[Asterisk-code-review] core_local: Local calls are always secure. (asterisk[16])

Joshua Colp asteriskteam at digium.com
Wed Apr 29 13:06:44 CDT 2020


Joshua Colp has submitted this change. ( https://gerrit.asterisk.org/c/asterisk/+/14344 )

Change subject: core_local: Local calls are always secure.
......................................................................

core_local: Local calls are always secure.

In a Dialplan, the channel drivers 'chan_sip' and 'chan_iax2' support
the channel items 'secure_bridge_media' and 'secure_bridge_signaling'.
That way, a channel can be forced to use encryption even if not
specified in its configuration.

However, when the Local Proxy kicks in, for example, in case of a
forwarding (SIP status 302), Local Proxy stated it does not know those
items. Consequently, such a call could not be proxied how clever your
Dialplan was. Because local calls within Asterisk are always secure,
Local Proxy accepts such a request now.

ASTERISK-22920

Change-Id: I4c143bb70f686790953cc04c5a4b810bbb03636c
---
M main/core_local.c
1 file changed, 13 insertions(+), 1 deletion(-)

Approvals:
  Joshua Colp: Looks good to me, but someone else must approve; Approved for Submit
  Kevin Harwell: Looks good to me, approved



diff --git a/main/core_local.c b/main/core_local.c
index 6a4a963..fa69169 100644
--- a/main/core_local.c
+++ b/main/core_local.c
@@ -142,6 +142,7 @@
 static void local_optimization_started_cb(struct ast_unreal_pvt *base, struct ast_channel *source,
 		enum ast_unreal_channel_indicator dest, unsigned int id);
 static void local_optimization_finished_cb(struct ast_unreal_pvt *base, int success, unsigned int id);
+static int local_setoption(struct ast_channel *chan, int option, void *data, int datalen);
 
 static struct ast_manager_event_blob *local_message_to_ami(struct stasis_message *msg);
 
@@ -185,7 +186,7 @@
 	.send_text = ast_unreal_sendtext,
 	.devicestate = local_devicestate,
 	.queryoption = ast_unreal_queryoption,
-	.setoption = ast_unreal_setoption,
+	.setoption = local_setoption,
 };
 
 /*! What to do with the ;2 channel when ast_call() happens. */
@@ -1083,3 +1084,14 @@
 	ast_register_cleanup(local_shutdown);
 	return 0;
 }
+
+int local_setoption(struct ast_channel *ast, int option, void *data, int datalen)
+{
+	switch (option) {
+	case AST_OPTION_SECURE_SIGNALING:
+	case AST_OPTION_SECURE_MEDIA:
+			return 0; /* local calls (like forwardings) are secure always */
+	default:
+			return ast_unreal_setoption(ast, option, data, datalen);
+	}
+}

-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/14344
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: I4c143bb70f686790953cc04c5a4b810bbb03636c
Gerrit-Change-Number: 14344
Gerrit-PatchSet: 2
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200429/9033ec15/attachment-0001.html>


More information about the asterisk-code-review mailing list