Hello,
On a PR-85 Asterisk instance (ie between 20.9 and 20.10), I’ve got:
attest_level=C
While, I also have:
attest_level : A
I would expect this last command to output C instead of A.
Cheers
I think this is a bug. In which section are you specifying attest_level=C?
This may be the cause of your other issue. I think the profile is defaulting to “A” when it’s not specified and the effective profile isn’t picking up the value from attestation. Try setting attest_level for the specific tn.
I’ve opened an issue for this…
I’m setting attest_level=C in attestation section.
I understood this this setting as this:
“if TN is not defined elsewhere in stir_shaken.conf file, the attest the outbound call with this default attestation level”.
Currently, in my testing, TN’s attest_level value has precedence over this default attestation level".
Your understanding is correct. If attest_level isn’t specified for a TN, it should default to the attest_level on the profile. If it’s not specified on the profile, it should default to attest_level in the attestation section. Currently, if it’s not specified, it’s defaulting to “A” which is incorrect. I’ve opened an issue and am working on a fix.
Did you already reproduce the issue ?
Yes. I should have a pull request ready with a fix shortly. I’ll post here when I do.
The fix is available at…
My current Asterisk version is PR-85 (if my memory serves my right) which contains several Stir-Shaken related fixes.
Which version shall I pick to try this current fix while keeping the other ones ?
I’ll install this version on a non-production box and I can wait a couple of days before downloading anything.
I’m not sure what “PR-85” means. The pull request should apply to any recent Asterisk version.
What I meant was PR#815 (ie stir_shaken: CRL fixes and a new CLI command by gtjoseph · Pull Request #815 · asterisk/asterisk · GitHub).
I download it with:
wget -O asterisk-pr-815.tar.gz https://api.github.com/repos/asterisk/asterisk/tarball/pull/815/head
What I’m bit worried about, is as several Stir Shaken related PRs exist (PR#905, #890, #885, …), how can I get them all in a single tar.gz file without specifying a “moving target” like latest" (as I need reproducible build) ?
I think I’ll open a new thread dedicated on the procedure to use to get several PRs in a single tar.gz.
From a Github perspective, I don’t think you can. It’s up to you to put the pieces together.
This will list all the commits to the res/res_stir_shaken directory
This will list all the commits to the res/res_stir_shaken.c module file
Between those two, that should give you the stir_shaken commit history.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.