From 7d1ac32af1b24f49391620f954c400e827fafa6c Mon Sep 17 00:00:00 2001 From: David Vossel Date: Mon, 23 Feb 2009 17:59:55 +0000 Subject: Changes the way keyrotation is enabled by default Key rotation was enabled by default by setting the global encryption method to IAX_ENCRYPT_KEYROTATE. the problem with this is that if encryption is not enabled, and the encryption method is set to anything except 0, the peer appears to have encryption enabled when issuing a "iax2 show peers". Rather than have the key rotation bit always set by default, it is now only set when an encryption method is enabled. (closes issue #14523) Reported by: mvanbaak git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@178030 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- channels/chan_iax2.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'channels') diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c index 4de90b772..ef3003071 100644 --- a/channels/chan_iax2.c +++ b/channels/chan_iax2.c @@ -1310,9 +1310,9 @@ static int get_encrypt_methods(const char *s) { int e; if (!strcasecmp(s, "aes128")) - e = IAX_ENCRYPT_AES128; + e = IAX_ENCRYPT_AES128 | IAX_ENCRYPT_KEYROTATE; else if (ast_true(s)) - e = IAX_ENCRYPT_AES128; + e = IAX_ENCRYPT_AES128 | IAX_ENCRYPT_KEYROTATE; else e = 0; return e; @@ -5310,7 +5310,7 @@ static int __iax2_show_peers(int manager, int fd, struct mansession *s, int argc unmonitored_peers++; ast_copy_string(nm, ast_inet_ntoa(peer->mask), sizeof(nm)); - + snprintf(srch, sizeof(srch), FORMAT, name, peer->addr.sin_addr.s_addr ? ast_inet_ntoa(peer->addr.sin_addr) : "(Unspecified)", ast_test_flag(peer, IAX_DYNAMIC) ? "(D)" : "(S)", @@ -11257,8 +11257,6 @@ static int set_config(char *config_file, int reload) memset(&globalflags, 0, sizeof(globalflags)); ast_set_flag(&globalflags, IAX_RTUPDATE); - /* Turns on support for key rotation during encryption. */ - iax2_encryption |= IAX_ENCRYPT_KEYROTATE; #ifdef SO_NO_CHECK nochecksums = 0; #endif -- cgit v1.2.3