asterisk

Commit Graph

Author	SHA1	Message	Date
George Joseph	a47b8e2d40	docs: Add version information to manager event instance XML elements * Do a git blame on the embedded XML managerEvent elements. * From the commit hash, grab the summary line. * Do a git log --grep <summary> to find the cherry-pick commits in all branches that match. * Do a git patch-id to ensure the commits are all related and didn't get a false match on the summary. * Do a git tag --contains <commit> to find the tags that contain each commit. * Weed out all tags not ..0. * Sort and discard any .0.0 and following tags where the commit appeared in an earlier branch. * The result is a single tag for each branch where the application or function was defined. The events defined in res/res_pjsip/pjsip_manager.xml were done by hand because the XML was extracted from the C source file relatively recently. Two bugs were fixed along the way... * The get_documentation awk script was exiting after it processed the first DOCUMENTATION block it found in a file. We have at least 1 source file with multiple DOCUMENTATION blocks so only the first one in them was being processed. The awk script was changed to continue searching rather than exiting after the first block. * Fixing the awk script revealed an issue in logger.c where the third DOCUMENTATION block contained a XML fragment that consisted only of a managerEventInstance element that wasn't wrapped in a managerEvent element. Since logger_doc.xml already existed, the remaining fragments in logger.c were moved to it and properly organized.	3 months ago
Sean Bright	fa286641fb	res_prometheus.c: Set Content-Type header on /metrics response. This should resolve the Prometheus error: > Error scraping target: non-compliant scrape target sending blank Content-Type and no fallback_scrape_protocol specified for target. Resolves: #1075	3 months ago
George Joseph	a22dc33057	docs: Add version information to configObject and configOption XML elements Most of the configObjects and configOptions that are implemented with ACO or Sorcery now have `<since>/<version>` elements added. There are probably some that the script I used didn't catch. The version tags were determined by the following... * Do a git blame on the API call that created the object or option. * From the commit hash, grab the summary line. * Do a `git log --grep <summary>` to find the cherry-pick commits in all branches that match. * Do a `git patch-id` to ensure the commits are all related and didn't get a false match on the summary. * Do a `git tag --contains <commit>` to find the tags that contain each commit. * Weed out all tags not <major>.<minor>.0. * Sort and discard any <major>.0.0 and following tags where the commit appeared in an earlier branch. * The result is a single tag for each branch where the API was last touched. configObjects and configOptions elements implemented with the base ast_config APIs were just not possible to find due to the non-deterministic way they are accessed. Also note that if the API call was on modified after it was added, the version will be the one it was last modified in. Final note: The configObject and configOption elements were introduced in 12.0.0 so options created before then may not have any XML documentation.	3 months ago
George Joseph	317b830c1e	res_pjsip_authenticator_digest: Fix issue with missing auth and DONT_OPTIMIZE The return code fom digest_check_auth wasn't explicitly being initialized. The return code also wasn't explicitly set to CHALLENGE when challenges were sent. When optimization was turned off (DONT_OPTIMIZE), the compiler was setting it to "0"(CHALLENGE) which worked fine. However, with optimization turned on, it was setting it to "1" (SUCCESS) so if there was no incoming Authorization header, the function was returning SUCCESS to the distributor allowing the request to incorrectly succeed. The return code is now initialized correctly and is now explicitly set to CHALLENGE when we send challenges.	3 months ago
George Joseph	3b53152624	docs: Various XML fixes * channels/pjsip/dialplan_functions_doc.xml: Added xmlns:xi to docs element. * main/bucket.c: Removed XML completely since the "bucket" and "file" objects are internal only with no config file. * main/named_acl.c: Fixed the configFile element name. It was "named_acl.conf" and should have been "acl.conf" * res/res_geolocation/geoloc_doc.xml: Added xmlns:xi to docs element. * res/res_http_media_cache.c: Fixed the configFile element name. It was "http_media_cache.conf" and should have been "res_http_media_cache.conf".	3 months ago
