ASTERISK-29169: res_stir_shaken: Wrong CID used when looking up certificates

[Home]

Summary: ASTERISK-29169: res_stir_shaken: Wrong CID used when looking up certificates

Reporter: Benjamin Keith Ford (bford) Labels:

Date Opened: 2020-11-18 14:41:38.000-0600 Date Closed:

Priority: Minor Regression? No

Status: Open/New Components: Resources/res_stir_shaken

Versions: 16.15.0 18.0.1 Frequency of
Occurrence Constant

Related
Issues:

Environment: Attachments:

Description: [~jsmith] brought this up in IRC while testing STIR/SHAKEN operations. Seems like the wrong CID is being used when looking up the certificate. Should be a simple fix.

{code}
exten => 507,1,Set(CALLERID(num)=442081254195)
{code}

507 is the extension, 442081254195 is the Caller ID number (network number)
caller_id_number: 442081254195

Comments: By: Jared Smith (jsmith) 2020-11-18 14:46:59.433-0600

Correct, my dialplan looks like:
{code}
exten => 507,1,Set(CALLERID(num)=442081254195)
exten => 507,n,Set(CALLERID(name)=Jared Smith)
exten => 507,n,Dial(PJSIP/simwood-endpoint/sip:07734629999@out.simwood.com\;transport=tcp,10)
{code}
And in stir_shaken.conf, I have:
{code}
caller_id_number=442081254195
{code}
And yet, when I dial extension 507, I get the following messages on the console:
{code}
[Nov 18 15:22:27] ERROR[177564]: res_stir_shaken.c:1069 ast_stir_shaken_sign: Failed to retrieve certificate for caller ID '507'
[Nov 18 15:22:27] ERROR[177564]: res_pjsip_stir_shaken.c:239 add_identity_header: Failed to allocate memory for STIR/SHAKEN payload
{code}

By: Robert Dunmire III (rdunmire) 2021-09-10 13:07:48.967-0500

I can confirm I see the same problem on Asterisk 16.16.1-gc-32a81aa9. The dialed number or callee is being used in ast_stir_shaken_sign instead of the caller.

By: Luke Escude (lukeescude) 2022-05-10 15:19:37.077-0500

I can also confirm this affects Asterisk 16.25.3
By: Sean Bright (seanbright) 2022-05-10 15:57:11.464-0500

It affects all release versions since it has not been fixed yet. You're free to apply the patch from the review linked above which should fix it if it is a priority for you.
By: Luke Escude (lukeescude) 2023-04-10 16:33:28.380-0500

Any chance someone can commit this to 20 soonish? It's been over a year, and the entire feature of STIR/SHAKEN signing is completely borked without this patch.