From ae21162a69e222711658c8712f3403bad8101f72 Mon Sep 17 00:00:00 2001 From: Jonathan Rose Date: Mon, 21 Apr 2014 16:20:32 +0000 Subject: chan_sip: Add sendrpid trust options In r411189, some behavior was changed which made sendrpid behavior act in a more trusting manner by sending full user data for peers set with private caller presence in P-Asserted-Identity headers. Since this changed long time expected behaviors, we decided to pull that patch when that was pointed out by the community. Instead, this patch provides a trust_id_outbound setting which will expose the data per RFC-3325 if set to 'yes' and simply not send the PAI/RPID headers at all if set to 'no'. By default trust_id_outbound will be set to 'legacy' which will preserve the behavior prior to these patches. Extra special thanks to Walter Doekes for providing advice and feedback. (closes issue AST-1301) (closes issue ASTERISK-19465) Reported by: Krzysztof Chmielewski Review: https://reviewboard.asterisk.org/r/3447/ ........ Merged revisions 412744 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 412746 from http://svn.asterisk.org/svn/asterisk/branches/11 ........ Merged revisions 412747 from http://svn.asterisk.org/svn/asterisk/branches/12 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@412759 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- CHANGES | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'CHANGES') diff --git a/CHANGES b/CHANGES index cacd0a46c..58f794902 100644 --- a/CHANGES +++ b/CHANGES @@ -25,6 +25,23 @@ ARI a channel's ARI control queue until they are stopped. They also can not be rewound or fastforwarded. +chan_sip +----------- + * SIP peers can now specify 'trust_id_outbound' which affects RPID/PAI + fields for prohibited callingpres information. Values are legacy, no, and + yes. By default, legacy is used. + trust_id_outbound=legacy: behavior remains the same as 1.8.26.1 - When + dealing with prohibited callingpres, RPID/PAI headers are created for both + sendrpid=pai and sendrpid=rpid are appended, but the data is anonymized. + When sendrpid=rpid, only the remote party's domain is anonymized. + trust_id_outbound=no: when dealing with prohibited callingpres, RPID/PAI + headers are not sent. + trust_id_outbound=yes: RPID/PAI headers are applied with the full + remote party information in tact even for prohibited callingpres + information. In the case of PAI, a Privacy: id header will be appended for + prohibited calling information to communicate that the private information + should not be relayed to untrusted parties. + ------------------------------------------------------------------------------ --- Functionality changes from Asterisk 12.1.0 to Asterisk 12.2.0 ------------ ------------------------------------------------------------------------------ @@ -1498,8 +1515,8 @@ sip_to_res_pjsip.py a chan_pjsip configuration, but it is expected that configuration beyond what the script provides will be needed. - ------------------------------------------------------------------------------ +>>>>>>> .merge-right.r412746 --- Functionality changes from Asterisk 10 to Asterisk 11 -------------------- ------------------------------------------------------------------------------ -- cgit v1.2.3