git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@sangoma.com>
	Wed, 5 Feb 2025 17:33:10 +0000 (10:33 -0700)
committer	Asterisk Development Team <asteriskteam@digium.com>
	Thu, 20 Mar 2025 18:34:07 +0000 (18:34 +0000)
commit	3ec2a680f2689d8275c219e31934ea1bd2159011
tree	47ae66a26a5eb29efb13d7f837a850b3b59bc7f1	tree \| snapshot
parent	619cb75688d17fafd3761ba130cecd97f6c47b21	commit \| diff

res_stir_shaken: Allow missing or anonymous CID to continue to the dialplan.

The verification check for missing or anonymous callerid was happening before
the endpoint's profile was retrieved which meant that the failure_action
parameter wasn't available.  Therefore, if verification was enabled and there
was no callerid or it was "anonymous", the call was immediately terminated
instead of giving the dialplan the ability to decide what to do with the call.

* The callerid check now happens after the verification context is created and
  the endpoint's stir_shaken_profile is available.

* The check now processes the callerid failure just as it does for other
  verification failures and respects the failure_action parameter.  If set
  to "continue" or "continue_return_reason", `STIR_SHAKEN(0,verify_result)`
  in the dialplan will return "invalid_or_no_callerid".

* If the endpoint's failure_action is "reject_request", the call will be
  rejected with `433 "Anonymity Disallowed"`.

* If the endpoint's failure_action is "continue_return_reason", the call will
  continue but a `Reason: STIR; cause=433; text="Anonymity Disallowed"`
  header will be added to the next provisional or final response.

Resolves: #1112
(cherry picked from commit 85fa81ad4591905dd13828b1384cdaefdda50988)

include/asterisk/res_stir_shaken.h		diff \| blob \| blame \| history
res/res_pjsip_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/verification.c		diff \| blob \| blame \| history