Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

res_pjsip_stir_shaken: Use correct Caller ID to lookup certificate. #62

Closed
wants to merge 1 commit into from
Closed

res_pjsip_stir_shaken: Use correct Caller ID to lookup certificate. #62

wants to merge 1 commit into from

Conversation

seanbright
Copy link
Contributor

Determine the Caller ID to use for certificate lookup based on the same logic we use when setting up the INVITE session. This allows Caller ID set via the CALLERID() function to be used for STIR/SHAKEN certificate lookup.

Resolves: #46

@asterisk-org-access-app asterisk-org-access-app bot requested a review from a team May 4, 2023 00:56
@gtjoseph
Copy link
Member

cherry-pick-to: 18
cherry-pick-to: 20
cherry-pick-to: certified/18.9

@asterisk-org-access-app asterisk-org-access-app bot requested a review from a team May 25, 2023 17:30
@github-actions github-actions bot added the cherry-pick-checks-passed Cherry-Pick checks passed label Jun 26, 2023
@gtjoseph
Copy link
Member

Given all the test failures, what's the path forward for this PR?

@github-actions github-actions bot added cherry-pick-gates-failed Cherry-Pick gates failed and removed cherry-pick-testing-in-progress Cherry-Pick tests in progress labels Jun 26, 2023
@trinicomcom
Copy link

Hi guys, not sure if I am helping here but been trying to get asterisk to send S/S identity header for a week now.
I found another issue with the stir shaken identity header that is created by asterisk to send out is that the To Caller ID is also the Orig Caller ID in the identity header. I am pretty sure all we need is to put the $callerid(num) from extensions.conf for outbound calls in the origin in the header creation and just send that for all outbound calls and not try to match a cert to a caller ID number since all we are doing is sending out a master cert for the owner of all the numbers in the switch to prove the outbound call is legit and the owner is certified. I hope this makes sense. I can help test any releases if you want I would just need some direction on how to compile it on my lab server.

@gtjoseph gtjoseph force-pushed the master branch 4 times, most recently from 1b894e6 to 32fd0fb Compare June 27, 2023 16:21
@jcolp
Copy link
Member

jcolp commented Jul 5, 2023

@seanbright Is this now good to review again?

@seanbright
res_pjsip_stir_shaken: Use correct Caller ID to lookup certificate.
4f3a73d 
Determine the Caller ID to use for certificate lookup based on the
same logic we use when setting up the INVITE session. This allows
Caller ID set via the CALLERID() function to be used for STIR/SHAKEN
certificate lookup.

Resolves: #46
@seanbright
Copy link
Contributor Author

It’s ready to be reviewed. Was I the hold up? There are failing tests that need to be fixed but I do not personally plan on fixing them.

@jcolp
Copy link
Member

jcolp commented Jul 5, 2023

No, I just didn't know what the actual state of things were currently.

@seanbright seanbright closed this Aug 10, 2023
@seanbright
Copy link
Contributor Author

seanbright commented Aug 10, 2023
edited

Given all the test failures, what's the path forward for this PR?

You can do one of the following:

  1. Fix the tests
  2. Disable the tests

This simple patch has been sitting for 2 years (originally published to gerrit 7/21) waiting to be committed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jcolp jcolp jcolp approved these changes

@bkford bkford bkford approved these changes

@InterLinked1 InterLinked1 InterLinked1 approved these changes

Assignees

@seanbright seanbright

Labels
test-checks-passed test-gates-failed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[bug]: Stir/Shaken: Wrong CID used when looking up certificates
6 participants
@seanbright @gtjoseph @trinicomcom @jcolp @bkford @InterLinked1