<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/1803/">https://reviewboard.asterisk.org/r/1803/</a>
</td>
</tr>
</table>
<br />
<blockquote style="margin-left: 1em; border-left: 2px solid #d0d0d0; padding-left: 10px;">
<p style="margin-top: 0;">On March 7th, 2012, 1:14 p.m., <b>Mark Michelson</b> wrote:</p>
<blockquote style="margin-left: 1em; border-left: 2px solid #d0d0d0; padding-left: 10px;">
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/1803/diff/2/?file=25877#file25877line11957" style="color: black; font-weight: bold; text-decoration: underline;">/branches/1.8/channels/chan_sip.c</a>
<span style="font-weight: normal;">
(Diff revision 2)
</span>
</th>
</tr>
</thead>
<tbody style="background-color: #e4d9cb; padding: 4px 8px; text-align: center;">
<tr>
<td colspan="4"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmethod, const char * const explicit_uri)</pre></td>
</tr>
</tbody>
<tbody>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">11956</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "> <span class="k">if</span> <span class="p">((</span><span class="o">!</span><span class="n">ast_strlen_zero</span><span class="p">(</span><span class="n">p</span><span class="o">-></span><span class="n">fromuser</span><span class="p">))</span> <span class="o">&&</span> <span class="p">(</span><span class="n">ast_test_flag</span><span class="p">(</span><span class="o">&</span><span class="n">p</span><span class="o">-></span><span class="n">flags</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="n">SIP_SENDRPID</span><span class="p">)))</span> <span class="p">{</span></pre></td>
</tr>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">11957</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "> <span class="cm">/* If RPID is enabled and fromname is set it is used for authentication so set the proper domain also */</span><span class="ew"> </span></pre></td>
</tr>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">11958</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "> <span class="n">d</span> <span class="o">=</span> <span class="n">p</span><span class="o">-></span><span class="n">fromdomain</span><span class="p">;</span></pre></td>
</tr>
<tr>
<th bgcolor="#b1ebb0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2"></font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "></pre></td>
<th bgcolor="#b1ebb0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">11959</font></th>
<td bgcolor="#c5ffc4" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; "> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span></pre></td>
</tr>
</tbody>
</table>
<pre style="white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">This change seems suspicious to me.
The comment mentions "fromname" but the if statement checks if p->fromuser is set.
Why does RPID have to be enabled for you to change d to p->fromdomain?
As far as I can tell, the domain in the From header is not used for authentication at all. In fact, nothing in the From header is used for authentication. The user portion of the From header can be used for user matching but that's not the same thing as authentication.
Can you explain this change further?
Also, the red blob here indicates some trailing whitespace. Get rid of it.</pre>
</blockquote>
</blockquote>
<pre style="margin-left: 1em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">there should be fromuser, not fromname.
I've met many times especially in Europe that peers created on Broadsoft should send in FROM always the name of the peer and domain. That is why I've left it. The CPN i sien or in rpid or PAI.
If you do not send such information in FROM the call will be rejected.
IMHO it should stay, should I change it?</pre>
<br />
<p>- jamicque</p>
<br />
<p>On March 7th, 2012, 10:15 a.m., jamicque wrote:</p>
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers.</div>
<div>By jamicque.</div>
<p style="color: grey;"><i>Updated March 7, 2012, 10:15 a.m.</i></p>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">It seams that in Asterisk privacy with PAI is not implemented correctly.
According to RFC 3325 when using privacy, FROM header should be set to anonymous@anonymous.invalid and PAI header should be set to caller num and name. The privacy is implemented by adding privacy: id header.
Now when we use pai and callpres=prohib in P-Asserted-Identity header we have something which is not correct to any rfc.
P-Asserted-Identity: "Anonymous" <sip:anonymous@anonymous.invalid>
What my patch does:
1) it adds Privacy header when PAI is used (values "none" or "id" depending on callpres)
2)
3) "sendrpid" configuration option have been expanded:
now it can have those values:
no - nothing changed
yes - rpid header is added, when call PRES=prohi, FROM header is not changed
rpid - the same as yes
pai - pai header is added, when call PRES=prohi, FROM header is not changed
NEW VALUES:
rpid,trusted (NEW) - the same as yes
rpid,untrusted (NEW) - rpid header is added, when call PRES=prohi, FROM header is changed to anonymous@anonymous.invalid and rpid header is srtiped.
pai,trusted (NEW) - the same as pai
pai,untrusted (NEW) - pai header is added, when call PRES=prohi, FROM header is chenged to anonymous@anonymous.invalid and pai header is srtiped. - as in RFC 3325
When we are using PAI or RPID ,fromname is defined and CLIR, we do not set anonymous@anonymous.invalid - coz this from in this situation is usually used for authentication.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">I've done some basing test with outgoing calls and everything seems to wroks fine.</pre>
</td>
</tr>
</table>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Bugs: </b>
<a href="https://issues.asterisk.org/jira/browse/ASTERISK-19465">ASTERISK-19465</a>
</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/branches/1.8/channels/chan_sip.c <span style="color: grey">(358481)</span></li>
<li>/branches/1.8/channels/sip/include/sip.h <span style="color: grey">(358481)</span></li>
<li>/branches/1.8/configs/sip.conf.sample <span style="color: grey">(358481)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/1803/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>