kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-02 11:06:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add SHA-256 and SHA-512-256 as authentication digest algorithms

Browse Source 
* Refactored pjproject code to support the new algorithms and
added a patch file to third-party/pjproject/patches

* Added new parameters to the pjsip auth object:
  * password_digest = <algorithm>:<digest>
  * supported_algorithms_uac = List of algorithms to support
    when acting as a UAC.
  * supported_algorithms_uas = List of algorithms to support
    when acting as a UAS.
  See the auth object in pjsip.conf.sample for detailed info.

* Updated both res_pjsip_authenticator_digest.c (for UAS) and
res_pjsip_outbound_authentocator_digest.c (UAC) to suport the
new algorithms.

The new algorithms are only available with the bundled version
of pjproject, or an external version > 2.14.1.  OpenSSL version
1.1.1 or greater is required to support SHA-512-256.

Resolves: #948

UserNote: The SHA-256 and SHA-512-256 algorithms are now available
for authentication as both a UAS and a UAC.

(cherry picked from commit 1933548d41)
This commit is contained in:
George Joseph
2024-10-17 08:02:08 -06:00
committed by Asterisk Development Team
parent 6e114c7869
commit fd52a4411d
15 changed files with 1784 additions and 571 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
contrib/ast-db-manage/config/versions/abdc9ede147d_add_fields_to_ps_auths_to_support_new_.py Normal file
View File

@@ -0,0 +1,31 @@
"""Add fields to ps_auths to support new algorithms
Revision ID: abdc9ede147d
Revises: 44bd6dd914fa
Create Date: 2024-10-27 15:26:25.165085
"""
# revision identifiers, used by Alembic.
revision = 'abdc9ede147d'
down_revision = '44bd6dd914fa'
from alembic import op
import sqlalchemy as sa
max_value_length = 1024
def upgrade():
op.add_column('ps_auths', sa.Column('password_digest', sa.String(max_value_length)))
op.add_column('ps_auths', sa.Column('supported_algorithms_uas', sa.String(max_value_length)))
op.add_column('ps_auths', sa.Column('supported_algorithms_uac', sa.String(max_value_length)))
op.add_column('ps_globals', sa.Column('default_auth_algorithms_uas', sa.String(max_value_length)))
op.add_column('ps_globals', sa.Column('default_auth_algorithms_uac', sa.String(max_value_length)))
def downgrade():
op.drop_column('ps_auths', 'password_digest')
op.drop_column('ps_auths', 'supported_algorithms_uas')
op.drop_column('ps_auths', 'supported_algorithms_uac')
op.drop_column('ps_globals', 'default_auth_algorithms_uas')
op.drop_column('ps_globals', 'default_auth_algorithms_uac')