pjproject does not have a function to reverse pjsip_inv_usage_init.
This means we need to ignore any calls to the functions once shutdown is
final.
ASTERISK-27571 #close
Change-Id: Ia550fcba563e2328f03162d79fb185f16b7c9b9d
We did this for TCP transports already but I'm not sure why we
didn't do it for TLS transports.
ASTERISK_27474 #not_final_fix
Change-Id: I5b1ef4b882f7b859e718236686b7898751dbb262
If any component of ast_config_AST_RECORDING_DIR is a symbolic link we
would incorrectly assume the ARI user was trying to escape the recording
path. Create additional check to check the recording directory's
realpath, only deny access if both do not match.
This is needed by the testsuite when run by 'run-local'.
Change-Id: I9145e841865edadcb5f75cead3471ad06bbb56c0
The type=identify endpoint identification method can match by IP address
and by SIP header. However, the SIP header matching has limited
usefulness because you cannot specify the SIP header matching priority
relative to the IP address matching. All the matching happens at the same
priority and the order of evaluating the identify sections is
indeterminate. e.g., If you had two type=identify sections where one
matches by IP address for endpoint alice and the other matches by SIP
header for endpoint bob then you couldn't predict which endpoint is
matched when a request comes in that matches both.
* Extract the SIP header matching criteria into its own "header" endpoint
identification method so the user can specify the relative priority of the
SIP header and the IP address matching criteria in the global
endpoint_identifier_order option. The "ip" endpoint identification method
now only matches by IP address.
ASTERISK-27491
Change-Id: I9df142a575b7e1e3471b7cda5d3ea156cef08095
The requirement that "ip" must be in the endpoint identify_by list to
allow the type=identify method to identify the endpoint is not necessary.
The "ip" identifier method can match one and only one endpoint. To even
work, the "ip" identifier method configuration must explicitly specify the
identified endpoint. Therefore, why bother configuring the type=identify
identifier in the first place? The requirement only adds the potential
for configuration errors for no benefit. Even worse, those configuration
errors cannot be detected when the configuration loads. The requirement
was introduced with the ASTERISK_27206 patch.
* Remove the code change that enforces the requiremnt. Listing the "ip"
method in the identify_by value is simply documentation.
Change-Id: Ia057f92a33fb5d9f51dc5d5692e3d5ee1a6f2c11
* Extracted sip_endpoint_identifier_type2str() and
sip_endpoint_identifier_str2type() to simplify the calling functions.
* Fixed pjsip_configuration.c:ident_to_str() building the endpoint's
identify_by value string.
Change-Id: Ide876768a8d5d828b12052e2a75008b0563fc509
The AMI PJSIPShowEndpoint action could only list one IdentifyDetail AMI
event per endpoint. However, there is no reason that multiple
type=identify sections cannot identify the same endpoint.
* Reworked format_ami_endpoint_identify() to generate as many
IdentifyDetail AMI events as there are matching identifiers.
Change-Id: Ie146792aef72d78e05416ab5b27bc552a30399db
In addition to being a micro-optimization (RAII_VAR has overhead), this
change improves output of REF_DEBUG. Unfortunately when RAII_VAR calls
ao2_cleanup it does so from a generated _dtor_varname function. For
example this caused _dtor_app to release a reference instead of
__stasis_app_unregister.
Change-Id: I4ce67120583a446babf9adeec678b71d37fcd9e5
Instead of searching for bridge_id provided in an argument this function
always searched for BRIDGE_ALL first. Rewrite this function to work
like the similar functions for channel and endpoint functions.
Change-Id: Ib5caca69e11727c5c8a7284a1d00621f40f1e60a
Some (normally optional) modules created notices, warnings, and even errors
in normal situations like (un)load. This cluttered the command-line interface
(CLI) on start and while stopping gracefully. However, when an user went for
the script './contrib/scripts/install_prereq', those modules get compiled-in
because their prerequisites were met at compile time. Furthermore, because of
ASTERISK_27475, the former talkative module 'res_curl' is built as side-effect.
ASTERISK-27553
Change-Id: I9f105f46d72553994e820679bfde3478a551b281
The ip_identify_apply() did not validate the configuration for simple
static configuration errors or deal well with address resolution errors.
* Added missing configuration validation checks.
* Fixed address resolution error handling.
* Demoted an error message to a warning since it does not fail applying
the identify object configuration.
Change-Id: I8b519607263fe88e8ce964f526a45359fd362b6e
If an endpoint identifier name in the endpoint_identifier_order list is a
prefix to the identifier we are registering, we could install it in the
wrong position of the list.
Assuming
endpoint_identifier_order=username,ip,anonymous
then registering the "ip_only" identifier would put the identifier in the
wrong position of the priority list.
* Fix incorrect strncmp() string prefix matching.
