The use of a '|' in the "global/debug" synopsis documentation caused the
generated html table on the wiki to add an extra column that included the
text after the pipe.
This patch replaces the pipe with a comma.
ASTERISK-28150
Change-Id: I3d79a6ca6d733d9cb290e779438114884b98a719
The current round-robin method does not take the current taskprocessor
load into consideration when distributing requests. Using the least-size
method the request goes to the taskprocessor that is servicing the least
number of active tasks at the current time.
Longer running tasks with the round-robin method can delay processing
tasks.
* Change the algorithm from round-robin to least-size for picking the
PJSIP taskprocessor from the default serializer pool.
Change-Id: I7b8d8cc2c2490494f579374b6af0a4868e3a37cd
This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.
The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.
The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.
The default value is 'yes' for both options.
Change-Id: I16af967815efd904597ec2f033337e4333d097cd
The module 'res_pjsip_notify' inefficiently makes a lot of DB requests
on CLI completion on the endpoint.
For example if there are 10k endpoints the module makes 10k requests
of these 10k records.
Even if a part of the endpoint entered
the module makes the same 10k requests and then filtered them by itself.
This patch gathers endpoints container by prefix
and adds all gathered endpoints to completion at once.
ASTERISK-28137 #close
Change-Id: Ic20024912cc77bf4d3e476c4cd853293c52b254b
Add a new global flag to res_pjsip to allow the callerid to be used
as the username in the contact header. This allows chan_pjsip to have
the same behavour as chan_sip
ASTERISK-28087 #close
Change-Id: I9a720e058323f6862a91c62f8a8c1a4b5c087b95
These macros have been documented as legacy for a long time but are
still used in new code because they exist. Remove all references to:
* ao2_container_alloc_options
* ao2_t_container_alloc_options
* ao2_t_container_alloc
These macro's are still available for use but only in modules. Only
ao2_container_alloc remains due to it's use in over 100 places.
Change-Id: I1a26258b5bf3deb081aaeed11a0baa175c933c7a
Most were in comments. A couple were in warning messages.
Pointed out by Jonathan H on the Asterisk users mailing list.
Change-Id: I6286939dff5d0a27a2758140570106f1cb351855
* The dependency ensures that res_pjproject cannot be manually unloaded
before res_rtp_asterisk.
* The dependency allows startup loading errors to report that
res_rtp_asterisk depends upon res_pjproject.
Change-Id: Icf5e7581f4ddd6189929f6174c74dd951f887377
This patch sets the callerid_tag to empty string by default.
If the callerid_tag is set to NULL then the tag does not
become part of a connected line update.
For example:
Alice's tag is "Alice".
Bob's tag is empty.
Charlie's tag is "Charlie".
Alice calls Bob and then does attended transfer to Charlie.
When Alice hangs up the CONNECTEDLINE(tag) is "Alice"
on the interception routine on the Charlie's channel, but should be empty.
Ths patch also fix memory leaks if there are more then one options
"callerid", "callerid_tag", "voicemail_extension" and "contact_user"
in the pjsip.conf endpoint definition.
Change-Id: I86ba455c4677ca8d516d9a04ce7fb4d24dd576e4
The return status when there was no change in statsd.conf was incorrect.
This resulted in the wrong status message on the CLI when reloading the
module.
* Fixed cleanup on initial load if initializing statsd failed.
Change-Id: Id24fae75f1a7ff584a444a5680e867d989792481
I think this module is so screwed up that it doesn't work anymore. Even
with these attempts to fix things it still won't gracefully shut down.
The module refs will not go to zero to allow unloading the module.
* Fix module ref counting dealing with the SMDI interface object. There
were several off-nominal paths that unbalanced the module ref count. Also
the destructor freed the ao2 object itself which is bad. Made the
smdi_read thread not hold its own ref to the SMDI interface object so when
all refs go away the destructor will stop the listener thread.
* Fixed the smdi_load() return code of 1 concerning the number of
listeners. The test was inverted.
Change-Id: Ic288db51b58e395d6a2fc3847f77176c16988784
This module is an optional dependency of a couple of other modules. If it
declines to load, it then forces other modules that can optionally use
this module to also decline.
* Made use the default configuration if the config file does not exist and
simplified some of the logic.
Change-Id: Ib93191f1fe28c0dd9ebe3d84c7762b32f83c4eb9
This module is an optional dependency of many modules. If it declines to
load it then forces other modules that can optionally use this module to
also decline.
* Made use default configuration if there is a config error or the config
file does not exist.
