3339 Commits (3296d2d194a3ed7d6ffefcd719b72e900aa4c850)

Author	SHA1	Message	Date
Joshua Colp	4e4a991d90	Merge "res_pjsip: Endpoint IP Access Controls" into 13	10 years ago
Alexei Gradinari	524a302974	res_pjsip: Endpoint IP Access Controls ... With the old SIP module we can use IP access controls per peer. PJSIP module missing this feature. This patch added next configuration Endpoint options: "acl" - list of IP ACL section names in acl.conf "deny" - List of IP addresses to deny access from "permit" - List of IP addresses to permit access from "contact_acl" - List of Contact ACL section names in acl.conf "contact_deny" - List of Contact header addresses to deny "contact_permit" - List of Contact header addresses to permit This patch also better logging failed request: add custom message instead of "No matching endpoint found" add SIP method to logging ASTERISK-25900 Change-Id: I456dea3909d929d413864fb347d28578415ebf02	10 years ago
Matt Jordan	89ae4466ea	res_hep: Provide an option to pick the UUID type ... At one point in time, it seemed like a good idea to use the Asterisk channel name as the HEP correlation UUID. In particular, it felt like this would be a useful identifier to tie PJSIP messages and RTCP messages together, along with whatever other data we may eventually send to Homer. This also had the benefit of keeping the correlation UUID channel technology agnostic. In practice, it isn't as useful as hoped, for two reasons: 1) The first INVITE request received doesn't have a channel. As a result, there is always an 'odd message out', leading it to be potentially uncorrelated in Homer. 2) Other systems sending capture packets (Kamailio) use the SIP Call-ID. This causes RTCP information to be uncorrelated to the SIP message traffic seen by those capture nodes. In order to support both (in case someone is trying to use res_hep_rtcp with a non-PJSIP channel), this patch adds a new option, uuid_type, with two valid values - 'call-id' and 'channel'. The uuid_type option is used by a module to determine the preferred UUID type. When available, that source of a correlation UUID is used; when not, the more readily available source is used. For res_hep_pjsip: - uuid_type = call-id: the module uses the SIP Call-ID header value - uuid_type = channel: the module uses the channel name if available, falling back to SIP Call-ID if not For res_hep_rtcp: - uuid_type = call-id: the module uses the SIP Call-ID header if the channel type is PJSIP and we have a channel, falling back to the Stasis event provided channel name if not - uuid_type = channel: the module uses the channel name ASTERISK-25352 #close Change-Id: Ide67e59a52d9c806e3cc0a797ea1a4b88a00122c	10 years ago
George Joseph	2a7130b8b0	pjproject_bundled: Check for python-dev and TEST_FRAMEWORK ... The pjsua and pjsystest apps are now built only if TEST_FRAMEWORK is set. The python bindings are now built only if TEST_FRAMEWORK is set and a python development package is installed. libresample was also disabled. ASTERISK-25993 #close Reported-by: Joshua Colp Change-Id: If4e91c503a02f113d5b71bc8b972081fa3ff6f03	10 years ago
Alexei Gradinari	7a14e669f0	res_pjsip/AMI: add contact.updated event ... With the old SIP module AMI sends PeerStatus event on every successfully REGISTER requests, ie, on start registration, update registration and stop registration. With PJSIP AMI sends ContactStatus only when status is changed. Regarding registration: on start registration - Created on stop registration - Removed but on update registration nothing This patch added contact.updated event. ASTERISK-25904 Change-Id: I8fad8aae9305481469c38d2146e1ba3a56d3108f	10 years ago
Alexei Gradinari	3cb8934de0	pjsip: Added "reg_server" to contacts. ... If the Asterisk system name is set in asterisk.conf, it will be stored into the "reg_server" field in the ps_contacts table to facilitate multi-server setups. ASTERISK-25931 Change-Id: Ia8f6bd2267809c78753b52bcf21835b9b59f4cb8	10 years ago
zuul	2ae097f144	Merge "res_pjsip_pubsub.h: Fix doxygen association." into 13	10 years ago
Richard Mudgett	b1b2019046	res_pjsip_pubsub.h: Fix doxygen association. ... Change-Id: I110d3e3572598289fcd4215d966cf0c858f98632	10 years ago
George Joseph	38bed4515d	res_pjsip: Add ability to identify by Authorization username ... A feature of chan_sip that service providers relied upon was the ability to identify by the Authorization username. This is most often used when customers have a PBX that needs to register rather than identify by IP address. From my own experiance, this is pretty common with small businesses who otherwise don't need a static IP. In this scenario, a register from the customer's PBX may succeed because From will usually contain the PBXs account id but an INVITE will contain the caller id. With nothing recognizable in From, the service provider's Asterisk can never match to an endpoint and the INVITE just stays unauthorized. The fixes: A new value "auth_username" has been added to endpoint/identify_by that will use the username and digest fields in the Authorization header instead of username and domain in the the From header to match an endpoint, or the To header to match an aor. This code as added to res_pjsip_endpoint_identifier_user rather than creating a new module. Although identify_by was always a comma-separated list, there was only 1 choice so order wasn't preserved. So to keep the order, a vector was added to the end of ast_sip_endpoint. This is only used by res_pjsip_registrar to find the aor. The res_pjsip_endpoint_identifier_* modules are called in globals/endpoint_identifier_order. Along