

<h4>Pre-Submission Checklist</h4>


<ul class="contains-task-list">

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Commit message has the format required by CONTRIBUTING guide</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Commits are split per component (core, individual modules, libs, utils, ...)</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Each component has a single commit (if not, squash them into one commit)</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> No commits to README files for modules (changes must be done to docbook files<br>

in <code>doc/</code> subfolder, the README file is autogenerated)</li>

</ul>

<h4>Type Of Change</h4>

<ul class="contains-task-list">

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Small bug fix (non-breaking change which fixes an issue)</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> New feature (non-breaking change which adds new functionality)</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Breaking change (fix or feature that would change existing functionality)</li>

</ul>

<h4>Checklist:</h4>


<ul class="contains-task-list">

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> PR should be backported to stable branches</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox" checked=""> Tested changes locally</li>

<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Related to issue #XXXX (replace XXXX with an open issue number)</li>

</ul>

<h4>Description</h4>


<p>This module uses libstirshaken to implement STIR-Shaken authentication and verification functions (STI-AS/VS).<br>

It allows for easy verification of a SIP call containing PASSporT wrapped into SIP Identity Header using a specific certificate,<br>

or a specific key, or by performing complete check on PASSporT including downloading certificate referenced in it's x5u header,<br>

and optionally checking it against trusted root certificates (X509 cert path check). Certificates may be cached and loaded from disk.</p>

<p>Example usage:</p>

<p>loadmodule "stirshaken"<br>

modparam("stirshaken", "as_default_key", "/path/to/key")</p>

<p>modparam("stirshaken", "vs_verify_x509_cert_path", 1)<br>

modparam("stirshaken", "vs_ca_dir", "/path/to/ca")<br>

modparam("stirshaken", "vs_cache_certificates", 1)<br>

modparam("stirshaken", "vs_cache_dir", "/tmp/cert_cache")<br>

modparam("stirshaken", "vs_cache_expire_s", 90)</p>

<p>request_route {<br>

(...)<br>

stirshaken_add_identity("<a rel="nofollow" href="https://sp.com/sp.pem">https://sp.com/sp.pem</a>", "B", "+44100", "+44200", "ref");<br>

(...)</p>

<p>request_route {<br>

(...)<br>

stirshaken_check_identity();<br>

(...)</p>


<hr>


<h4>You can view, comment on, or merge this pull request online at:</h4>

<p>  <a href='https://github.com/kamailio/kamailio/pull/2679'>https://github.com/kamailio/kamailio/pull/2679</a></p>


<h4>Commit Summary</h4>

<ul>

  <li>modules: Add stirshaken module</li>

</ul>


<h4>File Changes</h4>

<ul>

  <li>

    <strong>A</strong>

    <a href="https://github.com/kamailio/kamailio/pull/2679/files#diff-c24f25729119d8d5d451ffd9cfe1fa3ce6f24feb07154322db46dc4839bd7bb8">src/modules/stirshaken/Makefile</a>

    (28)

  </li>

  <li>

    <strong>A</strong>

    <a href="https://github.com/kamailio/kamailio/pull/2679/files#diff-e2bdb676bbb1456de7002f2a41ae0cc631b2c4724e7c9f54eb3f6106a5972cb2">src/modules/stirshaken/stirshaken_mod.c</a>

    (972)

  </li>

</ul>


<h4>Patch Links:</h4>

<ul>

  <li><a href='https://github.com/kamailio/kamailio/pull/2679.patch'>https://github.com/kamailio/kamailio/pull/2679.patch</a></li>

  <li><a href='https://github.com/kamailio/kamailio/pull/2679.diff'>https://github.com/kamailio/kamailio/pull/2679.diff</a></li>

</ul>


<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/pull/2679">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ABO7UZOB4TRMQYTAA6UMFPTTD76ERANCNFSM4ZJTR4RA">unsubscribe</a>.<img src="https://github.com/notifications/beacon/ABO7UZMYVHZUKTQSI64J6KDTD76ERA5CNFSM4ZJTR4RKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4MNLJYPQ.gif" height="1" width="1" alt="" /></p>

<script type="application/ld+json">[

{

"@context": "http://schema.org",

"@type": "EmailMessage",

"potentialAction": {

"@type": "ViewAction",

"target": "https://github.com/kamailio/kamailio/pull/2679",

"url": "https://github.com/kamailio/kamailio/pull/2679",

"name": "View Pull Request"

},

"description": "View this Pull Request on GitHub",

"publisher": {

"@type": "Organization",

"name": "GitHub",

"url": "https://github.com"

}

}

]</script>