kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-03 03:20:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
17d6a08beb3637004c9b4148f9d2c40bea8ad063
asterisk/res/res_pjsip_stir_shaken.c
George Joseph 181edcc3a3 Stir/Shaken Refactor 
Why do we need a refactor?

The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation.  The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.

There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.

Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use.  With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.

What's changed?

* Configuration objects have been refactored to be clearer about
  their uses and to fix issues.
    * The "general" object was renamed to "verification" since it
      contains parameters specific to the incoming verification
      process.  It also never handled ca_path and crl_path
      correctly.
    * A new "attestation" object was added that controls the
      outgoing attestation process.  It sets default certificates,
      keys, etc.
    * The "certificate" object was renamed to "tn" and had it's key
      change to telephone number since outgoing call attestation
      needs to look up certificates by telephone number.
    * The "profile" object had more parameters added to it that can
      override default parameters specified in the "attestation"
      and "verification" objects.
    * The "store" object was removed altogther as it was never
      implemented.

* We now use libjwt to create outgoing Identity headers and to
  parse and validate signatures on incoming Identiy headers.  Our
  previous custom implementation was much of the source of the
  interoperability issues.

* General code cleanup and refactor.
    * Moved things to better places.
    * Separated some of the complex functions to smaller ones.
    * Using context objects rather than passing tons of parameters
      in function calls.
    * Removed some complexity and unneeded encapsuation from the
      config objects.

Resolves: #351
Resolves: #46

UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.

UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed.  The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information.  This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added.  Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
2024-02-28 18:38:56 +00:00