the way, the logic in res_pjsip_registrar was corrected to match most-specific to least-specific as res_pjsip_endpoint_identifier_user does. The order is: username@domain username@domain_alias username Auth by username does present 1 problem however, the first INVITE won't have an Authorization header so the distributor, not finding a match on anything, sends a securty_alert. It still sends a 401 with a challenge so the next INVITE will have the Authorization header and presumably succeed. As a result though, that first security alert is actually a false alarm. To address this, a new feature has been added to pjsip_distributor that keeps track of unidentified requests and only sends the security alert if a configurable number of unidentified requests come from the same IP in a configurable amout of time. Those configuration options have been added to the global config object. This feature is only used when auth_username is enabled. Finally, default_realm was added to the globals object to replace the hard coded "asterisk" used when an endpoint is not yet identified. The testsuite tests all pass but new tests are forthcoming for this new feature. ASTERISK-25835 #close Reported-by: Ross Beer Change-Id: I30ba62d208e6f63439600916fcd1c08a365ed69d	10 years ago
Joshua Colp	e0e03cd2c8	Merge "res_pjsip: disable multi domain to improve realtime performace" into 13	10 years ago
Alexei Gradinari	df3639700a	res_pjsip: disable multi domain to improve realtime performace ... This patch added new global pjsip option 'disable_multi_domain'. Disabling Multi Domain can improve Realtime performance by reducing number of database requests. ASTERISK-25930 #close Change-Id: I2e7160f3aae68475d52742107949a799aa2c7dc7	10 years ago
Joshua Colp	e5c5fac8f1	Merge "res_pjsip: Add serialized scheduler (res_pjsip/pjsip_scheduler.c)" into 13	10 years ago
Joshua Colp	9d8f59aaf2	Merge changes from topic 'system_stress_patches' into 13 ... * changes: test_message.c: Wait longer in case dialplan also processes the test message. Manager: Short circuit AMI message processing. manager.c: Eliminate most RAII_VAR usage. manager_channels.c: Fix allocation failure crash.	10 years ago
Joshua Colp	4efc6b4315	Merge changes from topic 'system_stress_patches' into 13 ... * changes: Bridge system: Fix memory leaks and double frees on impart failure. bridge_softmix.c: Fix crash if channel fails to join mixing tech.	10 years ago
Richard Mudgett	ba63aa7c9e	Manager: Short circuit AMI message processing. ... Improve AMI message processing performance if there are no consumers listening for the messages. We now skip creating the AMI event message text strings. Change-Id: I7b22fc5ec4e500d00635c1a467aa8ea68a1bb2b3	10 years ago
Richard Mudgett	1e93f3d723	Bridge system: Fix memory leaks and double frees on impart failure. ... You cannot reference the passed in features struct after calling ast_bridge_impart(). Even if the call fails. Change-Id: I902b88ba0d5d39520e670fb635078a367268ea21	10 years ago
Richard Mudgett	5e388d4188	bridge_softmix.c: Fix crash if channel fails to join mixing tech. ... softmix_bridge_join() failed because of an allocation failure. To address this, the softmix bridge technology now checks if the channel failed to join softmix successfully. In addition, the bridge now begins the process of kicking the channel out of the bridge so we don't have channels partially in the bridge for very long. * Fix the test_channel_feature_hooks.c unit tests. The test channel must have a valid codec to join the simple_bridge technology. This patch makes joining a bridge more strict by not allowing partially joined channels to remain in the bridge. Change-Id: I97e2ade6a2bcd1214f24fb839fda948825b61a2b	10 years ago
Richard Mudgett	9942d50aa5	bridge: Hold off more than one imparting channel at a time. ... An earlier patch blocked the ast_bridge_impart() call until the channel either entered the target bridge or it failed. Unfortuantely, if the target bridge is stasis and the imprted channel is not a stasis channel, stasis bounces the channel out of the bridge to come back into the bridge as a proper stasis channel. When the channel is bounced out, that released the block on ast_bridge_impart() to continue. If the impart was a result of a transfer, then it became a race to see if the swap channel would get hung up before the imparted channel could come back into the stasis bridge. If the imparted channel won then everything is fine. If the swap channel gets hung up first then the transfer will fail because the swap channel is leaving the bridge. * Allow a chain of ast_bridge_impart()'s to happen before any are unblocked to prevent the race condition described above. When the channel finally joins the bridge or completely fails to join the bridge then the ast_bridge_impart() instances are unblocked. ASTERISK-25947 Reported by: Richard Mudgett ASTERISK-24649 Reported by: John Bigelow ASTERISK-24782 Reported by: John Bigelow Change-Id: I8fef369171f295f580024ab4971e95c799d0dde1	10 years ago
