[asterisk-bugs] [JIRA] (ASTERISK-27284) Status of RFC 3323 and PJSIP

Richard Mudgett (JIRA) noreply at issues.asterisk.org
Thu Sep 21 10:02:07 CDT 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-27284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=238810#comment-238810 ] 

Richard Mudgett edited comment on ASTERISK-27284 at 9/21/17 10:00 AM:
----------------------------------------------------------------------

BTW the dialplan is a simple:
exten => _0.,1,Dial(PJSIP/{$EXTEN}@outgoing)

With trust_id_outbound = yes:

{noformat}
<--- Received SIP request (965 bytes) from UDP:172.16.0.2:5060 --->
INVITE sip:0402938661 at 10.0.4.217 SIP/2.0
Via: SIP/2.0/UDP 172.16.0.2:5060;branch=z9hG4bK20f3917a
Max-Forwards: 70
From: "Anonymous" <sip:anonymous at anonymous.invalid>;tag=as299f4b90
To: <sip:0402938661 at 10.0.4.217>
Contact: <sip:anonymous at 172.16.0.2:5060>
Call-ID: 65d2fade6ad8ee6b32bcfb6c07f6cbf2 at 172.16.0.2:5060
CSeq: 102 INVITE
User-Agent: Asterisk PBX 11.13.1~dfsg-2+deb8u2
Date: Thu, 21 Sep 2017 14:09:31 GMT
Session-Expires: 1800
Min-SE: 90
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Privacy: id;user;critical
P-Asserted-Identity: "Example" <sip:0123456789 at example.org>
Content-Type: application/sdp
Content-Length: 246

    -- Executing [0402938661 at outgoing:1] Dial("PJSIP/sbcs-00000054", "PJSIP/0402938661 at pathfinderpocosnl") in new stack
<--- Transmitting SIP request (1122 bytes) to UDP:109.235.32.45:5060 --->
INVITE sip:0402938661 at 109.235.32.45;user=phone SIP/2.0
Via: SIP/2.0/UDP 10.0.4.217:5060;rport;branch=z9hG4bKPj59a996da-8edd-4ff7-8cfb-5a71adf9f5aa
From: "Example" <sip:0123456789 at 10.0.4.217;user=phone>;tag=237a8de0-c01e-467e-aa7e-ae84f25ed0b6
To: <sip:0402938661 at 109.235.32.45;user=phone>
Contact: <sip:unknown at 10.0.4.217:5060>
Call-ID: 580e1db1-20fa-4b8b-a7f1-0c4d034a1849
CSeq: 2844 INVITE
Allow: OPTIONS, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, REGISTER, MESSAGE, REFER
Supported: 100rel, timer, replaces, norefersub
Session-Expires: 1800
Min-SE: 90
P-Asserted-Identity: "Example" <sip:0123456789 at 10.0.4.217;user=phone>
Max-Forwards: 70
User-Agent: Asterisk PBX 13.14.1~dfsg-2+deb9u1
Content-Type: application/sdp
Content-Length:   336
{noformat}


was (Author: dtryba):
BTW the dialplan is a simple:
exten => _0.,1,Dial(PJSIP/{$EXTEN}@outgoing)

With trust_id_outbound = yes:

{quote}
<--- Received SIP request (965 bytes) from UDP:172.16.0.2:5060 --->
INVITE sip:0402938661 at 10.0.4.217 SIP/2.0
Via: SIP/2.0/UDP 172.16.0.2:5060;branch=z9hG4bK20f3917a
Max-Forwards: 70
From: "Anonymous" <sip:anonymous at anonymous.invalid>;tag=as299f4b90
To: <sip:0402938661 at 10.0.4.217>
Contact: <sip:anonymous at 172.16.0.2:5060>
Call-ID: 65d2fade6ad8ee6b32bcfb6c07f6cbf2 at 172.16.0.2:5060
CSeq: 102 INVITE
User-Agent: Asterisk PBX 11.13.1~dfsg-2+deb8u2
Date: Thu, 21 Sep 2017 14:09:31 GMT
Session-Expires: 1800
Min-SE: 90
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
Privacy: id;user;critical
P-Asserted-Identity: "Example" <sip:0123456789 at example.org>
Content-Type: application/sdp
Content-Length: 246

    -- Executing [0402938661 at outgoing:1] Dial("PJSIP/sbcs-00000054", "PJSIP/0402938661 at pathfinderpocosnl") in new stack
<--- Transmitting SIP request (1122 bytes) to UDP:109.235.32.45:5060 --->
INVITE sip:0402938661 at 109.235.32.45;user=phone SIP/2.0
Via: SIP/2.0/UDP 10.0.4.217:5060;rport;branch=z9hG4bKPj59a996da-8edd-4ff7-8cfb-5a71adf9f5aa
From: "Example" <sip:0123456789 at 10.0.4.217;user=phone>;tag=237a8de0-c01e-467e-aa7e-ae84f25ed0b6
To: <sip:0402938661 at 109.235.32.45;user=phone>
Contact: <sip:unknown at 10.0.4.217:5060>
Call-ID: 580e1db1-20fa-4b8b-a7f1-0c4d034a1849
CSeq: 2844 INVITE
Allow: OPTIONS, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, REGISTER, MESSAGE, REFER
Supported: 100rel, timer, replaces, norefersub
Session-Expires: 1800
Min-SE: 90
P-Asserted-Identity: "Example" <sip:0123456789 at 10.0.4.217;user=phone>
Max-Forwards: 70
User-Agent: Asterisk PBX 13.14.1~dfsg-2+deb9u1
Content-Type: application/sdp
Content-Length:   336
{quote}

> Status of RFC 3323 and PJSIP
> ----------------------------
>
>                 Key: ASTERISK-27284
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27284
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip_caller_id
>    Affects Versions: 13.14.1
>            Reporter: dtryba
>            Assignee: Unassigned
>            Severity: Trivial
>
> My upstream provider complained that Anonymous calls to our endusers got de-anonymized during transit in our platform. These incoming calls have the headers:
> {quote}
> From: "Anonymous" <sip:anonymous at anonymous.invalid>
> {quote}
> and
> {quote}
> Privacy: id;user;critical
> P-Asserted-Identity: "Example" <sip:0123456789 at example.org;user=phone>
> {quote}
> After passing through Asterisk 13.14.x, the Privacy header is removed, PAI is unaffected and From is changed to:
> {quote}
> From: "Example" <sip:0123456789 at example.org;user=phone>
> {quote}
> All involved pjsip endpoints have send_pai, trust_id_inbound and trust_id_outbound set to yes.
> This violates RFC 3233:
> {quote}
> Privacy-hdr  =  "Privacy" HCOLON priv-value *(";" priv-value)
>    priv-value   =   "header" / "session" / "user" / "none" / "critical" / token
> {quote}
> Where:
> {quote}
> critical: The user asserts that the privacy services requested for
> this message are critical, and that therefore, if these privacy
> services cannot be provided by the network, this request should be
> rejected.  Criticality cannot be managed appropriately for
> responses.
> {quote}
> But is RFC still applicable to SIP?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list