[asterisk-commits] dvossel: branch dvossel/iax2keyrotation_trunk r175586 - in /team/dvossel/iax2...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Fri Feb 13 12:06:33 CST 2009 

Author: dvossel
Date: Fri Feb 13 12:06:33 2009
New Revision: 175586

URL: http://svn.digium.com/svn-view/asterisk?view=rev&rev=175586
Log:
took out keyrotate option in iax.conf.

Modified:
    team/dvossel/iax2keyrotation_trunk/channels/chan_iax2.c
    team/dvossel/iax2keyrotation_trunk/channels/iax2.h
    team/dvossel/iax2keyrotation_trunk/configs/iax.conf.sample

Modified: team/dvossel/iax2keyrotation_trunk/channels/chan_iax2.c
URL: http://svn.digium.com/svn-view/asterisk/team/dvossel/iax2keyrotation_trunk/channels/chan_iax2.c?view=diff&rev=175586&r1=175585&r2=175586
==============================================================================
--- team/dvossel/iax2keyrotation_trunk/channels/chan_iax2.c (original)
+++ team/dvossel/iax2keyrotation_trunk/channels/chan_iax2.c Fri Feb 13 12:06:33 2009
@@ -375,9 +375,8 @@
 						     response, so that we've achieved a three-way handshake with
 						     them before sending voice or anything else*/
 	IAX_ALLOWFWDOWNLOAD =   (1 << 26),	/*!< Allow the FWDOWNL command? */
-	IAX_NOKEYROTATE =       (1 << 27),	/*!< Disable key rotation with encryption */
-	IAX_IMMEDIATE =		(1 << 28),      /*!< Allow immediate off-hook to extension s */
-	IAX_FORCE_ENCRYPT =	(1 << 29),      /*!< Forces call encryption, if encryption not possible hangup */
+	IAX_IMMEDIATE =		(1 << 27),      /*!< Allow immediate off-hook to extension s */
+	IAX_FORCE_ENCRYPT =	(1 << 28),      /*!< Forces call encryption, if encryption not possible hangup */
 };
 
 static int global_rtautoclear = 120;
@@ -1940,7 +1939,7 @@
 			iaxs[x]->pingid = iax2_sched_add(sched, ping_time * 1000, send_ping, (void *)(long)x);
 			iaxs[x]->lagid = iax2_sched_add(sched, lagrq_time * 1000, send_lagrq, (void *)(long)x);
 			iaxs[x]->amaflags = amaflags;
-			ast_copy_flags(iaxs[x], &globalflags, IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE | IAX_FORCE_ENCRYPT);	
+			ast_copy_flags(iaxs[x], &globalflags, IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_FORCE_ENCRYPT);	
 			ast_string_field_set(iaxs[x], accountcode, accountcode);
 			ast_string_field_set(iaxs[x], mohinterpret, mohinterpret);
 			ast_string_field_set(iaxs[x], mohsuggest, mohsuggest);
@@ -3556,7 +3555,7 @@
 	if (peer->maxms && ((peer->lastms > peer->maxms) || (peer->lastms < 0)))
 		goto return_unref;
 
-	ast_copy_flags(cai, peer, IAX_SENDANI | IAX_TRUNK | IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE | IAX_FORCE_ENCRYPT);
+	ast_copy_flags(cai, peer, IAX_SENDANI | IAX_TRUNK | IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_FORCE_ENCRYPT);
 	cai->maxtime = peer->maxms;
 	cai->capability = peer->capability;
 	cai->encmethods = peer->encmethods;
@@ -4044,7 +4043,6 @@
 	};
 	
 	ast_mutex_lock(&iaxsl[pvt->callno]);
-
 	pvt->keyrotateid = 
 		ast_sched_thread_add(sched, 120000 + (ast_random() % 180001), iax2_key_rotate, vpvt);
 
