mirror of
https://github.com/signalwire/freeswitch.git
synced 2026-01-25 02:07:54 +00:00
[core][mod_sofia] remove ZRTP (deemed obsolete).
[unit-tests][build-system][docs] remove references to ZRTP.
This commit is contained in:
Dragos Oancea
@@ -48,7 +48,6 @@
|
||||
<param name="auth-calls" value="false"/>
|
||||
<param name="rtp-timeout-sec" value="1800"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -70,9 +70,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -106,9 +106,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -145,8 +145,6 @@
|
||||
<!-- <param name="rtp-start-port" value="16384"/> -->
|
||||
<!-- <param name="rtp-end-port" value="32768"/> -->
|
||||
|
||||
<param name="rtp-enable-zrtp" value="true"/>
|
||||
|
||||
<!--
|
||||
Native PostgreSQL support was removed from the FreeSWITCH Core!
|
||||
=================================
|
||||
|
||||
@@ -57,7 +57,6 @@
|
||||
<param name="nonce-ttl" value="60"/>
|
||||
<param name="auth-calls" value="$${external_auth_calls}"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -14,13 +14,6 @@
|
||||
<X-PRE-PROCESS cmd="set" data="hold_music=local_stream://moh"/>
|
||||
<X-PRE-PROCESS cmd="set" data="use_profile=external"/>
|
||||
|
||||
<!--
|
||||
Enable ZRTP globally you can override this on a per channel basis
|
||||
|
||||
http://wiki.freeswitch.org/wiki/ZRTP (on how to enable zrtp)
|
||||
-->
|
||||
<X-PRE-PROCESS cmd="set" data="zrtp_secure_media=true"/>
|
||||
|
||||
<X-PRE-PROCESS cmd="set" data="global_codec_prefs=PCMU,PCMA"/>
|
||||
<X-PRE-PROCESS cmd="set" data="outbound_codec_prefs=PCMU,PCMA"/>
|
||||
|
||||
|
||||
@@ -49,7 +49,6 @@
|
||||
<param name="auth-calls" value="false"/>
|
||||
<param name="rtp-timeout-sec" value="1800"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -69,9 +69,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -110,9 +110,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -150,8 +150,6 @@
|
||||
<!-- Test each port to make sure it is not in use by some other process before allocating it to RTP -->
|
||||
<!-- <param name="rtp-port-usage-robustness" value="true"/> -->
|
||||
|
||||
<param name="rtp-enable-zrtp" value="true"/>
|
||||
|
||||
<!--
|
||||
Native PostgreSQL support was removed from the FreeSWITCH Core!
|
||||
=================================
|
||||
|
||||
@@ -51,7 +51,6 @@
|
||||
<param name="nonce-ttl" value="60"/>
|
||||
<param name="auth-calls" value="false"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -57,7 +57,6 @@
|
||||
<param name="nonce-ttl" value="60"/>
|
||||
<param name="auth-calls" value="false"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -71,9 +71,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -246,9 +246,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -7,7 +7,6 @@
|
||||
<X-PRE-PROCESS cmd="set" data="hold_music=local_stream://moh"/>
|
||||
<X-PRE-PROCESS cmd="set" data="use_profile=external"/>
|
||||
<X-PRE-PROCESS cmd="set" data="rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8|AES_CM_256_HMAC_SHA1_80|AES_CM_192_HMAC_SHA1_80|AES_CM_128_HMAC_SHA1_80|AES_CM_256_HMAC_SHA1_32|AES_CM_192_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_32|AES_CM_128_NULL_AUTH"/>
|
||||
<X-PRE-PROCESS cmd="set" data="zrtp_secure_media=true"/>
|
||||
<X-PRE-PROCESS cmd="set" data="global_codec_prefs=OPUS,G722,PCMU,PCMA,VP8,H264,H263,H263-1998,G7221@32000h"/>
|
||||
<X-PRE-PROCESS cmd="set" data="outbound_codec_prefs=OPUS,G722,PCMU,PCMA,VP8,H264,H263,H263-1998,G7221@32000h"/>
|
||||
<X-PRE-PROCESS cmd="set" data="outbound_caller_name=FreeSWITCH"/>
|
||||
|
||||
@@ -153,8 +153,6 @@
|
||||
<!-- Test each port to make sure it is not in use by some other process before allocating it to RTP -->
|
||||
<!-- <param name="rtp-port-usage-robustness" value="true"/> -->
|
||||
|
||||
<param name="rtp-enable-zrtp" value="false"/>
|
||||
|
||||
<!--
|
||||
Store encryption keys for secure media in channel variables and call CDRs. Default: false.
|
||||
WARNING: If true, anyone with CDR access can decrypt secure media!
|
||||
|
||||
@@ -443,10 +443,6 @@
|
||||
This will take the SAS from the b-leg and send it to the display on the a-leg phone.
|
||||
Known working with Polycom and Snom maybe others.
