git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@sangoma.com>
	Wed, 5 Feb 2025 17:33:10 +0000 (10:33 -0700)
committer	Asterisk Development Team <asteriskteam@digium.com>
	Thu, 20 Mar 2025 18:18:29 +0000 (18:18 +0000)
commit	787ffd5f47ac0e900d650f880970b9c01f40cdb7
tree	b0d7f3dc0063d72e43948d9d5c9ec75582558143	tree \| snapshot
parent	da9b7f5f89433b422575082363fcae949c2494ec	commit \| diff

res_stir_shaken: Allow missing or anonymous CID to continue to the dialplan.

The verification check for missing or anonymous callerid was happening before
the endpoint's profile was retrieved which meant that the failure_action
parameter wasn't available.  Therefore, if verification was enabled and there
was no callerid or it was "anonymous", the call was immediately terminated
instead of giving the dialplan the ability to decide what to do with the call.

* The callerid check now happens after the verification context is created and
  the endpoint's stir_shaken_profile is available.

* The check now processes the callerid failure just as it does for other
  verification failures and respects the failure_action parameter.  If set
  to "continue" or "continue_return_reason", `STIR_SHAKEN(0,verify_result)`
  in the dialplan will return "invalid_or_no_callerid".

* If the endpoint's failure_action is "reject_request", the call will be
  rejected with `433 "Anonymity Disallowed"`.

* If the endpoint's failure_action is "continue_return_reason", the call will
  continue but a `Reason: STIR; cause=433; text="Anonymity Disallowed"`
  header will be added to the next provisional or final response.

Resolves: #1112
(cherry picked from commit 0b6a3df3315e4b4d80ed8fd8fa3a29e76a4b9d72)

include/asterisk/res_stir_shaken.h		diff \| blob \| blame \| history
res/res_pjsip_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/verification.c		diff \| blob \| blame \| history