From 500d97e548cd8c90c55e20048c04fc395e46c8f5 Mon Sep 17 00:00:00 2001
From: Jehan Monnier <jehan.monnier@linphone.org>
Date: Thu, 13 Jun 2013 08:35:38 +0200
Subject: [PATCH] add privacy settings at proxy level

---
 coreapi/bellesip_sal/sal_impl.c    | 41 ++++++++++++++++++-
 coreapi/bellesip_sal/sal_impl.h    |  4 +-
 coreapi/bellesip_sal/sal_op_impl.c | 36 ++++++++++++++---
 coreapi/callbacks.c                |  7 +++-
 coreapi/linphonecall.c             | 21 ++++++++--
 coreapi/linphonecore.c             |  6 ++-
 coreapi/linphonecore.h             | 65 ++++++++++++++++++++++++++----
 coreapi/private.h                  |  6 +--
 coreapi/proxy.c                    | 10 +++++
 coreapi/sal.c                      | 11 +++++
 include/sal/sal.h                  | 18 +++++++++
 tester/call_tester.c               | 29 +++++++++++--
 tester/message_tester.c            | 30 ++++++++++++++
 13 files changed, 254 insertions(+), 30 deletions(-)

diff --git a/coreapi/bellesip_sal/sal_impl.c b/coreapi/bellesip_sal/sal_impl.c
index 9c2fd6cc0..1583871e1 100644
--- a/coreapi/bellesip_sal/sal_impl.c
+++ b/coreapi/bellesip_sal/sal_impl.c
@@ -22,7 +22,40 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 #ifdef HAVE_CONFIG_H
 #include "config.h"
 #endif
-
+/*
+rfc3323
+4.2 Expressing Privacy Preferences
+When a Privacy header is constructed, it MUST consist of either the
+   value 'none', or one or more of the values 'user', 'header' and
+   'session' (each of which MUST appear at most once) which MAY in turn
+   be followed by the 'critical' indicator.
+ */
+void sal_op_set_privacy_from_message(SalOp* op,belle_sip_message_t* msg) {
+	belle_sip_header_privacy_t* privacy = belle_sip_message_get_header_by_type(msg,belle_sip_header_privacy_t);
+	if (!privacy) {
+		sal_op_set_privacy(op,SalPrivacyNone);
+	} else {
+		belle_sip_list_t* privacy_list=belle_sip_header_privacy_get_privacy(privacy);
+		sal_op_set_privacy(op,0);
+		for (;privacy_list!=NULL;privacy_list=privacy_list->next) {
+			char* privacy_value=(char*)privacy_list->data;
+			if(strcmp(sal_privacy_to_string(SalPrivacyCritical),privacy_value) == 0)
+				sal_op_set_privacy(op,sal_op_get_privacy(op)|SalPrivacyCritical);
+			if(strcmp(sal_privacy_to_string(SalPrivacyHeader),privacy_value) == 0)
+							sal_op_set_privacy(op,sal_op_get_privacy(op)|SalPrivacyHeader);
+			if(strcmp(sal_privacy_to_string(SalPrivacyId),privacy_value) == 0)
+							sal_op_set_privacy(op,sal_op_get_privacy(op)|SalPrivacyId);
+			if(strcmp(sal_privacy_to_string(SalPrivacyNone),privacy_value) == 0) {
+				sal_op_set_privacy(op,SalPrivacyNone);
+				break;
+			}
+			if(strcmp(sal_privacy_to_string(SalPrivacySession),privacy_value) == 0)
+							sal_op_set_privacy(op,sal_op_get_privacy(op)|SalPrivacySession);
+			if(strcmp(sal_privacy_to_string(SalPrivacyUser),privacy_value) == 0)
+										sal_op_set_privacy(op,sal_op_get_privacy(op)|SalPrivacyUser);
+		}
+	}
+}
 static void set_tls_properties(Sal *ctx);
 
 void _belle_sip_log(belle_sip_log_level lev, const char *fmt, va_list args) {
@@ -206,7 +239,10 @@ static void process_request_event(void *sal, const belle_sip_request_event_t *ev
 	if (!op->base.call_id) {
 		op->base.call_id=ms_strdup(belle_sip_header_call_id_get_call_id(BELLE_SIP_HEADER_CALL_ID(belle_sip_message_get_header_by_type(BELLE_SIP_MESSAGE(req), belle_sip_header_call_id_t))));
 	}
-	
+	/*It is worth noting that proxies can (and
+   will) remove this header field*/
+	sal_op_set_privacy_from_message(op,(belle_sip_message_t*)req);
+
 	sal_op_assign_recv_headers(op,(belle_sip_message_t*)req);
 	if (op->callbacks.process_request_event) {
 		op->callbacks.process_request_event(op,event);
@@ -246,6 +282,7 @@ static void process_response_event(void *user_ctx, const belle_sip_response_even
 		if (!op->base.call_id) {
 			op->base.call_id=ms_strdup(belle_sip_header_call_id_get_call_id(BELLE_SIP_HEADER_CALL_ID(belle_sip_message_get_header_by_type(BELLE_SIP_MESSAGE(response), belle_sip_header_call_id_t))));
 		}
+
 		sal_op_assign_recv_headers(op,(belle_sip_message_t*)response);
 		
 		if (op->callbacks.process_response_event) {
diff --git a/coreapi/bellesip_sal/sal_impl.h b/coreapi/bellesip_sal/sal_impl.h
index 80ba748c2..61ef731d8 100644
--- a/coreapi/bellesip_sal/sal_impl.h
+++ b/coreapi/bellesip_sal/sal_impl.h
@@ -90,7 +90,7 @@ struct SalOp{
 	belle_sip_refresher_t* refresher;
 	int ref;
 	SalOpType_t type;
-	bool_t privacy_enabled;
+	SalPrivacyMask privacy;
 };
 
 
@@ -145,6 +145,4 @@ bool_t sal_op_get_body(SalOp *op, belle_sip_message_t *msg, SalBody *salbody);
 
 SalReason sal_reason_to_sip_code(SalReason r);
 
-void sal_op_enable_privacy(SalOp* op,bool_t enable);
-bool_t sal_op_privacy_enabled(const SalOp* op);
 #endif /* SAL_IMPL_H_ */
diff --git a/coreapi/bellesip_sal/sal_op_impl.c b/coreapi/bellesip_sal/sal_op_impl.c
index 625cc6ef4..ba5f1b2ef 100644
--- a/coreapi/bellesip_sal/sal_op_impl.c
+++ b/coreapi/bellesip_sal/sal_op_impl.c
@@ -24,6 +24,7 @@ SalOp * sal_op_new(Sal *sal){
 	SalOp *op=ms_new0(SalOp,1);
 	__sal_op_init(op,sal);
 	op->type=SalOpUnknown;
+	op->privacy=SalPrivacyNone;
 	sal_op_ref(op);
 	return op;
 }
@@ -107,8 +108,13 @@ belle_sip_request_t* sal_op_build_request(SalOp *op,const char* method) {
 	belle_sip_uri_t* req_uri;
 	char token[10];
 
-	from_header = belle_sip_header_from_create(BELLE_SIP_HEADER_ADDRESS(sal_op_get_from_address(op))
+
+	if (strcmp("REGISTER",method)==0 || op->privacy==SalPrivacyNone) {
+		from_header = belle_sip_header_from_create(BELLE_SIP_HEADER_ADDRESS(sal_op_get_from_address(op))
 												,belle_sip_random_token(token,sizeof(token)));
+	} else {
+		from_header=belle_sip_header_from_create2("Anonymous <sip:anonymous@anonymous.invalid>",belle_sip_random_token(token,sizeof(token)));
+	}
 	to_header = belle_sip_header_to_create(BELLE_SIP_HEADER_ADDRESS(sal_op_get_to_address(op)),NULL);
 	req_uri = (belle_sip_uri_t*)belle_sip_object_clone((belle_sip_object_t*)belle_sip_header_address_get_uri((belle_sip_header_address_t*)to_header));
 
@@ -122,6 +128,26 @@ belle_sip_request_t* sal_op_build_request(SalOp *op,const char* method) {
 		                    belle_sip_header_via_new(),
 		                    70);
 
+	if (op->privacy&SalPrivacyId) {
+		belle_sip_header_p_preferred_identity_t* p_preferred_identity=belle_sip_header_p_preferred_identity_create(BELLE_SIP_HEADER_ADDRESS(sal_op_get_from_address(op)));
+		belle_sip_message_add_header(BELLE_SIP_MESSAGE(req),BELLE_SIP_HEADER(p_preferred_identity));
+	}
+	if (strcmp("REGISTER",method)!=0 && (op->privacy&(SalPrivacyNone|SalPrivacyDefault))==0 ) { /*at this level, default = none*/
+		belle_sip_header_privacy_t* privacy_header=belle_sip_header_privacy_new();
+		if (op->privacy&SalPrivacyCritical)
+			belle_sip_header_privacy_add_privacy(privacy_header,sal_privacy_to_string(SalPrivacyCritical));
+		if (op->privacy&SalPrivacyHeader)
+			belle_sip_header_privacy_add_privacy(privacy_header,sal_privacy_to_string(SalPrivacyHeader));
+		if (op->privacy&SalPrivacyId)
+			belle_sip_header_privacy_add_privacy(privacy_header,sal_privacy_to_string(SalPrivacyId));
+		if (op->privacy&SalPrivacyNone)
+			belle_sip_header_privacy_add_privacy(privacy_header,sal_privacy_to_string(SalPrivacyNone));
+		if (op->privacy&SalPrivacySession)
+			belle_sip_header_privacy_add_privacy(privacy_header,sal_privacy_to_string(SalPrivacySession));
+		if (op->privacy&SalPrivacyUser)
+			belle_sip_header_privacy_add_privacy(privacy_header,sal_privacy_to_string(SalPrivacyUser));
+		belle_sip_message_add_header(BELLE_SIP_MESSAGE(req),BELLE_SIP_HEADER(privacy_header));
+	}
 	return req;
 }
 
@@ -485,9 +511,9 @@ bool_t sal_op_get_body(SalOp *op, belle_sip_message_t *msg, SalBody *salbody){
 	memset(salbody,0,sizeof(salbody));
 	return FALSE;
 }
-void sal_op_enable_privacy(SalOp* op,bool_t enable) {
-	op->privacy_enabled=enable;
+void sal_op_set_privacy(SalOp* op,SalPrivacyMask privacy) {
+	op->privacy=privacy;
 }
- bool_t sal_op_privacy_enabled(const SalOp* op) {
-	return op->privacy_enabled;
+SalPrivacyMask sal_op_get_privacy(const SalOp* op) {
+	return op->privacy;
 }
diff --git a/coreapi/callbacks.c b/coreapi/callbacks.c
index 1fe12bd1a..1bd9bbc59 100644
--- a/coreapi/callbacks.c
+++ b/coreapi/callbacks.c
@@ -282,6 +282,9 @@ static void call_ringing(SalOp *h){
 	
 	if (call==NULL) return;
 	
+	/*set privacy*/
+	call->current_params.privacy=(LinphonePrivacyMask)sal_op_get_privacy(call->op);
+
 	if (lc->vtable.display_status)
 		lc->vtable.display_status(lc,_("Remote ringing."));
 	
@@ -339,6 +342,8 @@ static void call_accepted(SalOp *op){
 		ms_warning("No call to accept.");
 		return ;
 	}
+	/*set privacy*/
+	call->current_params.privacy=(LinphonePrivacyMask)sal_op_get_privacy(call->op);
 
 	/* Handle remote ICE attributes if any. */
 	if (call->ice_session != NULL) {
@@ -351,7 +356,7 @@ static void call_accepted(SalOp *op){
 #endif //BUILD_UPNP
 
 	md=sal_call_get_final_media_description(op);
-	if (md)
+	if (md) /*make sure re-invite will not prose video again*/
 		call->params.has_video &= linphone_core_media_description_contains_video_stream(md);
 	
 	if (call->state==LinphoneCallOutgoingProgress ||
diff --git a/coreapi/linphonecall.c b/coreapi/linphonecall.c
index ef97be71e..f4a9c508f 100644
--- a/coreapi/linphonecall.c
+++ b/coreapi/linphonecall.c
@@ -480,6 +480,9 @@ void linphone_call_create_op(LinphoneCall *call){
 	if (call->params.referer)
 		sal_call_set_referer(call->op,call->params.referer->op);
 	linphone_configure_op(call->core,call->op,call->log->to,call->params.custom_headers,FALSE);
+	if (call->params.privacy != LinphonePrivacyDefault)
+		sal_op_set_privacy(call->op,(SalPrivacyMask)call->params.privacy);
+	/*else privacy might be set by proxy */
 }
 
