Asterisk - The Open Source Telephony Project GIT-master-8f1982c
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Properties Macros Modules Pages
res_pjsip_stir_shaken.c
Go to the documentation of this file.
1/*
2 * Asterisk -- An open source telephony toolkit.
3 *
4 * Copyright (C) 2020, Sangoma Technologies Corporation
5 *
6 * Ben Ford <bford@sangoma.com>
7 *
8 * See http://www.asterisk.org for more information about
9 * the Asterisk project. Please do not directly contact
10 * any of the maintainers of this project for assistance;
11 * the project provides a web site, mailing lists and IRC
12 * channels for your use.
13 *
14 * This program is free software, distributed under the terms of
15 * the GNU General Public License Version 2. See the LICENSE file
16 * at the top of the source tree.
17 */
18
19/*** MODULEINFO
20 <depend>pjproject</depend>
21 <depend>res_pjsip</depend>
22 <depend>res_pjsip_session</depend>
23 <depend>res_stir_shaken</depend>
24 <support_level>core</support_level>
25 ***/
26
27#include "asterisk.h"
28
29#define _TRACE_PREFIX_ "pjss",__LINE__, ""
30
31#include "asterisk/callerid.h"
32#include "asterisk/res_pjsip.h"
33#include "asterisk/res_pjsip_session.h"
34#include "asterisk/module.h"
35#include "asterisk/rtp_engine.h"
36
37#include "asterisk/res_stir_shaken.h"
38
39static const pj_str_t identity_hdr_str = { "Identity", 8 };
40static const pj_str_t date_hdr_str = { "Date", 4 };
41
42/* Response codes from RFC8224 */
43enum sip_response_code {
44 SIP_RESPONSE_CODE_OK = 200,
45 SIP_RESPONSE_CODE_STALE_DATE = 403,
46 SIP_RESPONSE_CODE_USE_IDENTITY_HEADER = 428,
47 SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED = 433,
48 SIP_RESPONSE_CODE_BAD_IDENTITY_INFO = 436,
49 SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL = 437,
50 SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER = 438,
51 SIP_RESPONSE_CODE_INTERNAL_ERROR = 500,
52};
53
54#define SIP_RESPONSE_CODE_OK_STR "OK"
55/* Response strings from RFC8224 */
56#define SIP_RESPONSE_CODE_STALE_DATE_STR "Stale Date"
57#define SIP_RESPONSE_CODE_USE_IDENTITY_HEADER_STR "Use Identity Header"
58#define SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED_STR "Anonymity Disallowed"
59#define SIP_RESPONSE_CODE_BAD_IDENTITY_INFO_STR "Bad Identity Info"
60#define SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL_STR "Unsupported Credential"
61#define SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER_STR "Invalid Identity Header"
62#define SIP_RESPONSE_CODE_INTERNAL_ERROR_STR "Internal Error"
63
64#define response_to_str(_code) \
65case _code: \
66 return _code ## _STR;
67
68static const char *sip_response_code_to_str(enum sip_response_code code)
69{
70 switch (code) {
71 response_to_str(SIP_RESPONSE_CODE_OK)
72 response_to_str(SIP_RESPONSE_CODE_STALE_DATE)
73 response_to_str(SIP_RESPONSE_CODE_USE_IDENTITY_HEADER)
74 response_to_str(SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED)
75 response_to_str(SIP_RESPONSE_CODE_BAD_IDENTITY_INFO)
76 response_to_str(SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL)
77 response_to_str(SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER)
78 default:
79 break;
80 }
81 return "";
82}
83
84#define translate_code(_vs_rc, _sip_rc) \
85case AST_STIR_SHAKEN_VS_ ## _vs_rc: \
86 return SIP_RESPONSE_CODE_ ## _sip_rc;
87
88static enum sip_response_code vs_code_to_sip_code(
89 enum ast_stir_shaken_vs_response_code vs_rc)
90{
91 /*
92 * We want to use a switch/case statement here because
93 * it'll spit out an error if VS codes are added to the
94 * enum but aren't present here.
