[asterisk-dev] [Code Review] 3447: Send real CallerID information with P-Asserted-Identity (RFC-3325)
wdoekes
reviewboard at asterisk.org
Thu Apr 17 01:23:45 CDT 2014
> On April 16, 2014, 7:37 p.m., Jonathan Rose wrote:
> > Hey wdoekes, I'm trying to figure out a similar chart for sendrpid=rpid
> >
> > | pres=allowed | pres=prohibited |
> > ----------------------+--------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------+
> > trust_id_outbound=no | Remote-Party-ID: "123" <sip:123 at xxx.xxx.xxx.xxx>;party=calling;privacy=off;screen=no | Remote-Party-ID: "123" <sip:123 at anonymous.invalid>party=calling;privacy=full;screen=yes |
> > ----------------------+--------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------+
> > trust_id_outbound=yes | Remote-Party-ID: "123" <sip:123 at xxx.xxx.xxx.xxx>;party=calling;privacy=off;screen=no | Remote-Party-ID: "123" <sip:123 at xxx.xxx.xxx.xxx>;party=calling;privacy=full;screen=yes |
> > ----------------------+--------------------------------------------------------------------------------------+-----------------------------------------------------------------------------------------+
> >
> > Does that look about like what you would expect? This is keeping in mind that the trust_id_outbound=no row mirrors the current expectations.
>
> jamuel wrote:
> For the sake of clarity would you guys mind adding a From column so that we could see how the From header might or might not be mangled based on the various use cases since that's where callerid is found typically?
>
> Jonathan Rose wrote:
> The From: header should be completely unimpacted by these changes.
> Does that look about like what you would expect?
> This is keeping in mind that the trust_id_outbound=no row mirrors the current expectations.
(You're missing a semi in that chart.)
Well. It depends on whether we're keeping things compatible or changing things for the better.
What I would expect, is for trust_id_outbound=no to clear out the RPID when pres=prohibited.
If I'm taking the ITSP view here, I have two concerns:
(A) I cannot send out privacy sensitive information to just anyone.
(B) Whenever possible, I want to be able to send CLI info to the device. Some take an RPID, others a PAI and others just the From.
If we use the suggested approach, I still cannot send RPID to trust_id_outbound=no devices.
I feel dirty saying it, but perhaps it is time for one of those nifty ternary booleans. Like: trust_id_outbound=legacy|no|yes. Where 'legacy' does the behaviour you suggest, 'no' clears out the headers in the top-right-chart, and 'yes' keeps the headers in all cases.
Lastly, a question, as I'm not sure on what the current behaviour is: if num-pres *or* name-pres is prohibited, then pres=prohibited in the above charts, right?
...
/* Select the wining[sic] presentation value. */
if (name_priority < number_priority) {
number_value = name_value;
}
...
Ok, that answers my question: yes.
- wdoekes
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/3447/#review11635
-----------------------------------------------------------
On April 16, 2014, 9:23 p.m., Jonathan Rose wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/3447/
> -----------------------------------------------------------
>
> (Updated April 16, 2014, 9:23 p.m.)
>
>
> Review request for Asterisk Developers, Joshua Colp, Matt Jordan, Mark Michelson, and wdoekes.
>
>
> Bugs: AST-1301 and ASTERISK-19465
> https://issues.asterisk.org/jira/browse/AST-1301
> https://issues.asterisk.org/jira/browse/ASTERISK-19465
>
>
> Repository: Asterisk
>
>
> Description
> -------
>
> Walter Doekes pointed out that this might cause a less than ideal situation in which people who were expecting P-Asserted-Identity not to disclose party information will now be sending privacy information, so I pulled this patch from 1.8-trunk and we will now review it here.
>
> Without this patch, P-Asserted-Identity would always use anonymous for the caller ID information, and RFC-3325 seems to indicate that P-Asserted-Identity is something that should not be anonymized, but also only sent to trusted parties. The way this was presented to me, the intent here is that if you set callerpres to prohibited for a peer that receives P-Asserted-Identity, the P-Asserted-Identity shouldn't be anonymized, only the normal From/Contact headers would be anonymized. This apparently
>
> The obvious method for dealing with this mid-release change is to make the change into an option which defaults off in 1.8-12 while defaulting on in trunk. Also I'll need to add Upgrade notes for trunk since this might not always be a desired behavior as well as CHANGES notes throughout to indicate the new option if that's what we settle on.
