[asterisk-dev] [Code Review] Added Force Encrypt option to iax.conf

David Vossel dvossel at digium.com
Thu Feb 12 10:46:55 CST 2009


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/150/
-----------------------------------------------------------

(Updated 2009-02-12 10:46:55.708503)


Review request for Asterisk Developers and Russell Bryant.


Changes
-------

Fixed issue with force encryption being ignored when no secret is present for authentication.  When a call is comming in, force encrypt is checked while processing the NEW frame.  if no secret is present for the context the call is going to, the call is rejected.  When a call is going out it is checked in the iax2_call function.  If no secret is present, no attempt to connect is made. 

zombies. 


Summary
-------

There was a feature request to add any option into iax.conf to force encryption... so I made it. Basically if force encryption is enabled, encryption is enabled as well.  Encryption is checked during the processing of the AUTHREQ and AUTHREP frames.  If the encryption ie isn't present from the other side during this process, the call is terminated. When a call is placed to the box, the NEW frame contains the encryption method, so the authenticate_verify() function used during AUTHREP processing only checks to see if encryption method has been set rather than if the encryption ie is present.   When a call is placed from the box, the AUTHREQ message must contain the encryption ie in response to our NEW request or the call is terminated.  this check is in the authenticate_reply() function. 


Diffs (updated)
-----

  /trunk/channels/chan_iax2.c 174884 

Diff: http://reviewboard.digium.com/r/150/diff


Testing
-------


Thanks,

David




More information about the asterisk-dev mailing list