channel_state_invalid leaked a reference to the channel snapshot any
time it was aquired.
ASTERISK-27067 #close
Change-Id: I8c653f00416b39978513c5605c4be0f03b1df29a
In WebRTC streams (or media tracks in their world) can be grouped
together using the mslabel. This informs the browser that each
should be synchronized with each other.
This change extends the stream API so this information can
be stored with streams. The PJSIP support has been extended
to use the mslabel to determine grouped streams and store
this association on the streams. Finally when creating the
SDP the group information is used to cause each media stream
to use the same mslabel.
ASTERISK-27379
Change-Id: Id6299aa031efe46254edbdc7973c534d54d641ad
When allocate_subscription fails to initialize fields of the new sub it
calls destroy_subscription.
Change-Id: I5b79c915ec216dc00c13c1e4172137864a4bec85
When the identify_by option on an endpoint is set to ip it will
only be identified using the res_pjsip_endpoint_identifier_ip module.
This ensures that it is not mistakenly matched using the username of
the From header. To ensure behavior has not changed the default has
been changed to "username,ip" for the identify_by option.
ASTERISK-27206
Change-Id: I2170b86a7f7e221b4f00bf14aa1ef1ac5b050bbd
create_outgoing_sdp_stream was setting "addr_type = STR_IP6" only
when an ipv6 media_address was specified on the endpoint. If
rtp_ipv6 was set and ast_sip_get_host_ip_string returned an ipv6
address, we were leaving the addr_type set at the default of
STR_IP4. This caused the address type to be set incorrectly on the
"o" and "c" SDP attributes even though the address was set
correctly. Some clients don't like the mismatch.
* Removed the test for endpoint/media_address and now check all
addresses for ipv6.
ASTERISK-27198
Reported by: Martin Cisárik
Change-Id: I5214fc31b728117842243807e7927a319cf77592
Users of the API that res_xmpp provides expect that a
filter be available on the client at all times. When
OAuth authentication support was added this requirement
was not maintained.
This change merely moves the OAuth authentication to
after the filter is created, ensuring users of res_xmpp
can add things to the filter as needed.
ASTERISK-27346
Change-Id: I4ac474afe220e833288ff574e32e2b9a23394886
Prevent unload of the module as certain pjsip initialization functions
cannot be reversed. This required a reorder of the module_load so that
the non-reversable pjsip functions are not called until all potential
errors have been ruled out.
ASTERISK-24483
Change-Id: Iee900f20bdd6ee1bfe23efdec0d87765eadce8a7
Prevent unload of the module as certain pjsip initialization functions
cannot be reversed.
ASTERISK-24483
Change-Id: I94597ec8b8491f5af9c57bf66dbc3b078fe2d49d
PJSIP allows a domain name as external_media_address. This allows chan_pjsip to
be used behind a NAT with changing IP addresses. The IP address of that domain
is resolved to the c= line already. This change sets also the o= line to that
domain.
ASTERISK-27341 #close
Change-Id: I690163b6e762042ec38b3995aa5c9bea909d8ec4
Move ast_sip_add_usereqphone to be called after anonymization of URIs,
to prevent the user_eq_phone adding "user=phone" to URIs containing a
username that is not a phonenumber (RFC3261 19.1.1). An extra call to
ast_sip_add_usereqphone on the saved version before anonymization is
added to add user=phone" to the PAI.
ASTERISK-27047 #close
Change-Id: Ie5644bc66341b86dc08b1f7442210de2e6acdec6
ast_sip_add_usereqphone adds "user=phone" to the header every time is is
called without checking whether the param already exists. Preventing
this by searching to string representation of header for "user=phone".
ASTERISK-26988 #close
Change-Id: Ib84383b07254de357dc6a98d91fc1d2c2c3719e6
Add bridge_features structure to bridge creation. Specifically, this
implements mute and DTMF suppression, but others should be able to be
easily added to the same structure.
ASTERISK-27322 #close
Reported by: Darren Sessions
Sponsored by: AVOXI
Change-Id: Id4002adfb65c9a8027ee9e1a5f477e0f01cf9d61
When "rewrite_contact" is enabled, the "max_contacts" count option can
block re-registrations because the source port from the endpoint can be
random. When the re-registration is blocked, the endpoint may give up
re-registering and require manual intervention.
* The "remove_existing" option now allows a registration to succeed by
displacing any existing contacts that now exceed the "max_contacts" count.
Any removed contacts are the next to expire. The behaviour change is
beneficial when "rewrite_contact" is enabled and "max_contacts" is greater
than one. The removed contact is likely the old contact created by
"rewrite_contact" that the device is refreshing.
