[svn-commits] dvossel: branch dvossel/iax2encryption_trunk r174768 - /team/dvossel/iax2encr...

SVN commits to the Digium repositories svn-commits at lists.digium.com
Tue Feb 10 15:53:45 CST 2009


Author: dvossel
Date: Tue Feb 10 15:53:45 2009
New Revision: 174768

URL: http://svn.digium.com/svn-view/asterisk?view=rev&rev=174768
Log:
iax2 forceencrypt progress

Modified:
    team/dvossel/iax2encryption_trunk/channels/chan_iax2.c

Modified: team/dvossel/iax2encryption_trunk/channels/chan_iax2.c
URL: http://svn.digium.com/svn-view/asterisk/team/dvossel/iax2encryption_trunk/channels/chan_iax2.c?view=diff&rev=174768&r1=174767&r2=174768
==============================================================================
--- team/dvossel/iax2encryption_trunk/channels/chan_iax2.c (original)
+++ team/dvossel/iax2encryption_trunk/channels/chan_iax2.c Tue Feb 10 15:53:45 2009
@@ -1940,8 +1940,7 @@
 			iaxs[x]->pingid = iax2_sched_add(sched, ping_time * 1000, send_ping, (void *)(long)x);
 			iaxs[x]->lagid = iax2_sched_add(sched, lagrq_time * 1000, send_lagrq, (void *)(long)x);
 			iaxs[x]->amaflags = amaflags;
-			ast_copy_flags(iaxs[x], &globalflags, IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE);
-			
+			ast_copy_flags(iaxs[x], &globalflags, IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE | IAX_FORCE_ENCRYPT);
 			ast_string_field_set(iaxs[x], accountcode, accountcode);
 			ast_string_field_set(iaxs[x], mohinterpret, mohinterpret);
 			ast_string_field_set(iaxs[x], mohsuggest, mohsuggest);
@@ -3557,7 +3556,7 @@
 	if (peer->maxms && ((peer->lastms > peer->maxms) || (peer->lastms < 0)))
 		goto return_unref;
 
-	ast_copy_flags(cai, peer, IAX_SENDANI | IAX_TRUNK | IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE);
+	ast_copy_flags(cai, peer, IAX_SENDANI | IAX_TRUNK | IAX_NOTRANSFER | IAX_TRANSFERMEDIA | IAX_USEJITTERBUF | IAX_FORCEJITTERBUF | IAX_NOKEYROTATE | IAX_FORCE_ENCRYPT);
 	cai->maxtime = peer->maxms;
 	cai->capability = peer->capability;
 	cai->encmethods = peer->encmethods;
@@ -6226,8 +6225,9 @@
 		ast_copy_flags(iaxs[callno], user, IAX_IMMEDIATE);
 		ast_copy_flags(iaxs[callno], user, IAX_CODEC_NOPREFS);
 		ast_copy_flags(iaxs[callno], user, IAX_CODEC_NOCAP);
+		iaxs[callno]->encmethods = user->encmethods;
 		ast_copy_flags(iaxs[callno], user, IAX_NOKEYROTATE);
-		iaxs[callno]->encmethods = user->encmethods;
+		ast_copy_flags(iaxs[callno], user, IAX_FORCE_ENCRYPT);
 		/* Store the requested username if not specified */
 		if (ast_strlen_zero(iaxs[callno]->username))
 			ast_string_field_set(iaxs[callno], username, user->name);
@@ -6404,7 +6404,10 @@
 		ast_string_field_set(p, host, user->name);
 		user = user_unref(user);
 	}
-
+	if (ast_test_flag(p, IAX_FORCE_ENCRYPT) && !ies->encmethods){
+		ast_log(LOG_NOTICE, "Call Terminated, Incomming call is unencrypted while force encrypt is enabled.");
+		return res;
+	}
 	if (!ast_test_flag(&p->state, IAX_STATE_AUTHENTICATED))
 		return res;
 	if (ies->password)
@@ -6665,7 +6668,6 @@
 	/* Start pessimistic */
 	int res = -1;
 	int authmethods = 0;
-	int force_encryption = 0;
 	struct iax_ie_data ied;
 	uint16_t callno = p->callno;
 
@@ -6698,8 +6700,6 @@
 				) {
 				res = authenticate(p->challenge, peer->secret, peer->outkey, authmethods, &ied, sin, &p->ecx, &p->dcx);
 				if (!res) {
-					force_encryption = ast_test_flag(peer, IAX_FORCE_ENCRYPT);
-					ast_log(LOG_NOTICE, "Force Encrpytion is: %d", force_encryption); // to do remove this
 					peer_unref(peer);
 					break;
 				}
@@ -6727,13 +6727,12 @@
 			}
 		}
 	}
+
 	if (ies->encmethods) {
-		ast_log(LOG_NOTICE, "ENCRYPTION METHODS FOUND IN AUTHREQ"); // to do remove this
 		ast_set_flag(p, IAX_ENCRYPTED | IAX_KEYPOPULATED);
-	} else if (force_encryption) {
-		return -1;
-		// to do if force encryption is yes, and no encryption methods, then return -1 to hangup
-		// right now i am testing by simply returning -1.  this in effect is simulating force_encrypt=yes
+	} else if (ast_test_flag(iaxs[callno], IAX_FORCE_ENCRYPT)) {
+		ast_log(LOG_NOTICE, "Call initiated without encryption while forceencryption=yes option is set");
+		return -1;             /* if force encryption is yes, and no encryption methods, then return -1 to hangup */
 	}
 	if (!res) {
 		struct ast_datastore *variablestore;




More information about the svn-commits mailing list