[Asterisk-code-review] res_pjsip_stir_shaken: Use correct Caller ID to lookup certificate. (asterisk[18])

Thu Jul 15 15:00:52 CDT 2021

Sean Bright has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/16174 )


Change subject: res_pjsip_stir_shaken: Use correct Caller ID to lookup certificate.
......................................................................

res_pjsip_stir_shaken: Use correct Caller ID to lookup certificate.

Determine the Caller ID to use for certificate lookup based on the
same logic we use when setting up the INVITE session. This allows
Caller ID set via the CALLERID() function to to be used for
STIR/SHAKEN certificate lookup.

ASTERISK-29169 #close

Change-Id: I6f1f9c56ceb989d3ad4e16f069b4273166614b9a
---
M res/res_pjsip_stir_shaken.c
1 file changed, 21 insertions(+), 7 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/74/16174/1

diff --git a/res/res_pjsip_stir_shaken.c b/res/res_pjsip_stir_shaken.c
index de1513b..c722085 100644
--- a/res/res_pjsip_stir_shaken.c
+++ b/res/res_pjsip_stir_shaken.c
@@ -208,7 +208,7 @@
 	return 0;
 }
 
-static int add_identity_header(const struct ast_sip_session *session, pjsip_tx_data *tdata)
+static int add_identity_header(const struct ast_sip_session *session, const struct ast_party_id *party_id, pjsip_tx_data *tdata)
 {
 	static const pj_str_t identity_str = { "Identity", 8 };
 	pjsip_generic_string_hdr *identity_hdr;
@@ -258,7 +258,7 @@
 	json = ast_json_pack("{s: {s: s, s: s, s: s}, s: {s: {s: s}, s: {s: s}}}",
 		"header", "alg", "ES256", "ppt", "shaken", "typ", "passport",
 		"payload", "dest", "tn", dest_tn, "orig", "tn",
-		session->id.number.str);
+		party_id->number.str);
 	if (!json) {
 		ast_log(LOG_ERROR, "Failed to allocate memory for STIR/SHAKEN JSON\n");
 		return -1;
@@ -333,20 +333,34 @@
 
 static void stir_shaken_outgoing_request(struct ast_sip_session *session, pjsip_tx_data *tdata)
 {
+	struct ast_party_id effective_id;
+	struct ast_party_id connected_id;
+	int res;
+
 	if (!session->endpoint->stir_shaken) {
 		return;
 	}
 
-	if (ast_strlen_zero(session->id.number.str) && session->id.number.valid) {
+	ast_party_id_init(&connected_id);
+	ast_channel_lock(session->channel);
+	effective_id = ast_channel_connected_effective_id(session->channel);
+	ast_party_id_copy(&connected_id, &effective_id);
+	ast_channel_unlock(session->channel);
+
+	if (ast_strlen_zero(connected_id.number.str) || !connected_id.number.valid) {
 		return;
 	}
 
-	/* If adding the Identity header fails for some reason, there's no point
-	 * adding the Date header.
-	 */
-	if ((add_identity_header(session, tdata)) != 0) {
+	res = add_identity_header(session, &connected_id, tdata);
+
+	ast_party_id_free(&connected_id);
+
+	/* If adding the Identity header failed for some reason, there's no point
+	 * adding the Date header. */
+	if (res) {
 		return;
 	}
+
 	add_date_header(session, tdata);
 }
 

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/16174
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 18
Gerrit-Change-Id: I6f1f9c56ceb989d3ad4e16f069b4273166614b9a
Gerrit-Change-Number: 16174
Gerrit-PatchSet: 1
Gerrit-Owner: Sean Bright <sean at seanbright.com>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20210715/ab5cd24c/attachment-0001.html>
