rtp_secure_media=mandatory
rtp_secure_media=optional
rtp_secure_media=mandatory:AES_CM_256_HMAC_SHA1_80,AES_CM_256_HMAC_SHA1_32
rtp_secure_media=optional:AES_CM_256_HMAC_SHA1_80
rtp_secure_media=forbidden
true implies mandatory
false implies forbidden
not set implies optional
rtp_secure_media_inbound or rtp_secure_media_outbound take precedence and are treated the same way based on leg direction
Previously we disallowed anonymous Diffie-Hellman, but there are other
kinds of null-authentication TLS suites. In particular, disallowing
AECDH is important now that we support elliptic-curve Diffie-Hellman.
commit ee51fa4e2993ab71339e29691aec8b924c810c53
Author: Frode Isaksen <frode.isaksen@bewan.com>
Date: Thu Aug 18 16:40:58 2011 +0300
su: fix su_time() on 64-bit OS X
The field tv_sec in struct timeval is 64bits instead of 32bits as in
su_time_t, so you cannot cast su_time_t to struct timeval.
NetBSD dagonet.omniscient.local 6.1.3 NetBSD 6.1.3 (GENERIC_HZ) #1: Sat Mar 1 19:18:46 EST 2014 met@dagonet.omniscient.local:/data/netbsd/obj/usr/src/sys/arch/i386/compile/GENERIC_HZ i386
Failure due to test programs have "Shared object "libXXX.so.X" not found"
Adding -Wl,-rpath,/usr/pkg/lib to LDFLAGS for NetBSD
This was added as part of a mass copyright header update in commit
6e7d5d089. That's obviously not the right way to add features, so
we're reverting this.
If this feature is actually desired, it should be added in its own
commit, properly described in the commit message, and documented.
(The commit added a "tool" flag that could be applied to a conference
participant to mess with that person by disrupting his or her audio.)
This partially reverts commit 6e7d5d0897.
This feature earlier tried to sneak in under the guise of a whitespace
cleanup in commit a000749e70 which
Anthony reverted at commit a24f9aa8bc.
Let's not play these games.
This was momentarily called force_send_silence_when_idle, but that was
non-obvious as you had to set that value to true to be able to not
send silence when idle. This name describes the purpose much better.
We were handling the "send silence but not comfort noise" case in both
silence_stream_file_read and switch_generate_sln_silence. This
changes the former to rely on the latter.
If set to true, this prevents us from overriding the value of
send_silence_when_idle. When that is unset or set to zero and SRTP is
engaged, we typically override the value because many devices can't
handle gaps in the SRTP stream.
This variable is mostly for testing whether particular devices can
handle this behavior. Use at your own risk.
In commit 55d01d3def we set
send_silence_when_idle to -1 rather than 400 when SRTP is engaged.
But this left no way to enable white noise silence when desired.
When SRTP is engaged we can't simply not send RTP because it breaks
too many devices. So we need to prevent send_silence_when_idle from
being unset or being set to zero. This change allows it to be set to
other values so as to feed white noise rather than all zeros into the
codec.
When the channel variable send_silence_when_idle was set to zero,
switch_ivr_sleep was calling SWITCH_IVR_VERIFY_SILENCE_DIVISOR on it
anyway, causing it to be set to 400. The only way to get the behavior
of not sending silence when idle was to unset the variable completely.
This corrects the behavior such that setting the value to zero has the
same effect as leaving it unset.
write(3) can write fewer bytes than was requested for any number of
reasons. The correct behavior is to retry unless there is an error.
If there is an error, try to unlink the file; no sense in leaving
corrupted data laying around.
The default value of libdir is (unexpanded) '${exec_prefix}/lib'. In
the non-FHS path this is fine because it only ends up in a variable
where it will be expanded later. By using this to define modulesdir
we let it slip into a define where it made no sense.
We were incorrectly parsing usernames and domains starting with "sip"
if there was no sip: or sips: scheme in the string.
We were also incorrectly parsing usernames containing a colon even if
a scheme was given.
This also refactors the function for hopefully greater clarity.