asterisk

Commit Graph

Author	SHA1	Message	Date
Viktor Litvinov	03a801cafb	res_rtp_asterisk.c: Set Mark on rtp when timestamp skew is too big Set Mark bit in rtp stream when timestamp skew is bigger than MAX_TIMESTAMP_SKEW. Fixes: #927 (cherry picked from commit `8cad9f2420`)	3 months ago
Alexey Vasilyev	f293dc375f	res_rtp_asterisk.c: Fix bridged_payload matching with sample rate for DTMF Fixes #1004 (cherry picked from commit `1b4dbd88b6`)	3 months ago
George Joseph	2d2d17811a	res_stir_shaken: Allow sending Identity headers for unknown TNs Added a new option "unknown_tn_attest_level" to allow Identity headers to be sent when a callerid TN isn't explicitly configured in stir_shaken.conf. Since there's no TN object, a private_key_file and public_cert_url must be configured in the attestation or profile objects. Since "unknown_tn_attest_level" uses the same enum as attest_level, some of the sorcery macros had to be refactored to allow sharing the enum and to/from string conversion functions. Also fixed a memory leak in crypto_utils:pem_file_cb(). Resolves: #921 UserNote: You can now set the "unknown_tn_attest_level" option in the attestation and/or profile objects in stir_shaken.conf to enable sending Identity headers for callerid TNs not explicitly configured. (cherry picked from commit `9e5cac457f`)	3 months ago
George Joseph	7bfdbd67ab	res_pjsip: Change suppress_moh_on_sendonly to OPT_BOOL_T The suppress_moh_on_sendonly endpoint option should have been defined as OPT_BOOL_T in pjsip_configuration.c and AST_BOOL_VALUES in the alembic script instead of OPT_YESNO_T and YESNO_VALUES. Also updated contrib/ast-db-manage/README.md to indicate that AST_BOOL_VALUES should always be used and provided an example. Resolves: #995	5 months ago
George Joseph	f5dbb87a48	res_pjsip: Add new endpoint option "suppress_moh_on_sendonly" Normally, when one party in a call sends Asterisk an SDP with a "sendonly" or "inactive" attribute it means "hold" and causes Asterisk to start playing MOH back to the other party. This can be problematic if it happens at certain times, such as in a 183 Progress message, because the MOH will replace any early media you may be playing to the calling party. If you set this option to "yes" on an endpoint and the endpoint receives an SDP with "sendonly" or "inactive", Asterisk will NOT play MOH back to the other party. Resolves: #979 UserNote: The new "suppress_moh_on_sendonly" endpoint option can be used to prevent playing MOH back to a caller if the remote end sends "sendonly" or "inactive" (hold) to Asterisk in an SDP. (cherry picked from commit `98510d4c75`)	5 months ago
Sean Bright	e151a85c9d	res_pjsip.c: Fix Contact header rendering for IPv6 addresses. Fix suggested by @nvsystems. Fixes #985 (cherry picked from commit `e2b4133a45`)	5 months ago
George Joseph	ec5387748c	res_pjsip: Move tenantid to end of ast_sip_endpoint The tenantid field was originally added to the ast_sip_endpoint structure at the end of the AST_DECLARE_STRING_FIELDS block. This caused everything after it in the structure to move down in memory and break ABI compatibility. It's now at the end of the structure as an AST_STRING_FIELD_EXTENDED. Given the number of string fields in the structure now, the initial string field allocation was also increased from 64 to 128 bytes. Resolves: #982 (cherry picked from commit `3dfac27ef2`)	5 months ago
Thomas Guebels	4d7d5deab3	pjsip_transport_events: handle multiple addresses for a domain The key used for transport monitors was the remote host name for the transport and not the remote address resolved for this domain. This was problematic for domains returning multiple addresses as several transport monitors were created with the same key. Whenever a subsystem wanted to register a callback it would always end up attached to the first transport monitor with a matching key. The key used for transport monitors is now the remote address and port the transport actually connected to. Fixes: #932 (cherry picked from commit `d1ed1018c4`)	5 months ago
George Joseph	183df135dd	res_srtp: Change Unsupported crypto suite msg from verbose to debug There's really no point in spamming logs with a verbose message for every unsupported crypto suite an older client may send in an SDP. If none are supported, there will be an error or warning. (cherry picked from commit `39ed13940b`)	5 months ago