Change-Id: If1068a582ec54ab7fb437265cb5370a97a825737
CLI command 'pjsip show contacts' inefficiently make a lot of DB requests.
For example if there are 10k aors then asterisk requests these 10k records
of aor and then does 10k requests of contact - one request per aor.
Even if use 'like <pattern>' the asterisk requests all aor's and contact's
records and then filters them by itself.
This patch gathers contact's container by
- retrieving all dynamic contacts by regex (filtered by reg_server)
- retrieving all aors with permanent contacts
- finally filters container by regex
ASTERISK-28077 #close
Change-Id: Id0ad65d14952a02fb213273a90f3f680a8149618
Fixed an issue that resulted in "Allocation failed" each time an ARI
request was made to start playing MOH on a bridge.
In bridge_moh_create() we were attaching the after bridge callbacks to
chan which is the ;1 channel of the unreal channel pair. We should have
attached them to the ;2 channel which is pushed into the bridge by
ast_unreal_channel_push_to_bridge(). The callbacks are called when the
specific channel leaves the bridging system. Since the ;1 channel is
never put into a bridge the callbacks never get called. The callbacks
then never remove the moh_wrapper from the app_bridges_moh container. As
a result we cannot find the channel associated with the wrapper to start
MOH because it has hungup. This is the reason causing the reported issue.
* Rather than using after bridge callbacks to cleanup, we now have
moh_channel_thread() doing the cleanup when the channel hangs up.
* Fixed moh_channel_thread() accumulating control frames on the stasis
bridge MOH channel until MOH is stopped. Control frames are no longer
accumulated while MOH is playing.
* Fixed channel ref counting issue. stasis_app_bridge_moh_channel() may
or may not return a channel ref. As a result ast_ari_bridges_start_moh()
wouldn't know it may have a channel ref to release.
stasis_app_bridge_moh_channel() will now return a ref with the channel it
returns.
* Eliminated RAII_VAR in bridge_moh_create().
ASTERISK-26094 #close
Change-Id: Ibff479e167b3320c68aaabfada7e1d0ef7bd548c
When networks experience disruptions, there can be large gaps of time
between receiving packets. When strictrtp is enabled, this created
issues where a flood of packets could come in and be seen as an attack.
Another option - seqno - has been added to the strictrtp option that
ignores the time interval and goes strictly by sequence number for
validity.
Change-Id: I8a42b8d193673899c8fc22fe7f98ea87df89be71
On SQL error there is not diagnostic information about this error.
There is only
WARNING res_odbc.c: SQL Execute error -1!
The function ast_odbc_print_errors calls a SQLGetDiagField to get the number
of available diagnostic records, but the SQLGetDiagField returns 0.
However SQLGetDiagRec could return one diagnostic records in this case.
Looking at many example of getting diagnostics error information
I found out that the best way it's to use only SQLGetDiagRec
while it returns SQL_SUCCESS.
Also this patch adds calls of ast_odbc_print_errors on SQL_ERROR
to res_config_odbc.
ASTERISK-28065 #close
Change-Id: Iba5ae5470ac49ecd911dd084effbe9efac68ccc1
In order to do this and provide good feedback, a new macro was
created (AST_EXT_LIB_EXTRA_CHECK) which does the normal check and
path setups for the library then compiles, links and runs a supplied
code fragment to do the final determination. In this case, the
final code fragment compares UNBOUND_VERSION_MAJOR
and UNBOUND_VERSION_MINOR to determine if they're greater than or
equal to 1.5.
Since we require version 1.5, some code in res_resolver_unbound
was also simplified.
ASTERISK-28045
Reported by: Samuel Galarneau
Change-Id: Iee94ad543cd6f8b118df8c4c7afd9c4e2ca1fa72
This change raises a testsuite event to provide what port
Asterisk has actually allocated for RTP. This ensures that
testsuite tests can remove any assumption of ports and instead
use the actual port in use.
ASTERISK-28070
Change-Id: I91bd45782e84284e01c89acf4b2da352e14ae044
* Use "o*" format specifier for optional fields in ast_json_party_id.
* Stop using ast_json_deep_copy on immutable objects, it is now thread
safe to just use ast_json_ref.
Additional changes to ast_json_pack calls in the vicinity:
* Use "O" when an object needs to be bumped. This was previously
avoided as it was not thread safe.
* Use "o?" and "O?" to replace NULL with ast_json_null(). The
"?" is a new feature of ast_json_pack starting with Asterisk 16.