George Joseph	9740277713	res_pjsip: Add serialized scheduler (res_pjsip/pjsip_scheduler.c) ... There are several places that do scheduled tasks or periodic housecleaning, each with its own implementation: * res_pjsip_keepalive has a thread that sends keepalives. * pjsip_distributor has a thread that cleans up expired unidentified requests. * res_pjsip_registrar_expire has a thread that cleans up expired contacts. * res_pjsip_pubsub uses ast_sched directly and then calls ast_sip_push_task. * res_pjsip_sdp_rtp also uses ast_sched to send keepalives. There are also places where we should be doing scheduled work but aren't. A good example are the places we have sorcery observers to start registration or qualify. These don't work when changes are made to a backend database without a pjsip reload. We need to check periodically. As a first step to solving these issues, a new ast_sip_sched facility has been created. ast_sip_sched wraps ast_sched but only uses ast_sched as a scheduled queue. When a task is ready to run, ast_sip_task_pusk is called for it. This ensures that the task is executed in a PJLIB registered thread and doesn't hold up the ast_sched thread so it can immediately continue processing the queue. The serializer used by ast_sip_sched is one of your choosing or a random one from the res_pjsip pool if you don't choose one. Another feature is the ability to automatically clean up the task_data when the task expires (if ever). If it's an ao2 object, it will be dereferenced, if it's a malloc'd object it will be freed. This is selectable when the task is scheduled. Even if you choose to not auto dereference an ao2 task data object, the scheduler itself maintains a reference to it while the task is under it's control. This prevents the data from disappearing out from under the task. There are two scheduling models. AST_SIP_SCHED_TASK_PERIODIC specifies that the invocations of the task occur at the specific interval. That is, every "interval" milliseconds, regardless of how long the task takes. If the task takes longer than the interval, it will be scheduled at the next available multiple of interval. For exmaple: If the task has an interval of 60 secs and the task takes 70 secs (it better not), the next invocation will happen at 120 seconds. AST_SIP_SCHED_TASK_DELAY specifies that the next invocation of the task should start "interval" milliseconds after the current invocation has finished. Also, the same ast_sched facility for fixed or variable intervals exists. The task's return code in conjunction with the AST_SIP_SCHED_TASK_FIXED or AST_SIP_SCHED_TASK_VARIABLE flags controls the next invocation start time. One res_pjsip.h housekeeping change was made. The pjsip header files were added to the top. There have been a few cases lately where I've needed res_pjsip.h just for ast_sip calls and had compiles fail spectacularly because I didn't add the pjsip header files to my source even though I never referenced any pjsip calls. Finally, a few new convenience APIs were added to astobj2 to make things a little easier in the scheduler. ao2_ref_and_lock() calls ao2_ref() and ao2_lock() in one go. ao2_unlock_and_unref() does the reverse. A few macros were also copied from res_phoneprov because I got tired of having to duplicate the same hash, sort and compare functions over and over again. The AO2_STRING_FIELD_(HASH|SORT|CMP)_FN macros will insert functions suitable for aor_container_alloc into your source. This facility can be used immediately for the situations where we already have a thread that wakes up periodically or do some scheduled work. For the registration and qualify issues, additional sorcery and schema changes would need to be made so that we can easily detect changed objects on a periodic basis without having to pull the entire database back to check. I'm thinking of a last-updated timestamp on the rows but more on this later. Change-Id: I7af6ad2b2d896ea68e478aa1ae201d6dd016ba1c	10 years ago
George Joseph	fe7e48db03	res_pjsip contact: Lock expiration/addition of contacts ... Contact expiration can occur in several places: res_pjsip_registrar, res_pjsip_registrar_expire, and automatically when anyone calls ast_sip_location_retrieve_aor_contact. At the same time, res_pjsip_registrar may also be attempting to renew or add a contact. Since none of this was locked it was possible for one thread to be renewing a contact and another thread to expire it immediately because it was working off of stale data. This was the casue of intermittent registration/inbound/nominal/multiple_contacts test failures. Now, the new named lock functionality is used to lock the aor during contact expire and add operations and res_pjsip_registrar_expire now checks the expiration with the lock held before deleting the contact. ASTERISK-25885 #close Reported-by: Josh Colp Change-Id: I83d413c46a47796f3ab052ca3b349f21cca47059	10 years ago
George Joseph	772ff3048f	lock: Add named lock capability ... Locking some objects like sorcery objects can be tricky because the underlying ao2 object may not be the same for all callers. For instance, two threads that call ast_sorcery_retrieve_by_id on the same aor name might actually get 2 different ao2 objects if the underlying wizard had to rehydrate the aor from a database. Locking one ao2 object doesn't have any effect on the other even if those objects had locks in the first place. Named locks allow access control by keyspace and key strings. Now an "aor" named "1000" can be locked and any other thread attempting to lock "aor" "1000" will wait regardless of whether the underlying ao2 object is the same or not. Mutex and rwlocks are supported. This capability will initially be used to lock an aor when multiple threads may be attempting to prune expired contacts from it. Change-Id: If258c0b7f92b02d07243ce70e535821a1ea7fb45	10 years ago
Richard Mudgett	2ef8a954b3	pbx: Update doxygen for extension state watchers. ... Change-Id: Id1403b12136de62a272c01bb355aef65fd2c2d1e	10 years ago
Joshua Colp	2b84290386	Merge "stringfields: Refactor to allow fields to be added to the end of structures" into 13	10 years ago
