In my iax.conf, I have encryption=yes (because why not?), but I wanted to look into some more IAX2 security options, like those detailed here: https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Specifics
The page says IAX2 is supported and that “If a peer is defined as requiring encryption but the endpoint does not support it, the call will fail with a HANGUPCAUSE of 58 (bearer capability does not exist).”
To test this, I added the following before an outgoing IAX2 call:
The call fails, and in the console I get:
[2021-01-24 20:12:45] WARNING[C-000002c6]: chan_iax2.c:5147 iax2_call: Call terminated. No secret given and force encrypt enabled [Jan 24 20:12:45] -- Couldn't call IAX2/redacted [Jan 24 20:12:45] -- Hungup 'IAX2/redacted [Jan 24 20:12:45] == Everyone is busy/congested at this time (0:0/0/0) [Jan 24 20:12:45] -- NoOp("", "DIALSTATUS: CHANUNAVAIL / HANGUPCAUSE: 0") in new stack
This seems to conflict with the Asterisk wiki page about the HANGUPCAUSE being 58 if forcing a secure call fails. Are these two different scenarios, or is it supposed to be one or the other? I just would like to be able to detect the situation, but I’m unsure which hang up cause code I should be looking for in this scenario.
As an aside, the Asterisk switch I was calling also has encryption=yes in iax.conf, so it’s interesting that forcing a secure call fails there…