Include 'requirecalltoken' as an additional extension IAX2 device option

Asterisk documentation states

; In a peer/user/friend definition, the 'requirecalltoken' option may be used.
; By setting 'requirecalltoken=no', call token validation becomes optional for
; that peer/user.  By setting 'requirecalltoken=auto', call token validation 
; is optional until a call token supporting peer registers successfully using
; call token validation.  This is used as an indication that from now on, we
; can require it from this peer.  So, requirecalltoken is internally set to yes.
; By default, 'requirecalltoken=yes'.

Note the part So, requirecalltoken is internally set to yes. I think that the best way to do it is to add it to Asterisk IAX Settings

is it valid in the general section? The above indicates it is valid in a specific device section which would lead me to think it may not even be supported in general which is all that iaxsettings uses.

uh, what does it do??

According to the Asterisk dev documentation, it is in the iax.conf under the [general] section.

http://www.asterisk.org/doxygen/1.4/Config_iax.html

It was added as a security measure, see bulletin http://downloads.asterisk.org/pub/security/AST-2009-006.html

well if it is in the general section, it would be relatively easy to add it to iaxsettings module, but not clear if that should be the case or not. Is it is more appropriately set on a per trunk and per device level with the default Asterisk settings reasonable? Or should it be added to iaxsettings, or to that and devices?

After a good nights sleep and some thoughts I would say that my vote is:

Add it to the device section as a field (like we did for permit/deny) but do not set anything as it is 'yes' per default. By doing this we allow users to set it to 'no' or 'auto' for those specific devices that are old and don't support requirecalltoken.

As it can be added as Other IAX Settings in Asterisk IAX Settings thus setting it globally I don't think we should do anything with that module.

I just tested it setting it to 'auto'. However, when removing the word 'auto' it removed just the word and left the 'requirecalltoken=' in iax_additional.conf. I don't know the impact of this (yet). If it is there and empty, does Asterisk leave that to the default or unset it?

mickecarlsson,

if we are going to add this this late in the game, then I would suggest:

1. you put yes as the default in the patch if you have not already
2. you make the generator look for this variable, and if it is not set, then you don't write anything out to the conf file. It's in the class: core_conf, in the generate_iax_additional method.

This way, we don't introduce an unknown bug, unless you can easily confirm that not setting a value will result in it being ignored.

Updating this ticket to reflect the Asterisk issue https://issues.asterisk.org/view.php?id=16223 The requirecalltoken is NOT a global directive, it needs to be set for each user or peer.

In [8565] closes #3882 adds requirecalltoken to iax extensions