asterisk

Commit Graph

Author	SHA1	Message	Date
Nick French	993ba84cd3	SRTP: Lower SDES key lifetime minimum to 2^20 SRTP SDES key lifetime support was added in ASTERISK_17899. In that addition, the minimum key lifetime to be accepted was set at the 10 hours @ 20ms/packet = 1800000 packets. The firmware in the obi1xx ATA uses a hardcoded lifetime of 2^20 packets. Lower the limit to 2^20 to support a wider field of clients. ASTERISK-27967 #close Change-Id: I81a0703c595a0c9101dfdf02300149a3cc39bf94	8 years ago
George Joseph	34f3fe9552	app_confbridge: Use the SDP 'label' attribute to correlate users Previously, the msid "label" attribute was used to correlate participant info but because streams could be reused, the msid wasn't being updated correctly when someone left the bridge and another joined. Now, instead of looking for the msid attribute on a channel's streams, app_confbridge sets an "SDP:LABEL" attribute on the stream which res_pjsip_sdp_rtp looks for. If it finds it, it adds a "label" attribute to the current sdp. Change-Id: I6cbaa87fb59a2e0688d956e72d2d09e4ac20d5a5	8 years ago
Joshua Elson	f7137e1230	res_parking: Add dialplan function for lot channel This commit adds a new function to res_parking. This function, PARK_GET_CHANNEL allows the retrieval of the channel name of the channel occupying the parking slot. ASTERISK-22825 #close Change-Id: Idba6ae55b8a53f734238cb3d995cedb95c0e7b74	8 years ago
Joshua Colp	6d0529cd7f	Merge "res_pjsip_t38.c: Be smarter about how we respond when T.38 is disabled."	8 years ago
Jenkins2	f095800638	Merge "res_pjsip_pubsub: segfault in function publish_expire"	8 years ago
Joshua Colp	68c0c081f9	Merge "res_pjsip/pjsip_transport_management.c: Fix deadlock with transport keep alive."	8 years ago
Jenkins2	0111629554	Merge "res_pjsip_session: sdp group:BUNDLE attribute being truncated"	8 years ago
Joshua Colp	ad20736626	Merge "res_pjsip_t38: Decline T.38 stream on failure case."	8 years ago
Kevin Harwell	5bb874ee09	res_pjsip_session: sdp group:BUNDLE attribute being truncated When setting/appending the media id's to the bundle group attribute a '-1' was being passed to the 'ast_str_set/append' function for the 'max_len' parameter. This essentially capped the length of the string to what it was originally allocated with. In this case 64 bytes. This patch makes it so a '0' is passed as in for the 'max_len', which means "no maximum length". ASTERISK-27955 #close Change-Id: Iec565df6600401d54a502854a53d19bb4cc34876	8 years ago
Alexei Gradinari	96abe79ddf	res_pjsip_pubsub: segfault in function publish_expire The function pubsub_on_rx_publish_request incorrectly uses of AST_SCHED_REPLACE_UNREF. The AST_SCHED_REPLACE_UNREF should unref old '_data'. Because of this, there may be a double unref of variable 'publication' when ast_sched_del is unsuccessful that leads to use after free of the 'publication' in publish_expire. ASTERISK-27956 #close Change-Id: Ie0f0cfc7e036953d890b188656010b325a5cdc82	8 years ago
George Joseph	8f42447c68	res_pjsip: Add 'suppress_q850_reason_headers' option to endpoint A new option 'suppress_q850_reason_headers' has been added to the endpoint object. Some devices can't accept multiple Reason headers and get confused when both 'SIP' and 'Q.850' Reason headers are received. This option allows the 'Q.850' Reason header to be suppressed. The default value is 'no'. ASTERISK-27949 Reported-by: Ross Beer Change-Id: I54cf37a827d77de2079256bb3de7e90fa5e1deb1	8 years ago
Joshua Colp	c9f8e068ed	res_pjsip_t38: Decline T.38 stream on failure case. When negotiating an incoming T.38 stream the code incorrectly returned failure instead of a decline for the stream when a problem occurred or the configuration didn't allow it. This resulted in SDP offers being rejected with a 488 response in all cases, even when another valid stream was present. This change makes it so the stream is now declined. If no streams are accepted a 488 response is sent while if at least one stream is accepted all the declined streams are, well, declined. ASTERISK-27763 Change-Id: I88bcf793788c412a9839d111a5c736bf6867807c	8 years ago
