-
Notifications
You must be signed in to change notification settings - Fork 993
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[bug]: sig_analog: hidecallerid setting is broken #100
Labels
Comments
InterLinked1
added a commit
to InterLinked1/asterisk
that referenced
this issue
May 18, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: asterisk#100 ASTERISK-30349 #close
jcolp
added
support-level-core
Functionality with core support level
and removed
triage
labels
May 18, 2023
gtjoseph
pushed a commit
that referenced
this issue
May 25, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close
asteriskteam
pushed a commit
that referenced
this issue
May 25, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close
asteriskteam
pushed a commit
that referenced
this issue
May 25, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jun 30, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit d496544)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jun 30, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit d496544)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jun 30, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit d496544)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jun 30, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit d496544)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jun 30, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit d496544)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jun 30, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit 22b599d)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jul 10, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit d496544)
asterisk-org-access-app bot
pushed a commit
that referenced
this issue
Jul 10, 2023
The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons. First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well. Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value. Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise. Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay. Finally, a couple log messages are updated to be more accurate. Resolves: #100 ASTERISK-30349 #close (cherry picked from commit 22b599d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Severity
Minor
Versions
20.0.1
Components/Modules
sig_analog
Operating Environment
Debian
Frequency of Occurrence
Constant
Issue Description
The hidecallerid option in chan_dahdi does not currently work properly. This fixes it.
Relevant log output
No response
Asterisk Issue Guidelines
The text was updated successfully, but these errors were encountered: