{"diffoscope-json-version": 1, "source1": "/srv/reproducible-results/rbuild-debian/r-b-build.upx3flkr/b1/asterisk_22.2.0~dfsg+~cs6.15.60671435-1_armhf.changes", "source2": "/srv/reproducible-results/rbuild-debian/r-b-build.upx3flkr/b2/asterisk_22.2.0~dfsg+~cs6.15.60671435-1_armhf.changes", "unified_diff": null, "details": [{"source1": "Files", "source2": "Files", "unified_diff": "@@ -13,8 +13,8 @@\n 6969d6d91f9967d889961c265d9825fb 82796 comm optional asterisk-mp3_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n af9121abb3e44d588ce3e12b6e1a34c2 68804 debug optional asterisk-mysql-dbgsym_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n 24a365c84af1bfaac71d37de000abdba 82020 comm optional asterisk-mysql_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n b97062fb08765327e22bd48ef52295ac 1133316 debug optional asterisk-ooh323-dbgsym_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n c1fda0ececfb794fdf30cad61f78d9e4 355072 comm optional asterisk-ooh323_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n a89675774ca5ee963c3683b61f750d69 1305716 debug optional asterisk-tests-dbgsym_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n 4c65a11f0d34007acf6b926dcdd9043f 580624 comm optional asterisk-tests_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n- a4641af5259e6419ca1b95af384c89d5 2310908 comm optional asterisk_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n+ f00ff22f1102dff3be711e44781744d4 2310852 comm optional asterisk_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb\n"}, {"source1": "asterisk_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb", "source2": "asterisk_22.2.0~dfsg+~cs6.15.60671435-1_armhf.deb", "unified_diff": null, "details": [{"source1": "file list", "source2": "file list", "unified_diff": "@@ -1,3 +1,3 @@\n -rw-r--r-- 0 0 0 4 2025-02-11 19:53:26.000000 debian-binary\n -rw-r--r-- 0 0 0 8308 2025-02-11 19:53:26.000000 control.tar.xz\n--rw-r--r-- 0 0 0 2302408 2025-02-11 19:53:26.000000 data.tar.xz\n+-rw-r--r-- 0 0 0 2302352 2025-02-11 19:53:26.000000 data.tar.xz\n"}, {"source1": "control.tar.xz", "source2": "control.tar.xz", "unified_diff": null, "details": [{"source1": "control.tar", "source2": "control.tar", "unified_diff": null, "details": [{"source1": "./md5sums", "source2": "./md5sums", "unified_diff": null, "details": [{"source1": "./md5sums", "source2": "./md5sums", "comments": ["Files differ"], "unified_diff": null}]}]}]}, {"source1": "data.tar.xz", "source2": "data.tar.xz", "unified_diff": null, "details": [{"source1": "data.tar", "source2": "data.tar", "unified_diff": null, "details": [{"source1": "./usr/share/asterisk/documentation/core-en_US.xml", "source2": "./usr/share/asterisk/documentation/core-en_US.xml", "unified_diff": null, "details": [{"source1": "./usr/share/asterisk/documentation/core-en_US.xml", "source2": "./usr/share/asterisk/documentation/core-en_US.xml", "comments": ["Ordering differences only"], "unified_diff": "@@ -27971,14 +27971,73 @@\n \n \n core\n \n \n core\n \n+ \n+ \n+ 18.21.0\n+ 20.6.0\n+ 21.1.0\n+ \n+ Set the channel group name for log filtering on this channel\n+ \n+ \n+ Channel log group name. Leave empty to remove any existing group membership.\n+ You can use any arbitrary alphanumeric name that can then be used by the\n+\t\t\t\t\"logger filter changroup\" CLI command to filter dialplan output by group name.\n+ \n+ \n+ \n+ Assign a channel to a group for log filtering.\n+ Because this application can result in dialplan execution logs\n+\t\t\tbeing suppressed (or unsuppressed) from the CLI if filtering is active,\n+\t\t\tit is recommended to call this as soon as possible when dialplan execution begins.\n+ Calling this multiple times will replace any previous group assignment.\n+ exten => s,1,Set(LOG_GROUP()=test)\n+\t\t\t\tsame => n,NoOp() ; if a logging call ID group filter name is enabled but test is not included, you will not see this\n+ exten => s,1,Set(LOG_GROUP()=important)\n+\t\t\t\tsame => n,Set(foo=bar) ; do some important things to show on the CLI (assuming it is filtered with important enabled)\n+\t\t\t\tsame => n,Set(LOG_GROUP()=) ; remove from group important to stop showing execution on the CLI\n+\t\t\t\tsame => n,Wait(5) ; do some unimportant stuff\n+ \n+ \n+ [Log]\n+ \n+ \n+ \n+ \n+ \n+ 16.24.0\n+ 18.10.0\n+ 19.2.0\n+ \n+ Raised when a logging channel is re-enabled after a reload operation.\n+ \n+ \n+ The name of the logging channel.\n+ \n+ \n+ \n+ \n+ \n+ 16.24.0\n+ 18.10.0\n+ 19.2.0\n+ \n+ Raised when a logging channel is disabled.\n+ \n+ \n+ The name of the logging channel.\n+ \n+ \n+ \n+ \n \n \n 0.2.0\n \n Keepalive command.