Don't leak CID in From header when presentation=unavailable

When someone does Set(CALLERPRES()=unavailable) (or
Set(CALLERID(pres)=unavailable)) when sendrpid=no, the From header shows
"Anonymous" <anonymous@anonymous.invalid>. When sendrpid=yes/pai, the From
header will still display the callerid info, even though we supply an rpid
header with the anonymous info. It seems like we shouldn't leak that info in
any case. Skimming http://tools.ietf.org/html/draft-ietf-sip-privacy-04 seems
to indicate that one shouldn't send identifying info in the From in this case.

This patch anonymizes the From header as well even when sendrpid=yes/pai.

(closes issue ASTERISK-16538)

Review: https://reviewboard.asterisk.org/r/1649/

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@349968 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index c424d2eecc4dc62a057264c2e75fb596c72d16d4..162db37cb1ec425c5a76712f0f2231096fb0b3d6 100644 (file)
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -11818,8 +11818,9 @@ static void initreqprep(struct sip_request *req, struct sip_pvt *p, int sipmetho
                if ((ast_party_id_presentation(&p->owner->connected.id) & AST_PRES_RESTRICTION) == AST_PRES_ALLOWED) {
                        l = p->owner->connected.id.number.valid ? p->owner->connected.id.number.str : NULL;
                        n = p->owner->connected.id.name.valid ? p->owner->connected.id.name.str : NULL;
-               } else if (!ast_test_flag(&p->flags[0], SIP_SENDRPID)) {
-                       /* if we are not sending RPID and user wants his callerid restricted */         
+               } else {
+                       /* Even if we are using RPID, we shouldn't leak information in the From if the user wants
+                        * their callerid restricted */
                        l = CALLERID_UNKNOWN;
                        n = l;
                        d = FROMDOMAIN_INVALID;