]> git.ipfire.org Git - thirdparty/asterisk.git/commitdiff
projects / thirdparty / asterisk.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: acc3b8b)
res_pjsip_stir_shaken: RFC 8225 compliance and error message cleanup.
authorSean Bright <sean.bright@gmail.com>
Thu, 15 Jul 2021 20:04:01 +0000 (16:04 -0400)
committerBenjamin Keith Ford <bford@digium.com>
Mon, 19 Jul 2021 15:48:29 +0000 (10:48 -0500)
From RFC 8225 Section 5.2.1:

    The "dest" claim is a JSON object with the claim name of "dest"
    and MUST have at least one identity claim object.  The "dest"
    claim value is an array containing one or more identity claim JSON
    objects representing the destination identities of any type
    (currently "tn" or "uri").  If the "dest" claim value array
    contains both "tn" and "uri" claim names, the JSON object should
    list the "tn" array first and the "uri" array second.  Within the
    "tn" and "uri" arrays, the identity strings should be put in
    lexicographical order, including the scheme-specific portion of
    the URI characters.

Additionally, make it clear that there was a failure to sign the JWT
payload and not necessarily a memory allocation failure.

Change-Id: Ia8733b861aef6edfaa9c2136e97b447a01578dc9

res/res_pjsip_stir_shaken.c patch | blob | blame | history

diff --git a/res/res_pjsip_stir_shaken.c b/res/res_pjsip_stir_shaken.c
index 42d638ffa10e40cf7d8543054264cd832f8e9204..1519d343c6705762a9863a337c056395fffc6cf5 100644 (file)
--- a/res/res_pjsip_stir_shaken.c
+++ b/res/res_pjsip_stir_shaken.c
@@ -258,7 +258,7 @@ static int add_identity_header(const struct ast_sip_session *session, pjsip_tx_d
        ast_copy_pj_str(dest_tn, &uri->user, uri->user.slen + 1);
 
        /* x5u (public key URL), attestation, and origid will be added by ast_stir_shaken_sign */
-       json = ast_json_pack("{s: {s: s, s: s, s: s}, s: {s: {s: s}, s: {s: s}}}",
+       json = ast_json_pack("{s: {s: s, s: s, s: s}, s: {s: {s: [s]}, s: {s: s}}}",
                "header", "alg", "ES256", "ppt", "shaken", "typ", "passport",
                "payload", "dest", "tn", dest_tn, "orig", "tn",
                session->id.number.str);
@@ -269,7 +269,7 @@ static int add_identity_header(const struct ast_sip_session *session, pjsip_tx_d
 
        ss_payload = ast_stir_shaken_sign(json);
        if (!ss_payload) {
-               ast_log(LOG_ERROR, "Failed to allocate memory for STIR/SHAKEN payload\n");
+               ast_log(LOG_ERROR, "Failed to sign STIR/SHAKEN payload\n");
                return -1;
        }
 
Mirror of https://github.com/asterisk/asterisk.git