Change-Id: Ib8819ec4b811da8a27419fd93528c54d34f01484
The pjsip_msg_find_hdr function can return NULL. This patch adds a check
when searching for the sequence header to make sure a NULL pointer is never
de-referenced.
Change-Id: I19af23aeeded65be016be92360e8cb7ffe51fad2
Per RFC 5245, the foundation specified with an ICE candidate can be up
to 32 characters but we are only allowing for 31.
ASTERISK-27498 #close
Reported by: Michele Prà
Change-Id: I05ce7a5952721a76a2b4c90366168022558dc7cf
Those SIP messages that create dialogs require a contact header to be present.
If the contact header was missing from the message it could cause Asterisk to
crash.
This patch checks to make sure SIP messages that create a dialog contain the
contact header. If the message does not and it is required Asterisk now returns
a "400 Missing Contact header" response. Also added NULL checks when retrieving
the contact header that were missing as a "just in case".
ASTERISK-27480 #close
Change-Id: I1810db87683fc637a9e3e1384a746037fec20afe
Fix instances of:
* Retreive
* Recieve
* other then
* different then
* Repeated words ("the the", "an an", "and and", etc).
* othterwise, teh
ASTERISK-24198 #close
Change-Id: I3809a9c113b92fd9d0d9f9bac98e9c66dc8b2d31
When RTCP-MUX enabled. rtp->s is the same as rtcp->s, check this before
close the file descriptor. Close the FD twice will hangs the asterisk
under heavy load.
ASTERISK-27299 #close
Reported-by: Aaron An
Tested-by: AaronAn
Change-Id: I870a072d73fd207463ac116ef97100addbc0820a
Some variables are set and never changed, making them constant. This
means that code in the 'false' block of the conditional is unreachable.
In chan_skinny and res_config_ldap I used preprocessor directive `#if 0`
as I'm unsure if the unreachable code could be enabled in the future.
Change-Id: I62e2aac353d739fb3c983cf768933120f5fba059
Remove nearly all use of regex from ACO users. Still remaining:
* app_confbridge has a legitamate use of option name regex.
* ast_sorcery_object_fields_register is implemented with regex, all
callers use simple prefix based regex. I haven't decided the best
way to fix this in both 13/15 and master.
Change-Id: Ib5ed478218d8a661ace4d2eaaea98b59a897974b
When adding shutdown refs for OPTIONAL_API components I accidentally
added it to the unload_module function in res_smdi. Move it to
load_module.
Change-Id: I2b9da38fbc11ef78ea23dbb2df92b684be7f647c
res_hep_pjsip.so and res_hep_rtcp.so will still load and do a lot of
unnecessary work even if 'enabled' is set to 'no' in hep.conf.
Change-Id: I3eddfeea09c6b5bc7c641952ee0ae487fd09b64b
We should not do flood detection on video RTP streams. Video RTP streams
are very bursty by nature. They send out a burst of packets to update the
video frame then wait for the next video frame update. Really only audio
streams can be checked for flooding. The others are either bursty or
don't have a set rate.
* Added code to selectively disable packet flood detection for video RTP
streams.
ASTERISK-27440
Change-Id: I78031491a6e75c2d4b1e9c2462dc498fe9880a70
Reset the samples counter to zero when we are done playing an
announcement so that we don't skip into the middle of the first file in
the playlist.
Also add the selected annoucement to the output of 'moh show classes.'
ASTERISK-24329 #close
Reported by: Thomas Frederiksen
Change-Id: I2a5f986a31279c981592f49391409ebf38d6f6d0
When the RTCP code was transitioned over to Stasis a code change
was made to keep track of how many reports are present. This count
controlled where report blocks were placed in the RTCP report.
If a compound RTCP packet was received this logic would incorrectly
place a report block in the wrong location resulting in a write
to an invalid location.
This change removes this counting logic and always places the report
block at the first position. If in the future multiple reports are
supported the logic can be extended but for now keeping a count
serves no purpose.
ASTERISK-27382
ASTERISK-27429
Change-Id: Iad6c8a9985c4b608ef493e19c421211615485116
This patch does three things associated with the initial incoming INVITE
request URI.
1) Add access to the full initial incoming INVITE request URI.
2) We were not setting DNID on incoming PJSIP channels. The DNID is the
user portion of the initial incoming INVITE Request-URI. The value is
accessed by reading CALLERID(dnid).
3) Fix CHANNEL(pjsip,target_uri) documentation.
* The initial incoming INVITE request URI is now available using
CHANNEL(pjsip,request_uri).
* Set the DNID on PJSIP channel creation so CALLERID(dnid) can return the
initial incoming INVITE request URI user portion.
* CHANNEL(pjsip,target_uri) now correctly documents that the target URI is
the contact URI.
* Refactored print_escaped_uri() out of channel_read_pjsip() to handle
pjsip_uri_print() error condition when the buffer is too small.
