In addition to text/* content types, incoming_in_dialog_request now
accepts application/* content types.
Also fixed a length issue when copying the body text. It was one
character short.
ASTERISK-27942
Change-Id: I4e54d8cc6158dc47eb8fdd6ba0108c6fd53f2818
pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response. We handle this correctly. There have
been reported cases where the To tag is the same but we still need to
follow the media. The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime. The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.
So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.
The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.
Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer
* Fix several instances where we were bumping a ref in the parameter and
then unrefing the object if it failed. The way the AST_VECTOR_APPEND()
and AST_VECTOR_REPLACE() macros are implemented means if it fails the new
value was never evaluated.
Change-Id: I2847872a455b11ea7e5b7ce697c0a455a1d0ac9a
There can be one and only one thread handling a channel's media at a time.
Otherwise, we don't know which thread is going to handle the media frames.
ASTERISK-27625
Change-Id: I4d6a2fe7386ea447ee199003bf8ad681cb30454e
Previously, Asterisk used its script ./configure, to test whether OpenSSL was
built with no-srtp (or was simply too old). However, the header file
<openssl/opensslconf.h> is the preferred way to detect the local configuration
of OpenSSL.
As a positive side-effect the script ./configure does not interleave the
detection of the Open Settlement Protocol Toolkit (OSPTK) with the detection of
individual features of OpenSSL anymore.
Change-Id: I3c77c7b00b2ffa2e935632097fa057b9fdf480c0
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
ASTERISK-27818
Change-Id: Icb275a54ff8e2df6c671a6d9bda37b5d732b3b32
Furthermore, allow OpenSSL configured with no-dh. Additionally, this change
allows auto-negotiation of the elliptic curve/group for servers, not only with
OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519
(since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect.
ASTERISK-27910
Change-Id: I5b0dd47c5194ee17f830f869d629d7ef212cf537
Currentrly pjsip_options code does not handle the situation when the
qualify options were changed in realtime database.
Only 'module reload res_pjsip' helps.
This patch add a check on contact add/update observers if the contact
qualify options are different than local aor qualify options.
If the qualify options were modified then synchronize
the pjsip_options AOR local state.
ASTERISK-27872
Change-Id: Id55210a18e62ed5d35a88e408d5fe84a3c513c62
Certain race conditions between changing bridge types and DTMF can
cause the current FLAG_NEED_MARKER_BIT to send the marker bit before
the actual first packet of native bridging.
This logic keeps track of the ssrc the bridge is currently sending
and will correctly ensure the marker bit is set if SSRC as changed
from the previous sent packet.
ASTERISK-27845
Change-Id: I01858bd0235f1e5e629e20de71b422b16f55759b
Currentrly pjsip_options code does not handle the situation when the
AOR qualify options were changed.
Also there is no way to find out what qualify options are using.
This patch add CLI commands to show and synchronize Aor qualify options:
pjsip show qualify endpoint <id>
Show the current qualify options for all Aors on the PJSIP endpoint.
pjsip show qualify aor <id>
Show the PJSIP Aor current qualify options.
pjsip reload qualify endpoint <id>
Synchronize the qualify options for all Aors on the PJSIP endpoint.
pjsip reload qualify aor <id>
Synchronize the PJSIP Aor qualify options.
ASTERISK-27872
Change-Id: I1746d10ef2b7954f2293f2e606cdd7428068c38c
Asterisk uses Reference Counting to track whether a module can be unloaded.
Every consumer who requires a module, increases the reference count. When the
consumer goes, is unloaded itself, it has to decrease the reference count on
all its used/required modules. That way
core stop gracefully
works on the command-line interface (CLI): One module after the other is
unloaded. A recent change broke this for the module res_pjsip.
ASTERISK-27861
Change-Id: I261abcb411d026bbb0691cc78f28300bfd3103a3
The module (res_)pjsip_transport_management got moved into res_pjsip. It is no
longer an independent/external module with (un)load_module and therefore has to
register just internally with res_pjsip.
ASTERISK-27860
Change-Id: Icd0413be7d2e98b92f51e6d6c353f2570bb4be95
This fixes build warnings found by GCC 8. In some cases format
truncation is intentional so the warning is just suppressed.
ASTERISK-27824 #close
Change-Id: I724f146cbddba8b86619d4c4a9931ee877995c84
Previously, only an IP address would be accepted for the capture_address config
setting in hep.conf. This change allows capture_address to be a resolvable
hostname or an IP address.
ASTERISK-27796 #close
Reported-By: Sebastian Gutierrez
Change-Id: I33e1a37a8b86e20505dadeda760b861a9ef51f6f
The "ari set debug" code for incoming requests incorrectly assumed
that all requests would contain a body. If one did not exist the
request would be incorrectly rejected. The response that was sent
was also incomplete as an incorrect function was used to construct
the response.
The code has now been changed to no longer require a request to have
a body and the response updated to use the correct function.
ASTERISK-27801
Change-Id: I4eef036ad54550a4368118cc348765ecac25e0f8
* Increase maximum number of ciphers from 100 to 256 (or whatever
PJ_SSL_SOCK_MAX_CIPHERS is #define'd to)
* Simplify logic in cipher_name_to_id()
* Make signed/unsigned comparison consistent
Re: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897412
Reported by: Ondřej Holas
Change-Id: Iea620f03915a1b873e79743154255c3148a514e7
The OPTIONS support in PJSIP has organically grown, like many things in
Asterisk. It has been tweaked, changed, and adapted based on situations
run into. Unfortunately this has taken its toll. Configuration file
based objects have poor performance and even dynamic ones aren't that
great.