Ben Ford	d58bc095dd	Add res_pjsip_config_sangoma external module. Adds res_pjsip_config_sangoma as an external module that can be downloaded via menuselect. It lives under the Resource Modules section. (cherry picked from commit `4f1987f21e`)	5 months ago
Thomas Guebels	a04c5213ee	pjsip_transport_events: Avoid monitor destruction When a transport is disconnected, several events can arrive following each other. The first event will be PJSIP_TP_STATE_DISCONNECT and it will trigger the destruction of the transport monitor object. The lookup for the transport monitor to destroy is done using the transport key, that contains the transport destination host:port. A reconnect attempt by pjsip will be triggered as soon something needs to send a packet using that transport. This can happen directly after a disconnect since ca Subsequent events can arrive later like PJSIP_TP_STATE_DESTROY and will also try to trigger the destruction of the transport monitor if not already done. Since the lookup for the transport monitor to destroy is done using the transport key, it can match newly created transports towards the same destination and destroy their monitor object. Because of this, it was sometimes not possible to monitor a transport after one or more disconnections. This fix adds an additional check on the transport pointer to ensure only a monitor for that specific transport is removed. Fixes: #923 (cherry picked from commit `03e08d5c33`)	5 months ago
Sean Bright	b012da6a9a	Revert "res_rtp_asterisk: Count a roll-over of the sequence number even on lost packets." This reverts commit `cb5e3445be`. The original change from 16 to 15 bit sequence numbers was predicated on the following from the now-defunct libSRTP FAQ on sourceforge.net: > Q6. The use of implicit synchronization via ROC seems > dangerous. Can senders and receivers lose ROC synchronization? > > A. It is possible to lose ROC synchronization between sender and > receiver(s), though it is not likely in practice, and practical > steps can be taken to avoid it. A burst loss of 2^16 packets or more > will always break synchronization. For example, a conversational > voice codec that sends 50 packets per second will have its ROC > increment about every 22 minutes. A network with a burst of packet > loss that long has problems other than ROC synchronization. > > There is a higher sensitivity to loss at the very outset of an SRTP > stream. If the sender's initial sequence number is close to the > maximum value of 2^16-1, and all packets are lost from the initial > packet until the sequence number cycles back to zero, the sender > will increment its ROC, but the receiver will not. The receiver > cannot determine that the initial packets were lost and that > sequence-number rollover has occurred. In this case, the receiver's > ROC would be zero whereas the sender's ROC would be one, while their > sequence numbers would be so close that the ROC-guessing algorithm > could not detect this fact. > > There is a simple solution to this problem: the SRTP sender should > randomly select an initial sequence number that is always less than > 2^15. This ensures correct SRTP operation so long as fewer than 2^15 > initial packets are lost in succession, which is within the maximum > tolerance of SRTP packet-index determination (see Appendix A and > page 14, first paragraph of RFC 3711). An SRTP receiver should > carefully implement the index-guessing algorithm. A naive > implementation can unintentionally guess the value of > 0xffffffffffffLL whenever the SEQ in the packet is greater than 2^15 > and the locally stored SEQ and ROC are zero. (This can happen when > the implementation fails to treat those zero values as a special > case.) > > When ROC synchronization is lost, the receiver will not be able to > properly process the packets. If anti-replay protection is turned > on, then the desynchronization will appear as a burst of replay > check failures. Otherwise, if authentication is being checked, then > it will appear as a burst of authentication failures. Otherwise, if > encryption is being used, the desynchronization may not be detected > by the SRTP layer, and the packets may be improperly decrypted. However, modern libSRTP (as of 1.0.1[1]) now mentions the following in their README.md[2]: > The sequence number in the rtp packet is used as the low 16 bits of > the sender's local packet index. Note that RTP will start its > sequence number in a random place, and the SRTP layer just jumps > forward to that number at its first invocation. An earlier version > of this library used initial sequence numbers that are less than > 32,768; this trick is no longer required as the > rdbx_estimate_index(...) function has been made smarter. So truncating our initial sequence number to 15 bit is no longer necessary. 1. `0eb007f0dc/CHANGES (L271-L289)` 2. `2de20dd9e9/README.md (implementation-notes)` (cherry picked from commit `e6ad08bb74`)	5 months ago
