asterisk

Commit Graph

Author	SHA1	Message	Date
Richard Mudgett	11553fd489	AST-2014-007: Fix of fix to allow AMI and SIP TCP to send messages. ASTERISK-23673 #close Reported by: Richard Mudgett Review: https://reviewboard.asterisk.org/r/3617/ ........ Merged revisions 416066 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@416067 65c4cc65-6c06-0410-ace0-fbb531ad65f3	12 years ago
Richard Mudgett	df686c50d8	AST-2014-007: Fix DOS by consuming the number of allowed HTTP connections. Simply establishing a TCP connection and never sending anything to the configured HTTP port in http.conf will tie up a HTTP connection. Since there is a maximum number of open HTTP sessions allowed at a time you can block legitimate connections. A similar problem exists if a HTTP request is started but never finished. * Added http.conf session_inactivity timer option to close HTTP connections that aren't doing anything. Defaults to 30000 ms. * Removed the undocumented manager.conf block-sockets option. It interferes with TCP/TLS inactivity timeouts. * AMI and SIP TLS connections now have better authentication timeout protection. Though I didn't remove the bizzare TLS timeout polling code from chan_sip. * chan_sip can now handle SSL certificate renegotiations in the middle of a session. It couldn't do that before because the socket was non-blocking and the SSL calls were not restarted as documented by the OpenSSL documentation. * Fixed an off nominal leak of the ssl struct in handle_tcptls_connection() if the FILE stream failed to open and the SSL certificate negotiations failed. The patch creates a custom FILE stream handler to give the created FILE streams inactivity timeout and timeout after a specific moment in time capability. This approach eliminates the need for code using the FILE stream to be redesigned to deal with the timeouts. This patch indirectly fixes most of ASTERISK-18345 by fixing the usage of the SSL_read/SSL_write operations. ASTERISK-23673 #close Reported by: Richard Mudgett ........ Merged revisions 415841 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@415854 65c4cc65-6c06-0410-ace0-fbb531ad65f3	12 years ago
Richard Mudgett	7594bb6041	http: Fix spurious ERROR message in responses with no content. Backport -r411687 and fix the fix because content_length is the length of out plus the length of the file controlled by fd. When a response has an out content length of 0, fwrite would be called to write a buffer with no data in it. This resulted in the following classic error message: [Apr 3 11:49:17] ERROR[26421] http.c: fwrite() failed: Success This patch makes it so that we only attempt to write the content of out if the out string is non-zero. ........ Merged revisions 412922 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412923 65c4cc65-6c06-0410-ace0-fbb531ad65f3	12 years ago
Kinsey Moore	d924b4cdae	HTTP: Add TCP_NODELAY to accepted connections This adds the TCP_NODELAY option to accepted connections on the HTTP server built into Asterisk. This option disables the Nagle algorithm which controls queueing of outbound data and in some cases can cause delays on receipt of response by the client due to how the Nagle algorithm interacts with TCP delayed ACK. This option is already set on all non-HTTP AMI connections and this change would cover standard HTTP requests, manager HTTP connections, and ARI HTTP requests and websockets in Asterisk 12+ along with any future use of the HTTP server. Review: https://reviewboard.asterisk.org/r/3466/ ........ Merged revisions 412745 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412748 65c4cc65-6c06-0410-ace0-fbb531ad65f3	12 years ago
Scott Griepentrog	90cb9c4711	http: response body often missing after specific request This patch works around a problem with the HTTP body being dropped from the response to a specific client and under specific circumstances: a) Client request comes from node.js user agent "Shred" via use of swagger-client library. b) Asterisk and Client are not on the same host or TCP/IP stack In testing this problem, it has been determined that the write of the HTTP body is lost, even if the data is written using low level write function. The only solution found is to instruct the TCP stack with the shutdown function to flush the last write and finish the transmission. See review for more details. ASTERISK-23548 #close (closes issue ASTERISK-23548) Reported by: Sam Galarneau Review: https://reviewboard.asterisk.org/r/3402/ ........ Merged revisions 411462 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@411463 65c4cc65-6c06-0410-ace0-fbb531ad65f3	12 years ago
Richard Mudgett	771a703366	AST-2014-001: Stack overflow in HTTP processing of Cookie headers. Sending a HTTP request that is handled by Asterisk with a large number of Cookie headers could overflow the stack. Another vulnerability along similar lines is any HTTP request with a ridiculous number of headers in the request could exhaust system memory. (closes issue ASTERISK-23340) Reported by: Lucas Molas, researcher at Programa STIC, Fundacion; and Dr. Manuel Sadosky, Buenos Aires, Argentina ........ Merged revisions 410380 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@410381 65c4cc65-6c06-0410-ace0-fbb531ad65f3	12 years ago