\n \n \n@@ -29799,73 +29858,14 @@\n \n \n \n [PresenceState]\n \n \n \n- \n- \n- 18.21.0\n- 20.6.0\n- 21.1.0\n- \n- Set the channel group name for log filtering on this channel\n- \n- \n- Channel log group name. Leave empty to remove any existing group membership.\n- You can use any arbitrary alphanumeric name that can then be used by the\n-\t\t\t\t\"logger filter changroup\" CLI command to filter dialplan output by group name.\n- \n- \n- \n- Assign a channel to a group for log filtering.\n- Because this application can result in dialplan execution logs\n-\t\t\tbeing suppressed (or unsuppressed) from the CLI if filtering is active,\n-\t\t\tit is recommended to call this as soon as possible when dialplan execution begins.\n- Calling this multiple times will replace any previous group assignment.\n- exten => s,1,Set(LOG_GROUP()=test)\n-\t\t\t\tsame => n,NoOp() ; if a logging call ID group filter name is enabled but test is not included, you will not see this\n- exten => s,1,Set(LOG_GROUP()=important)\n-\t\t\t\tsame => n,Set(foo=bar) ; do some important things to show on the CLI (assuming it is filtered with important enabled)\n-\t\t\t\tsame => n,Set(LOG_GROUP()=) ; remove from group important to stop showing execution on the CLI\n-\t\t\t\tsame => n,Wait(5) ; do some unimportant stuff\n- \n- \n- [Log]\n- \n- \n- \n- \n- \n- 16.24.0\n- 18.10.0\n- 19.2.0\n- \n- Raised when a logging channel is re-enabled after a reload operation.\n- \n- \n- The name of the logging channel.\n- \n- \n- \n- \n- \n- 16.24.0\n- 18.10.0\n- 19.2.0\n- \n- Raised when a logging channel is disabled.\n- \n- \n- The name of the logging channel.\n- \n- \n- \n- \n \n extended\n \n \n core\n \n \n@@ -37990,514 +37990,14 @@\n \n There was an issue specific to the parameter specified\n \t\t\t(value not valid or parameter name not found, etc.)\n \n \n \n \n- \n- STIR/SHAKEN module for Asterisk\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- STIR/SHAKEN attestation options\n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Globally disable verification\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- File path to a certificate\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- URL to the public certificate\n- \n- Must be a valid http, or https, URL.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Attestation level\n- \n- \n- \n- 20.12.0\n- 21.7.0\n- 22.2.0\n- \n- Attestation level to use for unknown TNs\n- \n- Normally if a callerid TN isn't configured in stir_shaken.conf\n-\t\t\t\t\tno Identity header will be created. If this option is set,\n-\t\t\t\t\thowever, an Identity header will be sent using this\n-\t\t\t\t\tattestation level. Since there's no TN object, you must\n-\t\t\t\t\tensure that a private_key_file and public_cert_url are\n-\t\t\t\t\tconfigured in the attestation or profile objects for\n-\t\t\t\t\tthis to work.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- On load, Retrieve all TN's certificates and validate their dates\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Send a media key (mky) grant in the attestation for DTLS calls.\n-\t\t\t\t\t(not common)\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- STIR/SHAKEN TN options\n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Must be of type 'tn'.\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- File path to a certificate\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- URL to the public certificate\n- \n- Must be a valid http, or https, URL.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Attestation level\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- On load, Retrieve all TN's certificates and validate their dates\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Send a media key (mky) grant in the attestation for DTLS calls.\n-\t\t\t\t\t(not common)\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- STIR/SHAKEN verification options\n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Globally disable verification\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- A boolean indicating whether trusted CA certificates should be loaded from the system\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Path to a file containing one or more CA certs in PEM format\n- \n- These certs are used to verify the chain of trust for the\n-\t\t\t\t\t\tcertificate retrieved from the X5U Identity header parameter. This\n-\t\t\t\t\t\tfile must have the root CA certificate, the certificate of the\n-\t\t\t\t\t\tissuer of the X5U certificate, and any intermediate certificates\n-\t\t\t\t\t\tbetween them.