 LinphoneCall * linphone_call_new_outgoing(struct _LinphoneCore *lc, LinphoneAddress *from, LinphoneAddress *to, const LinphoneCallParams *params, LinphoneProxyConfig *cfg){
@@ -526,6 +529,7 @@ LinphoneCall * linphone_call_new_incoming(LinphoneCore *lc, LinphoneAddress *fro
 	call->op=op;
 	call->core=lc;
 
+
 	if (lc->sip_conf.ping_with_options){
 #ifdef BUILD_UPNP
 		if (lc->upnp != NULL && linphone_core_get_firewall_policy(lc)==LinphonePolicyUseUpnp &&
@@ -549,6 +553,9 @@ LinphoneCall * linphone_call_new_incoming(LinphoneCore *lc, LinphoneAddress *fro
 	linphone_call_init_common(call, from, to);
 	call->log->call_id=ms_strdup(sal_op_get_call_id(op)); /*must be known at that time*/
 	linphone_core_init_default_params(lc, &call->params);
+	/*set privacy*/
+	call->current_params.privacy=(LinphonePrivacyMask)sal_op_get_privacy(call->op);
+
 	md=sal_call_get_remote_media_description(op);
 	call->params.has_video &= !!lc->video_policy.automatically_accept;
 	if (md) {
@@ -1141,18 +1148,26 @@ void _linphone_call_params_copy(LinphoneCallParams *ncp, const LinphoneCallParam
 	if (cp->custom_headers) ncp->custom_headers=sal_custom_header_clone(cp->custom_headers);
 }
 
-void linphone_call_params_set_privacy(LinphoneCallParams *params, LinphonePrivacy privacy) {
+void linphone_call_params_set_privacy(LinphoneCallParams *params, LinphonePrivacyMask privacy) {
 	params->privacy=privacy;
 }
-LinphonePrivacy linphone_call_params_get_privacy(const LinphoneCallParams *params) {
+LinphonePrivacyMask linphone_call_params_get_privacy(const LinphoneCallParams *params) {
 	return params->privacy;
 }
+
+
+
+
 const char* linphone_privacy_to_string(LinphonePrivacy privacy) {
 	switch(privacy) {
 	case LinphonePrivacyDefault: return "LinphonePrivacyDefault";
+	case LinphonePrivacyUser: return "LinphonePrivacyUser";
+	case LinphonePrivacyHeader: return "LinphonePrivacyHeader";
+	case LinphonePrivacySession: return "LinphonePrivacySession";
 	case LinphonePrivacyId: return "LinphonePrivacyId";
 	case LinphonePrivacyNone: return "LinphonePrivacyNone";
-	default:	return "Unknown privacy mode";
+	case LinphonePrivacyCritical: return "LinphonePrivacyCritical";
+	default: return "Unknown privacy mode";
 	}
 }
 /**
diff --git a/coreapi/linphonecore.c b/coreapi/linphonecore.c
index edaae9434..09633cefc 100644
--- a/coreapi/linphonecore.c
+++ b/coreapi/linphonecore.c
@@ -2596,6 +2596,9 @@ void linphone_configure_op(LinphoneCore *lc, SalOp *op, const LinphoneAddress *d
 	const char *identity;
 	if (proxy){
 		identity=linphone_proxy_config_get_identity(proxy);
+		if (linphone_proxy_config_get_privacy(proxy)!=LinphonePrivacyDefault) {
+			sal_op_set_privacy(op,linphone_proxy_config_get_privacy(proxy));
+		}
 	}else identity=linphone_core_get_primary_contact(lc);
 	/*sending out of calls*/
 	if (proxy){
@@ -2608,6 +2611,7 @@ void linphone_configure_op(LinphoneCore *lc, SalOp *op, const LinphoneAddress *d
 	if (with_contact && proxy && proxy->op && sal_op_get_contact(proxy->op)){
 		sal_op_set_contact(op,sal_op_get_contact(proxy->op));
 	}
+
 }
 