Richard Mudgett	d5db664d70	res_pjsip_t38.c: Be smarter about how we respond when T.38 is disabled. We were blindly responding with AST_T38_REFUSED when ANY T.38 control frame came accross the bridge. This causes T.38 Gateway to get confused and the T.38 session to get in a strange state. * Made the T.38 framehook only respond to request frames and ignore response frames. ASTERISK-27657 ASTERISK-27080 Change-Id: I5fb5967c7d1efb30a7ff375f82887ca82a55b05b	8 years ago
Jenkins2	57231c1265	Merge "res_pjsip_t38.c: Fix crash by ignoring 1xx messages."	8 years ago
Richard Mudgett	0aff1a278e	res_pjsip/pjsip_transport_management.c: Fix deadlock with transport keep alive. Using the keep_alive_interval option can result in a deadlock between the pjproject transport manager group lock and the monitored transports ao2 container lock. The pjproject transport manager group lock has to be superior in the locking order to the monitored transports ao2 container lock because of pjproject callbacks called when already holding the group lock. The lock inversion happens when Asterisk attempts to send a keep alive packet over the reliable transports. * Made keepalive_transport_thread() iterate over the monitored transports container rather than use the ao2_callback() method. This avoids holding the container lock when sending the keep alive packet. ASTERISK-26686 Change-Id: I5d5392a52e698bbe41a93f7d8e92bf0e61fe3951	8 years ago
Joshua Colp	eb9c031120	Merge "pjsip: Clarify certificate configuration for Websocket."	8 years ago
Joshua Colp	de5144e751	pjsip: Clarify certificate configuration for Websocket. The Websocket transport uses the built-in HTTP server. As a result the TLS configuration is done in http.conf and not in pjsip.conf. This change adds a warning if this is configured in pjsip.conf and also clarifies in the sample configuration file. Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9	8 years ago
Richard Mudgett	1aa45ffdfa	res_pjsip_t38.c: Fix crash by ignoring 1xx messages. If we initiated a T.38 reINVITE, we would crash if we received any other 1xx response message except 100 if it were followed by a 200 response. * Made ignore any 1xx response so we do not close out the T.38 negotiation too early. For good measure we'll now accept any 2xx response as acceptance of the reINVITE T.38 offer. ASTERISK-27944 Change-Id: I0ca88aae708d091db7335af73f41035a212adff4	8 years ago
Joshua Colp	f30ebd3823	res_pjsip_pubsub: Hold module reference for publications. Incoming publications need to ensure that the module remains loaded for the lifetime of them. This is now done by holding a reference to the module while the publication exists. This mirrors that of inbound subscriptions. ASTERISK-27783 Change-Id: Ia98c95a15e11af25728d5fb3e56e12cda0cfc7c0	8 years ago
Joshua Colp	3f7a75b481	Merge "res_pjsip_messaging: Allow application/* for in-dialog MESSAGEs"	8 years ago
George Joseph	e3585353f6	res_pjsip_messaging: Allow application/* for in-dialog MESSAGEs In addition to text/* content types, incoming_in_dialog_request now accepts application/* content types. Also fixed a length issue when copying the body text. It was one character short. ASTERISK-27942 Change-Id: I4e54d8cc6158dc47eb8fdd6ba0108c6fd53f2818	8 years ago