\n- See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Path to a directory containing one or more hashed CA certs\n- \n- \n- \n- For this option, the individual certificates must be placed in\n-\t\t\t\t\t\tthe directory specified and hashed using the\n- openssl rehash\n- command.\n- \n- See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Path to a file containing one or more CRLs in PEM format\n- \n- If you with to check if the certificate in the X5U Identity header\n-\t\t\t\t\t\tparameter has been revoked, you'll need the certificate revocation\n-\t\t\t\t\t\tlist generated by the issuer.\n- See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Path to a directory containing one or more hashed CRLs\n- \n- \n- \n- For this option, the individual CRLs must be placed in\n-\t\t\t\t\t\tthe directory specified and hashed using the\n- openssl rehash\n- command.\n- \n- See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Path to a file containing one or more untrusted cert in PEM format used to verify CRLs\n- \n- If you with to check if the certificate in the X5U Identity header\n-\t\t\t\t\tparameter has been revoked, you'll need the certificate revocation\n-\t\t\t\t\tlist generated by the issuer. Unfortunately, sometimes the CRLs are signed by a\n-\t\t\t\t\tdifferent CA than the certificate being verified. In this case, you\n-\t\t\t\t\tmay need to provide the untrusted certificate to verify the CRL.\n- See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Path to a directory containing one or more hashed untrusted certs used to verify CRLs\n- \n- \n- \n- For this option, the individual certificates must be placed in\n-\t\t\t\t\t\tthe directory specified and hashed using the\n- openssl rehash\n- command.\n- \n- See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Directory to cache retrieved verification certs\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Maximum time to wait to CURL certificates\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Number of seconds a cache entry may be behind current time\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Maximum size to use for caching public keys\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Number of seconds an iat grant may be behind current time\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Number of seconds a SIP Date header may be behind current time\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- The default failure action when not set on a profile\n- \n- \n- \n- \n- If set to\n- continue\n- , continue and let\n-\t\t\t\t\t\t\tthe dialplan decide what action to take.\n- \n- \n- \n- \n- If set to\n- reject_request\n- , reject the incoming\n-\t\t\t\t\t\t\trequest with response codes defined in RFC8224.\n- \n- \n- \n- \n- If set to\n- return_reason\n- , continue to the\n-\t\t\t\t\t\t\tdialplan but add a\n- Reason\n- header to the sender in\n-\t\t\t\t\t\t\tthe next provisional response.\n- \n- \n- \n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- RFC9410 uses the STIR protocol on Reason headers\n-\t\t\t\t\tinstead of the SIP protocol\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Relaxes check for \"https\" and port 443 or 8443\n-\t\t\t\t\tin incoming Identity header x5u URLs.\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Relaxes check for query parameters, user/password, etc.\n-\t\t\t\t\tin incoming Identity header x5u URLs.\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- An existing ACL from acl.conf to use when checking\n-\t\t\t\t\thostnames in incoming Identity header x5u URLs.\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- An IP or subnet to permit when checking\n-\t\t\t\t\thostnames in incoming Identity header x5u URLs.\n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- An IP or subnet to deny checking\n-\t\t\t\t\thostnames in incoming Identity header x5u URLs.\n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- STIR/SHAKEN profile configuration options\n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Must be of type 'profile'.\n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- \n- 18.22.0\n- 20.7.0\n- 21.2.0\n- \n- Actions performed when an endpoint references this profile\n- \n- \n- \n- Don't do any STIR/SHAKEN processing.\n- \n- \n- Attest on outgoing calls.\n- \n- \n- Verify incoming calls.\n- \n- \n- Attest outgoing calls and verify incoming calls.\n- \n- \n- \n- \n- \n- \n- \n- \n- \n- 16.15.0\n- \n- Gets the number of STIR/SHAKEN results or a specific STIR/SHAKEN value from a result on the channel.\n- \n- \n- The index of the STIR/SHAKEN result to get. If only 'count' is passed in, gets the number of STIR/SHAKEN results instead.