George Joseph	3e28ddce78	docs: Enable since/version handling for XML, CLI and ARI documentation * Added the "since" element to the XML configObject and configOption elements in appdocsxml.dtd. * Added the "Since" section to the following CLI output: ``` config show help <module> <object> config show help <module> <object> <option> core show application <app> core show function <func> manager show command <command> manager show event <event> agi show commands topic <topic> ``` * Refactored the commands above to output their sections in the same order: Synopsis, Since, Description, Syntax, Arguments, SeeAlso * Refactored the commands above so they all use the same pattern for writing the output to the CLI. * Fixed several memory leaks caused by failure to free temporary output buffers. * Added a "since" array to the mustache template for the top-level resources (Channel, Endpoint, etc.) and to the paths/methods underneath them. These will be added to the generated markdown if present. Example: ``` "resourcePath": "/api-docs/channels.{format}", "requiresModules": [ "res_stasis_answer", "res_stasis_playback", "res_stasis_recording", "res_stasis_snoop" ], "since": [ "18.0.0", "21.0.0" ], "apis": [ { "path": "/channels", "description": "Active channels", "operations": [ { "httpMethod": "GET", "since": [ "18.6.0", "21.8.0" ], "summary": "List all active channels in Asterisk.", "nickname": "list", "responseClass": "List[Channel]" }, ``` NOTE: No versioning information is actually added in this commit. Those will be added separately and instructions for adding and maintaining them will be published on the documentation site at a later date.	3 months ago
Artem Umerov	ee54dc56ee	logger.h: Fix build when AST_DEVMODE is not defined. Resolves: #1058	3 months ago
Sean Bright	7f13966202	manager: Add `<since>` tags for all AMI actions.	3 months ago
Abdelkader Boudih	1ea7d5cae6	res_config_pgsql: normalize database connection option with cel and cdr by supporting new options name	4 months ago
Stanislav Abramenkov	385e2d5042	res_pjproject: Fix typo (OpenmSSL->OpenSSL) Fix typo (OpenmSSL->OpenSSL) mentioned by bkford in #972	4 months ago
George Joseph	1933548d41	Add SHA-256 and SHA-512-256 as authentication digest algorithms * Refactored pjproject code to support the new algorithms and added a patch file to third-party/pjproject/patches * Added new parameters to the pjsip auth object: * password_digest = <algorithm>:<digest> * supported_algorithms_uac = List of algorithms to support when acting as a UAC. * supported_algorithms_uas = List of algorithms to support when acting as a UAS. See the auth object in pjsip.conf.sample for detailed info. * Updated both res_pjsip_authenticator_digest.c (for UAS) and res_pjsip_outbound_authentocator_digest.c (UAC) to suport the new algorithms. The new algorithms are only available with the bundled version of pjproject, or an external version > 2.14.1. OpenSSL version 1.1.1 or greater is required to support SHA-512-256. Resolves: #948 UserNote: The SHA-256 and SHA-512-256 algorithms are now available for authentication as both a UAS and a UAC.	4 months ago
Kent	85f5a047c1	res_pjsip: Add new AOR option "qualify_2xx_only" Added a new option "qualify_2xx_only" to the res_pjsip AOR qualify feature to mark a contact as available only if an OPTIONS request returns a 2XX response. If the option is not specified or is false, any response to the OPTIONS request marks the contact as available. UserNote: The pjsip.conf AOR section now has a "qualify_2xx_only" option that can be set so that only 2XX responses to OPTIONS requests used to qualify a contact will mark the contact as available.	4 months ago
Jaco Kroon	89ffbb5de7	res_odbc: release threads from potential starvation. Whenever a slot is freed up due to a failed connection, wake up a waiter before failing. In the case of a dead connection there could be waiters, for example, let's say two threads tries to acquire objects at the same time, with one in the cached connections, one will acquire the dead connection, and the other will enter into the wait state. The thread with the dead connection will clear up the dead connection, and then attempt a re-acquire (at this point there cannot be cached connections else the other thread would have received that and tried to clean up), as such, at this point we're guaranteed that either there are no waiting threads, or that the maxconnections - connection_cnt threads will attempt to re-acquire connections, and then either succeed, using those connections, or failing, and then signalling to release more waiters. Also fix the pointer log for ODBC handle %p dead which would always reflect NULL. Signed-off-by: Jaco Kroon <jaco@uls.co.za>	4 months ago