Joshua Colp	bb7214180c	Merge "res_rtp_asterisk: Use separate SRTP session for RTCP with DTLS" into 13	10 years ago
George Joseph	f6f4cf459f	stringfields: Refactor to allow fields to be added to the end of structures ... String fields are great, except that you can't add new ones without breaking ABI compatibility because it shifts down everything else in the structure. The only alternative is to add your own char * field to the end of the structure and manage the memory yourself which isn't ideal, especially since you then can't use the OPT_STRINGFIELD_T type. Background: The reason string fields had to be declared inside the AST_DECLARE_STRING_FIELDS block was to facilitate iteration over all declared fields for initialization, compare and copy. Since AST_DECLARE_STRING_FIELDS declared the pool, then the fields, then the manager, you could use the offsets of the pool and manager and iterate over the sequential addresses in between to access the fields. The actual pool, field allocation and field set operations don't actually care where the field is. It's just iteration over the fields that was the problem. Solution: Extended String Fields An extended string field is one that is declared outside the AST_DECLARE_STRING_FIELDS block but still (anywhere) inside the parent structure. Other than using AST_STRING_FIELD_EXTENDED instead of AST_STRING_FIELD, it looks the same as other string fields. It's storage comes from the pool and it participates in string field compare and copy operations peformed on the parent structure. It's also a valid target for the OPT_STRINGFIELD_T aco option type. Implementation: To keep track of the extended fields and make sure that ABI isn't broken, the existing embedded_pool pointer in the manager structure was repurposed to be a pointer to a separate header structure that contains the embedded_pool pointer plus a vector of fields. The length of the manager structure didn't change and the embedded_pool pointer isn't used in the macros, only the stringfields C code. A side benefit of this is that changing the header structure in the future won't break ABI. ast_string_fields_init initializes the normal string fields and appends them to the vector, and subsequent calls to ast_string_field_init_extended initialize and append the extended fields. Cleanup, ast_string_fields_cmp, and ast_string_fields_copy can now work on the vector instead of sequentially traversing the addresses between the pool and manager. The total size of a structure using string fields didn't change, whether using extended fields or not, nor have the offsets of any structure members, either inside the original block or outside. Adding an extended field to the end of a structure is the same as adding a char *. Details: The stringfield C code was pulled out from utils.c and into stringfields.c. It just made sense. Additional work was done in ast_string_field_init and ast_calloc_with_stringfields to handle the allocation of the new header structure and the vector, and the associated cleanup. In the process some additional NULL pointer checking was added. A lot of work was done in stringfields.h since the logic for compare and copy is there. Documentation was added as well as somne additional NULL checking. The ability to call ast_calloc_with_stringfields with a number of structures greater than 1 never really worked. Well, the calloc worked but there was no way to access the additional structures or clean them up. It was agreed that there was no use case for requesting more than 1 structure so an ast_assert was added to prevent it and the iteration code removed. Testing: The stringfield unit tests were updated to test both normal and extended fields. Tests for ast_string_field_ptr_set_by_fields and ast_calloc_with_stringfields were also added. As an ABI test, 13 was compiled from git and the res_pjsip_* modules, except res_pjsip itself, saved off. The patch was then added and a full compile and install was performed. Then the older res_pjsip_* moduled were copied over the installed versions so res_pjsip was new and the rest were old. No issues. contact->aor, which is a char * at the end of contact, was then changed to an extended string field and a recompile and reinstall was performed, again leaving stock versions of the the res_pjsip_* modules. Again, no issues with the res_pjsip_* modules using the old stringfield implementation and with contact->aor as a char *, and res_pjsip itself using the new stringfield implementation and contact->aor being an extended string field. Finally, several existing string fields were converted to extended string fields to test OPT_STRINGFIELD_T. Again, no issues. Change-Id: I235db338c5b178f5a13b7946afbaa5d4a0f91d61	10 years ago
Joshua Colp	072bf78ba3	Merge "res_pjsip_mwi: Add voicemail extension and mwi_subscribe_replaces_unsolicited" into 13	10 years ago
Richard Mudgett	ecf4102d02	res_stasis: Add control ref to playback and recording structs. ... The stasis_app_playback and stasis_app_recording structs need to have a struct stasis_app_control ref. Other threads can get a reference to the playback and recording structs from their respective global container. These other threads can then use the control pointer they contain after the control struct has gone. * Add control ref to stasis_app_playback and stasis_app_recording structs. With the refs added, the control command queue can now have a circular control reference which will cause the control struct to never get released if the control's command queue is not flushed when the channel leaves the Stasis application. Also the command queue needs better protection from adding commands if the control->is_done flag is set. * Flush the control command queue on exit. ASTERISK-25882 #close Change-Id: I3cf1fb59cbe6f50f20d9e35a2c07ac07d7f4320d	10 years ago