@@ -5007,11 +5005,7 @@
 	);
 #endif
 	if (pvt->keyrotateid == -1 && f->frametype == AST_FRAME_VOICE && IAX_CALLENCRYPTED(pvt)) {
-		if (ast_test_flag(pvt, IAX_NOKEYROTATE)) {
-			pvt->keyrotateid = -2;
-		} else {
-			iax2_key_rotate(pvt);
-		}
+		iax2_key_rotate(pvt);
 	}
 
 	if ((ast_test_flag(pvt, IAX_TRUNK) || 
@@ -6221,7 +6215,7 @@
 		if (user->maxauthreq > 0)
 			ast_set_flag(iaxs[callno], IAX_MAXAUTHREQ);
 		iaxs[callno]->prefs = user->prefs;
-		ast_copy_flags(iaxs[callno], user, IAX_CODEC_USER_FIRST | IAX_IMMEDIATE | IAX_CODEC_NOPREFS | IAX_CODEC_NOCAP | IAX_NOKEYROTATE | IAX_FORCE_ENCRYPT);
+		ast_copy_flags(iaxs[callno], user, IAX_CODEC_USER_FIRST | IAX_IMMEDIATE | IAX_CODEC_NOPREFS | IAX_CODEC_NOCAP | IAX_FORCE_ENCRYPT);
 		iaxs[callno]->encmethods = user->encmethods;
 		/* Store the requested username if not specified */
 		if (ast_strlen_zero(iaxs[callno]->username))
@@ -10338,7 +10332,7 @@
 	memset(&cai, 0, sizeof(cai));
 	cai.capability = iax2_capability;
 
-	ast_copy_flags(&cai, &globalflags, IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE);
+	ast_copy_flags(&cai, &globalflags, IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF);
 	
 	/* Populate our address from the given */
 	if (create_addr(pds.peer, NULL, &sin, &cai)) {
@@ -10357,7 +10351,7 @@
 	}
 
 	/* If this is a trunk, update it now */
-	ast_copy_flags(iaxs[callno], &cai, IAX_TRUNK | IAX_SENDANI | IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE);
+	ast_copy_flags(iaxs[callno], &cai, IAX_TRUNK | IAX_SENDANI | IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF);
 	if (ast_test_flag(&cai, IAX_TRUNK)) {
 		int new_callno;
 		if ((new_callno = make_trunk(callno, 1)) != -1)
@@ -10668,9 +10662,6 @@
 
