[asterisk-bugs] [Asterisk 0013285]: New config parameter to enforce encryption
Asterisk Bug Tracker
noreply at bugs.digium.com
Mon Jan 26 22:25:58 CST 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=13285
======================================================================
Reported By: sgofferj
Assigned To: dvossel
======================================================================
Project: Asterisk
Issue ID: 13285
Category: Channels/chan_iax2
Reproducibility: N/A
Severity: feature
Priority: normal
Status: assigned
Asterisk Version: SVN
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2008-08-11 12:02 CDT
Last Modified: 2009-01-26 22:25 CST
======================================================================
Summary: New config parameter to enforce encryption
Description:
Currently, Asterisk does not indicate in any way if an IAX connection is
really encrypted. Even the (E) in iax2 show peers only indicates the
configured capability.
In sensitive environments it is imperative to know if a call is actually
encrypted.
Therefore I'd like to suggest a new directive per peer for iax.conf:
forceencryption=(yes|no)
The directive will cause a call not to be set up (=fail) if not both sides
agree on encryption.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0013284 New application to indicate if a call i...
======================================================================
----------------------------------------------------------------------
(0098814) russell (administrator) - 2009-01-26 22:25
http://bugs.digium.com/view.php?id=13285#c98814
----------------------------------------------------------------------
dvossel,
I've had this on my list for a while now but have not had a chance to work
on it. I think it would be a good feature for you to work on.
There are actually a few things related to this that we should consider.
First, we need an option to force all calls to a specific IAX2 peer to be
encrypted. That will satisfy the feature request posted here.
While we're on the topic, we should also look at adding a way to be able
to detect from the dialplan whether the incoming call is encrypted or not.
Terry Wilson has been working on some somewhat related code for SRTP. We
should talk to him to see what configuration directives he has in that
branch. If he has implemented some dialplan parts, we should try to make
the IAX2 version as similar as possible for consistency.
Issue History
Date Modified Username Field Change
======================================================================
2009-01-26 22:25 russell Note Added: 0098814
======================================================================
More information about the asterisk-bugs
mailing list