Added include for postgresql ENUM type and
redefined values in the same way as in the
other migration scripts.
ASTERISK-27254 #close
Change-Id: Id667304cdf3891b1c2f7d35fab3e2a84026159fa
The ps_endpoints table was missing the dtls_fingerprint column
introduced with commit adba2a8d7f.
ASTERISK-27168 #close
Change-Id: I9cb5006f7f50718b5239919562773adabb334cfd
The fix for the issue is broken up into three parts.
This is part two which handles the server side of REGISTER requests when
rewrite_contact is enabled. Any registered reliable transport contact
becomes invalid when the transport connection becomes disconnected.
* Monitor the rewrite_contact's reliable transport REGISTER contact for
shutdown. If it is shutdown then the contact must be removed because it
is no longer valid. Otherwise, when the client attempts to re-REGISTER it
may be blocked because the invalid contact is there. Also if we try to
send a call to the endpoint using the invalid contact then the endpoint is
not likely to see the request. The endpoint either won't be listening on
that port for new connections or a NAT/firewall will block it.
* Prune any rewrite_contact's registered reliable transport contacts on
boot. The reliable transport no longer exists so the contact is invalid.
* Websockets always rewrite the REGISTER contact address and the transport
needs to be monitored for shutdown.
* Made the websocket transport set a unique name since that is what we use
as the ao2 container key. Otherwise, we would not know which transport we
find when one of them shuts down. The names are also used for PJPROJECT
debug logging.
* Made the websocket transport post the PJSIP_TP_STATE_CONNECTED state
event. Now the global keep_alive_interval option, initially idle shutdown
timer, and the server REGISTER contact monitor can work on wetsocket
transports.
* Made the websocket transport set the PJSIP_TP_DIR_INCOMING direction.
Now initially idle websockets will automatically shutdown.
ASTERISK-27147
Change-Id: I397a5e7d18476830f7ffe1726adf9ee6c15964f4
The existing auto dtmf mode reverts to inband if 4733 fails to be
negotiated. This patch adds a new mode auto_info which will
switch to INFO instead of inband if 4733 is not available.
ASTERISK-27066 #close
Change-Id: Id185b11e84afd9191a2f269e8443019047765e91
This option was added to control whether to notify dialog-info state
'early' or 'confirmed' on Ringing when already INUSE.
The value "yes" is useful for some SIP phones (Cisco SPA)
to be able to indicate and pick up ringing devices.
ASTERISK-26919 #close
Change-Id: Ie050bc30023543c7dfb4365c5be3ce58c738c711
This option was added to turn off notifying the progress details
on Blind Transfer. If this option is not set then the chan_pjsip
will send NOTIFY "200 OK" immediately after "202 Accepted".
Some SIP phones like Mitel/Aastra or Snom keep the line busy until
receive "200 OK".
ASTERISK-26333 #close
Change-Id: Id606fbff2e02e967c02138457badc399144720f2
This change adds an Alembic migration which adds a
ps_resource_list table that can contain resource_list
RLS configuration objects.
ASTERISK-26929
Change-Id: I7c888fafc67b3e87012de974f71ca7a5b8b1ec05
This change adds database tables for the PUBLISH support so it
can be configured using realtime. A minor fix to the
res_pjsip_publish_asterisk module was done so that it read the
sorcery configuration from the correct section. Finally the
sample configuration files have been updated.
ASTERISK-26928
Change-Id: I81991ae5c75af98d247f7eacd1c0b0a763675952
Support for RFC3578 overlap dialling (i.e. 484 Response to partially matched
destinations) as currently provided by chan_sip is missing from res_pjsip.
This patch adds a new endpoint attribute (allow_overlap) [defaults to yes]
which when set to yes enables 484 responses to partial destination
matches rather than the current 404.
ASTERISK-26864
Change-Id: Iea444da3ee7c7d4f1fde1d01d138a3d7b0fe40f6
A new transport parameter 'symmetric_transport' has been added.
When a request from a dynamic contact comes in on a transport with
this option set to 'yes', the transport name will be saved and used
for subsequent outgoing requests like OPTIONS, NOTIFY and INVITE.
