From: Alexander Traud <pabstraud@compuserve.com>
Date: Mon, 27 Apr 2020 15:28:01 +0000 (+0200)
Subject: core_local: Local calls are always secure.
X-Git-Tag: 13.34.0-rc1~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=18cc090761dbc2c0d2c0f1e37360445476f14607;p=thirdparty%2Fasterisk.git

core_local: Local calls are always secure.

In a Dialplan, the channel drivers 'chan_sip' and 'chan_iax2' support
the channel items 'secure_bridge_media' and 'secure_bridge_signaling'.
That way, a channel can be forced to use encryption even if not
specified in its configuration.

However, when the Local Proxy kicks in, for example, in case of a
forwarding (SIP status 302), Local Proxy stated it does not know those
items. Consequently, such a call could not be proxied how clever your
Dialplan was. Because local calls within Asterisk are always secure,
Local Proxy accepts such a request now.

ASTERISK-22920

Change-Id: I4c143bb70f686790953cc04c5a4b810bbb03636c
---

diff --git a/main/core_local.c b/main/core_local.c
index 59c789abde..592db831ae 100644
--- a/main/core_local.c
+++ b/main/core_local.c
@@ -144,6 +144,7 @@ static int local_devicestate(const char *data);
 static void local_optimization_started_cb(struct ast_unreal_pvt *base, struct ast_channel *source,
 		enum ast_unreal_channel_indicator dest, unsigned int id);
 static void local_optimization_finished_cb(struct ast_unreal_pvt *base, int success, unsigned int id);
+static int local_setoption(struct ast_channel *chan, int option, void *data, int datalen);
 
 static struct ast_manager_event_blob *local_message_to_ami(struct stasis_message *msg);
 
@@ -187,7 +188,7 @@ static struct ast_channel_tech local_tech = {
 	.send_text = ast_unreal_sendtext,
 	.devicestate = local_devicestate,
 	.queryoption = ast_unreal_queryoption,
-	.setoption = ast_unreal_setoption,
+	.setoption = local_setoption,
 };
 
 /*! What to do with the ;2 channel when ast_call() happens. */
@@ -1108,3 +1109,14 @@ int ast_local_init(void)
 	ast_register_cleanup(local_shutdown);
 	return 0;
 }
+
+int local_setoption(struct ast_channel *ast, int option, void *data, int datalen)
+{
+	switch (option) {
+	case AST_OPTION_SECURE_SIGNALING:
+	case AST_OPTION_SECURE_MEDIA:
+			return 0; /* local calls (like forwardings) are secure always */
+	default:
+			return ast_unreal_setoption(ast, option, data, datalen);
+	}
+}