diff --git a/CHANGES b/CHANGES index 7c04285826..057542f182 100644 --- a/CHANGES +++ b/CHANGES @@ -215,6 +215,11 @@ Queue --- Functionality changes from Asterisk 13.7.0 to Asterisk 13.8.0 ------------ ------------------------------------------------------------------------------ +res_pjsip_caller_id +------------------ + * Per RFC3325, the 'From' header is now anonymized on outgoing calls when + caller id presentation is prohibited. + res_pjsip_config_wizard ------------------ * A new command (pjsip export config_wizard primitives) has been added that diff --git a/include/asterisk/res_pjsip.h b/include/asterisk/res_pjsip.h index 3008475c30..66370186a0 100644 --- a/include/asterisk/res_pjsip.h +++ b/include/asterisk/res_pjsip.h @@ -2247,4 +2247,14 @@ int ast_sip_set_tpselector_from_transport(const struct ast_sip_transport *transp */ int ast_sip_set_tpselector_from_transport_name(const char *transport_name, pjsip_tpselector *selector); +/*! + * \brief Set name and number information on an identity header. + * + * \param pool Memory pool to use for string duplication + * \param id_hdr A From, P-Asserted-Identity, or Remote-Party-ID header to modify + * \param id The identity information to apply to the header + */ +void ast_sip_modify_id_header(pj_pool_t *pool, pjsip_fromto_hdr *id_hdr, + const struct ast_party_id *id); + #endif /* _RES_PJSIP_H */ diff --git a/include/asterisk/res_pjsip_session.h b/include/asterisk/res_pjsip_session.h index 6139847130..55401e7c7a 100644 --- a/include/asterisk/res_pjsip_session.h +++ b/include/asterisk/res_pjsip_session.h @@ -151,6 +151,8 @@ struct ast_sip_session { enum ast_sip_session_t38state t38state; /*! The AOR associated with this session */ struct ast_sip_aor *aor; + /*! From header saved at invite creation */ + pjsip_fromto_hdr *saved_from_hdr; }; typedef int (*ast_sip_session_request_creation_cb)(struct ast_sip_session *session, pjsip_tx_data *tdata); diff --git a/res/res_pjsip.c b/res/res_pjsip.c index 713d94ec50..170a19151a 100644 --- a/res/res_pjsip.c +++ b/res/res_pjsip.c @@ -3898,6 +3898,35 @@ const char *ast_sip_get_host_ip_string(int af) return NULL; } +/*! + * \brief Set name and number information on an identity header. + * + * \param pool Memory pool to use for string duplication + * \param id_hdr A From, P-Asserted-Identity, or Remote-Party-ID header to modify + * \param id The identity information to apply to the header + */ +void ast_sip_modify_id_header(pj_pool_t *pool, pjsip_fromto_hdr *id_hdr, const struct ast_party_id *id) +{ + pjsip_name_addr *id_name_addr; + pjsip_sip_uri *id_uri; + + id_name_addr = (pjsip_name_addr *) id_hdr->uri; + id_uri = pjsip_uri_get_uri(id_name_addr->uri); + + if (id->name.valid) { + int name_buf_len = strlen(id->name.str) * 2 + 1; + char *name_buf = ast_alloca(name_buf_len); + + ast_escape_quoted(id->name.str, name_buf, name_buf_len); + pj_strdup2(pool, &id_name_addr->display, name_buf); + } + + if (id->number.valid) { + pj_strdup2(pool, &id_uri->user, id->number.str); + } +} + + static void remove_request_headers(pjsip_endpoint *endpt) { const pjsip_hdr *request_headers = pjsip_endpt_get_request_headers(endpt); diff --git a/res/res_pjsip_caller_id.c b/res/res_pjsip_caller_id.c index 8227cacda5..1818105d7d 100644 --- a/res/res_pjsip_caller_id.c +++ b/res/res_pjsip_caller_id.c @@ -396,34 +396,6 @@ static void caller_id_incoming_response(struct ast_sip_session *session, pjsip_r update_incoming_connected_line(session, rdata); } -/*! - * \internal - * \brief Set name and number information on an identity header. - * \param pool Memory pool to use for string duplication - * \param id_hdr A From, P-Asserted-Identity, or Remote-Party-ID header to modify - * \param id The identity information to apply to the header - */ -static void