Sean Bright	06d8aac6fd	res_agi.c: Ensure SIGCHLD handler functions are properly balanced. Calls to `ast_replace_sigchld()` and `ast_unreplace_sigchld()` must be balanced to ensure that we can capture the exit status of child processes when we need to. This extends to functions that call `ast_replace_sigchld()` and `ast_unreplace_sigchld()` such as `ast_safe_fork()` and `ast_safe_fork_cleanup()`. The primary change here is ensuring that we do not call `ast_safe_fork_cleanup()` in `res_agi.c` if we have not previously called `ast_safe_fork()`. Additionally we reinforce some of the documentation and add an assertion to, ideally, catch this sooner were this to happen again. Fixes #922 (cherry picked from commit `750333ae03`)	5 months ago
Naveen Albert	2e3879a609	main, res, tests: Fix compilation errors on FreeBSD. asterisk.c, manager.c: Increase buffer sizes to avoid truncation warnings. config.c: Include header file for WIFEXITED/WEXITSTATUS macros. res_timing_kqueue: Use more portable format specifier. test_crypto: Use non-linux limits.h header file. Resolves: #916 (cherry picked from commit `c807f39267`)	5 months ago
George Joseph	1efa7b87b8	res_rtp_asterisk: Fix dtls timer issues causing FRACKs and SEGVs In dtls_srtp_handle_timeout(), when DTLSv1_get_timeout() returned success but with a timeout of 0, we were stopping the timer and decrementing the refcount on instance but not resetting the timeout_timer to -1. When dtls_srtp_stop_timeout_timer() was later called, it was atempting to stop a stale timer and could decrement the refcount on instance again which would then cause the instance destructor to run early. This would result in either a FRACK or a SEGV when ast_rtp_stop(0 was called. According to the OpenSSL docs, we shouldn't have been stopping the timer when DTLSv1_get_timeout() returned success and the new timeout was 0 anyway. We should have been calling DTLSv1_handle_timeout() again immediately so we now reschedule the timer callback for 1ms (almost immediately). Additionally, instead of scheduling the timer callback at a fixed interval returned by the initial call to DTLSv1_get_timeout() (usually 999 ms), we now reschedule the next callback based on the last call to DTLSv1_get_timeout(). Resolves: #487 (cherry picked from commit `8f82b8cfc1`)	5 months ago
jiangxc	d3e3657992	res_agi.c: Prevent possible double free during `SPEECH RECOGNIZE` When using the speech recognition module, crashes can occur sporadically due to a "double free or corruption (out)" error. Now, in the section where the audio stream is being captured in a loop, each time after releasing fr, it is set to NULL to prevent repeated deallocation. Fixes #772 (cherry picked from commit `5bd7403fed`)	5 months ago
George Joseph	aaae0510fd	stir_shaken: Fix propagation of attest_level and a few other values attest_level, send_mky and check_tn_cert_public_url weren't propagating correctly from the attestation object to the profile and tn. * In the case of attest_level, the enum needed to be changed so the "0" value (the default) was "NOT_SET" instead of "A". This now allows the merging of the attestation object, profile and tn to detect when a value isn't set and use the higher level value. * For send_mky and check_tn_cert_public_url, the tn default was forced to "NO" which always overrode the profile and attestation objects. Their defaults are now "NOT_SET" so the propagation happens correctly. * Just to remove some redundant code in tn_config.c, a bunch of calls to generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were replaced with a single call to generate_acfg_common_sorcery_handlers(). Resolves: #904	7 months ago
George Joseph	e95a3d4511	res_stir_shaken: Remove stale include for jansson.h in verification.c verification.c had an include for jansson.h left over from previous versions of the module. Since res_stir_shaken no longer has a dependency on jansson, the bundled version wasn't added to GCC's include path so if you didn't also have a jansson development package installed, the compile would fail. Removing the stale include was the only thing needed. Resolves: #889	7 months ago