>
>
> Diffs
> -----
>
> /branches/1.8/configs/sip.conf.sample 412438
> /branches/1.8/channels/sip/include/sip.h 412438
> /branches/1.8/channels/chan_sip.c 412438
> /branches/1.8/CHANGES 412438
>
> Diff: https://reviewboard.asterisk.org/r/3447/diff/
>
>
> Testing
> -------
>
> Call from SIP peer A to SIP peer B
> settings for both peers:
> sendrpid = pai
> callerpres = prohib
>
>
> Invite sent from Asterisk to the recipient of the call
> ------------------------------------------------------
> Prior to patch:
>
> Audio is at 19640
> Adding codec 0x4 (ulaw) to SDP
> Adding non-codec 0x1 (telephone-event) to SDP
> Reliably Transmitting (NAT) to 10.24.18.240:5060:
> INVITE sip:123 at 10.24.18.240:5060 SIP/2.0
> Via: SIP/2.0/UDP 10.24.18.246:5060;branch=z9hG4bK2fb42910;rport
> Max-Forwards: 70
> From: "Anonymous" <sip:anonymous at anonymous.invalid>;tag=as13075548
> To: <sip:123 at 10.24.18.240:5060>
> Contact: <sip:anonymous at 10.24.18.246:5060>
> Call-ID: 762b8a5e5848d7997f38f71a770d4dd9 at 10.24.18.246:5060
> CSeq: 102 INVITE
> User-Agent: Asterisk PBX SVN-branch-1.8-r410380
> Date: Tue, 11 Mar 2014 22:59:39 GMT
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
> Supported: replaces, timer
> P-Asserted-Identity: "Anonymous" <sip:anonymous at anonymous.invalid>
> Content-Type: application/sdp
> Content-Length: 276
>
> v=0
> o=root 473543868 473543868 IN IP4 10.24.18.246
> s=Asterisk PBX SVN-branch-1.8-r410380
> c=IN IP4 10.24.18.246
> t=0 0
> m=audio 19640 RTP/AVP 0 101
> a=rtpmap:0 PCMU/8000
> a=rtpmap:101 telephone-event/8000
> a=fmtp:101 0-16
> a=silenceSupp:off - - - -
> a=ptime:20
> a=sendrecv
>
>
> After patch:
>
> Audio is at 11822
> Adding codec 0x4 (ulaw) to SDP
> Adding non-codec 0x1 (telephone-event) to SDP
> Reliably Transmitting (NAT) to 10.24.18.240:5060:
> INVITE sip:123 at 10.24.18.240:5060 SIP/2.0
> Via: SIP/2.0/UDP 10.24.18.246:5060;branch=z9hG4bK5d4a7db8;rport
> Max-Forwards: 70
> From: "Anonymous" <sip:anonymous at anonymous.invalid>;tag=as181a14e3
> To: <sip:123 at 10.24.18.240:5060>
> Contact: <sip:anonymous at 10.24.18.246:5060>
> Call-ID: 721bef28208f7633288e929c6e88824e at 10.24.18.246:5060
> CSeq: 102 INVITE
> User-Agent: Asterisk PBX SVN-branch-1.8-r410380M
> Date: Tue, 11 Mar 2014 22:57:39 GMT
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH
> Supported: replaces, timer
> P-Asserted-Identity: "Goldy Locks" <sip:6018 at 10.24.18.246>
> Privacy: id
> Content-Type: application/sdp
> Content-Length: 279
>
> v=0
> o=root 1606369071 1606369071 IN IP4 10.24.18.246
> s=Asterisk PBX SVN-branch-1.8-r410380M
> c=IN IP4 10.24.18.246
> t=0 0
> m=audio 11822 RTP/AVP 0 101
> a=rtpmap:0 PCMU/8000
> a=rtpmap:101 telephone-event/8000
> a=fmtp:101 0-16
> a=silenceSupp:off - - - -
> a=ptime:20
> a=sendrecv
>
>
> Thanks,
>
> Jonathan Rose
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20140417/4cdfe944/attachment.html>
More information about the asterisk-dev
mailing list