95 */
96 switch (vs_rc) {
97 translate_code(SUCCESS, OK)
98 translate_code(DISABLED, OK)
99 translate_code(INVALID_ARGUMENTS, INTERNAL_ERROR)
100 translate_code(INTERNAL_ERROR, INTERNAL_ERROR)
101 translate_code(NO_IDENTITY_HDR, USE_IDENTITY_HEADER)
102 translate_code(NO_DATE_HDR, STALE_DATE)
103 translate_code(DATE_HDR_PARSE_FAILURE, STALE_DATE)
104 translate_code(DATE_HDR_EXPIRED, STALE_DATE)
105 translate_code(NO_JWT_HDR, INVALID_IDENTITY_HEADER)
106 translate_code(INVALID_OR_NO_X5U, INVALID_IDENTITY_HEADER)
107 translate_code(CERT_CACHE_MISS, INVALID_IDENTITY_HEADER)
108 translate_code(CERT_CACHE_INVALID, INVALID_IDENTITY_HEADER)
109 translate_code(CERT_CACHE_EXPIRED, INVALID_IDENTITY_HEADER)
110 translate_code(CERT_RETRIEVAL_FAILURE, BAD_IDENTITY_INFO)
111 translate_code(CERT_CONTENTS_INVALID, UNSUPPORTED_CREDENTIAL)
112 translate_code(CERT_NOT_TRUSTED, UNSUPPORTED_CREDENTIAL)
113 translate_code(CERT_DATE_INVALID, UNSUPPORTED_CREDENTIAL)
114 translate_code(CERT_NO_TN_AUTH_EXT, UNSUPPORTED_CREDENTIAL)
115 translate_code(CERT_NO_SPC_IN_TN_AUTH_EXT, UNSUPPORTED_CREDENTIAL)
116 translate_code(NO_RAW_KEY, UNSUPPORTED_CREDENTIAL)
117 translate_code(SIGNATURE_VALIDATION, INVALID_IDENTITY_HEADER)
118 translate_code(NO_IAT, INVALID_IDENTITY_HEADER)
119 translate_code(IAT_EXPIRED, STALE_DATE)
120 translate_code(INVALID_OR_NO_PPT, INVALID_IDENTITY_HEADER)
121 translate_code(INVALID_OR_NO_ALG, INVALID_IDENTITY_HEADER)
122 translate_code(INVALID_OR_NO_TYP, INVALID_IDENTITY_HEADER)
123 translate_code(INVALID_OR_NO_ATTEST, INVALID_IDENTITY_HEADER)
124 translate_code(NO_ORIGID, INVALID_IDENTITY_HEADER)
125 translate_code(NO_ORIG_TN, INVALID_IDENTITY_HEADER)
126 translate_code(NO_DEST_TN, INVALID_IDENTITY_HEADER)
127 translate_code(INVALID_HEADER, INVALID_IDENTITY_HEADER)
128 translate_code(INVALID_GRANT, INVALID_IDENTITY_HEADER)
129 translate_code(INVALID_OR_NO_GRANTS, INVALID_IDENTITY_HEADER)
130 translate_code(CID_ORIG_TN_MISMATCH, INVALID_IDENTITY_HEADER)
131 translate_code(INVALID_OR_NO_CID, ANONYMITY_DISALLOWED)
132 translate_code(RESPONSE_CODE_MAX, INVALID_IDENTITY_HEADER)
133 }
134
135 return 500;
136}
137
138enum process_failure_rc {
139 PROCESS_FAILURE_CONTINUE = 0,
140 PROCESS_FAILURE_REJECT,
141 PROCESS_FAILURE_SYSTEM_FAILURE,
142};
143
144static void reject_incoming_call(struct ast_sip_session *session,
145 enum sip_response_code response_code)
146{
147 ast_sip_session_terminate(session, response_code);
148 ast_hangup(session->channel);
149}
150
151static enum process_failure_rc process_failure(struct ast_stir_shaken_vs_ctx *ctx,
152 const char *caller_id, struct ast_sip_session *session,
153 pjsip_rx_data *rdata, enum ast_stir_shaken_vs_response_code vs_rc)
154{
155 enum sip_response_code response_code = vs_code_to_sip_code(vs_rc);
156 pj_str_t response_str;
157 const char *response_string =
158 sip_response_code_to_str(response_code);
159 enum stir_shaken_failure_action_enum failure_action =
160 ast_stir_shaken_vs_get_failure_action(ctx);
161 const char *tag = ast_sip_session_get_name(session);
162 SCOPE_ENTER(1, "%s: FA: %d RC: %d\n", tag,
163 failure_action, response_code);
164
165 pj_cstr(&response_str, response_string);
166
167 if (failure_action == stir_shaken_failure_action_REJECT_REQUEST) {
168 reject_incoming_call(session, response_code);
169 SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_REJECT,
170 "%s: Rejecting request and terminating session\n",
171 tag);
172 }
173
174 ast_stir_shaken_vs_ctx_set_response_code(ctx, vs_rc);
175 ast_stir_shaken_add_result_to_channel(ctx);
176
177 if (failure_action == stir_shaken_failure_action_CONTINUE_RETURN_REASON) {
178 int rc = ast_sip_session_add_reason_header(session,
179 ast_stir_shaken_vs_get_use_rfc9410_responses(ctx) ? "STIR" : "SIP",
180 response_code, response_str.ptr);
181 if (rc != 0) {
182 SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_SYSTEM_FAILURE,
183 "%s: Failed to add Reason header\n", tag);
184 }
185 SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_CONTINUE,
186 "%s: Attaching reason code to session\n", tag);
187 }
188 SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_CONTINUE,
189 "%s: Continuing\n", tag);
190}
191
192/*!
193 * \internal
194 * \brief Session supplement callback on an incoming INVITE request
195 *
196 * When we receive an INVITE, check it for STIR/SHAKEN information and
197 * decide what to do from there
198 *
199 * \param session The session that has received an INVITE
200 * \param rdata The incoming INVITE
201 */
202static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_rx_data *rdata)
203{
204 RAII_VAR(struct ast_stir_shaken_vs_ctx *, ctx, NULL, ao2_cleanup);
205 RAII_VAR(char *, header, NULL, ast_free);
206 RAII_VAR(char *, payload, NULL, ast_free);
207 char *identity_hdr_val;
208 char *date_hdr_val;
209 char *caller_id = session->id.number.str;
210 const char *session_name = ast_sip_session_get_name(session);
211 struct ast_channel *chan = session->channel;
212 enum ast_stir_shaken_vs_response_code vs_rc;
213 enum process_failure_rc p_rc;
214 SCOPE_ENTER(1, "%s: Enter\n", session_name);
215
216 if (!session) {
217 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "No session\n");
218 }
219 if (!session->channel) {
220 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: No channel\n", session_name);
221 }
222 if (!rdata) {
223 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: No rdata\n", session_name);
224 }
225
226 /* Check if this is a reinvite. If it is, we don't need to do anything */
227 if (rdata->msg_info.to->tag.slen) {
228 SCOPE_EXIT_RTN_VALUE(0, "%s: Reinvite. No action needed\n", session_name);
229 }
230
231 /*
232 * Shortcut: If there's no profile name just bail now.