 /**
@@ -5888,7 +5892,7 @@ void linphone_core_init_default_params(LinphoneCore*lc, LinphoneCallParams *para
 	params->has_video=linphone_core_video_enabled(lc) && lc->video_policy.automatically_initiate;
 	params->media_encryption=linphone_core_get_media_encryption(lc);
 	params->in_conference=FALSE;
-	params->privacy=LinphonePrivacyNone;
+	params->privacy=LinphonePrivacyDefault;
 }
 
 void linphone_core_set_device_identifier(LinphoneCore *lc,const char* device_id) {
diff --git a/coreapi/linphonecore.h b/coreapi/linphonecore.h
index 9e82de6c7..0a16d779e 100644
--- a/coreapi/linphonecore.h
+++ b/coreapi/linphonecore.h
@@ -282,22 +282,57 @@ LINPHONE_PUBLIC	void linphone_call_params_add_custom_header(LinphoneCallParams *
 LINPHONE_PUBLIC	const char *linphone_call_params_get_custom_header(const LinphoneCallParams *params, const char *header_name);
 /***
  * @ingroup call_control
- * Defines privacy policy to apply as described by rfc3325
+ * Defines privacy policy to apply as described by rfc3323
  * */
 typedef enum _LinphonePrivacy {
 	/**
 	 * Default privacy as defined either globally or by proxy using #linphone_proxy_config_set_privacy
 	 */
-	LinphonePrivacyDefault,
+	LinphonePrivacyDefault=0x0,
 	/**
-	 * With this mode, "from" header is hidden, usually replaced by  From: "Anonymous" <sip:anonymous@anonymous.invalid>
+	 * Request that privacy services provide a user-level privacy
+     * function.
+      * With this mode, "from" header is hidden, usually replaced by  From: "Anonymous" <sip:anonymous@anonymous.invalid>
 	 */
-	LinphonePrivacyId,
+	LinphonePrivacyUser=0x1,
 	/**
-	 * No privacy action are taken
+	 * Request that privacy services modify headers that cannot
+     * be set arbitrarily by the user (Contact/Via).
 	 */
-	LinphonePrivacyNone
+	LinphonePrivacyHeader=0x2,
+	/*
+	 *  Request that privacy services provide privacy for session
+     * media
+    */
+	LinphonePrivacySession=0x4,
+	/**
+	 * rfc3325
+	 * The presence of this privacy type in
+     * a Privacy header field indicates that the user would like the Network
+     * Asserted Identity to be kept private with respect to SIP entities
+     * outside the Trust Domain with which the user authenticated.  Note
+     * that a user requesting multiple types of privacy MUST include all of
+     * the requested privacy types in its Privacy header field value
+	 *
+	 */
+	LinphonePrivacyId=0x8,
+	/**
+	 * Privacy services must not perform any privacy function
+	 */
+	LinphonePrivacyNone=0x10,
+	/**
+	 * Privacy service must perform the specified services or
+     * fail the request
+	 *
+	 **/
+	 LinphonePrivacyCritical=0x20
+
 } LinphonePrivacy;
+/*
+ * a mask  of #LinphonePrivacy values
+ * */
+typedef unsigned int LinphonePrivacyMask;
+
 /**
  * @ingroup call_control
  * @return string value of LinphonePrivacy enum
@@ -309,14 +344,14 @@ const char* linphone_privacy_to_string(LinphonePrivacy privacy);
  * @param params to be modified
  * @param LinphonePrivacy to configure privacy
  * */
-LINPHONE_PUBLIC	void linphone_call_params_set_privacy(LinphoneCallParams *params, LinphonePrivacy privacy);
+LINPHONE_PUBLIC	void linphone_call_params_set_privacy(LinphoneCallParams *params, LinphonePrivacyMask privacy);
 /**
  * @ingroup call_control
  * indicates if "from" must be replaced by anonymous value as described by rfc3325.
  * @param params object
  * @return Privacy mode
  * */
-LINPHONE_PUBLIC LinphonePrivacy linphone_call_params_get_privacy(const LinphoneCallParams *params);
+LINPHONE_PUBLIC LinphonePrivacyMask linphone_call_params_get_privacy(const LinphoneCallParams *params);
 
 
 struct _LinphoneInfoMessage;
@@ -668,6 +703,20 @@ LINPHONE_PUBLIC	void linphone_proxy_config_set_user_data(LinphoneProxyConfig *cr
  */
 LINPHONE_PUBLIC	void * linphone_proxy_config_get_user_data(LinphoneProxyConfig *cr);
 