This change scraps the existing code and starts fresh with new eyes. It
leverages all of the APIs made available such as sorcery observers and
serializers to provide a better implementation.
1. The state of contacts, AORs, and endpoints relevant to the qualify
process is maintained. This state can be updated by external forces (such
as a device registering/unregistering) and also the reload process. This
state also includes the association between endpoints and AORs.
2. AORs are scheduled and not contacts. This reduces the amount of work
spent juggling scheduled items.
3. Manipulation of which AORs are being qualified and the endpoint states
all occur within a serializer to reduce the conflict that can occur with
multiple threads attempting to modify things.
4. Operations regarding an AOR use a serializer specific to that AOR.
5. AORs and endpoint state act as state compositors. They take input
from lower level objects (contacts feed AORs, AORs feed endpoint state)
and determine if a sufficient enough change has occurred to be fed further
up the chain.
6. Realtime is supported by using observers to know when a contact has
been registered. If state does not exist for the associated AOR then it
is retrieved and becomes active as appropriate.
The end result of all of this is best shown with a configuration file of
3000 endpoints each with an AOR that has a static contact. In the old
code it would take over a minute to load and use all 8 of my cores. This
new code takes 2-3 seconds and barely touches the CPU even while dealing
with all of the OPTIONS requests.
ASTERISK-26806
Change-Id: I6a5ebbfca9001dfe933eaeac4d3babd8d2e6f082
Core bridging and, more specifically, bridge_softmix have been
enhanced to relay received frames of type TEXT or TEXT_DATA to all
participants in a softmix bridge. res_pjsip_messaging and
chan_pjsip have been enhanced to take advantage of this so when
res_pjsip_messaging receives an in-dialog MESSAGE message from a
user in a conference call, it's relayed to all other participants
in the call.
res_pjsip_messaging already queues TEXT frames to the channel when
it receives an in-dialog MESSAGE from an endpoint and chan_pjsip
will send an MESSAGE when it gets a TEXT frame. On a normal
point-to-point call, the frames are forwarded between the two
correctly. bridge_softmix was not though so messages weren't
getting forwarded to conference bridge participants. Even if they
were, the bridging code had no way to tell the participants who
sent the message so it would look like it came from the bridge
itself.
* The TEXT frame type doesn't allow storage of any meta data, such
as sender, on the frame so a new TEXT_DATA frame type was added that
uses the new ast_msg_data structure as its payload. A channel
driver can queue a frame of that type when it receives a message
from outside. A channel driver can use it for sending messages
by implementing the new send_text_data channel tech callback and
setting the new AST_CHAN_TP_SEND_TEXT_DATA flag in its tech
properties. If set, the bridging/channel core will use it instead
of the original send_text callback and it will get the ast_msg_data
structure. Channel drivers aren't required to implement this. Even
if a TEXT_DATA enabled driver uses it for incoming messages, an
outgoing channel driver that doesn't will still have it's send_text
callback called with only the message text just as before.
* res_pjsip_messaging now creates a TEXT_DATA frame for incoming
in-dialog messages and sets the "from" to the display name in the
"From" header, or if that's empty, the caller id name from the
channel. This allows the chat client user to set a friendly name
for the chat.
* bridge_softmix now forwards TEXT and TEXT_DATA frames to all
participants (except the sender).
* A new function "ast_sendtext_data" was added to channel which
takes an ast_msg_data structure and calls a channel's
send_text_data callback, or if that's not defined, the original
send_text callback.
* bridge_channel now calls ast_sendtext_data for TEXT_DATA frame
types and ast_sendtext for TEXT frame types.
* chan_pjsip now uses the "from" name in the ast_msg_data structure
(if it exists) to set the "From" header display name on outgoing text
messages.
Change-Id: Idacf5900bfd5f22ab8cd235aa56dfad090d18489
This reverts a problem introduced by the fix for ASTERISK_24329.
Now, when an announcement is played while waiting in a queue, music on
hold will not restart from the beginning of the sound file and will
instead pick up where it left off. However, the incorrect behavior in
ASTERISK_24329 is now present again; if an announcement X seconds
long is played when music on hold starts, music on hold will start X
seconds into the file.
ASTERISK-27774 #close
Reported by: lvl
Change-Id: I86b2885ee7063268f9b9747eddb788336ade989b
When a scheduled task is created you can pass in the
AST_SIP_SCHED_TASK_TRACK flag. This new flag causes scheduling events to
be logged.
Change-Id: I91967eb3d5a220915ce86881a28af772f9a7f56b
ast_sip_push_task_synchronous() did not necessarily execute the passed in
task under the specified serializer. If the current thread is any
registered pjsip thread then it would execute the task immediately instead
of under the specified serializer. Reentrancy issues could result if the
task does not execute with the right serializer.
The original reason ast_sip_push_task_synchronous() checked to see if the
current thread was a registered pjsip thread was because of a deadlock
with masquerades and the channel technology's fixup callback
(ASTERISK_22936). A subsequent masquerade deadlock fix (ASTERISK_24356)
involving call pickups avoided the original deadlock situation entirely.
The PJSIP channel technology's fixup callback no longer needed to call
ast_sip_push_task_synchronous().
However, there are a few places where this unexpected behavior is still
required to avoid deadlocks. The pjsip monitor thread executes callbacks
that do calls to ast_sip_push_task_synchronous() that would deadlock if
the task were actually pushed to the specified serializer. I ran into one
dealing with the pubsub subscriptions where an ao2 destructor called
ast_sip_push_task_synchronous().