\n- \n- \n- The value to get from the STIR/SHAKEN result. Only used when an index is passed in (instead of 'count'). Allowable values:\n- \n- \n- \n- \n- \n- \n- \n- \n- This function will either return the number of STIR/SHAKEN identities, or return information on the specified identity.\n-\t\t\tTo get the number of identities, just pass 'count' as the only parameter to the function. If you want to get information on a\n-\t\t\tspecific STIR/SHAKEN identity, you can get the number of identities and then pass an index as the first parameter and one of\n-\t\t\tthe values you would like to retrieve as the second parameter.\n- same => n,NoOp(Number of STIR/SHAKEN identities: ${STIR_SHAKEN(count)})\n-\t\t\tsame => n,NoOp(Identity ${STIR_SHAKEN(0, identity)} has attestation level ${STIR_SHAKEN(0, attestation)})\n- \n- \n \n SIP Resource using PJProject\n \n \n \n 12.0.0\n \n@@ -43748,14 +43248,514 @@\n \n \n \n \n \n \n \n+ \n+ STIR/SHAKEN module for Asterisk\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ STIR/SHAKEN attestation options\n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Globally disable verification\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ File path to a certificate\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ URL to the public certificate\n+ \n+ Must be a valid http, or https, URL.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Attestation level\n+ \n+ \n+ \n+ 20.12.0\n+ 21.7.0\n+ 22.2.0\n+ \n+ Attestation level to use for unknown TNs\n+ \n+ Normally if a callerid TN isn't configured in stir_shaken.conf\n+\t\t\t\t\tno Identity header will be created. If this option is set,\n+\t\t\t\t\thowever, an Identity header will be sent using this\n+\t\t\t\t\tattestation level. Since there's no TN object, you must\n+\t\t\t\t\tensure that a private_key_file and public_cert_url are\n+\t\t\t\t\tconfigured in the attestation or profile objects for\n+\t\t\t\t\tthis to work.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ On load, Retrieve all TN's certificates and validate their dates\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Send a media key (mky) grant in the attestation for DTLS calls.\n+\t\t\t\t\t(not common)\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ STIR/SHAKEN TN options\n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Must be of type 'tn'.\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ File path to a certificate\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ URL to the public certificate\n+ \n+ Must be a valid http, or https, URL.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Attestation level\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ On load, Retrieve all TN's certificates and validate their dates\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Send a media key (mky) grant in the attestation for DTLS calls.\n+\t\t\t\t\t(not common)\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ STIR/SHAKEN verification options\n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Globally disable verification\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ A boolean indicating whether trusted CA certificates should be loaded from the system\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Path to a file containing one or more CA certs in PEM format\n+ \n+ These certs are used to verify the chain of trust for the\n+\t\t\t\t\t\tcertificate retrieved from the X5U Identity header parameter. This\n+\t\t\t\t\t\tfile must have the root CA certificate, the certificate of the\n+\t\t\t\t\t\tissuer of the X5U certificate, and any intermediate certificates\n+\t\t\t\t\t\tbetween them.\n+ See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Path to a directory containing one or more hashed CA certs\n+ \n+ \n+ \n+ For this option, the individual certificates must be placed in\n+\t\t\t\t\t\tthe directory specified and hashed using the\n+ openssl rehash\n+ command.\n+ \n+ See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Path to a file containing one or more CRLs in PEM format\n+ \n+ If you with to check if the certificate in the X5U Identity header\n+\t\t\t\t\t\tparameter has been revoked, you'll need the certificate revocation\n+\t\t\t\t\t\tlist generated by the issuer.\n+ See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Path to a directory containing one or more hashed CRLs\n+ \n+ \n+ \n+ For this option, the individual CRLs must be placed in\n+\t\t\t\t\t\tthe directory specified and hashed using the\n+ openssl rehash\n+ command.