diff options
author | Jonathan Rose <jrose@digium.com> | 2014-04-21 16:20:32 +0000 |
---|---|---|
committer | Jonathan Rose <jrose@digium.com> | 2014-04-21 16:20:32 +0000 |
commit | ae21162a69e222711658c8712f3403bad8101f72 (patch) | |
tree | 70c9ece09e33b601a7b0ef4b88f43e1374f724e6 /configs | |
parent | dcb2ea657c2fc6fb07be584087a1affe799a0646 (diff) |
chan_sip: Add sendrpid trust options
In r411189, some behavior was changed which made sendrpid behavior
act in a more trusting manner by sending full user data for peers
set with private caller presence in P-Asserted-Identity headers.
Since this changed long time expected behaviors, we decided to pull
that patch when that was pointed out by the community. Instead, this
patch provides a trust_id_outbound setting which will expose the data
per RFC-3325 if set to 'yes' and simply not send the PAI/RPID headers
at all if set to 'no'. By default trust_id_outbound will be set to
'legacy' which will preserve the behavior prior to these patches.
Extra special thanks to Walter Doekes for providing advice and
feedback.
(closes issue AST-1301)
(closes issue ASTERISK-19465)
Reported by: Krzysztof Chmielewski
Review: https://reviewboard.asterisk.org/r/3447/
........
Merged revisions 412744 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 412746 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 412747 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@412759 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'configs')
-rw-r--r-- | configs/sip.conf.sample | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/configs/sip.conf.sample b/configs/sip.conf.sample index 46af79043..1175047b3 100644 --- a/configs/sip.conf.sample +++ b/configs/sip.conf.sample @@ -350,6 +350,17 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; transmit such UPDATE messages to it, then you must enable this option. ; Otherwise, we will have to wait until we can send a reinvite to ; transmit the information. +;trust_id_outbound = no ; Controls whether or not we trust this peer with private identity + ; information (when the remote party has callingpres=prohib or equivalent). + ; no - RPID/PAI headers will not be included for private peer information + ; yes - RPID/PAI headers will include the private peer information. Privacy + ; requirements will be indicated in a Privacy header for sendrpid=pai + ; legacy - RPID/PAI will be included for private peer information. In the + ; case of sendrpid=pai, private data that would be included in them + ; will be anonymized. For sendrpid=rpid, private data may be included + ; but the remote party's domain will be anonymized. The way legacy + ; behaves may violate RFC-3325, but it follows historic behavior. + ; This option is set to 'legacy' by default ;prematuremedia=no ; Some ISDN links send empty media frames before ; the call is in ringing or progress state. The SIP ; channel will then send 183 indicating early media @@ -1219,6 +1230,7 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ; autoframing ; insecure ; trustrpid +; trust_id_outbound ; progressinband ; promiscredir ; useclientcode @@ -1431,7 +1443,8 @@ srvlookup=yes ; Enable DNS SRV lookups on outbound calls ;allow=g723.1 ; Asterisk only supports g723.1 pass-thru! ;allow=g729 ; Pass-thru only unless g729 license obtained ;callingpres=allowed_passed_screen ; Set caller ID presentation - ; See README.callingpres for more information + ; See function CALLERPRES documentation for possible + ; values. ;[xlite1] ; Turn off silence suppression in X-Lite ("Transmit Silence"=YES)! |