ASTERISK-27192
Change-Id: I64c107a10b70db1697d17136051ae6bf22b5314b
Do not manually call sip_endpoint_apply_handler from load_all_endpoints.
This is not necessary and causes memory leaks.
Additionally reinitialize persistent->aors when we reuse a persistent
object with a new endpoint.
ASTERISK-27306
Change-Id: I59bbfc8da8a14d5f4af8c5bb1e71f8592ae823eb
pjsip_distributor leaks references to fake_auth when the default realm
has not changed.
ASTERISK-27306
Change-Id: I3fcf103b3680ad2d1d4610dcd6738eeaebf4d202
Currently privacy requests are only granted if the Privacy header
value is exactly "id" (defined in RFC 3325). It ignores any other
possible value (or a combination there of). This patch reverses the
logic from testing for "id" to grant privacy, to testing for "none" and
granting privacy for any other value. "none" must not be used in
combination with any other value (RFC 3323 section 4.2).
ASTERISK-27284 #close
Change-Id: If438a21f31a962da32d7a33ff33bdeb1e776fe56
This provides better information to REF_DEBUG log for troubleshooting
when the system is unable to unload res_pjsip.so during shutdown due to
module references.
ASTERISK-27306
Change-Id: I63197ad33d1aebe60d12e0a6561718bdc54e4612
res_pjsip and res_pjsip_session had circular references, preventing both
modules from shutting down.
* Move session supplement registration to res_pjsip.
* Use create internal functions for use by pjsip_message_filter.c.
ASTERISK-27306
Change-Id: Ifbd5c19ec848010111afeab2436f9699da06ba6b
When we are loading the calendars, we call libical's
icalcomponent_foreach_recurrence method for each VEVENT component that
we have in our calendar.
That method has no knowledge concerning the existence of the other
VEVENT components and will feed our callback with all ocurrences
matching the requested time span.
The occurrences generated by icalcomponent_foreach_recurrence while
expanding a recurring VEVENT's RRULE and RDATE properties can be
superceded by an other VEVENT sharing the same UID.
I use an external iterator (in libical terminology) to avoid messing
with the internal ones from the calling function, and search for
VEVENTS which could supersede the current occurrence.
The event which can invalidate this occurence needs to have:
- the same UID as our recurrent component (comp)
- a RECURRENCE-ID property, which represents the start time of this
occurrence
If one component is found, just clean and return.
ASTERISK-27296 #close
Reported by: Benoît Dereck-Tricot
Change-Id: I8587ae3eaa765af7cb21eda3b6bf84e8a1c87af8
This change adds 'video_sfu' as a requested bridge type when
creating a bridge. By specifying this a mixing type bridge is
created that exchanges video in an SFU fashion.
Change-Id: I2ada47cf5f3fc176518b647c0b4aa39d55339606
The pjsip_publishc_init() call was referenced with a misplaced
parentheses. As a result, outbound publication messages went out with an
expiration of 1 second.
ASTERISK-27298
Change-Id: I93622eabc8ee83e7a22e98c107f921284c605a08
The "res_pjsip: Filter out non SIP(S) requests" commit moved the
filtering of messages to pjproject's PJSIP_MOD_PRIORITY_TRANSPORT_LAYER
in order to filter out incoming bad uri schemes as early as possible.
Since the change affected outgoing messages as well and the TRANSPORT
layer is the last to be run on outgoing messages, we were overwriting
the setting of external_signaling_address (which is set earlier by
res_pjsip_nat) with an internal address.
* pjsip_message_filter now registers itself as a pjproject module
twice. Once in the TSX layer for the outgoing messages (as it was
originally), then a second time in the TRANSPORT layer for the
incoming messages to catch the invalid uri schemes.
ASTERISK-27295
Reported by: Sean Bright
Change-Id: I2c90190c43370f8a9d1c4693a19fd65840689c8c
The bridge_p2p_rtp_write() has potential reentrancy problems.
* Accessing the bridged RTP members must be done with the instance1 lock
held. The DTMF and asymmetric codec checks must be split to be done with
the correct RTP instance struct locked. i.e., They must be done when
working on the appropriate side of the point to point bridge.
* Forcing the RTP mark bit was referencing the wrong side of the point to
point bridge. The set mark bit is used everywhere else to set the mark
bit when sending not receiving.