It's saved as a contact uri parameter named 'x-ast-txp' and will
display with the contact uri in CLI, AMI, and ARI output. On the
outgoing request, if a transport wasn't explicitly set on the
endpoint AND the request URI is not a hostname, the saved transport
will be used and the 'x-ast-txp' parameter stripped from the
outgoing packet.
* config_transport was modified to accept and store the new parameter.
* config_transport/transport_apply was updated to store the transport
name in the pjsip_transport->info field using the pjsip_transport->pool
on UDP transports.
* A 'multihomed_on_rx_message' function was added to
pjsip_message_ip_updater that, for incoming requests, retrieves the
transport name from pjsip_transport->info and retrieves the transport.
If transport->symmetric_transport is set, an 'x-ast-txp' uri parameter
containing the transport name is added to the incoming Contact header.
* An 'ast_sip_get_transport_name' function was added to res_pjsip.
It takes an ast_sip_endpoint and a pjsip_sip_uri and returns a
transport name if endpoint->transport is set or if there's an
'x-ast-txp' parameter on the uri and the uri host is an ipv4 or
ipv6 address. Otherwise it returns NULL.
* An 'ast_sip_dlg_set_transport' function was added to res_pjsip
which takes an ast_sip_endpoint, a pjsip_dialog, and an optional
pjsip_tpselector. It calls ast_sip_get_transport_name() and if
a non-NULL is returned, sets the selector and sets the transport
on the dialog. If a selector was passed in, it's updated.
* res_pjsip/ast_sip_create_dialog_uac and ast_sip_create_dialog_uas
were modified to call ast_sip_dlg_set_transport() instead of their
original logic.
* res_pjsip/create_out_of_dialog_request was modified to call
ast_sip_get_transport_name() and pjsip_tx_data_set_transport()
instead of its original logic.
* Existing transport logic was removed from endpt_send_request
since that can only be called after a create_out_of_dialog_request.
* res_pjsip/ast_sip_create_rdata was converted to a wrapper around
a new 'ast_sip_create_rdata_with_contact' function which allows
a contact_uri to be specified in addition to the existing
parameters. (See below)
* res_pjsip_pubsub/internal_pjsip_evsub_send_request was eliminated
since all it did was transport selection and that is now done in
ast_sip_create_dialog_uac and ast_sip_create_dialog_uas.
* 'contact_uri' was added to subscription_persistence. This was
necessary because although the parsed rdata contact header has the
x-ast-txp parameter added (if appropriate),
subscription_persistence_update stores the raw packet which
doesn't have it. subscription_persistence_recreate was then
updated to call ast_sip_create_rdata_with_contact with the
persisted contact_uri so the recreated subscription has the
correct transport info to send the NOTIFYs.
* res_pjsip_session/internal_pjsip_inv_send_msg was eliminated since
all it did was transport selection and that is now done in
ast_sip_create_dialog_uac.
* pjsip_message_ip_updater/multihomed_on_tx_message was updated
to remove all traces of the x-ast-txp parameter from the
outgoing headers.
NOTE: This change does NOT modify the behavior of permanent
contacts specified on an aor. To do so would require that the
permanent contact's contact uri be updated with the x-ast-txp
parameter and the aor sorcery object updated. If we need to
persue this, we need to think about cloning permanent contacts into
the same store as the dynamic ones on an aor load so they can be
updated without disturbing the originally configured value.
You CAN add the x-ast-txp parameter to a permanent contact's uri
but it would be much simpler to just set endpoint->transport.
Change-Id: I4ee1f51473da32ca54b877cd158523efcef9655f
This commit adds support for RFC 5761: Multiplexing RTP Data and Control
Packets on a Single Port. Specifically, it enables the feature when
using chan_pjsip.
A new option, "rtcp_mux" has been added to endpoint configuration in
pjsip.conf. If set, then Asterisk will attempt to use rtcp-mux with
whatever it communicates with. Asterisk follows the rules set forth in
RFC 5761 with regards to falling back to standard RTCP behavior if the
far end does not indicate support for rtcp-mux.
The lion's share of the changes in this commit are in
res_rtp_asterisk.c. This is because it was pretty much hard wired to
have an RTP and an RTCP transport. The strategy used here is that when
rtcp-mux is enabled, the current RTCP transport and its trappings (such
as DTLS SSL session) are freed, and the RTCP session instead just
mooches off the RTP session. This leads to a lot of specialized if
statements throughout.
