Always set the ZRTP SAS verified flag on our side

When we're terminating ZRTP to an IVR or to a leg which is not
ZRTP-capable, there's no way for us to make an intelligent decision
about whether this flag should be set.  For a client to consider the
SAS as verified, however, both sides need to set this flag.  By always
setting this flag on our side, we leave the decision completely in the
hands of the client where we hope there is a careful human.
Signed-off-by: Travis Cross <tc@traviscross.com>

src/switch_rtp.c

@@ -772,9 +772,7 @@ static void zrtp_event_callback(zrtp_stream_t *stream, unsigned event)
 					switch_channel_set_variable_name_printf(channel, "true", "zrtp_secure_media_confirmed_%s", type);
 					switch_channel_set_variable_name_printf(channel, stream->session->sas1.buffer, "zrtp_sas1_string_%s", type);
 					switch_channel_set_variable_name_printf(channel, stream->session->sas2.buffer, "zrtp_sas2_string", type);
-
-					zrtp_verified_set(zrtp_global, &stream->session->zid, &stream->session->peer_zid, (uint8_t)(zrtp_session_info.sas_is_verified ^ 1));
-
+					zrtp_verified_set(zrtp_global, &stream->session->zid, &stream->session->peer_zid, (uint8_t)1);
 				}
 			}
 
@@ -832,12 +830,6 @@ static void zrtp_event_callback(zrtp_stream_t *stream, unsigned event)
 		{
 			switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "User already enrolled!\n");
 			switch_channel_set_variable_name_printf(channel, "true", "zrtp_already_enrolled_%s", type);
-
-			if (zrtp_status_ok == zrtp_session_get(stream->session, &zrtp_session_info)) {
-				if (zrtp_session_info.sas_is_ready) {
-					zrtp_verified_set(zrtp_global, &stream->session->zid, &stream->session->peer_zid, (uint8_t)(zrtp_session_info.sas_is_verified ^ 1));
-				}
-			}
 		}
 		break;
 
@@ -845,12 +837,6 @@ static void zrtp_event_callback(zrtp_stream_t *stream, unsigned event)
 		{
 			switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "New user enrolled!\n");
 			switch_channel_set_variable_name_printf(channel, "true", "zrtp_new_user_enrolled_%s", type);
-
-			if (zrtp_status_ok == zrtp_session_get(stream->session, &zrtp_session_info)) {
-				if (zrtp_session_info.sas_is_ready) {
-					zrtp_verified_set(zrtp_global, &stream->session->zid, &stream->session->peer_zid, (uint8_t)(zrtp_session_info.sas_is_verified ^ 1));
-				}
-			}
 		}
 		break;
 
@@ -858,12 +844,6 @@ static void zrtp_event_callback(zrtp_stream_t *stream, unsigned event)
 		{
 			switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "User unenrolled!\n");
 			switch_channel_set_variable_name_printf(channel, "true", "zrtp_user_unenrolled_%s", type);
-
-			if (zrtp_status_ok == zrtp_session_get(stream->session, &zrtp_session_info)) {
-				if (zrtp_session_info.sas_is_ready) {
-					zrtp_verified_set(zrtp_global, &stream->session->zid, &stream->session->peer_zid, (uint8_t)(zrtp_session_info.sas_is_verified ^ 1));
-				}
-			}
 		}
 		break;
 
@@ -3939,8 +3919,6 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_zerocopy_read_frame(switch_rtp_t *rtp
 										switch_clear_flag(rtp_session, SWITCH_ZRTP_FLAG_SECURE_MITM_SEND);
 										switch_clear_flag(other_rtp_session, SWITCH_ZRTP_FLAG_SECURE_MITM_RECV);
 										switch_clear_flag(other_rtp_session, SWITCH_ZRTP_FLAG_SECURE_MITM_SEND);
-										zrtp_verified_set(zrtp_global, &rtp_session->zrtp_session->zid,
-														  &rtp_session->zrtp_session->peer_zid, (uint8_t)(zrtp_session_info.sas_is_verified ^ 1));
 										rtp_session->zrtp_mitm_tries++;
 									}
 								}
@@ -4509,8 +4487,6 @@ SWITCH_DECLARE(int) switch_rtp_write_frame(switch_rtp_t *rtp_session, switch_fra
 									switch_clear_flag(rtp_session, SWITCH_ZRTP_FLAG_SECURE_MITM_SEND);
 									switch_clear_flag(other_rtp_session, SWITCH_ZRTP_FLAG_SECURE_MITM_RECV);
 									switch_clear_flag(other_rtp_session, SWITCH_ZRTP_FLAG_SECURE_MITM_SEND);
-									zrtp_verified_set(zrtp_global, &rtp_session->zrtp_session->zid,
-													  &rtp_session->zrtp_session->peer_zid, (uint8_t)(zrtp_session_info.sas_is_verified ^ 1));
 									rtp_session->zrtp_mitm_tries++;
 								}
 								rtp_session->zrtp_mitm_tries++;