George Joseph	2746cb9ff0	res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid * If the call to ast_config_load() returns CONFIG_STATUS_FILEINVALID, check_for_old_config() now returns LOAD_DECLINE instead of continuing on with a bad pointer. * If CONFIG_STATUS_FILEMISSING is returned, check_for_old_config() assumes the config is being loaded from realtime and now returns LOAD_SUCCESS. If it's actually not being loaded from realtime, sorcery will catch that later on. * Also refactored the error handling in load_module() a bit. Resolves: #884	7 months ago
George Joseph	983c9a5e99	res_stir_shaken: Check for disabled before param validation For both attestation and verification, we now check whether they've been disabled either globally or by the profile before validating things like callerid, orig_tn, dest_tn, etc. This prevents useless error messages. Resolves: #879 (cherry picked from commit `7c485ad9dc`)	8 months ago
Mike Bradeen	fe46b20fbc	res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch When Asterisk sends an offer to Bob that includes 48K and 8K codecs with matching 4733 offers, Bob may want to use the 48K audio codec but can not accept 48K digits and so negotiates for a mixed set. Asterisk will now check Bob's offer to make sure Bob has indicated this is acceptible and if not, will use Bob's preference. Fixes: #847 (cherry picked from commit `a8567b92f0`)	8 months ago
George Joseph	d7d63c830e	security_agreements.c: Refactor the to_str functions and fix a few other bugs * A static array of security mechanism type names was created. * ast_sip_str_to_security_mechanism_type() was refactored to do a lookup in the new array instead of using fixed "if/else if" statments. * security_mechanism_to_str() and ast_sip_security_mechanisms_to_str() were refactored to use ast_str instead of a fixed length buffer to store the result. * ast_sip_security_mechanism_type_to_str was removed in favor of just referencing the new type name array. Despite starting with "ast_sip_", it was a static function so removing it doesn't affect ABI. * Speaking of "ast_sip_", several other static functions that started with "ast_sip_" were renamed to avoid confusion about their public availability. * A few VECTOR free loops were replaced with AST_VECTOR_RESET(). * Fixed a meomry leak in pjsip_configuration.c endpoint_destructor caused by not calling ast_sip_security_mechanisms_vector_destroy(). * Fixed a memory leak in res_pjsip_outbound_registration.c add_security_headers() caused by not specifying OBJ_NODATA in an ao2_callback. * Fixed a few ao2_callback return code misuses. Resolves: #845 (cherry picked from commit `1872abe672`)	8 months ago
Alexei Gradinari	c2ba4295b5	res_pjsip_sdp_rtp fix leaking astobj2 ast_format PR #700 added a preferred_format for the struct ast_rtp_codecs, but when set the preferred_format it leaks an astobj2 ast_format. In the next code ast_rtp_codecs_set_preferred_format(&codecs, ast_format_cap_get_format(joint, 0)); both functions ast_rtp_codecs_set_preferred_format and ast_format_cap_get_format increases the ao2 reference count. Fixes: #856 (cherry picked from commit `3e2bb5a01a`)	8 months ago
Sean Bright	aad3518c7f	res_pjsip_logger.c: Fix 'OPTIONS' tab completion. Fixes #843 (cherry picked from commit `6cb92cd4cf`)	8 months ago
Mike Bradeen	bc1170d80d	res_pjsip_notify: add dialplan application Add dialplan application PJSIPNOTIFY to send either pre-configured NOTIFY messages from pjsip_notify.conf or with headers defined in dialplan. Also adds the ability to send pre-configured NOTIFY commands to a channel via the CLI. Resolves: #799 UserNote: A new dialplan application PJSIPNotify is now available which can send SIP NOTIFY requests from the dialplan. The pjsip send notify CLI command has also been enhanced to allow sending NOTIFY messages to a specific channel. Syntax: pjsip send notify <option> channel <channel> (cherry picked from commit `f763810447`)	8 months ago