ASTERISK-27478
Change-Id: I512e60d1f162395c946451becb37af3333337b33
Support for these protocols was added in the same commit as the 'proto'
field, so we can safely use the same ./configure check.
For reference: https://trac.pjsip.org/repos/changeset/4968
Change-Id: Icf4975d785d6bfb8f30ac7ffa695a0adf9382dac
Use the new ast_cli_completion_add() function to improve completion
performance for commands like 'pjsip show endpoint.'
Change-Id: I76d802294d2ac1766110dc75f7d117c8541ce348
Using the LIKE operator requires a full table scan of 'astdb', whereas a
comparison operation is able to use the primary key index.
This patch adds a new function to the AstDB API for quick prefix matches
and updates res_sorcery_astdb to utilize it. This showed substantial
performance improvement in my test environment.
Related to ASTERISK~26806, but does not completely resolve it.
Change-Id: I7d37f9ba2aea139dabf2ca72d31fbe34bd9b2fa1
There are many places in the code base where we ignore the return value
of fcntl() when getting/setting file descriptior flags. This patch
introduces a convenience function that allows setting or clearing file
descriptor flags and will also log an error on failure for later
analysis.
Change-Id: I8b81901e1b1bd537ca632567cdb408931c6eded7
res_stasis was missing AST_MODFLAG_LOAD_ORDER. Set res_stasis and
res_speech to start at (AST_MODPRI_APP_DEPEND - 1) so they are ready for
dependent modules.
Change-Id: I27f4f3810a95b6be8a5bfbf62be2ace6bfab6ff3
For both dynamic and static contacts it was possible that potential AOR
changes were not being applied to all contacts. This was because the qualify
and schedule code was only retrieving AOR's, and contacts with frequencies
greater than zero.
For instance the following could happen: and AOR/contact has a frequency of 5,
it then gets set to 0, and then a reload occurs. All scheduled OPTIONS are
stopped, a list of AOR's is retrieved with frequency > 0, but none are
selected since in this scenario all are 0. The contact for the one previously
set to 5 though does not get updated, so it's status remains "AVAILABLE".
This patch makes it so all contacts (static and dynamic) are selected, and
appropriately updated if need be.
ASTERISK-27467 #close
Change-Id: I7a920170f89c683af9505d4723a44fc6841decdb
Dynamic contacts were not being properly updated on reload. As a matter of
fact any changes to the AOR that a dynamic contact was associated with were
not being applied.
On reload, this patch makes it so for each dynamic contact, the associated
AOR is now retrieved and the AOR's fields are applied to the contact.
ASTERISK-27467
Change-Id: I8e3165dc6a745218c1c9db837f77fafa0516985d
The SuccessfulAuth using_password field was declared as a pointer to a
uint32_t when the field was later read as a uint32_t value. This resulted
in unnecessary casts and a non-portable field value reinterpret in
main/security_events.c:add_json_object(). i.e., It would work on a 32 bit
architecture but not on a 64 bit big endian architecture.
Change-Id: Ia08bc797613a62f07e5473425f9ccd8d77c80935
More complicated direct media reinvite negotiations can result in longer
delays before direct media flows. The strictrtp learning timeout time
was too short. One log showed that the first RTP packet came in just
after three seconds.
* Increase the strictrtp learning timeout time from 1.5 to 5 seconds.
ASTERISK-27453
Change-Id: Ic5e711164cbb91b4d1c1e40c83697755640f138c
This change makes the presence of the GMIME_MAJOR_VERSION
definition optional, as not all versions of gmime actually
define it.
ASTERISK-27454
Change-Id: I01d99590045971ed6787899147170a5954077238
The patch for ASTERISK_24560 inverted a test checking if the bridge name
is being updated to a different name.
* Fix the test to return "Changing bridge name is not implemented" when
someone attempts to change the bridge name.
ASTERISK-27445
Change-Id: I4b70bf08b0e02e016108b077ff75b345dec12fc9
Previously, Asterisk sent srflx only when configured exclusively for IPv4. Now,
srflx is gathered and sent via SDP, even when Asterisk is enabled for
Dual Stack (IPv4+IPv6) and an IPv4 interface is available/used.
ASTERISK-27437
Change-Id: Ie07d8e2bfa7b6fe06fcdc73d390a7a9a4d8c0bc1
res_parking has an implicit load_pri of 0 meaining it's one of the very
first modules loaded after modules with global symbols. Set it
explicitly in the AST_MODULE_INFO block.
Change-Id: I297b6fb3ff6993ec004e667b22a74f5925906259
Instead of specifying AST_MODFLAG_LOAD_ORDER with load_pri
AST_MODPRI_DEFAULT just use AST_MODFLAG_DEFAULT.