David M. Lee	041b910b17	Complete http_shutdown. This patch frees up some resources allocated in http.c. * tcp listeners stopped * tls settings freed * uri redirects freed * unregister internal http.c uri's (closes issue ASTERISK-22237) Reported by: Corey Farrell Patches: http.patch uploaded by Corey Farrell (license 5909) ........ Merged revisions 397308 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397309 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Matthew Jordan	03a1e40d8e	Tolerate presence of RFC2965 Cookie2 header by ignoring it This patch modifies parsing of cookies in Asterisk's http server by doing an explicit comparison of the "Cookie" header instead of looking at the first 6 characters to determine if the header is a cookie header. This avoids parsing "Cookie2" headers and overwriting the previously parsed "Cookie" header. Note that we probably should be appending the cookies in each "Cookie" header to the parsed results; however, while clients can send multiple cookie headers they never really do. While this patch doesn't improve Asterisk's behavior in that regard, it shouldn't make it any worse either. Note that the solution in this patch was pointed out on the issue by the issue reporter, Stuart Henderson. (closes issue ASTERISK-21789) Reported by: Stuart Henderson Tested by: mjordan, Stuart Henderson ........ Merged revisions 394899 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@394900 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Matthew Jordan	2ffb648a20	Fix memory/ref counting leaks in a variety of locations This patch fixes the following memory leaks: * http.c: The structure containing the addresses to bind to was not being deallocated when no longer used * named_acl.c: The global configuration information was not disposed of * config_options.c: An invalid read was occurring for certain option types. * res_calendar.c: The loaded calendars on module unload were not being properly disposed of. * chan_motif.c: The format capabilities needed to be disposed of on module unload. In addition, this now specifies the default options for the maxpayloads and maxicecandidates in such a way that it doesn't cause the invalid read in config_options.c to occur. (issue ASTERISK-21906) Reported by: John Hardin patches: http.patch uploaded by jhardin (license 6512) named_acl.patch uploaded by jhardin (license 6512) config_options.patch uploaded by jhardin (license 6512) res_calendar.patch uploaded by jhardin (license 6512) chan_motif.patch uploaded by jhardin (license 6512) git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@392810 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Matthew Jordan	66024dbae0	Fix a file descriptor leak in off nominal path While looking at the security vulnerability in ASTERISK-20967, Walter noticed a file descriptor leak and some other issues in off nominal code paths. This patch corrects them. Note that this patch is not related to the vulnerability in ASTERISK-20967, but the patch was placed on that issue. (closes issue ASTERISK-20967) Reported by: wdoekes patches: issueA20967_file_leak_and_unused_wkspace.patch uploaded by wdoekes (License 5674) ........ Merged revisions 384118 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@384119 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Matthew Jordan	ccbe965e9f	AST-2013-002: Prevent denial of service in HTTP server AST-2012-014, fixed in January of this year, contained a fix for Asterisk's HTTP server for a remotely-triggered crash. While the fix put in place fixed the possibility for the crash to be triggered, a denial of service vector still exists with that solution if an attacker sends one or more HTTP POST requests with very large Content-Length values. This patch resolves this by capping the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with Content-Length greater than this cap will not result in any memory allocation. The POST will be responded to with an HTTP 413 "Request Entity Too Large" response. This issue was reported by Christoph Hebeisen of TELUS Security Labs (closes issue ASTERISK-20967) Reported by: Christoph Hebeisen patches: AST-2013-002-1.8.diff uploaded by mmichelson (License 5049) AST-2013-002-10.diff uploaded by mmichelson (License 5049) AST-2013-002-11.diff uploaded by mmichelson (License 5049) git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383978 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Kinsey Moore	4a50764715	tcptls: Prevent unsupported options from being set AMI, HTTP, and chan_sip all support TLS in some way, but none of them support all the options that Asterisk's TLS core is capable of interpreting. This prevents consumers of the TLS/SSL layer from setting TLS/SSL options that they do not support. This also gets tlsverifyclient closer to a working state by requesting the client certificate when tlsverifyclient is set. Currently, there is no consumer of main/tcptls.c in Asterisk that supports this feature and so it can not be properly tested. Review: https://reviewboard.asterisk.org/r/2370/ Reported-by: John Bigelow Patch-by: Kinsey Moore (closes issue AST-1093) ........ Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383166 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Matthew Jordan	5ebec60090	Resolve crashes due to large stack allocations when using TCP Asterisk had several places where messages received over various network transports may be copied in a single stack allocation. In the case of TCP, since multiple packets in a stream may be concatenated together, this can lead to large allocations that overflow the stack. This patch modifies those portions of Asterisk using TCP to either favor heap allocations or use an upper bound to ensure that the stack will not overflow: * For SIP, the allocation now has an upper limit * For HTTP, the allocation is now a heap allocation instead of a stack allocation * For XMPP (in res_jabber), the allocation has been eliminated since it was unnecesary. Note that the HTTP portion of this issue was independently found by Brandon Edwards of Exodus Intelligence. (issue ASTERISK-20658) Reported by: wdoekes, Brandon Edwards Tested by: mmichelson, wdoekes patches: ASTERISK-20658_res_jabber.c.patch uploaded by mmichelson (license 5049) issueA20658_http_postvars_use_malloc2.patch uploaded by wdoekes (license 5674) issueA20658_limit_sip_packet_size3.patch uploaded by wdoekes (license 5674) ........ Merged revisions 378269 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 378286 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378287 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Richard Mudgett	573e76447c	Cleanup CLI commands on exit for several files. (issue ASTERISK-20649) Reported by: Corey Farrell Patches: unregister-cli-multiple-all.patch (license #5909) patch uploaded by Corey Farrell ........ Merged revisions 377881 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 377882 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377883 65c4cc65-6c06-0410-ace0-fbb531ad65f3	13 years ago
Matthew Jordan	80900ac680	Remove old debug code from http configuration loading (closes issue ASTERISK-20254) Reported by: Andrew Latham Patches: http.diff uploaded by Andrew Latham (license #5985) git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@371520 65c4cc65-6c06-0410-ace0-fbb531ad65f3	14 years ago
Kinsey Moore	9b16c8b0f6	Clean up and ensure proper usage of alloca() This replaces all calls to alloca() with ast_alloca() which calls gcc's __builtin_alloca() to avoid BSD semantics and removes all NULL checks on memory allocated via ast_alloca() and ast_strdupa(). (closes issue ASTERISK-20125) Review: https://reviewboard.asterisk.org/r/2032/ Patch-by: Walter Doekes (wdoekes) ........ Merged revisions 370642 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 370643 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@370655 65c4cc65-6c06-0410-ace0-fbb531ad65f3	14 years ago
Matthew Jordan	3d7b9e7fb1	Fix crash caused by unloading or reloading of res_http_post When unlinking itself from the registered HTTP URIs, res_http_post could inadvertently free all URIs registered with the HTTP server. This patch modifies the unregister method to only free the URI that is actually being unregistered, as opposed to all of them. ........ Merged revisions 361803 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 361804 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@361805 65c4cc65-6c06-0410-ace0-fbb531ad65f3	14 years ago
Mark Michelson	0f4489dc0f	Fix TLS port binding behavior as well as reload behavior: * Removes references to tlsbindport from http.conf.sample and manager.conf.sample * Properly bind to port specified in tlsbindaddr, using the default port if specified. * On a reload, properly close socket if the service has been disabled. A note has been added to UPGRADE.txt to indicate how ports must be set for TLS. (closes issue ASTERISK-16959) reported by Olaf Holthausen (closes issue ASTERISK-19201) reported by Chris Mylonas (closes issue ASTERISK-19204) reported by Chris Mylonas Review: https://reviewboard.asterisk.org/r/1709 ........ Merged revisions 353770 from http://svn.asterisk.org/svn/asterisk/branches/1.8 ........ Merged revisions 353820 from http://svn.asterisk.org/svn/asterisk/branches/10 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@353821 65c4cc65-6c06-0410-ace0-fbb531ad65f3	14 years ago