* Split ast_sip_push_task_synchronous() into
ast_sip_push_task_wait_servant() and ast_sip_push_task_wait_serializer().
ast_sip_push_task_wait_servant() has the old behavior of
ast_sip_push_task_synchronous(). ast_sip_push_task_wait_serializer() has
the new behavior where the task is always executed by the specified
serializer or a picked serializer if one is not passed in. Both functions
behave the same if the current thread is not a SIP servant.
* Redirected ast_sip_push_task_synchronous() to
ast_sip_push_task_wait_servant() to preserve API for released branches.
ASTERISK_26806
Change-Id: Id040fa42c0e5972f4c8deef380921461d213b9f3
* Fix the periodic interval wander because it may take significant time
between the sched thread queueing the task in the serializer and the
serializer actually executing the task. The time it takes to actually
execute the task was already taken into account.
* Pass a schtd ref to the serializer when we queue a scheduled task on
the serializer. We don't want it going away on us while it is in the
serializer queue.
* Skip the scheduled task if the task was canceled between queueing the
task to the serializer and the serializer actually executing the task.
* Reorder struct ast_sip_sched_task to avoid unnecessary padding. Removed
task_id and added next_periodic.
* Hold a ref to the passed in serializer so the serializer cannot go away
on the scheduled task.
ASTERISK_26806
Change-Id: I6c8046b75f6953792c8c30e55b836a4291143f24
* A side benefit is that the scheduled tasks are not completely blocked
while the CLI command executes.
* Adjusted the "Task Name" column width to have more room for longer
names.
Change-Id: Iec64aa463ee8b10eef90120e00c38b1fb444087e
It now appends the external IP address on the
o= line of the SDP packet. The decision was made to write
the numeric IP address as opposed to the RFC that states
the FQDN should be used if and when available. We believe
the usage of literal IP address will help avoid
potential problems.
ASTERISK-27614 #close
Change-Id: I84f3360f3606b8c4e8d161edb228799ec0b8a302
This patch adds support to send in-dialog SIP NOTIFY commands on
chan_pjsip channels, similar to the functionality recently added
for chan_sip (ASTERISK_27461).
This extends res_pjsip_notify to allow for in-dialog messages.
ASTERISK-27697
Change-Id: If7f3151a6d633e414d5dc319d5efc1443c43dd29
* Removed several invalid uses of OBJ_NOLOCK. These uses resulted in the
'tasks' container being accessed without a lock in a multi-threaded
environment. A recipe for crashes.
* Removed needlessly obtaining schtd object references. If the caller
providing you a pointer to an object doesn't have a valid reference then
you cannot safely get one from it.
* Getting a ref to 'tasks' when you aren't copying the pointer into
another location is useless. The 'tasks' container pointer is global.
* Removed many unnecessary uses of RAII_VAR.
* Make ast_sip_schedule_task() name parameter const.
ASTERISK_26806
Change-Id: I5c62488e651314e2a1dbc01f5b078a15512d73db
There is a problem when an INVITE-with-Replaces transfer targets a channel
in a ConfBridge. The transfer will unconditionally swap out the
ConfBridge channel. Unfortunately, the ConfBridge state will not be aware
of this change. Unexpected behavior will happen as a result since
ConfBridge channels currently can only be replaced by a masquerade and not
normal bridge channel moves.
* We just need to pretend that the channel isn't in a bridge (like other
transfer methods already do) so the transfer channel will masquerade into
the ConfBridge channel.
Change-Id: I209beb0e748fa4f4b92a576f36afa8f495ba4c82
A deadlock can happen when the PJSIP monitor thread is shutting down a
connection oriented transport (TCP/TLS) used by a subscription at the same
time as another thread tries to send something for that subscription. The
deadlock is between the pjsip monitor thread attempting to get the dialog
lock and another thread sending something for that dialog when it tries to
get the transport manager lock.
* res_pjsip_pubsub.c: Avoid the deadlock by pushing the subscription
removal to the subscription serializer.
* res_pjsip_registrar.c: Pushed off incoming registration contact removals
to a default serializer as a precaution. Removing the contacts involves
sorcery access which in this case will involve database access. Depending
upon the setup, the database may not be on the same machine and could take
awhile. We don't want to hold up the pjsip monitor thread with
potentially long access times.
ASTERISK-27706
Change-Id: I56b647aea565f24dba33e9e5ebeed4cd3f31f8c4
Apparently it is possible for the transport to be destroyed without
triggering the transport callback logic. As a result the transport gets
destroyed and we have a stale pointer in the active_transports container.
* Invoke the transport monitor callback checks when the transport is
destroyed in addition to when it is disconnected and shutdown.
ASTERISK-27688
Change-Id: Ia9b5469fea8f2b3f2d8476fae6b748a4d23e7261
Asterisk does not need the development package of libltdl, because it does not
use any symbol of -lltdl directly. Instead, it uses the runtime package via the
shared library -lodbc. On the supported platforms, that shared library declares
its dependency on -lltdl correctly, otherwise AST_EXT_LIB_CHECK would have
failed.
ASTERISK-27745
Change-Id: Icd315809b8e7978203431f3afb66240dd3a040ba
Since ASTERISK-26976, libSRTP 2.x can be used for sRTP. However, that change
added a private header which is not available on openSUSE for example. To
remain compatibility with very old libSRTP versions, the affected/missing
symbols AES_128_ICM and HMAC_SHA1 are defined manually.
ASTERISK-27733
Change-Id: I25c5cb8fa966043d1506ebef449e5a724412b4b6
Checking option_debug directly is incorrect as it ignores file/module
specific debug settings. This system-wide change replaces nearly all
direct checks for option_debug with the DEBUG_ATLEAST macro.
