res_pjsip_session: Prevent user=phone being added to anonimized URIs.

Move ast_sip_add_usereqphone to be called after anonymization of URIs,
to prevent the user_eq_phone adding "user=phone" to URIs containing a
username that is not a phonenumber (RFC3261 19.1.1). An extra call to
ast_sip_add_usereqphone on the saved version before anonymization is
added to add user=phone" to the PAI.

ASTERISK-27047 #close

Change-Id: Ie5644bc66341b86dc08b1f7442210de2e6acdec6
changes/19/6719/2
Daniel Tryba 8 years ago committed by Kevin Harwell
parent 0b1b5849ce
commit 6576e4320a

@ -1329,10 +1329,9 @@ static void set_from_header(struct ast_sip_session *session)
pj_strdup2(dlg_pool, &dlg_info_uri->host, session->endpoint->fromdomain);
}
ast_sip_add_usereqphone(session->endpoint, dlg_pool, dlg_info->uri);
/* We need to save off the non-anonymized From for RPID/PAI generation (for domain) */
session->saved_from_hdr = pjsip_hdr_clone(dlg_pool, dlg_info);
ast_sip_add_usereqphone(session->endpoint, dlg_pool, session->saved_from_hdr->uri);
/* In chan_sip, fromuser and fromdomain trump restricted so we only
* anonymize if they're not set.
@ -1348,7 +1347,9 @@ static void set_from_header(struct ast_sip_session *session)
if (ast_strlen_zero(session->endpoint->fromdomain)) {
pj_strdup2(dlg_pool, &dlg_info_uri->host, "anonymous.invalid");
}
}
} else {
ast_sip_add_usereqphone(session->endpoint, dlg_pool, dlg_info->uri);
}
}
int ast_sip_session_refresh(struct ast_sip_session *session,

Loading…
Cancel
Save