git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@sangoma.com>
	Wed, 5 Feb 2025 17:33:10 +0000 (10:33 -0700)
committer	George Joseph <gjoseph@sangoma.com>
	Tue, 11 Feb 2025 23:33:11 +0000 (23:33 +0000)
commit	85fa81ad4591905dd13828b1384cdaefdda50988
tree	b06491b901b8d2b182ee037aab3b981a9e1ee2fb	tree \| snapshot
parent	1a1eb8821185c0f4945d6ca0654ea6763e1560fb	commit \| diff

res_stir_shaken: Allow missing or anonymous CID to continue to the dialplan.

The verification check for missing or anonymous callerid was happening before
the endpoint's profile was retrieved which meant that the failure_action
parameter wasn't available.  Therefore, if verification was enabled and there
was no callerid or it was "anonymous", the call was immediately terminated
instead of giving the dialplan the ability to decide what to do with the call.

* The callerid check now happens after the verification context is created and
  the endpoint's stir_shaken_profile is available.

* The check now processes the callerid failure just as it does for other
  verification failures and respects the failure_action parameter.  If set
  to "continue" or "continue_return_reason", `STIR_SHAKEN(0,verify_result)`
  in the dialplan will return "invalid_or_no_callerid".

* If the endpoint's failure_action is "reject_request", the call will be
  rejected with `433 "Anonymity Disallowed"`.

* If the endpoint's failure_action is "continue_return_reason", the call will
  continue but a `Reason: STIR; cause=433; text="Anonymity Disallowed"`
  header will be added to the next provisional or final response.

Resolves: #1112

include/asterisk/res_stir_shaken.h		diff \| blob \| blame \| history
res/res_pjsip_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/verification.c		diff \| blob \| blame \| history