Change-Id: I8382d28d7d83ee0ce13334e51ae45dbc0bdaef48
ast_rtp_new free'd rtp upon failure, but rtp_engine.c would also call
the destroy callback. Remove call to ast_free from ast_rtp_new, leave
it to rtp_engine.c to initiate the full cleanup. Add error detection
for the ssrc_mapping vector initialization. In rtp_allocate_transport
set rtp->s = -1 in the failure path where we close that FD to ensure we
don't try closing it twice.
ASTERISK-27854 #close
Change-Id: Ie02aecbb46228ca804e24b19cec2bb6f7b94e451
'rtpchecksums' and 'rtcpinterval' are not being reset to their defaults
if they are not present in the updated configuration file.
Change-Id: I1162e40199314d46cf3225d5e1271c4c81176670
The HTTP request processing in res_http_websocket allocates additional
space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.
* No longer allocate memory from the stack in a loop to parse the header
values. NOTE: There is a slight API change when using the passed in
strings as is. We now require the passed in strings to no longer have
leading or trailing whitespace. This isn't a problem as the only callers
have already done this before passing the strings to the affected
function.
ASTERISK-28013 #close
Change-Id: Ia564825a8a95e085fd17e658cb777fe1afa8091a
This adds a module which registers a CLI command that can set the
REMB bitrate value for REMB as it enters or exits Asterisk. This
allows you to ignore what Asterisk or a client produces and is
useful for demonstrations.
This does not generate REMB frames, however, but just modifies
them as they flow to or from a channel.
Change-Id: Ib089427c46a4a36d645cecfe02406adb38c17bec
This change brings in PJSIP 2.8, removes all the patches
that were merged upstream, and makes a minor change to
support a breaking change that was done.
ASTERISK-28059
Change-Id: I5097772b11b0f95c3c1f52df6400158666f0a189
Given a scenario where a session refresh was done with a removed
stream we would always add a removed stream to the outgoing SDP
even if one did not already exist.
This change makes it so that a removed stream is only placed into
the SDP if one already exists.
ASTERISK-28047
Change-Id: Ibb97d21cdeb87a8acae0c720861b0ff255708442
Both pjsip_tx_data.tp_info.dst_name and pjsip_rx_data.pkt_info.src_name
store IPv6 addresses without enclosing brackets. This causes some log
output to be confusing because it is difficult to separate the IPv6
address from a port specification.
* Use pj_sockaddr_print() along with pjsip_tx_data.tp_info.dst_addr and
pjsip_rx_data.pkt_info.src_addr where possible for consistent IPv6
output.
* When a pj_sockaddr is not available, explicitly wrap IPv6 addresses
in brackets.
* When assigning pjsip_rx_data.pkt_info.src_name ourselves, make sure
to also set pjsip_rx_data.pkt_info.src_addr.
Change-Id: I5cfe997ced7883862a12b9c7d8551d76ae02fcf8
As they're not actively used, they only grow stale. The moduleinfo field itself
is kept in Asterisk 13/15 for ABI compatibility.
ASTERISK-28046 #close
Change-Id: I8df66a7007f807840414bb348511a8c14c05a9fc
The bundled version of pjproject has a patch for Solaris compatability
that changes the definition of various socket structures which we need
to account for when compiling against a non-bundled version.
ASTERISK-28049 #close
Change-Id: Ia1ea47c433fc2d915115193ee889a752373925f0
On MOH activation, moh_files_readframe() is called while the current
stream attached to the channel is NULL and it calls ast_moh_files_next()
immediately. However, it won't call ast_moh_files_next() again if sample
reading fails. The failure may occur because res_musiconhold retains the
last sample reading position in the channel data and MOH during the
previous hold/retrieve just reached EOF. Obviously, a bit of bad luck is
required here.
* Restructured moh_files_readframe() to try a second time to start MOH if
there was no stream setup and the saved position was at EOF. Also added
comments describing what is going on for each step.
ASTERISK-28029
Change-Id: I1508cf2c094f8feca22d6f76deaa9fdfa9944860
Currently, to convert from a pj_sockaddr to an ast_sockaddr, the address
needs to be rendered to a string and then parsed into the correct
structure. This also involves a call to getaddrinfo(3). The same is true
for the inverse operation.
Instead, because we know the internal structure of both ast_sockaddr and
pj_sockaddr, we can translate directly between the two without the
need for an intermediate string.
Change-Id: If0fc4bba9643f755604c6ffbb0d7cc46020bc761
The T.38 fax gateway state machine can cause the fax gateway
to be started more than once on a channel depending on the
responses of the remote endpoint. This would previously leak
the channel name, channel unique id, and underlying fax engine
state. This change instead makes it so that if the fax gateway
session is already present and not reserved the fax gateway
is not started again.
