<p>N A has uploaded this change for <strong>review</strong>.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/19707">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">chan_dahdi: Fix broken hidecallerid setting.<br><br>The hidecallerid setting in chan_dahdi.conf currently<br>is broken for a couple reasons.<br><br>First, the actual code in sig_analog to "allow" or "block"<br>Caller ID depending on this setting improperly used<br>ast_set_callerid instead of updating the presentation.<br>This issue was mostly fixed in ASTERISK_29991, and that<br>fix is carried forward to this code as well.<br><br>Secondly, the hidecallerid setting is set on the DAHDI<br>pvt but not carried forward to the analog pvt properly.<br>This is because the chan_dahdi config loading code improperly<br>set permhidecallerid to permhidecallerid from the config file,<br>even though hidecallerid is what is actually set from the config<br>file. (This is done correctly for call waiting, a few lines above.)<br>This is fixed to read the proper value.<br><br>Thirdly, in sig_analog, hidecallerid is set to permhidecallerid<br>only on hangup. This can lead to potential security vulnerabilities<br>as an allowed Caller ID from an initial call can "leak" into subsequent<br>calls if no hangup occurs between them. This is fixed by setting<br>hidecallerid to permcallerid when calls begin, rather than when they end.<br>This also means we don't need to also set hidecallerid in chan_dahdi.c<br>when copying from the config, as we would have to otherwise.<br><br>Fourthly, sig_analog currently only allows dialing *67 or *82 if<br>that would actually toggle the presentation. A comment is added<br>clarifying that this behavior is okay.<br><br>Finally, a couple log messages are updated to be more accurate.<br><br>ASTERISK-30349 #close<br><br>Change-Id: I45d1f3d697e833fadbc45a8fcc37f569dd9063d0<br>---<br>M channels/chan_dahdi.c<br>M channels/sig_analog.c<br>2 files changed, 73 insertions(+), 15 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/07/19707/1</pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/channels/chan_dahdi.c b/channels/chan_dahdi.c</span><br><span>index 5607eb0..aab53c1 100644</span><br><span>--- a/channels/chan_dahdi.c</span><br><span>+++ b/channels/chan_dahdi.c</span><br><span>@@ -13108,7 +13108,8 @@</span><br><span> analog_p->canpark = conf->chan.canpark;</span><br><span> analog_p->dahditrcallerid = conf->chan.dahditrcallerid;</span><br><span> analog_p->immediate = conf->chan.immediate;</span><br><span style="color: hsl(0, 100%, 40%);">- analog_p->permhidecallerid = conf->chan.permhidecallerid;</span><br><span style="color: hsl(120, 100%, 40%);">+ analog_p->permhidecallerid = conf->chan.hidecallerid; /* hidecallerid is the config setting, not permhidecallerid (~permcallwaiting above) */</span><br><span style="color: hsl(120, 100%, 40%);">+ /* It's not necessary to set analog_p->hidecallerid here, sig_analog will set hidecallerid=permhidecaller before each call */</span><br><span> analog_p->pulse = conf->chan.pulse;</span><br><span> analog_p->threewaycalling = conf->chan.threewaycalling;</span><br><span> analog_p->transfer = conf->chan.transfer;</span><br><span>diff --git a/channels/sig_analog.c b/channels/sig_analog.c</span><br><span>index b694a96..4b8a5d9 100644</span><br><span>--- a/channels/sig_analog.c</span><br><span>+++ b/channels/sig_analog.c</span><br><span>@@ -2133,6 +2133,19 @@</span><br><span> case ANALOG_SIG_FXOLS:</span><br><span> case ANALOG_SIG_FXOGS:</span><br><span> case ANALOG_SIG_FXOKS:</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Set our default presentation.</span><br><span style="color: hsl(120, 100%, 40%);">+ * This is necessary because the presentation for each call is independent</span><br><span style="color: hsl(120, 100%, 40%);">+ * (thought the default may be the same).</span><br><span style="color: hsl(120, 100%, 40%);">+ * For example, if hidecallerid=yes and somebody makes a call with *82,</span><br><span style="color: hsl(120, 100%, 40%);">+ * then makes a 3-way call, the presentation for the 2nd call should still</span><br><span style="color: hsl(120, 100%, 40%);">+ * be blocked, unless that also had a *82.</span><br><span style="color: hsl(120, 100%, 40%);">+ * For this reason, setting hidecallerid = permhidecallerid on hangup</span><br><span style="color: hsl(120, 100%, 40%);">+ * is NOT sufficient, as the *82 from the first call could "leak" into</span><br><span style="color: hsl(120, 100%, 40%);">+ * subsequent ones made before a hangup, improperly leaking a number</span><br><span style="color: hsl(120, 100%, 40%);">+ * that should have been hidden.