00:42 -06:00
adsi.c Allow Asterisk to compile under GCC 4.10 2014-05-09 22:49:26 +00:00
alaw.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
alertpipe.c utils: Wrap socket() and pipe() to reduce syscalls 2018-12-07 09:06:08 -05:00
aoc.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
app.c app.c: Allow ampersands in playback lists to be escaped. 2023-11-28 19:52:03 +00:00
ast_expr2.c ael: Regenerate lexers and parsers. 2023-04-03 07:58:23 -05:00
ast_expr2.fl general: Fix broken links. 2023-12-08 13:11:54 +00:00
ast_expr2.h ael: Regenerate lexers and parsers. 2023-04-03 07:58:23 -05:00
ast_expr2.y Remove #include <sys/cdefs.h> 2020-05-05 10:06:43 -05:00
ast_expr2f.c general: Fix broken links. 2023-12-08 13:11:54 +00:00
asterisk.c general: Fix broken links. 2023-12-08 13:11:54 +00:00
asterisk.dynamics res_monitor: Remove deprecated module. 2023-01-13 08:32:33 -06:00
asterisk.exports.in Scope Tracing: A new facility for tracing scope enter/exit 2020-06-02 11:35:07 -05:00
astfd.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
astmm.c progdocs: Fix for Doxygen, the hidden parts. 2021-12-02 10:37:38 -06:00
astobj2.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
astobj2_container.c progdocs: Fix for Doxygen, the hidden parts. 2021-12-02 10:37:38 -06:00
astobj2_container_private.h main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
astobj2_global.c core: Fix ABI mismatch of ao2_global_obj. 2019-09-23 07:35:48 -04:00
astobj2_hash.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
astobj2_private.h Astobj2: Allow reference debugging to be enabled/disabled by config. 2015-04-27 18:37:26 -04:00
astobj2_rbtree.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
audiohook.c audiohook: Unlock channel in mute if no audiohooks present. 2023-08-09 14:50:07 +00:00
autochan.c autochan/mixmonitor/chanspy: Fix unsafe channel locking and references. 2017-03-15 17:18:55 -06:00
autoservice.c autoservice: Don't start channel autoservice if the thread is a user interface. 2018-06-19 15:02:52 -05:00
backtrace.c main/backtrace: binutils-2.34 fix. 2020-04-06 10:23:20 -05:00
bridge.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
bridge_after.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
bridge_basic.c app_followme.c: Grab reference on nativeformats before using it 2023-11-09 18:24:36 +00:00
bridge_channel.c res_monitor: Remove deprecated module. 2023-01-13 08:32:33 -06:00
bridge_roles.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
bucket.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
buildinfo.c fix a few small things found by using sparse 2008-10-30 16:49:02 +00:00
callerid.c callerid: Allow specifying timezone for date/time. 2023-05-25 10:46:40 -06:00
ccss.c app_macro: Remove deprecated module. 2023-01-10 14:07:44 -06:00
cdr.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
cel.c cel: add publish user event helper 2023-09-21 14:47:21 +00:00
channel.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
channel_internal_api.c res_monitor: Remove deprecated module. 2023-01-13 08:32:33 -06:00
chanvars.c core: Remove ABI effects of MALLOC_DEBUG. 2018-03-01 13:13:55 -06:00
cli.c cli: increase channel column width 2023-03-16 10:44:13 -05:00
codec.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
codec_builtin.c codec_builtin: Use multiples of 20 for maximum_ms 2023-09-22 16:10:11 +00:00
config.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
config_options.c config_options.c: Fix truncation of option descriptions. 2023-12-12 14:40:22 +00:00
conversions.c conversions.c: Specify that we only want to parse decimal numbers. 2022-03-23 17:13:03 -05:00
core_local.c core_local: Fix local channel parsing with slashes. 2023-11-02 21:38:13 +00:00
core_unreal.c core_unreal: Flip stream direction of second channel. 2022-05-05 08:15:42 -05:00
crypt.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
cygload.c Kill off red blobs in most of main/* 2012-03-22 19:51:16 +00:00
data_buffer.c res_rtp_asterisk: Free payload when error on insertion to data buffer 2020-04-15 13:56:40 -05:00
datastore.c Geolocation: Base Asterisk Prereqs 2022-07-07 08:19:14 -05:00
db.c Stir/Shaken Refactor 2024-02-28 18:39:03 +00:00
devicestate.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
dial.c app_macro: Remove deprecated module. 2023-01-10 14:07:44 -06:00
dns.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
dns_core.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
dns_naptr.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
dns_query_set.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
dns_recurring.c progdocs: Fix for Doxygen, the hidden parts. 2021-12-02 10:37:38 -06:00
dns_srv.c Compiler fixes for gcc 10 2020-06-10 09:33:28 -05:00
dns_system_resolver.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
dns_test.c progdocs: Fix for Doxygen, the hidden parts. 2021-12-02 10:37:38 -06:00
dns_tlsa.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
