Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chan_dahdi: Fix broken hidecallerid setting. #101

Merged
merged 1 commit into from May 25, 2023
Merged

chan_dahdi: Fix broken hidecallerid setting. #101

merged 1 commit into from May 25, 2023

Conversation

InterLinked1
Copy link
Contributor

The hidecallerid setting in chan_dahdi.conf currently is broken for a couple reasons.

First, the actual code in sig_analog to "allow" or "block" Caller ID depending on this setting improperly used ast_set_callerid instead of updating the presentation. This issue was mostly fixed in ASTERISK_29991, and that fix is carried forward to this code as well.

Secondly, the hidecallerid setting is set on the DAHDI pvt but not carried forward to the analog pvt properly. This is because the chan_dahdi config loading code improperly set permhidecallerid to permhidecallerid from the config file, even though hidecallerid is what is actually set from the config file. (This is done correctly for call waiting, a few lines above.) This is fixed to read the proper value.

Thirdly, in sig_analog, hidecallerid is set to permhidecallerid only on hangup. This can lead to potential security vulnerabilities as an allowed Caller ID from an initial call can "leak" into subsequent calls if no hangup occurs between them. This is fixed by setting hidecallerid to permcallerid when calls begin, rather than when they end. This also means we don't need to also set hidecallerid in chan_dahdi.c when copying from the config, as we would have to otherwise.

Fourthly, sig_analog currently only allows dialing *67 or *82 if that would actually toggle the presentation. A comment is added clarifying that this behavior is okay.

Finally, a couple log messages are updated to be more accurate.

Resolves: #100
ASTERISK-30349 #close
Imported from Gerrit: https://gerrit.asterisk.org/c/asterisk/+/19707

@InterLinked1
chan_dahdi: Fix broken hidecallerid setting.
12f4cfe 
The hidecallerid setting in chan_dahdi.conf currently
is broken for a couple reasons.

First, the actual code in sig_analog to "allow" or "block"
Caller ID depending on this setting improperly used
ast_set_callerid instead of updating the presentation.
This issue was mostly fixed in ASTERISK_29991, and that
fix is carried forward to this code as well.

Secondly, the hidecallerid setting is set on the DAHDI
pvt but not carried forward to the analog pvt properly.
This is because the chan_dahdi config loading code improperly
set permhidecallerid to permhidecallerid from the config file,
even though hidecallerid is what is actually set from the config
file. (This is done correctly for call waiting, a few lines above.)
This is fixed to read the proper value.

Thirdly, in sig_analog, hidecallerid is set to permhidecallerid
only on hangup. This can lead to potential security vulnerabilities
as an allowed Caller ID from an initial call can "leak" into subsequent
calls if no hangup occurs between them. This is fixed by setting
hidecallerid to permcallerid when calls begin, rather than when they end.
This also means we don't need to also set hidecallerid in chan_dahdi.c
when copying from the config, as we would have to otherwise.

Fourthly, sig_analog currently only allows dialing *67 or *82 if
that would actually toggle the presentation. A comment is added
clarifying that this behavior is okay.

Finally, a couple log messages are updated to be more accurate.

Resolves: asterisk#100
ASTERISK-30349 #close
@InterLinked1
Copy link
Contributor Author

cherry-pick-to: 20
cherry-pick-to: 18

@github-actions
Copy link

REMINDER: If this PR applies to other branches, please add a
comment with the appropriate "cherry-pick-to" headers as per
the Create a Pull Request process.
If you don't want it cherry-picked, please add a comment stating
"No cherry-picks required" so we don't keep asking.

If, after adding "cherry-pick-to" comments, you change your mind,
please edit the comment to DELETE the header lines and add
"No cherry-picks required".

@gtjoseph
Copy link
Member

The unit test failure is my fault. I'll re-run when it's fixed.

@asterisk-org-access-app asterisk-org-access-app bot requested a review from a team May 18, 2023 18:05
@asterisk asterisk deleted a comment from github-actions bot May 19, 2023
@gtjoseph gtjoseph added the cherry-pick-test Trigger dry run of cherry-picks label May 25, 2023
@github-actions github-actions bot added cherry-pick-testing-in-progress Cherry-Pick tests in progress cherry-pick-checks-passed Cherry-Pick checks passed cherry-pick-gates-failed Cherry-Pick gates failed and removed cherry-pick-test Trigger dry run of cherry-picks cherry-pick-testing-in-progress Cherry-Pick tests in progress labels May 25, 2023
@gtjoseph gtjoseph merged commit 200a3f1 into asterisk:master May 25, 2023
38 of 41 checks passed
@MikeNaso MikeNaso mentioned this pull request Aug 5, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jcolp jcolp jcolp approved these changes

@gtjoseph gtjoseph gtjoseph approved these changes

Assignees
No one assigned
Labels
cherry-pick-checks-passed Cherry-Pick checks passed cherry-pick-gates-failed Cherry-Pick gates failed test-checks-passed test-gates-passed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[bug]: sig_analog: hidecallerid setting is broken
3 participants
@InterLinked1 @gtjoseph @jcolp