Change-Id: I0123258eafce324249433a69df15a85cc16e509f
res_mwi_external_ami specified AST_MODFLAG_LOAD_ORDER but didn't set
load_pri, resulting in an actual load priority of 0. This module only
provides AMI actions so it has no reason to load early.
Change-Id: I82987fcf10d3ea42716b2f9df915b16687fd5839
Mac doesn't like the comparison of -1 to an enum, so store the result of
ast_sip_str_to_dtmf to an int so we can check for the negative return
value. ast_sip_str_to_dtmf returns an int so this is only delaying the
implicit type cast.
Change-Id: I0c262c1719ee951aae1f437d733a301cf5f8ad29
Some net-snmp builds do not provide the RONLY declare, only
NETSNMP_OLDAPI_RONLY. Map RONLY to NETSNMP_OLDAPI_RONLY to get around
this error.
Change-Id: Ida5c7ad9406515825485c4d3b4a34fd6ad0da577
It's impossible for gwtimeout or fdtimeout to be less than 0 because
they are unsigned int's. Remove checks and unreachable branches.
Change-Id: Ib2286960621e6ee245e40013c84986143302bc78
Some clients do not send rtp packets every ptime ms. This can lead to
situations in which the rtp source learning algorithm will never learn
the address of the client. This has been discovered on a Mac mini with
a pjsip based softphone after updating to Sierra: as soon as USB
headsets are involved, the softphone will send the second packet 30ms
after the first, the third 30ms after the second and the fourth 1ms
after the third. So in the old implmentation the rtp source learning
algorithm was repeatedly reset on the fourth packet.
The patch changes the algorithm in a way that doesn't take the arrival
time between two consecutive packets into account but the time between
the first and the last packet of a learning sequence.
The patch also fixes a second problem: when a user was using a wrong
value for the probation setting there was a LOG_WARNING output stating
that the value had been set to the default value instead. However
the code for setting the value back to defaults was missing.
ASTERISK-27421 #close
Change-Id: If778fe07678a6fd2041eaca7cd78267d0ef4fc6c
Domains themselves can be up to 255 characters long (per RFC 1035), so
our current buffer sizes are wholly inadequate for many use cases.
Change-Id: If3f30a68307f1365a1fe06bc4b854c62842c9292
We were not \0 terminating this string, so any attempt to print it would
in the best case show an empty string and in the worst case potentially
crash.
Change-Id: I63d96ef8f7516ac02a0f91e22dfa8acdc615042c
Previously for PJSIP the local address of WebSocket connections
was set to the remote address. For logging purposes this is
not particularly useful.
The WebSocket API has been extended to allow the local
address to be queried and this is used in PJSIP to set the
local address to the correct value.
The PJSIP HEP support has also been tweaked so that reliable
transports always use the local address on the transport
and do not try to (wrongly) guess. As they are connection
based it is impossible for the source to be anything else.
ASTERISK-26758
ASTERISK-27363
Change-Id: Icd305fd038ad755e2682ab2786e381f6bf29e8ca
Some consumers of the sorcery API use ast_sorcery_retrieve_by_regex
only so that they can anchor the potential match as a prefix and not
because they truly need regular expressions.
Rather than using regular expressions for simple prefix lookups, add
a new operation - ast_sorcery_retrieve_by_prefix - that does them.
Patches against 13 and 15 have a compatibility layer needed to
maintain ABI that is not needed in master.
Change-Id: I56f4e20ba1154bd52281f995c27a429a854f6a79
A previous commit made it so when an invite session transitioned into a
disconnected state destruction of the Asterisk pjsip session object was
postponed until either a transport error occurred or the event timer
expired. However, if a call was rejected (for instance a 488) before the
session was fully established the event timer may not have been initiated,
or it was canceled without triggering either of the session finalizing states
mentioned above.
Really the only time destruction of the session should be delayed is when a
BYE is being transacted. This is because it's possible in some cases for the
session to be disconnected, but the BYE is still transacting.
This patch makes it so the session object always gets released (no more
memory leak) when the pjsip session is in a disconnected state. Except when
the method is a BYE. Then it waits until a transport error occurs or an event
timeout.
ASTERISK-27345 #close
Reported by: Corey Farrell
Change-Id: I1e724737b758c20ac76d19d3611e3d2876ae10ed
One of the patches for ASTERISK_27147 introduced a deadlock regression.
When the connection oriented transport shut down, the code attempted to
remove the associated contact. However, that same transport had just
requested a registration that we hadn't responded to yet. Depending
upon timing we could deadlock.
* Made send the REGISTER response after we completed processing the
request contacts and released the named AOR lock to avoid the deadlock.
ASTERISK-27391
Change-Id: I89a90f87cb7a02facbafb44c75d8845f93417364
* res/stasis/app.c JSON passed to app_send needs to be released.