497 lines
16 KiB
C
Raw Blame History

/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2020, Sangoma Technologies Corporation
*
* Ben Ford <bford@sangoma.com>
*
* See http://www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/
/*** MODULEINFO
<depend>pjproject</depend>
<depend>res_pjsip</depend>
<depend>res_pjsip_session</depend>
<depend>res_stir_shaken</depend>
<support_level>core</support_level>
***/
#include "asterisk.h"
#define _TRACE_PREFIX_ "pjss",__LINE__, ""
#include "asterisk/callerid.h"
#include "asterisk/res_pjsip.h"
#include "asterisk/res_pjsip_session.h"
#include "asterisk/module.h"
#include "asterisk/rtp_engine.h"
#include "asterisk/res_stir_shaken.h"
static const pj_str_t identity_hdr_str = { "Identity", 8 };
static const pj_str_t date_hdr_str = { "Date", 4 };
/* Response codes from RFC8224 */
enum sip_response_code {
SIP_RESPONSE_CODE_OK = 200,
SIP_RESPONSE_CODE_STALE_DATE = 403,
SIP_RESPONSE_CODE_USE_IDENTITY_HEADER = 428,
SIP_RESPONSE_CODE_BAD_IDENTITY_INFO = 436,
SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL = 437,
SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER = 438,
SIP_RESPONSE_CODE_USE_SUPPORTED_PASSPORT_FORMAT = 428,
SIP_RESPONSE_CODE_INTERNAL_ERROR = 500,
};
#define SIP_RESPONSE_CODE_OK_STR "OK"
/* Response strings from RFC8224 */
#define SIP_RESPONSE_CODE_STALE_DATE_STR "Stale Date"
#define SIP_RESPONSE_CODE_USE_IDENTITY_HEADER_STR "Use Identity Header"
#define SIP_RESPONSE_CODE_USE_SUPPORTED_PASSPORT_FORMAT_STR "Use Supported PASSporT Format"
#define SIP_RESPONSE_CODE_BAD_IDENTITY_INFO_STR "Bad Identity Info"
#define SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL_STR "Unsupported Credential"
#define SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER_STR "Invalid Identity Header"
#define SIP_RESPONSE_CODE_INTERNAL_ERROR_STR "Internal Error"
#define response_to_str(_code) \
case _code: \
return _code ## _STR;
static const char *sip_response_code_to_str(enum sip_response_code code)
{
switch (code) {
response_to_str(SIP_RESPONSE_CODE_OK)
response_to_str(SIP_RESPONSE_CODE_STALE_DATE)
response_to_str(SIP_RESPONSE_CODE_USE_IDENTITY_HEADER)
response_to_str(SIP_RESPONSE_CODE_BAD_IDENTITY_INFO)
response_to_str(SIP_RESPONSE_CODE_UNSUPPORTED_CREDENTIAL)
response_to_str(SIP_RESPONSE_CODE_INVALID_IDENTITY_HEADER)
default:
break;
}
return "";
}
#define translate_code(_vs_rc, _sip_rc) \
case AST_STIR_SHAKEN_VS_ ## _vs_rc: \
return SIP_RESPONSE_CODE_ ## _sip_rc;
static enum sip_response_code vs_code_to_sip_code(
enum ast_stir_shaken_vs_response_code vs_rc)
{
/*
* We want to use a switch/case statement here because
* it'll spit out an error if VS codes are added to the
* enum but aren't present here.
*/
switch (vs_rc) {
translate_code(SUCCESS, OK)
translate_code(DISABLED, OK)
translate_code(INVALID_ARGUMENTS, INTERNAL_ERROR)
translate_code(INTERNAL_ERROR, INTERNAL_ERROR)
translate_code(NO_IDENTITY_HDR, USE_IDENTITY_HEADER)
translate_code(NO_DATE_HDR, STALE_DATE)
translate_code(DATE_HDR_PARSE_FAILURE, STALE_DATE)
translate_code(DATE_HDR_EXPIRED, STALE_DATE)
translate_code(NO_JWT_HDR, INVALID_IDENTITY_HEADER)
translate_code(INVALID_OR_NO_X5U, INVALID_IDENTITY_HEADER)
translate_code(CERT_CACHE_MISS, INVALID_IDENTITY_HEADER)
translate_code(CERT_CACHE_INVALID, INVALID_IDENTITY_HEADER)
translate_code(CERT_CACHE_EXPIRED, INVALID_IDENTITY_HEADER)
translate_code(CERT_RETRIEVAL_FAILURE, BAD_IDENTITY_INFO)
translate_code(CERT_CONTENTS_INVALID, UNSUPPORTED_CREDENTIAL)
translate_code(CERT_NOT_TRUSTED, UNSUPPORTED_CREDENTIAL)
translate_code(CERT_DATE_INVALID, UNSUPPORTED_CREDENTIAL)
translate_code(CERT_NO_TN_AUTH_EXT, UNSUPPORTED_CREDENTIAL)
translate_code(CERT_NO_SPC_IN_TN_AUTH_EXT, UNSUPPORTED_CREDENTIAL)
translate_code(NO_RAW_KEY, UNSUPPORTED_CREDENTIAL)
translate_code(SIGNATURE_VALIDATION, INVALID_IDENTITY_HEADER)
translate_code(NO_IAT, INVALID_IDENTITY_HEADER)
translate_code(IAT_EXPIRED, STALE_DATE)
translate_code(INVALID_OR_NO_PPT, INVALID_IDENTITY_HEADER)
