asterisk

Commit Graph

Author	SHA1	Message	Date
George Joseph	3488093159	alembic: Database updates required. This commit doesn't actually change anything. It just adds the following upgrade notes that were omitted from the original commits. Resolves: #1097 UpgradeNote: Two commits in this release... 'Add SHA-256 and SHA-512-256 as authentication digest algorithms' 'res_pjsip: Add new AOR option "qualify_2xx_only"' ...have modified alembic scripts for the following database tables: ps_aors, ps_contacts, ps_auths, ps_globals. If you don't use the scripts to update your database, reads from those tables will succeeed but inserts into the ps_contacts table by res_pjsip_registrar will fail.	4 months ago
Asterisk Development Team	07fc3cd7b1	Update for 20.12.0-rc1	4 months ago
Naveen Albert	efeec28b37	ast_tls_cert: Add option to skip passphrase for CA private key. Currently, the ast_tls_cert file is hardcoded to use the -des3 option for 3DES encryption, and the script needs to be manually modified to not require a passphrase. Add an option (-e) that disables encryption of the CA private key so no passphrase is required. Resolves: #1064 (cherry picked from commit `0bfbabee41`)	4 months ago
George Joseph	10664757d2	Add SHA-256 and SHA-512-256 as authentication digest algorithms * Refactored pjproject code to support the new algorithms and added a patch file to third-party/pjproject/patches * Added new parameters to the pjsip auth object: * password_digest = <algorithm>:<digest> * supported_algorithms_uac = List of algorithms to support when acting as a UAC. * supported_algorithms_uas = List of algorithms to support when acting as a UAS. See the auth object in pjsip.conf.sample for detailed info. * Updated both res_pjsip_authenticator_digest.c (for UAS) and res_pjsip_outbound_authentocator_digest.c (UAC) to suport the new algorithms. The new algorithms are only available with the bundled version of pjproject, or an external version > 2.14.1. OpenSSL version 1.1.1 or greater is required to support SHA-512-256. Resolves: #948 UserNote: The SHA-256 and SHA-512-256 algorithms are now available for authentication as both a UAS and a UAC. (cherry picked from commit `a0987672f0`)	4 months ago
Abdelkader Boudih	a9608c3c6e	normalize contrib/ast-db-manage/queue_log.ini.sample (cherry picked from commit `dd592b195b`)	4 months ago
George Joseph	a81c7c7030	Add C++ Standard detection to configure and fix a new C++20 compile issue * The autoconf-archive package contains macros useful for detecting C++ standard and testing other C++ capabilities but that package was never included in the install_prereq script so many existing build environments won't have it. Even if it is installed, older versions won't newer C++ standards and will actually cause an error if you try to test for that version. To make it available for those environments, the ax_cxx_compile_stdcxx.m4 macro has copied from the latest release of autoconf-archive into the autoconf directory. * A convenience wrapper(ast_cxx_check_std) around ax_cxx_compile_stdcxx was also added so checking the standard version and setting the asterisk-specific PBX_ variables becomes a one-liner: `AST_CXX_CHECK_STD([std], [force_latest_std])`. Calling that with a version of `17` for instance, will set PBX_CXX17 to 0 or 1 depending on whether the current c++ compiler supports stdc++17. HAVE_CXX17 will also be 'defined" or not depending on the result. * C++ compilers hardly ever default to the latest standard they support. g++ version 14 for instance supports up to C++23 but only uses C++17 by default. If you want to use C++23, you have to add `-std=gnu++=23` to the g++ command line. If you set the second argument of AST_CXX_CHECK_STD to "yes", the macro will automatically keep the highest `-std=gnu++` value that worked and pass that to the Makefiles. * The autoconf-archive package was added to install_prereq for future use. * Updated configure.ac to use AST_CXX_CHECK_STD() to check for C++ versions 11, 14, 17, 20 and 23. * Updated configure.ac to accept the `--enable-latest-cxx-std` option which will set the second option to AST_CXX_CHECK_STD() to "yes". The default is "no". * ast_copy_string() in strings.h declares the 'sz' variable as volatile and does an `sz--` on it later. C++20 no longer allows the `++` and `--` increment and decrement operators to be used on variables declared as volatile however so that was changed to `sz -= 1`. (cherry picked from commit `c193752ca4`)	4 months ago
