[asterisk-dev] [Code Review] Randomize IAX2 encryption padding

Russell Bryant russell at digium.com
Fri Mar 13 13:40:21 CDT 2009


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/193/#review543
-----------------------------------------------------------



/trunk/channels/chan_iax2.c
<http://reviewboard.digium.com/r/193/#comment1271>

    trailing whitespace on this line



/trunk/channels/chan_iax2.c
<http://reviewboard.digium.com/r/193/#comment1272>

    I would use ssize_t (Note, not size_t) for len



/trunk/channels/chan_iax2.c
<http://reviewboard.digium.com/r/193/#comment1273>

    I think you can simplify this a bit.  You could do something like this ...
    
    for (tmp = ast_random(); len > 0; tmp = ast_random()) {
        memcpy(buf, (unsigned char *) &tmp, (len > sizeof(tmp)) ? sizeof(tmp) : len);
        buf += sizeof(tmp);
        len -= sizeof(tmp);
    }


- Russell


On 2009-03-13 11:58:28, David Vossel wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.digium.com/r/193/
> -----------------------------------------------------------
> 
> (Updated 2009-03-13 11:58:28)
> 
> 
> Review request for Asterisk Developers and Russell Bryant.
> 
> 
> Summary
> -------
> 
> The 16-32 byte random padding at the beginning of an encrypted IAX2 frame turns out to not be all that random at all.  This patch calls ast_random to fill the padding buffer with random data.  The padding is randomized at the beginning of every encrypted call and for every encrypted retransmit frame.
> 
> 
> Diffs
> -----
> 
>   /trunk/channels/chan_iax2.c 181963 
> 
> Diff: http://reviewboard.digium.com/r/193/diff
> 
> 
> Testing
> -------
> 
> ran an encrypted call, everything worked as expected. 
> 
> 
> Thanks,
> 
> David
> 
>




More information about the asterisk-dev mailing list