dns_txt.c core/dns: Add system include required on FreeBSD 2020-04-28 13:05:55 -05:00
dnsmgr.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
dsp.c dsp.c: Fix and improve potentially inaccurate log message. 2024-02-14 13:19:13 +00:00
ecdisa.h Kill off red blobs in most of main/* 2012-03-22 19:51:16 +00:00
endpoints.c stasis: Improve topic/subscription names and statistics. 2019-03-11 11:39:35 -03:00
enum.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
event.c various files - fix some alerts raised by lgtm code analysis 2019-11-18 08:30:45 -06:00
features.c res_monitor: Remove deprecated module. 2023-01-13 08:32:33 -06:00
features_config.c bridge_builtin_features: add beep via touch variable 2023-03-20 10:46:17 -05:00
features_config.h loader: Convert reload_classes to built-in modules. 2018-03-14 05:20:12 -04:00
file.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
fixedjitterbuf.c jitterbuffer: Correct signed/unsigned mismatch causing assert 2021-06-24 08:18:19 -05:00
fixedjitterbuf.h abstract/fixed/adpative jitter buffer: disallow frame re-inserts 2017-01-17 17:08:53 -06:00
format.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
format_cache.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
format_cap.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
format_compatibility.c codecs: Remove test-law. 2021-01-04 05:00:58 -06:00
frame.c main/frame: Add missing control frame names to ast_frame_subclass2str 2021-01-27 10:40:41 -06:00
framehook.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
fskmodem.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
fskmodem_float.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
fskmodem_int.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
global_datastores.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
hashtab.c core: Remove ABI effects of MALLOC_DEBUG. 2018-03-01 13:13:55 -06:00
heap.c core: Remove ABI effects of MALLOC_DEBUG. 2018-03-01 13:13:55 -06:00
http.c http.c: Minor simplification to HTTP status output. 2023-03-16 07:21:33 -05:00
image.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
indications.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
io.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
iostream.c main/iostream.c: fix build with libressl 2023-03-06 11:25:32 -06:00
jitterbuf.c Fix Common Typo's. 2017-12-20 12:40:01 -05:00
json.c func_json: Fix crashes for some types 2023-10-05 14:38:05 +00:00
libasteriskpj.c PJPROJECT logging: Fix detection of max supported log level. 2017-01-24 11:25:19 -06:00
libasteriskssl.c libasteriskssl: Allow OpenSSL 1.0.2 configured with no-deprecated. 2018-05-20 13:55:26 +02:00
libasteriskssl.exports.in Address OpenSSL initialization issues when using third-party libraries. 2012-01-30 21:21:16 +00:00
loader.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
lock.c lock.c: Separate DETECT_DEADLOCKS from DEBUG_THREADS 2023-09-22 14:34:46 +00:00
logger.c logger.c: Move LOG_GROUP documentation to dedicated XML file. 2023-12-06 21:23:54 +00:00
logger_category.c Logging: Add debug logging categories 2020-10-02 12:58:18 -05:00
logger_doc.xml logger: Fix linking regression. 2024-01-17 15:01:07 +00:00
manager.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
manager_bridges.c documentation: Add missing AMI documentation 2022-01-05 10:32:46 -06:00
manager_channels.c manager: Tolerate stasis messages with no channel snapshot. 2023-08-11 13:29:06 +00:00
manager_endpoints.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
manager_mwi.c documentation: Add missing AMI documentation 2022-01-05 10:32:46 -06:00
manager_system.c Remove constant conditionals (dead-code). 2017-12-19 09:42:19 -05:00
max_forwards.c Detect potential forwarding loops based on count. 2015-04-17 15:58:07 -05:00
md5.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
media_cache.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
media_index.c media_index.c: Refactored so it doesn't cache the index 2019-01-28 12:26:58 -07:00
message.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
mixmonitor.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
mwi.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
named_acl.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
named_locks.c core: Use macros to generate ao2_container callbacks where possible. 2017-12-30 13:20:16 -05:00
netsock2.c netsock2: Add ast_sockaddr_resolve_first_af to netsock2 public API 2018-05-21 11:03:10 -05:00
optional_api.c progdocs: Fix for Doxygen, the hidden parts. 2021-12-02 10:37:38 -06:00
options.c file.c: Add ability to search custom dir for sounds 2023-09-20 19:15:07 +00:00
parking.c stasis: Improve topic/subscription names and statistics. 2019-03-11 11:39:35 -03:00
pbx.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
pbx_app.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
pbx_builtins.c app.c: Allow ampersands in playback lists to be escaped. 2023-11-28 19:52:03 +00:00