Ben Ford	df01693e01	channel: Add multi-tenant identifier. This patch introduces a new identifier for channels: tenantid. It's a stringfield on the channel that can be used for general purposes. It will be inherited by other channels the same way that linkedid is. You can set tenantid in a few ways. The first is to set it in the dialplan with the Set and CHANNEL functions: exten => example,1,Set(CHANNEL(tenantid)=My tenant ID) It can also be accessed via CHANNEL: exten => example,2,NoOp(CHANNEL(tenantid)) Another method is to use the new tenantid option for pjsip endpoints in pjsip.conf: [my_endpoint] type=endpoint tenantid=My tenant ID This is considered the best approach since you will be able to see the tenant ID as early as the Newchannel event. It can also be set using set_var in pjsip.conf on the endpoint like setting other channel variable: set_var=CHANNEL(tenantid)=My tenant ID Note that set_var will not show tenant ID on the Newchannel event, however. Tenant ID has also been added to CDR. It's read-only and can be accessed via CDR(tenantid). You can also get the tenant ID of the last channel communicated with via CDR(peertenantid). Tenant ID will also show up in CEL records if it has been set, and the version number has been bumped accordingly. Fixes: #740 UserNote: tenantid has been added to channels. It can be read in dialplan via CHANNEL(tenantid), and it can be set using Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to use the new tenantid option for pjsip endpoints (e.g., tenantid=My tenant ID) so that it will show up in Newchannel events. You can set it like any other channel variable using set_var in pjsip.conf as well, but note that this will NOT show up in Newchannel events. Tenant ID is also available in CDR and can be accessed with CDR(tenantid). The peer tenant ID can also be accessed with CDR(peertenantid). CEL includes tenant ID as well if it has been set. UpgradeNote: A new versioned struct (ast_channel_initializers) has been added that gets passed to __ast_channel_alloc_ap. The new function ast_channel_alloc_with_initializers should be used when creating channels that require the use of this struct. Currently the only value in the struct is for tenantid, but now more fields can be added to the struct as necessary rather than the __ast_channel_alloc_ap function. A new option (tenantid) has been added to endpoints in pjsip.conf as well. CEL has had its version bumped to include tenant ID. (cherry picked from commit `7990f6b589`)	8 months ago
Mike Bradeen	7a2459e13f	res_stasis: fix intermittent delays on adding channel to bridge Previously, on command execution, the control thread was awoken by sending a SIGURG. It was found that this still resulted in some instances where the thread was not immediately awoken. This change instead sends a null frame to awaken the control thread, which awakens the thread more consistently. Resolves: #801 (cherry picked from commit `11effc785a`)	8 months ago
Tinet-mucw	047913265b	res_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto When the endpoint dtmf_mode is set to auto, a SIP request is sent to the UAC, and the SIP SDP from the UAC does not include the telephone-event. Later, the UAC sends an INVITE, and the SIP SDP includes the telephone-event. In this case, DTMF should be sent by RFC2833 rather than using inband signaling. Resolves: asterisk#826 (cherry picked from commit `7f8391e9ff`)	8 months ago
George Joseph	4539664c52	stir_shaken: CRL fixes and a new CLI command * Fixed a bug in crypto_show_cli_store that was causing asterisk to crash if there were certificate revocation lists in the verification certificate store. We're also now prefixing certificates with "Cert:" and CRLs with "CRL:" to distinguish them in the list. * Added 'untrusted_cert_file' and 'untrusted_cert_path' options to both verification and profile objects. If you have CRLs that are signed by a different CA than the incoming X5U certificate (indirect CRL), you'll need to provide the certificate of the CRL signer here. Thse will show up as 'Untrusted" when showing the verification or profile objects. * Fixed loading of crl_path. The OpenSSL API we were using to load CRLs won't actually load them from a directory, only a file. We now scan the directory ourselves and load the files one-by-one. * Fixed the verification flags being set on the certificate store. - Removed the CRL_CHECK_ALL flag as this was causing all certificates to be checked for CRL extensions and failing to verify the cert if there was none. This basically caused all certs to fail when a CRL was provided via crl_file or crl_path. - Added the EXTENDED_CRL_SUPPORT flag as it is required to handle indirect CRLs. * Added a new CLI command... `stir_shaken verify certificate_file <certificate_file> [ <profile> ]` which will assist troubleshooting certificate problems by allowing the user to manually verify a certificate file against either the global verification certificate store or the store for a specific profile. * Updated the XML documentation and the sample config file. Resolves: #809 (cherry picked from commit `d7343d2ba7`)	8 months ago
