| Summary: | ASTERISK-16849: Indicate SRTP + Feature reqest | ||||
| Reporter: | Chodorenko Michail (chodorenko) | Labels: | |||
| Date Opened: | 2010-10-22 10:06:35 | Date Closed: | 2015-02-25 15:05:40.000-0600 | ||
| Priority: | Major | Regression? | No | ||
| Status: | Closed/Complete | Components: | Channels/chan_sip/SRTP | ||
| Versions: | Frequency of Occurrence | ||||
| Related Issues: |
| ||||
| Environment: | Attachments: | ||||
| Description: | Command "sip show peer NAME" do not indicate status of encryption
*ADDITIONAL INFORMATION* # Command {{sip show peer NAME}} do not indicate status of encryption in my previous bug i report by this (6) https://issues.asterisk.org/view.php?id=18140#128202 and twilson commit path for modification in source tree/ In release 1.8.0 again not this value. # Command {{sip show peer NAME}} do not indicate status of forceencrypt # My opinion that the use of 2 variables {{encryption = Yes|No}} {{forceencrypt = Yes|No}} no not the best approach. Propose will integrate them into one variable {{srtp_capability = Yes|No|Optional}} ** Yes - Force SRTP ** No - Force RTP ** Optional - May Use encryption (* Default) # Variable srtp_capability can may be read from dialplan as variant ..... {noformat} exten => 123,1,GotoIf("$[${srtp_capability(SIP/test)}" = "Yes"]?call_optional_encrypt) {noformat} or different way .... | ||||
| Comments: | By: Stefan Schmidt (schmidts) 2010-10-22 12:25:25 to 1. it is in the source tree but its not in 1.8.0 so i think this would come in 1.8.1 maybe. By: Paul Belanger (pabelanger) 2010-10-22 15:11:48 Patches welcome. By: Chodorenko Michail (chodorenko) 2010-10-23 10:21:08 to -> pabelanger Paul, If i can write code, i give patches in bug reports witch out of you message, im tester, administrator and integrator only, i not developer :( sorry As far as I can remember is the people who maintain SRTP, he may deem necessary and possible to implement this By: Terry Wilson (twilson) 2010-11-11 13:56:03.000-0600 1. The code is there, it must be showing up. It is somewhere in the middle, right after "Use Reason". 2. There is not foreceencrypt in chan_sip. That is why it doesn't show up. :-) encryption=yes implies forceencrypt in chan_sip. 3. We don't use two variables, and don't support optional encryption. Please read https://wiki.asterisk.org/wiki/display/AST/Secure+Calls for an example of how everything is already handled via the dialplan. By: Bob Beers (bbeers) 2011-02-14 10:07:10.000-0600 moderator: Can we add a relation to issue ASTERISK-17282? SRTP encryption is really more than yes|no. By: Stefan Schmidt (schmidts) 2011-02-14 12:01:44.000-0600 your welcome By: Olle Johansson (oej) 2013-09-05 04:33:29.944-0500 After reading this I'm unclear if we have any outstanding issues here or if we can close this issue. By: Matt Jordan (mjordan) 2015-02-25 15:05:40.211-0600 After reading through the various proposals, these are either: # Completed (such as in the proposed additions to the CLI commands) # Feature requests (such as the support for optional encryption) As such, since there is no bug here and there isn't a patch for the feature requests (which are a good idea, and would be nice to have in {{chan_sip}}), I agree with [~oej] that there isn't much need in keeping this open without a patch. If someone would like to provide a patch or - given how much is listed on this issue a separate issue + patch for any of the things not implemented in the request - that would be appreciated. In either case, we can always reopen this if there is additional work someone would like to do in improving Asterisk's SDES-SRTP support. | ||||