modify_id_header(pj_pool_t *pool, pjsip_fromto_hdr *id_hdr, const struct ast_party_id *id) -{ - pjsip_name_addr *id_name_addr; - pjsip_sip_uri *id_uri; - - id_name_addr = (pjsip_name_addr *) id_hdr->uri; - id_uri = pjsip_uri_get_uri(id_name_addr->uri); - - if (id->name.valid) { - int name_buf_len = strlen(id->name.str) * 2 + 1; - char *name_buf = ast_alloca(name_buf_len); - - ast_escape_quoted(id->name.str, name_buf, name_buf_len); - pj_strdup2(pool, &id_name_addr->display, name_buf); - } - - if (id->number.valid) { - pj_strdup2(pool, &id_uri->user, id->number.str); - } -} - /*! * \internal * \brief Create an identity header for an outgoing message @@ -432,15 +404,12 @@ static void modify_id_header(pj_pool_t *pool, pjsip_fromto_hdr *id_hdr, const st * \param id The identification information for the new header * \return newly-created header */ -static pjsip_fromto_hdr *create_new_id_hdr(const pj_str_t *hdr_name, pjsip_tx_data *tdata, const struct ast_party_id *id) +static pjsip_fromto_hdr *create_new_id_hdr(const pj_str_t *hdr_name, pjsip_fromto_hdr *base, pjsip_tx_data *tdata, const struct ast_party_id *id) { pjsip_fromto_hdr *id_hdr; - pjsip_fromto_hdr *base; pjsip_name_addr *id_name_addr; pjsip_sip_uri *id_uri; - base = tdata->msg->type == PJSIP_REQUEST_MSG ? PJSIP_MSG_FROM_HDR(tdata->msg) : - PJSIP_MSG_TO_HDR(tdata->msg); id_hdr = pjsip_from_hdr_create(tdata->pool); id_hdr->type = PJSIP_H_OTHER; pj_strdup(tdata->pool, &id_hdr->name, hdr_name); @@ -500,9 +469,10 @@ static void add_privacy_header(pjsip_tx_data *tdata, const struct ast_party_id * * \param tdata The message to add the header to * \param id The identification information used to populate the header */ -static void add_pai_header(pjsip_tx_data *tdata, const struct ast_party_id *id) +static void add_pai_header(const struct ast_sip_session *session, pjsip_tx_data *tdata, const struct ast_party_id *id) { static const pj_str_t pj_pai_name = { "P-Asserted-Identity", 19 }; + pjsip_fromto_hdr *base; pjsip_fromto_hdr *pai_hdr; pjsip_fromto_hdr *old_pai; @@ -523,13 +493,16 @@ static void add_pai_header(pjsip_tx_data *tdata, const struct ast_party_id *id) if (old_pai->type == PJSIP_H_OTHER) { pj_list_erase(old_pai); } else { - modify_id_header(tdata->pool, old_pai, id); + ast_sip_modify_id_header(tdata->pool, old_pai, id); add_privacy_header(tdata, id); return; } } - pai_hdr = create_new_id_hdr(&pj_pai_name, tdata, id); + base = tdata->msg->type == PJSIP_REQUEST_MSG ? session->saved_from_hdr : + PJSIP_MSG_TO_HDR(tdata->msg); + + pai_hdr = create_new_id_hdr(&pj_pai_name, base, tdata, id); if (!pai_hdr) { return; } @@ -602,9 +575,10 @@ static void add_privacy_params(pjsip_tx_data *tdata, pjsip_fromto_hdr *hdr, cons * \param tdata The message to add the header to * \param id The identification information used to populate the header */ -static void add_rpid_header(pjsip_tx_data *tdata, const struct ast_party_id *id) +static void add_rpid_header(const struct ast_sip_session *session, pjsip_tx_data *tdata, const struct ast_party_id *id) { static const pj_str_t pj_rpid_name = { "Remote-Party-ID", 15 }; + pjsip_fromto_hdr *base; pjsip_fromto_hdr *rpid_hdr; pjsip_fromto_hdr *old_rpid; @@ -625,13 +599,16 @@ static void add_rpid_header(pjsip_tx_data *tdata, const struct ast_party_id *id) if (old_rpid->type == PJSIP_H_OTHER) { pj_list_erase(old_rpid); } else { - modify_id_header(tdata->pool, old_rpid, id); + ast_sip_modify_id_header(tdata->pool, old_rpid, id); add_privacy_params(tdata, old_rpid, id); return; } } - rpid_hdr = create_new_id_hdr(&pj_rpid_name, tdata, id); + base = tdata->msg->type == PJSIP_REQUEST_MSG ? session->saved_from_hdr : + PJSIP_MSG_TO_HDR(tdata->msg); + + rpid_hdr = create_new_id_hdr(&pj_rpid_name, base, tdata, id); if (!rpid_hdr) { return; } @@ -658,10 +635,10 @@ static void add_id_headers(const struct ast_sip_session *session, pjsip_tx_data return; } if (session->endpoint->id.send_pai) { - add_pai_header(tdata, id); + add_pai_header(session, tdata, id); } if (session->endpoint->id.send_rpid) { - add_rpid_header(tdata, id); + add_rpid_header(session, tdata, id); } } @@ -669,10 +646,9 @@ static void add_id_headers(const struct ast_sip_session *session, pjsip_tx_data * \internal * \brief Session supplement callback for outgoing INVITE requests * - * For an initial INVITE request, we may change the From header to appropriately - * reflect the identity information. On all INVITEs (initial and reinvite) we may - * add other identity headers such as P-Asserted-Identity and Remote-Party-ID based - * on configuration and privacy settings + * On all INVITEs (initial and reinvite) we may add other identity headers + * such as P-Asserted-Identity and Remote-Party-ID based on configuration + * and privacy settings * * \param session The session on which the INVITE will be sent * \param tdata The outbound INVITE request @@ -686,33 +662,12 @@ static void caller_id_outgoing_request(struct ast_sip_session *session, pjsip_tx return; } - /* Must do a deep copy unless we hold the channel lock the entire time. */ ast_party_id_init(&connected_id); ast_channel_lock(session->channel); effective_id = ast_channel_connected_effective_id(session->channel); ast_party_id_copy(&connected_id, &effective_id); ast_channel_unlock(session->channel); - if (session->inv_session->state < PJSIP_INV_STATE_CONFIRMED) { - /* Only change the From header on the initial outbound INVITE. Switching it - * mid-call might confuse some UAs. - */ - pjsip_fromto_hdr *from; - pjsip_dialog *dlg; - - from = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_FROM, tdata->msg->hdr.next); - dlg = session->inv_session->dlg; - - if (ast_strlen_zero(session->endpoint->fromuser) - && (session->endpoint->id.trust_outbound - || (ast_party_id_presentation(&connected_id) & AST_PRES_RESTRICTION) == AST_PRES_ALLOWED)) { - modify_id_header(tdata->pool, from, &connected_id); - modify_id_header(dlg->pool, dlg->local.info, &connected_id); - } - - ast_sip_add_usereqphone(session->endpoint, tdata->pool, from->uri); - ast_sip_add_usereqphone(session->endpoint, dlg->pool, dlg->local.info->uri); - } add_id_headers(session, tdata, &connected_id); ast_party_id_free(&connected_id); } diff --git a/res/res_pjsip_session.c b/res/res_pjsip_session.c index 983687174e..80fe8f393b 100644 --- a/res/res_pjsip_session.c +++ b/res/res_pjsip_session.c @@ -30,6 +30,7 @@ #include "asterisk/res_pjsip.h" #include "asterisk/res_pjsip_session.h" +#include "asterisk/callerid.h" #include "asterisk/datastore.h" #include "asterisk/module.h" #include "asterisk/logger.h" @@ -800,6 +801,75 @@ static pjmedia_sdp_session *generate_session_refresh_sdp(struct ast_sip_session return create_local_sdp(inv_session, session, previous_sdp); } +static void set_from_header(struct ast_sip_session *session) +{ + struct ast_party_id effective_id; + struct ast_party_id connected_id; + pj_pool_t *dlg_pool; + pjsip_fromto_hdr *dlg_info; + pjsip_name_addr *dlg_info_name_addr; + pjsip_sip_uri *dlg_info_uri; + int restricted; + + if (!session->channel || session->saved_from_hdr) { + return; + } + + /* We need to save off connected_id for RPID/PAI generation */ + ast_party_id_init(&connected_id); + ast_channel_lock(session->channel); + effective_id = ast_channel_connected_effective_id(session->channel); + ast_party_id_copy(&connected_id, &effective_id); + ast_channel_unlock(session->channel); + + restricted = + ((ast_party_id_presentation(&connected_id) & AST_PRES_RESTRICTION) != AST_PRES_ALLOWED); + + /* Now set up dlg->local.info so pjsip can correctly generate From */ + + dlg_pool = session->inv_session->dlg->pool; + dlg_info = session->inv_session->dlg->local.info; + dlg_info_name_addr = (pjsip_name_addr *) dlg_info->uri; + dlg_info_uri = pjsip_uri_get_uri(dlg_info_name_addr); + + if (session->endpoint->id.trust_outbound || !restricted) { + ast_sip_modify_id_header(dlg_pool, dlg_info, &connected_id); + } + + ast_party_id_free(&connected_id); + + if (!ast_strlen_zero(session->endpoint->fromuser)) { + dlg_info_name_addr->display.ptr = NULL; + dlg_info_name_addr->display.slen = 0; + pj_strdup2(dlg_pool, &dlg_info_uri->user, session->endpoint->fromuser); + } + + if (!ast_strlen_zero(session->endpoint->fromdomain)) { + pj_strdup2(dlg_pool, &dlg_info_uri->host, session->endpoint->fromdomain); + } + + ast_sip_add_usereqphone(session->endpoint, dlg_pool, dlg_info->uri); + + /* We need to save off the non-anonymized From for RPID/PAI generation (for domain) */ + session->saved_from_hdr = pjsip_hdr_clone(dlg_pool, dlg_info); + + /* In chan_sip, fromuser and fromdomain trump restricted so we only + * anonymize if they're not set. + */ + if (restricted) { + /* fromuser doesn't provide a display name so we always set it */ + pj_strdup2(dlg_pool, &dlg_info_name_addr->display, "Anonymous"); + + if (ast_strlen_zero(session->endpoint->fromuser)) { + pj_strdup2(dlg_pool, &dlg_info_uri->user, "anonymous"); + } + + if (ast_strlen_zero(session->endpoint->fromdomain)) { + pj_strdup2(dlg_pool, &dlg_info_uri->host, "anonymous.invalid"); + } + } +} + int ast_sip_session_refresh(struct ast_sip_session *session, ast_sip_session_request_creation_cb on_request_creation, ast_sip_session_sdp_creation_cb on_sdp_creation, @@ -867,6 +937,12 @@ int ast_sip_session_refresh(struct ast_sip_session *session, } } + /* + * We MUST call set_from_header() before pjsip_inv_(reinvite|update). If we don't, the + * From in the reINVITE/UPDATE will be wrong but the rest of the messages will be OK. + */ + set_from_header(session); + if (method == AST_SIP_SESSION_REFRESH_METHOD_INVITE) { if (pjsip_inv_reinvite(inv_session, NULL, new_sdp, &tdata)) { ast_log(LOG_WARNING, "Failed to create reinvite properly.\n"); @@ -1082,6 +1158,7 @@ static pjsip_module session_reinvite_module = { .on_rx_request = session_reinvite_on_rx_request, }; + void ast_sip_session_send_request_with_cb(struct ast_sip_session *session, pjsip_tx_data *tdata, ast_sip_session_response_cb on_response) { @@ -1095,19 +1172,6 @@ void ast_sip_session_send_request_with_cb(struct ast_sip_session *session, pjsip ast_sip_mod_data_set(tdata->pool, tdata->mod_data, session_module.id, MOD_DATA_ON_RESPONSE, on_response); - if (!ast_strlen_zero(session->endpoint->fromuser) || - !ast_strlen_zero(session->endpoint->fromdomain)) { - pjsip_fromto_hdr *from = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_FROM, tdata->msg->hdr.next); - pjsip_sip_uri *uri = pjsip_uri_get_uri(from->uri); - - if (!ast_strlen_zero(session->endpoint->fromuser)) { - pj_strdup2(tdata->pool, &uri->user, session->endpoint->fromuser); - } - if (!ast_strlen_zero(session->endpoint->fromdomain)) { - pj_strdup2(tdata->pool, &uri->host, session->endpoint->fromdomain); - } - } - handle_outgoing_request(session, tdata); internal_pjsip_inv_send_msg(session->inv_session, session->endpoint->transport, tdata); @@ -1133,9 +1197,17 @@ int ast_sip_session_create_invite(struct ast_sip_session *session, pjsip_tx_data #ifdef PJMEDIA_SDP_NEG_ANSWER_MULTIPLE_CODECS pjmedia_sdp_neg_set_answer_multiple_codecs(session->inv_session->neg, PJ_TRUE); #endif + + /* + * We MUST call set_from_header() before pjsip_inv_invite. If we don't, the + * From in the initial INVITE will be wrong but the rest of the messages will be OK. + */ + set_from_header(session); + if (pjsip_inv_invite(session->inv_session, tdata) != PJ_SUCCESS) { return -1; } + return 0; }