George Joseph	43ca5c0bf9	res_pjsip_config_wizard.c: Refactor load process The way we have been initializing the config wizard prevented it from registering its objects if res_pjsip happened to load before it. * We now use the object_type_registered sorcery observer to kick things off instead of the wizard_mapped observer. * The load_module function now checks if res_pjsip has been loaded already and if it was it fires the proper observers so the objects load correctly. Resolves: #816 UserNote: The res_pjsip_config_wizard.so module can now be reloaded. (cherry picked from commit `7b99462959`)	8 months ago
George Joseph	a15050650a	res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback The ub_result pointer passed to unbound_resolver_callback by libunbound can be NULL if the query was for something malformed like `.1` or `[.1]`. If it is, we now set a 'ns_r_formerr' result and return instead of crashing with a SEGV. This causes pjproject to simply cancel the transaction with a "No answer record in the DNS response" error. The existing "off nominal" unit test was also updated to check this condition. Although not necessary for this fix, we also made ast_dns_resolver_completed() tolerant of a NULL result. Resolves: GHSA-v428-g3cw-7hv9	8 months ago
Igor Goncharovsky	19bbcf0bbf	res_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS() When using the PJSIP_DIAL_CONTACTS() function for use in the Dial() command, the contacts are returned in text form, so the input to the path_outgoing_request() function is a contact value of NULL. The issue was reported in ASTERISK-28211, but was not actually fixed in ASTERISK-30100. This fix brings back the code that was previously removed and adds code to search for a contact to extract the path value from it. (cherry picked from commit `606df57b64`)	10 months ago
Mike Bradeen	e86bd1d97d	res_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits After change made in `624f509` to add support for non 8K RFC 4733/2833 digits, Asterisk would only accept RFC 4733/2833 offers that matched the sample rate of the negotiated codec(s). This change allows Asterisk to accept 8K RFC 4733/2833 offers if the UAC offfers 8K RFC 4733/2833 but negotiates for a non 8K bitrate codec. A number of corresponding tests in tests/channels/pjsip/dtmf_sdp also needed to be re-written to allow for these scenarios. Fixes: #776 (cherry picked from commit `d59f1a0c44`)	10 months ago
George Joseph	831219d74d	security_agreement.c: Always add the Require and Proxy-Require headers The `Require: mediasec` and `Proxy-Require: mediasec` headers need to be sent whenever we send `Security-Client` or `Security-Verify` headers but the logic to do that was only in add_security_headers() in res_pjsip_outbound_register. So while we were sending them on REGISTER requests, we weren't sending them on INVITE requests. This commit moves the logic to send the two headers out of res_pjsip_outbound_register:add_security_headers() and into security_agreement:ast_sip_add_security_headers(). This way they're always sent when we send `Security-Client` or `Security-Verify`. Resolves: #789 (cherry picked from commit `a45e5ebf8d`)	10 months ago
Sean Bright	5f8f4a6852	xml.c: Update deprecated libxml2 API usage. Two functions are deprecated as of libxml2 2.12: * xmlSubstituteEntitiesDefault * xmlParseMemory So we update those with supported API. Additionally, `res_calendar_caldav` has been updated to use libxml2's xmlreader API instead of the SAX2 API which has always felt a little hacky (see deleted comment block in `res_calendar_caldav.c`). The xmlreader API has been around since libxml2 2.5.0 which was released in 2003. Fixes #725 (cherry picked from commit `21e3f84e56`)	10 months ago