</span><br><span style="color: hsl(120, 100%, 40%);">+ */</span><br><span style="color: hsl(120, 100%, 40%);">+ p->hidecallerid = p->permhidecallerid;</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> /* Read the first digit */</span><br><span> timeout = analog_get_firstdigit_timeout(p);</span><br><span> /* If starting a threeway call, never timeout on the first digit so someone</span><br><span>@@ -2190,18 +2203,18 @@</span><br><span> res = analog_play_tone(p, idx, -1);</span><br><span> ast_channel_lock(chan);</span><br><span> ast_channel_exten_set(chan, exten);</span><br><span style="color: hsl(0, 100%, 40%);">- if (!ast_strlen_zero(p->cid_num)) {</span><br><span style="color: hsl(0, 100%, 40%);">- if (!p->hidecallerid) {</span><br><span style="color: hsl(0, 100%, 40%);">- ast_set_callerid(chan, p->cid_num, NULL, p->cid_num);</span><br><span style="color: hsl(0, 100%, 40%);">- } else {</span><br><span style="color: hsl(0, 100%, 40%);">- ast_set_callerid(chan, NULL, NULL, p->cid_num);</span><br><span style="color: hsl(0, 100%, 40%);">- }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+ /* Properly set the presentation.</span><br><span style="color: hsl(120, 100%, 40%);">+ * We need to do this here as well, because p->hidecallerid might be set</span><br><span style="color: hsl(120, 100%, 40%);">+ * due to permanent blocking, not *67/*82 usage. */</span><br><span style="color: hsl(120, 100%, 40%);">+ if (p->hidecallerid) {</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_channel_caller(chan)->id.number.presentation = AST_PRES_PROHIB_USER_NUMBER_NOT_SCREENED;</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_channel_caller(chan)->id.name.presentation = AST_PRES_PROHIB_USER_NUMBER_NOT_SCREENED;</span><br><span style="color: hsl(120, 100%, 40%);">+ } else {</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_channel_caller(chan)->id.number.presentation = AST_PRES_ALLOWED_USER_NUMBER_NOT_SCREENED;</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_channel_caller(chan)->id.name.presentation = AST_PRES_ALLOWED_USER_NUMBER_NOT_SCREENED;</span><br><span> }</span><br><span style="color: hsl(0, 100%, 40%);">- if (!ast_strlen_zero(p->cid_name)) {</span><br><span style="color: hsl(0, 100%, 40%);">- if (!p->hidecallerid) {</span><br><span style="color: hsl(0, 100%, 40%);">- ast_set_callerid(chan, NULL, p->cid_name, NULL);</span><br><span style="color: hsl(0, 100%, 40%);">- }</span><br><span style="color: hsl(0, 100%, 40%);">- }</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span> ast_setstate(chan, AST_STATE_RING);</span><br><span> ast_channel_unlock(chan);</span><br><span> analog_set_echocanceller(p, 1);</span><br><span>@@ -2263,9 +2276,11 @@</span><br><span> ast_hangup(chan);</span><br><span> goto quit;</span><br><span> }</span><br><span style="color: hsl(0, 100%, 40%);">-</span><br><span style="color: hsl(120, 100%, 40%);">+ /* While the DMS-100 allows dialing as many *67s and *82s in succession as one's heart may desire,</span><br><span style="color: hsl(120, 100%, 40%);">+ * the 5ESS does not, it only allows pure toggling (and only once!). So, it's not incorrect</span><br><span style="color: hsl(120, 100%, 40%);">+ * to prevent people from dialing *67 if that won't actually do anything. */</span><br><span> } else if (!p->hidecallerid && !strcmp(exten, "*67")) {</span><br><span style="color: hsl(0, 100%, 40%);">- ast_verb(3, "Disabling Caller*ID on %s\n", ast_channel_name(chan));</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_verb(3, "Blocking Caller*ID on %s\n", ast_channel_name(chan));</span><br><span> /* Disable Caller*ID if enabled */</span><br><span> p->hidecallerid = 1;</span><br><span> ast_channel_caller(chan)->id.number.presentation = AST_PRES_PROHIB_USER_NUMBER_NOT_SCREENED;</span><br><span>@@ -2352,7 +2367,7 @@</span><br><span> len = 0;</span><br><span> }</span><br><span> } else if (p->hidecallerid && !strcmp(exten, "*82")) {</span><br><span style="color: hsl(0, 100%, 40%);">- ast_verb(3, "Enabling Caller*ID on %s\n", ast_channel_name(chan));</span><br><span style="color: hsl(120, 100%, 40%);">+ ast_verb(3, "Allowing Caller*ID on %s\n", ast_channel_name(chan));</span><br><span> /* Enable Caller*ID if enabled */</span><br><span> p->hidecallerid = 0;</span><br><span> ast_channel_caller(chan)->id.number.presentation = AST_PRES_ALLOWED_USER_NUMBER_NOT_SCREENED;</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/19707">change 19707</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/19707"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-Change-Id: I45d1f3d697e833fadbc45a8fcc37f569dd9063d0 </div>
<div style="display:none"> Gerrit-Change-Number: 19707 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: N A <asterisk@phreaknet.org> </div>
<div style="display:none"> Gerrit-MessageType: newchange </div>