ASTERISK-27981
Change-Id: I552d95086860cb18f2522ee40ef47b13b6da2e0e
SIP responses over WebSockets when the client is using IPv6 have invalid
Via headers according to RFC 3261. The 'received' header parameter
should not be wrapped in brackets if it is an IPv6 address.
When src_name is populated by the built-in PJSIP transports, the code
uses pj_sockaddr_print() with 'flags' set to 0, meaning that the
brackets are not rendered around IPv6 addresses.
This may be related to ASTERISK~27101.
See also: https://github.com/onsip/SIP.js/pull/594
ASTERISK-28020 #close
Change-Id: I8ea9d289901b837512bee2ca2535e3dc14f04d77
This new option can be passed for ./configure or
./tests/CI/buildAsterisk.sh to prevent download/install of binary
modules.
Normally enabling the categories MENUSELECT_CODECS or MENUSELECT_RES
will result in binary modules being enabled even if the build target is
incompatible with those modules. This includes CI scripts which enable
categories before disabling specific modules.
If more binary modules are offered in the future this will help avoid
accidentally downloading them if unwanted or incompatible. Adding a
binary module will only require creating a new menuselect entry similar
to the existing ones, it will not be necessary to modify the CI scripts.
Change-Id: I6b1bd1c75a2e48f05b8b8a45b7a7a2d00a079166
The realtime text timer pops regularly and sends text frames even if
the buffer is empty. This causes a lot of unecessary debug logging.
* Made red_write() test if we need to send a frame before calling
ast_rtp_write()
ASTERISK-28002
Reported by: Emmanuel BUU
Tested by: Emmanuel BUU
Change-Id: Icf81310c3b8080b615a42060afc02ab41f9523dd
When a Contact is updated the only material change that qualify
support cares about is the underlying configuration for the AOR.
In this case we will update things with the new AOR information but
otherwise the callback to indicate the Contact has changed can be
ignored.
This is because it is only when a Contact is added or deleted that
material changes occur within the qualify support. An update can't
change the URI since it would result in a new Contact so it can be
ignored.
Change-Id: I2f97ebfa79969a36a97bb7b9afd5b6268cf1a07d
We were still getting crashes after the first fix. Somehow we receive a
non-2xx final response before we get a 200 final response. With the
failure response we had already cleaned up and destroyed some data
structures. When the unexpected 200 response comes in we crash.
* Add protection code to prevent processing another final T.38 reINVITE
response.
ASTERISK-27944
Change-Id: I8b5baba8d07fe4d63f0d7d05d3eb9a3d27d40a74
The allow_unqualified_fetch option for the sorcery realtime backend
blocked actually fetching all rows when the option is set to warn.
* Made issue a warning and actually do the request when
allow_unqualified_fetch=warn is set.
Change-Id: I74456c80a03a62dce66fc3dc3cb0cf2351ac4312
Compiling without SRTP support installed resulted in some unused variable
warnings. These warnings also showed that the srtp variable was obtained
and passed around some functions but not really used even when a system
has SRTP installed.
Change-Id: I6daad34be3e89b19adef6e2fbe738018975155fc
If in the initial sdp the caller doesn't include the line
a=rtcp-mux
Then asterisk shoud not include rtcp-mux in the response regardless
of rtcp-mux being enabled on the endpoint
ASTERISK-28007 #close
Change-Id: I58e9b9f40a139afc0da5de41906cc608fb62adc7
sip_options_get_endpoint_state_compositor_state leaked a reference to
the first available endpoint state compositor that was found.
Change-Id: Idb6be19f7219b6eed1dfb19c1e740dd40cb3fdc7
This change adds the "party" parameter to the Remote-Party-ID header
which indicates which party the header information is applicable
to. In Asterisk this is determined on whether we are the calling
or called party. This is added to improve interoperability with some
implementations.
ASTERISK-28006
Change-Id: I1eec3e377ffff8633b5c1dd59a05e9533122cfca
When a conference contained a mixture of audio/video and audio-only
users, a NOTICE message would pop up stating there are no joint
capabilities between streams. This happens because streams can never be
removed, but they can be in a REMOVED state. If we have the scenario
where user A joins with audio/video, user B joins with audio-only, and
user C joins with audio/video, then user A leaves, the message would
be triggered. That removed stream is still in the SDP, but Asterisk
would pass it through, causing it to be seen as a ulaw stream. A check
has been added for removed streams, setting their status to REMOVED when
handling negotiated SDPs.
