[Asterisk-code-review] chan_iax2: Prevent crash if dialing RSA-only call without outkey. (asterisk[master])

N A asteriskteam at digium.com
Tue Apr 26 17:36:13 CDT 2022 

Attention is currently required from: N A.
Hello Joshua Colp, Kevin Harwell, Friendly Automation, 

I'd like you to reexamine a change. Please visit

    https://gerrit.asterisk.org/c/asterisk/+/18363

to look at the new patch set (#2).

Change subject: chan_iax2: Prevent crash if dialing RSA-only call without outkey.
......................................................................

chan_iax2: Prevent crash if dialing RSA-only call without outkey.

Currently, if attempting to place a call to a peer that only allows
RSA authentication, if we fail to provide an outkey when placing
the call, Asterisk will crash.

This exposes the broader issue that IAX2 is prone to causing a crash
if encryption or decryption is attempted but we never initialized
the encryption and decryption keys. In other words, if the logic
to use encryption in chan_iax2 is not perfectly aligned with the
decision to build keys in the first place, then a crash is not
only possible but probable. This was demonstrated by ASTERISK_29264,
for instance.

This permanently prevents such events from causing a crash by explicitly
checking that keys are initialized properly before setting the flags
to use encryption for the call. Instead of crashing, the call will
now abort.

ASTERISK-30007 #close

Change-Id: If925c3d86099ceac7f621804f2532baac5050c9a
---
M channels/chan_iax2.c
1 file changed, 23 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/63/18363/2
-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/18363
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: If925c3d86099ceac7f621804f2532baac5050c9a
Gerrit-Change-Number: 18363
Gerrit-PatchSet: 2
Gerrit-Owner: N A <mail at interlinked.x10host.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-Attention: N A <mail at interlinked.x10host.com>
Gerrit-MessageType: newpatchset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20220426/ad507200/attachment.html>

More information about the asterisk-code-review mailing list