Leif Madsen	a525edea59	Merged revisions 328247 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.10 ................ r328247 \| lmadsen \| 2011-07-14 16:25:31 -0400 (Thu, 14 Jul 2011) \| 14 lines Merged revisions 328209 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ........ r328209 \| lmadsen \| 2011-07-14 16:13:06 -0400 (Thu, 14 Jul 2011) \| 6 lines Introduce <support_level> tags in MODULEINFO. This change introduces MODULEINFO into many modules in Asterisk in order to show the community support level for those modules. This is used by changes committed to menuselect by Russell Bryant recently (r917 in menuselect). More information about the support level types and what they mean is available on the wiki at https://wiki.asterisk.org/wiki/display/AST/Asterisk+Module+Support+States ........ ................ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@328259 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Sean Bright	fe5938c51e	Merged revisions 316917-316919 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ........ r316917 \| seanbright \| 2011-05-04 22:23:28 -0400 (Wed, 04 May 2011) \| 5 lines Make sure that tcptls_session is properly initialized. (issue #18598) Reported by: ksn ........ r316918 \| seanbright \| 2011-05-04 22:25:20 -0400 (Wed, 04 May 2011) \| 5 lines Look at the correct buffer for our digest info instead of an empty one. (issue #18598) Reported by: ksn ........ r316919 \| seanbright \| 2011-05-04 22:30:45 -0400 (Wed, 04 May 2011) \| 10 lines Use the correct HTTP method when generating our digest, otherwise we always fail. When calculating the 'A2' portion of our digest for verification, we need the HTTP method that is currently in use. Unfortunately our mapping function was incorrect, resulting in invalid hashes being generated and, in turn, failures in authentication. (closes issue #18598) Reported by: ksn ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@316920 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Matthew Nicholson	079e794b1c	Merged revisions 314628 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ................ r314628 \| mnicholson \| 2011-04-21 13:24:05 -0500 (Thu, 21 Apr 2011) \| 27 lines Merged revisions 314620 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.6.2 ................ r314620 \| mnicholson \| 2011-04-21 13:22:19 -0500 (Thu, 21 Apr 2011) \| 20 lines Merged revisions 314607 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r314607 \| mnicholson \| 2011-04-21 13:19:21 -0500 (Thu, 21 Apr 2011) \| 14 lines Added limits to the number of unauthenticated sessions TCP based protocols are allowed to have open simultaneously. Also added timeouts for unauthenticated sessions where it made sense to do so. Unrelated, the manager interface now properly checks if the user has the "system" privilege before executing shell commands via the Originate action. AST-2011-005 AST-2011-006 (closes issue #18787) Reported by: kobaz (related to issue #18996) Reported by: tzafrir ........ ................ ................ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@314666 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Jason Parker	dc616cfe2c	Merged revisions 309204 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ........ r309204 \| qwell \| 2011-03-01 16:25:44 -0600 (Tue, 01 Mar 2011) \| 7 lines Fix consistency of CRLFs on HTTP headers that get sent out. (closes issue #18186) Reported by: nivaldomjunior Patches: 18186-httpheadernewline.diff uploaded by qwell (license 4) ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@309209 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Andrew Latham	736133f874	Use ast_debug for console logging Guessed the log levels based on info that level 3 is the soft roof. Can we create a page / document to define the levels? git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@308527 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Andrew Latham	3a0af560c8	Add HTTP URI Debug logging and update notice enable reporting of the request URI / URL in debugging change funny debug note to a serious note. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@308372 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Andrew Latham	83035fdf68	Add CSS MIME Type Modern browsers are checking for the MIME Type of pages and in some cases will not load a file if the type is wrong. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@308331 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Paul Belanger	3556e4c2d4	Replace ast_log(LOG_DEBUG, ...) with ast_debug() (closes issue #18556) Reported by: kkm Review: https://reviewboard.asterisk.org/r/1071/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@306258 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Andrew Latham	25691c31b3	Asterisk HTTP response Content-type Address content type for BSD and other platforms (closes issue #18456) Reported by: alexo Patches: asterisk18_http.patch uploaded by alexo (license 1175) Tested by: alexo git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@305084 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Matthew Nicholson	e706b5706e	According to section 19.1.2 of RFC 3261: For each component, the set of valid BNF expansions