+/**
+ *
+ * Indicates if "from" must be replaced by anonymous value as described by rfc3325.
+ * @param params to be modified
+ * @param LinphonePrivacy to configure privacy
+ * */
+LINPHONE_PUBLIC	void linphone_proxy_config_set_privacy(LinphoneProxyConfig *params, LinphonePrivacyMask privacy);
+/**
+ * indicates if "from" must be replaced by anonymous value as described by rfc3325.
+ * @param params object
+ * @return Privacy mode
+ * */
+LINPHONE_PUBLIC LinphonePrivacyMask linphone_proxy_config_get_privacy(const LinphoneProxyConfig *params);
+
 /**
  * @}
 **/
diff --git a/coreapi/private.h b/coreapi/private.h
index db628274b..383faa2f0 100644
--- a/coreapi/private.h
+++ b/coreapi/private.h
@@ -74,9 +74,6 @@ extern "C" {
 #endif
 #endif
 
-struct LinphoneParams {
-
-};
 struct _LinphoneCallParams{
 	LinphoneCall *referer; /*in case this call creation is consecutive to an incoming transfer, this points to the original call */
 	int audio_bw; /* bandwidth limit for audio stream */
@@ -94,7 +91,7 @@ struct _LinphoneCallParams{
 	bool_t in_conference; /*in conference mode */
 	bool_t pad;
 	bool_t low_bandwidth;
-	LinphonePrivacy privacy;
+	LinphonePrivacyMask privacy;
 };
 
 struct _LinphoneCallLog{
@@ -400,6 +397,7 @@ struct _LinphoneProxyConfig
 	void* user_data;
 	time_t deletion_date;
 	LinphoneReason error;
+	LinphonePrivacyMask privacy;
 };
 
 struct _LinphoneAuthInfo
diff --git a/coreapi/proxy.c b/coreapi/proxy.c
index b5d613f5f..4bf6e6dc1 100644
--- a/coreapi/proxy.c
+++ b/coreapi/proxy.c
@@ -47,6 +47,7 @@ static void linphone_proxy_config_init(LinphoneCore* lc,LinphoneProxyConfig *obj
 	obj->expires=LP_CONFIG_DEFAULT_INT((lc?lc->config:NULL),"reg_expires",3600);
 	obj->dial_prefix=ms_strdup(LP_CONFIG_DEFAULT_STRING((lc?lc->config:NULL),"dial_prefix",'\0'));
 	obj->dial_escape_plus=LP_CONFIG_DEFAULT_INT((lc?lc->config:NULL),"dial_escape_plus",0);
+	obj->privacy=LP_CONFIG_DEFAULT_INT((lc?lc->config:NULL),"privacy",LinphonePrivacyDefault);
 }
 
 /**
@@ -1065,6 +1066,7 @@ void linphone_proxy_config_write_to_config_file(LpConfig *config, LinphoneProxyC
 	lp_config_set_int(config,key,"publish",obj->publish);
 	lp_config_set_int(config,key,"dial_escape_plus",obj->dial_escape_plus);
 	lp_config_set_string(config,key,"dial_prefix",obj->dial_prefix);
+	lp_config_set_int(config,key,"privacy",obj->privacy);
 }
 
 
@@ -1108,6 +1110,8 @@ LinphoneProxyConfig *linphone_proxy_config_new_from_config_file(LpConfig *config
 	if (tmp!=NULL && strlen(tmp)>0) 
 		linphone_proxy_config_set_sip_setup(cfg,tmp);
 
+	linphone_proxy_config_set_privacy(cfg,lp_config_get_int(config,key,"privacy",LP_CONFIG_DEFAULT_INT(config,"privacy",LinphonePrivacyDefault)));
+
 	return cfg;
 }
 
@@ -1384,3 +1388,9 @@ const char* linphone_proxy_config_get_transport(const LinphoneProxyConfig *cfg)
 
 	return ret;
 }
+void linphone_proxy_config_set_privacy(LinphoneProxyConfig *params, LinphonePrivacyMask privacy) {
+	params->privacy=privacy;
+}
+LinphonePrivacyMask linphone_proxy_config_get_privacy(const LinphoneProxyConfig *params) {
+	return params->privacy;
+}
diff --git a/coreapi/sal.c b/coreapi/sal.c
index 6c4db977b..dbcf87c0c 100644
--- a/coreapi/sal.c
+++ b/coreapi/sal.c
@@ -555,3 +555,14 @@ const char* sal_presence_status_to_string(const SalPresenceStatus status) {
 	}
 