\n+ \n+ See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Path to a file containing one or more untrusted cert in PEM format used to verify CRLs\n+ \n+ If you with to check if the certificate in the X5U Identity header\n+\t\t\t\t\tparameter has been revoked, you'll need the certificate revocation\n+\t\t\t\t\tlist generated by the issuer. Unfortunately, sometimes the CRLs are signed by a\n+\t\t\t\t\tdifferent CA than the certificate being verified. In this case, you\n+\t\t\t\t\tmay need to provide the untrusted certificate to verify the CRL.\n+ See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Path to a directory containing one or more hashed untrusted certs used to verify CRLs\n+ \n+ \n+ \n+ For this option, the individual certificates must be placed in\n+\t\t\t\t\t\tthe directory specified and hashed using the\n+ openssl rehash\n+ command.\n+ \n+ See https://docs.asterisk.org/Deployment/STIR-SHAKEN/ for more information.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Directory to cache retrieved verification certs\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Maximum time to wait to CURL certificates\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Number of seconds a cache entry may be behind current time\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Maximum size to use for caching public keys\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Number of seconds an iat grant may be behind current time\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Number of seconds a SIP Date header may be behind current time\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ The default failure action when not set on a profile\n+ \n+ \n+ \n+ \n+ If set to\n+ continue\n+ , continue and let\n+\t\t\t\t\t\t\tthe dialplan decide what action to take.\n+ \n+ \n+ \n+ \n+ If set to\n+ reject_request\n+ , reject the incoming\n+\t\t\t\t\t\t\trequest with response codes defined in RFC8224.\n+ \n+ \n+ \n+ \n+ If set to\n+ return_reason\n+ , continue to the\n+\t\t\t\t\t\t\tdialplan but add a\n+ Reason\n+ header to the sender in\n+\t\t\t\t\t\t\tthe next provisional response.\n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ RFC9410 uses the STIR protocol on Reason headers\n+\t\t\t\t\tinstead of the SIP protocol\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Relaxes check for \"https\" and port 443 or 8443\n+\t\t\t\t\tin incoming Identity header x5u URLs.\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Relaxes check for query parameters, user/password, etc.\n+\t\t\t\t\tin incoming Identity header x5u URLs.\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ An existing ACL from acl.conf to use when checking\n+\t\t\t\t\thostnames in incoming Identity header x5u URLs.\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ An IP or subnet to permit when checking\n+\t\t\t\t\thostnames in incoming Identity header x5u URLs.\n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ An IP or subnet to deny checking\n+\t\t\t\t\thostnames in incoming Identity header x5u URLs.\n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ STIR/SHAKEN profile configuration options\n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Must be of type 'profile'.\n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ 18.22.0\n+ 20.7.0\n+ 21.2.0\n+ \n+ Actions performed when an endpoint references this profile\n+ \n+ \n+ \n+ Don't do any STIR/SHAKEN processing.\n+ \n+ \n+ Attest on outgoing calls.\n+ \n+ \n+ Verify incoming calls.\n+ \n+ \n+ Attest outgoing calls and verify incoming calls.\n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ 16.15.0\n+ \n+ Gets the number of STIR/SHAKEN results or a specific STIR/SHAKEN value from a result on the channel.\n+ \n+ \n+ The index of the STIR/SHAKEN result to get. If only 'count' is passed in, gets the number of STIR/SHAKEN results instead.\n+ \n+ \n+ The value to get from the STIR/SHAKEN result. Only used when an index is passed in (instead of 'count'). Allowable values:\n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ \n+ This function will either return the number of STIR/SHAKEN identities, or return information on the specified identity.\n+\t\t\tTo get the number of identities, just pass 'count' as the only parameter to the function. If you want to get information on a\n+\t\t\tspecific STIR/SHAKEN identity, you can get the number of identities and then pass an index as the first parameter and one of\n+\t\t\tthe values you would like to retrieve as the second parameter.\n+ same => n,NoOp(Number of STIR/SHAKEN identities: ${STIR_SHAKEN(count)})\n+\t\t\tsame => n,NoOp(Identity ${STIR_SHAKEN(0, identity)} has attestation level ${STIR_SHAKEN(0, attestation)})\n+ \n+ \n \n bluetooth\n no\n extended\n \n \n no\n"}]}]}]}]}]}