chan_sip: Add sendrpid trust options

In r411189, some behavior was changed which made sendrpid behavior act in a more trusting manner by sending full user data for peers set with private caller presence in P-Asserted-Identity headers. Since this changed long time expected behaviors, we decided to pull that patch when that was pointed out by the community. Instead, this patch provides a trust_id_outbound setting which will expose the data per RFC-3325 if set to 'yes' and simply not send the PAI/RPID headers at all if set to 'no'. By default trust_id_outbound will be set to 'legacy' which will preserve the behavior prior to these patches. Extra special thanks to Walter Doekes for providing advice and feedback. (closes issue AST-1301) (closes issue ASTERISK-19465) Reported by: Krzysztof Chmielewski Review: https://reviewboard.asterisk.org/r/3447/ ........ Merged revisions 412744 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 412746 from http://svn.asterisk.org/svn/asterisk/branches/11 ........ Merged revisions 412747 from http://svn.asterisk.org/svn/asterisk/branches/12 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@412759 65c4cc65-6c06-0410-ace0-fbb531ad65f3
author: Jonathan Rose <jrose@digium.com> 2014-04-21 16:20:32 +0000
committer: Jonathan Rose <jrose@digium.com> 2014-04-21 16:20:32 +0000
commit: ae21162a69e222711658c8712f3403bad8101f72 (patch)
tree: 70c9ece09e33b601a7b0ef4b88f43e1374f724e6 /CHANGES
parent: dcb2ea657c2fc6fb07be584087a1affe799a0646 (diff)
1 files changed, 18 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index cacd0a46c..58f794902 100644
--- a/CHANGES
+++ b/CHANGES
@@ -25,6 +25,23 @@ ARI
    a channel's ARI control queue until they are stopped. They also can not
    be rewound or fastforwarded.
 
+chan_sip
+-----------
+ * SIP peers can now specify 'trust_id_outbound' which affects RPID/PAI
+   fields for prohibited callingpres information. Values are legacy, no, and
+   yes. By default, legacy is used.
+   trust_id_outbound=legacy: behavior remains the same as 1.8.26.1 - When
+   dealing with prohibited callingpres, RPID/PAI headers are created for both
+   sendrpid=pai and sendrpid=rpid are appended, but the data is anonymized.
+   When sendrpid=rpid, only the remote party's domain is anonymized.
+   trust_id_outbound=no: when dealing with prohibited callingpres, RPID/PAI
+   headers are not sent.
+   trust_id_outbound=yes: RPID/PAI headers are applied with the full
+   remote party information in tact even for prohibited callingpres
+   information. In the case of PAI, a Privacy: id header will be appended for
+   prohibited calling information to communicate that the private information
+   should not be relayed to untrusted parties.
+
 ------------------------------------------------------------------------------
 --- Functionality changes from Asterisk 12.1.0 to Asterisk 12.2.0 ------------
 ------------------------------------------------------------------------------
@@ -1498,8 +1515,8 @@ sip_to_res_pjsip.py
    a chan_pjsip configuration, but it is expected that configuration beyond
    what the script provides will be needed.
 
-
 ------------------------------------------------------------------------------
+>>>>>>> .merge-right.r412746
 --- Functionality changes from Asterisk 10 to Asterisk 11 --------------------
 ------------------------------------------------------------------------------
author	Jonathan Rose <jrose@digium.com>	2014-04-21 16:20:32 +0000
committer	Jonathan Rose <jrose@digium.com>	2014-04-21 16:20:32 +0000
commit	ae21162a69e222711658c8712f3403bad8101f72 (patch)
tree	70c9ece09e33b601a7b0ef4b88f43e1374f724e6 /CHANGES
parent	dcb2ea657c2fc6fb07be584087a1affe799a0646 (diff)