233 */
234 if (ast_strlen_zero(session->endpoint->stir_shaken_profile)) {
235 SCOPE_EXIT_RTN_VALUE(0, "%s: No profile name on endpoint. No action needed\n", session_name);
236 }
237
238 vs_rc = ast_stir_shaken_vs_ctx_create(caller_id, chan,
239 session->endpoint->stir_shaken_profile,
240 session_name, &ctx);
241 if (vs_rc == AST_STIR_SHAKEN_VS_DISABLED) {
242 SCOPE_EXIT_RTN_VALUE(0, "%s: VS Disabled\n", session_name);
243 } else if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
244 reject_incoming_call(session, 500);
245 SCOPE_EXIT_RTN_VALUE(1, "%s: Unable to create context. Call terminated\n",
246 session_name);
247 }
248
249 if (ast_strlen_zero(ast_stir_shaken_vs_get_caller_id(ctx))) {
250 p_rc = process_failure(ctx, caller_id, session, rdata,
251 AST_STIR_SHAKEN_VS_INVALID_OR_NO_CID);
252 if (p_rc == PROCESS_FAILURE_CONTINUE) {
253 SCOPE_EXIT_RTN_VALUE(0, "%s: Invalid or no callerid found. Call continuing\n",
254 session_name);
255 }
256 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Invalid or no callerid found. Call terminated\n",
257 session_name);
258 }
259
260 identity_hdr_val = ast_sip_rdata_get_header_value(rdata, identity_hdr_str);
261 if (ast_strlen_zero(identity_hdr_val)) {
262 p_rc = process_failure(ctx, caller_id, session, rdata,
263 AST_STIR_SHAKEN_VS_NO_IDENTITY_HDR);
264 if (p_rc == PROCESS_FAILURE_CONTINUE) {
265 SCOPE_EXIT_RTN_VALUE(0, "%s: No Identity header found. Call continuing\n",
266 session_name);
267 }
268 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: No Identity header found. Call terminated\n",
269 session_name);
270 }
271
272 vs_rc = ast_stir_shaken_vs_ctx_add_identity_hdr(ctx, identity_hdr_val);
273 if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
274 reject_incoming_call(session, 500);
275 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Unable to add Identity header. Call terminated.\n",
276 session_name);
277 }
278
279 date_hdr_val = ast_sip_rdata_get_header_value(rdata, date_hdr_str);
280 if (ast_strlen_zero(date_hdr_val)) {
281 p_rc = process_failure(ctx, caller_id, session, rdata,
282 AST_STIR_SHAKEN_VS_NO_DATE_HDR);
283 if (p_rc == PROCESS_FAILURE_CONTINUE) {
284 SCOPE_EXIT_RTN_VALUE(0, "%s: No Date header found. Call continuing\n",
285 session_name);
286 }
287 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: No Date header found. Call terminated\n",
288 session_name);
289 }
290
291 ast_stir_shaken_vs_ctx_add_date_hdr(ctx, date_hdr_val);
292 if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
293 reject_incoming_call(session, 500);
294 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Unable to add Date header. Call terminated.\n",
295 session_name);
296 }
297
298 vs_rc = ast_stir_shaken_vs_verify(ctx);
299 if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
300 p_rc = process_failure(ctx, caller_id, session, rdata, vs_rc);
301 if (p_rc == PROCESS_FAILURE_CONTINUE) {
302 SCOPE_EXIT_RTN_VALUE(0, "%s: Verification failed. Call continuing\n",
303 session_name);
304 }
305 SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Verification failed. Call terminated\n",
306 session_name);
307
308 }
309
310 ast_stir_shaken_add_result_to_channel(ctx);
311
312 SCOPE_EXIT_RTN_VALUE(0, "Passed\n");
313}
314
315static void add_fingerprints_if_present(struct ast_sip_session *session,
316 struct ast_stir_shaken_as_ctx *ctx)
317{
318 struct ast_sip_session_media_state *ms = session->pending_media_state;
319 struct ast_sip_session_media *m = NULL;
320 struct ast_rtp_engine_dtls *d = NULL;
321 enum ast_rtp_dtls_hash h;
322 int i;
323 const char *tag = ast_sip_session_get_name(session);
324 size_t count = AST_VECTOR_SIZE(&ms->sessions);
325 SCOPE_ENTER(4, "%s: Check %zu media sessions for fingerprints\n",
326 tag, count);
327
328 if (!ast_stir_shaken_as_ctx_wants_fingerprints(ctx)) {
329 SCOPE_EXIT_RTN("%s: Fingerprints not needed\n", tag);
330 }
331
332 for (i = 0; i < count; i++) {
333 const char *f;
334
335 m = AST_VECTOR_GET(&ms->sessions, i);