defines exactly which characters may appear unescaped. All other characters MUST be escaped. This patch modifies ast_uri_encode() to encode strings in line with this recommendation. This patch also adds an ast_escape_quoted() function which escapes '"' and '\' characters in quoted strings in accordance with section 25.1 of RFC 3261. The ast_uri_encode() function has also been modified to take an ast_flags struct describing the set of rules it should use when escaping characters to allow for it to escape SIP URIs in addition to HTTP URIs and other types of URIs or variations of those two URI types in the future. The ast_uri_decode() function has also been modified to accept an ast_flags struct describing the set of rules to use when decoding to enable decoding '+' as ' ' in legacy http URLs. The unit tests for these functions have also been updated. ABE-2705 Review: https://reviewboard.asterisk.org/r/1081/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@303509 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Mark Michelson	3162a8e558	Enable IPv6 for the built-in HTTP server. Review: https://reviewboard.asterisk.org/r/986 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@293273 65c4cc65-6c06-0410-ace0-fbb531ad65f3	15 years ago
Paul Belanger	da2a5e5aa9	Merged revisions 279726 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.8 ........ r279726 \| pabelanger \| 2010-07-26 21:53:38 -0400 (Mon, 26 Jul 2010) \| 9 lines Use ast_sockaddr_setnull() when http is not enabled. Otherwise, ast_tcptls_server_start() will still start http. (closes issue #17708) Reported by: pabelanger Patches: http.patch uploaded by pabelanger (license 224) ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@279727 65c4cc65-6c06-0410-ace0-fbb531ad65f3	16 years ago
Mark Michelson	cd4ebd336f	Add IPv6 to Asterisk. This adds a generic API for accommodating IPv6 and IPv4 addresses within Asterisk. While many files have been updated to make use of the API, chan_sip and the RTP code are the files which actually support IPv6 addresses at the time of this commit. The way has been paved for easier upgrading for other files in the near future, though. Big thanks go to Simon Perrault, Marc Blanchet, and Jean-Philippe Dionne for their hard work on this. (closes issue #17565) Reported by: russell Patches: asteriskv6-test-report.pdf uploaded by russell (license 2) Review: https://reviewboard.asterisk.org/r/743 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@274783 65c4cc65-6c06-0410-ace0-fbb531ad65f3	16 years ago
Terry Wilson	de18661bee	Don't continue sending the file when there has been an error If there is a problem with a firmware file, Polycom phones will close the connection. We were continuing to send the file anyway. There should be no reason to continue sending a file if there is an error writing it. (closes issue #16682) Reported by: lmadsen git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@270692 65c4cc65-6c06-0410-ace0-fbb531ad65f3	16 years ago
Terry Wilson	66053b8a58	Don't act like an http write failed when it didn't fwrite returns the number of items written, not the number of bytes git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@253958 65c4cc65-6c06-0410-ace0-fbb531ad65f3	16 years ago
Olle Johansson	8d64231c62	Adding external reference for doxygen git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@226970 65c4cc65-6c06-0410-ace0-fbb531ad65f3	16 years ago
Tilghman Lesher	0f6b01f914	Fix a trunk compilation warning. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@215070 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Tilghman Lesher	642bec4d6f	AST-2009-005 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@211539 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Kevin P. Fleming	82fb56886e	More 'static' qualifiers on module global variables. The 'pglobal' tool is quite handy indeed :-) git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@200620 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
David Vossel	ca138fc807	Consistent SSL/TLS options across conf files ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix. For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf. Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though. Review: http://reviewboard.digium.com/r/237/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191028 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