* res/stasis_message.c: objects leak if vector append fails.
Change-Id: I8dd5385b9f50a5cadf2b1d16efecffd6ddb4db4a
Asterisk will crash if contact uri is invalid, so contact_apply_handler
should check if the uri is NULL or empty.
ASTERISK-27393 #close
Reported-by: Aaron An
Tested-by: AaronAn
Change-Id: Ia0309bdc6b697c73c9c736e1caec910b77ca69f5
wizard_apply_handler():
- Free host if we fail to add it to the vector.
wizard_mapped_observer():
- Check for otw allocation failure.
- Free otw if we fail to add it to the vector.
Change-Id: Ib5d3bcabbd9c24dd8a3c9cc692a794a5f60243ad
This change makes it so that any user of the pubsub
API that requests the remote URI receives only the URI.
Previously the entire string was returned, which could
contain a display name.
ASTERISK-27290
Change-Id: If1d0cd6630f0a264856d31d2a67933109187a017
When (v)asprintf() fails, the state of the allocated buffer is undefined.
The library had better not leave an allocated buffer as a result or no one
will know to free it. The most likely way it can return failure is for an
allocation failure. If the printf conversion fails then you actually have
a threading problem which is much worse because another thread modified
the parameter values.
* Made __ast_asprintf()/__ast_vasprintf() set the returned buffer to NULL
on failure. That is much more useful than either an uninitialized pointer
or a pointer that has already been freed. Many uses won't have to check
for failure to ensure that the buffer won't be double freed or prevent an
attempt to free an uninitialized pointer.
* stasis.c: Fixed memory leak in multi_object_blob_to_ami() allocated by
ast_asprintf().
* ari/resource_bridges.c:ari_bridges_play_helper(): Remove assignment to
the wrong thing which is now not needed even if assigning to the right
thing.
Change-Id: Ib5252fb8850ecf0f78ed0ee2ca0796bda7e91c23
When using realtime, fields that are not explicitly set by an
administrator are still presented to sorcery as empty strings. Handle
this case explicitly.
In this particular case, if any of these fields are required for TLS
support, their existence should be validated in the 'apply' handler once
we have a complete transport definition.
ASTERISK-27032 #close
Reported by: seanchann.zhou
Change-Id: Ie3b5fb421977ccdb33e415d4ec52c3fd192601b7
Fixes a regression where some characters were unable to be used in
the from_user field of an endpoint. Additionally, the backtick was
removed from the list of valid characters, since it is not valid,
and it was replaced with a single quote, which is a valid character.
ASTERISK-27387
Change-Id: Id80c10a644508365c87b3182e99ea49da11b0281
Once an Optional API module is loaded it should stay loaded. Unloading
an optional API module runs the risk of a crash if something else is
using it. This patch causes all optional API providers to tell the
module loader not to unload except at shutdown.
ASTERISK-27389
Change-Id: Ia07786fe655681aec49cc8d3d96e06483b11f5e6
When allocate_subscription fails to initialize fields of the new sub it
calls destroy_subscription.
Change-Id: I5b79c915ec216dc00c13c1e4172137864a4bec85
When the identify_by option on an endpoint is set to ip it will
only be identified using the res_pjsip_endpoint_identifier_ip module.
This ensures that it is not mistakenly matched using the username of
the From header. To ensure behavior has not changed the default has
been changed to "username,ip" for the identify_by option.
ASTERISK-27206
Change-Id: I2170b86a7f7e221b4f00bf14aa1ef1ac5b050bbd
create_outgoing_sdp_stream was setting "addr_type = STR_IP6" only
when an ipv6 media_address was specified on the endpoint. If
rtp_ipv6 was set and ast_sip_get_host_ip_string returned an ipv6
address, we were leaving the addr_type set at the default of
STR_IP4. This caused the address type to be set incorrectly on the
"o" and "c" SDP attributes even though the address was set
correctly. Some clients don't like the mismatch.
* Removed the test for endpoint/media_address and now check all
addresses for ipv6.
ASTERISK-27198
Reported by: Martin Cisárik
Change-Id: I5214fc31b728117842243807e7927a319cf77592
Users of the API that res_xmpp provides expect that a
filter be available on the client at all times. When
OAuth authentication support was added this requirement
was not maintained.
This change merely moves the OAuth authentication to
after the filter is created, ensuring users of res_xmpp
can add things to the filter as needed.
ASTERISK-27346
Change-Id: I4ac474afe220e833288ff574e32e2b9a23394886
Prevent unload of the module as certain pjsip initialization functions
cannot be reversed. This required a reorder of the module_load so that
the non-reversable pjsip functions are not called until all potential
errors have been ruled out.
ASTERISK-24483
Change-Id: Iee900f20bdd6ee1bfe23efdec0d87765eadce8a7
Prevent unload of the module as certain pjsip initialization functions
cannot be reversed.