Kent	ef66694b7b	res_pjsip: Add new AOR option "qualify_2xx_only" Added a new option "qualify_2xx_only" to the res_pjsip AOR qualify feature to mark a contact as available only if an OPTIONS request returns a 2XX response. If the option is not specified or is false, any response to the OPTIONS request marks the contact as available. UserNote: The pjsip.conf AOR section now has a "qualify_2xx_only" option that can be set so that only 2XX responses to OPTIONS requests used to qualify a contact will mark the contact as available. (cherry picked from commit `0b30f546ba`)	4 months ago
Asterisk Development Team	4594ecc9c7	Update for 20.11.0	7 months ago
George Joseph	7bfdbd67ab	res_pjsip: Change suppress_moh_on_sendonly to OPT_BOOL_T The suppress_moh_on_sendonly endpoint option should have been defined as OPT_BOOL_T in pjsip_configuration.c and AST_BOOL_VALUES in the alembic script instead of OPT_YESNO_T and YESNO_VALUES. Also updated contrib/ast-db-manage/README.md to indicate that AST_BOOL_VALUES should always be used and provided an example. Resolves: #995	7 months ago
Asterisk Development Team	e688b81580	Update for 20.11.0-rc1	7 months ago
George Joseph	f5dbb87a48	res_pjsip: Add new endpoint option "suppress_moh_on_sendonly" Normally, when one party in a call sends Asterisk an SDP with a "sendonly" or "inactive" attribute it means "hold" and causes Asterisk to start playing MOH back to the other party. This can be problematic if it happens at certain times, such as in a 183 Progress message, because the MOH will replace any early media you may be playing to the calling party. If you set this option to "yes" on an endpoint and the endpoint receives an SDP with "sendonly" or "inactive", Asterisk will NOT play MOH back to the other party. Resolves: #979 UserNote: The new "suppress_moh_on_sendonly" endpoint option can be used to prevent playing MOH back to a caller if the remote end sends "sendonly" or "inactive" (hold) to Asterisk in an SDP. (cherry picked from commit `98510d4c75`)	7 months ago
Sean Bright	1a37f8be28	alembic: Drop redundant voicemail_messages index. The `voicemail_messages_dir` index is a left prefix of the table's primary key and therefore unnecessary. (cherry picked from commit `d9c14cba49`)	7 months ago
Sean Bright	e866cba92b	res_pjsip_pubsub: Persist subscription 'generator_data' in sorcery Fixes #895 (cherry picked from commit `147de579a5`)	7 months ago
Asterisk Development Team	040aedfc0f	Update for 20.10.0-rc1	9 months ago
Sean Bright	638f884c19	alembic: Make 'revises' header comment match reality. (cherry picked from commit `65fee5f825`)	9 months ago
Ben Ford	df01693e01	channel: Add multi-tenant identifier. This patch introduces a new identifier for channels: tenantid. It's a stringfield on the channel that can be used for general purposes. It will be inherited by other channels the same way that linkedid is. You can set tenantid in a few ways. The first is to set it in the dialplan with the Set and CHANNEL functions: exten => example,1,Set(CHANNEL(tenantid)=My tenant ID) It can also be accessed via CHANNEL: exten => example,2,NoOp(CHANNEL(tenantid)) Another method is to use the new tenantid option for pjsip endpoints in pjsip.conf: [my_endpoint] type=endpoint tenantid=My tenant ID This is considered the best approach since you will be able to see the tenant ID as early as the Newchannel event. It can also be set using set_var in pjsip.conf on the endpoint like setting other channel variable: set_var=CHANNEL(tenantid)=My tenant ID Note that set_var will not show tenant ID on the Newchannel event, however. Tenant ID has also been added to CDR. It's read-only and can be accessed via CDR(tenantid). You can also get the tenant ID of the last channel communicated with via CDR(peertenantid). Tenant ID will also show up in CEL records if it has been set, and