ASTERISK-26732 #close
Reported by Dan Jenkins
Change-Id: If46a93ba1282418d2803e3fd7869374da8b77ab5
This patch adds a new features to the endpoint identifier module,
'match_header'. When set, inbound requests are matched by a provided SIP
header: value pair. This option works in conjunction with the existing
'match' configuration option, such that if any 'match*' attribute
matches an inbound request, the request is associated with the specified
endpoint.
Since this module now identifies by more than just IP address,
appropriate renaming of the module and/or variables can be done in a
non-release branch.
ASTERISK-26863 #close
Change-Id: Icfc14835c962f92e35e67bbdb235cf0589de5453
(cherry picked from commit 30f52d79d7)
The escalator works by creating a set of startup commands in cli.conf
that set up logger channels and issue the debug commands for the
subsystems specified. If asterisk is running when it is executed,
the same commands will be issued to the running instance. The original
cli.conf is saved before any changes are made and can be restored by
executing '$prog --reset'.
The log output will be stored in...
$astlogdir/message.$uniqueid
$astlogdir/debug.$uniqueid
$astlogdir/dtmf.$uniqueid
$astlogdir/fax.$uniqueid
$astlogdir/security.$uniqueid
$astlogdir/pjsip_history.$uniqueid
$astlogdir/sip_history.$uniqueid
Some minor tweaks were made to chan_sip, and res_pjsip_history
so their history output could be send to a log channel as packets
are captured.
A minor tweak was also made to manager so events are output to verbose
when "manager set debug on" is issued.
Change-Id: I799f8e5013b86dc5282961b27383d134bf09e543
ast_loggrabber gathers log files from customizable search patterns,
optionally converts POSIX timestamps to a readable format and
tarballs the results.
Also a few tweaks were made to ast_coredumper.
Change-Id: I8bfe1468ada24c1344ce4abab7b002a59a659495
(cherry picked from commit 5fa1c56d7e)
This utility allows easy manipulation of asterisk coredumps.
* Configurable search paths and patterns for existing coredumps
* Can generate a consistent coredump from the running instance
* Can dump the lock_infos table from a coredump
* Dumps backtraces to separate files...
- thread apply 1 bt full -> <coredump>.thread1.txt
- thread apply all bt -> <coredump>.brief.txt
- thread apply all bt full -> <coredump>.full.txt
- lock_infos table -> <coredump>.locks.txt
* Can tarball corefiles and optionally delete them after processing
* Can tarball results files and optionally delete them after processing
* Converts ':' in coredump and results file names '-' to facilitate
uploading. Jira for instance, won't accept file names with colons
in them.
Tested on Fedora24+, Ubuntu14+, Debian6+, CentOS6+ and FreeBSD9+[1].
[1] For *BSDs, the "devel/gdb" package might have to be installed to
get a recent gdb. The utility will check all instances of gdb
it finds in $PATH and if one isn't found that can run python, it
prints a friendly error.
Change-Id: I935d37ab9db85ef923f32b05579897f0893d33cd
This change implements SRV support for the IP based endpoint
identifier module. All possible addresses through SRV are looked
up and added as matches. If no SRV records are available a
fallback to normal host resolution is done. If an IP address
is provided then no SRV lookup occurs.
This is configured using the "srv_lookups" option on the
identify section and defaults to "yes".
ASTERISK-26693
Change-Id: I6b641e275bf96629320efa8b479737062aed82ac
When channel format changes occurred as a result of an RTP
re-negotiation the bridge was not informed this had happened.
As a result the bridge technology was not re-evaluated and the
channel may have been in a bridge technology that was incompatible
with its formats. The bridge is now unbridged and the technology
re-evaluated when this occurs.
The chan_pjsip module also allowed asymmetric codecs for sending
and receiving. This did not work with all devices and caused one
way audio problems. The default has been changed to NOT do this
but to match the sending codec to the receiving codec. For users
who want asymmetric codecs an option has been added, asymmetric_rtp_codec,
which will return chan_pjsip to the previous behavior.
The codecs returned by the chan_pjsip module when queried by
the bridge_native_rtp module were also not reflective of the
actual negotiated codecs. The nativeformats are now returned as
they reflect the actual negotiated codecs.
