When the Asterisk channel driver res_pjsip offers SIP-over-TLS, sometimes, not
reproducible, Asterisk crashed in pj_ssl_sock_get_info() because a NULL pointer
was read. This change avoids this crash.
ASTERISK-26927 #close
Change-Id: I24a6011b44d1426d159742ff4421cf806a52938b
When a T.38 happens immediatly after call establishment, the control
frame can be lost because the other leg is not yet in the bridge.
This patch detects this case an makes sure T.38 negotation happens
when the 2nd leg is being made compatible with the negotating
first leg
ASTERISK-26923 #close
Change-Id: If334125ee61ed63550d242fc9efe7987e37e1d94
0035-r5572-svn-backport-dialog-transaction-deadlock.patch
0036-r5573-svn-backport-ua-pjsua-transaction-deadlock.patch
0037-r5576-svn-backport-session-timer-crash.patch
Also removed the progress bar from wget download to stdout.
ASTERISK-26905 #close
Reported-by: Ross Beer
Change-Id: I268fb3cf71a3bb24283ff0d24bd8b03239d81256
* create_rtp(): Fix unexpected alteration of global address_rtp if a
transport is bound to an address.
* create_rtp(): Fix use of uninitialized memory if the endpoint RTP media
address is invalid or the transport has an invalid address.
ASTERISK-26851
Change-Id: Icde42e65164a88913cb5c2601b285eebcff397b7
ast_cdr_setuserfield wrote to a fixed length field using strcpy. This could
result in a buffer overrun when called from chan_sip or func_cdr. This patch
adds a maximum bytes written to the field by using ast_copy_string instead.
ASTERISK-26897 #close
patches:
0001-CDR-Protect-from-data-overflow-in-ast_cdr_setuserfie.patch submitted
by Corey Farrell (license #5909)
Change-Id: Ib23ca77e9b9e2803a450e1206af45df2d2fdf65c
We were leaking a transport ref in multihomed_on_rx_message() which
resulted in the FRACK about excessive ref counts.
ASTERISK-26916 #close
Change-Id: I7a96658a9614a060565bb9ad51cb1c9c11ee145f
SIP user-agents indicate which protocol extensions are allowed in headers
like Supported and Required. Such protocol extensions are Session Timers
(RFC 4028) for example. Session Timers are supported since Mantis-10665.
Since ASTERISK-21721, not only the first but multiple Supported/Required
headers in a message are parsed. In that change, an existing variable was
re-used within a newly added do-loop. Currently, at the end of that loop,
that variable is an empty string always. Previously, that variable was used
within log output. However, the log output was not changed.
ASTERISK-26915 #close
Change-Id: I09315f31b4d78fb214bb2a9fb6c0f5e143eae990
It is perfectly acceptable for a BYE to be sent on a disconnected
session. This occurs when we respond to a challenge to the BYE
for authentication credentials.
ASTERISK-26363
Change-Id: I6ef0ddece812fea6665a1dd2549ef44fb9d90045
The ast_json structure is used in many Asterisk headers and is often the
only part of json.h used. This adds a forward declaration to asterisk.h
and removes the include of json.h from many headers. The declaration
has been left in endpoints.h and stasis.h to avoid problems with source
files that use ast_json functions without directly including json.h.
ari.h continues to include json.h as it uses enum
ast_json_encoding_format.
Change-Id: Id766aabce6bed56626d27e8d29f559b5e687b769
If DESTDIR is set, don't call ldconfig. Assume that DESTDIR is used to
create a binary archive. The ldconfig call should be delegated to the
archive postinst script. This fixes the case where fakeroot wraps 'make
install' causing $EUID to be 0 even though it doesn't have permission to
call ldconfig.
The previous logic in configure.ac to detect and correct libdir
has been removed as it was not completely accurate. CentOS 64-bit
users should again specifiy --libdir=/usr/lib64 when configuring
to prevent install to /usr/lib.
Updated Makefile:check-old-libdir to check for orphans in
lib64 when installing to lib as well as orphans in lib when installing
to lib64.
Updated Makefile and main/Makefile uninstall targets to remove the
orphans using the new logic.
ASTERISK-26705
Change-Id: I51739d4a03e60bff38be719b8d2ead0007afdd51
The ao2_global_obj_release() function holds an exclusive lock on the
global object while it is being dereferenced. Any destructors that
run during this time that call ao2_global_obj_ref() will deadlock
because a read lock is required.
Instead, we make the global object inaccessible inside of the write
lock and only dereference it once we have released the lock. This
allows the affected destructors to fail gracefully.
While this doesn't completely solve the referenced issue (the error
message about not being able to create an IQ continues to be shown)
it does solve the backtrace spew that accompanied it.
ASTERISK-21009 #close
Reported by: Marcello Ceschia
Change-Id: Idf40ae136b5070dba22cb576ea8414fbc9939385
* changes:
res_xmpp: Use incremental backoff when a read error occurs
res_xmpp: Try to provide useful errors messages from OpenSSL
res_xmpp: Correctly check return value of SSL_connect
Two new parameters have been added to the pjsip config wizard.
* Setting 'sends_line_with_registrations' to true will cause the wizard
to skip the creation of an identify object to match incoming request
to the endpoint and instead add the line and endpoint parameters to
the outbound registration object.
* Setting 'outbound_proxy' is a shortcut for adding individual
endpoint/outbound_proxy, aor/outbound_proxy and
registration/outbound_proxy parameters.
Change-Id: I678e5f80765734c056620528a6d40d82736ceeb0
PQEscapeStringConn() expects the buffer passed in to be an
adequitely sized buffer to write out the escaped SQL value string
into. It is possible, for large values (such as large values to
Dial with a lot of devices) to have more than our 512+1 byte
allocation and thus cause libpq to create a buffer overrun.
glibc will nicely ABRT asterisk for you, citing a stack smash.
Let's only allocate it to be as large as needed:
If we have a value, then (strlen(value) * 2) + 1 (as recommended
by libpq), and if we have none, just one byte to hold our null
will do.
ASTERISK-26896 #close
Change-Id: If611c734292618ed68dde17816d09dd16667dea2
There doesn't appear to be any reason that we are chdir'ing in
moh_scan_files, and in the event of an Asterisk crash, the core files
may not get written because we have changed into a read-only directory.
ASTERISK-23996 #close
Reported by: Walter Doekes
Change-Id: Iac806dce01b3335963fbd62d4b4da9a65c614354
If a read error occurs, we immediately attempt a reconnect without any
delay. Instead, let's sleep and backoff up to 60 seconds before we try
again.
ASTERISK-24712 #close
Reported by: Matthias Urlichs
Change-Id: I6fe10ef4734837727437beab715e336777f13f48
The only remaining reference to the endpoint is in the endpoints
container, and because it is unlinked in ast_endpoint_shutdown, we don't
have to explicitly cleanup the endpoint ourselves.
Change-Id: I912a2692e52d3e2ed445b32d8ae3f9004bc2f2e8
If any errors occur during the TLS connection setup, we currently dump a
fairly generic error message. So instead we try to pull in something
useful from OpenSSL to report instead.
ASTERISK-24712
Reported by: Matthias Urlichs
Change-Id: I288500991a9681f447d92913b11fedaf426087f4
SSL_connect returns non-zero for both success and some error conditions
so simply negating is inadequate.
Change-Id: Ifbf882896e598703b6c615407fa456d3199f95b1
Alexander Traud
Joshua Colp
Torrey Searle
George Joseph
Walter Doekes
Richard Mudgett
Corey Farrell
Daniel Journo
zuul
Sean Bright
Josh Roberson