the version number has been bumped accordingly. Fixes: #740 UserNote: tenantid has been added to channels. It can be read in dialplan via CHANNEL(tenantid), and it can be set using Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to use the new tenantid option for pjsip endpoints (e.g., tenantid=My tenant ID) so that it will show up in Newchannel events. You can set it like any other channel variable using set_var in pjsip.conf as well, but note that this will NOT show up in Newchannel events. Tenant ID is also available in CDR and can be accessed with CDR(tenantid). The peer tenant ID can also be accessed with CDR(peertenantid). CEL includes tenant ID as well if it has been set. UpgradeNote: A new versioned struct (ast_channel_initializers) has been added that gets passed to __ast_channel_alloc_ap. The new function ast_channel_alloc_with_initializers should be used when creating channels that require the use of this struct. Currently the only value in the struct is for tenantid, but now more fields can be added to the struct as necessary rather than the __ast_channel_alloc_ap function. A new option (tenantid) has been added to endpoints in pjsip.conf as well. CEL has had its version bumped to include tenant ID. (cherry picked from commit `7990f6b589`)	9 months ago
Asterisk Development Team	ae55f7f942	Update for 20.9.0-rc1	11 months ago
George Joseph	fed053e83d	ast-db-manage: Remove duplicate enum creation Remove duplicate creation of ast_bool_values from 2b7c507d7d12_add_queue_log_option_log_restricted_.py. This was causing alembic upgrades to fail since the enum was already created in fe6592859b85_fix_mwi_subscribe_replaces_.py back in 2018. Resolves: #797 (cherry picked from commit `59d75aea15`)	11 months ago
Alexei Gradinari	c3f78b36a0	app_queue: Add option to not log Restricted Caller ID to queue_log Add a queue option log-restricted-caller-id to strip the Caller ID when storing the ENTERQUEUE event in the queue log if the Caller ID is restricted. Resolves: #765 UpgradeNote: Add a new column to the queues table: queue_log_option_log_restricted ENUM('0','1','off','on','false','true','no','yes') to control whether the Restricted Caller ID will be stored in the queue log. UserNote: Add a Queue option log-restricted-caller-id to control whether the Restricted Caller ID will be stored in the queue log. If log-restricted-caller-id=no then the Caller ID will be stripped if the Caller ID is restricted. (cherry picked from commit `41d4db99cf`)	11 months ago
Asterisk Development Team	14367caaf7	Update for 20.8.1	1 year ago
George Joseph	741183d7ac	Revert "res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address." This reverts PR #602 Resolves: #GHSA-qqxj-v78h-hrf9	1 year ago
Asterisk Development Team	3e1b1560a9	Update for 20.8.0-rc1	1 year ago
Sean Bright	24ad313536	alembic: Correct NULLability of PJSIP id columns. Fixes #695 (cherry picked from commit `07debc3b91`)	1 year ago
Sperl Viktor	68a4912825	res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address. Add a new identify_by option to res_pjsip_endpoint_identifier_ip called 'transport' this matches endpoints based on the bound ip address (local) instead of the 'ip' option, which matches on the source ip address (remote). UserNote: set identify_by=transport for the pjsip endpoint. Then use the existing 'match' option and the new 'transport' option of the identify. Fixes: #672 (cherry picked from commit `7c3e2cfda9`)	1 year ago
Sperl Viktor	bd3c3bf821	res_pjsip_endpoint_identifier_ip: Endpoint identifier request URI Add ability to match against PJSIP request URI. UserNote: this new feature let users match endpoints based on the indound SIP requests' URI. To do so, add 'request_uri' to the endpoint's 'identify_by' option. The 'match_request_uri' option of the identify can be an exact match for the entire request uri, or a regular expression (between slashes). It's quite similar to the header identifer. Fixes: #599 (cherry picked from commit `136bd5c892`)	1 year ago
