For each component, the set of valid BNF expansions defines exactly
which characters may appear unescaped. All other characters MUST be
escaped.
This patch modifies ast_uri_encode() to encode strings in line with this recommendation. This patch also adds an ast_escape_quoted() function which escapes '"' and '\' characters in quoted strings in accordance with section 25.1 of RFC 3261. The ast_uri_encode() function has also been modified to take an ast_flags struct describing the set of rules it should use when escaping characters to allow for it to escape SIP URIs in addition to HTTP URIs and other types of URIs or variations of those two URI types in the future.
The ast_uri_decode() function has also been modified to accept an ast_flags struct describing the set of rules to use when decoding to enable decoding '+' as ' ' in legacy http URLs.
The unit tests for these functions have also been updated.
ABE-2705
Review: https://reviewboard.asterisk.org/r/1081/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@303509 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds a generic API for accommodating IPv6 and IPv4 addresses
within Asterisk. While many files have been updated to make use of the
API, chan_sip and the RTP code are the files which actually support
IPv6 addresses at the time of this commit. The way has been paved for
easier upgrading for other files in the near future, though.
Big thanks go to Simon Perrault, Marc Blanchet, and Jean-Philippe Dionne
for their hard work on this.
(closes issue #17565)
Reported by: russell
Patches:
asteriskv6-test-report.pdf uploaded by russell (license 2)
Review: https://reviewboard.asterisk.org/r/743
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@274783 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If there is a problem with a firmware file, Polycom phones will close the
connection. We were continuing to send the file anyway. There should be no
reason to continue sending a file if there is an error writing it.
(closes issue #16682)
Reported by: lmadsen
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@270692 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix. For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf. Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
Review: http://reviewboard.digium.com/r/237/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191028 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Adds option to specify a private key .pem file when configuring TLS or SSL in AMI, HTTP, and SIP. Before this, the certificate file was used for both the public and private key. It is possible for this file to hold both, but most configurations allow for a separate private key file to be specified. Clarified in .conf files how these options are to be used. The current conf files do not explain how the private key is handled at all, so without knowledge of Asterisk's TLS implementation, it would be hard to know for sure what was going on or how to set it up.
Review: http://reviewboard.digium.com/r/234/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@190545 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1) rename 'struct server_args' to 'struct ast_tcptls_session_args', to follow coding guidelines
2) make ast_make_file_from_fd() static and rename it to something that indicates what it really is for (again coding guidelines)
3) rename address variables inside 'struct ast_tcptls_session_args' to be more descriptive (dare i say it... coding guidelines)
4) change ast_tcptls_client_start() to use the new 'remote_address' field of the session args for the destination of the connection, and use the 'local_address' field to bind() the socket to the proper source address, if one is supplied
5) in chan_sip, ensure that we pass in the PP address we are bound to when creating outbound (client) connections, so that our connections will appear from the correct address
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@151101 65c4cc65-6c06-0410-ace0-fbb531ad65f3
when a file is invalid from when a file is missing. This is most important when
we have two configuration files. Consider the following example:
Old system:
sip.conf users.conf Old result New result
======== ========== ========== ==========
Missing Missing SIP doesn't load SIP doesn't load
Missing OK SIP doesn't load SIP doesn't load
Missing Invalid SIP doesn't load SIP doesn't load
OK Missing SIP loads SIP loads
OK OK SIP loads SIP loads
OK Invalid SIP loads incompletely SIP doesn't load
Invalid Missing SIP doesn't load SIP doesn't load
Invalid OK SIP doesn't load SIP doesn't load
Invalid Invalid SIP doesn't load SIP doesn't load
So in the case when users.conf doesn't load because there's a typo that
disrupts the syntax, we may only partially load users, instead of failing with
an error, which may cause some calls not to get processed. Worse yet, the old
system would do this with no indication that anything was even wrong.
(closes issue #10690)
Reported by: dtyoo
Patches:
20080716__bug10690.diff.txt uploaded by Corydon76 (license 14)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@142992 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ago (does not affect 1.4), where you would pass
a pointer to the end of a character array, and
ast_uri_decode would do no good.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@133651 65c4cc65-6c06-0410-ace0-fbb531ad65f3
them, and memory does not get free'd causing strange issues with SIP.
This code was originally written by russellb in the team/group/issue_11972/ branch.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@123546 65c4cc65-6c06-0410-ace0-fbb531ad65f3
same name in http queries, which might confuse the manager.
Replace calls to ast_uri_decode() with a local function that also
replaces '+' with ' ', as this is the normal encoding for
spaces in http requests.
This allows passing cli commands to the manager through the
http interface.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@117295 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r114600 | russell | 2008-04-23 17:18:12 -0500 (Wed, 23 Apr 2008) | 6 lines
Improve some broken cookie parsing code. Previously, manager login over HTTP
would only work if the mansession_id cookie was first. Now, the code builds
a list of all of the cookies in the Cookie header. This fixes a problem
observed by users of the Asterisk GUI.
(closes AST-20)
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@114601 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This does introduce a dependency on the GMime library for handling HTTP POSTs, but it is available in most distros.
If the library is present, then the compile flag for ENABLE_UPLOADS is enabled by default in menuselect.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@109229 65c4cc65-6c06-0410-ace0-fbb531ad65f3
automatically generated file like it used to be. This still needs to be there
for modules that have to check it to compile against multiple asterisk versions.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@104244 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This set of changes introduces TCP and TLS support for chan_sip. There are various
new options in configs/sip.conf.sample that are used to enable these features. Also,
there is a document, doc/siptls.txt that describes some things in more detail.
This code was implemented by Brett Bryant and James Golovich. It was reviewed
by Joshua Colp and myself. A number of other people participated in the testing
of this code, but since it was done outside of the bug tracker, I do not have their
names. If you were one of them, thanks a lot for the help!