The patches for ASTERISK_26745 and ASTERISK_27158 did not take into
account that not everything carried by RTP uses a codec. The telephony
DTMF events are not exchanged with a codec. As a result when
RFC2833/RFC4733 sent digits you would crash if "core set debug 1" is
enabled, the DTMF digits would always get passed to the core even though
the local native RTP bridge is active, and the DTMF digits would go out
using the wrong SSRC id.
* Add protection for non-format payload types like DTMF when updating the
lastrxformat and lasttxformat. Also protect against non-format payload
types when checking for asymmetric codecs.
ASTERISK-27292
Change-Id: I6344ab7de21e26f84503c4d1fca1a41579364186
This could have been fixed by subtracting 1 from the final value of
'len' but the way the packet was being constructed was confusing so I
took the opportunity to (I think) make it more clear.
We were sending 1 extra byte at the end of the SDES RTCP packet which
caused Chrome to complain (in its debug log):
Too little data (1 byte) remaining in buffer to parse
RTCP header (4 bytes).
We now send the correct number of bytes.
Change-Id: I9dcf087cdaf97da0374ae0acb7d379746a71e81b
If using a legitimate certificate from a trusted certificate authority,
you don't need to provide CA file.
Change-Id: I8623973b4209b44889243716d7880274caed8a6d
For some scenarios when an outgoing call was made only a subset of the
configured codecs were offered. If the codecs being offered happened to
not have a codec supported by the phone then the call would fail.
For instance Alice and Bob both are configured in Asterisk for g722 and ulaw(
allow=!all,g722,ulaw). Alice's endpoint however only supports g722 while Bob's
only supports ulaw. When Alice calls Bob, Alice negotiates g722 fine with
Asterisk. But when Asterisk sends the outgoing offer to Bob it only contains
g722 and not both g722 and ulaw, so the call ends.
This patch makes it so all the audio codecs configured on the endpoint always
get sent, and not just a subset. However priority is given to those codecs that
are compatible with the "other side".
ASTERISK-27259 #close
Change-Id: Iffabc373bd94cd1dc700925dcfe406e12918c696
When pruning a request to change the topology of a channel be
more intelligent about the resulting topology that is actually
used for SDP renegotiation.
In a case where a stream has not already been negotiated we
don't need to renegotiate and offer a declined stream. This can
occur if something in Asterisk (such as ConfBridge) requests
to add video to a PJSIP channel that has no video codecs configured.
In this case since the stream did not already exist we can safely
remove the stream from the requested topology, resulting in no
renegotiation occurring.
In a case where a renegotiation is requested with a codec that is
not supported we can reuse the formats of the existing stream if
it exists to ensure that the stream continues to flow, instead of
removing it.
Change-Id: I636540798d55922377318fe619c510fb6ed125fb
During a reinvite, if a remote endpoint error occurs and it returns a 500 the
session would end. This patch makes it so the session is not terminated, but
continues as it was.
The reason for this is because some endpoints may send non session terminating
"server errors" like a failed codec negotiation. So in this case instead of
ending the call it can hopefully continue. In the case of a real server error
the session is already "doomed", will be known soon enough and appropriately
ended by Asterisk later.
Change-Id: Ifeedae86b8cb44b92d52c79046522ec5f0aff1d5
When an INVITE came in with both audio and video streams but there
were no audio codecs defined for the endpoint, we weren't declining
the audio stream. Since it's usually the first/transport stream,
when the video stream was processed and tried to use the transport,
it was empty and caused a crash. We now decline the the stream if
there are no matching codecs so when the video stream is processed,
it's now the first/transport stream and processes normally.
Change-Id: Ic854eda54c95031e66b076ecfae3041d34daa692
Assertions in the v15+ AST-2017-008 patches found that we were not
handling the case if the incoming SDP did not specify the required SSRC
attributes for bundled to work.
* Be strict on matching SSRC for bundled instances including the parent
instance. If the SSRC doesn't match then discard the packet. Bundled has
to tell us in the SDP signaling what SSRC to expect. Otherwise, we will
not know how to find the bundled instance structure.
Change-Id: I152830bbff71c662408909042068fada39e617f9
Some endpoints do not like a stream being reused for a new
media stream. The frame/jitterbuffer can rely on underlying
attributes of the media stream in order to order the packets.
When a new stream takes its place without any notice the
buffer can get confused and the media ends up getting dropped.
This change uses the SSRC change to determine that a new source
is reusing an existing stream and then bridge_softmix renegotiates
each participant such that they see a new media stream. This
causes the frame/jitterbuffer to start fresh and work as expected.