Viktor Litvinov	607de36230	res_rtp_asterisk.c: Set Mark on rtp when timestamp skew is too big Set Mark bit in rtp stream when timestamp skew is bigger than MAX_TIMESTAMP_SKEW. Fixes: #927	5 months ago
Alexey Vasilyev	9060a267e0	res_rtp_asterisk.c: Fix bridged_payload matching with sample rate for DTMF Fixes #1004	5 months ago
George Joseph	90cf13acd8	res_stir_shaken: Allow sending Identity headers for unknown TNs Added a new option "unknown_tn_attest_level" to allow Identity headers to be sent when a callerid TN isn't explicitly configured in stir_shaken.conf. Since there's no TN object, a private_key_file and public_cert_url must be configured in the attestation or profile objects. Since "unknown_tn_attest_level" uses the same enum as attest_level, some of the sorcery macros had to be refactored to allow sharing the enum and to/from string conversion functions. Also fixed a memory leak in crypto_utils:pem_file_cb(). Resolves: #921 UserNote: You can now set the "unknown_tn_attest_level" option in the attestation and/or profile objects in stir_shaken.conf to enable sending Identity headers for callerid TNs not explicitly configured.	5 months ago
George Joseph	ff7765a666	res_pjsip: Change suppress_moh_on_sendonly to OPT_BOOL_T The suppress_moh_on_sendonly endpoint option should have been defined as OPT_BOOL_T in pjsip_configuration.c and AST_BOOL_VALUES in the alembic script instead of OPT_YESNO_T and YESNO_VALUES. Also updated contrib/ast-db-manage/README.md to indicate that AST_BOOL_VALUES should always be used and provided an example. Resolves: #995	5 months ago
George Joseph	badf203203	res_pjsip: Add new endpoint option "suppress_moh_on_sendonly" Normally, when one party in a call sends Asterisk an SDP with a "sendonly" or "inactive" attribute it means "hold" and causes Asterisk to start playing MOH back to the other party. This can be problematic if it happens at certain times, such as in a 183 Progress message, because the MOH will replace any early media you may be playing to the calling party. If you set this option to "yes" on an endpoint and the endpoint receives an SDP with "sendonly" or "inactive", Asterisk will NOT play MOH back to the other party. Resolves: #979 UserNote: The new "suppress_moh_on_sendonly" endpoint option can be used to prevent playing MOH back to a caller if the remote end sends "sendonly" or "inactive" (hold) to Asterisk in an SDP.	5 months ago
Sean Bright	5c76486203	res_pjsip.c: Fix Contact header rendering for IPv6 addresses. Fix suggested by @nvsystems. Fixes #985	5 months ago
George Joseph	be8f3a3fa4	res_pjsip: Move tenantid to end of ast_sip_endpoint The tenantid field was originally added to the ast_sip_endpoint structure at the end of the AST_DECLARE_STRING_FIELDS block. This caused everything after it in the structure to move down in memory and break ABI compatibility. It's now at the end of the structure as an AST_STRING_FIELD_EXTENDED. Given the number of string fields in the structure now, the initial string field allocation was also increased from 64 to 128 bytes. Resolves: #982	6 months ago
Thomas Guebels	2ee258b0fc	pjsip_transport_events: handle multiple addresses for a domain The key used for transport monitors was the remote host name for the transport and not the remote address resolved for this domain. This was problematic for domains returning multiple addresses as several transport monitors were created with the same key. Whenever a subsystem wanted to register a callback it would always end up attached to the first transport monitor with a matching key. The key used for transport monitors is now the remote address and port the transport actually connected to. Fixes: #932	6 months ago
George Joseph	50bd50d798	res_srtp: Change Unsupported crypto suite msg from verbose to debug There's really no point in spamming logs with a verbose message for every unsupported crypto suite an older client may send in an SDP. If none are supported, there will be an error or warning.	6 months ago