Mike Bradeen	728dbdccd1	rtp_engine: add support for multirate RFC2833 digits Add RFC2833 DTMF support for 16K, 24K, and 32K bitrate codecs. Asterisk currently treats RFC2833 Digits as a single rtp payload type with a fixed bitrate of 8K. This change would expand that to 8, 16, 24 and 32K. This requires checking the offered rtp types for any of these bitrates and then adding an offer for each (if configured for RFC2833.) DTMF generation must also be changed in order to look at the current outbound codec in order to generate appropriately timed rtp. For cases where no outgoing audio has yet been sent prior to digit generation, Asterisk now has a concept of a 'preferred' codec based on offer order. On inbound calls Asterisk will mimic the payload types of the RFC2833 digits. On outbound calls Asterisk will choose the next free payload types starting with 101. UserNote: No change in configuration is required in order to enable this feature. Endpoints configured to use RFC2833 will automatically have this enabled. If the endpoint does not support this, it should not include it in the SDP offer/response. Resolves: #699 (cherry picked from commit `182ea91fc5`)	10 months ago
George Joseph	741183d7ac	Revert "res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address." This reverts PR #602 Resolves: #GHSA-qqxj-v78h-hrf9	11 months ago
Fabrice Fontaine	59aac533c8	res/stasis/control.c: include signal.h Include signal.h to avoid the following build failure with uclibc-ng raised since `2694792e13`: stasis/control.c: In function 'exec_command_on_condition': stasis/control.c:313:3: warning: implicit declaration of function 'pthread_kill'; did you mean 'pthread_yield'? [-Wimplicit-function-declaration] 313 \| pthread_kill(control->control_thread, SIGURG); \| ^~~~~~~~~~~~ \| pthread_yield stasis/control.c:313:41: error: 'SIGURG' undeclared (first use in this function) 313 \| pthread_kill(control->control_thread, SIGURG); \| ^~~~~~ cherry-pick-to: 18 cherry-pick-to: 20 cherry-pick-to: 21 Fixes: #729 (cherry picked from commit `d452db3853`)	12 months ago
Naveen Albert	d46261b5e4	res_pjsip_logger: Preserve logging state on reloads. Currently, reloading res_pjsip will cause logging to be disabled. This is because logging can also be controlled via the debug option in pjsip.conf and this defaults to "no". To improve this, logging is no longer disabled on reloads if logging had not been previously enabled using the debug option from the config. This ensures that logging enabled from the CLI will persist through a reload. ASTERISK-29912 #close Resolves: #246 UserNote: Issuing "pjsip reload" will no longer disable logging if it was previously enabled from the CLI. (cherry picked from commit `001176c239`)	12 months ago
Henrik Liljedahl	e27f88ed03	res_pjsip_sdp_rtp.c: Initial RTP inactivity check must consider the rtp_timeout setting. First rtp activity check was performed after 500ms regardless of the rtp_timeout setting. Having a call in ringing state for more than rtp_timeout and the first rtp package is received more than 500ms after sdp negotiation and before the rtp_timeout, erronously caused the call to be hungup. Changed to perform the first rtp inactivity check after the timeout setting preventing calls to be disconnected before the rtp_timeout has elapsed since sdp negotiation. Fixes #710 (cherry picked from commit `9cf8678112`)	12 months ago
George Joseph	824b4ce855	stir_shaken: Fix memory leak, typo in config, tn canonicalization * Fixed possible memory leak in tn_config:tn_get_etn() where we weren't releasing etn if tn or eprofile were null. * We now canonicalize TNs before using them for lookups or adding them to Identity headers. * Fixed a typo in stir_shaken.conf.sample. Resolves: #716 (cherry picked from commit `9c1b98e577`)	12 months ago
Sperl Viktor	68a4912825	res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address. Add a new identify_by option to res_pjsip_endpoint_identifier_ip called 'transport' this matches endpoints based on the bound ip address (local) instead of the 'ip' option, which matches on the source ip address (remote). UserNote: set identify_by=transport for the pjsip endpoint. Then use the existing 'match' option and the new 'transport' option of the identify. Fixes: #672 (cherry picked from commit `7c3e2cfda9`)	12 months ago
George Joseph	6389c743a9	res_stir_shaken: Fix compilation for CentOS7 (openssl 1.0.2) * OpenSSL 1.0.2 doesn't support X509_get0_pubkey so we now use X509_get_pubkey. The difference is that X509_get_pubkey requires the caller to free the EVP_PKEY themselves so we now let RAII_VAR do that. * OpenSSL 1.0.2 doesn't support upreffing an X509_STORE so we now wrap it in an ao2 object. * OpenSSL 1.0.2 doesn't support X509_STORE_get0_objects to get all the certs from an X509_STORE and there's no easy way to polyfill it so the CLI commands that list profiles will show a "not supported" message instead of listing the certs in a store. Resolves: #676 (cherry picked from commit `af6002564b`)	12 months ago