ASTERISK-26423 #close
Change-Id: I6ec88c6e3912f52c334f1a26983ccb8f267020dc
This change adds support for dual stack automatically. No
configuration is required and the IP address and version
in the SIP messages and SDP will be automatically changed
based on the transport over which the message is being
sent. RTP usage has also been changed to listen on both
IPv4 and IPv6 simultaneously to allow media to flow, and
to allow ICE support on both simultaneously. This also
allows failover between IPv6 and IPv4 to work as expected.
ASTERISK-26309 #close
Change-Id: I235a421d8f9a326606d861b449fa6fe3a030572d
cdr, config and voicemail are all separate alembic trees. Because
alembic's default is to use a table named 'alembic_version' to store
the current tree revision, the 3 trees can't exist in the same schema
without stepping on each other.
Now each tree uses 'alembic_version_<tree_name>' as the version table.
Each tree's env.py script now first checks for 'alembic_version'. If
it finds it AND its revision is in the tree's history, the script
renames it to 'alembic_version_<tree_name>'. Regardless, the script
then continues with the migration using 'alembic_version_<tree_name>'
and creates that table if it's not found. The result is that if an
existing 'alembic_version' table was found but it didn't belong to this
tree, it's left alone and 'alembic_version_<tree_name>' is used or
created.
WARNING: If multiple trees are using the same schema, they MUST NOT
CRU or D any objects with names that might exist in the other trees.
An example would be 'yesno_values' type. If two trees perform
operations on it, one tree could pull it out from under the other.
Thankfully we currently don't share any names among cdr, config and
voicemail.
NOTE: Since the env.py scripts in each tree were identical, a common
env.py has been placed in the ast-db-manage directory and a symlink
to it has been placed in each tree directory.
ASTERISK-24311 #close
Reported-by: Dafi Ni
Change-Id: I4d593f000350deb5d21a14fa1e9bc3896844d898
Map the sip.conf general section legacy_useroption_parsing to the
new pjsip.conf global ignore_uri_user_options.
ASTERISK-26316
Reported by: Kevin Harwell
Change-Id: I78108a31995db19d41f4e1a07b3324692c5363fc
This implements the chan_sip legacy_useroption_parsing option but with a
better name.
* Made the caller-id number and redirecting number strings obtained from
incoming SIP URI user fields always truncated at the first semicolon.
People don't care about anything after the semicolon showing up on their
displays even though the RFC allows the semicolon.
ASTERISK-26316 #close
Reported by: Kevin Harwell
Change-Id: Ib42b0e940dd34d84c7b14bc2e90d1ba392624f62
If you use the safe_asterisk script, it uses hardcoded defaults before
running configurable values from /etc/asterisk/startup.d. The hardcoded
default has TTY=9. Some containerized environments don't have such a
TTY, and safe_asterisk would stop.
The custom configuration from /etc/asterisk/startup.d/* isn't read until
after it stopped, so changing TTY in a custom config did not help.
This changeset changes safe_asterisk to continue if the TTY setting was
untouched and /dev/tty9 and /dev/vc/9 aren't found.
Change-Id: I2c7cdba549b77f418a0af4cb1227e8e6fe4148fc
When using the migration script sip_to_pjsip.py, and your sip.conf is
configured with bindaddr=::, two transports are written to pjsip.conf, one for
0.0.0.0 (IPv4) and one for [::] (IPv6). That way, PJProject listens on the IPv4
and IPv6 wildcards; a IPv4/IPv6 Dual Stack configuration on a single interface
like in chan_sip.
Furthermore, the script internal functions "build_host" and "split_hostport"
did not parse Literal IPv6 addresses as expected (like [::1]:5060). This change
makes sure, even such addresses are parsed correctly.
ASTERISK-26309
Change-Id: Ia4799a0f80fc30c0550fc373efc207c3330aeb48
When using the migration script sip_to_pjsip.py, cert_file was not migrated to
pjsip.conf. A previous change regarding this contained a copy/paste error.
ASTERISK-22374
Change-Id: I0fa72e9412117d53b4284fc6b83fa5b2b95ba03b
A recent update had a copy/paste error where the unused variable 'val' was
being passed to the set_value function instead of the 'method' value itself.