Ben Ford	b8d818bd3c	Add res_pjsip_config_sangoma external module. Adds res_pjsip_config_sangoma as an external module that can be downloaded via menuselect. It lives under the Resource Modules section.	6 months ago
Thomas Guebels	6763dda90f	pjsip_transport_events: Avoid monitor destruction When a transport is disconnected, several events can arrive following each other. The first event will be PJSIP_TP_STATE_DISCONNECT and it will trigger the destruction of the transport monitor object. The lookup for the transport monitor to destroy is done using the transport key, that contains the transport destination host:port. A reconnect attempt by pjsip will be triggered as soon something needs to send a packet using that transport. This can happen directly after a disconnect since ca Subsequent events can arrive later like PJSIP_TP_STATE_DESTROY and will also try to trigger the destruction of the transport monitor if not already done. Since the lookup for the transport monitor to destroy is done using the transport key, it can match newly created transports towards the same destination and destroy their monitor object. Because of this, it was sometimes not possible to monitor a transport after one or more disconnections. This fix adds an additional check on the transport pointer to ensure only a monitor for that specific transport is removed. Fixes: #923	6 months ago
Sean Bright	f3138af519	Revert "res_rtp_asterisk: Count a roll-over of the sequence number even on lost packets." This reverts commit `cb5e3445be`. The original change from 16 to 15 bit sequence numbers was predicated on the following from the now-defunct libSRTP FAQ on sourceforge.net: > Q6. The use of implicit synchronization via ROC seems > dangerous. Can senders and receivers lose ROC synchronization? > > A. It is possible to lose ROC synchronization between sender and > receiver(s), though it is not likely in practice, and practical > steps can be taken to avoid it. A burst loss of 2^16 packets or more > will always break synchronization. For example, a conversational > voice codec that sends 50 packets per second will have its ROC > increment about every 22 minutes. A network with a burst of packet > loss that long has problems other than ROC synchronization. > > There is a higher sensitivity to loss at the very outset of an SRTP > stream. If the sender's initial sequence number is close to the > maximum value of 2^16-1, and all packets are lost from the initial > packet until the sequence number cycles back to zero, the sender > will increment its ROC, but the receiver will not. The receiver > cannot determine that the initial packets were lost and that > sequence-number rollover has occurred. In this case, the receiver's > ROC would be zero whereas the sender's ROC would be one, while their > sequence numbers would be so close that the ROC-guessing algorithm > could not detect this fact. > > There is a simple solution to this problem: the SRTP sender should > randomly select an initial sequence number that is always less than > 2^15. This ensures correct SRTP operation so long as fewer than 2^15 > initial packets are lost in succession, which is within the maximum > tolerance of SRTP packet-index determination (see Appendix A and > page 14, first paragraph of RFC 3711). An SRTP receiver should > carefully implement the index-guessing algorithm. A naive > implementation can unintentionally guess the value of > 0xffffffffffffLL whenever the SEQ in the packet is greater than 2^15 > and the locally stored SEQ and ROC are zero. (This can happen when > the implementation fails to treat those zero values as a special > case.) > > When ROC synchronization is lost, the receiver will not be able to > properly process the packets. If anti-replay protection is turned > on, then the desynchronization will appear as a burst of replay > check failures. Otherwise, if authentication is being checked, then > it will appear as a burst of authentication failures. Otherwise, if > encryption is being used, the desynchronization may not be detected > by the SRTP layer, and the packets may be improperly decrypted. However, modern libSRTP (as of 1.0.1[1]) now mentions the following in their README.md[2]: > The sequence number in the rtp packet is used as the low 16 bits of > the sender's local packet index. Note that RTP will start its > sequence number in a random place, and the SRTP layer just jumps > forward to that number at its first invocation. An earlier version > of this library used initial sequence numbers that are less than > 32,768; this trick is no longer required as the > rdbx_estimate_index(...) function has been made smarter. So truncating our initial sequence number to 15 bit is no longer necessary. 1. `0eb007f0dc/CHANGES (L271-L289)` 2. `2de20dd9e9/README.md (implementation-notes)`	6 months ago