George Joseph	d8f0bc3572	res_pjsip_mwi: Add voicemail extension and mwi_subscribe_replaces_unsolicited ... res_pjsip_mwi was missing the chan_sip "vmexten" functionality which adds the Message-Account header to the MWI NOTIFY. Also, specifying mailboxes on endpoints for unsolicited mwi and on aors for subscriptions required that the admin know in advance which the client wanted. If you specified mailboxes on the endpoint, subscriptions were rejected even if you also specified mailboxes on the aor. Voicemail extension: * Added a global default_voicemail_extension which defaults to "". * Added voicemail_extension to both endpoint and aor. * Added ast_sip_subscription_get_dialog for support. * Added ast_sip_subscription_get_sip_uri for support. When an unsolicited NOTIFY is constructed, the From header is parsed, the voicemail extension from the endpoint is substituted for the user, and the result placed in the Message-Account field in the body. When a subscribed NOTIFY is constructed, the subscription dialog local uri is parsed, the voicemail_extension from the aor (looked up from the subscription resource name) is substituted for the user, and the result placed in the Message-Account field in the body. If no voicemail extension was defined, the Message-Account field is not added to the NOTIFY body. mwi_subscribe_replaces_unsolicited: * Added mwi_subscribe_replaces_unsolicited to endpoint. The previous behavior was to reject a subscribe if a previous internal subscription for unsolicited MWI was found for the mailbox. That remains the default. However, if there are mailboxes also set on the aor and the client subscribes and mwi_subscribe_replaces_unsolicited is set, the existing internal subscription is removed and replaced with the external subscription. This allows an admin to configure mailboxes on both the endpoint and aor and allows the client to select which to use. ASTERISK-25865 #close Reported-by: Ross Beer Change-Id: Ic15a9415091760539c7134a5ba3dc4a6a1217cea	10 years ago
zuul	e595f02f83	Merge "res_rtp_asterisk: Fix packet stats on bridged connection" into 13	10 years ago
Jacek Konieczny	0cfab30b28	res_rtp_asterisk: Use separate SRTP session for RTCP with DTLS ... Asterisk uses separate UDP ports for RTP and RTCP traffic and RFC 5764 explicitly states: There MUST be a separate DTLS-SRTP session for each distinct pair of source and destination ports used by a media session This means RTP keying material cannot be used for DTLS RTCP, which was the reason why RTCP encryption would fail. ASTERISK-25642 Change-Id: I7e8779d8b63e371088081bb113131361b2847e3a	10 years ago
George Joseph	1bce690ccb	res_rtp_asterisk: Fix packet stats on bridged connection ... rxcount, txcount, rxoctetcount and txoctetcount weren't being calculated for bridged streams because the calulations were being done after the bridged short-circuit. Actually, rxoctetcount wasn't ever being calculated. Moved the calculations so they occur for all valid received packets and all transmitted packets. Also added rxoctetcount and txoctetcount to ast_rtp_instance_stat. Change-Id: I08fb06011a82d38c3b4068867a615068fbe59cbb	10 years ago
George Joseph	5aa5c49413	sorcery/res_pjsip: Refactor for realtime performance ... There were a number of places in the res_pjsip stack that were getting all endpoints or all aors, and then filtering them locally. A good example is pjsip_options which, on startup, retrieves all endpoints, then the aors for those endpoints, then tests the aors to see if the qualify_frequency is > 0. One issue was that it never did anything with the endpoints other than retrieve the aors so we probably could have skipped a step and just retrieved all aors. But nevermind. This worked reasonably well with local config files but with a realtime backend and thousands of objects, this was a nightmare. The issue really boiled down to the fact that while realtime supports predicates that are passed to the database engine, the non-realtime sorcery backends didn't. They do now. The realtime engines have a scheme for doing simple comparisons. They take in an ast_variable (or list) for matching, and the name of each variable can contain an operator. For instance, a name of "qualify_frequency >" and a value of "0" would create a SQL predicate that looks like "where qualify_frequency > '0'". If there's no operator after the name, the engines add an '=' so a simple name of "qualify_frequency" and a value of "10" would return exact matches. The non-realtime backends decide whether to include an object in a result set by calling ast_sorcery_changeset_create on every object in the internal container. However, ast_sorcery_changeset_create only does exact string matches though so a name of "qualify_frequency >" and a value of "0" returns nothing because the literal "qualify_frequency >" doesn't match any name in the objset set. So, the real task was to create a generic string matcher that can take a left value, operator and a right value and perform the match. To that end, strings.c has a new ast_strings_match(left, operator, right) function. Left and right are the strings to operate on and the operator can be a string containing any of the following: = (or NULL or ""), !