translate_code(INVALID_OR_NO_ALG, INVALID_IDENTITY_HEADER)
translate_code(INVALID_OR_NO_TYP, INVALID_IDENTITY_HEADER)
translate_code(INVALID_OR_NO_ATTEST, INVALID_IDENTITY_HEADER)
translate_code(NO_ORIGID, INVALID_IDENTITY_HEADER)
translate_code(NO_ORIG_TN, INVALID_IDENTITY_HEADER)
translate_code(NO_DEST_TN, INVALID_IDENTITY_HEADER)
translate_code(INVALID_HEADER, INVALID_IDENTITY_HEADER)
translate_code(INVALID_GRANT, INVALID_IDENTITY_HEADER)
translate_code(INVALID_OR_NO_GRANTS, INVALID_IDENTITY_HEADER)
translate_code(CID_ORIG_TN_MISMATCH, INVALID_IDENTITY_HEADER)
translate_code(RESPONSE_CODE_MAX, INVALID_IDENTITY_HEADER)
}
return 500;
}
enum process_failure_rc {
PROCESS_FAILURE_CONTINUE = 0,
PROCESS_FAILURE_REJECT,
PROCESS_FAILURE_SYSTEM_FAILURE,
};
static void reject_incoming_call(struct ast_sip_session *session,
enum sip_response_code response_code)
{
ast_sip_session_terminate(session, response_code);
ast_hangup(session->channel);
}
static enum process_failure_rc process_failure(struct ast_stir_shaken_vs_ctx *ctx,
const char *caller_id, struct ast_sip_session *session,
pjsip_rx_data *rdata, enum ast_stir_shaken_vs_response_code vs_rc)
{
enum sip_response_code response_code = vs_code_to_sip_code(vs_rc);
pj_str_t response_str;
const char *response_string =
sip_response_code_to_str(response_code);
enum stir_shaken_failure_action_enum failure_action =
ast_stir_shaken_vs_get_failure_action(ctx);
const char *tag = ast_sip_session_get_name(session);
SCOPE_ENTER(1, "%s: FA: %d RC: %d\n", tag,
failure_action, response_code);
pj_cstr(&response_str, response_string);
if (failure_action == stir_shaken_failure_action_REJECT_REQUEST) {
reject_incoming_call(session, response_code);
SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_REJECT,
"%s: Rejecting request and terminating session\n",
tag);
}
ast_stir_shaken_vs_ctx_set_response_code(ctx, vs_rc);
ast_stir_shaken_add_result_to_channel(ctx);
if (failure_action == stir_shaken_failure_action_CONTINUE_RETURN_REASON) {
int rc = ast_sip_session_add_reason_header(session,
ast_stir_shaken_vs_get_use_rfc9410_responses(ctx) ? "STIR" : "SIP",
response_code, response_str.ptr);
if (rc != 0) {
SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_SYSTEM_FAILURE,
"%s: Failed to add Reason header\n", tag);
}
SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_CONTINUE,
"%s: Attaching reason code to session\n", tag);
}
SCOPE_EXIT_RTN_VALUE(PROCESS_FAILURE_CONTINUE,
"%s: Continuing\n", tag);
}
/*!
* \internal
* \brief Session supplement callback on an incoming INVITE request
*
* When we receive an INVITE, check it for STIR/SHAKEN information and
* decide what to do from there
*
* \param session The session that has received an INVITE
* \param rdata The incoming INVITE
*/
static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_rx_data *rdata)
{
RAII_VAR(struct ast_stir_shaken_vs_ctx *, ctx, NULL, ao2_cleanup);
RAII_VAR(char *, header, NULL, ast_free);
RAII_VAR(char *, payload, NULL, ast_free);
char *identity_hdr_val;
char *date_hdr_val;
char *caller_id = session->id.number.str;
const char *session_name = ast_sip_session_get_name(session);
struct ast_channel *chan = session->channel;
enum ast_stir_shaken_vs_response_code vs_rc;
enum process_failure_rc p_rc;
SCOPE_ENTER(1, "%s: Enter\n", session_name);
/* Check if this is a reinvite. If it is, we don't need to do anything */
if (rdata->msg_info.to->tag.slen) {
SCOPE_EXIT_RTN_VALUE(0, "%s: Reinvite. No action needed\n", session_name);
}
/*
* Shortcut: If there's no callerid or profile name,
* just bail now.
*/
if (ast_strlen_zero(caller_id)
|| ast_strlen_zero(session->endpoint->stir_shaken_profile)) {
SCOPE_EXIT_RTN_VALUE(0, "%s: No callerid or profile name. No action needed\n", session_name);
}
vs_rc = ast_stir_shaken_vs_ctx_create(caller_id, chan,
session->endpoint->stir_shaken_profile,
session_name, &ctx);
if (vs_rc == AST_STIR_SHAKEN_VS_DISABLED) {
SCOPE_EXIT_RTN_VALUE(0, "%s: VS Disabled\n", session_name);