Sean Bright	243f20a78d	res_agi.c: Ensure SIGCHLD handler functions are properly balanced. Calls to `ast_replace_sigchld()` and `ast_unreplace_sigchld()` must be balanced to ensure that we can capture the exit status of child processes when we need to. This extends to functions that call `ast_replace_sigchld()` and `ast_unreplace_sigchld()` such as `ast_safe_fork()` and `ast_safe_fork_cleanup()`. The primary change here is ensuring that we do not call `ast_safe_fork_cleanup()` in `res_agi.c` if we have not previously called `ast_safe_fork()`. Additionally we reinforce some of the documentation and add an assertion to, ideally, catch this sooner were this to happen again. Fixes #922	7 months ago
Naveen Albert	b8b21b3f00	main, res, tests: Fix compilation errors on FreeBSD. asterisk.c, manager.c: Increase buffer sizes to avoid truncation warnings. config.c: Include header file for WIFEXITED/WEXITSTATUS macros. res_timing_kqueue: Use more portable format specifier. test_crypto: Use non-linux limits.h header file. Resolves: #916	7 months ago
George Joseph	7db8ae296c	res_rtp_asterisk: Fix dtls timer issues causing FRACKs and SEGVs In dtls_srtp_handle_timeout(), when DTLSv1_get_timeout() returned success but with a timeout of 0, we were stopping the timer and decrementing the refcount on instance but not resetting the timeout_timer to -1. When dtls_srtp_stop_timeout_timer() was later called, it was atempting to stop a stale timer and could decrement the refcount on instance again which would then cause the instance destructor to run early. This would result in either a FRACK or a SEGV when ast_rtp_stop(0 was called. According to the OpenSSL docs, we shouldn't have been stopping the timer when DTLSv1_get_timeout() returned success and the new timeout was 0 anyway. We should have been calling DTLSv1_handle_timeout() again immediately so we now reschedule the timer callback for 1ms (almost immediately). Additionally, instead of scheduling the timer callback at a fixed interval returned by the initial call to DTLSv1_get_timeout() (usually 999 ms), we now reschedule the next callback based on the last call to DTLSv1_get_timeout(). Resolves: #487	7 months ago
jiangxc	2d676c7560	res_agi.c: Prevent possible double free during `SPEECH RECOGNIZE` When using the speech recognition module, crashes can occur sporadically due to a "double free or corruption (out)" error. Now, in the section where the audio stream is being captured in a loop, each time after releasing fr, it is set to NULL to prevent repeated deallocation. Fixes #772	7 months ago
George Joseph	8155b0e50f	stir_shaken: Fix propagation of attest_level and a few other values attest_level, send_mky and check_tn_cert_public_url weren't propagating correctly from the attestation object to the profile and tn. * In the case of attest_level, the enum needed to be changed so the "0" value (the default) was "NOT_SET" instead of "A". This now allows the merging of the attestation object, profile and tn to detect when a value isn't set and use the higher level value. * For send_mky and check_tn_cert_public_url, the tn default was forced to "NO" which always overrode the profile and attestation objects. Their defaults are now "NOT_SET" so the propagation happens correctly. * Just to remove some redundant code in tn_config.c, a bunch of calls to generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were replaced with a single call to generate_acfg_common_sorcery_handlers(). Resolves: #904	7 months ago
George Joseph	c33ff71708	res_stir_shaken: Remove stale include for jansson.h in verification.c verification.c had an include for jansson.h left over from previous versions of the module. Since res_stir_shaken no longer has a dependency on jansson, the bundled version wasn't added to GCC's include path so if you didn't also have a jansson development package installed, the compile would fail. Removing the stale include was the only thing needed. Resolves: #889	7 months ago