ASTERISK-27277
Change-Id: I30ccbdba16ca073d7f31e0e59ab778c153afae07
There was an issue reported where an SDP received on a 183 Session
Progress message caused a crash because the pending streams had
already been processed when the OK was received. In that case the
pending topology was legitimately NULL. There was an assert for an
incorrect number of streams in the topology but not one for
topology being NULL. In any case, if you're not in dev-mode the
asserts don't do anything and since the scenario is legit, the
asserts weren't appropriate anyway.
* Changed several asserts to warning or debug messages and return
codes as appropriate.
ASTERISK-27264
Reported by: Daniel Heckl
Change-Id: I58daaa9d2938fa980857ab3ec41925ab5ff9c848
In PostgreSQL 9.1 the backslash are string literals and not the escape
of characters.
In previous issue ASTERISK_26057 was fixed the use of escape LIKE but the
support for old version of Postgresql than 9.1 was dropped. The sentence
before make was "ESCAPE '\'" but in version before than 9.1 need it to be
as follow "ESCAPE '\\'".
ASTERISK-27283
Change-Id: I96d9ee1ed7693ab17503cb36a9cd72847165f949
When a sip session is refreshed, the stream topology is looped
through, checking each stream for compatible formats. This would
cause a crash if the stream state was AST_STREAM_STATE_REMOVED,
since the formats would never be set for this stream, causing
a NULL value to be returned from ast_stream_get_formats. This
commit adds a check for streams with removed states.
Also removed a stray semicolon.
Change-Id: Ic86f8b65a4a26a60885b28b8b1a0b22e1b471d42
Previously, sRTP authentication failures were reported on log level WARNING.
When such failures happen, each RT(C)P packet is affected, spamming the log.
Now, those failures are reported at log level VERBOSE 2. Furthermore, the
amount is further reduced (previously all two seconds, now all three seconds).
Additionally, the new log entry informs whether media (RTP) or statistics (RTCP)
are affected.
ASTERISK-16898 #close
Change-Id: I6c98d46b711f56e08655abeb01c951ab8e8d7fa0
pubsub_on_rx_notify_request wasn't checking for a null
Content-Type header before checking that it was
application/simple-message-summary.
ASTERISK-27279
Reported by: Ross Beer
Change-Id: Iec2a6c4d2e74af37ff779ecc9fd35644c5c4ea52
ast_variables_destroy is NULL safe, so there is no need to check its
argument before passing it.
ASTERISK-25524 #close
Reported by: Jesper
Change-Id: Ib0f8057642e9d471960f1a79fd42e5a3ce587d3b
Validate RTCP packets before processing them.
* Validate that the received packet is of a minimum length and apply the
RFC3550 RTCP packet validation checks.
* Fixed potentially reading garbage beyond the received RTCP record data.
* Fixed rtp->themssrc only being set once when the remote could change
the SSRC. We would effectively stop handling the RTCP statistic records.
* Fixed rtp->themssrc to not treat a zero value as special by adding
rtp->themssrc_valid to indicate if rtp->themssrc is available.
ASTERISK-27274
Make strict RTP learning more flexible.
Direct media can cause strict RTP to attempt to learn a remote address
again before it has had a chance to learn the remote address the first
time. Because of the rapid relearn requests, strict RTP could latch onto
the first remote address and fail to latch onto the direct media remote
address. As a result, you have one way audio until the call is placed on
and off hold.
The new algorithm learns remote addresses for a set time (1.5 seconds)
before locking the remote address. In addition, we must see a configured
number of remote packets from the same address in a row before switching.
* Fixed strict RTP learning from always accepting the first new address
packet as the new stream.
* Fixed strict RTP to initialize the expected sequence number with the
last received sequence number instead of the last transmitted sequence
number.
* Fixed the predicted next sequence number calculation in
rtp_learning_rtp_seq_update() to handle overflow.
ASTERISK-27252
Change-Id: Ia2d3aa6e0f22906c25971e74f10027d96525f31c
Incoming requests with non sip(s) URIs in the Request, To, From
or Contact URIs are now rejected with
PJSIP_SC_UNSUPPORTED_URI_SCHEME (416). This is performed in
pjsip_message_filter (formerly pjsip_message_ip_updater) and is
done at pjproject's "TRANSPORT" layer before a request can even
reach the distributor.
URIs read by res_pjsip_outbound_publish from pjsip.conf are now
also checked for both length and sip(s) scheme. Those URIs read
by outbound registration and aor were already being checked for
scheme but their error messages needed to be updated to include
scheme failure as well as length failure.
Change-Id: Ibb2f9f1d2dc7549da562af4cbd9156c44ffdd460
* The way that we were looking at XML elements for CalDAV was extremely
fragile, so use SAX2 for increased robustness.