Change-Id: Ic342d4799a945dbc40ac085ac142681094a4ebf0
The pool cache gets in the way of finding use after free errors of memory
pool contents. Tools like valgrind and MALLOC_DEBUG don't know when a
pool is released because it gets put into the cache instead of being
freed.
* Added the "cache_pools" option to pjproject.conf. Disabling the option
helps track down pool content mismanagement when using valgrind or
MALLOC_DEBUG. The cache gets in the way of determining if the pool
contents are used after free and who freed it.
To disable the pool caching simply disable the cache_pools option in
pjproject.conf and restart Asterisk.
Sample pjproject.conf setting:
[startup]
cache_pools=no
* Made current users of the caching pool factory initialization and
destruction calls call common routines to create and destroy cached pools.
ASTERISK-27704
Change-Id: I64d5befbaeed2532f93aa027a51eb52347d2b828
The transferrer's session channel was destroyed by the transferrer's
serializer thread in a race condition with the transfer target's
serializer thread during an attended transfer. The transfer target's
serializer was attempting to clean up a deferred end status on behalf of
the transferrer's channel when it should have passed the action to the
transferrer's serializer. When the transfer target's serializer lost the
race then both threads wind up trying to end the transferrer's session.
* Push the ast_sip_session_end_if_deferred() call onto the transferrer's
serializer to avoid a race condition that results in a crash. The
session_end() function that could be called by
ast_sip_session_end_if_deferred() really must be executed by the
transferrer's serializer to avoid this kind of crash.
ASTERISK-27568
Change-Id: Iacda724e7cb24d7520e49b2fd7e504aa398d7238
Since res_pjsip_transport_management provides several attack
mitigation features, its functionality moved to res_pjsip and
this module has been removed. This way the features will always
be available if res_pjsip is loaded.
ASTERISK-27618
Reported By: Sandro Gauci
Change-Id: I21a2d33d9dda001452ea040d350d7a075f9acf0d
pjsip_distributor:
authenticate() creates a tdata and uses it to send a challenge or
failure response. When pjsip_endpt_send_response2() succeeds, it
automatically decrements the tdata ref count but when it fails, it
doesn't. Since we weren't checking for a return status, we weren't
decrementing the count ourselves on error and were therefore leaking
tdatas.
res_pjsip_session:
session_reinvite_on_rx_request wasn't decrementing the ref count
if an error happened while sending a 491 response.
pre_session_setup wasn't decrementing the ref count if
while sending an error after a pjsip_inv_verify_request failure.
res_pjsip:
ast_sip_send_response wasn't decrementing the ref count on error.
ASTERISK-27618
Reported By: Sandro Gauci
Change-Id: Iab33a6c7b6fba96148ed465b690ba8534ac961bf
When receiving a SUBSCRIBE request the Accept headers from it are
stored locally. This operation has a fixed limit of 32 Accept headers
but this limit was not enforced. As a result it was possible for
memory outside of the allocated space to get written to resulting
in a crash.
This change enforces the limit so only 32 Accept headers are
processed.
ASTERISK-27640
Reported By: Sandro Gauci
Change-Id: I99a814b10b554b13a6021ccf41111e5bc95e7301
If the ICE role is not set right away, we might have a role conflict
that stays undetected and ICE finishing with successful tests and no
candidate nominated. This was introduced by ASTERISK-27088.
To avoid this, we set the role as soon as before but only if the ICE
state permits it: still checking and not yet nominating candidates or
completed.
ASTERISK-27646
Change-Id: I5dbc69ad63cacbb067922850fbb113d479bd729c
* Prefer strcasecmp() over stricmp()
* Use a list with no lock since we never actually lock
* Minor cleanups to error messages
Change-Id: I8446f44795ee8f3072e1c1f9193c6912dfc0c42b
There is a dedicated slot in the pjsip_sip_uri for the 'user'
parameter, so use that instead of adding to the list of generic URI
parameters.
Change-Id: I0a0ce8a60ecee27489735bf56fd707719d8c2ed6
res_pjsip_endpoint_identifier_user.c:
* Fix copy/paste error in find_endpoint(). We were using a constant
"anonymous" string instead of the passed in endpoint_name when checking
the transport domain for an endpoint match.
* Eliminate RAII_VAR in find_endpoint().
* Remove always true check in find_transport_state_in_use().
* Remove useless CMD_STOP in find_transport_state_in_use().
res_pjsip_endpoint_identifier_anonymous.c:
* Eliminate RAII_VAR in anonymous_identify().
* Remove always true check in find_transport_state_in_use().
* Remove useless CMD_STOP in find_transport_state_in_use().
Change-Id: I86924c31db5bd225ca0c1219c761b668c6f91189
In an earlier release, inbound registrations on a reliable transport
were pruned on Asterisk restart since the TCP connection would have
been torn down and become unusable when Asterisk stopped. This same
process is now also applied to inbound subscriptions.
Also fixed issues in res_pjsip_registrar where it wasn't handling the
monitoring correctly when multiple registrations came in over the same
transport.
To accomplish this, the pjsip_transport_event feature needed to
be refactored to allow multiple monitors (multiple subcriptions or
registrations from the same endpoint) to exist on the same transport.
Since this changed the API, any external modules that may have used the
transport monitor feature (highly unlikey) will need to be changed.
ASTERISK-27612
Reported by: Ross Beer
Change-Id: Iee87cf4eb9b7b2b93d5739a72af52d6ca8fbbe36
The functionality of this module was already moved to
res_pjsip_registrar, mark it deprecated and add message to CHANGES.
Change-Id: I90c7d52c7e15e85fde3389d5eaccb05b97848813
pjproject does not have a function to reverse pjsip_inv_usage_init.