=, >, >=, <, <=, like or regex. If the operator is like or regex, the right string should be a %-pattern or a regex expression. If both left and right can be converted to float, then a numeric comparison is performed, otherwise a string comparison is performed. To use this new function on ast_variables, 2 new functions were added to config.c. One that compares 2 ast_variables, and one that compares 2 ast_variable lists. The former is useful when you want to compare 2 ast_variables that happen to be in a list but don't want to traverse the list. The latter will traverse the right list and return true if all the variables in it match the left list. Now, the backends' fields_cmp functions call ast_variable_lists_match instead of ast_sorcery_changeset_create and they can now process the same syntax as the realtime engines. The realtime backend just passes the variable list unaltered to the engine. The only gotcha is that there's no common realtime engine support for regex so that's been noted in the api docs for ast_sorcery_retrieve_by_fields. Only one more change to sorcery was done... A new config flag "allow_unqualified_fetch" was added to reg_sorcery_realtime. "no": ignore fetches if no predicate fields were supplied. "error": same as no but emit an error. (good for testing) "yes": allow (the default); "warn": allow but emit a warning. (good for testing) Now on to res_pjsip... pjsip_options was modified to retrieve aors with qualify_frequency > 0 rather than all endpoints then all aors. Not only was this a big improvement in realtime retrieval but even for config files there's an improvement because we're not going through endpoints anymore. res_pjsip_mwi was modified to retieve only endpoints with something in the mailboxes field instead of all endpoints then testing mailboxes. res_pjsip_registrar_expire was completely refactored. It was retrieving all contacts then setting up scheduler entries to check for expiration. Now, it's a single thread (like keepalive) that periodically retrieves only contacts whose expiration time is < now and deletes them. A new contact_expiration_check_interval was added to global with a default of 30 seconds. Ross Beer reports that with this patch, his Asterisk startup time dropped from around an hour to under 30 seconds. There are still objects that can't be filtered at the database like identifies, transports, and registrations. These are not going to be anywhere near as numerous as endpoints, aors, auths, contacts however. Back to allow_unqualified_fetch. If this is set to yes and you have a very large number of objects in the database, the pjsip CLI commands will attempt to retrive ALL of them if not qualified with a LIKE. Worse, if you type "pjsip show endpoint <tab>" guess what's going to happen? :) Having a cache helps but all the objects will have to be retrieved at least once to fill the cache. Setting allow_unqualified_fetch=no prevents the mass retrieve and should be used on endpoints, auths, aors, and contacts. It should NOT be used for identifies, registrations and transports since these MUST be retrieved in bulk. Example sorcery.conf: [res_pjsip] endpoint=config,pjsip.conf,criteria=type=endpoint endpoint=realtime,ps_endpoints,allow_unqualified_fetch=error ASTERISK-25826 #close Reported-by: Ross Beer Tested-by: Ross Beer Change-Id: Id2691e447db90892890036e663aaf907b2dc1c67	10 years ago
zuul	8271a06dde	Merge "Restrict CLI/AMI commands on shutdown." into 13	10 years ago
Mark Michelson	59c8e189fd	Restrict CLI/AMI commands on shutdown. ... During stress testing, we have frequently seen crashes occur because a CLI or AMI command attempts to access information that is in the process of being destroyed. When addressing how to fix this issue, we initially considered fixing individual crashes we observed. However, the changes required to fix those problems would introduce considerable overhead to the nominal case. This is not reasonable in order to prevent a crash from occurring while Asterisk is already shutting down. Instead, this change makes it so AMI and CLI commands cannot be executed if Asterisk is being shut down. For AMI, this is absolute. For CLI, though, certain commands can be registered so that they may be run during Asterisk shutdown. ASTERISK-25825 #close Change-Id: I8887e215ac352fadf7f4c1e082da9089b1421990	10 years ago
zuul	dcebcaa3da	Merge "build: Add configure check for proto field of PJSIP TLS transport setting." into 13	10 years ago
Joshua Colp	677a65fcbb	build: Add configure check for proto field of PJSIP TLS transport setting. ... Older versions of PJSIP do not have the proto field on the TLS transport setting structure. This change adds a configure check so even if it is not present we will still be able to build. Change-Id: Ibf3f47befb91ed1b8194bf63888baa6fee05aba9	10 years ago
Walter Doekes	336cae73cc	app_chanspy: Fix occasional deadlock with ChanSpy and Local channels. ... Channel masquerading had a conflict with autochannel locking. When locking autochannel->channel, the channel is fetched from the autochannel and then locked. During the fetch, the autochannel -- which has no locks itself -- can be modified by someone who owns the channel lock. That means that the value of autochan->channel cannot be trusted until you hold the lock. In practice, this caused problems with Local channels getting masqueraded away while the ChanSpy attempted to get info from that channel. The old channel which was about to get removed got locked, but the new (replaced) channel got unlocked (no-op). Because the replaced channel was now locked (and would never get unlocked), it couldn't get removed from the channel list in a timely manner, and would now cause deadlocks when iterating over the channel list. This change checks the autochannel after locking the channel for changes to the autochannel. If the channel had been changed, the lock is reobtained on the new channel. In theory it seems possible that after this fix, the lock attempt on the old (wrong) channel can be on an already destroyed lock, maybe causing a crash. But that hasn't been observed in the wild and is harder induce than the current deadlock. Thanks go to Filip Frank for suggesting a fix similar to this and especially to IRC user hexanol for pointing out why this deadlock was possible and testing this fix. And to Richard for catching my rookie while loop mistake ;) ASTERISK-25321 #close Change-Id: I293ae0014e531cd0e675c3f02d1d118a98683def	10 years ago