(closes issue #4903, but with completely different code that what exists there.)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@99085 65c4cc65-6c06-0410-ace0-fbb531ad65f3
revision changed, every module that used the version was getting rebuilt after
every svn update. This severly annoyed me pretty quickly, so I have improved
the situation.
Now, instead of generating version.h, main/version.c is generated. version.c
includes the version information, as well as a couple of API calls for modules
to retrieve the version. So now, only version.c will get rebuilt, and the main
asterisk binary relinked, which is must faster than rebuilding http.c, manager.c,
asterisk.c, relinking the asterisk binary, chan_sip.c, func_version.c, res_agi ...
The only minor change in behavior here is that the version information reported by
chan_sip, for example, is the version of the Asterisk core, and not necessarily the
Asterisk version that the chan_sip module came from.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@96717 65c4cc65-6c06-0410-ace0-fbb531ad65f3
build times - tested, there is no measureable difference before and
after this commit.
In this change:
use asterisk/compat.h to include a small set of system headers:
inttypes.h, unistd.h, stddef.h, stddint.h, sys/types.h, stdarg.h,
stdlib.h, alloca.h, stdio.h
Where available, the inclusion is conditional on HAVE_FOO_H as determined
by autoconf.
Normally, source files should not include any of the above system headers,
and instead use either "asterisk.h" or "asterisk/compat.h" which does it
better.
For the time being I have left alone second-level directories
(main/db1-ast, etc.).
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@89333 65c4cc65-6c06-0410-ace0-fbb531ad65f3
*must* write the file to the FILE *, and not the raw fd. Otherwise, it breaks
TLS support.
Thanks to rizzo for catching this!
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@72738 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Handle transferring large files from the built-in http server. Previously, the
code attempted to malloc a block as large as the file itself. Now it uses the
sendfile() system call so that the file isn't copied into userspace at all if
it is available. Otherwise, it just uses a read/write of small chunks at a time.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@72701 65c4cc65-6c06-0410-ace0-fbb531ad65f3
places in the code where the same block of code for creating detached threads
was replicated. (patch from bbryant)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@65968 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r60603 | russell | 2007-04-06 15:58:43 -0500 (Fri, 06 Apr 2007) | 13 lines
To be able to achieve the things that we would like to achieve with the
Asterisk GUI project, we need a fully functional HTTP interface with access
to the Asterisk manager interface. One of the things that was intended to be
a part of this system, but was never actually implemented, was the ability for
the GUI to be able to upload files to Asterisk. So, this commit adds this in
the most minimally invasive way that we could come up with.
A lot of work on minimime was done by Steve Murphy. He fixed a lot of bugs in
the parser, and updated it to be thread-safe. The ability to check
permissions of active manager sessions was added by Dwayne Hubbard. Then,
hacking this all together and do doing the modifications necessary to the HTTP
interface was done by me.
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@60604 65c4cc65-6c06-0410-ace0-fbb531ad65f3
done for exactly how much memory is needed. This was suggested by Luigi on
the asterisk-dev mailing list. Thanks!
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48933 65c4cc65-6c06-0410-ace0-fbb531ad65f3
this, implementing locking of this list to make it thread-safe.
- Add a "redirect" option to http.conf that allows redirecting one URI to
another. I was inspired to do this while playing with the Asterisk GUI. I
got tired of typing this URL to get to the GUI:
http://localhost:8088/asterisk/static/config/cfgadvanced.html
So, now I have the following line in http.conf:
redirect=/=/asterisk/static/config/cfgadvanced.html
Now, I can type the following into my browser and go to the GUI:
http://localhost:8088
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48930 65c4cc65-6c06-0410-ace0-fbb531ad65f3
are passed as an argument.
- Update the code in main/http.c to use the new interface
(the diff is large but mostly mechanical, due to the name change of
several variables);
- And since now it is trivial, implement "AMI over TLS", and document
the possible options in manager.conf
- And since the test client (openssl s_client -connect host:port )
does not generate \r\n as a line terminator, make get_input()
also accept just a \n as a line terminator (Mac users: do you
also need the \r-only version ?)
The option parsing in manager.conf is not very efficient, and needs
to be cleaned up and made similar to what we have in http.conf
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48351 65c4cc65-6c06-0410-ace0-fbb531ad65f3
and implement services over tcp and/or tcp-tls.
This commit is nothing more than moving structure definitions
(and documentation) from main/http.c to include/asterisk/http.h
(temporary location until we find a better place), and removing the
'static' qualifier from server_root() and server_start().
The name change (adding the ast_ prefix as a minimum, and then
possibly a more meaningful name) is postponed to future commits.
Does not apply to other versions of asterisk.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48324 65c4cc65-6c06-0410-ace0-fbb531ad65f3
causing the http threads to do busy waiting around the socket...
Fix the mistake, sorry for the inconvenience!
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48074 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Because https is more secure than http, it usually
makes sense to keep this service more open than the
one on the unencrypted port.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48071 65c4cc65-6c06-0410-ace0-fbb531ad65f3
function doing work on the socket. This is another generalization
to provide a generic mechanism to open TCP/TLS socket with a thread
managing the accpet and children threads managing the individual
sessions.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48067 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Paul Belanger
Andrew Latham
Matthew Nicholson
Mark Michelson
Terry Wilson
Olle Johansson
Tilghman Lesher
Kevin P. Fleming
David Vossel
Eliel C. Sardanons
Sean Bright
Brett Bryant
Brandon Kruse
Luigi Rizzo
Russell Bryant
Pari Nannapaneni
Jason Parker
Doug Bailey
Steve Murphy
Joshua Colp