Joshua Elson	855ed6c168	Implement Configurable TCP Keepalive Settings in PJSIP Transports This commit introduces configurable TCP keepalive settings for both TCP and TLS transports. The changes allow for finer control over TCP connection keepalives, enhancing stability and reliability in environments prone to connection timeouts or where intermediate devices may prematurely close idle connections. This has proven necessary and has already been tested in production in several specialized environments where access to the underlying transport is unreliable in ways invisible to the operating system directly, so these keepalive and timeout mechanisms are necessary. Fixes #657 (cherry picked from commit `3d40d34271`)	1 year ago
Sean Bright	396cc55965	alembic: Fix compatibility with SQLAlchemy 2.0+. SQLAlchemy 2.0 changed the way that commits/rollbacks are handled causing the final `UPDATE` to our `alembic_version_<whatever>` tables to be rolled back instead of committed. We now use one connection to determine which `alembic_version_<whatever>` table to use and another to run the actual migrations. This prevents the erroneous rollback. This change is compatible with both SQLAlchemy 1.4 and 2.0. (cherry picked from commit `8715a700e2`)	1 year ago
Sean Bright	1acd188e7d	res_pjsip: Fix alembic downgrade for boolean columns. When downgrading, ensure that we don't touch columns that didn't actually change during upgrade. (cherry picked from commit `4ecbac98d8`)	1 year ago
Sean Bright	f6fa72390f	alembic: Quote new MySQL keyword 'qualify.' Fixes #651 (cherry picked from commit `1965574944`)	1 year ago
Asterisk Development Team	959babc472	Update for 20.7.0-rc1	1 year ago
Sean Bright	f8da5a2ba3	res_pjsip: Use consistent type for boolean columns. This migrates the relevant schema objects from the `('yes', 'no')` definition to the `('0', '1', 'off', 'on', 'false', 'true', 'yes', 'no')` one. Fixes #617 (cherry picked from commit `93e40968c3`)	1 year ago
George Joseph	fd27df9479	Stir/Shaken Refactor Why do we need a refactor? The original stir/shaken implementation was started over 3 years ago when little was understood about practical implementation. The result was an implementation that wouldn't actually interoperate with any other stir-shaken implementations. There were also a number of stir-shaken features and RFC requirements that were never implemented such as TNAuthList certificate validation, sending Reason headers in SIP responses when verification failed but we wished to continue the call, and the ability to send Media Key(mky) grants in the Identity header when the call involved DTLS. Finally, there were some performance concerns around outgoing calls and selection of the correct certificate and private key. The configuration was keyed by an arbitrary name which meant that for every outgoing call, we had to scan the entire list of configured TNs to find the correct cert to use. With only a few TNs configured, this wasn't an issue but if you have a thousand, it could be. What's changed? * Configuration objects have been refactored to be clearer about their uses and to fix issues. * The "general" object was renamed to "verification" since it contains parameters specific to the incoming verification process. It also never handled ca_path and crl_path correctly. * A new "attestation" object was added that controls the outgoing attestation process. It sets default certificates, keys, etc. * The "certificate" object was renamed to "tn" and had it's key change to telephone number since outgoing call attestation needs to look up certificates by telephone number. * The "profile" object had more parameters added to it that can override default parameters specified in the "attestation" and "verification" objects. * The "store" object was removed altogther as it was never implemented. * We now use libjwt to create outgoing Identity headers and to parse and validate signatures on incoming Identiy headers. Our previous custom implementation was much of the source of the interoperability issues. * General code cleanup and refactor. * Moved things to better places. * Separated some of the complex functions to smaller ones. * Using context objects rather than passing tons of parameters in function calls. * Removed some complexity and unneeded encapsuation from the config