[asterisk-dev] libjwt is being added to the 'third-party' packages (Attention Asterisk Package Maintainers!)

George Joseph gjoseph at sangoma.com
Tue Sep 26 10:16:29 CDT 2023 

On Tue, Sep 26, 2023 at 8:56 AM Jaco Kroon <jaco at uls.co.za> wrote:

> Hi George,
>
> Is the default to build STIR/SHAKEN if libjwt is found, or will it fail by
> default?
>
It will build by default if libjwt >= 1.15.3 is found on the build system
or if '--with-libjwt-bundled' is specified on the configure command line.

> In other words, on systems where libjwt is not available, is special
> action required to order to build?  Does this vary based on whether libjwt
> can be found or not?
>
If libjwt >= 1.15.3 is not found on the build system and
'--with-libjwt-bundled' was not specified on the configure command line,
then res_stir_shaken will be disabled.  The build will otherwise proceed
normally.  If you do a 'make cmenuselect' you'll see that res_stir_shaken
has 'XXX' next to it and won't be selectable.

Does that make sense?

> Kind regards,
> Jaco
> On 2023/09/26 16:46, George Joseph wrote:
>
> With our effort to harden Asterisk's STIR/SHAKEN implementation, we're
> adding a new package (libjwt: JSON WebToken) to the third-party directory
> next to jansson and pjproject.  Using libjwt allows us to remove the custom
> code (which isn't reliable) in res_stir_shaken that handles the assembly of
> the JWT and associated signature process that STIR/SHAKEN relies upon and
> delegate that to libjwt.  We're including it in third-party because some
> distros don't include that package and those that do are several releases
> behind the latest.  The minimum supported version will be 1.15.3 which is
> the current libjwt version.
>
> Since libjwt will be only used by res_stir_shaken at this time, it's not a
> hard requirement to build asterisk as a whole and isn't included in the
> install_prereq script.  If you want to build res_stir_shaken however, your
> build system must have libjwt >= 1.15.3 installed or you'll need to specify
> '--with-libjwt-bundled' on the ./configure command line.  As with jansson
> and pjproject, you can pre-download the libjwt tarball (
> https://raw.githubusercontent.com/asterisk/third-party/master/libjwt/1.15.3/libjwt-1.15.3.tar.gz)
> and use the '--with-download-cache' configure option to point to the
> directory containing the tarball.
>
> We are planning this change for the next releases of Asterisk 18 and 20
> and the first release of Asterisk 21.
>
> --
> George Joseph
> Asterisk Software Developer
> Sangoma Technologies
> Check us out at www.sangoma.com and www.asterisk.org
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>
> asterisk-dev mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20230926/cfbc7991/attachment.html>

More information about the asterisk-dev mailing list