This means we need to ignore any calls to the functions once shutdown is
final.
ASTERISK-27571 #close
Change-Id: Ia550fcba563e2328f03162d79fb185f16b7c9b9d
We did this for TCP transports already but I'm not sure why we
didn't do it for TLS transports.
ASTERISK_27474 #not_final_fix
Change-Id: I5b1ef4b882f7b859e718236686b7898751dbb262
If any component of ast_config_AST_RECORDING_DIR is a symbolic link we
would incorrectly assume the ARI user was trying to escape the recording
path. Create additional check to check the recording directory's
realpath, only deny access if both do not match.
This is needed by the testsuite when run by 'run-local'.
Change-Id: I9145e841865edadcb5f75cead3471ad06bbb56c0
The type=identify endpoint identification method can match by IP address
and by SIP header. However, the SIP header matching has limited
usefulness because you cannot specify the SIP header matching priority
relative to the IP address matching. All the matching happens at the same
priority and the order of evaluating the identify sections is
indeterminate. e.g., If you had two type=identify sections where one
matches by IP address for endpoint alice and the other matches by SIP
header for endpoint bob then you couldn't predict which endpoint is
matched when a request comes in that matches both.
* Extract the SIP header matching criteria into its own "header" endpoint
identification method so the user can specify the relative priority of the
SIP header and the IP address matching criteria in the global
endpoint_identifier_order option. The "ip" endpoint identification method
now only matches by IP address.
ASTERISK-27491
Change-Id: I9df142a575b7e1e3471b7cda5d3ea156cef08095
The requirement that "ip" must be in the endpoint identify_by list to
allow the type=identify method to identify the endpoint is not necessary.
The "ip" identifier method can match one and only one endpoint. To even
work, the "ip" identifier method configuration must explicitly specify the
identified endpoint. Therefore, why bother configuring the type=identify
identifier in the first place? The requirement only adds the potential
for configuration errors for no benefit. Even worse, those configuration
errors cannot be detected when the configuration loads. The requirement
was introduced with the ASTERISK_27206 patch.
* Remove the code change that enforces the requiremnt. Listing the "ip"
method in the identify_by value is simply documentation.
Change-Id: Ia057f92a33fb5d9f51dc5d5692e3d5ee1a6f2c11
* Extracted sip_endpoint_identifier_type2str() and
sip_endpoint_identifier_str2type() to simplify the calling functions.
* Fixed pjsip_configuration.c:ident_to_str() building the endpoint's
identify_by value string.
Change-Id: Ide876768a8d5d828b12052e2a75008b0563fc509
The AMI PJSIPShowEndpoint action could only list one IdentifyDetail AMI
event per endpoint. However, there is no reason that multiple
type=identify sections cannot identify the same endpoint.
* Reworked format_ami_endpoint_identify() to generate as many
IdentifyDetail AMI events as there are matching identifiers.
Change-Id: Ie146792aef72d78e05416ab5b27bc552a30399db
In addition to being a micro-optimization (RAII_VAR has overhead), this
change improves output of REF_DEBUG. Unfortunately when RAII_VAR calls
ao2_cleanup it does so from a generated _dtor_varname function. For
example this caused _dtor_app to release a reference instead of
__stasis_app_unregister.
Change-Id: I4ce67120583a446babf9adeec678b71d37fcd9e5
Instead of searching for bridge_id provided in an argument this function
always searched for BRIDGE_ALL first. Rewrite this function to work
like the similar functions for channel and endpoint functions.
Change-Id: Ib5caca69e11727c5c8a7284a1d00621f40f1e60a
Some (normally optional) modules created notices, warnings, and even errors
in normal situations like (un)load. This cluttered the command-line interface
(CLI) on start and while stopping gracefully. However, when an user went for
the script './contrib/scripts/install_prereq', those modules get compiled-in
because their prerequisites were met at compile time. Furthermore, because of
ASTERISK_27475, the former talkative module 'res_curl' is built as side-effect.
ASTERISK-27553
Change-Id: I9f105f46d72553994e820679bfde3478a551b281
The ip_identify_apply() did not validate the configuration for simple
static configuration errors or deal well with address resolution errors.
* Added missing configuration validation checks.
* Fixed address resolution error handling.
* Demoted an error message to a warning since it does not fail applying
the identify object configuration.
Change-Id: I8b519607263fe88e8ce964f526a45359fd362b6e
If an endpoint identifier name in the endpoint_identifier_order list is a
prefix to the identifier we are registering, we could install it in the
wrong position of the list.
Assuming
endpoint_identifier_order=username,ip,anonymous
then registering the "ip_only" identifier would put the identifier in the
wrong position of the priority list.
* Fix incorrect strncmp() string prefix matching.
Change-Id: Ib8819ec4b811da8a27419fd93528c54d34f01484
The pjsip_msg_find_hdr function can return NULL. This patch adds a check
when searching for the sequence header to make sure a NULL pointer is never
de-referenced.
Change-Id: I19af23aeeded65be016be92360e8cb7ffe51fad2
Per RFC 5245, the foundation specified with an ICE candidate can be up
to 32 characters but we are only allowing for 31.
ASTERISK-27498 #close
Reported by: Michele Prà
Change-Id: I05ce7a5952721a76a2b4c90366168022558dc7cf
Those SIP messages that create dialogs require a contact header to be present.
If the contact header was missing from the message it could cause Asterisk to
crash.
This patch checks to make sure SIP messages that create a dialog contain the
contact header. If the message does not and it is required Asterisk now returns
a "400 Missing Contact header" response. Also added NULL checks when retrieving
the contact header that were missing as a "just in case".
