[asterisk-commits] mjordan: trunk r434563 - in /trunk: ./ channels/ configs/samples/

Fri Apr 10 07:23:51 CDT 2015

Author: mjordan
Date: Fri Apr 10 07:23:42 2015
New Revision: 434563

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=434563
Log:
channels/chan_iax2: Add a configuration parameter for call token expiration

This patch adds a new configuration parameter, 'calltokenexpiration', that
controls how long before an authentication call token is expired. The default
maintains the RFC specified 10 seconds. Setting it to a higher value may be
useful in lossy networks.

Review: https://reviewboard.asterisk.org/r/4588

ASTERISK-24939 #close
Reported by: Y Ateya
patches:
  ctoken_configuration.diff submitted by Y Ateya (License 6693)

Modified:
    trunk/CHANGES
    trunk/channels/chan_iax2.c
    trunk/configs/samples/iax.conf.sample

Modified: trunk/CHANGES
URL: http://svnview.digium.com/svn/asterisk/trunk/CHANGES?view=diff&rev=434563&r1=434562&r2=434563
==============================================================================

--- trunk/CHANGES (original)
+++ trunk/CHANGES Fri Apr 10 07:23:42 2015
@@ -46,6 +46,10 @@
  * The iax.conf forcejitterbuffer option has been removed.  It is now always
    forced if you set iax.conf jitterbuffer=yes.  If you put a jitter buffer
    on a channel it will be on the channel.
+ * A new configuration parameters, 'calltokenexpiration', has been added that
+   controls the duration before a call token expires. Default duration is 10
+   seconds. Setting this to a higher value may help in lagged networks or those
+   experiencing high packet loss.
 
 chan_sip
 ------------------

Modified: trunk/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/trunk/channels/chan_iax2.c?view=diff&rev=434563&r1=434562&r2=434563
==============================================================================
--- trunk/channels/chan_iax2.c (original)
+++ trunk/channels/chan_iax2.c Fri Apr 10 07:23:42 2015
@@ -918,7 +918,7 @@
 
 static int randomcalltokendata;
 
-static const time_t MAX_CALLTOKEN_DELAY = 10;
+static time_t max_calltoken_delay = 10;
 
 /*!
  * This module will get much higher performance when doing a lot of
@@ -4934,7 +4934,7 @@
 		if (strcmp(hash, rec_hash)) {
 			ast_log(LOG_WARNING, "Address %s failed CallToken hash inspection\n", ast_sockaddr_stringify(addr));
 			goto reject; /* received hash does not match ours, reject */
-		} else if ((t < rec_time) || ((t - rec_time) >= MAX_CALLTOKEN_DELAY)) {
+		} else if ((t < rec_time) || ((t - rec_time) >= max_calltoken_delay)) {
 			ast_log(LOG_WARNING, "Too much delay in IAX2 calltoken timestamp from address %s\n", ast_sockaddr_stringify(addr));
 			goto reject; /* too much delay, reject */
 		}
@@ -13734,7 +13734,15 @@
 			if (add_calltoken_ignore(v->value)) {
 				ast_log(LOG_WARNING, "Invalid calltokenoptional address range - '%s' line %d\n", v->value, v->lineno);
 			}
-		} else if (!strcasecmp(v->name, "subscribe_network_change_event")) {
+		} else if (!strcasecmp(v->name, "calltokenexpiration")) {
+			int temp = -1;
+			sscanf(v->value, "%u", &temp);
+			if( temp <= 0 ){
+				ast_log(LOG_WARNING, "Invalid calltokenexpiration value %s. Should be integer greater than 0.\n", v->value);
+			} else {
+				max_calltoken_delay = temp;
+			}
+		}  else if (!strcasecmp(v->name, "subscribe_network_change_event")) {
 			if (ast_true(v->value)) {
 				subscribe_network_change = 1;
 			} else if (ast_false(v->value)) {

Modified: trunk/configs/samples/iax.conf.sample
URL: http://svnview.digium.com/svn/asterisk/trunk/configs/samples/iax.conf.sample?view=diff&rev=434563&r1=434562&r2=434563
==============================================================================
--- trunk/configs/samples/iax.conf.sample (original)
+++ trunk/configs/samples/iax.conf.sample Fri Apr 10 07:23:42 2015
@@ -431,6 +431,10 @@
 ;
 ;requirecalltoken=no
 ;
+; Maximum time allowed for call token authentication handshaking. Default is 10 seconds.
+; Use higher values in lagged or high packet loss networks.
+;
+;calltokenexpiration=10
 
 ;
 ; These options are used to limit the amount of call numbers allocated to a


