Update for 22.0.0-rc2

attest_level, send_mky and check_tn_cert_public_url weren't
propagating correctly from the attestation object to the profile
and tn.

* In the case of attest_level, the enum needed to be changed
so the "0" value (the default) was "NOT_SET" instead of "A".  This
now allows the merging of the attestation object, profile and tn
to detect when a value isn't set and use the higher level value.

* For send_mky and check_tn_cert_public_url, the tn default was
forced to "NO" which always overrode the profile and attestation
objects.  Their defaults are now "NOT_SET" so the propagation
happens correctly.

* Just to remove some redundant code in tn_config.c, a bunch of calls to
generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were
replaced with a single call to generate_acfg_common_sorcery_handlers().

Resolves: #904

.version

@@ -1 +1 @@
-22.0.0-rc1
+22.0.0-rc2

CHANGES.md

@@ -1 +1 @@
-ChangeLogs/ChangeLog-22.0.0-rc1.md
+ChangeLogs/ChangeLog-22.0.0-rc2.md

ChangeLogs/ChangeLog-22.0.0-rc2.md

@@ -0,0 +1,105 @@
+
+## Change Log for Release asterisk-22.0.0-rc2
+
+### Links:
+
+ - [Full ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-22.0.0-rc2.md)  
+ - [GitHub Diff](https://github.com/asterisk/asterisk/compare/22.0.0-rc1...22.0.0-rc2)  
+ - [Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-22.0.0-rc2.tar.gz)  
+ - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)  
+
+### Summary:
+
+- Commits: 3
+- Commit Authors: 1
+- Issues Resolved: 3
+- Security Advisories Resolved: 0
+
+### User Notes:
+
+
+### Upgrade Notes:
+
+
+### Commit Authors:
+
+- George Joseph: (3)
+
+## Issue and Commit Detail:
+
+### Closed Issues:
+
+  - 884: [bug]: A ':' at the top of in stir_shaken.conf make Asterisk producing a core file when starting
+  - 889: [bug]: res_stir_shaken/verification.c has a stale include for jansson.h that can cause compilation to fail
+  - 904: [bug]: stir_shaken: attest_level isn't being propagated correctly from attestation to profile to tn
+
+### Commits By Author:
+
+- #### George Joseph (3):
+  - res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
+  - res_stir_shaken: Remove stale include for jansson.h in verification.c
+  - stir_shaken: Fix propagation of attest_level and a few other values
+
+
+### Commit List:
+
+-  stir_shaken: Fix propagation of attest_level and a few other values
+-  res_stir_shaken: Remove stale include for jansson.h in verification.c
+-  res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
+
+### Commit Details:
+
+#### stir_shaken: Fix propagation of attest_level and a few other values
+  Author: George Joseph
+  Date:   2024-09-24
+
+  attest_level, send_mky and check_tn_cert_public_url weren't
+  propagating correctly from the attestation object to the profile
+  and tn.
+
+  * In the case of attest_level, the enum needed to be changed
+  so the "0" value (the default) was "NOT_SET" instead of "A".  This
+  now allows the merging of the attestation object, profile and tn
+  to detect when a value isn't set and use the higher level value.
+
+  * For send_mky and check_tn_cert_public_url, the tn default was
+  forced to "NO" which always overrode the profile and attestation
+  objects.  Their defaults are now "NOT_SET" so the propagation
+  happens correctly.
+
+  * Just to remove some redundant code in tn_config.c, a bunch of calls to
+  generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were
+  replaced with a single call to generate_acfg_common_sorcery_handlers().
+
+  Resolves: #904
+
+#### res_stir_shaken: Remove stale include for jansson.h in verification.c
+  Author: George Joseph
+  Date:   2024-09-17
+
+  verification.c had an include for jansson.h left over from previous
+  versions of the module.  Since res_stir_shaken no longer has a
+  dependency on jansson, the bundled version wasn't added to GCC's
+  include path so if you didn't also have a jansson development package
+  installed, the compile would fail.  Removing the stale include
+  was the only thing needed.
+
+  Resolves: #889
+
+#### res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
+  Author: George Joseph
+  Date:   2024-09-13
+
+  * If the call to ast_config_load() returns CONFIG_STATUS_FILEINVALID,
+  check_for_old_config() now returns LOAD_DECLINE instead of continuing
+  on with a bad pointer.
+
+  * If CONFIG_STATUS_FILEMISSING is returned, check_for_old_config()
+  assumes the config is being loaded from realtime and now returns
+  LOAD_SUCCESS.  If it's actually not being loaded from realtime,
+  sorcery will catch that later on.
+
+  * Also refactored the error handling in load_module() a bit.
+
+  Resolves: #884
+

res/res_stir_shaken.c

@@ -311,13 +311,22 @@ static int check_for_old_config(void)
 	char *cat = NULL;
 
