Review Board 1.7.16

Added Force Encrypt option to iax.conf

Review Request #150 - Created Feb. 11, 2009 and submitted

David Vossel
There was a feature request to add any option into iax.conf to force encryption... so I made it. Basically if force encryption is enabled, encryption is enabled as well.  Encryption is checked during the processing of the AUTHREQ and AUTHREP frames.  If the encryption ie isn't present from the other side during this process, the call is terminated. When a call is placed to the box, the NEW frame contains the encryption method, so the authenticate_verify() function used during AUTHREP processing only checks to see if encryption method has been set rather than if the encryption ie is present.   When a call is placed from the box, the AUTHREQ message must contain the encryption ie in response to our NEW request or the call is terminated.  this check is in the authenticate_reply() function. 

Review request changed
Updated (Feb. 12, 2009, 4:46 a.m.)
Fixed issue with force encryption being ignored when no secret is present for authentication.  When a call is comming in, force encrypt is checked while processing the NEW frame.  if no secret is present for the context the call is going to, the call is rejected.  When a call is going out it is checked in the iax2_call function.  If no secret is present, no attempt to connect is made. 

Ship it!
Posted (Feb. 12, 2009, 7:42 a.m.)
Nice work, David! runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to