<p>George Joseph <strong>submitted</strong> this change.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/15922">View Change</a></p><div style="white-space:pre-wrap">Approvals:
George Joseph: Looks good to me, approved; Approved for Submit
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">res_rtp_asterisk: make it possible to remove SOFTWARE attribute<br><br>By default Asterisk reports the PJSIP version in a SOFTWARE attribute<br>of every STUN packet it sends. This may not be desired in a production<br>environment, and RFC5389 recommends making the use of the SOFTWARE<br>attribute a configurable option:<br><br>https://datatracker.ietf.org/doc/html/rfc5389#section-16.1.2<br><br>This patch adds a `stun_software_attribute` yes/no option to make it<br>possible to omit the SOFTWARE attribute from STUN packets.<br><br>ASTERISK-29434<br><br>Change-Id: Id3f2b1dd9584536ebb3a1d7e8395fd8b3e46860b<br>---<br>M configs/samples/rtp.conf.sample<br>A doc/CHANGES-staging/res_rtp_asterisk_stun_software_attribute.txt<br>M res/res_rtp_asterisk.c<br>3 files changed, 25 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;"><span>diff --git a/configs/samples/rtp.conf.sample b/configs/samples/rtp.conf.sample</span><br><span>index 7ab81b3..1207c78 100644</span><br><span>--- a/configs/samples/rtp.conf.sample</span><br><span>+++ b/configs/samples/rtp.conf.sample</span><br><span>@@ -90,6 +90,11 @@</span><br><span> ;</span><br><span> ; For historic reasons stun_blacklist is an alias for stun_deny.</span><br><span> ;</span><br><span style="color: hsl(120, 100%, 40%);">+; Whether to report the PJSIP version in a SOFTWARE attribute for all</span><br><span style="color: hsl(120, 100%, 40%);">+; outgoing STUN packets. This option is enabled by default.</span><br><span style="color: hsl(120, 100%, 40%);">+;</span><br><span style="color: hsl(120, 100%, 40%);">+; stun_software_attribute=yes</span><br><span style="color: hsl(120, 100%, 40%);">+;</span><br><span> ; Hostname or address for the TURN server to be used as a relay. The port</span><br><span> ; number is optional. If omitted the default value of 3478 will be used.</span><br><span> ; This option is disabled by default.</span><br><span>diff --git a/doc/CHANGES-staging/res_rtp_asterisk_stun_software_attribute.txt b/doc/CHANGES-staging/res_rtp_asterisk_stun_software_attribute.txt</span><br><span>new file mode 100644</span><br><span>index 0000000..93905f6</span><br><span>--- /dev/null</span><br><span>+++ b/doc/CHANGES-staging/res_rtp_asterisk_stun_software_attribute.txt</span><br><span>@@ -0,0 +1,8 @@</span><br><span style="color: hsl(120, 100%, 40%);">+Subject: res_rtp_asterisk</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+By default Asterisk reports the PJSIP version in all</span><br><span style="color: hsl(120, 100%, 40%);">+STUN packets it sends.</span><br><span style="color: hsl(120, 100%, 40%);">+</span><br><span style="color: hsl(120, 100%, 40%);">+This behaviour may not be desired in a production</span><br><span style="color: hsl(120, 100%, 40%);">+environment and can now be disabled by setting the</span><br><span style="color: hsl(120, 100%, 40%);">+stun_software_attribute option to 'no' in rtp.conf.</span><br><span>diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c</span><br><span>index 20504cb..0f883e9 100644</span><br><span>--- a/res/res_rtp_asterisk.c</span><br><span>+++ b/res/res_rtp_asterisk.c</span><br><span>@@ -184,6 +184,7 @@</span><br><span> #define DEFAULT_STRICT_RTP STRICT_RTP_YES /*!