} else if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
reject_incoming_call(session, 500);
SCOPE_EXIT_RTN_VALUE(1, "%s: Unable to create context. Call terminated\n",
session_name);
}
identity_hdr_val = ast_sip_rdata_get_header_value(rdata, identity_hdr_str);
if (ast_strlen_zero(identity_hdr_val)) {
p_rc = process_failure(ctx, caller_id, session, rdata,
AST_STIR_SHAKEN_VS_NO_IDENTITY_HDR);
if (p_rc == PROCESS_FAILURE_CONTINUE) {
SCOPE_EXIT_RTN_VALUE(0, "%s: No Identity header found. Call continuing\n",
session_name);
}
SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: No Identity header found. Call terminated\n",
session_name);
}
vs_rc = ast_stir_shaken_vs_ctx_add_identity_hdr(ctx, identity_hdr_val);
if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
reject_incoming_call(session, 500);
SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Unable to add Identity header. Call terminated.\n",
session_name);
}
date_hdr_val = ast_sip_rdata_get_header_value(rdata, date_hdr_str);
if (ast_strlen_zero(date_hdr_val)) {
p_rc = process_failure(ctx, caller_id, session, rdata,
AST_STIR_SHAKEN_VS_NO_DATE_HDR);
if (p_rc == PROCESS_FAILURE_CONTINUE) {
SCOPE_EXIT_RTN_VALUE(0, "%s: No Date header found. Call continuing\n",
session_name);
}
SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: No Date header found. Call terminated\n",
session_name);
}
ast_stir_shaken_vs_ctx_add_date_hdr(ctx, date_hdr_val);
if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
reject_incoming_call(session, 500);
SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Unable to add Date header. Call terminated.\n",
session_name);
}
vs_rc = ast_stir_shaken_vs_verify(ctx);
if (vs_rc != AST_STIR_SHAKEN_VS_SUCCESS) {
p_rc = process_failure(ctx, caller_id, session, rdata, vs_rc);
if (p_rc == PROCESS_FAILURE_CONTINUE) {
SCOPE_EXIT_RTN_VALUE(0, "%s: Verification failed. Call continuing\n",
session_name);
}
SCOPE_EXIT_LOG_RTN_VALUE(1, LOG_ERROR, "%s: Verification failed. Call terminated\n",
session_name);
}
ast_stir_shaken_add_result_to_channel(ctx);
SCOPE_EXIT_RTN_VALUE(0, "Passed\n");
}
static void add_fingerprints_if_present(struct ast_sip_session *session,
struct ast_stir_shaken_as_ctx *ctx)
{
struct ast_sip_session_media_state *ms = session->pending_media_state;
struct ast_sip_session_media *m = NULL;
struct ast_rtp_engine_dtls *d = NULL;
enum ast_rtp_dtls_hash h;
int i;
const char *tag = ast_sip_session_get_name(session);
size_t count = AST_VECTOR_SIZE(&ms->sessions);
SCOPE_ENTER(4, "%s: Check %zu media sessions for fingerprints\n",
tag, count);
if (!ast_stir_shaken_as_ctx_wants_fingerprints(ctx)) {
SCOPE_EXIT_RTN("%s: Fingerprints not needed\n", tag);
}
for (i = 0; i < count; i++) {
const char *f;
m = AST_VECTOR_GET(&ms->sessions, i);
if (!m|| !m->rtp) {
ast_trace(1, "Session: %d: No session or rtp instance\n", i);
continue;
}
d = ast_rtp_instance_get_dtls(m->rtp);
h = d->get_fingerprint_hash(m->rtp);
f = d->get_fingerprint(m->rtp);
ast_stir_shaken_as_ctx_add_fingerprint(ctx,
h == AST_RTP_DTLS_HASH_SHA256 ? "sha-256" : "sha-1", f);
}
SCOPE_EXIT_RTN("%s: Done\n", tag);
}
static char *get_dest_tn(pjsip_tx_data *tdata, const char *tag)
{
pjsip_fromto_hdr *to;
pjsip_sip_uri *uri;
char *dest_tn = NULL;
SCOPE_ENTER(4, "%s: Enter\n", tag);
to = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_TO, NULL);
if (!to) {
SCOPE_EXIT_RTN_VALUE(NULL, "%s: Failed to find To header\n", tag);
}
uri = pjsip_uri_get_uri(to->uri);
if (!uri) {
SCOPE_EXIT_RTN_VALUE(NULL,
"%s: Failed to retrieve URI from To header\n", tag);
}
dest_tn = ast_malloc(uri->user.slen + 1);
if (!dest_tn) {
SCOPE_EXIT_RTN_VALUE(NULL,
"%s: Failed to allocate memory for dest_tn\n", tag);
}
/* Remove everything except 0-9, *, and # in telephone number according to RFC 8224
* (required by RFC 8225 as part of canonicalization) */
{
int i;
const char *s = uri->user.ptr;
char *new_tn = dest_tn;
/* We're only removing characters, if anything, so the buffer is guaranteed to be large enough */
for (i = 0; i < uri->user.slen; i++) {
