mirror of
https://github.com/servalproject/serval-dna.git
synced 2025-01-31 08:25:22 +00:00
Andrew Bettison
c43a7ba8e6
Issue #17, improve "rhizome extract manifest" command
Add ".readonly" output field, add logic to detect bundle author and update MANIFESTS table 'author' column accordingly. Add two 'rhizomeops' test cases to deal with authorless logic. Rename some 'rhizomeops' test cases for consistency and to help filtering.
When we were looking at implementing secure calls for OpenBTS it was suggested that we configure Asterisk to use SIPS/ZRTP. This would have been relatively easy to setup, however there are a few problems. Number one is that when Asterisk checks the certificates it will either validate the certificate (checking the chain of trust and so on) and then check that the common name attribute on the certificate matches the hostname of the peer, or it will do none of these checks. This code is in main/tcptls.c line 206 (in version 1.8.14.1). This is undesirable in a setup where there is limited or no infrastructure as there is not likely to be a DNS server setup, or even rigid IP assignments that would allow a static hosts file based setup. This situation would force the administrator to disable the checks completely which would allow a trivial man in the middle attack. It would be possible to modify Asterisk to have a third way where it validates the certificate and checks the chain of trust but does not look at the common name. We decided against this approach as the VOMP channel driver was written in time to avoid it.
Description
The Serval Project's core daemon that implements Distributed Numbering Architecture (DNA), MDP, VoMP, Rhizome, MeshMS, etc.
Languages
C
89.4%
Shell
5.9%
Java
2%
M4
1.1%
Assembly
0.6%
Other
0.9%