David Vossel	8f0b88c8c8	TLS/SSL private key option Adds option to specify a private key .pem file when configuring TLS or SSL in AMI, HTTP, and SIP. Before this, the certificate file was used for both the public and private key. It is possible for this file to hold both, but most configurations allow for a separate private key file to be specified. Clarified in .conf files how these options are to be used. The current conf files do not explain how the private key is handled at all, so without knowledge of Asterisk's TLS implementation, it would be hard to know for sure what was going on or how to set it up. Review: http://reviewboard.digium.com/r/234/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@190545 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Tilghman Lesher	ce6ebaef97	Support HTTP digest authentication for the http manager interface. (closes issue #10961) Reported by: ys Patches: digest_auth_r148468_v5.diff uploaded by ys (license 281) SVN branch http://svn.digium.com/svn/asterisk/team/group/manager_http_auth Tested by: ys, twilson, tilghman Review: http://reviewboard.digium.com/r/223/ Reviewed by: tilghman,russellb,mmichelson git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@190349 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Tilghman Lesher	1030a25ac9	Modify headers and macros, according to Russell's suggestions on the -dev list git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@187599 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Tilghman Lesher	1745773f30	Allow browsers to cache images and other static content. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@183865 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Terry Wilson	e0b40036e1	Fix qualify for TCP peer (closes issue #14192) Reported by: pabelanger Patches: asterisk-bug14192.diff.txt uploaded by jamesgolovich (license 176) Tested by: jamesgolovich git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@169080 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Tilghman Lesher	c8223fc957	Merge ast_str_opaque branch (discontinue usage of ast_str internals) git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@163991 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Eliel C. Sardanons	1e8e12efcf	Janitor, use ARRAY_LEN() when possible. (closes issue #13990) Reported by: eliel Patches: array_len.diff uploaded by eliel (license 64) git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@161218 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Kevin P. Fleming	bd4eb070f3	bring over all the fixes for the warnings found by gcc 4.3.x from the 1.4 branch, and add the ones needed for all the new code here too git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@153616 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Kevin P. Fleming	1ddc834b39	cleaup of the TCP/TLS socket API: 1) rename 'struct server_args' to 'struct ast_tcptls_session_args', to follow coding guidelines 2) make ast_make_file_from_fd() static and rename it to something that indicates what it really is for (again coding guidelines) 3) rename address variables inside 'struct ast_tcptls_session_args' to be more descriptive (dare i say it... coding guidelines) 4) change ast_tcptls_client_start() to use the new 'remote_address' field of the session args for the destination of the connection, and use the 'local_address' field to bind() the socket to the proper source address, if one is supplied 5) in chan_sip, ensure that we pass in the PP address we are bound to when creating outbound (client) connections, so that our connections will appear from the correct address git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@151101 65c4cc65-6c06-0410-ace0-fbb531ad65f3	17 years ago
Tilghman Lesher	08af5bb312	Create a new config file status, CONFIG_STATUS_FILEINVALID for differentiating when a file is invalid from when a file is missing. This is most important when we have two configuration files. Consider the following example: Old system: sip.conf users.conf Old result New result ======== ========== ========== ========== Missing Missing SIP doesn't load SIP doesn't load Missing OK SIP doesn't load SIP doesn't load Missing Invalid SIP doesn't load SIP doesn't load OK Missing SIP loads SIP loads OK OK SIP loads SIP loads OK Invalid SIP loads incompletely SIP doesn't load Invalid Missing SIP doesn't load SIP doesn't load Invalid OK SIP doesn't load SIP doesn't load Invalid Invalid SIP doesn't load SIP doesn't load So in the case when users.conf doesn't load because there's a typo that disrupts the syntax, we may only partially load users, instead of failing with an error, which may cause some calls not to get processed. Worse yet, the old system would do this with no indication that anything was even wrong. (closes issue #10690) Reported by: dtyoo Patches: 20080716__bug10690.diff.txt uploaded by Corydon76 (license 14) git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@142992 65c4cc65-6c06-0410-ace0-fbb531ad65f3	18 years ago
Sean Bright	b69c8e6ab5	Another big chunk of changes from the RSW branch. Bunch of stuff from main/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@137082 65c4cc65-6c06-0410-ace0-fbb531ad65f3	18 years ago
Tilghman Lesher	aca394bf0c	HTTP module memory leaks (closes issue #13230) Reported by: eliel Patches: res_http_post_leak.patch uploaded by eliel (license 64) git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@135476 65c4cc65-6c06-0410-ace0-fbb531ad65f3	18 years ago

1 2 3

146 Commits (cc46ce38bc98e1544d6d077c910238ee0c7b51ed)