This patch passes in the right variable.
ASTERISK-22374
Change-Id: I895b7b3779ce4442bc58b8ec40d59dd29bb43f06
When using the migration script sip_to_pjsip.py and tlsclientmethod is not set
in sip.conf, the default value of chan_sip (sslv23) is copied to pjsip.conf, to
overwrite the default of the PJProject (tlsv1). This makes sure, res_pjsip is
offering/using not just TLSv1.0 but TLSv1.2 as well.
ASTERISK-22374
Change-Id: Ie530a3dae9926ae14f3920a21be1e2edb15bda4f
When using the migration script sip_to_pjsip.py, no section of type=system or
type=general were created. Therefore the keys compactheaders, timerb, timert1,
and useragent were not migrated to pjsip.conf.
ASTERISK-22374
Change-Id: I318a453843227ea36bf130d392d4abd7bd26b5a1
When using the migration script sip_to_pjsip.py, session-timers=accept and
session-timers=refuse were mapped to wrong values.
ASTERISK-22374
Change-Id: Ie4e90d5f6a29aff07837b7fe5bc8aea5fb6fc092
When using the migration script sip_to_pjsip.py, now the (mandatory) username is
written to pjsip.conf, even if there was no (optional) authname in the register
string in sip.conf.
ASTERISK-22374
Change-Id: Ie53e1997104cd2674821688b8a8247249f5e156f
When using the migration script sip_to_pjsip.py and the register string
started with a transport in sip.conf - like tls://... - register was not parsed
correctly and therefore not migrated correctly to pjsip.conf.
ASTERISK-22374
Change-Id: I44c12104eea2bd8558ada6d25d77edfecd92edd2
When using the migration script sip_to_pjsip.py, those keys got missing. These
keys might appear several times and the function "merge_value" tried to collect
those. However, because these keys have different names in sip.conf and
pjsip.conf, "merge_value" was not able to find the new key name in sip.conf.
This change lets "merge_value" search with the old key name in sip.conf and
write with the new key name in pjsip.conf.
ASTERISK-22374
Change-Id: Ie53c5278ae6f1cb8fa7e96c5289877d46981d9d2
When using the migration script sip_to_pjsip.py, the externhost or externip of
sip.conf were erroneously written to Endpoints instead to Transports.
ASTERISK-22374
Change-Id: I2c5873386cfc388899fa9cf2368639dd12f1b8e4
When using the migration script sip_to_pjsip.py, defaultexpiry, maxexpiry, and
minexpiry were not migrated to pjsip.conf.
ASTERISK-22374
Change-Id: I007fbf543dcadc96fc3ed71c54da502bcb209b7b
When using the migration script sip_to_pjsip.py, encryption=yes got missing and
media_encryption=sdes was not written to pjsip.conf, because of a typo.
ASTERISK-22374
Change-Id: I0fc3e55dc512a57603ae0fef41baacccf2a35c05
When using the migration script sip_to_pjsip.py, both tos_sip and cos_sip got
missed, because of a typo. Therefore, cos and tos were not written to
pjsip.conf. Furthermore, that revealed a misuse of an internal function, caused
by a copy-and-paste error.
ASTERISK-22374
Change-Id: Id245ebadf70ab9776eb280c026288540af3af5c2
When using the migration script sip_to_pjsip.py, cert_file and ca_list_path were
not migrated to pjsip.conf.
ASTERISK-22374
Change-Id: I4612877d190b7f86a48698cefbf5c4db6c265825
contact_user, when specified on an endpoint, will override the user
portion of the Contact header on outgoing requests.
Change-Id: Icd4ebfda2f2e44d3ac749d0b4066630e988407d4
A new identify_by option was added recently, auth_username. However, this
setting was not added as an allowable choice in the database enumeration
value.
This patch updates the current enumeration, adding in the new setting.
ASTERISK-26268 #close
Change-Id: Ib4788e8485e4cd40172ec0abbf5810a147ab8bf8
The extensions table defined two columns (id and priority) as primary key
autoincrement columns. However only one is allowed when defining the primary
key.
This patch removes the autoincrement attribute from the priority column since
it does not need to be as such and really should not have been on there in the
first place.
This patch also removes 'context', 'exten', and 'priority' from the primary key
index and creates a new combined unique contraint index on them.