ASTERISK-24483
Change-Id: I94597ec8b8491f5af9c57bf66dbc3b078fe2d49d
PJSIP allows a domain name as external_media_address. This allows chan_pjsip to
be used behind a NAT with changing IP addresses. The IP address of that domain
is resolved to the c= line already. This change sets also the o= line to that
domain.
ASTERISK-27341 #close
Change-Id: I690163b6e762042ec38b3995aa5c9bea909d8ec4
Move ast_sip_add_usereqphone to be called after anonymization of URIs,
to prevent the user_eq_phone adding "user=phone" to URIs containing a
username that is not a phonenumber (RFC3261 19.1.1). An extra call to
ast_sip_add_usereqphone on the saved version before anonymization is
added to add user=phone" to the PAI.
ASTERISK-27047 #close
Change-Id: Ie5644bc66341b86dc08b1f7442210de2e6acdec6
ast_sip_add_usereqphone adds "user=phone" to the header every time is is
called without checking whether the param already exists. Preventing
this by searching to string representation of header for "user=phone".
ASTERISK-26988 #close
Change-Id: Ib84383b07254de357dc6a98d91fc1d2c2c3719e6
When "rewrite_contact" is enabled, the "max_contacts" count option can
block re-registrations because the source port from the endpoint can be
random. When the re-registration is blocked, the endpoint may give up
re-registering and require manual intervention.
* The "remove_existing" option now allows a registration to succeed by
displacing any existing contacts that now exceed the "max_contacts" count.
Any removed contacts are the next to expire. The behaviour change is
beneficial when "rewrite_contact" is enabled and "max_contacts" is greater
than one. The removed contact is likely the old contact created by
"rewrite_contact" that the device is refreshing.
ASTERISK-27192
Change-Id: I64c107a10b70db1697d17136051ae6bf22b5314b
res_pjsip and res_pjsip_session had circular references, preventing both
modules from shutting down.
* Move session supplement registration to res_pjsip.
* Use create internal functions for use by pjsip_message_filter.c.
ASTERISK-27306
Change-Id: Ifbd5c19ec848010111afeab2436f9699da06ba6b
Do not manually call sip_endpoint_apply_handler from load_all_endpoints.
This is not necessary and causes memory leaks.
Additionally reinitialize persistent->aors when we reuse a persistent
object with a new endpoint.
ASTERISK-27306
Change-Id: I59bbfc8da8a14d5f4af8c5bb1e71f8592ae823eb
pjsip_distributor leaks references to fake_auth when the default realm
has not changed.
ASTERISK-27306
Change-Id: I3fcf103b3680ad2d1d4610dcd6738eeaebf4d202
When we are loading the calendars, we call libical's
icalcomponent_foreach_recurrence method for each VEVENT component that
we have in our calendar.
That method has no knowledge concerning the existence of the other
VEVENT components and will feed our callback with all ocurrences
matching the requested time span.
The occurrences generated by icalcomponent_foreach_recurrence while
expanding a recurring VEVENT's RRULE and RDATE properties can be
superceded by an other VEVENT sharing the same UID.
I use an external iterator (in libical terminology) to avoid messing
with the internal ones from the calling function, and search for
VEVENTS which could supersede the current occurrence.
The event which can invalidate this occurence needs to have:
- the same UID as our recurrent component (comp)
- a RECURRENCE-ID property, which represents the start time of this
occurrence
If one component is found, just clean and return.
ASTERISK-27296 #close
Reported by: Benoît Dereck-Tricot
Change-Id: I8587ae3eaa765af7cb21eda3b6bf84e8a1c87af8
Currently privacy requests are only granted if the Privacy header
value is exactly "id" (defined in RFC 3325). It ignores any other
possible value (or a combination there of). This patch reverses the
logic from testing for "id" to grant privacy, to testing for "none" and
granting privacy for any other value. "none" must not be used in
combination with any other value (RFC 3323 section 4.2).
ASTERISK-27284 #close
Change-Id: If438a21f31a962da32d7a33ff33bdeb1e776fe56
The "res_pjsip: Filter out non SIP(S) requests" commit moved the
filtering of messages to pjproject's PJSIP_MOD_PRIORITY_TRANSPORT_LAYER
in order to filter out incoming bad uri schemes as early as possible.
Since the change affected outgoing messages as well and the TRANSPORT
layer is the last to be run on outgoing messages, we were overwriting
the setting of external_signaling_address (which is set earlier by
res_pjsip_nat) with an internal address.
* pjsip_message_filter now registers itself as a pjproject module
twice. Once in the TSX layer for the outgoing messages (as it was
originally), then a second time in the TRANSPORT layer for the
incoming messages to catch the invalid uri schemes.
