diff options
| author | Matthew Jordan <mjordan@digium.com> | 2015-04-10 12:23:42 +0000 |
|---|---|---|
| committer | Matthew Jordan <mjordan@digium.com> | 2015-04-10 12:23:42 +0000 |
| commit | b3d01f1fbf16160ef2a4cf3a3d37f5b4fce782f4 (patch) | |
| tree | 02049a32b3994bb77da62a546eb905b1e4a3805e /channels/chan_iax2.c | |
| parent | ed6b6e3c03d9ab54bb3fcb2fe3c912837dd3a007 (diff) | |
channels/chan_iax2: Add a configuration parameter for call token expiration
This patch adds a new configuration parameter, 'calltokenexpiration', that
controls how long before an authentication call token is expired. The default
maintains the RFC specified 10 seconds. Setting it to a higher value may be
useful in lossy networks.
Review: https://reviewboard.asterisk.org/r/4588
ASTERISK-24939 #close
Reported by: Y Ateya
patches:
ctoken_configuration.diff submitted by Y Ateya (License 6693)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@434563 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'channels/chan_iax2.c')
| -rw-r--r-- | channels/chan_iax2.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c index aaf31800e..5e3656f0d 100644 --- a/channels/chan_iax2.c +++ b/channels/chan_iax2.c @@ -918,7 +918,7 @@ static struct ast_taskprocessor *transmit_processor; static int randomcalltokendata; -static const time_t MAX_CALLTOKEN_DELAY = 10; +static time_t max_calltoken_delay = 10; /*! * This module will get much higher performance when doing a lot of @@ -4934,7 +4934,7 @@ static int handle_call_token(struct ast_iax2_full_hdr *fh, struct iax_ies *ies, if (strcmp(hash, rec_hash)) { ast_log(LOG_WARNING, "Address %s failed CallToken hash inspection\n", ast_sockaddr_stringify(addr)); goto reject; /* received hash does not match ours, reject */ - } else if ((t < rec_time) || ((t - rec_time) >= MAX_CALLTOKEN_DELAY)) { + } else if ((t < rec_time) || ((t - rec_time) >= max_calltoken_delay)) { ast_log(LOG_WARNING, "Too much delay in IAX2 calltoken timestamp from address %s\n", ast_sockaddr_stringify(addr)); goto reject; /* too much delay, reject */ } @@ -13734,7 +13734,15 @@ static int set_config(const char *config_file, int reload, int forced) if (add_calltoken_ignore(v->value)) { ast_log(LOG_WARNING, "Invalid calltokenoptional address range - '%s' line %d\n", v->value, v->lineno); } - } else if (!strcasecmp(v->name, "subscribe_network_change_event")) { + } else if (!strcasecmp(v->name, "calltokenexpiration")) { + int temp = -1; + sscanf(v->value, "%u", &temp); + if( temp <= 0 ){ + ast_log(LOG_WARNING, "Invalid calltokenexpiration value %s. Should be integer greater than 0.\n", v->value); + } else { + max_calltoken_delay = temp; + } + } else if (!strcasecmp(v->name, "subscribe_network_change_event")) { if (ast_true(v->value)) { subscribe_network_change = 1; } else if (ast_false(v->value)) { |