336 if (!m|| !m->rtp) {
337 ast_trace(1, "Session: %d: No session or rtp instance\n", i);
338 continue;
339 }
340 d = ast_rtp_instance_get_dtls(m->rtp);
341 h = d->get_fingerprint_hash(m->rtp);
342 f = d->get_fingerprint(m->rtp);
343
344 ast_stir_shaken_as_ctx_add_fingerprint(ctx,
345 h == AST_RTP_DTLS_HASH_SHA256 ? "sha-256" : "sha-1", f);
346 }
347 SCOPE_EXIT_RTN("%s: Done\n", tag);
348}
349
350static char *get_dest_tn(pjsip_tx_data *tdata, const char *tag)
351{
352 pjsip_fromto_hdr *to;
353 pjsip_sip_uri *uri;
354 char *dest_tn = NULL;
355 SCOPE_ENTER(4, "%s: Enter\n", tag);
356
357 to = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_TO, NULL);
358 if (!to) {
359 SCOPE_EXIT_RTN_VALUE(NULL, "%s: Failed to find To header\n", tag);
360 }
361
362 uri = pjsip_uri_get_uri(to->uri);
363 if (!uri) {
364 SCOPE_EXIT_RTN_VALUE(NULL,
365 "%s: Failed to retrieve URI from To header\n", tag);
366 }
367
368 dest_tn = ast_malloc(uri->user.slen + 1);
369 if (!dest_tn) {
370 SCOPE_EXIT_RTN_VALUE(NULL,
371 "%s: Failed to allocate memory for dest_tn\n", tag);
372 }
373
374 ast_copy_pj_str(dest_tn, &uri->user, uri->user.slen + 1);
375
376 SCOPE_EXIT_RTN_VALUE(dest_tn, "%s: Done\n", tag);
377}
378
379static void add_date_header(const struct ast_sip_session *session, pjsip_tx_data *tdata)
380{
381 pjsip_fromto_hdr *old_date;
382 const char *session_name = ast_sip_session_get_name(session);
383 SCOPE_ENTER(1, "%s: Enter\n", session_name);
384
385 old_date = pjsip_msg_find_hdr_by_name(tdata->msg, &date_hdr_str, NULL);
386 if (old_date) {
387 SCOPE_EXIT_RTN("Found existing Date header, no need to add one\n");
388 }
389
390 ast_sip_add_date_header(tdata);
391 SCOPE_EXIT_RTN("Done\n");
392}
393
394static void stir_shaken_outgoing_request(struct ast_sip_session *session,
395 pjsip_tx_data *tdata)
396{
397 struct ast_party_id effective_id;
398 struct ast_party_id connected_id;
399 pjsip_generic_string_hdr *old_identity;
400 pjsip_generic_string_hdr *identity_hdr;
401 pj_str_t identity_val;
402 char *dest_tn;
403 char *identity_str;
404 struct ast_stir_shaken_as_ctx *ctx = NULL;
405 enum ast_stir_shaken_as_response_code as_rc;
406 const char *session_name = ast_sip_session_get_name(session);
407 SCOPE_ENTER(1, "%s: Enter\n", session_name);
408
409 if (!session) {
410 SCOPE_EXIT_LOG_RTN(LOG_ERROR, "No session\n");
411 }
412 if (!session->channel) {
413 SCOPE_EXIT_LOG_RTN(LOG_ERROR, "%s: No channel\n", session_name);
414 }
415 if (!tdata) {
416 SCOPE_EXIT_LOG_RTN(LOG_ERROR, "%s: No tdata\n", session_name);
417 }
418
419 old_identity = pjsip_msg_find_hdr_by_name(tdata->msg, &identity_hdr_str, NULL);
420 if (old_identity) {
421 SCOPE_EXIT_RTN("Found an existing Identity header\n");
422 }
423
424 dest_tn = get_dest_tn(tdata, session_name);
425 if (!dest_tn) {
426 SCOPE_EXIT_LOG_RTN(LOG_ERROR, "%s: Unable to find destination tn\n",
427 session_name);
428 }
429
430 ast_party_id_init(&connected_id);
431 ast_channel_lock(session->channel);
432 effective_id = ast_channel_connected_effective_id(session->channel);
433 ast_party_id_copy(&connected_id, &effective_id);
434 ast_channel_unlock(session->channel);
435
436 if (!ast_sip_can_present_connected_id(session, &connected_id)) {
437 ast_free(dest_tn);
438 ast_party_id_free(&connected_id);
439 SCOPE_EXIT_RTN("Unable to get caller id\n");
440 }
441
442 as_rc = ast_stir_shaken_as_ctx_create(connected_id.number.str,
443 dest_tn, session->channel,
444 session->endpoint->stir_shaken_profile,
445 session_name, &ctx);
446
447 ast_free(dest_tn);
448 ast_party_id_free(&connected_id);
449
450 if (as_rc == AST_STIR_SHAKEN_AS_DISABLED) {
451 SCOPE_EXIT_RTN("%s: AS Disabled\n", session_name);
452 } else if (as_rc != AST_STIR_SHAKEN_AS_SUCCESS) {
453 SCOPE_EXIT_RTN("%s: Unable to create context\n",
454 session_name);
455 }
456
457 add_date_header(session, tdata);
458 add_fingerprints_if_present(session, ctx);
459
460 as_rc = ast_stir_shaken_attest(ctx, &identity_str);
461 if (as_rc != AST_STIR_SHAKEN_AS_SUCCESS) {
