[asterisk-commits] bbryant: branch bbryant/iax2_rotation r115332 - /team/bbryant/iax2_rotation/c...
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon May 5 17:36:37 CDT 2008
Author: bbryant
Date: Mon May 5 17:36:36 2008
New Revision: 115332
URL: http://svn.digium.com/view/asterisk?view=rev&rev=115332
Log:
Update iax2 rotation branch to start the testing phase after compiling it.
Modified:
team/bbryant/iax2_rotation/channels/chan_iax2.c
team/bbryant/iax2_rotation/channels/iax2.h
Modified: team/bbryant/iax2_rotation/channels/chan_iax2.c
URL: http://svn.digium.com/view/asterisk/team/bbryant/iax2_rotation/channels/chan_iax2.c?view=diff&rev=115332&r1=115331&r2=115332
==============================================================================
--- team/bbryant/iax2_rotation/channels/chan_iax2.c (original)
+++ team/bbryant/iax2_rotation/channels/chan_iax2.c Mon May 5 17:36:36 2008
@@ -543,6 +543,11 @@
unsigned char iseqno;
/*! Last incoming sequence number we have acknowledged */
unsigned char aseqno;
+ /*! time_t when RENEW is sent to change encryption key ...
+ * XXX (document more)
+ * TODO: figure out a way to calculate time based on
+ * something other than time() / time_t */
+ time_t rotatetimer;
AST_DECLARE_STRING_FIELDS(
/*! Peer name */
@@ -4567,6 +4572,44 @@
}
} else
res = decode_frame(&iaxs[callno]->dcx, fh, f, datalen);
+ return res;
+}
+
+static int iax2_rotate(struct chan_iax2_pvt *pvt, struct iax_ies *ies)
+{
+ struct MD5Context md5;
+ unsigned char digest[16];
+
+ MD5Init(&md5);
+ MD5Update(&md5, (unsigned char *)ies->challenge, strlen(ies->challenge));
+ MD5Final(digest, &md5);
+
+ ast_aes_decrypt_key((unsigned char *)ies->challenge, &pvt->dcx);
+
+ return 0;
+}
+
+static int iax2_send_rotate(struct chan_iax2_pvt *pvt)
+{
+ struct iax_ie_data ied;
+ struct MD5Context md5;
+ char challenge[11] = "";
+ unsigned char digest[16];
+ int res = 0;
+
+ memset(&ied, 0, sizeof(ied));
+
+ snprintf(challenge, sizeof(challenge), "%x", (int)ast_random());
+
+ iax_ie_append_raw(&ied, IAX_IE_CHALLENGE, challenge, sizeof(challenge)-1);
+ res = send_command(pvt, AST_FRAME_IAX, IAX_COMMAND_ROTATE, 0, ied.buf, ied.pos, -1);
+
+ MD5Init(&md5);
+ MD5Update(&md5, (unsigned char *)challenge, sizeof(challenge));
+ MD5Final(digest, &md5);
+
+ ast_aes_encrypt_key(digest, &pvt->ecx);
+
return res;
}
@@ -4699,15 +4742,21 @@
pvt->svideoformat = f->subclass & ~0x1;
if (ast_test_flag(pvt, IAX_ENCRYPTED)) {
if (ast_test_flag(pvt, IAX_KEYPOPULATED)) {
+ if (!pvt->rotatetimer <= time(NULL)) {
+ pvt->rotatetimer += ((pvt->rotatetimer) ? 0 : time(NULL)) + ((ast_random() % 3) + 2) * 3600;
+ iax2_send_rotate(pvt);
+ }
+
if (iaxdebug) {
if (fr->transfer)
iax_showframe(fr, NULL, 2, &pvt->transfer, fr->datalen - sizeof(struct ast_iax2_full_hdr));
else
iax_showframe(fr, NULL, 2, &pvt->addr, fr->datalen - sizeof(struct ast_iax2_full_hdr));
}
+
encrypt_frame(&pvt->ecx, fh, pvt->semirand, &fr->datalen);
} else
- ast_log(LOG_WARNING, "Supposed to send packet encrypted, but no key?\n");
+ ast_log(LOG_WARNING, "Supposed to send packet encrypted, but no key? (no shared key found?)\n");
}
if (now) {
@@ -5964,7 +6013,7 @@
iax_ie_append_short(&ied, IAX_IE_AUTHMETHODS, p->authmethods);
if (p->authmethods & (IAX_AUTH_MD5 | IAX_AUTH_RSA)) {
- snprintf(challenge, sizeof(challenge), "%d", (int)ast_random());
+ snprintf(challenge, sizeof(challenge), (ast_random() & 1) ? "%x" : "%X" , (int)ast_random());
ast_string_field_set(p, challenge, challenge);
/* snprintf(p->challenge, sizeof(p->challenge), "%d", (int)ast_random()); */
iax_ie_append_str(&ied, IAX_IE_CHALLENGE, p->challenge);
@@ -9257,6 +9306,13 @@
return 1;
}
break;
+ case IAX_COMMAND_ROTATE:
+ if (!ast_test_flag(iaxs[fr->callno], IAX_ENCRYPTED) || !ast_test_flag(iaxs[fr->callno], IAX_KEYPOPULATED)) {
+ break;
+ }
+
+ iax2_rotate(iaxs[fr->callno], &ies);
+ break;
default:
ast_debug(1, "Unknown IAX command %d on %d/%d\n", f.subclass, fr->callno, iaxs[fr->callno]->peercallno);
memset(&ied0, 0, sizeof(ied0));
Modified: team/bbryant/iax2_rotation/channels/iax2.h
URL: http://svn.digium.com/view/asterisk/team/bbryant/iax2_rotation/channels/iax2.h?view=diff&rev=115332&r1=115331&r2=115332
==============================================================================
--- team/bbryant/iax2_rotation/channels/iax2.h (original)
+++ team/bbryant/iax2_rotation/channels/iax2.h Mon May 5 17:36:36 2008
@@ -109,6 +109,8 @@
IAX_COMMAND_FWDATA = 37,
/*! Transfer media only */
IAX_COMMAND_TXMEDIA = 38,
+ /*! Rotate Encryption */
+ IAX_COMMAND_ROTATE = 39,
};
/*! By default require re-registration once per minute */
More information about the asterisk-commits
mailing list