kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-31 02:37:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add SHA-256 and SHA-512-256 as authentication digest algorithms

Browse Source 
* Refactored pjproject code to support the new algorithms and
added a patch file to third-party/pjproject/patches

* Added new parameters to the pjsip auth object:
  * password_digest = <algorithm>:<digest>
  * supported_algorithms_uac = List of algorithms to support
    when acting as a UAC.
  * supported_algorithms_uas = List of algorithms to support
    when acting as a UAS.
  See the auth object in pjsip.conf.sample for detailed info.

* Updated both res_pjsip_authenticator_digest.c (for UAS) and
res_pjsip_outbound_authentocator_digest.c (UAC) to suport the
new algorithms.

The new algorithms are only available with the bundled version
of pjproject, or an external version > 2.14.1.  OpenSSL version
1.1.1 or greater is required to support SHA-512-256.

Resolves: #948

UserNote: The SHA-256 and SHA-512-256 algorithms are now available
for authentication as both a UAS and a UAC.
This commit is contained in:
George Joseph
2024-10-17 08:02:08 -06:00
committed by asterisk-org-access-app[bot]
parent 22b261575f
commit 71a2e8c599
15 changed files with 1784 additions and 571 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
contrib/ast-db-manage/config/versions/abdc9ede147d_add_fields_to_ps_auths_to_support_new_.py Normal file
View File

@@ -0,0 +1,31 @@
"""Add fields to ps_auths to support new algorithms
Revision ID: abdc9ede147d
Revises: 44bd6dd914fa
Create Date: 2024-10-27 15:26:25.165085
"""
# revision identifiers, used by Alembic.
revision = 'abdc9ede147d'
down_revision = '44bd6dd914fa'
from alembic import op
import sqlalchemy as sa
max_value_length = 1024
def upgrade():
op.add_column('ps_auths', sa.Column('password_digest', sa.String(max_value_length)))
op.add_column('ps_auths', sa.Column('supported_algorithms_uas', sa.String(max_value_length)))
op.add_column('ps_auths', sa.Column('supported_algorithms_uac', sa.String(max_value_length)))
op.add_column('ps_globals', sa.Column('default_auth_algorithms_uas', sa.String(max_value_length)))
op.add_column('ps_globals', sa.Column('default_auth_algorithms_uac', sa.String(max_value_length)))
def downgrade():
op.drop_column('ps_auths', 'password_digest')
op.drop_column('ps_auths', 'supported_algorithms_uas')
op.drop_column('ps_auths', 'supported_algorithms_uac')
op.drop_column('ps_globals', 'default_auth_algorithms_uas')
op.drop_column('ps_globals', 'default_auth_algorithms_uac')