Hello,
For outbound I currently have a modparam to set the flow token key. There is absolutely no reason why this should be user configurable, replicated across multiple Kamailio instances, or survive Kamailio restart as each flow is unique and should be re-established if there is a server failure.
I would much prefer to have Kamailio just select its own key at start-up. Is there any simple way to get Kamailio to select a 20-octet crypto random string?
Regards,
Peter
Am Donnerstag, 14. März 2013, 13:00:32 schrieb Peter Dunkley:
For outbound I currently have a modparam to set the flow token key. There is absolutely no reason why this should be user configurable, replicated across multiple Kamailio instances, or survive Kamailio restart as each flow is unique and should be re-established if there is a server failure.
I would much prefer to have Kamailio just select its own key at start-up. Is there any simple way to get Kamailio to select a 20-octet crypto random string?
Hello Peter,
there is no API to get this certain data at the moment. During startup the core initialize the glibc rand and our fastrand pseudo-random number generator from /dev/urandom. Then you can call e.g. in your module the rand, random or fastrand functions and use this to generate your random string. For an example have a look to generate_random_secret in auth/auth_mod.c.
Cheers,
Henning Westerholt
Hi,
I solved this by calling a function in OpenSSL that does exactly what I needed. The module already linked to OpenSSL for other things, so this seemed like a straight-forward solution.
Regards,
Peter
On 26 Mar 2013, at 08:45, Henning Westerholt hw@kamailio.org wrote:
Am Donnerstag, 14. März 2013, 13:00:32 schrieb Peter Dunkley:
For outbound I currently have a modparam to set the flow token key. There is absolutely no reason why this should be user configurable, replicated across multiple Kamailio instances, or survive Kamailio restart as each flow is unique and should be re-established if there is a server failure.
I would much prefer to have Kamailio just select its own key at start-up. Is there any simple way to get Kamailio to select a 20-octet crypto random string?
Hello Peter,
there is no API to get this certain data at the moment. During startup the core initialize the glibc rand and our fastrand pseudo-random number generator from /dev/urandom. Then you can call e.g. in your module the rand, random or fastrand functions and use this to generate your random string. For an example have a look to generate_random_secret in auth/auth_mod.c.
Cheers,
Henning Westerholt
-
Henning Westerholt -
Peter Dunkley