From: David Vossel Date: Mon, 23 Feb 2009 17:59:55 +0000 (+0000) Subject: Changes the way keyrotation is enabled by default X-Git-Tag: 1.6.2.0-beta1~147 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=7d1ac32af1b24f49391620f954c400e827fafa6c;p=thirdparty%2Fasterisk.git Changes the way keyrotation is enabled by default Key rotation was enabled by default by setting the global encryption method to IAX_ENCRYPT_KEYROTATE. the problem with this is that if encryption is not enabled, and the encryption method is set to anything except 0, the peer appears to have encryption enabled when issuing a "iax2 show peers". Rather than have the key rotation bit always set by default, it is now only set when an encryption method is enabled. (closes issue #14523) Reported by: mvanbaak git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@178030 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c index 4de90b7720..ef3003071e 100644 --- a/channels/chan_iax2.c +++ b/channels/chan_iax2.c @@ -1310,9 +1310,9 @@ static int get_encrypt_methods(const char *s) { int e; if (!strcasecmp(s, "aes128")) - e = IAX_ENCRYPT_AES128; + e = IAX_ENCRYPT_AES128 | IAX_ENCRYPT_KEYROTATE; else if (ast_true(s)) - e = IAX_ENCRYPT_AES128; + e = IAX_ENCRYPT_AES128 | IAX_ENCRYPT_KEYROTATE; else e = 0; return e; @@ -5310,7 +5310,7 @@ static int __iax2_show_peers(int manager, int fd, struct mansession *s, int argc unmonitored_peers++; ast_copy_string(nm, ast_inet_ntoa(peer->mask), sizeof(nm)); - + snprintf(srch, sizeof(srch), FORMAT, name, peer->addr.sin_addr.s_addr ? ast_inet_ntoa(peer->addr.sin_addr) : "(Unspecified)", ast_test_flag(peer, IAX_DYNAMIC) ? "(D)" : "(S)", @@ -11257,8 +11257,6 @@ static int set_config(char *config_file, int reload) memset(&globalflags, 0, sizeof(globalflags)); ast_set_flag(&globalflags, IAX_RTUPDATE); - /* Turns on support for key rotation during encryption. */ - iax2_encryption |= IAX_ENCRYPT_KEYROTATE; #ifdef SO_NO_CHECK nochecksums = 0; #endif