George Joseph	03d0d1eba4	res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid * If the call to ast_config_load() returns CONFIG_STATUS_FILEINVALID, check_for_old_config() now returns LOAD_DECLINE instead of continuing on with a bad pointer. * If CONFIG_STATUS_FILEMISSING is returned, check_for_old_config() assumes the config is being loaded from realtime and now returns LOAD_SUCCESS. If it's actually not being loaded from realtime, sorcery will catch that later on. * Also refactored the error handling in load_module() a bit. Resolves: #884	7 months ago
George Joseph	7773327546	res_stir_shaken: Check for disabled before param validation For both attestation and verification, we now check whether they've been disabled either globally or by the profile before validating things like callerid, orig_tn, dest_tn, etc. This prevents useless error messages. Resolves: #879	8 months ago
George Joseph	3265d66e98	res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback The ub_result pointer passed to unbound_resolver_callback by libunbound can be NULL if the query was for something malformed like `.1` or `[.1]`. If it is, we now set a 'ns_r_formerr' result and return instead of crashing with a SEGV. This causes pjproject to simply cancel the transaction with a "No answer record in the DNS response" error. The existing "off nominal" unit test was also updated to check this condition. Although not necessary for this fix, we also made ast_dns_resolver_completed() tolerant of a NULL result. Resolves: GHSA-v428-g3cw-7hv9	8 months ago
Mike Bradeen	ac673dd14e	res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch When Asterisk sends an offer to Bob that includes 48K and 8K codecs with matching 4733 offers, Bob may want to use the 48K audio codec but can not accept 48K digits and so negotiates for a mixed set. Asterisk will now check Bob's offer to make sure Bob has indicated this is acceptible and if not, will use Bob's preference. Fixes: #847	8 months ago
George Joseph	ca60f7db8f	security_agreements.c: Refactor the to_str functions and fix a few other bugs * A static array of security mechanism type names was created. * ast_sip_str_to_security_mechanism_type() was refactored to do a lookup in the new array instead of using fixed "if/else if" statments. * security_mechanism_to_str() and ast_sip_security_mechanisms_to_str() were refactored to use ast_str instead of a fixed length buffer to store the result. * ast_sip_security_mechanism_type_to_str was removed in favor of just referencing the new type name array. Despite starting with "ast_sip_", it was a static function so removing it doesn't affect ABI. * Speaking of "ast_sip_", several other static functions that started with "ast_sip_" were renamed to avoid confusion about their public availability. * A few VECTOR free loops were replaced with AST_VECTOR_RESET(). * Fixed a meomry leak in pjsip_configuration.c endpoint_destructor caused by not calling ast_sip_security_mechanisms_vector_destroy(). * Fixed a memory leak in res_pjsip_outbound_registration.c add_security_headers() caused by not specifying OBJ_NODATA in an ao2_callback. * Fixed a few ao2_callback return code misuses. Resolves: #845	8 months ago
Alexei Gradinari	95fadcf6db	res_pjsip_sdp_rtp fix leaking astobj2 ast_format PR #700 added a preferred_format for the struct ast_rtp_codecs, but when set the preferred_format it leaks an astobj2 ast_format. In the next code ast_rtp_codecs_set_preferred_format(&codecs, ast_format_cap_get_format(joint, 0)); both functions ast_rtp_codecs_set_preferred_format and ast_format_cap_get_format increases the ao2 reference count. Fixes: #856	8 months ago
Sean Bright	ab9c476dd2	res_pjsip_logger.c: Fix 'OPTIONS' tab completion. Fixes #843	8 months ago
Mike Bradeen	e7ca7aa881	res_pjsip_notify: add dialplan application Add dialplan application PJSIPNOTIFY to send either pre-configured NOTIFY messages from pjsip_notify.conf or with headers defined in dialplan. Also adds the ability to send pre-configured NOTIFY commands to a channel via the CLI. Resolves: #799 UserNote: A new dialplan application PJSIPNotify is now available which can send SIP NOTIFY requests from the dialplan. The pjsip send notify CLI command has also been enhanced to allow sending NOTIFY messages to a specific channel. Syntax: pjsip send notify <option> channel <channel>	9 months ago