ASTERISK-27295
Reported by: Sean Bright
Change-Id: I2c90190c43370f8a9d1c4693a19fd65840689c8c
The bridge_p2p_rtp_write() has potential reentrancy problems.
* Accessing the bridged RTP members must be done with the instance1 lock
held. The DTMF and asymmetric codec checks must be split to be done with
the correct RTP instance struct locked. i.e., They must be done when
working on the appropriate side of the point to point bridge.
* Forcing the RTP mark bit was referencing the wrong side of the point to
point bridge. The set mark bit is used everywhere else to set the mark
bit when sending not receiving.
The patches for ASTERISK_26745 and ASTERISK_27158 did not take into
account that not everything carried by RTP uses a codec. The telephony
DTMF events are not exchanged with a codec. As a result when
RFC2833/RFC4733 sent digits you would crash if "core set debug 1" is
enabled, the DTMF digits would always get passed to the core even though
the local native RTP bridge is active, and the DTMF digits would go out
using the wrong SSRC id.
* Add protection for non-format payload types like DTMF when updating the
lastrxformat and lasttxformat. Also protect against non-format payload
types when checking for asymmetric codecs.
ASTERISK-27292
Change-Id: I6344ab7de21e26f84503c4d1fca1a41579364186
In PostgreSQL 9.1 the backslash are string literals and not the escape
of characters.
In previous issue ASTERISK_26057 was fixed the use of escape LIKE but the
support for old version of Postgresql than 9.1 was dropped. The sentence
before make was "ESCAPE '\'" but in version before than 9.1 need it to be
as follow "ESCAPE '\\'".
ASTERISK-27283
Change-Id: I96d9ee1ed7693ab17503cb36a9cd72847165f949
pubsub_on_rx_notify_request wasn't checking for a null
Content-Type header before checking that it was
application/simple-message-summary.
ASTERISK-27279
Reported by: Ross Beer
Change-Id: Iec2a6c4d2e74af37ff779ecc9fd35644c5c4ea52
Previously, sRTP authentication failures were reported on log level WARNING.
When such failures happen, each RT(C)P packet is affected, spamming the log.
Now, those failures are reported at log level VERBOSE 2. Furthermore, the
amount is further reduced (previously all two seconds, now all three seconds).
Additionally, the new log entry informs whether media (RTP) or statistics (RTCP)
are affected.
ASTERISK-16898 #close
Change-Id: I6c98d46b711f56e08655abeb01c951ab8e8d7fa0
Validate RTCP packets before processing them.
* Validate that the received packet is of a minimum length and apply the
RFC3550 RTCP packet validation checks.
* Fixed potentially reading garbage beyond the received RTCP record data.
* Fixed rtp->themssrc only being set once when the remote could change
the SSRC. We would effectively stop handling the RTCP statistic records.
* Fixed rtp->themssrc to not treat a zero value as special by adding
rtp->themssrc_valid to indicate if rtp->themssrc is available.
ASTERISK-27274
Make strict RTP learning more flexible.
Direct media can cause strict RTP to attempt to learn a remote address
again before it has had a chance to learn the remote address the first
time. Because of the rapid relearn requests, strict RTP could latch onto
the first remote address and fail to latch onto the direct media remote
address. As a result, you have one way audio until the call is placed on
and off hold.
The new algorithm learns remote addresses for a set time (1.5 seconds)
before locking the remote address. In addition, we must see a configured
number of remote packets from the same address in a row before switching.
* Fixed strict RTP learning from always accepting the first new address
packet as the new stream.
* Fixed strict RTP to initialize the expected sequence number with the
last received sequence number instead of the last transmitted sequence
number.
* Fixed the predicted next sequence number calculation in
rtp_learning_rtp_seq_update() to handle overflow.
ASTERISK-27252
Change-Id: Ia2d3aa6e0f22906c25971e74f10027d96525f31c
This changes the behavior of res_calendar to drop all existing calendars
and re-create them whenever a reload is done. The Calendar API provides
no way for configuration information to be pushed down to calendar
'techs' so updated settings would not take affect until a module
unload/load was done or Asterisk was restarted.
Asterisk 15+ already has a configuration option 'fetch_again_at_reload'
that performs a similar function.
Also fix a tiny memory leak in res_calendar_caldav while we're at it.
ASTERISK-25524 #close
Reported by: Jesper
Change-Id: Ib0f8057642e9d471960f1a79fd42e5a3ce587d3b
Incoming requests with non sip(s) URIs in the Request, To, From
or Contact URIs are now rejected with
PJSIP_SC_UNSUPPORTED_URI_SCHEME (416). This is performed in
pjsip_message_filter (formerly pjsip_message_ip_updater) and is
done at pjproject's "TRANSPORT" layer before a request can even
reach the distributor.