zuul	9263ea0b13	Merge "res_pjsip_caller_id: Anonymize 'From' when caller id presentation is prohibited" into 13	10 years ago
George Joseph	530cff5f5f	res_pjsip: Strip spaces from items parsed from comma-separated lists ... Configurations like "aors = a, b, c" were either ignoring everything after "a" or trying to look up " b". Same for mailboxes, ciphers, contacts and a few others. To fix, all the strsep(&copy, ",") calls have been wrapped in ast_strip. To facilitate this, ast_strip, ast_skip_blanks and ast_skip_nonblanks were updated to handle null pointers. In some cases, an ast_strlen_zero() test was added to skip consecutive commas. There was also an attempt to ast_free an ast_strdupa'd string in ast_sip_for_each_aor which was causing a SEGV. I removed it. Although this issue was reported for realtime, the issue was in the res_pjsip modules so all config mechanisms were affected. ASTERISK-25829 #close Reported-by: Mateusz Kowalski Change-Id: I0b22a2cf22a7c1c50d4ecacbfa540155bec0e7a2	10 years ago
George Joseph	27f32cd0a6	res_pjsip_caller_id: Anonymize 'From' when caller id presentation is prohibited ... Per RFC3325, the 'From' header is now anonymized on outgoing calls when caller id presentation is prohibited. TID = trust_id_outbound PRO = Set(CALLERID(pres)=prohib) USR = endpoint/from_user DOM = endpoint/from_domain PAI = YES(privacy=off), NO(not sent), PRI(privacy=full) (assumes send_pai=yes) Conditions |Result --------------------|---------------------------------------------------- TID PRO USR DOM |PAI FROM --------------------|---------------------------------------------------- Y Y abc def.ghi |PRI "Anonymous" <sip:abc@def.ghi> Y Y abc |PRI "Anonymous" <sip:abc@anonymous.invalid> Y Y def.ghi |PRI "Anonymous" <sip:anonymous@def.ghi> Y Y |PRI "Anonymous" <sip:anonymous@anonymous.invalid> Y N abc def.ghi |YES <sip:abc@def.ghi> Y N abc |YES <sip:abc@<ip_address>> Y N def.ghi |YES "Caller Name" <sip:<caller_exten>@def.ghi> Y N |YES "Caller Name" <sip:<caller_exten>@<ip_address>> N Y abc def.ghi |NO "Anonymous" <sip:abc@def.ghi> N Y abc |NO "Anonymous" <sip:abc@anonymous.invalid> N Y def.ghi |NO "Anonymous" <sip:anonymous@def.ghi> N Y |NO "Anonymous" <sip:anonymous@anonymous.invalid> N N abc def.ghi |YES <sip:abc@def.ghi> N N abc |YES <sip:abc@<ip_address>> N N def.ghi |YES "Caller Name" <sip:<caller_exten>@def.ghi> N N |YES "Caller Name" <sip:<caller_exten>@<ip_address>> ASTERISK-25791 #close Reported-by: Anthony Messina Change-Id: I2c82a5ca1413c2c00fb62ea95b0ae8e97af54dc9	10 years ago
Kevin Harwell	40d9e9e238	bridge.c: Crash during attended transfer when missing a local channel half ... It's possible for the transferer channel to get hung up early during the attended transfer process. For instance, a phone may send a "bye" immediately upon receiving a sip notify that contains a sip frag 100 (I'm looking at you Jitsi). When this occurs a race begins between the transferer being hung up and completion of the transfer code. If the channel hangs up too early during a transfer involving stasis bridging for instance, then when the created local channel goes to look up its swap channel (and associated datastore) it can't find it (since it is no longer in the bridge) thus it fails to enter the stasis application. Consequently, the created local channel(s) hang up as well. If the timing is just right then the bridging code attempts to add the message link with missing local channel(s). Hence the crash. Unfortunately, there is no great way to solve the problem of the unexpected "bye". While we can't guarantee we won't receive an early hangup, and in this case still fail to enter the stasis application, we can make it so asterisk does not crash. This patch does just that by locking the local channel structure, checking that the local channel's peer has not been lost, and then continuing. This keeps the local channel's peer from being ripped out from underneath it by the local/unreal hangup code while attempting to set the stasis message link. ASTERISK-25771 Change-Id: Ie6d6061e34c7c95f07116fffac9a09e5d225c880	10 years ago
