From: Ben Ford Date: Thu, 21 Apr 2022 15:26:01 +0000 (-0500) Subject: res_pjsip_stir_shaken.c: Fix enabled when not configured. X-Git-Tag: 19.3.3~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0adbc4f499248aed746e2074504fd535c791e168;p=thirdparty%2Fasterisk.git res_pjsip_stir_shaken.c: Fix enabled when not configured. There was an issue with the conditional where STIR/SHAKEN would be enabled even when not configured. It has been changed to ensure that if a profile does not exist and stir_shaken is not set in pjsip.conf, then the conditional will return from the function without performing STIR/SHAKEN operations. ASTERISK-30024 Change-Id: I41286a3d35b033ccbfbe4129427a62cb793a86e6 --- diff --git a/res/res_pjsip_stir_shaken.c b/res/res_pjsip_stir_shaken.c index 19e846ff73..82c8df0f8b 100644 --- a/res/res_pjsip_stir_shaken.c +++ b/res/res_pjsip_stir_shaken.c @@ -225,8 +225,13 @@ static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_r } profile = ast_stir_shaken_get_profile(session->endpoint->stir_shaken_profile); + /* Profile should be checked first as it takes priority over anything else. + * If there is a profile and it doesn't have verification enabled, do nothing. + * If there is no profile and the stir_shaken option is either not set or does + * not support verification, do nothing. + */ if ((profile && !ast_stir_shaken_profile_supports_verification(profile)) - && ((session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_VERIFY) == 0)) { + || (!profile && (session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_VERIFY) == 0)) { return 0; } @@ -478,8 +483,13 @@ static void stir_shaken_outgoing_request(struct ast_sip_session *session, pjsip_ RAII_VAR(struct stir_shaken_profile *, profile, NULL, ao2_cleanup); profile = ast_stir_shaken_get_profile(session->endpoint->stir_shaken_profile); + /* Profile should be checked first as it takes priority over anything else. + * If there is a profile and it doesn't have attestation enabled, do nothing. + * If there is no profile and the stir_shaken option is either not set or does + * not support attestation, do nothing. + */ if ((profile && !ast_stir_shaken_profile_supports_attestation(profile)) - && ((session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_ATTEST) == 0)) { + || (!profile && (session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_ATTEST) == 0)) { return; }