ASTERISK-26183 #close
Change-Id: Ib9c712c612a4d7ec1edb0dcb77f1bae0905a470b
The PJSIP taskprocessors could be overflowed on startup
if there are many (thousands) realtime endpoints
configured with unsolicited mwi.
The PJSIP stack could be totally unresponsive for a few minutes
after boot completed.
This patch creates a separate PJSIP serializers pool for mwi
and makes unsolicited mwi use serializers from this pool.
This patch also adds 2 new global options to tune taskprocessor
alert levels: 'mwi_tps_queue_high' and 'mwi_tps_queue_low'.
This patch also adds new global option 'mwi_disable_initial_unsolicited'
to disable sending unsolicited mwi to all endpoints on startup.
If disabled then unsolicited mwi will start processing
on next endpoint's contact update.
ASTERISK-26230 #close
Change-Id: I4c8ecb82c249eb887930980a800c9f87f28f861a
The regular expression would match causing the code that handled
the line if it was merely a comment to never get executed.
Change-Id: I3e4022481037ebcba9905587fe8c764b4ce21819
When configuring SIP URIs in the pjsip.conf file it is
necessary to escape the semicolon so the parser does not
treat it as a comment. This change allows this to work in
the astconfigparser implementation.
A secondary bug where some data was lost if a configuration
option included a "=" in its value was also fixed.
A bug where sections would be considered equal despite
being different has also been fixed.
Change-Id: If229f656ef22050b50e7b34e90c4bffe796431f8
sqlalchemy was complaining:
sqlalchemy.exc.IdentifierError: Identifier
'ps_contacts_qualifyfreq_exptime' exceeds maximum length of 30
characters
This fixes the problem by changing the index name to be
"ps_contacts_qualifyfreq_exp" instead.
ASTERISK-26227 #close
Reported by Mark Michelson
Change-Id: I0ed784f87504be2a59ee8d3242ef6f625d5ed1a9
The new endpoint option allows the PJSIP channel driver's fax_detect
endpoint option to timeout on a call after the specified number of
seconds into a call. The new feature is disabled if the timeout is set
to zero. The option is disabled by default.
ASTERISK-26214
Reported by: Richard Mudgett
Change-Id: Id5a87375fb2c4f9dc1d4b44c78ec8735ba65453d
Since 5th November 2014, the master branch of libSRTP changed the prefix of
several member names and is not compatible with the source code in Asterisk
anymore. Therefore instead, this change checks out the latest version of the
libSRTP 1.5.x branch. Furthermore now, libSRTP is compiled with OpenSSL as
backend. This makes AES-GCM and AES-IN possible.
ASTERISK-22131 #close
Change-Id: I2e396cdc01da0ff610686e398ed210ca7408f7d6
If specified, incoming SUBSCRIBE requests will be searched for the matching
extension in the indicated context. If no "subscribe_context" is specified,
then the "context" setting is used.
ASTERISK-25471 #close
Change-Id: I3fb7a15f5bc154079bd348c08b7ad1cdd2d5e514
A non-existent constraint was being referenced in the upgrade script.
This patch corrects the problem by removing the reference.
This patch fixes another realtime problem as well. Our Alembic scripts
store booleans as yes or no values. However, Sorcery tries to insert
"true" or "false" instead. This patch updates Sorcery to use "yes" and
"no"
ASTERISK-26128 #close
Change-Id: I366dbbf91418a9cb160b3ca74b0e59b5ac284bec
The patch removes updating all Endpoints' status on startup.
Instead, only non-qualified aors with static contact
and non-qualified non-expired contacts are retrieved from the realtime to
update the endpoint status to ONLINE.
The endpoint name was added to the contact object to simply find the endpoint
that created this contact.
The status of endpoints with qualified aors will be updated by 'qualify'
functions.
ASTERISK-26061 #close
Change-Id: Id324c1776fa55d3741e0c5457ecac0304cb1a0df
The 81b01a191a46_pjsip_add_contact_reg_server.py script was attempting
to use UniqueConstraint and failing. It was not imported and after
importing it also continued to fail.
I've changed the script to use the explicit name of the constraint
instead.
Change-Id: I2438b0be90b7ce583b47dd27983c0c1a02cea5b9
As res_pjsip_nat rewrites contact's address, only the last Via header
can contain the source address of registered endpoint.