|
||||
-->
|
||||
<!--
|
||||
<action application="set" data="exec_after_bridge_app=${sched_api(+4 zrtp expand uuid_display ${uuid} \${uuid_getvar(\${uuid_getvar(${uuid} signal_bond)} zrtp_sas1_string )} \${uuid_getvar(\${uuid_getvar(${uuid} signal_bond)} zrtp_sas2_string )} )}"/>
|
||||
<action application="export" data="nolocal:zrtp_secure_media=true"/>
|
||||
-->
|
||||
<action application="bridge" data="sofia/${use_profile}/$1@conference.freeswitch.org"/>
|
||||
</condition>
|
||||
</extension>
|
||||
@@ -768,13 +764,6 @@
|
||||
</condition>
|
||||
</extension>
|
||||
|
||||
<!-- install zrtp_agent.lua into scripts (ZRTP == 9787) -->
|
||||
<extension name="zrtp_enrollement">
|
||||
<condition field="destination_number" expression="^9787$">
|
||||
<action application="lua" data="zrtp_agent.lua"/>
|
||||
</condition>
|
||||
</extension>
|
||||
|
||||
<!--
|
||||
You will no longer hear the bong tone. The wav file is playing stating the call is secure.
|
||||
The file will not play unless you have both TLS and SRTP active.
|
||||
@@ -786,10 +775,8 @@
|
||||
<action application="answer"/>
|
||||
<action application="execute_extension" data="is_secure XML features"/>
|
||||
<action application="playback" data="$${hold_music}"/>
|
||||
<anti-action application="set" data="zrtp_secure_media=true"/>
|
||||
<anti-action application="answer"/>
|
||||
<anti-action application="playback" data="silence_stream://2000"/>
|
||||
<anti-action application="execute_extension" data="is_zrtp_secure XML features"/>
|
||||
<anti-action application="playback" data="$${hold_music}"/>
|
||||
</condition>
|
||||
</extension>
|
||||
|
||||
@@ -44,15 +44,7 @@
|
||||
<action application="transfer" data="$1 XML default"/>
|
||||
</condition>
|
||||
</extension>
|
||||
|
||||
<extension name="is_zrtp_secure" continue="true">
|
||||
<condition field="${zrtp_secure_media_confirmed}" expression="^true$">
|
||||
<action application="sleep" data="1000"/>
|
||||
<action application="playback" data="misc/call_secured.wav"/>
|
||||
<anti-action application="eval" data="not_secure"/>
|
||||
</condition>
|
||||
</extension>
|
||||
|
||||
|
||||
<extension name="is_secure" continue="true">
|
||||
<!-- Only Truly consider it secure if its TLS and SRTP -->
|
||||
<condition field="${sip_via_protocol}" expression="tls"/>
|
||||
|
||||
@@ -57,7 +57,6 @@
|
||||
<param name="nonce-ttl" value="60"/>
|
||||
<param name="auth-calls" value="false"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -57,7 +57,6 @@
|
||||
<param name="nonce-ttl" value="60"/>
|
||||
<param name="auth-calls" value="false"/>
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
<param name="inbound-zrtp-passthru" value="true"/> <!-- (also enables late negotiation) -->
|
||||
<!--
|
||||
DO NOT USE HOSTNAMES, ONLY IP ADDRESSES IN THESE SETTINGS!
|
||||
-->
|
||||
|
||||
@@ -73,9 +73,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -251,9 +251,6 @@
|
||||
<!-- Let calls hit the dialplan before selecting codec for the a-leg -->
|
||||
<param name="inbound-late-negotiation" value="true"/>
|
||||
|
||||
<!-- Allow ZRTP clients to negotiate end-to-end security associations (also enables late negotiation) -->
|
||||
<param name="inbound-zrtp-passthru" value="true"/>
|
||||
|
||||
<!-- this lets anything register -->
|
||||
<!-- comment the next line and uncomment one or both of the other 2 lines for call authentication -->
|
||||
<!-- <param name="accept-blind-reg" value="true"/> -->
|
||||
|
||||
@@ -41,7 +41,6 @@
|
||||
storage_dir
|
||||
cache_dir
|
||||
core_uuid
|
||||
zrtp_enabled
|
||||
nat_public_addr
|
||||
nat_private_addr
|
||||
nat_type
|
||||
@@ -64,12 +63,6 @@
|
||||
<X-PRE-PROCESS cmd="set" data="hold_music=local_stream://moh"/>
|
||||
<X-PRE-PROCESS cmd="set" data="use_profile=external"/>
|
||||
<X-PRE-PROCESS cmd="set" data="rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8|AES_CM_256_HMAC_SHA1_80|AES_CM_192_HMAC_SHA1_80|AES_CM_128_HMAC_SHA1_80|AES_CM_256_HMAC_SHA1_32|AES_CM_192_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_32|AES_CM_128_NULL_AUTH"/>
|
||||
<!--
|
||||
Enable ZRTP globally you can override this on a per channel basis
|
||||
|
||||
http://wiki.freeswitch.org/wiki/ZRTP (on how to enable zrtp)
|
||||
-->
|
||||
<X-PRE-PROCESS cmd="set" data="zrtp_secure_media=true"/>
|
||||
<!--
|
||||
NOTICE: When using SRTP it's critical that you do not offer or accept
|
||||
variable bit rate codecs, doing so would leak information and possibly
|
||||
|
||||
Reference in New Issue
Block a user