Also addressed an issue where user A joins, then user B joins but does
not receive video until much later. Full frames were not being sent,
causing some PLI from the browser. Because the video was flowing in one
direction, the browser sets the SSRC to 1, but Asterisk was dropping the
PLI because of that. Added a check to see if the SSRC is 1 or not, which
sends full frames and allows video to flow between user A and user B.
This should only happen when dealing with PSFB or FUR, and in the case
of PSFB, only for PLI.
ASTERISK-27398
Change-Id: I26e7c6f101bc119549eeca406b5bcd25ad8ebc5e
The authors of PJProject undef s_addr because of some issue in Microsoft
Windows. However in Oracle Solaris, s_addr is not a structure member, but
defined to map to the real structure member.
Updates the patch from ASTERISK_20366
ASTERISK-27997
Change-Id: I8223026d4d54e2a46521085fcc94bfa6ebe35b11
* Don't include pjlib.h twice in res_pjsip.h
* Consistently use #include <> form for pjproject includes.
(pjsip.h and pjlib.h)
Change-Id: I3f7b42044840de64edf7e9d7695cb60c45990dc7
If asterisk offer an endpoint with SRTP and that endpoint respond
with non srtp, in that case channel(rtp,secure,audio) reply wrong
status.
Why delete flag AST_SRTP_CRYPTO_OFFER_OK while check identical remote_key:
Currently this flag has being set redundantly. In either case identical
or different remote_key this flag has being set. So if we
don't set it while we receive identical remote_key or non SRTP SDP
response then we can take decision of srtp use by using that flag.
ASTERISK-27999
Change-Id: I29dc2843cf4e5ae2604301cb4ff258f1822dc2d7
This change removes a sorcery lookup for retrieving all
contacts at the end of the registration process by keeping
track of the contacts that are added/updated/deleted.
This ensures at the end of the process the container of
contacts we have is the current state.
Pool usage has also been reduced by allocating one for
usage throughout the handling of a REGISTER and resetting
it to a clean state. This ensures that in most cases
we allocate once and just reuse it.
ASTERISK-28001
Change-Id: I1a78b2d46f9a2045dbbff1a3fd6dba84b612b3cb
This patch adds regular expression support to make the identify section's
match_header option more useful when attempting to match complex headers
like the 'To' or 'From' headers. The 'From' header has variable
components such as the tag parameter that you cannot predict. To specify
a regular expression put slashes around the regular expression in place of
the header value.
[identify-alice]
type=identify
endpoint=alice
match_header=From: /<sip:alice@127\\.0\\.0\\.1>/
* Added regex support to match_header so you could match a 'To' header
among other complex headers.
Fixed reported crashes when trying to match special headers like 'Contact'.
The identify section's match_header method used code that assumed you were
matching a generic header. Any other type of header could cause a crash
if the header structure variant did not match the generic header enough.
* Made use code that will work for any header type instead of code
specific to generic headers.
Other fixes while in the area:
* Made check all headers of the requested name.
* Added some more sanity checks to the configured identify matching
options when applying the configuration.
ASTERISK-27548
Change-Id: I27dfd4ff5e2259b906640e3c330681b76b4ed1f1
The alembic for the PJSIP subscription persistence table has the
"prune_on_boot" field as a boolean. While in Asterisk we are
tolerant of many different definitions of true and false in the
database we only accept "yes" and "no". This change makes the
field treated as a yes/no instead of an integer, thus storing
"yes" and "no" instead of "1" and "0".
Change-Id: Ic8b9211b36babefe78f70def6828a135a6ae7ab6
OpenSSL is an optional external library and should stay optional even when
Developer Mode is configured.
ASTERISK-27990
Change-Id: Ia68a4cd5474b26d45e0f43b04032ad598022853b
When realtime text packets are to be sent, the text is accumulated in a
buffer and sent regularly by a timer. It can happen that commands such as
a backspace, CR, or LF get merged with regular text. This breaks some
UAs.
The proposed change:
* We test if the current packet contains a command. If so we send the
buffer immediately.
* We test if the buffer contained a command. If so we send the buffer
immediately.
* We accumulate the text (or the command) in the buffer.
ASTERISK-27970
Change-Id: Ifbe993311410fa855cb8aa4a12084db75f413462
If a SIP MESSAGE is triggered for an endpoint that is currently not registered
- and therefore has no valid contact associated - an error message was logged.
Since this is a valid request in a valid use cases this is now changed to a
warning, as discussed with Matt Fredrickson on the asterisk-dev mailing list.
Change-Id: I55eb62d2712818a58c7532119dec288bd98cf0c0
A change recently went in which disabled the built-in PJSIP
keepalive. This defaulted to 90 seconds and kept TCP/TLS
connections alive. Disabling this functionality has resulted
in a behavior change of not doing keepalives by default resulting
in TCP/TLS connections dropping for some people.