Also Call-Id header may contain the source address of registered
endpoint.
Added "via_addr", "via_port", "call_id" to contact.
Added new fields ViaAddress, CallID to AMI event ContactStatus.
ASTERISK-26011
Change-Id: I36bcc0bf422b3e0623680152d80486aeafe4c576
With the old SIP module we can use IP access controls per peer.
PJSIP module missing this feature.
This patch added next configuration Endpoint options:
"acl" - list of IP ACL section names in acl.conf
"deny" - List of IP addresses to deny access from
"permit" - List of IP addresses to permit access from
"contact_acl" - List of Contact ACL section names in acl.conf
"contact_deny" - List of Contact header addresses to deny
"contact_permit" - List of Contact header addresses to permit
This patch also better logging failed request:
add custom message instead of "No matching endpoint found"
add SIP method to logging
ASTERISK-25900
Change-Id: I456dea3909d929d413864fb347d28578415ebf02
This patch modified pjsip_options to retrieve only
permament contacts for aor if the qualify_frequency is > 0
and persisted contacts if the qualify_frequency is > 0.
This patch also fixed a bug in res_sorcery_astdb.
res_sorcery_astdb doesn't save object data retrived from astdb.
ASTERISK-25826
Change-Id: I1831fa46c4578eae5a3e574ee3362fddf08a1f05
For all OSes:
* Disabled third-party codecs in pjproject and added
'--disable-speex-codec --disable-speex-aec --disable-gsm-codec' to the
configure options since we don't use the pjsip codec capability.
FreeBSD:
* Added FreeBSD support to install_prereq.
* Changed pjproject/configure.m4 to use $GNU_MAKE instead of hardcoding "make".
* Added __progname and environ to asterisk.exports.in.
* Reverted the use of ldconfig to create shared library symlinks to ln.
* Only enable epoll in pjproject if `uname -s` is Linux.
* Added a patch to pjproject to take the name of the 'make' command from
an environment variable if supplied. This is needed for the python bindings.
(merged by Teluu into pjproject trunk 5/3/2016)
FreeBSD support isn't complete. Still some general issues regarding
make/gmake having nothing to do with pjproject. With some handholding it DOES
build successfully.
CentOS:
Added 'patch' and 'bzip2' to install_prereq PACKAGES_RH.
CentOS 6/7 32/64 build and run the pjsip testsuite successfully.
Ubuntu:
No changes required.
Ubuntu 15/16 32/64 build and run the pjsip testsuite successfully.
Debian:
No changes required.
Debian 6/7/8 32/64 build and run the pjsip testsuite successfully.
There will utimately be a follow-up patch to create an install_prereq for
the testsuite as I've discovered a few missing requirements.
ASTERISK-25968 #close
Change-Id: I5756a07facfc63798115a5e73a8709382fe9259c
If the Asterisk system name is set in asterisk.conf, it will be stored
into the "reg_server" field in the ps_contacts table to facilitate
multi-server setups.
ASTERISK-25931
Change-Id: Ia8f6bd2267809c78753b52bcf21835b9b59f4cb8
A feature of chan_sip that service providers relied upon was the ability to
identify by the Authorization username. This is most often used when customers
have a PBX that needs to register rather than identify by IP address. From my
own experiance, this is pretty common with small businesses who otherwise
don't need a static IP.
In this scenario, a register from the customer's PBX may succeed because From
will usually contain the PBXs account id but an INVITE will contain the caller
id. With nothing recognizable in From, the service provider's Asterisk can
never match to an endpoint and the INVITE just stays unauthorized.
The fixes:
A new value "auth_username" has been added to endpoint/identify_by that
will use the username and digest fields in the Authorization header
instead of username and domain in the the From header to match an endpoint,
or the To header to match an aor. This code as added to
res_pjsip_endpoint_identifier_user rather than creating a new module.
Although identify_by was always a comma-separated list, there was only
1 choice so order wasn't preserved. So to keep the order, a vector was added
to the end of ast_sip_endpoint. This is only used by res_pjsip_registrar
to find the aor. The res_pjsip_endpoint_identifier_* modules are called in
globals/endpoint_identifier_order.