* Don't complain about a 'channel' not be specified if autoreminder is
not set. Assume that if 'channel' is not set, we don't want to be
notified.
* Fix some truncated CLI output in 'calendar show calendar' and make the
'Autoreminder' description a bit more clear
ASTERISK-24588 #close
Reported by: Stefan Gofferje
ASTERISK-25523 #close
Reported by: Jesper
Change-Id: I200d11afca6a47e7d97888f286977e2e69874b2c
A new endpoint parameter "incoming_mwi_mailbox" allows Asterisk to
receive unsolicited MWI NOTIFY requests and make them available to
other modules via the stasis message bus.
res_pjsip_pubsub has a new handler "pubsub_on_rx_mwi_notify_request"
that parses a simple-message-summary body and, if
endpoint->incoming_mwi_account is set, calls ast_publish_mwi_state
with the voice-message counts from the message.
Change-Id: I08bae3d16e77af48fcccc2c936acce8fc0ef0f3c
In 45744fc53, I mistakenly broke SDP media address rewriting by
misinterpreting which address was checked in the localnet comparison.
Instead of checking the remote peer address to decide whether we need
media address rewriting, we check our local media address: if it's
local, then we rewrite. This feels awkward, but works and even made
directmedia work properly if you set local_net. (For the record: for
local peers, the SDP media rewrite code is not called, so the
comparison does no harm there.)
ASTERISK-27248 #close
Change-Id: I566be1c33f4d0a689567d451ed46bab9c3861d4f
If an error occurs during a bridge impart it's possible that
the "bridge_after" callback might try to run before
control_swap_channel_in_bridge has been signalled to continue.
Since control_swap_channel_in_bridge is holding the control lock
and the callback needs it, a deadlock will occur.
* control_swap_channel_in_bridge now only holds the control
lock while it's actually modifying the control structure and
releases it while the bridge impart is running.
* bridge_after_cb is now tolerant of impart failures.
Change-Id: Ifd239aa93955b3eb475521f61e284fcb0da2c3b3
Asterisk is able to use libSRTP 2.0.x. However since libSRTP 2.1.x, the macro
SRTP_AES_ICM got renamed to SRTP_AES_ICM_128. Beside to still compile with
previous versions of libSRTP, this change allows libSRTP 2.1.x as well.
ASTERISK-27253 #close
Change-Id: I2e6eb3c3bc844fee8a624060a2eb6f182dc70315
In 2dee95cc (ASTERISK-27024) and 776ffd77 (ASTERISK-26879) there was
confusion about whether the transport_state->localnet ACL has ALLOW or
DENY semantics.
For the record: the localnet has DENY semantics, meaning that "not in
the list" means ALLOW, and the local nets are in the list.
Therefore, checks like this look wrong, but are right:
/* See if where we are sending this request is local or not, and if
not that we can get a Contact URI to modify */
if (ast_apply_ha(transport_state->localnet, &addr) != AST_SENSE_ALLOW) {
ast_debug(5, "Request is being sent to local address, "
"skipping NAT manipulation\n");
(In the list == localnet == DENY == skip NAT manipulation.)
And conversely, other checks that looked right, were wrong.
This change adds two macro's to reduce the confusion and uses those
instead:
ast_sip_transport_is_nonlocal(transport_state, addr)
ast_sip_transport_is_local(transport_state, addr)
ASTERISK-27248 #close
Change-Id: Ie7767519eb5a822c4848e531a53c0fd054fae934
Stream names within Asterisk can have meaning so when an externally
initiated renegotiation occurs we need to preserve the name of
the stream if it already exists.
Change-Id: I29f50d0cc7f3238287d6d647777e76e1bdf8c596
t38_reinvite_response_cb can get called by res_pjsip_session's
session_inv_on_tsx_state_changed in situations where session->channel
is NULL. If it is, the ast_log warning segfaults because it tries
to get the channel name from a NULL channel.
* Check session->channel and print "unknown channel" when it's NULL.
ASTERISK-27236
Reported by: Ross Beer
Change-Id: I4326e288d36327f6c79ab52226d54905cdc87dc7
sanitize_tdata was assuming all URIs were SIP URIs so when a non
SIP uri was in the From, To or Contact headers, the unconditional
cast of a non-pjsip_sip_uri structure to pjsip_sip_uri caused
a segfault when trying to access uri->other_param.
* Added PJSIP_URI_SCHEME_IS_SIP(uri) || PJSIP_URI_SCHEME_IS_SIPS(uri)
checks before attempting to cast or use the returned uri.