ASTERISK-27480 #close
Change-Id: I1810db87683fc637a9e3e1384a746037fec20afe
Fix instances of:
* Retreive
* Recieve
* other then
* different then
* Repeated words ("the the", "an an", "and and", etc).
* othterwise, teh
ASTERISK-24198 #close
Change-Id: I3809a9c113b92fd9d0d9f9bac98e9c66dc8b2d31
When RTCP-MUX enabled. rtp->s is the same as rtcp->s, check this before
close the file descriptor. Close the FD twice will hangs the asterisk
under heavy load.
ASTERISK-27299 #close
Reported-by: Aaron An
Tested-by: AaronAn
Change-Id: I870a072d73fd207463ac116ef97100addbc0820a
Some variables are set and never changed, making them constant. This
means that code in the 'false' block of the conditional is unreachable.
In chan_skinny and res_config_ldap I used preprocessor directive `#if 0`
as I'm unsure if the unreachable code could be enabled in the future.
Change-Id: I62e2aac353d739fb3c983cf768933120f5fba059
Remove nearly all use of regex from ACO users. Still remaining:
* app_confbridge has a legitamate use of option name regex.
* ast_sorcery_object_fields_register is implemented with regex, all
callers use simple prefix based regex. I haven't decided the best
way to fix this in both 13/15 and master.
Change-Id: Ib5ed478218d8a661ace4d2eaaea98b59a897974b
When adding shutdown refs for OPTIONAL_API components I accidentally
added it to the unload_module function in res_smdi. Move it to
load_module.
Change-Id: I2b9da38fbc11ef78ea23dbb2df92b684be7f647c
res_hep_pjsip.so and res_hep_rtcp.so will still load and do a lot of
unnecessary work even if 'enabled' is set to 'no' in hep.conf.
Change-Id: I3eddfeea09c6b5bc7c641952ee0ae487fd09b64b
We should not do flood detection on video RTP streams. Video RTP streams
are very bursty by nature. They send out a burst of packets to update the
video frame then wait for the next video frame update. Really only audio
streams can be checked for flooding. The others are either bursty or
don't have a set rate.
* Added code to selectively disable packet flood detection for video RTP
streams.
ASTERISK-27440
Change-Id: I78031491a6e75c2d4b1e9c2462dc498fe9880a70
Reset the samples counter to zero when we are done playing an
announcement so that we don't skip into the middle of the first file in
the playlist.
Also add the selected annoucement to the output of 'moh show classes.'
ASTERISK-24329 #close
Reported by: Thomas Frederiksen
Change-Id: I2a5f986a31279c981592f49391409ebf38d6f6d0
When the RTCP code was transitioned over to Stasis a code change
was made to keep track of how many reports are present. This count
controlled where report blocks were placed in the RTCP report.
If a compound RTCP packet was received this logic would incorrectly
place a report block in the wrong location resulting in a write
to an invalid location.
This change removes this counting logic and always places the report
block at the first position. If in the future multiple reports are
supported the logic can be extended but for now keeping a count
serves no purpose.
ASTERISK-27382
ASTERISK-27429
Change-Id: Iad6c8a9985c4b608ef493e19c421211615485116
This patch does three things associated with the initial incoming INVITE
request URI.
1) Add access to the full initial incoming INVITE request URI.
2) We were not setting DNID on incoming PJSIP channels. The DNID is the
user portion of the initial incoming INVITE Request-URI. The value is
accessed by reading CALLERID(dnid).
3) Fix CHANNEL(pjsip,target_uri) documentation.
* The initial incoming INVITE request URI is now available using
CHANNEL(pjsip,request_uri).
* Set the DNID on PJSIP channel creation so CALLERID(dnid) can return the
initial incoming INVITE request URI user portion.
* CHANNEL(pjsip,target_uri) now correctly documents that the target URI is
the contact URI.
* Refactored print_escaped_uri() out of channel_read_pjsip() to handle
pjsip_uri_print() error condition when the buffer is too small.
ASTERISK-27478
Change-Id: I512e60d1f162395c946451becb37af3333337b33
Support for these protocols was added in the same commit as the 'proto'
field, so we can safely use the same ./configure check.
For reference: https://trac.pjsip.org/repos/changeset/4968
Change-Id: Icf4975d785d6bfb8f30ac7ffa695a0adf9382dac
Use the new ast_cli_completion_add() function to improve completion
performance for commands like 'pjsip show endpoint.'
Change-Id: I76d802294d2ac1766110dc75f7d117c8541ce348
Using the LIKE operator requires a full table scan of 'astdb', whereas a
comparison operation is able to use the primary key index.
This patch adds a new function to the AstDB API for quick prefix matches
and updates res_sorcery_astdb to utilize it. This showed substantial
performance improvement in my test environment.
Related to ASTERISK~26806, but does not completely resolve it.
Change-Id: I7d37f9ba2aea139dabf2ca72d31fbe34bd9b2fa1
There are many places in the code base where we ignore the return value
of fcntl() when getting/setting file descriptior flags. This patch
introduces a convenience function that allows setting or clearing file
descriptor flags and will also log an error on failure for later
analysis.
Change-Id: I8b81901e1b1bd537ca632567cdb408931c6eded7
res_stasis was missing AST_MODFLAG_LOAD_ORDER. Set res_stasis and
res_speech to start at (AST_MODPRI_APP_DEPEND - 1) so they are ready for
dependent modules.
Change-Id: I27f4f3810a95b6be8a5bfbf62be2ace6bfab6ff3
For both dynamic and static contacts it was possible that potential AOR
changes were not being applied to all contacts. This was because the qualify
and schedule code was only retrieving AOR's, and contacts with frequencies
greater than zero.