Along the way, the logic in res_pjsip_registrar was corrected to match
most-specific to least-specific as res_pjsip_endpoint_identifier_user does.
The order is:
username@domain
username@domain_alias
username
Auth by username does present 1 problem however, the first INVITE won't have
an Authorization header so the distributor, not finding a match on anything,
sends a securty_alert. It still sends a 401 with a challenge so the next
INVITE will have the Authorization header and presumably succeed. As a result
though, that first security alert is actually a false alarm.
To address this, a new feature has been added to pjsip_distributor that keeps
track of unidentified requests and only sends the security alert if a
configurable number of unidentified requests come from the same IP in a
configurable amout of time. Those configuration options have been added to
the global config object. This feature is only used when auth_username
is enabled.
Finally, default_realm was added to the globals object to replace the hard
coded "asterisk" used when an endpoint is not yet identified.
The testsuite tests all pass but new tests are forthcoming for this new
feature.
ASTERISK-25835 #close
Reported-by: Ross Beer
Change-Id: I30ba62d208e6f63439600916fcd1c08a365ed69d
This patch added new global pjsip option 'disable_multi_domain'.
Disabling Multi Domain can improve Realtime performance by reducing
number of database requests.
ASTERISK-25930 #close
Change-Id: I2e7160f3aae68475d52742107949a799aa2c7dc7
Because SQLite doesn't support full ALTER capabilities, alembic scripts
require batch operations. However, that capability wasn't available until
0.7.0 which some distributions haven't reached yet. Therefore, the batch
operations introduced in commit 86d6e44cc (review 2319) have been reverted
and SQLite is unsupported again, for now anyway.
Tested the full upgrade and downgrade on MySQL/Mariadb and Postgresql.
ASTERISK-25890 #close
Reported-by: Harley Peters
Change-Id: I82eba5456736320256f6775f5b0b40133f4d1c80
check_installed_debs wasn't handling virtual packages like libsrtp-dev and
libresample-dev and on multiarch systems it was accidentally filtering out all
packages if any :i386 packages were found instead of just filtering out the
:i386 packages themselves.
Change-Id: Ifd68da0d1ee30cc84df14de3f9b9079d7c3cecda
res_pjsip_mwi was missing the chan_sip "vmexten" functionality which adds
the Message-Account header to the MWI NOTIFY. Also, specifying mailboxes
on endpoints for unsolicited mwi and on aors for subscriptions required
that the admin know in advance which the client wanted. If you specified
mailboxes on the endpoint, subscriptions were rejected even if you also
specified mailboxes on the aor.
Voicemail extension:
* Added a global default_voicemail_extension which defaults to "".
* Added voicemail_extension to both endpoint and aor.
* Added ast_sip_subscription_get_dialog for support.
* Added ast_sip_subscription_get_sip_uri for support.
When an unsolicited NOTIFY is constructed, the From header is parsed, the
voicemail extension from the endpoint is substituted for the user, and the
result placed in the Message-Account field in the body.
When a subscribed NOTIFY is constructed, the subscription dialog local uri
is parsed, the voicemail_extension from the aor (looked up from the
subscription resource name) is substituted for the user, and the result
placed in the Message-Account field in the body.
If no voicemail extension was defined, the Message-Account field is not added
to the NOTIFY body.
mwi_subscribe_replaces_unsolicited:
* Added mwi_subscribe_replaces_unsolicited to endpoint.
The previous behavior was to reject a subscribe if a previous internal
subscription for unsolicited MWI was found for the mailbox. That remains the
default. However, if there are mailboxes also set on the aor and the client
subscribes and mwi_subscribe_replaces_unsolicited is set, the existing internal
subscription is removed and replaced with the external subscription. This
allows an admin to configure mailboxes on both the endpoint and aor and allows
the client to select which to use.
ASTERISK-25865 #close
Reported-by: Ross Beer
Change-Id: Ic15a9415091760539c7134a5ba3dc4a6a1217cea
Joshua Colp
George Joseph
Florian Floimair
Richard Mudgett
Sean Bright
Torrey Searle
Alexei Gradinari
Kevin Harwell
Richard Begg
Mark Michelson
Matt Jordan
Rodrigo Ramírez Norambuena
zuul
Walter Doekes
Alexander Traud
George Joseph