ASTERISK-27152
Reported-by: Ross Beer
Change-Id: Id380df790e6622c8058a96035f8b8f4aa0b8551f
An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received. The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.
* Add ast_safe_execvp() function. This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding. This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.
* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.
* Document code injection potential from untrusted data sources for other
shell commands that are under user control.
ASTERISK-27103
Change-Id: I7552472247a84cde24e1358aaf64af160107aef1
This change moves the logic which learns a new source address
for RTP so it only occurs in the learning state. The learning
state is entered on initial allocation of RTP or if we are
told that the remote address for the media has changed. While
in the learning state if we continue to receive media from
the original source we restart the learning process. It is
only once we receive a sufficient number of RTP packets from
the new source that we will switch to it. Once this is done
the closed state is entered where all packets that do not
originate from the expected source are dropped.
The learning process has also been improved to take into
account the time between received packets so a flood of them
while in the learning state does not cause media to be switched.
Finally RTCP now drops packets which are not for the learned
SSRC if strict RTP is enabled.
ASTERISK-27013
Change-Id: I56a96e993700906355e79bc880ad9d4ad3ab129c
When SDP renegotiation occurs it is possible for an RTP
instance to be reused for a new stream, resulting in the remote
SSRC changing if it is part of a bundle group. This change
allows this and updates its mapping in the current bundle
group.
ASTERISK-27231
Change-Id: I6e3703974f236bc024c5dbe9bd43adae0c6fb490
If an SDP answer hasn't been sent yet, it's legal to change it.
This is required for PJSIP_DTMF_MODE to work correctly, and can
also have use in the future for updating codecs too.
ASTERISK-27209 #close
Change-Id: Idbbfb7cb3f72fbd96c94d10d93540f69bd51e7a1
If a previously active stream is declined we could crash because the
channel's thread is still using the stream while we are updating the
topology in the serializer thread.
* Defer removing any declined stream's handler until we have blocked the
channel's thread with the channel lock.
ASTERISK-27212
Change-Id: I50e1d3ef26f8e41948f4c411ee329aa3b960a420
fetch_access_token calls func_curl via ast_func_read. The latter returns 0 upon
success and -1 if the function is not available.
This commit inverts the return code check so that an error is printed if the
module is not loaded and not if it is loaded.
ASTERISK-27207 #close
Change-Id: I9ef903f80702d1218e8701f65a4e5e918e6548fb
When looking for recurring events, use the correct end time based on the
configured 'timeframe.'
ASTERISK-27174 #close
Reported by: Mark Thompson
Change-Id: Id90c3cfc79d561a5521d79be176683e225f2edef
* Check that the contact's reg_server matches the host's name before
deleting any prune_on_boot contacts. We don't want to delete reliable
transport contacts made with other servers if the ps_contacts database
table is shared with other servers.
Thanks to Ross Beer for pointing out that the original prune logic would
delete reliable transport contacts from other servers.
ASTERISK-27147
Change-Id: I8e439d0d1c266ffdfd7b73d1e5e466180a689bd0
Add ability to use tokens instead of passwords according to Google OAuth 2.0
protocol.
ASTERISK-27169
Reported by: Andrey Egorov
Tested by: Andrey Egorov
Change-Id: I07f7052a502457ab55010a4d3686653b60f4c8db
The fix for the issue is broken up into three parts.
This is part three which handles the client side of REGISTER requests.
The registered contact may no longer be valid on the server when the
transport used is reliable and the connection is broken.
* Re-REGISTER our contact if the reliable transport is broken after
registration completes. We attempt to re-REGISTER immediately to minimize
the time we are unreachable. Time may have already passed between the
connection being broken and the loss being detected.
* Reorder sip_outbound_registration_state_alloc() so the STATSD_GUAGE's
are still correct if an allocation failure happens.
ASTERISK-27147
Change-Id: I3668405b1ee75dfefb07c0d637826176f741ce83
The fix for the issue is broken up into three parts.
This is part two which handles the server side of REGISTER requests when
rewrite_contact is enabled. Any registered reliable transport contact
becomes invalid when the transport connection becomes disconnected.
* Monitor the rewrite_contact's reliable transport REGISTER contact for
shutdown. If it is shutdown then the contact must be removed because it
is no longer valid. Otherwise, when the client attempts to re-REGISTER it
may be blocked because the invalid contact is there. Also if we try to
send a call to the endpoint using the invalid contact then the endpoint is
not likely to see the request. The endpoint either won't be listening on
that port for new connections or a NAT/firewall will block it.
* Prune any rewrite_contact's registered reliable transport contacts on
boot. The reliable transport no longer exists so the contact is invalid.
