git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@digium.com>
	Thu, 28 Jan 2021 18:02:34 +0000 (11:02 -0700)
committer	George Joseph <gjoseph@digium.com>
	Tue, 9 Feb 2021 15:16:07 +0000 (09:16 -0600)
commit	91b0778791a8a7a881a2d9f96bcd37cd5e4c8e24
tree	e1a8ef0b2545789056014322232e36a36ecc4106	tree
parent	4a71b08091b33df8c44e2c347072b376fe09140b	commit \| diff

chan_iax2.c: Require secret and auth method if encryption is enabled

If there's no secret specified for an iax2 peer and there's no secret
specified in the dial string, Asterisk will crash if the auth method
requested by the peer is MD5 or plaintext.  You also couldn't specify
a default auth method in the [general] section of iax.conf so if you
don't have static peers defined and just use the dial string, Asterisk
will still crash even if you have a secret specified in the dial string.

* Added logic to iax2_call() and authenticate_reply() to print
  a warning and hanhup the call if encryption is requested and
  there's no secret or auth method.  This prevents the crash.

* Added the ability to specify a default "auth" in the [general]
  section of iax.conf.

ASTERISK-29624
Reported by: N A

Change-Id: I5928e16137581f7d383fcc7fa04ad96c919e6254

channels/chan_iax2.c		diff \| blob \| blame \| history
configs/samples/iax.conf.sample		diff \| blob \| blame \| history
doc/CHANGES-staging/chan_iax2.txt	[new file with mode: 0644]	blob