Ben Ford	3841fa814e	channel: Add multi-tenant identifier. This patch introduces a new identifier for channels: tenantid. It's a stringfield on the channel that can be used for general purposes. It will be inherited by other channels the same way that linkedid is. You can set tenantid in a few ways. The first is to set it in the dialplan with the Set and CHANNEL functions: exten => example,1,Set(CHANNEL(tenantid)=My tenant ID) It can also be accessed via CHANNEL: exten => example,2,NoOp(CHANNEL(tenantid)) Another method is to use the new tenantid option for pjsip endpoints in pjsip.conf: [my_endpoint] type=endpoint tenantid=My tenant ID This is considered the best approach since you will be able to see the tenant ID as early as the Newchannel event. It can also be set using set_var in pjsip.conf on the endpoint like setting other channel variable: set_var=CHANNEL(tenantid)=My tenant ID Note that set_var will not show tenant ID on the Newchannel event, however. Tenant ID has also been added to CDR. It's read-only and can be accessed via CDR(tenantid). You can also get the tenant ID of the last channel communicated with via CDR(peertenantid). Tenant ID will also show up in CEL records if it has been set, and the version number has been bumped accordingly. Fixes: #740 UserNote: tenantid has been added to channels. It can be read in dialplan via CHANNEL(tenantid), and it can be set using Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to use the new tenantid option for pjsip endpoints (e.g., tenantid=My tenant ID) so that it will show up in Newchannel events. You can set it like any other channel variable using set_var in pjsip.conf as well, but note that this will NOT show up in Newchannel events. Tenant ID is also available in CDR and can be accessed with CDR(tenantid). The peer tenant ID can also be accessed with CDR(peertenantid). CEL includes tenant ID as well if it has been set. UpgradeNote: A new versioned struct (ast_channel_initializers) has been added that gets passed to __ast_channel_alloc_ap. The new function ast_channel_alloc_with_initializers should be used when creating channels that require the use of this struct. Currently the only value in the struct is for tenantid, but now more fields can be added to the struct as necessary rather than the __ast_channel_alloc_ap function. A new option (tenantid) has been added to endpoints in pjsip.conf as well. CEL has had its version bumped to include tenant ID.	9 months ago
Mike Bradeen	bdee743cd4	res_stasis: fix intermittent delays on adding channel to bridge Previously, on command execution, the control thread was awoken by sending a SIGURG. It was found that this still resulted in some instances where the thread was not immediately awoken. This change instead sends a null frame to awaken the control thread, which awakens the thread more consistently. Resolves: #801	9 months ago
Tinet-mucw	6cf6856080	res_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto When the endpoint dtmf_mode is set to auto, a SIP request is sent to the UAC, and the SIP SDP from the UAC does not include the telephone-event. Later, the UAC sends an INVITE, and the SIP SDP includes the telephone-event. In this case, DTMF should be sent by RFC2833 rather than using inband signaling. Resolves: asterisk#826	9 months ago
George Joseph	2fb3215f03	stir_shaken: CRL fixes and a new CLI command * Fixed a bug in crypto_show_cli_store that was causing asterisk to crash if there were certificate revocation lists in the verification certificate store. We're also now prefixing certificates with "Cert:" and CRLs with "CRL:" to distinguish them in the list. * Added 'untrusted_cert_file' and 'untrusted_cert_path' options to both verification and profile objects. If you have CRLs that are signed by a different CA than the incoming X5U certificate (indirect CRL), you'll need to provide the certificate of the CRL signer here. Thse will show up as 'Untrusted" when showing the verification or profile objects. * Fixed loading of crl_path. The OpenSSL API we were using to load CRLs won't actually load them from a directory, only a file. We now scan the directory ourselves and load the files one-by-one. * Fixed the verification flags being set on the certificate store. - Removed the CRL_CHECK_ALL flag as this was causing all certificates to be checked for CRL extensions and failing to verify the cert if there was none. This basically caused all certs to fail when a CRL was provided via crl_file or crl_path. - Added the EXTENDED_CRL_SUPPORT flag as it is required to handle indirect CRLs. * Added a new CLI command... `stir_shaken verify certificate_file <certificate_file> [ <profile> ]` which will assist troubleshooting certificate problems by allowing the user to manually verify a certificate file against either the global verification certificate store or the store for a specific profile. * Updated the XML documentation and the sample config file. Resolves: #809	9 months ago