 	if (peer) {
 		if (firstpass) {
-			if (ast_test_flag(&globalflags, IAX_NOKEYROTATE)) {
-				ast_copy_flags(peer, &globalflags, IAX_NOKEYROTATE);
-			}
 			ast_copy_flags(peer, &globalflags, IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_FORCE_ENCRYPT);
 			peer->encmethods = iax2_encryption;
 			peer->adsi = adsi;
@@ -10732,13 +10723,6 @@
 					if (peer->encmethods) {
 						ast_set_flag(peer, IAX_FORCE_ENCRYPT);
 					}
-				}
-			} else if (!strcasecmp(v->name, "keyrotate")) {
-				if (ast_false(v->value)) {
-					ast_set_flag(peer, IAX_NOKEYROTATE);
-				} else {
-					peer->encmethods |= IAX_ENCRYPT_KEYROTATE;
-					ast_clear_flag(peer, IAX_NOKEYROTATE);
 				}
 			} else if (!strcasecmp(v->name, "transfer")) {
 				if (!strcasecmp(v->value, "mediaonly")) {
@@ -10949,7 +10933,7 @@
 			user->adsi = adsi;
 			ast_string_field_set(user, name, name);
 			ast_string_field_set(user, language, language);
-			ast_copy_flags(user, &globalflags, IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_CODEC_USER_FIRST | IAX_CODEC_NOPREFS | IAX_CODEC_NOCAP | IAX_NOKEYROTATE | IAX_FORCE_ENCRYPT);	
+			ast_copy_flags(user, &globalflags, IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_CODEC_USER_FIRST | IAX_CODEC_NOPREFS | IAX_CODEC_NOCAP | IAX_FORCE_ENCRYPT);	
 			ast_clear_flag(user, IAX_HASCALLERID);
 			ast_string_field_set(user, cid_name, "");
 			ast_string_field_set(user, cid_num, "");
@@ -11006,13 +10990,6 @@
 					if (user->encmethods) {
 						ast_set_flag(user, IAX_FORCE_ENCRYPT);
 					}
-				}
-			} else if (!strcasecmp(v->name, "keyrotate")) {
-				if (ast_false(v->value)) {
-					ast_set_flag(user, IAX_NOKEYROTATE);
-				} else {
-					user->encmethods = IAX_ENCRYPT_KEYROTATE;
-					ast_clear_flag(user, IAX_NOKEYROTATE);
 				}
 			} else if (!strcasecmp(v->name, "transfer")) {
 				if (!strcasecmp(v->value, "mediaonly")) {
@@ -11278,6 +11255,9 @@
 	/* Reset Global Flags */
 	memset(&globalflags, 0, sizeof(globalflags));
 	ast_set_flag(&globalflags, IAX_RTUPDATE);
+	
+	/* Turns on support for key rotation during encryption. */
+	iax2_encryption |= IAX_ENCRYPT_KEYROTATE;
 #ifdef SO_NO_CHECK
 	nochecksums = 0;
 #endif
@@ -11398,13 +11378,6 @@
 				if (iax2_encryption) {
 					ast_set_flag((&globalflags), IAX_FORCE_ENCRYPT);
 				}
-			}
-		} else if (!strcasecmp(v->name, "keyrotate")) {
-			if (ast_false(v->value)) {
-				ast_set_flag((&globalflags), IAX_NOKEYROTATE);
-			} else {
-				iax2_encryption |= IAX_ENCRYPT_KEYROTATE; 
-				ast_clear_flag((&globalflags), IAX_NOKEYROTATE);
 			}
 		} else if (!strcasecmp(v->name, "transfer")) {
 			if (!strcasecmp(v->value, "mediaonly")) {

Modified: team/dvossel/iax2keyrotation_trunk/channels/iax2.h
URL: http://svn.digium.com/svn-view/asterisk/team/dvossel/iax2keyrotation_trunk/channels/iax2.h?view=diff&rev=175586&r1=175585&r2=175586
==============================================================================
--- team/dvossel/iax2keyrotation_trunk/channels/iax2.h (original)
+++ team/dvossel/iax2keyrotation_trunk/channels/iax2.h Fri Feb 13 12:06:33 2009
@@ -187,7 +187,7 @@
 #define IAX_AUTH_RSA				(1 << 2)
 
 #define IAX_ENCRYPT_AES128			(1 << 0)
-#define IAX_ENCRYPT_KEYROTATE			(1 << 1)
+#define IAX_ENCRYPT_KEYROTATE			(1 << 15)       /*!< Keyrotation support */
 
 #define IAX_META_TRUNK				1		/*!< Trunk meta-message */
 #define IAX_META_VIDEO				2		/*!< Video frame */

Modified: team/dvossel/iax2keyrotation_trunk/configs/iax.conf.sample
URL: http://svn.digium.com/svn-view/asterisk/team/dvossel/iax2keyrotation_trunk/configs/iax.conf.sample?view=diff&rev=175586&r1=175585&r2=175586
==============================================================================
--- team/dvossel/iax2keyrotation_trunk/configs/iax.conf.sample (original)
+++ team/dvossel/iax2keyrotation_trunk/configs/iax.conf.sample Fri Feb 13 12:06:33 2009
@@ -180,12 +180,6 @@
 ; encryption.  By turning this option on, encryption is automatically turned on as well.  
 ;
 ; forceencryption = yes
-;
-; This is a compatibility option for older versions of IAX2 that do not support
-; key rotation with encryption.  This option will disable the IAX_COMMAND_RTENC message.
-; default is on
-;
-; keyrotate=off
 
 ; This option defines the maximum size an IAX2 trunk can grow to. The default value is 128000 bytes which
 ; represents 40ms uncompressed linear with 200 channels. Depending on different things though

More information about the asterisk-commits mailing list