George Joseph	880fbff6b7	res_pjsip_session: Add ability to accept multiple sdp answers pjproject by default currently will follow media forked during an INVITE on outbound calls if the To tag is different on a subsequent response as that on an earlier response. We handle this correctly. There have been reported cases where the To tag is the same but we still need to follow the media. The pjproject patch in this commit adds the capability to sip_inv and also adds the capability to control it at runtime. The original "different tag" behavior was always controllable at runtime but we never did anything with it and left it to default to TRUE. So, along with the pjproject patch, this commit adds options to both the system and endpoint objects to control the two behaviors, and a small logic change to session_inv_on_media_update in res_pjsip_session to control the behavior at the endpoint level. The default behavior for "different tags" remains the same at TRUE and the default for "same tag" is FALSE. Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6 ASTERISK-27936 Reported-by: Ross Beer	8 years ago
George Joseph	017b7849bc	Merge "VECTOR: Passing parameters with side effects to macros is dangerous."	8 years ago
Richard Mudgett	cad50d6dbf	VECTOR: Passing parameters with side effects to macros is dangerous. * Fix several instances where we were bumping a ref in the parameter and then unrefing the object if it failed. The way the AST_VECTOR_APPEND() and AST_VECTOR_REPLACE() macros are implemented means if it fails the new value was never evaluated. Change-Id: I2847872a455b11ea7e5b7ce697c0a455a1d0ac9a	8 years ago
Alexander Traud	bbea9cfc3b	res_http_post: Enable GMime in Solaris 11. Change-Id: Ie434541f18f894c751d2e44bcb3efb3cac626019	8 years ago
Richard Mudgett	da54605b8a	ARI POST DTMF: Make not compete with channel's media thread. There can be one and only one thread handling a channel's media at a time. Otherwise, we don't know which thread is going to handle the media frames. ASTERISK-27625 Change-Id: I4d6a2fe7386ea447ee199003bf8ad681cb30454e	8 years ago
Jenkins2	986cffa18e	Merge "app_confbridge: Enable sending events to participants"	8 years ago
George Joseph	e7a7506f9c	app_confbridge: Enable sending events to participants ConfBridge can now send events to participants via in-dialog MESSAGEs. All current Confbridge events are supported, such as ConfbridgeJoin, ConfbridgeLeave, etc. In addition to those events, a new event ConfbridgeWelcome has been added that will send a list of all current participants to a new participant. For all but the ConfbridgeWelcome event, the JSON message contains information about the bridge, such as its id and name, and information about the channel that triggered the event such as channel name, callerid info, mute status, and the MSID labels for their audio and video tracks. You can use the labels to correlate callerid and mute status to specific video elements in a webrtc client. To control this behavior, the following options have been added to confbridge.conf: bridge_profile/enable_events: This must be enabled on any bridge where events are desired. user_profile/send_events: This must be set for a user profile to send events. Different user profiles connected to the same bridge can have different settings. This allows admins to get events but not normal users for instance. user_profile/echo_events: In some cases, you might not want the user triggering the event to get the event sent back to them. To prevent it, set this to false. A change was also made to res_pjsip_sdp_rtp to save the generated msid to the stream so it can be re-used. This allows participant A's video stream to appear as the same label to all other participants. Change-Id: I26420aa9f101f0b2387dc9e2fd10733197f1318e	8 years ago
Alexander Traud	b01fc2ef3d	res_rtp_asterisk: Instead of ./configure use OPENSSL_NO_SRTP. Previously, Asterisk used its script ./configure, to test whether OpenSSL was built with no-srtp (or was simply too old). However, the header file <openssl/opensslconf.h> is the preferred way to detect the local configuration of OpenSSL. As a positive side-effect the script ./configure does not interleave the detection of the Open Settlement Protocol Toolkit (OSPTK) with the detection of individual features of OpenSSL anymore. Change-Id: I3c77c7b00b2ffa2e935632097fa057b9fdf480c0	8 years ago