objects. Resolves: #351 Resolves: #46 UserNote: Asterisk's stir-shaken feature has been refactored to correct interoperability, RFC compliance, and performance issues. See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more information. UpgradeNote: The stir-shaken refactor is a breaking change but since it's not working now we don't think it matters. The stir_shaken.conf file has changed significantly which means that existing ones WILL need to be changed. The stir_shaken.conf.sample file in configs/samples/ has quite a bit more information. This is also an ABI breaking change since some of the existing objects needed to be changed or removed, and new ones added. Additionally, if res_stir_shaken is enabled in menuselect, you'll need to either have the development package for libjwt v1.15.3 installed or use the --with-libjwt-bundled option with ./configure. (cherry picked from commit `e6c7f1aee0`)	1 year ago
Sean Bright	507c28f268	alembic: Synchronize alembic heads between supported branches. This adds a dummy migration to 18 and 20 so that our alembic heads are synchronized across all supported branches. In this case the migration we are stubbing (24c12d8e9014) is: `775352ee6c` (cherry picked from commit `d122225279`)	1 year ago
Mike Bradeen	9652a215e8	app_voicemail: add NoOp alembic script to maintain sync Adding a NoOp alembic script for the voicemail database to maintain version sync with other branches. Fixes: #527 (cherry picked from commit `f5d622413a`)	1 year ago
Asterisk Development Team	3ba0470953	Update for 20.6.0-rc1	1 year ago
George Joseph	9ae72b0a23	ast_coredumper: Increase reliability Instead of searching for the asterisk binary and the modules in the filesystem, we now get their locations, along with libdir, from the coredump itself... For the binary, we can use `gdb -c <coredump> ... "info proc exe"`. gdb can print this even without having the executable and symbols. Once we have the binary, we can get the location of the modules with `gdb ... "print ast_config_AST_MODULE_DIR` If there was no result then either it's not an asterisk coredump or there were no symbols loaded. Either way, it's not usable. For libdir, we now run "strings" on the note0 section of the coredump (which has the shared library -> memory address xref) and search for "libasteriskssl\|libasteriskpj", then take the dirname. Since we're now getting everything from the coredump, it has to be correct as long as we're not crossing namespace boundaries like running asterisk in a docker container but trying to run ast_coredumper from the host using a shared file system (which you shouldn't be doing). There is still a case for using --asterisk-bin and/or --libdir: If you've updated asterisk since the coredump was taken, the binary, libraries and modules won't match the coredump which will render it useless. If you can restore or rebuild the original files that match the coredump and place them in a temporary directory, you can use --asterisk-bin, --libdir, and a new --moddir option to point to them and they'll be correctly captured in a tarball created with --tarball-coredumps. If you also use --tarball-config, you can use a new --etcdir option to point to what normally would be the /etc/asterisk directory. Also addressed many "shellcheck" findings. Resolves: #445 (cherry picked from commit `44f1522907`)	1 year ago
Sean Bright	b7e66d49b2	alembic: Update list of TLS methods available on ps_transports. Related to #221 and #222. Also adds `*.ini` to the `.gitignore` file in ast-db-manage for convenience. (cherry picked from commit `0dcf03e844`)	1 year ago
Sean Bright	eb48273bdf	live_ast: Add astcachedir to generated asterisk.conf. `astcachedir` (added in `b0842713`) was not added to `live_ast` so continued to point to the system `/var/cache` directory instead of the one in the live environment. (cherry picked from commit `978d09fc35`)	1 year ago