For instance the following could happen: and AOR/contact has a frequency of 5,
it then gets set to 0, and then a reload occurs. All scheduled OPTIONS are
stopped, a list of AOR's is retrieved with frequency > 0, but none are
selected since in this scenario all are 0. The contact for the one previously
set to 5 though does not get updated, so it's status remains "AVAILABLE".
This patch makes it so all contacts (static and dynamic) are selected, and
appropriately updated if need be.
ASTERISK-27467 #close
Change-Id: I7a920170f89c683af9505d4723a44fc6841decdb
Dynamic contacts were not being properly updated on reload. As a matter of
fact any changes to the AOR that a dynamic contact was associated with were
not being applied.
On reload, this patch makes it so for each dynamic contact, the associated
AOR is now retrieved and the AOR's fields are applied to the contact.
ASTERISK-27467
Change-Id: I8e3165dc6a745218c1c9db837f77fafa0516985d
The SuccessfulAuth using_password field was declared as a pointer to a
uint32_t when the field was later read as a uint32_t value. This resulted
in unnecessary casts and a non-portable field value reinterpret in
main/security_events.c:add_json_object(). i.e., It would work on a 32 bit
architecture but not on a 64 bit big endian architecture.
Change-Id: Ia08bc797613a62f07e5473425f9ccd8d77c80935
More complicated direct media reinvite negotiations can result in longer
delays before direct media flows. The strictrtp learning timeout time
was too short. One log showed that the first RTP packet came in just
after three seconds.
* Increase the strictrtp learning timeout time from 1.5 to 5 seconds.
ASTERISK-27453
Change-Id: Ic5e711164cbb91b4d1c1e40c83697755640f138c
This change makes the presence of the GMIME_MAJOR_VERSION
definition optional, as not all versions of gmime actually
define it.
ASTERISK-27454
Change-Id: I01d99590045971ed6787899147170a5954077238
The patch for ASTERISK_24560 inverted a test checking if the bridge name
is being updated to a different name.
* Fix the test to return "Changing bridge name is not implemented" when
someone attempts to change the bridge name.
ASTERISK-27445
Change-Id: I4b70bf08b0e02e016108b077ff75b345dec12fc9
Previously, Asterisk sent srflx only when configured exclusively for IPv4. Now,
srflx is gathered and sent via SDP, even when Asterisk is enabled for
Dual Stack (IPv4+IPv6) and an IPv4 interface is available/used.
ASTERISK-27437
Change-Id: Ie07d8e2bfa7b6fe06fcdc73d390a7a9a4d8c0bc1
res_parking has an implicit load_pri of 0 meaining it's one of the very
first modules loaded after modules with global symbols. Set it
explicitly in the AST_MODULE_INFO block.
Change-Id: I297b6fb3ff6993ec004e667b22a74f5925906259
Instead of specifying AST_MODFLAG_LOAD_ORDER with load_pri
AST_MODPRI_DEFAULT just use AST_MODFLAG_DEFAULT.
Change-Id: I0123258eafce324249433a69df15a85cc16e509f
res_mwi_external_ami specified AST_MODFLAG_LOAD_ORDER but didn't set
load_pri, resulting in an actual load priority of 0. This module only
provides AMI actions so it has no reason to load early.
Change-Id: I82987fcf10d3ea42716b2f9df915b16687fd5839
Mac doesn't like the comparison of -1 to an enum, so store the result of
ast_sip_str_to_dtmf to an int so we can check for the negative return
value. ast_sip_str_to_dtmf returns an int so this is only delaying the
implicit type cast.
Change-Id: I0c262c1719ee951aae1f437d733a301cf5f8ad29
Some net-snmp builds do not provide the RONLY declare, only
NETSNMP_OLDAPI_RONLY. Map RONLY to NETSNMP_OLDAPI_RONLY to get around
this error.
Change-Id: Ida5c7ad9406515825485c4d3b4a34fd6ad0da577
It's impossible for gwtimeout or fdtimeout to be less than 0 because
they are unsigned int's. Remove checks and unreachable branches.
Change-Id: Ib2286960621e6ee245e40013c84986143302bc78
Some clients do not send rtp packets every ptime ms. This can lead to
situations in which the rtp source learning algorithm will never learn
the address of the client. This has been discovered on a Mac mini with
a pjsip based softphone after updating to Sierra: as soon as USB
headsets are involved, the softphone will send the second packet 30ms
after the first, the third 30ms after the second and the fourth 1ms
after the third. So in the old implmentation the rtp source learning
algorithm was repeatedly reset on the fourth packet.
The patch changes the algorithm in a way that doesn't take the arrival
time between two consecutive packets into account but the time between
the first and the last packet of a learning sequence.
The patch also fixes a second problem: when a user was using a wrong
value for the probation setting there was a LOG_WARNING output stating
that the value had been set to the default value instead. However
the code for setting the value back to defaults was missing.
ASTERISK-27421 #close
Change-Id: If778fe07678a6fd2041eaca7cd78267d0ef4fc6c
Domains themselves can be up to 255 characters long (per RFC 1035), so
our current buffer sizes are wholly inadequate for many use cases.
Change-Id: If3f30a68307f1365a1fe06bc4b854c62842c9292
We were not \0 terminating this string, so any attempt to print it would
in the best case show an empty string and in the worst case potentially
crash.
Change-Id: I63d96ef8f7516ac02a0f91e22dfa8acdc615042c
Previously for PJSIP the local address of WebSocket connections
was set to the remote address. For logging purposes this is
not particularly useful.
The WebSocket API has been extended to allow the local
address to be queried and this is used in PJSIP to set the
local address to the correct value.