< Enabled by default */</span><br><span> #define DEFAULT_SRTP_REPLAY_PROTECTION 1</span><br><span> #define DEFAULT_ICESUPPORT 1</span><br><span style="color: hsl(120, 100%, 40%);">+#define DEFAULT_STUN_SOFTWARE_ATTRIBUTE 1</span><br><span> #define DEFAULT_DTLS_MTU 1200</span><br><span> </span><br><span> extern struct ast_srtp_res *res_srtp;</span><br><span>@@ -211,6 +212,7 @@</span><br><span> #endif</span><br><span> #ifdef HAVE_PJPROJECT</span><br><span> static int icesupport = DEFAULT_ICESUPPORT;</span><br><span style="color: hsl(120, 100%, 40%);">+static int stun_software_attribute = DEFAULT_STUN_SOFTWARE_ATTRIBUTE;</span><br><span> static struct sockaddr_in stunaddr;</span><br><span> static pj_str_t turnaddr;</span><br><span> static int turnport = DEFAULT_TURN_PORT;</span><br><span>@@ -1652,6 +1654,9 @@</span><br><span> }</span><br><span> </span><br><span> pj_stun_config_init(&stun_config, &cachingpool.factory, 0, rtp->ioqueue->ioqueue, rtp->ioqueue->timerheap);</span><br><span style="color: hsl(120, 100%, 40%);">+ if (!stun_software_attribute) {</span><br><span style="color: hsl(120, 100%, 40%);">+ stun_config.software_name = pj_str(NULL);</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> </span><br><span> /* Use ICE session group lock for TURN session to avoid deadlock */</span><br><span> pj_turn_sock_cfg_default(&turn_sock_cfg);</span><br><span>@@ -3766,6 +3771,9 @@</span><br><span> pj_thread_register_check();</span><br><span> </span><br><span> pj_stun_config_init(&stun_config, &cachingpool.factory, 0, NULL, timer_heap);</span><br><span style="color: hsl(120, 100%, 40%);">+ if (!stun_software_attribute) {</span><br><span style="color: hsl(120, 100%, 40%);">+ stun_config.software_name = pj_str(NULL);</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> </span><br><span> ufrag = pj_str(rtp->local_ufrag);</span><br><span> passwd = pj_str(rtp->local_passwd);</span><br><span>@@ -9374,6 +9382,7 @@</span><br><span> </span><br><span> #ifdef HAVE_PJPROJECT</span><br><span> icesupport = DEFAULT_ICESUPPORT;</span><br><span style="color: hsl(120, 100%, 40%);">+ stun_software_attribute = DEFAULT_STUN_SOFTWARE_ATTRIBUTE;</span><br><span> turnport = DEFAULT_TURN_PORT;</span><br><span> memset(&stunaddr, 0, sizeof(stunaddr));</span><br><span> turnaddr = pj_str(NULL);</span><br><span>@@ -9449,6 +9458,9 @@</span><br><span> if ((s = ast_variable_retrieve(cfg, "general", "icesupport"))) {</span><br><span> icesupport = ast_true(s);</span><br><span> }</span><br><span style="color: hsl(120, 100%, 40%);">+ if ((s = ast_variable_retrieve(cfg, "general", "stun_software_attribute"))) {</span><br><span style="color: hsl(120, 100%, 40%);">+ stun_software_attribute = ast_true(s);</span><br><span style="color: hsl(120, 100%, 40%);">+ }</span><br><span> if ((s = ast_variable_retrieve(cfg, "general", "stunaddr"))) {</span><br><span> stunaddr.sin_port = htons(STANDARD_STUN_PORT);</span><br><span> if (ast_parse_arg(s, PARSE_INADDR, &stunaddr)) {</span><br><span></span><br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/15922">change 15922</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/15922"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-Change-Id: Id3f2b1dd9584536ebb3a1d7e8395fd8b3e46860b </div>
<div style="display:none"> Gerrit-Change-Number: 15922 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Jeremy Lainé <jeremy.laine@m4x.org> </div>
<div style="display:none"> Gerrit-Reviewer: Friendly Automation </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-MessageType: merged </div>