George Joseph	b5865aef32	Fix incorrect application and function documentation references There were a few references in the embedded documentation XML where the case didn't match or where the referenced app or function simply didn't exist any more. These were causing 404 responses in docs.asterisk.org. (cherry picked from commit `3fb9d89586`)	12 months ago
Sperl Viktor	bd3c3bf821	res_pjsip_endpoint_identifier_ip: Endpoint identifier request URI Add ability to match against PJSIP request URI. UserNote: this new feature let users match endpoints based on the indound SIP requests' URI. To do so, add 'request_uri' to the endpoint's 'identify_by' option. The 'match_request_uri' option of the identify can be an exact match for the entire request uri, or a regular expression (between slashes). It's quite similar to the header identifer. Fixes: #599 (cherry picked from commit `136bd5c892`)	12 months ago
Joshua Elson	855ed6c168	Implement Configurable TCP Keepalive Settings in PJSIP Transports This commit introduces configurable TCP keepalive settings for both TCP and TLS transports. The changes allow for finer control over TCP connection keepalives, enhancing stability and reliability in environments prone to connection timeouts or where intermediate devices may prematurely close idle connections. This has proven necessary and has already been tested in production in several specialized environments where access to the underlying transport is unreliable in ways invisible to the operating system directly, so these keepalive and timeout mechanisms are necessary. Fixes #657 (cherry picked from commit `3d40d34271`)	12 months ago
Martin Tomec	378ce2d87f	res_pjsip_refer.c: Allow GET_TRANSFERRER_DATA There was functionality in chan_sip to get REFER headers, with GET_TRANSFERRER_DATA variable. This commit implements the same functionality in pjsip, to ease transfer from chan_sip to pjsip. Fixes: #579 UserNote: the GET_TRANSFERRER_DATA dialplan variable can now be used also in pjsip. (cherry picked from commit `f3de77f91f`)	12 months ago
Martin Nystroem	2c5a1b44f6	res_ari.c: Add additional output to ARI requests when debug is enabled When ARI debug is enabled the logs will now output http method and the uri. Fixes: #666 (cherry picked from commit `15f68a836e`)	12 months ago
Holger Hans Peter Freyther	081240cf9a	res_prometheus: Fix duplicate output of metric and help text The prometheus exposition format requires each line to be unique[1]. This is handled by struct prometheus_metric having a list of children that is managed when registering a metric. In case the scrape callback is used, it is the responsibility of the implementation to handle this correctly. Originally the bridge callback didn't handle NULL snapshots, the crash fix lead to NULL metrics, and fixing that lead to duplicates. The original code assumed that snapshots are not NULL and then relied on "if (i > 0)" to establish the parent/children relationship between metrics of the same class. This is not workerable as the first bridge might be invisible/lacks a snapshot. Fix this by keeping a separate array of the first metric by class. Instead of relying on the index of the bridge, check whether the array has an entry. Use that array for the output. Add a test case that verifies that the help text is not duplicated. Resolves: #642 [1] https://prometheus.io/docs/instrumenting/exposition_formats/#grouping-and-sorting (cherry picked from commit `d11eba69a6`)	12 months ago
Naveen Albert	2bd3d00412	res_parking: Fail gracefully if parking lot is full. Currently, if a parking lot is full, bridge setup returns -1, causing dialplan execution to terminate without TryExec. However, such failures should be handled more gracefully, the same way they are on other paths, as indicated by the module's author, here: http://lists.digium.com/pipermail/asterisk-dev/2018-December/077144.html Now, callers will hear the parking failure announcement, and dialplan will continue, which is consistent with existing failure modes. Resolves: #624 (cherry picked from commit `b05865d8e9`)	12 months ago

1 2 3 4 5 ...

5516 Commits (09ebbb85c679cb45bad5c96d9425ad6b12c68ab5)