 	cfg = ast_config_load("stir_shaken.conf", config_flags);
-	if (cfg == NULL) {
+	if (cfg == CONFIG_STATUS_FILEMISSING) {
 		/*
 		 * They may be loading from realtime so the fact that there's
 		 * no stir-shaken.conf file isn't an issue for this purpose.
 		 */
+		return AST_MODULE_LOAD_SUCCESS;
+	} else if (cfg == CONFIG_STATUS_FILEINVALID) {
+		cfg = NULL;
+		ast_log(LOG_ERROR, "The stir_shaken.conf file is invalid\n");
 		return AST_MODULE_LOAD_DECLINE;
+	} else if (cfg == CONFIG_STATUS_FILEUNCHANGED) {
+		/* This can never happen but is included for completeness */
+		cfg = NULL;
+		return AST_MODULE_LOAD_SUCCESS;
 	}
+
 	while ((cat = ast_category_browse(cfg, cat))) {
 		const char *val;
 		if (strcasecmp(cat, "general") == 0) {
@@ -339,13 +348,14 @@ static int load_module(void)
 {
 	int res = 0;
 
-	if (check_for_old_config()) {
-		return AST_MODULE_LOAD_DECLINE;
+	res = check_for_old_config();
+	if (res != AST_MODULE_LOAD_SUCCESS) {
+		return res;
 	}
 
-	if (crypto_load()) {
-		unload_module();
-		return AST_MODULE_LOAD_DECLINE;
+	res = crypto_load();
+	if (res != AST_MODULE_LOAD_SUCCESS) {
+		return res;
 	}
 
 	tn_auth_list_nid = crypto_register_x509_extension(TN_AUTH_LIST_OID,
@@ -355,14 +365,19 @@ static int load_module(void)
 		return AST_MODULE_LOAD_DECLINE;
 	}
 
-	if (common_config_load()) {
+	res = common_config_load();
+	if (res != AST_MODULE_LOAD_SUCCESS) {
+		unload_module();
+		return res;
+	}
+
+	res = ast_custom_function_register(&stir_shaken_function);
+	if (res != 0) {
 		unload_module();
 		return AST_MODULE_LOAD_DECLINE;
 	}
 
-	res |= ast_custom_function_register(&stir_shaken_function);
-
-	return res;
+	return AST_MODULE_LOAD_SUCCESS;
 }
 
 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER, "STIR/SHAKEN Module for Asterisk",

res/res_stir_shaken/common_config.c

@@ -100,6 +100,7 @@ const char *param_name ## _to_str( \
 }
 
 generate_enum_string_functions(attest_level, UNKNOWN,
+	{attest_level_NOT_SET, "not_set"},
 	{attest_level_A, "A"},
 	{attest_level_B, "B"},
 	{attest_level_C, "C"},

res/res_stir_shaken/common_config.h

@@ -110,10 +110,10 @@ generate_enum_string_prototypes(endpoint_behavior,
 
 generate_enum_string_prototypes(attest_level,
 	attest_level_UNKNOWN = -1,
-	attest_level_A = 0,
+	attest_level_NOT_SET = 0,
+	attest_level_A,
 	attest_level_B,
 	attest_level_C,
-	attest_level_NOT_SET,
 );
 
 /*

res/res_stir_shaken/tn_config.c

@@ -28,11 +28,11 @@
 
 #define CONFIG_TYPE "tn"
 
-#define DEFAULT_check_tn_cert_public_url check_tn_cert_public_url_NO
+#define DEFAULT_check_tn_cert_public_url check_tn_cert_public_url_NOT_SET
 #define DEFAULT_private_key_file NULL
 #define DEFAULT_public_cert_url NULL
 #define DEFAULT_attest_level attest_level_NOT_SET
-#define DEFAULT_send_mky send_mky_NO
+#define DEFAULT_send_mky send_mky_NOT_SET
 
 struct tn_cfg *tn_get_cfg(const char *id)
 {
@@ -45,14 +45,7 @@ static struct ao2_container *get_tn_all(void)
 		AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL);
 }
 
-generate_sorcery_enum_from_str(tn_cfg, acfg_common., check_tn_cert_public_url, UNKNOWN)
-generate_sorcery_enum_to_str(tn_cfg, acfg_common., check_tn_cert_public_url)
-
-generate_sorcery_enum_from_str(tn_cfg, acfg_common., attest_level, UNKNOWN)
-generate_sorcery_enum_to_str(tn_cfg, acfg_common., attest_level)
-
-generate_sorcery_enum_from_str(tn_cfg, acfg_common., send_mky, UNKNOWN)
-generate_sorcery_enum_to_str(tn_cfg, acfg_common., send_mky)
+generate_acfg_common_sorcery_handlers(tn_cfg);
 
 static void tn_destructor(void *obj)
 {

res/res_stir_shaken/verification.c

@@ -19,7 +19,6 @@
 #include <sys/stat.h>
 
 #include <jwt.h>
-#include <jansson.h>
 #include <regex.h>
 
 #include "asterisk.h"