This change makes our default keepalive interval 90 seconds
to match the previous behavior and preserve it.
ASTERISK-27978
Change-Id: Ibd9a45f3cbe5d9bb6d2161268696645ff781b1d6
* Use the replacement function ast_sip_push_task_wait_servant() instead of
the deprecated ast_sip_push_task_synchronous().
Change-Id: I145b550ba7054640c7faa3b644e63137f505c612
Support has been added for receiving a NACK request and handling it.
Now, Asterisk can detect when a NACK request should be sent and knows
how to construct one based on the packets we've received from the remote
end. A buffer has been added that will store out of order packets until
we receive the packet we are expecting. Then, these packets are handled
like normal and frames are queued to the core like normal. Asterisk
knows which packets to request in the NACK request using a vector
which stores the sequence numbers of the packets we are currently missing.
If a missing packet is received, cycle through the buffer until we reach
another packet we have not received yet. If the buffer reaches a certain
size, send a NACK request. If the buffer reaches its max size, queue all
frames to the core and wipe the buffer and vector.
According to RFC3711, the NACK request must be sent out in a compound
packet. All compound packets must start with a sender or receiver
report, so some work was done to refactor the current sender / receiver
code to allow it to be used without having to also include sdes
information and automatically send the report.
Also added additional functionality to ast_data_buffer, along with some
testing.
For more information, refer to the wiki page:
https://wiki.asterisk.org/wiki/display/AST/WebRTC+User+Experience+Improvements
ASTERISK-27810 #close
Change-Id: Idab644b08a1593659c92cda64132ccc203fe991d
A problem I've seen countless times is a global or system section
for PJSIP not getting applied. This is inevitably the result of
the "type=" line missing. This change alleviates that problem.
The ability to specify an explicit section name has been
added to res_sorcery_config. If the configured section
name matches this and there are no unknown things configured
the section is taken as being for the given type.
Both the PJSIP "global" and "system" types now support this
so you can just name your section "global" or "system" and it
will be matched and used, even without a "type=" line.
ASTERISK-27972
Change-Id: Ie22723663c1ddd24f869af8c9b4c1b59e2476893
I have removed the STATIC_BUILD option immediately as it has not
been maintained in many years and is non-functional.
ASTERISK-27965
Change-Id: I64783d017b86dba9ee3c7bcfb97e59889a3f76d7
SRTP SDES key lifetime support was added in ASTERISK_17899.
In that addition, the minimum key lifetime to be accepted was
set at the 10 hours @ 20ms/packet = 1800000 packets.
The firmware in the obi1xx ATA uses a hardcoded lifetime of
2^20 packets.
Lower the limit to 2^20 to support a wider field of clients.
ASTERISK-27967 #close
Change-Id: I81a0703c595a0c9101dfdf02300149a3cc39bf94
Previously, the msid "label" attribute was used to correlate
participant info but because streams could be reused, the msid
wasn't being updated correctly when someone left the bridge and
another joined.
Now, instead of looking for the msid attribute on a channel's streams,
app_confbridge sets an "SDP:LABEL" attribute on the stream which
res_pjsip_sdp_rtp looks for. If it finds it, it adds a "label"
attribute to the current sdp.
Change-Id: I6cbaa87fb59a2e0688d956e72d2d09e4ac20d5a5
Keep track if ICE candidates were in the SDP offer & only put them
in the corresponding SDP answer if the offer condaind ICE candidates
ASTERISK-27957 #close
Change-Id: Idf2597ee48e9a287e07aa4030bfa705430a13a92
This commit adds a new function to res_parking.
This function, PARK_GET_CHANNEL allows the retrieval
of the channel name of the channel occupying the parking slot.
ASTERISK-22825 #close
Change-Id: Idba6ae55b8a53f734238cb3d995cedb95c0e7b74
When setting/appending the media id's to the bundle group attribute a '-1' was
being passed to the 'ast_str_set/append' function for the 'max_len' parameter.
This essentially capped the length of the string to what it was originally
allocated with. In this case 64 bytes.
This patch makes it so a '0' is passed as in for the 'max_len', which means
"no maximum length".
ASTERISK-27955 #close
Change-Id: Iec565df6600401d54a502854a53d19bb4cc34876
The function pubsub_on_rx_publish_request incorrectly uses
of AST_SCHED_REPLACE_UNREF.
The AST_SCHED_REPLACE_UNREF should unref old '_data'.
