kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-03 03:20:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_pjsip: mediasec: Add Security-Client headers after 401 (#49)

Browse Source 
When using mediasec, requests sent after a 401 must still contain the
Security-Client header according to
draft-dawes-sipcore-mediasec-parameter.

Resolves: #48
This commit is contained in:
Maximilian Fridrich
2023-05-02 17:18:42 +02:00
committed by GitHub
parent 65fa8d6009
commit cacd98bb29
5 changed files with 175 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
res/res_pjsip/pjsip_configuration.c
View File

@@ -256,6 +256,13 @@ static int timers_to_str(const void *obj, const intptr_t *args, char **buf)
return 0;
}
static int security_mechanism_to_str(const void *obj, const intptr_t *args, char **buf)
{
const struct ast_sip_endpoint *endpoint = obj;
return ast_sip_security_mechanisms_to_str(&endpoint->security_mechanisms, 0, buf);
}
static int security_mechanism_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
{
struct ast_sip_endpoint *endpoint = obj;
@@ -263,6 +270,20 @@ static int security_mechanism_handler(const struct aco_option *opt, struct ast_v
return ast_sip_security_mechanism_vector_init(&endpoint->security_mechanisms, var->value);
}
static const char *security_negotiation_map[] = {
[AST_SIP_SECURITY_NEG_NONE] = "no",
[AST_SIP_SECURITY_NEG_MEDIASEC] = "mediasec",
};
static int security_negotiation_to_str(const void *obj, const intptr_t *args, char **buf)
{
const struct ast_sip_endpoint *endpoint = obj;
if (ARRAY_IN_BOUNDS(endpoint->security_negotiation, security_negotiation_map)) {
*buf = ast_strdup(security_negotiation_map[endpoint->security_negotiation]);
}
return 0;
}
int ast_sip_set_security_negotiation(enum ast_sip_security_negotiation *security_negotiation, const char *val) {
if (!strcasecmp("no", val)) {
*security_negotiation = AST_SIP_SECURITY_NEG_NONE;
@@ -2262,8 +2283,8 @@ int ast_res_pjsip_initialize_configuration(void)
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "allow_unauthenticated_options", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, allow_unauthenticated_options));
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "geoloc_incoming_call_profile", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, geoloc_incoming_call_profile));
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "geoloc_outgoing_call_profile", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, geoloc_outgoing_call_profile));
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "security_mechanisms", "", security_mechanism_handler, NULL, NULL, 0, 0);
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "security_negotiation", "no", security_negotiation_handler, NULL, NULL, 0, 0);
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "security_mechanisms", "", security_mechanism_handler, security_mechanism_to_str, NULL, 0, 0);
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "security_negotiation", "no", security_negotiation_handler, security_negotiation_to_str, NULL, 0, 0);
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "send_aoc", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, send_aoc));
if (ast_sip_initialize_sorcery_transport()) {