The PJSIP HEP support has also been tweaked so that reliable
transports always use the local address on the transport
and do not try to (wrongly) guess. As they are connection
based it is impossible for the source to be anything else.
ASTERISK-26758
ASTERISK-27363
Change-Id: Icd305fd038ad755e2682ab2786e381f6bf29e8ca
Some consumers of the sorcery API use ast_sorcery_retrieve_by_regex
only so that they can anchor the potential match as a prefix and not
because they truly need regular expressions.
Rather than using regular expressions for simple prefix lookups, add
a new operation - ast_sorcery_retrieve_by_prefix - that does them.
Patches against 13 and 15 have a compatibility layer needed to
maintain ABI that is not needed in master.
Change-Id: I56f4e20ba1154bd52281f995c27a429a854f6a79
A previous commit made it so when an invite session transitioned into a
disconnected state destruction of the Asterisk pjsip session object was
postponed until either a transport error occurred or the event timer
expired. However, if a call was rejected (for instance a 488) before the
session was fully established the event timer may not have been initiated,
or it was canceled without triggering either of the session finalizing states
mentioned above.
Really the only time destruction of the session should be delayed is when a
BYE is being transacted. This is because it's possible in some cases for the
session to be disconnected, but the BYE is still transacting.
This patch makes it so the session object always gets released (no more
memory leak) when the pjsip session is in a disconnected state. Except when
the method is a BYE. Then it waits until a transport error occurs or an event
timeout.
ASTERISK-27345 #close
Reported by: Corey Farrell
Change-Id: I1e724737b758c20ac76d19d3611e3d2876ae10ed
One of the patches for ASTERISK_27147 introduced a deadlock regression.
When the connection oriented transport shut down, the code attempted to
remove the associated contact. However, that same transport had just
requested a registration that we hadn't responded to yet. Depending
upon timing we could deadlock.
* Made send the REGISTER response after we completed processing the
request contacts and released the named AOR lock to avoid the deadlock.
ASTERISK-27391
Change-Id: I89a90f87cb7a02facbafb44c75d8845f93417364
* res/stasis/app.c JSON passed to app_send needs to be released.
* res/stasis_message.c: objects leak if vector append fails.
Change-Id: I8dd5385b9f50a5cadf2b1d16efecffd6ddb4db4a
Asterisk will crash if contact uri is invalid, so contact_apply_handler
should check if the uri is NULL or empty.
ASTERISK-27393 #close
Reported-by: Aaron An
Tested-by: AaronAn
Change-Id: Ia0309bdc6b697c73c9c736e1caec910b77ca69f5
wizard_apply_handler():
- Free host if we fail to add it to the vector.
wizard_mapped_observer():
- Check for otw allocation failure.
- Free otw if we fail to add it to the vector.
Change-Id: Ib5d3bcabbd9c24dd8a3c9cc692a794a5f60243ad
This change makes it so that any user of the pubsub
API that requests the remote URI receives only the URI.
Previously the entire string was returned, which could
contain a display name.
ASTERISK-27290
Change-Id: If1d0cd6630f0a264856d31d2a67933109187a017
When (v)asprintf() fails, the state of the allocated buffer is undefined.
The library had better not leave an allocated buffer as a result or no one
will know to free it. The most likely way it can return failure is for an
allocation failure. If the printf conversion fails then you actually have
a threading problem which is much worse because another thread modified
the parameter values.
* Made __ast_asprintf()/__ast_vasprintf() set the returned buffer to NULL
on failure. That is much more useful than either an uninitialized pointer
or a pointer that has already been freed. Many uses won't have to check
for failure to ensure that the buffer won't be double freed or prevent an
attempt to free an uninitialized pointer.
* stasis.c: Fixed memory leak in multi_object_blob_to_ami() allocated by
ast_asprintf().
* ari/resource_bridges.c:ari_bridges_play_helper(): Remove assignment to
the wrong thing which is now not needed even if assigning to the right
thing.
Change-Id: Ib5252fb8850ecf0f78ed0ee2ca0796bda7e91c23
When using realtime, fields that are not explicitly set by an
administrator are still presented to sorcery as empty strings. Handle
this case explicitly.
In this particular case, if any of these fields are required for TLS
support, their existence should be validated in the 'apply' handler once
we have a complete transport definition.
ASTERISK-27032 #close
Reported by: seanchann.zhou
Change-Id: Ie3b5fb421977ccdb33e415d4ec52c3fd192601b7
Fixes a regression where some characters were unable to be used in
the from_user field of an endpoint. Additionally, the backtick was
removed from the list of valid characters, since it is not valid,
and it was replaced with a single quote, which is a valid character.
ASTERISK-27387
Change-Id: Id80c10a644508365c87b3182e99ea49da11b0281
Once an Optional API module is loaded it should stay loaded. Unloading
an optional API module runs the risk of a crash if something else is
using it. This patch causes all optional API providers to tell the
module loader not to unload except at shutdown.
ASTERISK-27389
Change-Id: Ia07786fe655681aec49cc8d3d96e06483b11f5e6
When allocate_subscription fails to initialize fields of the new sub it
calls destroy_subscription.
Change-Id: I5b79c915ec216dc00c13c1e4172137864a4bec85
Jenkins2
George Joseph
Richard Mudgett
Alexander Traud
Joshua Colp
Alexei Gradinari
Torrey Searle
Corey Farrell
Matthew Fredrickson
Sean Bright
Ben Ford
Chris-Savinovich
Nathan Bruning
Ross Beer
Thomas Guebels
Joshua Elson
Kevin Harwell
Aaron An
Pirmin Walthert