462 ao2_cleanup(ctx);
463 SCOPE_EXIT_LOG(LOG_ERROR,
464 "%s: Failed to create attestation\n", session_name);
465 }
466
467 ast_trace(1, "%s: Identity header: %s\n", session_name, identity_str);
468 identity_val = pj_str(identity_str);
469 identity_hdr = pjsip_generic_string_hdr_create(tdata->pool, &identity_hdr_str, &identity_val);
470 ast_free(identity_str);
471 if (!identity_hdr) {
472 ao2_cleanup(ctx);
473 SCOPE_EXIT_LOG_RTN(LOG_ERROR,
474 "%s: Unable to create Identity header\n", session_name);
475 }
476
477 pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr *)identity_hdr);
478
479 ao2_cleanup(ctx);
480 SCOPE_EXIT_RTN("Done\n");
481}
482
483static struct ast_sip_session_supplement stir_shaken_supplement = {
484 .method = "INVITE",
485 .priority = AST_SIP_SUPPLEMENT_PRIORITY_CHANNEL + 1, /* Run AFTER channel creation */
486 .incoming_request = stir_shaken_incoming_request,
487 .outgoing_request = stir_shaken_outgoing_request,
488};
489
490static int unload_module(void)
491{
492 ast_sip_session_unregister_supplement(&stir_shaken_supplement);
493 return 0;
494}
495
496static int load_module(void)
497{
498 ast_sip_session_register_supplement(&stir_shaken_supplement);
499 return AST_MODULE_LOAD_SUCCESS;
500}
501
502#undef AST_BUILDOPT_SUM
503#define AST_BUILDOPT_SUM ""
504
505AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER, "PJSIP STIR/SHAKEN Module for Asterisk",
506 .support_level = AST_MODULE_SUPPORT_CORE,
507 .load = load_module,
508 .unload = unload_module,
509 .load_pri = AST_MODPRI_DEFAULT,
510 .requires = "res_pjsip,res_pjsip_session,res_stir_shaken",
511);
asterisk.h
Asterisk main include file. File version handling, generic pbx functions.
session
static struct ast_mansession session
ast_free
#define ast_free(a)
Definition: astmm.h:180
ast_malloc
#define ast_malloc(len)
A wrapper for malloc()
Definition: astmm.h:191
ao2_cleanup
#define ao2_cleanup(obj)
Definition: astobj2.h:1934
callerid.h
CallerID (and other GR30) management and generation Includes code and algorithms from the Zapata libr...
ast_party_id_init
void ast_party_id_init(struct ast_party_id *init)
Initialize the given party id structure.
Definition: channel.c:1724
ast_hangup
void ast_hangup(struct ast_channel *chan)
Hang up a channel.
Definition: channel.c:2510
ast_channel_lock
#define ast_channel_lock(chan)
Definition: channel.h:2972
ast_party_id_free
void ast_party_id_free(struct ast_party_id *doomed)
Destroy the party id contents.
Definition: channel.c:1778
ast_party_id_copy
void ast_party_id_copy(struct ast_party_id *dest, const struct ast_party_id *src)
Copy the source party id information to the destination party id.
Definition: channel.c:1732
ast_channel_connected_effective_id
struct ast_party_id ast_channel_connected_effective_id(struct ast_channel *chan)
Definition: channel_internal_api.c:758
ast_channel_unlock
#define ast_channel_unlock(chan)
Definition: channel.h:2973
SCOPE_EXIT_LOG
#define SCOPE_EXIT_LOG(__log_level,...)
Definition: include/asterisk/logger.h:1045
SCOPE_EXIT_RTN
#define SCOPE_EXIT_RTN(...)
Definition: include/asterisk/logger.h:1030
SCOPE_EXIT_RTN_VALUE
#define SCOPE_EXIT_RTN_VALUE(__return_value,...)
Definition: include/asterisk/logger.h:1034
SCOPE_EXIT_LOG_RTN_VALUE
#define SCOPE_EXIT_LOG_RTN_VALUE(__value, __log_level,...)
Definition: include/asterisk/logger.h:1057
SCOPE_ENTER
#define SCOPE_ENTER(level,...)
Definition: include/asterisk/logger.h:1006
SCOPE_EXIT_LOG_RTN
#define SCOPE_EXIT_LOG_RTN(__log_level,...)
Definition: include/asterisk/logger.h:1051
ast_trace
#define ast_trace(level,...)
Definition: include/asterisk/logger.h:997
LOG_ERROR
#define LOG_ERROR
Definition: include/asterisk/logger.h:289
module.h
Asterisk module definitions.
AST_MODFLAG_LOAD_ORDER
@ AST_MODFLAG_LOAD_ORDER
Definition: module.h:331
AST_MODFLAG_GLOBAL_SYMBOLS
@ AST_MODFLAG_GLOBAL_SYMBOLS
Definition: module.h:330
AST_MODULE_INFO
#define AST_MODULE_INFO(keystr, flags_to_set, desc, fields...)