if (isdigit(*s) || *s == '#' || *s == '*') { /* Only characters allowed */
*new_tn++ = *s;
}
s++;
}
*new_tn = '\0';
ast_trace(2, "Canonicalized telephone number " PJSTR_PRINTF_SPEC " -> %s\n",
PJSTR_PRINTF_VAR(uri->user), dest_tn);
}
SCOPE_EXIT_RTN_VALUE(dest_tn, "%s: Done\n", tag);
}
static void add_date_header(const struct ast_sip_session *session, pjsip_tx_data *tdata)
{
pjsip_fromto_hdr *old_date;
const char *session_name = ast_sip_session_get_name(session);
SCOPE_ENTER(1, "%s: Enter\n", session_name);
old_date = pjsip_msg_find_hdr_by_name(tdata->msg, &date_hdr_str, NULL);
if (old_date) {
SCOPE_EXIT_RTN("Found existing Date header, no need to add one\n");
}
ast_sip_add_date_header(tdata);
SCOPE_EXIT_RTN("Done\n");
}
static void stir_shaken_outgoing_request(struct ast_sip_session *session,
pjsip_tx_data *tdata)
{
struct ast_party_id effective_id;
struct ast_party_id connected_id;
pjsip_generic_string_hdr *old_identity;
pjsip_generic_string_hdr *identity_hdr;
pj_str_t identity_val;
char *dest_tn;
char *identity_str;
struct ast_stir_shaken_as_ctx *ctx = NULL;
enum ast_stir_shaken_as_response_code as_rc;
const char *session_name = ast_sip_session_get_name(session);
SCOPE_ENTER(1, "%s: Enter\n", session_name);
old_identity = pjsip_msg_find_hdr_by_name(tdata->msg, &identity_hdr_str, NULL);
if (old_identity) {
SCOPE_EXIT_RTN("Found an existing Identity header\n");
}
dest_tn = get_dest_tn(tdata, session_name);
if (!dest_tn) {
SCOPE_EXIT_LOG_RTN(LOG_ERROR, "%s: Unable to find destination tn\n",
session_name);
}
ast_party_id_init(&connected_id);
ast_channel_lock(session->channel);
effective_id = ast_channel_connected_effective_id(session->channel);
ast_party_id_copy(&connected_id, &effective_id);
ast_channel_unlock(session->channel);
if (!ast_sip_can_present_connected_id(session, &connected_id)) {
ast_free(dest_tn);
ast_party_id_free(&connected_id);
SCOPE_EXIT_RTN("Unable to get caller id\n");
}
as_rc = ast_stir_shaken_as_ctx_create(connected_id.number.str,
dest_tn, session->channel,
session->endpoint->stir_shaken_profile,
session_name, &ctx);
ast_free(dest_tn);
ast_party_id_free(&connected_id);
if (as_rc == AST_STIR_SHAKEN_AS_DISABLED) {
SCOPE_EXIT_RTN("%s: AS Disabled\n", session_name);
} else if (as_rc != AST_STIR_SHAKEN_AS_SUCCESS) {
SCOPE_EXIT_RTN("%s: Unable to create context\n",
session_name);
}
add_date_header(session, tdata);
add_fingerprints_if_present(session, ctx);
as_rc = ast_stir_shaken_attest(ctx, &identity_str);
if (as_rc != AST_STIR_SHAKEN_AS_SUCCESS) {
ao2_cleanup(ctx);
SCOPE_EXIT_LOG(LOG_ERROR,
"%s: Failed to create attestation\n", session_name);
}
ast_trace(1, "%s: Identity header: %s\n", session_name, identity_str);
identity_val = pj_str(identity_str);
identity_hdr = pjsip_generic_string_hdr_create(tdata->pool, &identity_hdr_str, &identity_val);
ast_free(identity_str);
if (!identity_hdr) {
ao2_cleanup(ctx);
SCOPE_EXIT_LOG_RTN(LOG_ERROR,
"%s: Unable to create Identity header\n", session_name);
}
pjsip_msg_add_hdr(tdata->msg, (pjsip_hdr *)identity_hdr);
ao2_cleanup(ctx);
SCOPE_EXIT_RTN("Done\n");
}
static struct ast_sip_session_supplement stir_shaken_supplement = {
.method = "INVITE",
.priority = AST_SIP_SUPPLEMENT_PRIORITY_CHANNEL + 1, /* Run AFTER channel creation */
.incoming_request = stir_shaken_incoming_request,
.outgoing_request = stir_shaken_outgoing_request,
};
static int unload_module(void)
{
ast_sip_session_unregister_supplement(&stir_shaken_supplement);
return 0;
}
static int load_module(void)
{
ast_sip_session_register_supplement(&stir_shaken_supplement);
return AST_MODULE_LOAD_SUCCESS;
}
#undef AST_BUILDOPT_SUM
#define AST_BUILDOPT_SUM ""
AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER, "PJSIP STIR/SHAKEN Module for Asterisk",
.support_level = AST_MODULE_SUPPORT_CORE,
.load = load_module,
.unload = unload_module,
.load_pri = AST_MODPRI_DEFAULT,
.requires = "res_pjsip,res_pjsip_session,res_stir_shaken",
);
Reference in New Issue View Git Blame Copy Permalink