URIs read by res_pjsip_outbound_publish from pjsip.conf are now
also checked for both length and sip(s) scheme. Those URIs read
by outbound registration and aor were already being checked for
scheme but their error messages needed to be updated to include
scheme failure as well as length failure.
Change-Id: Ibb2f9f1d2dc7549da562af4cbd9156c44ffdd460
* The way that we were looking at XML elements for CalDAV was extremely
fragile, so use SAX2 for increased robustness.
* Don't complain about a 'channel' not be specified if autoreminder is
not set. Assume that if 'channel' is not set, we don't want to be
notified.
* Fix some truncated CLI output in 'calendar show calendar' and make the
'Autoreminder' description a bit more clear
ASTERISK-24588 #close
Reported by: Stefan Gofferje
ASTERISK-25523 #close
Reported by: Jesper
Change-Id: I200d11afca6a47e7d97888f286977e2e69874b2c
A new endpoint parameter "incoming_mwi_mailbox" allows Asterisk to
receive unsolicited MWI NOTIFY requests and make them available to
other modules via the stasis message bus.
res_pjsip_pubsub has a new handler "pubsub_on_rx_mwi_notify_request"
that parses a simple-message-summary body and, if
endpoint->incoming_mwi_account is set, calls ast_publish_mwi_state
with the voice-message counts from the message.
Change-Id: I08bae3d16e77af48fcccc2c936acce8fc0ef0f3c
In 45744fc53, I mistakenly broke SDP media address rewriting by
misinterpreting which address was checked in the localnet comparison.
Instead of checking the remote peer address to decide whether we need
media address rewriting, we check our local media address: if it's
local, then we rewrite. This feels awkward, but works and even made
directmedia work properly if you set local_net. (For the record: for
local peers, the SDP media rewrite code is not called, so the
comparison does no harm there.)
ASTERISK-27248 #close
Change-Id: I566be1c33f4d0a689567d451ed46bab9c3861d4f
If an error occurs during a bridge impart it's possible that
the "bridge_after" callback might try to run before
control_swap_channel_in_bridge has been signalled to continue.
Since control_swap_channel_in_bridge is holding the control lock
and the callback needs it, a deadlock will occur.
* control_swap_channel_in_bridge now only holds the control
lock while it's actually modifying the control structure and
releases it while the bridge impart is running.
* bridge_after_cb is now tolerant of impart failures.
Change-Id: Ifd239aa93955b3eb475521f61e284fcb0da2c3b3
Asterisk is able to use libSRTP 2.0.x. However since libSRTP 2.1.x, the macro
SRTP_AES_ICM got renamed to SRTP_AES_ICM_128. Beside to still compile with
previous versions of libSRTP, this change allows libSRTP 2.1.x as well.
ASTERISK-27253 #close
Change-Id: I2e6eb3c3bc844fee8a624060a2eb6f182dc70315
In 2dee95cc (ASTERISK-27024) and 776ffd77 (ASTERISK-26879) there was
confusion about whether the transport_state->localnet ACL has ALLOW or
DENY semantics.
For the record: the localnet has DENY semantics, meaning that "not in
the list" means ALLOW, and the local nets are in the list.
Therefore, checks like this look wrong, but are right:
/* See if where we are sending this request is local or not, and if
not that we can get a Contact URI to modify */
if (ast_apply_ha(transport_state->localnet, &addr) != AST_SENSE_ALLOW) {
ast_debug(5, "Request is being sent to local address, "
"skipping NAT manipulation\n");
(In the list == localnet == DENY == skip NAT manipulation.)
And conversely, other checks that looked right, were wrong.
This change adds two macro's to reduce the confusion and uses those
instead:
ast_sip_transport_is_nonlocal(transport_state, addr)
ast_sip_transport_is_local(transport_state, addr)
ASTERISK-27248 #close
Change-Id: Ie7767519eb5a822c4848e531a53c0fd054fae934
t38_reinvite_response_cb can get called by res_pjsip_session's
session_inv_on_tsx_state_changed in situations where session->channel
is NULL. If it is, the ast_log warning segfaults because it tries
to get the channel name from a NULL channel.
* Check session->channel and print "unknown channel" when it's NULL.
ASTERISK-27236
Reported by: Ross Beer
Change-Id: I4326e288d36327f6c79ab52226d54905cdc87dc7
sanitize_tdata was assuming all URIs were SIP URIs so when a non
SIP uri was in the From, To or Contact headers, the unconditional
cast of a non-pjsip_sip_uri structure to pjsip_sip_uri caused
a segfault when trying to access uri->other_param.
* Added PJSIP_URI_SCHEME_IS_SIP(uri) || PJSIP_URI_SCHEME_IS_SIPS(uri)
checks before attempting to cast or use the returned uri.
ASTERISK-27152
Reported-by: Ross Beer
Change-Id: Id380df790e6622c8058a96035f8b8f4aa0b8551f