Definition: module.h:557
AST_MODPRI_DEFAULT
@ AST_MODPRI_DEFAULT
Definition: module.h:346
AST_MODULE_SUPPORT_CORE
@ AST_MODULE_SUPPORT_CORE
Definition: module.h:121
ASTERISK_GPL_KEY
#define ASTERISK_GPL_KEY
The text the key() function should return.
Definition: module.h:46
AST_MODULE_LOAD_SUCCESS
@ AST_MODULE_LOAD_SUCCESS
Definition: module.h:70
res_pjsip.h
ast_sip_rdata_get_header_value
char * ast_sip_rdata_get_header_value(pjsip_rx_data *rdata, const pj_str_t str)
Get a specific header value from rdata.
Definition: res_pjsip.c:345
ast_sip_add_date_header
void ast_sip_add_date_header(pjsip_tx_data *tdata)
Adds a Date header to the tdata, formatted like: Date: Wed, 01 Jan 2021 14:53:01 GMT.
Definition: res_pjsip.c:90
AST_SIP_SUPPLEMENT_PRIORITY_CHANNEL
@ AST_SIP_SUPPLEMENT_PRIORITY_CHANNEL
Definition: res_pjsip.h:3339
ast_copy_pj_str
void ast_copy_pj_str(char *dest, const pj_str_t *src, size_t size)
Copy a pj_str_t into a standard character buffer.
Definition: res_pjsip.c:2201
SUCCESS
@ SUCCESS
Definition: res_pjsip_notify.c:826
res_pjsip_session.h
ast_sip_can_present_connected_id
int ast_sip_can_present_connected_id(const struct ast_sip_session *session, const struct ast_party_id *id)
Determines if the Connected Line info can be presented for this session.
Definition: res_pjsip_session.c:131
ast_sip_session_register_supplement
#define ast_sip_session_register_supplement(supplement)
Definition: res_pjsip_session.h:618
ast_sip_session_unregister_supplement
void ast_sip_session_unregister_supplement(struct ast_sip_session_supplement *supplement)
Unregister a an supplement to SIP session processing.
Definition: pjsip_session.c:63
ast_sip_session_add_reason_header
int ast_sip_session_add_reason_header(struct ast_sip_session *session, const char *protocol, int code, const char *text)
Adds a Reason header in the next reponse to an incoming INVITE.
Definition: pjsip_session_reason_header.c:123
ast_sip_session_terminate
void ast_sip_session_terminate(struct ast_sip_session *session, int response)
Terminate a session and, if possible, send the provided response code.
Definition: res_pjsip_session.c:3471
ast_sip_session_get_name
const char * ast_sip_session_get_name(const struct ast_sip_session *session)
Get the channel or endpoint name associated with the session.
Definition: res_pjsip_session.c:117
process_failure_rc
process_failure_rc
Definition: res_pjsip_stir_shaken.c:138
PROCESS_FAILURE_SYSTEM_FAILURE
@ PROCESS_FAILURE_SYSTEM_FAILURE
Definition: res_pjsip_stir_shaken.c:141
PROCESS_FAILURE_CONTINUE
@ PROCESS_FAILURE_CONTINUE
Definition: res_pjsip_stir_shaken.c:139
PROCESS_FAILURE_REJECT
@ PROCESS_FAILURE_REJECT
Definition: res_pjsip_stir_shaken.c:140
reject_incoming_call
static void reject_incoming_call(struct ast_sip_session *session, enum sip_response_code response_code)
Definition: res_pjsip_stir_shaken.c:144
vs_code_to_sip_code
static enum sip_response_code vs_code_to_sip_code(enum ast_stir_shaken_vs_response_code vs_rc)
Definition: res_pjsip_stir_shaken.c:88
stir_shaken_outgoing_request
static void stir_shaken_outgoing_request(struct ast_sip_session *session, pjsip_tx_data *tdata)
Definition: res_pjsip_stir_shaken.c:394
stir_shaken_incoming_request
static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_rx_data *rdata)
Definition: res_pjsip_stir_shaken.c:202
identity_hdr_str
static const pj_str_t identity_hdr_str
Definition: res_pjsip_stir_shaken.c:39
add_date_header
static void add_date_header(const struct ast_sip_session *session, pjsip_tx_data *tdata)
Definition: res_pjsip_stir_shaken.c:379
sip_response_code
sip_response_code
Definition: res_pjsip_stir_shaken.c:43
SIP_RESPONSE_CODE_USE_IDENTITY_HEADER
@ SIP_RESPONSE_CODE_USE_IDENTITY_HEADER
Definition: res_pjsip_stir_shaken.c:46
SIP_RESPONSE_CODE_INTERNAL_ERROR
@ SIP_RESPONSE_CODE_INTERNAL_ERROR
Definition: res_pjsip_stir_shaken.c:51
SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED
@ SIP_RESPONSE_CODE_ANONYMITY_DISALLOWED
Definition: res_pjsip_stir_shaken.c:47
SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER
@ SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER
Definition: res_pjsip_stir_shaken.c:50
SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL
@ SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL
Definition: res_pjsip_stir_shaken.c:49
SIP_RESPONSE_CODE_BAD_IDENTITY_INFO
@ SIP_RESPONSE_CODE_BAD_IDENTITY_INFO
Definition: res_pjsip_stir_shaken.c:48
SIP_RESPONSE_CODE_STALE_DATE
@ SIP_RESPONSE_CODE_STALE_DATE
Definition: res_pjsip_stir_shaken.c:45
SIP_RESPONSE_CODE_OK
@ SIP_RESPONSE_CODE_OK
Definition: res_pjsip_stir_shaken.c:44
response_to_str
#define response_to_str(_code)
Definition: res_pjsip_stir_shaken.c:64
process_failure
static enum process_failure_rc process_failure(struct ast_stir_shaken_vs_ctx *ctx, const char *caller_id, struct ast_sip_session *session, pjsip_rx_data *rdata, enum ast_stir_shaken_vs_response_code vs_rc)
Definition: res_pjsip_stir_shaken.c:151
stir_shaken_supplement
static struct ast_sip_session_supplement stir_shaken_supplement
Definition: res_pjsip_stir_shaken.c:483
sip_response_code_to_str
static const char * sip_response_code_to_str(enum sip_response_code code)
Definition: res_pjsip_stir_shaken.c:68
load_module
static int load_module(void)
Definition: res_pjsip_stir_shaken.c:496
unload_module
static int unload_module(void)
Definition: res_pjsip_stir_shaken.c:490
get_dest_tn
static char * get_dest_tn(pjsip_tx_data *tdata, const char *tag)
Definition: res_pjsip_stir_shaken.c:350
date_hdr_str
static const pj_str_t date_hdr_str
Definition: res_pjsip_stir_shaken.c:40
translate_code
#define translate_code(_vs_rc, _sip_rc)
Definition: res_pjsip_stir_shaken.c:84
add_fingerprints_if_present
static void add_fingerprints_if_present(struct ast_sip_session *session, struct ast_stir_shaken_as_ctx *ctx)
Definition: res_pjsip_stir_shaken.c:315
res_stir_shaken.h
ast_stir_shaken_vs_ctx_add_date_hdr
enum ast_stir_shaken_vs_response_code ast_stir_shaken_vs_ctx_add_date_hdr(struct ast_stir_shaken_vs_ctx *ctx, const char *date_hdr)
Add the received Date header value to the VS context.
Definition: verification.c:613
ast_stir_shaken_add_result_to_channel
int ast_stir_shaken_add_result_to_channel(struct ast_stir_shaken_vs_ctx *ctx)
Add a STIR/SHAKEN verification result to a channel.
Definition: res_stir_shaken.c:89
ast_stir_shaken_vs_get_caller_id
const char * ast_stir_shaken_vs_get_caller_id(struct ast_stir_shaken_vs_ctx *ctx)
Get caller_id from context.
Definition: verification.c:633
ast_stir_shaken_as_ctx_add_fingerprint
enum ast_stir_shaken_as_response_code ast_stir_shaken_as_ctx_add_fingerprint(struct ast_stir_shaken_as_ctx *ctx, const char *alg, const char *fingerprint)
Add DTLS fingerprints to AS context.
Definition: attestation.c:206
ast_stir_shaken_as_response_code
ast_stir_shaken_as_response_code
Definition: res_stir_shaken.h:62
AST_STIR_SHAKEN_AS_DISABLED
@ AST_STIR_SHAKEN_AS_DISABLED
Definition: res_stir_shaken.h:64
AST_STIR_SHAKEN_AS_SUCCESS
@ AST_STIR_SHAKEN_AS_SUCCESS
Definition: res_stir_shaken.h:63
ast_stir_shaken_vs_get_failure_action
enum stir_shaken_failure_action_enum ast_stir_shaken_vs_get_failure_action(struct ast_stir_shaken_vs_ctx *ctx)
Get failure_action from context.
Definition: verification.c:621
ast_stir_shaken_as_ctx_create
enum ast_stir_shaken_as_response_code ast_stir_shaken_as_ctx_create(const char *caller_id, const char *dest_tn, struct ast_channel *chan, const char *profile_name, const char *tag, struct ast_stir_shaken_as_ctx **ctxout)
Create Attestation Service Context.
Definition: attestation.c:66
ast_stir_shaken_vs_verify
enum ast_stir_shaken_vs_response_code ast_stir_shaken_vs_verify(struct ast_stir_shaken_vs_ctx *ctx)
Perform incoming call verification.
Definition: verification.c:884
ast_stir_shaken_vs_get_use_rfc9410_responses
int ast_stir_shaken_vs_get_use_rfc9410_responses(struct ast_stir_shaken_vs_ctx *ctx)
Get use_rfc9410_responses from context.
Definition: verification.c:627
ast_stir_shaken_vs_ctx_create
enum ast_stir_shaken_vs_response_code ast_stir_shaken_vs_ctx_create(const char *caller_id, struct ast_channel *chan, const char *profile_name, const char *tag, struct ast_stir_shaken_vs_ctx **ctxout)
Create Verification Service context.
Definition: verification.c:657
ast_stir_shaken_vs_ctx_add_identity_hdr
enum ast_stir_shaken_vs_response_code ast_stir_shaken_vs_ctx_add_identity_hdr(struct ast_stir_shaken_vs_ctx *ctx, const char *identity_hdr)
Add the received Identity header value to the VS context.