 }
+const char* sal_privacy_to_string(SalPrivacy privacy) {
+	switch(privacy) {
+	case SalPrivacyUser: return "user";
+	case SalPrivacyHeader: return "header";
+	case SalPrivacySession: return "session";
+	case SalPrivacyId: return "id";
+	case SalPrivacyNone: return "none";
+	case SalPrivacyCritical: return "critical";
+	default: return NULL;
+	}
+}
diff --git a/include/sal/sal.h b/include/sal/sal.h
index 7ace50bdb..d0d0c4a8a 100644
--- a/include/sal/sal.h
+++ b/include/sal/sal.h
@@ -127,6 +127,7 @@ typedef enum{
 }SalStreamDir;
 const char* sal_stream_dir_to_string(SalStreamDir type);
 
+
 #define SAL_ENDPOINT_CANDIDATE_MAX 2
 
 #define SAL_MEDIA_DESCRIPTION_MAX_ICE_ADDR_LEN 64
@@ -548,6 +549,23 @@ int sal_notify(SalOp *op, const SalBody *body);
 int sal_notify_close(SalOp *op);
 int sal_publish(SalOp *op, const char *from, const char *to, const char*event_name, int expires, const SalBody *body);
 
+/*privacy, must be in sync with LinphonePrivacyMask*/
+typedef enum _SalPrivacy {
+	SalPrivacyDefault=0x0,
+	SalPrivacyUser=0x1,
+	SalPrivacyHeader=0x2,
+	SalPrivacySession=0x4,
+	SalPrivacyId=0x8,
+	SalPrivacyNone=0x10,
+	 SalPrivacyCritical=0x20
+} SalPrivacy;
+typedef  unsigned int SalPrivacyMask;
+
+const char* sal_privacy_to_string(SalPrivacy  privacy);
+void sal_op_set_privacy(SalOp* op,SalPrivacy privacy);
+SalPrivacy sal_op_get_privacy(const SalOp* op);
+
+
 
 #define payload_type_set_number(pt,n)		(pt)->user_data=(void*)((long)n);
 #define payload_type_get_number(pt)		((int)(long)(pt)->user_data)
diff --git a/tester/call_tester.c b/tester/call_tester.c
index f075add6a..ddfde8990 100644
--- a/tester/call_tester.c
+++ b/tester/call_tester.c
@@ -132,8 +132,11 @@ bool_t call_with_params(LinphoneCoreManager* caller_mgr,LinphoneCoreManager* cal
 	CU_ASSERT_PTR_NOT_NULL(linphone_core_get_current_call_remote_address(callee_mgr->lc));
 	if (!linphone_core_get_current_call_remote_address(callee_mgr->lc))
 		return 0;
-	CU_ASSERT_TRUE(linphone_address_weak_equal(caller_mgr->identity,linphone_core_get_current_call_remote_address(callee_mgr->lc)));
-
+	if (linphone_call_params_get_privacy(linphone_call_get_current_params(linphone_core_get_current_call(caller_mgr->lc))) == LinphonePrivacyNone) {
+		CU_ASSERT_TRUE(linphone_address_weak_equal(caller_mgr->identity,linphone_core_get_current_call_remote_address(callee_mgr->lc)));
+	} else {
+		CU_ASSERT_FALSE(linphone_address_weak_equal(caller_mgr->identity,linphone_core_get_current_call_remote_address(callee_mgr->lc)));
+	}
 
 	linphone_core_accept_call(callee_mgr->lc,linphone_core_get_current_call(callee_mgr->lc));
 
@@ -613,7 +616,7 @@ static void call_with_privacy(void) {
 	LinphoneCoreManager* pauline = linphone_core_manager_new(liblinphone_tester_file_prefix, "pauline_rc");
 	LinphoneCall *c1,*c2;
 	LinphoneCallParams *params;
-
+	LinphoneProxyConfig* pauline_proxy;
 	params=linphone_core_create_default_call_parameters(pauline->lc);
 	linphone_call_params_set_privacy(params,LinphonePrivacyId);
 
@@ -639,6 +642,26 @@ static void call_with_privacy(void) {
 	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&pauline->stat.number_of_LinphoneCallEnd,1));
 	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&marie->stat.number_of_LinphoneCallEnd,1));
 