pbx_functions.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
pbx_hangup_handler.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
pbx_ignorepat.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
pbx_include.c aelparse: Accept an included context with timings. 2021-08-06 09:04:28 -05:00
pbx_private.h pbx: Create pbx_sw.c for management of 'struct ast_sw'. 2016-07-21 13:58:26 -04:00
pbx_sw.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
pbx_switch.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
pbx_timing.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
pbx_variables.c pbx_variables: Use const char if possible. 2022-09-11 08:32:37 -05:00
pickup.c app_macro: Remove deprecated module. 2023-01-10 14:07:44 -06:00
plc.c loader: Process dependencies for built-in modules. 2018-07-26 14:29:18 -05:00
poll.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
presencestate.c stasis: Improve topic/subscription names and statistics. 2019-03-11 11:39:35 -03:00
privacy.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
refer.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
rtp_engine.c pjsip show channelstats: Prevent possible segfault when faxing 2024-02-14 13:17:40 +00:00
say.c say.c: Fix French time playback. (#42) 2023-05-02 08:09:42 -06:00
sched.c sched: fix and test a double deref on delete of an executing call back 2022-01-21 10:06:57 -06:00
sdp_srtp.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
security_events.c stasis: Improve topic/subscription names and statistics. 2019-03-11 11:39:35 -03:00
sem.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
serializer.c serializer: set high/low alert levels on whole pool 2019-11-18 11:05:24 -05:00
sha1.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
sip_api.c Don't make chan_sip export global symbols. 2012-10-11 15:49:02 +00:00
slinfactory.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
smoother.c main: Spelling fixes 2021-11-15 17:33:27 -06:00
sorcery.c Reduce startup/shutdown verbose logging 2024-02-12 18:46:32 +00:00
sounds.c sounds: Sort 'core show sounds' output 2019-02-04 14:40:35 -06:00
srv.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
stasis.c general: Fix broken links. 2023-12-08 13:11:54 +00:00
stasis_bridges.c stasis: Fix for Doxygen. 2021-11-18 14:46:42 -06:00
stasis_cache.c stasis: Fix for Doxygen. 2021-11-18 14:46:42 -06:00
stasis_cache_pattern.c stasis: Improve topic/subscription names and statistics. 2019-03-11 11:39:35 -03:00
stasis_channels.c ari: Provide the caller ID RDNIS for the channels 2023-11-07 14:27:15 +00:00
stasis_endpoints.c progdocs: Fix Doxygen left-overs. 2021-12-13 08:57:26 -06:00
stasis_message.c build: Fix a few gcc 13 issues 2023-06-09 18:19:53 +00:00
stasis_message_router.c progdocs: Fix for Doxygen, the hidden parts. 2021-12-02 10:37:38 -06:00
stasis_state.c GCC12: Fixes for 18+. state_id_by_topic comparing wrong value 2022-05-09 08:20:46 -05:00
stasis_system.c stasis: Improve topic/subscription names and statistics. 2019-03-11 11:39:35 -03:00
strcompat.c app.c: make sure that no non-async-signal-safe syscalls are used after 2020-05-08 13:44:08 -05:00
stream.c res_pjsip_session: Handle multi-stream re-invites better 2020-09-14 09:27:14 -05:00
stringfields.c stringfields: Remove MALLOC_DEBUG fields from struct ast_string_field_mgr. 2018-03-13 16:24:06 -04:00
strings.c general: Very minor coding guideline fixes. 2022-08-17 11:11:32 -05:00
stun.c GCC12: Fixes for 16+ 2022-05-09 08:21:45 -05:00
syslog.c Remove ASTERISK_REGISTER_FILE. 2016-10-27 09:53:55 -04:00
taskprocessor.c taskprocessor.c: Prevent crash on graceful shutdown 2022-02-14 16:20:17 -06:00
tcptls.c res_http_websocket.c: Set hostname on client for certificate validation. 2023-11-14 17:56:24 +00:00
tdd.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
term.c term.c: Add support for extended number format terminfo files. 2021-09-08 19:10:54 -05:00
test.c test.c: Fix counting of tests and add 2 new tests 2023-04-03 07:41:08 -06:00
threadpool.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
threadstorage.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
time.c time: add support for time64 libcs 2022-03-24 12:00:58 -05:00
timing.c loader: Create ast_module_running_ref. 2018-01-03 17:23:36 -05:00
translate.c translate.c: implement new direct comp table mode 2024-02-28 13:03:26 +00:00
udptl.c chan_sip: Remove deprecated module. 2023-01-03 09:00:42 -06:00
ulaw.c Remove as much trailing whitespace as possible. 2017-12-22 09:23:22 -05:00
uri.c uri.c: Simplify ast_uri_make_host_with_port() 2023-11-14 20:51:40 +00:00
utf8.c res_pjsip: Replace invalid UTF-8 sequences in callerid name 2023-03-01 09:50:02 -06:00
utils.c utils: Make behavior of ast_strsep* match strsep. 2024-02-06 18:55:52 +00:00
uuid.c main: Fix for Doxygen. 2021-12-02 15:02:09 -06:00
xml.c xml.c: Process XML Inclusions recursively. (#69) 2023-05-11 13:03:33 -06:00
xmldoc.c xmldoc: Allow XML docs to be reloaded. 2022-12-08 09:16:33 -06:00