Because of this, there may be a double unref
of variable 'publication' when ast_sched_del is unsuccessful
that leads to use after free of the 'publication' in publish_expire.
ASTERISK-27956 #close
Change-Id: Ie0f0cfc7e036953d890b188656010b325a5cdc82
A new option 'suppress_q850_reason_headers' has been added to the
endpoint object. Some devices can't accept multiple Reason headers and
get confused when both 'SIP' and 'Q.850' Reason headers are received.
This option allows the 'Q.850' Reason header to be suppressed.
The default value is 'no'.
ASTERISK-27949
Reported-by: Ross Beer
Change-Id: I54cf37a827d77de2079256bb3de7e90fa5e1deb1
When negotiating an incoming T.38 stream the code incorrectly
returned failure instead of a decline for the stream when a
problem occurred or the configuration didn't allow it. This
resulted in SDP offers being rejected with a 488 response
in all cases, even when another valid stream was present.
This change makes it so the stream is now declined. If no
streams are accepted a 488 response is sent while if at least
one stream is accepted all the declined streams are, well,
declined.
ASTERISK-27763
Change-Id: I88bcf793788c412a9839d111a5c736bf6867807c
We were blindly responding with AST_T38_REFUSED when ANY T.38 control
frame came accross the bridge. This causes T.38 Gateway to get confused
and the T.38 session to get in a strange state.
* Made the T.38 framehook only respond to request frames and ignore
response frames.
ASTERISK-27657
ASTERISK-27080
Change-Id: I5fb5967c7d1efb30a7ff375f82887ca82a55b05b
Using the keep_alive_interval option can result in a deadlock between the
pjproject transport manager group lock and the monitored transports ao2
container lock. The pjproject transport manager group lock has to be
superior in the locking order to the monitored transports ao2 container
lock because of pjproject callbacks called when already holding the group
lock. The lock inversion happens when Asterisk attempts to send a keep
alive packet over the reliable transports.
* Made keepalive_transport_thread() iterate over the monitored transports
container rather than use the ao2_callback() method. This avoids holding
the container lock when sending the keep alive packet.
ASTERISK-26686
Change-Id: I5d5392a52e698bbe41a93f7d8e92bf0e61fe3951
The Websocket transport uses the built-in HTTP server. As a result
the TLS configuration is done in http.conf and not in pjsip.conf.
This change adds a warning if this is configured in pjsip.conf and
also clarifies in the sample configuration file.
Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9
If we initiated a T.38 reINVITE, we would crash if we received any other
1xx response message except 100 if it were followed by a 200 response.
* Made ignore any 1xx response so we do not close out the T.38 negotiation
too early. For good measure we'll now accept any 2xx response as
acceptance of the reINVITE T.38 offer.
ASTERISK-27944
Change-Id: I0ca88aae708d091db7335af73f41035a212adff4
Incoming publications need to ensure that the module remains
loaded for the lifetime of them. This is now done by holding
a reference to the module while the publication exists. This
mirrors that of inbound subscriptions.
ASTERISK-27783
Change-Id: Ia98c95a15e11af25728d5fb3e56e12cda0cfc7c0
In addition to text/* content types, incoming_in_dialog_request now
accepts application/* content types.
Also fixed a length issue when copying the body text. It was one
character short.
ASTERISK-27942
Change-Id: I4e54d8cc6158dc47eb8fdd6ba0108c6fd53f2818
pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response. We handle this correctly. There have
been reported cases where the To tag is the same but we still need to
follow the media. The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime. The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.
So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.
The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.
Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer
* Fix several instances where we were bumping a ref in the parameter and
then unrefing the object if it failed. The way the AST_VECTOR_APPEND()
and AST_VECTOR_REPLACE() macros are implemented means if it fails the new
value was never evaluated.
Change-Id: I2847872a455b11ea7e5b7ce697c0a455a1d0ac9a
There can be one and only one thread handling a channel's media at a time.
Otherwise, we don't know which thread is going to handle the media frames.
ASTERISK-27625
Change-Id: I4d6a2fe7386ea447ee199003bf8ad681cb30454e
ConfBridge can now send events to participants via in-dialog MESSAGEs.
All current Confbridge events are supported, such as ConfbridgeJoin,
ConfbridgeLeave, etc. In addition to those events, a new event
ConfbridgeWelcome has been added that will send a list of all
current participants to a new participant.
For all but the ConfbridgeWelcome event, the JSON message contains
information about the bridge, such as its id and name, and information
about the channel that triggered the event such as channel name,
callerid info, mute status, and the MSID labels for their audio and
video tracks. You can use the labels to correlate callerid and mute
status to specific video elements in a webrtc client.