Definition: verification.c:605
ast_stir_shaken_vs_response_code
ast_stir_shaken_vs_response_code
Definition: res_stir_shaken.h:23
AST_STIR_SHAKEN_VS_NO_DATE_HDR
@ AST_STIR_SHAKEN_VS_NO_DATE_HDR
Definition: res_stir_shaken.h:29
AST_STIR_SHAKEN_VS_SUCCESS
@ AST_STIR_SHAKEN_VS_SUCCESS
Definition: res_stir_shaken.h:24
AST_STIR_SHAKEN_VS_NO_IDENTITY_HDR
@ AST_STIR_SHAKEN_VS_NO_IDENTITY_HDR
Definition: res_stir_shaken.h:28
AST_STIR_SHAKEN_VS_DISABLED
@ AST_STIR_SHAKEN_VS_DISABLED
Definition: res_stir_shaken.h:25
AST_STIR_SHAKEN_VS_INVALID_OR_NO_CID
@ AST_STIR_SHAKEN_VS_INVALID_OR_NO_CID
Definition: res_stir_shaken.h:58
ast_stir_shaken_attest
enum ast_stir_shaken_as_response_code ast_stir_shaken_attest(struct ast_stir_shaken_as_ctx *ctx, char **header)
Attest and return Identity header value.
Definition: attestation.c:364
ast_stir_shaken_as_ctx_wants_fingerprints
int ast_stir_shaken_as_ctx_wants_fingerprints(struct ast_stir_shaken_as_ctx *ctx)
Indicates if the AS context needs DTLS fingerprints.
Definition: attestation.c:200
ast_stir_shaken_vs_ctx_set_response_code
void ast_stir_shaken_vs_ctx_set_response_code(struct ast_stir_shaken_vs_ctx *ctx, enum ast_stir_shaken_vs_response_code vs_rc)
Sets response code on VS context.
Definition: verification.c:639
stir_shaken_failure_action_enum
stir_shaken_failure_action_enum
Definition: res_stir_shaken.h:79
stir_shaken_failure_action_CONTINUE_RETURN_REASON
@ stir_shaken_failure_action_CONTINUE_RETURN_REASON
Definition: res_stir_shaken.h:87
stir_shaken_failure_action_REJECT_REQUEST
@ stir_shaken_failure_action_REJECT_REQUEST
Definition: res_stir_shaken.h:85
NULL
#define NULL
Definition: resample.c:96
rtp_engine.h
Pluggable RTP Architecture.
ast_rtp_dtls_hash
ast_rtp_dtls_hash
DTLS fingerprint hashes.
Definition: rtp_engine.h:578
AST_RTP_DTLS_HASH_SHA256
@ AST_RTP_DTLS_HASH_SHA256
Definition: rtp_engine.h:579
ast_rtp_instance_get_dtls
struct ast_rtp_engine_dtls * ast_rtp_instance_get_dtls(struct ast_rtp_instance *instance)
Obtain a pointer to the DTLS support present on an RTP instance.
Definition: rtp_engine.c:3217
ast_strlen_zero
static force_inline int attribute_pure ast_strlen_zero(const char *s)
Definition: strings.h:65
ast_channel
Main Channel structure associated with a channel.
Definition: channel_private.h:48
ast_party_id
Information needed to identify an endpoint in a call.
Definition: channel.h:340
ast_party_id::number
struct ast_party_number number
Subscriber phone number.
Definition: channel.h:344
ast_party_number::str
char * str
Subscriber phone number (Malloced)
Definition: channel.h:293
ast_rtp_engine_dtls
Structure that represents the optional DTLS SRTP support within an RTP engine.
Definition: rtp_engine.h:621
ast_sip_session_media_state
Structure which contains media state information (streams, sessions)
Definition: res_pjsip_session.h:147
ast_sip_session_media_state::sessions
struct ast_sip_session_media_state::@265 sessions
Mapping of stream to media sessions.
ast_sip_session_media
A structure containing SIP session media information.
Definition: res_pjsip_session.h:77
ast_sip_session_media::rtp
struct ast_rtp_instance * rtp
RTP instance itself.
Definition: res_pjsip_session.h:79
ast_sip_session_supplement
A supplement to SIP message processing.
Definition: res_pjsip_session.h:292
ast_sip_session_supplement::method
const char * method
Definition: res_pjsip_session.h:296
ast_sip_session
A structure describing a SIP session.
Definition: res_pjsip_session.h:181
ast_stir_shaken_as_ctx
Definition: attestation.h:24
ast_stir_shaken_as_ctx::dest_tn
const ast_string_field dest_tn
Definition: attestation.h:29
ast_stir_shaken_vs_ctx
Definition: verification.h:24
d
static struct test_val d
Definition: test_linkedlists.c:49
RAII_VAR
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
Definition: utils.h:941
AST_VECTOR_SIZE
#define AST_VECTOR_SIZE(vec)
Get the number of elements in a vector.
Definition: vector.h:609
AST_VECTOR_GET
#define AST_VECTOR_GET(vec, idx)
Get an element from a vector.
Definition: vector.h:680
Generated on Wed May 7 2025 20:04:26 for Asterisk - The Open Source Telephony Project by doxygen 1.9.4