* Websockets always rewrite the REGISTER contact address and the transport
needs to be monitored for shutdown.
* Made the websocket transport set a unique name since that is what we use
as the ao2 container key. Otherwise, we would not know which transport we
find when one of them shuts down. The names are also used for PJPROJECT
debug logging.
* Made the websocket transport post the PJSIP_TP_STATE_CONNECTED state
event. Now the global keep_alive_interval option, initially idle shutdown
timer, and the server REGISTER contact monitor can work on wetsocket
transports.
* Made the websocket transport set the PJSIP_TP_DIR_INCOMING direction.
Now initially idle websockets will automatically shutdown.
ASTERISK-27147
Change-Id: I397a5e7d18476830f7ffe1726adf9ee6c15964f4
The fix for the issue is broken up into three parts.
This is part one which refactors the transport state monitor code to allow
more modules to be able to monitor transports.
* Pull the management of PJPROJECT's transport state callback code from
res_pjsip_transport_management.c into res_pjsip. Now other modules can
dynamically add and remove themselves from transport monitoring without
worrying about breaking PJPROJECT's callback chain.
* Add the ability for other modules to get a callback whenever a specific
transport is shutdown.
ASTERISK-27147
Change-Id: I7d9a31371eb1487c9b7050cf82a9af5180a57912
When handling an incoming SIP MESSAGE, PJSIP
attaches the IP address that the message was
received from to the message in the variable
PJSIP_RECVADDR. When the IP address is IPv6
the :PORT appended results in an unparseable
mess. By using an additional bit flag on the
pj_sockaddr_print call, the conventional use
of brackets around the address is achieved.
ASTERISK-27193 #close
Change-Id: I12342521f2ce87a5b6e4883d480a3fd957aa9fd9
Asterisk wasn't generating or forwarding RTCP packets when native
bridge was activated. Also the stats weren't available via
CHANNEL(qos). Now the RTCP stats are always calculated.
ASTERISK-27158 #close
Change-Id: I46fb8f61c95e836b9d2dda6054b0cf205c16037b
Introduce a new property to rtp-engine to make it aware of
the desire for assymetric codecs or not. If asymmetric codecs
is not allowed, the bridge will compare read/write formats
and shut down the p2p bridge if needed
ASTERISK-26745 #close
Change-Id: I0d9c83e5356df81661e58d40a8db565833501a6f
A change was made long ago where the session was kept around
until the underlying INVITE session had been destroyed. This
had the side effect of also keeping the underlying media resources
around for this time as well.
This change ensures that when we are told to terminate the
session we immediately release any media sessions associated
with it.
ASTERISK-27110
Change-Id: I643e431d5c3bf05cda220c1d39e824a505a29b82
Currently, the handling of the msid attribute is not quite right. According to
the spec the msid's between the offer/answer are not dependent upon one another.
Meaning the same msid's given in an offer do not have to be returned in the
answer for a given stream. And they probably shouldn't be (copied/reused) since
this can potentially cause some browser side confusion.
This patch generates new msids when both an offer and answer are sent from
Asterisk. However, Asterisk does reuse the original msid it sent out for a
reinvite. Also audio+video streams are paired together by sharing the same
stream id, but a different track id.
ASTERISK-27179 #close
Change-Id: Ifaec06dc7e65ad841633a24ebec8c8a9302d6643
* Remove unnecessary CMP_STOP.
* In handle_client_registration() use DEBUG_ATLEAST() to only do work
needed for the debug log message when the debug log message is needed.
* In sip_outbound_registration_state_destroy() check state->registration
for NULL.
Change-Id: I656d0fa11dda0b00048103efb1558e67a426fd80
Most uses of CMP_STOP are superfluous and are only respected when
OBJ_MULTIPLE is used to search the container.
Change-Id: I20571a202ec0aa1098bb2749eeba18de7ca110b8
Support building the Asterisk httpd with version 3.0 of gmime as
well as earlier versions of that library.
ASTERISK-27173
Change-Id: I7e13dd05a3083ccb0df2dabf83110223f6a9fa8f
When the "webrtc" option was added in res_pjsip it was not added to the alembic
scripts. This patch adds the option for alembic.
Also, changed the sorcery configuration type to an OPT_YESNO_T value instead of
an OPT_BOOL_T so if this field is ever written to a database it will write out
the correct value.
ASTERISK-27119 #close
Change-Id: I3e199f060aea25e193c439fc5cf96be4d3ed1c7b
This change fixes PIDF content generation when the underlying device
state is considered in use. Previously it was incorrectly marked
as closed meaning they were offline/unavailable. The code now
correctly marks them as open.