George Joseph	d11dc5247b	res_pjsip_config_wizard.c: Refactor load process The way we have been initializing the config wizard prevented it from registering its objects if res_pjsip happened to load before it. * We now use the object_type_registered sorcery observer to kick things off instead of the wizard_mapped observer. * The load_module function now checks if res_pjsip has been loaded already and if it was it fires the proper observers so the objects load correctly. Resolves: #816 UserNote: The res_pjsip_config_wizard.so module can now be reloaded.	9 months ago
Igor Goncharovsky	aeefedb086	res_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS() When using the PJSIP_DIAL_CONTACTS() function for use in the Dial() command, the contacts are returned in text form, so the input to the path_outgoing_request() function is a contact value of NULL. The issue was reported in ASTERISK-28211, but was not actually fixed in ASTERISK-30100. This fix brings back the code that was previously removed and adds code to search for a contact to extract the path value from it.	10 months ago
Mike Bradeen	7d53986262	res_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits After change made in `624f509` to add support for non 8K RFC 4733/2833 digits, Asterisk would only accept RFC 4733/2833 offers that matched the sample rate of the negotiated codec(s). This change allows Asterisk to accept 8K RFC 4733/2833 offers if the UAC offfers 8K RFC 4733/2833 but negotiates for a non 8K bitrate codec. A number of corresponding tests in tests/channels/pjsip/dtmf_sdp also needed to be re-written to allow for these scenarios. Fixes: #776	10 months ago
George Joseph	210fe614b2	security_agreement.c: Always add the Require and Proxy-Require headers The `Require: mediasec` and `Proxy-Require: mediasec` headers need to be sent whenever we send `Security-Client` or `Security-Verify` headers but the logic to do that was only in add_security_headers() in res_pjsip_outbound_register. So while we were sending them on REGISTER requests, we weren't sending them on INVITE requests. This commit moves the logic to send the two headers out of res_pjsip_outbound_register:add_security_headers() and into security_agreement:ast_sip_add_security_headers(). This way they're always sent when we send `Security-Client` or `Security-Verify`. Resolves: #789	10 months ago
Sean Bright	f9a359c5c5	xml.c: Update deprecated libxml2 API usage. Two functions are deprecated as of libxml2 2.12: * xmlSubstituteEntitiesDefault * xmlParseMemory So we update those with supported API. Additionally, `res_calendar_caldav` has been updated to use libxml2's xmlreader API instead of the SAX2 API which has always felt a little hacky (see deleted comment block in `res_calendar_caldav.c`). The xmlreader API has been around since libxml2 2.5.0 which was released in 2003. Fixes #725	11 months ago
George Joseph	c014b66554	Revert "res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address." This reverts PR #602 Resolves: #GHSA-qqxj-v78h-hrf9	11 months ago
Mike Bradeen	624f509ce4	rtp_engine: add support for multirate RFC2833 digits Add RFC2833 DTMF support for 16K, 24K, and 32K bitrate codecs. Asterisk currently treats RFC2833 Digits as a single rtp payload type with a fixed bitrate of 8K. This change would expand that to 8, 16, 24 and 32K. This requires checking the offered rtp types for any of these bitrates and then adding an offer for each (if configured for RFC2833.) DTMF generation must also be changed in order to look at the current outbound codec in order to generate appropriately timed rtp. For cases where no outgoing audio has yet been sent prior to digit generation, Asterisk now has a concept of a 'preferred' codec based on offer order. On inbound calls Asterisk will mimic the payload types of the RFC2833 digits. On outbound calls Asterisk will choose the next free payload types starting with 101. UserNote: No change in configuration is required in order to enable this feature. Endpoints configured to use RFC2833 will automatically have this enabled. If the endpoint does not support this, it should not include it in the SDP offer/response. Resolves: #699	12 months ago

1 2 3 4 5 ...

5536 Commits (a47b8e2d4025cbf102c976fcd6df5aa3a51e5fc4)