sungtae kim	faf046ea86	res_pjsip: Expanding PJSIP endpoint ID and relevant resource length to 255 characters This commit introduces an extension to the endpoint and relevant resource sizes for PJSIP, transitioning from its current 40-character constraint to a more versatile 255-character capacity. This enhancement significantly overcomes limitations related to domain qualification and practical usage, ultimately delivering improved functionality. In addition, it includes adjustments to accommodate the expanded realm size within the ARI, specifically enhancing the maximum realm length. Resolves: #345 UserNote: With this update, the PJSIP realm lengths have been extended to support up to 255 characters. UpgradeNote: As part of this update, the maximum allowable length for PJSIP endpoints and relevant resources has been increased from 40 to 255 characters. To take advantage of this enhancement, it is recommended to run the necessary procedures (e.g., Alembic) to update your schemas. (cherry picked from commit `f89e56c178`)	1 year ago
George Joseph	52929efb83	safe_asterisk: Change directory permissions to 755 If the safe_asterisk script detects that the /var/lib/asterisk directory doesn't exist, it now creates it with 755 permissions instead of 770. safe_asterisk needing to create that directory should be extremely rare though because it's normally created by 'make install' which already sets the permissions to 755. Resolves: #316 (cherry picked from commit `c929146c61`)	1 year ago
Asterisk Development Team	a2fb6d4dd4	Update for 20.5.0-rc1	2 years ago
George Joseph	4dcf73b6df	alembic: Fix quoting of the 100rel column Add quoting around the ps_endpoints 100rel column in the ALTER statements. Although alembic doesn't complain when generating sql statements, postgresql does (rightly so). Resolves: #274 (cherry picked from commit `cb9223cdb9`)	2 years ago
Jason D. McCormick	f86f5fd809	install_prereq: Fix dependency install on aarch64. Fixes dependency solutions in install_prereq for Debian aarch64 platforms. install_prereq was attempting to forcibly install 32-bit armhf packages due to the aptitude search for dependencies. Resolves: #37 (cherry picked from commit `fc57dca50d`)	2 years ago
Asterisk Development Team	c35471ad10	Update for 20.4.0-rc1	2 years ago
Sean Bright	f971db6685	ast-db-manage: Synchronize revisions between comments and code. In a handful of migrations, the comment header that indicates the current and previous revisions has drifted from the identifiers revision and down_revision variables. This updates the comment headers to match the code. (cherry picked from commit `ea63148b23`)	2 years ago
Sean Bright	79d271fa7f	ast-db-manage: Fix alembic branching error caused by #122 . Fixes #147. (cherry picked from commit `fe15631d38`)	2 years ago
Naveen Albert	8cdf711531	res_musiconhold: Add option to loop last file. Adds the loop_last option to res_musiconhold, which allows the last audio file in the directory to be looped perpetually once reached, rather than circling back to the beginning again. Resolves: #122 ASTERISK-30462 UserNote: The loop_last option in musiconhold.conf now allows the last file in the directory to be looped once reached. (cherry picked from commit `edf488c76e`)	2 years ago
Niklas Larsson	1589efa5dd	app_queue: Preserve reason for realtime queues When Asterisk is restarted it does not preserve paused reason for members of realtime queues. This was fixed for non-realtime queues in ASTERISK_25732 Resolves: #66 UpgradeNote: Add a new column to the queue_member table: reason_paused VARCHAR(80) so the reason can be preserved. UserNote: Make paused reason in realtime queues persist an Asterisk restart. This was fixed for non-realtime queues in ASTERISK_25732. (cherry picked from commit `df774619fb`)	2 years ago
Naveen Albert	c8b7570cad	logrotate: Fix duplicate log entries. The Asterisk logrotate script contains explicit references to files with the .log extension, which are also included when *log is expanded. This causes issues with newer versions of logrotate. This fixes this by ensuring that a log file cannot be referenced multiple times after expansion occurs. Resolves: #96 ASTERISK-30442 Reported by: EN Barnett Tested by: EN Barnett (cherry picked from commit `22c9d52289`)	2 years ago
Asterisk Development Team	2e1842229a	Update for 20.3.0-rc1	2 years ago

1 2 3 4 5 ...

788 Commits (2e26573a841ac1be856c99c4b8c9bb5d26e7758a)