+	/*test proxy config privacy*/
+	linphone_core_get_default_proxy(pauline->lc,&pauline_proxy);
+	linphone_proxy_config_set_privacy(pauline_proxy,LinphonePrivacyId);
+
+	CU_ASSERT_TRUE(call(pauline,marie));
+	c1=linphone_core_get_current_call(pauline->lc);
+	c2=linphone_core_get_current_call(marie->lc);
+
+	CU_ASSERT_PTR_NOT_NULL(c1);
+	CU_ASSERT_PTR_NOT_NULL(c2);
+
+	/*make sure remote identity is hidden*/
+	CU_ASSERT_FALSE(linphone_address_weak_equal(linphone_call_get_remote_address(c2),pauline->identity));
+
+	CU_ASSERT_EQUAL(linphone_call_params_get_privacy(linphone_call_get_current_params(c2)),LinphonePrivacyId);
+	/*just to sleep*/
+	linphone_core_terminate_all_calls(pauline->lc);
+	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&pauline->stat.number_of_LinphoneCallEnd,2));
+	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&marie->stat.number_of_LinphoneCallEnd,2));
+
 	linphone_core_manager_destroy(marie);
 	linphone_core_manager_destroy(pauline);
 }
diff --git a/tester/message_tester.c b/tester/message_tester.c
index 7d2b1ea7e..a56e9676a 100644
--- a/tester/message_tester.c
+++ b/tester/message_tester.c
@@ -64,14 +64,43 @@ void linphone_chat_message_state_change(LinphoneChatMessage* msg,LinphoneChatMes
 static void text_message(void) {
 	LinphoneCoreManager* marie = linphone_core_manager_new(liblinphone_tester_file_prefix, "marie_rc");
 	LinphoneCoreManager* pauline = linphone_core_manager_new(liblinphone_tester_file_prefix, "pauline_rc");
+
 	char* to = linphone_address_as_string(marie->identity);
 	LinphoneChatRoom* chat_room = linphone_core_create_chat_room(pauline->lc,to);
+	ms_free(to);
+
 	linphone_chat_room_send_message(chat_room,"Bla bla bla bla");
 	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&marie->stat.number_of_LinphoneMessageReceived,1));
 	CU_ASSERT_EQUAL(marie->stat.number_of_LinphoneMessageReceivedLegacy,1);
+
+	CU_ASSERT_PTR_NOT_NULL(linphone_core_get_chat_room(marie->lc,pauline->identity));
+
 	linphone_core_manager_destroy(marie);
 	linphone_core_manager_destroy(pauline);
 }
+
+static void text_message_with_privacy(void) {
+	LinphoneCoreManager* marie = linphone_core_manager_new(liblinphone_tester_file_prefix, "marie_rc");
+	LinphoneCoreManager* pauline = linphone_core_manager_new(liblinphone_tester_file_prefix, "pauline_rc");
+	LinphoneProxyConfig* pauline_proxy;
+	char* to = linphone_address_as_string(marie->identity);
+	LinphoneChatRoom* chat_room = linphone_core_create_chat_room(pauline->lc,to);
+	ms_free(to);
+
+	/*test proxy config privacy*/
+	linphone_core_get_default_proxy(pauline->lc,&pauline_proxy);
+	linphone_proxy_config_set_privacy(pauline_proxy,LinphonePrivacyId);
+
+	CU_ASSERT_PTR_NULL(linphone_core_get_chat_room(marie->lc,pauline->identity));
+
+	linphone_chat_room_send_message(chat_room,"Bla bla bla bla");
+	CU_ASSERT_TRUE(wait_for(pauline->lc,marie->lc,&marie->stat.number_of_LinphoneMessageReceived,1));
+	CU_ASSERT_EQUAL(marie->stat.number_of_LinphoneMessageReceivedLegacy,1);
+
+	linphone_core_manager_destroy(marie);
+	linphone_core_manager_destroy(pauline);
+}
+
 static void text_message_compatibility_mode(void) {
 	char route[256];
 	LinphoneCoreManager* marie = linphone_core_manager_new(liblinphone_tester_file_prefix, "marie_rc");
@@ -225,6 +254,7 @@ static void info_message_with_body(){
 
 test_t message_tests[] = {
 	{ "Text message", text_message },
+	{ "Text message with privacy", text_message_with_privacy },
 	{ "Text message compatibility mode", text_message_compatibility_mode },
 	{ "Text message with ack", text_message_with_ack },
 	{ "Text message with send error", text_message_with_send_error },