[Asterisk-code-review] core_local: Local calls are always secure. (asterisk[master])

Mon Apr 27 10:29:43 CDT 2020

Alexander Traud has uploaded this change for review. ( https://gerrit.asterisk.org/c/asterisk/+/14327 )


Change subject: core_local: Local calls are always secure.
......................................................................

core_local: Local calls are always secure.

In a Dialplan, the channel drivers 'chan_sip' and 'chan_iax2' support
the channel items 'secure_bridge_media' and 'secure_bridge_signaling'.
That way, a channel can be forced to use encryption even if not
specified in its configuration.

However, when the Local Proxy kicks in, for example, in case of a
forwarding (SIP status 302), Local Proxy stated it does not know those
items. Consequently, such a call could not be proxied how clever your
Dialplan was. Because local calls within Asterisk are always secure,
Local Proxy accepts such a request now.

ASTERISK-22920

Change-Id: I4c143bb70f686790953cc04c5a4b810bbb03636c
---
M main/core_local.c
1 file changed, 13 insertions(+), 1 deletion(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/27/14327/1

diff --git a/main/core_local.c b/main/core_local.c
index ae28106..0193c71 100644
--- a/main/core_local.c
+++ b/main/core_local.c
@@ -142,6 +142,7 @@
 static void local_optimization_started_cb(struct ast_unreal_pvt *base, struct ast_channel *source,
 		enum ast_unreal_channel_indicator dest, unsigned int id);
 static void local_optimization_finished_cb(struct ast_unreal_pvt *base, int success, unsigned int id);
+static int local_setoption(struct ast_channel *chan, int option, void *data, int datalen);
 
 static struct ast_manager_event_blob *local_message_to_ami(struct stasis_message *msg);
 
@@ -185,7 +186,7 @@
 	.send_text = ast_unreal_sendtext,
 	.devicestate = local_devicestate,
 	.queryoption = ast_unreal_queryoption,
-	.setoption = ast_unreal_setoption,
+	.setoption = local_setoption,
 };
 
 /*! What to do with the ;2 channel when ast_call() happens. */
@@ -1083,3 +1084,14 @@
 	ast_register_cleanup(local_shutdown);
 	return 0;
 }
+
+int local_setoption(struct ast_channel *ast, int option, void *data, int datalen)
+{
+	switch (option) {
+	case AST_OPTION_SECURE_SIGNALING:
+	case AST_OPTION_SECURE_MEDIA:
+			return 0; /* local calls (like forwardings) are secure always */
+	default:
+			return ast_unreal_setoption(ast, option, data, datalen);
+	}
+}

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/14327
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: I4c143bb70f686790953cc04c5a4b810bbb03636c
Gerrit-Change-Number: 14327
Gerrit-PatchSet: 1
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-MessageType: newchange
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200427/7934cb22/attachment.html>
