git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@sangoma.com>
	Fri, 8 Nov 2024 18:22:12 +0000 (11:22 -0700)
committer	Asterisk Development Team <asteriskteam@digium.com>
	Thu, 23 Jan 2025 18:36:03 +0000 (18:36 +0000)
commit	2d2d17811a0d4cc99e4b77392ac91d3c9df7ad3f
tree	31bdee790d2458cfe463465c7a07563e38ded48b	tree
parent	72c7d482754b3d476787dc2dcf41d566f675d84e	commit \| diff

res_stir_shaken: Allow sending Identity headers for unknown TNs

Added a new option "unknown_tn_attest_level" to allow Identity
headers to be sent when a callerid TN isn't explicitly configured
in stir_shaken.conf. Since there's no TN object, a private_key_file
and public_cert_url must be configured in the attestation or profile
objects.

Since "unknown_tn_attest_level" uses the same enum as attest_level,
some of the sorcery macros had to be refactored to allow sharing
the enum and to/from string conversion functions.

Also fixed a memory leak in crypto_utils:pem_file_cb().

Resolves: #921

UserNote: You can now set the "unknown_tn_attest_level" option
in the attestation and/or profile objects in stir_shaken.conf to
enable sending Identity headers for callerid TNs not explicitly
configured.

(cherry picked from commit 9e5cac457f66d11c9521e54ad95bd4a8992b9146)

configs/samples/stir_shaken.conf.sample		diff \| blob \| blame \| history
res/res_stir_shaken/attestation_config.c		diff \| blob \| blame \| history
res/res_stir_shaken/common_config.h		diff \| blob \| blame \| history
res/res_stir_shaken/crypto_utils.c		diff \| blob \| blame \| history
res/res_stir_shaken/profile_config.c		diff \| blob \| blame \| history
res/res_stir_shaken/stir_shaken_doc.xml		diff \| blob \| blame \| history
res/res_stir_shaken/tn_config.c		diff \| blob \| blame \| history
res/res_stir_shaken/verification_config.c		diff \| blob \| blame \| history