git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@digium.com>
	Thu, 28 Jan 2021 18:02:34 +0000 (11:02 -0700)
committer	George Joseph <gjoseph@digium.com>
	Tue, 9 Feb 2021 15:15:49 +0000 (09:15 -0600)
commit	28f187d6c5ae57a02569c86bf86b49ea5029d862
tree	b3a549f591151c0938aa397ff454dfc4f55b7015	tree
parent	24d6adfe99bf4a14a384bb6541cd9927360cdaa0	commit \| diff

chan_iax2.c: Require secret and auth method if encryption is enabled

If there's no secret specified for an iax2 peer and there's no secret
specified in the dial string, Asterisk will crash if the auth method
requested by the peer is MD5 or plaintext.  You also couldn't specify
a default auth method in the [general] section of iax.conf so if you
don't have static peers defined and just use the dial string, Asterisk
will still crash even if you have a secret specified in the dial string.

* Added logic to iax2_call() and authenticate_reply() to print
  a warning and hanhup the call if encryption is requested and
  there's no secret or auth method.  This prevents the crash.

* Added the ability to specify a default "auth" in the [general]
  section of iax.conf.

ASTERISK-29624
Reported by: N A

Change-Id: I5928e16137581f7d383fcc7fa04ad96c919e6254

channels/chan_iax2.c		diff \| blob \| blame \| history
configs/samples/iax.conf.sample		diff \| blob \| blame \| history
doc/CHANGES-staging/chan_iax2.txt	[new file with mode: 0644]	blob