Additionally:
* Generate an XML element for our activity instead of a using a text
node.
* Consider every extension state other than "unavailable" to be 'open'
status.
* Update the XML namespaces and structure to reflect those
documented in RFC 4480
* Use 'on-the-phone' (defined in RFC 4880) instead of 'busy' as the
"in use" activity. This change results in eyeBeam using the
appropriate icon for the watched user.
This was tested on eyeBeam 1.5.20.2 build 59030 on Windows.
ASTERISK-26659 #close
Reported by: Abraham Liebsch
patches:
ASTERISK-26659.diff submitted by snuffy (license 5024)
Change-Id: I6e5ad450f91106029fb30517b8c0ea0c2058c810
The "external_media_address" option on transports is now
resolved using dnsmgr. This allows it to be automatically
refreshed regularly if refreshes are enabled in dnsmgr.
If the system is using a dynamic IP address a dynamic DNS
hostname can be provided to keep the IP address up to
date.
Change-Id: Ia54771720dff0105bde55d5bbb81a3ba437e05b2
GCC 7 has added capability to produce warnings, this fixes most of those
warnings. The specific warnings are disabled in a few places:
* app_voicemail.c: truncation of paths more than 4096 chars in many places.
* chan_mgcp.c: callid truncated to 80 chars.
* cdr.c: two userfields are combined to cdr copy, fix would break ABI.
* tcptls.c: ignore use of deprecated method SSLv3_client_method().
ASTERISK-27156 #close
Change-Id: I65f280e7d3cfad279d16f41823a4d6fddcbc4c88
This function is a replica of SIPDtmfMode, allowing the DTMF mode of a
PJSIP call to be modified on a per-call basis
ASTERISK-27085 #close
Change-Id: I20eef5da3e5d1d3e58b304416bc79683f87e7612
Case scenario with Applications ARI:
* Once you subscribe to deviceState with Applications REST API, it will be
added into subscription pool.
* When you unsubscribe it will remove from the device_state_subscription
hash table but not from the subscription pool.
* When you subscribe again, it will add it to pool again.
* Now you will have two subscriptions and you will receive same event
twice.
This fix should now remove deviceState subscription from pool and it
should fix unsubscribe on deviceState.
ASTERISK-27130 #close
Change-Id: I718b70d770a086e39b4ddba4f69a3c616d4476c4
This change does a few things to improve packet loss and renegotiation:
1. On outgoing RTP streams we will now properly reflect out of order
packets and packet loss in the sequence number. This allows the
remote jitterbuffer to better reorder things.
2. Video updates can now be discarded for a period of time
after one has been sent to prevent flooding of clients.
3. For declined and removed streams we will now release any
media session resources associated with them. This was not
previously done and caused an issue where old state was being
used for a new stream.
4. RTP bundling was not actually removing bundled RTP instances
from the parent. This has been resolved by removing based on
the RTP instance itself and not the SSRC.
5. The code did not properly handle explicitly unbundling an
RTP instance from its parent. This now works as expected.
ASTERISK-27143
Change-Id: Ibd91362f0e4990b6129638e712bc8adf0899fd45
This change makes it so that if an RTCP packet is being sent
the RTP ICE component is used for sending if RTCP-MUX is in use.
ASTERISK-27133
Change-Id: I6200f611ede709602ee9b89501720c29545ed68b
This patch creates a new configuration option called "webrtc". When enabled it
defaults and enables the following options that are needed in order for webrtc
to work in Asterisk:
rtcp-mux, use_avpf, ice_support, and use_received_transport=enabled
media_encryption=dtls
dtls_verify=fingerprint
dtls_setup=actpass
When "webrtc" is enabled, this patch also parses the "msid" media level
attribute from an SDP. It will also appropriately add it onto the outgoing
session when applicable.
Lastly, when "webrtc" is enabled h264 RTCP FIR feedback frames are now sent.
ASTERISK-27119 #close
Change-Id: I5ec02e07c5d5b9ad86a34fdf31bf2f9da9aac6fd
Corey Farrell
Joshua Colp
George Joseph
Alexander Traud
Jenkins2
Daniel Tryba
Seán C McCord
Tzafrir Cohen
Richard Mudgett
hajekd
Daniel Tryba
krells
Sean Bright
Kevin Harwell
Rodrigo Ramírez Norambuena
Ben Ford
Walter Doekes
Torrey Searle
Michael Kuron
Andrey Egorov
Scott Griepentrog
Sergej Kasumovic