To control this behavior, the following options have been added to
confbridge.conf:
bridge_profile/enable_events: This must be enabled on any bridge where
events are desired.
user_profile/send_events: This must be set for a user profile to send
events. Different user profiles connected to the same bridge can have
different settings. This allows admins to get events but not normal
users for instance.
user_profile/echo_events: In some cases, you might not want the user
triggering the event to get the event sent back to them. To prevent it,
set this to false.
A change was also made to res_pjsip_sdp_rtp to save the generated msid
to the stream so it can be re-used. This allows participant A's video
stream to appear as the same label to all other participants.
Change-Id: I26420aa9f101f0b2387dc9e2fd10733197f1318e
Previously, Asterisk used its script ./configure, to test whether OpenSSL was
built with no-srtp (or was simply too old). However, the header file
<openssl/opensslconf.h> is the preferred way to detect the local configuration
of OpenSSL.
As a positive side-effect the script ./configure does not interleave the
detection of the Open Settlement Protocol Toolkit (OSPTK) with the detection of
individual features of OpenSSL anymore.
Change-Id: I3c77c7b00b2ffa2e935632097fa057b9fdf480c0
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
ASTERISK-27818
Change-Id: Icb275a54ff8e2df6c671a6d9bda37b5d732b3b32
Furthermore, allow OpenSSL configured with no-dh. Additionally, this change
allows auto-negotiation of the elliptic curve/group for servers, not only with
OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519
(since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect.
ASTERISK-27910
Change-Id: I5b0dd47c5194ee17f830f869d629d7ef212cf537
Currentrly pjsip_options code does not handle the situation when the
AOR qualify options were changed.
Also there is no way to find out what qualify options are using.
This patch add CLI commands to show and synchronize Aor qualify options:
pjsip show qualify endpoint <id>
Show the current qualify options for all Aors on the PJSIP endpoint.
pjsip show qualify aor <id>
Show the PJSIP Aor current qualify options.
pjsip reload qualify endpoint <id>
Synchronize the qualify options for all Aors on the PJSIP endpoint.
pjsip reload qualify aor <id>
Synchronize the PJSIP Aor qualify options.
ASTERISK-27872
Change-Id: I1746d10ef2b7954f2293f2e606cdd7428068c38c
Currentrly pjsip_options code does not handle the situation when the
qualify options were changed in realtime database.
Only 'module reload res_pjsip' helps.
This patch add a check on contact add/update observers if the contact
qualify options are different than local aor qualify options.
If the qualify options were modified then synchronize
the pjsip_options AOR local state.
ASTERISK-27872
Change-Id: Id55210a18e62ed5d35a88e408d5fe84a3c513c62
Certain race conditions between changing bridge types and DTMF can
cause the current FLAG_NEED_MARKER_BIT to send the marker bit before
the actual first packet of native bridging.
This logic keeps track of the ssrc the bridge is currently sending
and will correctly ensure the marker bit is set if SSRC as changed
from the previous sent packet.
ASTERISK-27845
Change-Id: I01858bd0235f1e5e629e20de71b422b16f55759b
When RTP was originally created it had the ability to place a single
extension in an RTP packet. In practice people wanted to potentially
put multiple extensions in one and so RFC 5285 (obsoleted by RFC
8285) came into existence. This allows RTP extensions to be negotiated
with a unique identifier to be used in the RTP packet, allowing
multiple extensions to be present in the packet.
This change extends the RTP engine API to add support for this. A
user of it can enable extensions and the API provides the ability to
retrieve the information (to construct SDP for example) and to provide
negotiated information (from SDP). The end result is that the RTP
engine can then query to see if the extension has been negotiated and
what unique identifier is to be used. It is then up to the RTP engine
implementation to construct the packet appropriately.
The first extension to use this support is abs-send-time which is
defined in the REMB draft[1] and is a second timestamp placed in an
RTP packet which is for when the packet has left the sending system.
It is used to more accurately determine the available bandwidth.
ASTERISK-27831
[1] https://tools.ietf.org/html/draft-alvestrand-rmcat-remb-03
Change-Id: I508deac557867b1e27fc7339be890c8018171588
Kevin Harwell
Alexei Gradinari
George Joseph
Joshua Colp
Torrey Searle
Corey Farrell
Richard Mudgett
Moritz Fain
Ben Ford
Sean Bright
Walter Doekes
Frederic LE FOLL
neutrino88
Alexander Traud
Salah Ahmed
Florian Floimair
Nick French
Joshua Elson
Jenkins2