George Joseph	b59956a875	build-system: Allow building with static pjproject ... Background here: http://lists.digium.com/pipermail/asterisk-dev/2016-January/075266.html From CHANGES: * To help insure that Asterisk is compiled and run with the same known version of pjproject, a new option (--with-pjproject-bundled) has been added to ./configure. When specified, the version of pjproject specified in third-party/versions.mak will be downloaded and configured. When you make Asterisk, the build process will also automatically build pjproject and Asterisk will be statically linked to it. Once a particular version of pjproject is configured and built, it won't be configured or built again unless you run a 'make distclean'. To facilitate testing, when 'make install' is run, the pjsua and pjsystest utilities and the pjproject python bindings will be installed in ASTDATADIR/third-party/pjproject. The default behavior remains building with the shared pjproject installation, if any. Building: All you have to do is include the --with-pjproject-bundled option on the ./configure command line (and remove any existing --with-pjproject option if specified). Everything else is automatic. Behind the scenes: The top-level Makefile was modified to include 'third-party' in the list of MOD_SUBDIRS. The third-party directory was created to contain any third party packages that may be needed in the future. Its Makefile automatically iterates over any subdirectories passing on targets. The third-party/pjproject directory was created to house the pjproject source distribution. Its Makefile contains targets to download, patch configure, generate dependencies, compile libs, apps and python bindings, sanitized build.mak and generate a symbols list. When bootstrap.sh is run, it automatically includes the configure.m4 file in third-party/pjproject. This file has a macro to download and conifgure pjproject and get and set PJPROJECT_INCLUDE, PJPROJECT_DIR and PJPROJECT_BUNDLED. It also tests for the capabilities like PJ_TRANSACTION_GRP_LOCK by parsing preprocessor output as opposed to trying to compile. Of course, bootstrap.sh is only run once and the configure file is incldued in the patch. When configure is run with the new options, the macro in configure.m4 triggers the download, patch, conifgure and tests. No compilation is performed at this time. The downloaded tarball is cached in /tmp so it doesn't get downloaded again on a distclean. When make is run in the top-level Asterisk source directory, it will automatically descend all the subdirectories in third_party just as it does for addons, apps, etc. The top-level Makefile makes sure that the 'third-party' is built before 'main' so that dependencies from the other directories are built first. When main does build, a new shared library (libasteriskpj) is created that links statically to the pjproject .a files and exports all their symbols. The asterisk binary links to that, just as it does with libasteriskssl. When Asterisk is installed, the pjsua and pjsystest apps, and the pjproject python bindings are installed in ASTDATADIR/third-party/pjproject. This will facilitate testing, including running the testsuite which will be updated to check that directory for the pjsua module ahead of the system python library. Modules should continue to depend on pjproject if they use pjproject APIs directly. They should not care about the implementation. No changes to any res_pjsip modules were made. Change-Id: Ia7a60c28c2e9ba9537c5570f933c1ebcb20a3103	10 years ago
Richard Mudgett	221422be50	bridge core: Add owed T.38 terminate when channel leaves a bridge. ... The channel is now going to get T.38 terminated when it leaves the bridging system and the bridged peers are going to get T.38 terminated as well. ASTERISK-25582 Change-Id: I77a9205979910210e3068e1ddff400dbf35c4ca7	10 years ago
Richard Mudgett	0a5bc64491	channel api: Create is_t38_active accessor functions. ... ASTERISK-25582 Change-Id: I69451920b122de7ee18d15bb231c80ea7067a22b	10 years ago
Richard Mudgett	513638a5f4	bridge_channel: Don't settle owed events on an optimization. ... Local channel optimization could cause DTMF digits to be duplicated. Pending DTMF end events would be posted to a bridge when the local channel optimizes out and is replaced by the channel further down the chain. When the real digit ends, the channel would get another DTMF end posted to the bridge. A -- LocalA;1/n -- LocalA;2/n -- LocalB;1 -- LocalB;2 -- B 1) LocalA has the /n flag to prevent optimization. 2) B is sending DTMF to A through the local channel chain. 3) When LocalB optimizes out it can move B to the position of LocalB;1 4) Without this patch, when B swaps with LocalB;1 then LocalB;1 would settle an owed DTMF end to the bridge toward LocalA;2. 5) When B finally ends its DTMF it sends the DTMF end down the chain. 6) Without this patch, A would hear the DTMF digit end when LocalB optimizes out and when B ends the original digit. ASTERISK-25582 Change-Id: I1bbd28b8b399c0fb54985a5747f330a4cd2aa251	10 years ago
zuul	d35c494df1	Merge "res_pjsip/config_transport: Allow reloading transports." into 13	10 years ago
Richard Mudgett	e7a6abbbd3	rtp_engine.h: Remove extraneous semicolons. ... Change-Id: Ib462633d396fa941379dfef648dcd2245e350084	10 years ago
George Joseph	d2a1457e0b	res_pjsip/config_transport: Allow reloading transports. ... The 'reload' mechanism actually involves closing the underlying socket and calling the appropriate udp, tcp or tls start functions again. Only outbound_registration, pubsub and session needed work to reset the transport before sending requests to insure that the pjsip transport didn't get pulled out from under them. In my testing, no calls were dropped when a transport was changed for any of the 3 transport types even if ip addresses or ports were changed. To be on the safe side however, a new transport option was added (allow_reload) which defaults to 'no'. Unless it's explicitly set to 'yes' for a transport, changes to that transport will be ignored on a reload of res_pjsip. This should preserve the current behavior. Change-Id: I5e759850e25958117d4c02f62ceb7244d7ec9edf	10 years ago
zuul	953ba9da88	Merge "res_pjsip: Handle pjsip_dlg_create_uas deprecation" into 13	10 years ago
Joshua Colp	249d80f120	Merge "res_pjsip: Fix infinite recursion when loading transports from realtime" into 13	10 years ago