Jenkins2	8b4c72caea	Merge "res_rtp_asterisk: Allow OpenSSL configured with no-deprecated."	8 years ago
Joshua Colp	782064852a	Merge "res_crypto: Allow OpenSSL configured with no-deprecated."	8 years ago
Jenkins2	a46e658bc0	Merge "res_srtp: Repair ./configure --with-ssl=PATH."	8 years ago
Richard Mudgett	81ac32a85f	AST-2018-008: Fix enumeration of endpoints from ACL rejected addresses. When endpoint specific ACL rules block a SIP request they respond with a 403 forbidden. However, if an endpoint is not identified then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot be bypassed to gain access to the disclosed endpoints. * Made endpoint specific ACL rules now respond with a 401 unauthorized which is the same as if an endpoint were not identified. The fix is accomplished by replacing the found endpoint with the artificial endpoint which always fails authentication. ASTERISK-27818 Change-Id: Icb275a54ff8e2df6c671a6d9bda37b5d732b3b32	8 years ago
Alexander Traud	0743ad6422	res_rtp_asterisk: Allow OpenSSL configured with no-deprecated. Furthermore, allow OpenSSL configured with no-dh. Additionally, this change allows auto-negotiation of the elliptic curve/group for servers, not only with OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519 (since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect. ASTERISK-27910 Change-Id: I5b0dd47c5194ee17f830f869d629d7ef212cf537	8 years ago
Alexander Traud	ca682f0030	res_crypto: Allow OpenSSL configured with no-deprecated. The header <openssl/rsa.h> had to be included explicitly. ASTERISK-27906 Change-Id: I41743801eed998c039d73db7a0762d104a4f75b2	8 years ago
Alexander Traud	234bf4b7ff	res_srtp: Repair ./configure --with-ssl=PATH. ASTERISK-27905 Change-Id: Ibb7dc148a0048f4f9c3b12937ba4240dff0d15e2	8 years ago
George Joseph	7b5fc5d20f	Merge "pjsip_options: handle modification of qualify options in realtime"	8 years ago
Alexei Gradinari	7af5e86821	pjsip_options: show/reload AOR qualify options using CLI Currentrly pjsip_options code does not handle the situation when the AOR qualify options were changed. Also there is no way to find out what qualify options are using. This patch add CLI commands to show and synchronize Aor qualify options: pjsip show qualify endpoint <id> Show the current qualify options for all Aors on the PJSIP endpoint. pjsip show qualify aor <id> Show the PJSIP Aor current qualify options. pjsip reload qualify endpoint <id> Synchronize the qualify options for all Aors on the PJSIP endpoint. pjsip reload qualify aor <id> Synchronize the PJSIP Aor qualify options. ASTERISK-27872 Change-Id: I1746d10ef2b7954f2293f2e606cdd7428068c38c	8 years ago
Alexei Gradinari	e46b442e38	pjsip_options: handle modification of qualify options in realtime Currentrly pjsip_options code does not handle the situation when the qualify options were changed in realtime database. Only 'module reload res_pjsip' helps. This patch add a check on contact add/update observers if the contact qualify options are different than local aor qualify options. If the qualify options were modified then synchronize the pjsip_options AOR local state. ASTERISK-27872 Change-Id: Id55210a18e62ed5d35a88e408d5fe84a3c513c62	8 years ago
Joshua Colp	4ea98e49f1	Merge "rtp: Add support for RTP extension negotiation and abs-send-time."	8 years ago
Torrey Searle	c5d2bf05f4	res/res_rtp_asterisk: ensure marker bit is correctly set on ssrc change Certain race conditions between changing bridge types and DTMF can cause the current FLAG_NEED_MARKER_BIT to send the marker bit before the actual first packet of native bridging. This logic keeps track of the ssrc the bridge is currently sending and will correctly ensure the marker bit is set if SSRC as changed from the previous sent packet. ASTERISK-27845 Change-Id: I01858bd0235f1e5e629e20de71b422b16f55759b	8 years ago
Joshua Colp	25764691b0	Merge "netsock2: Add ast_sockaddr_resolve_first_af to netsock2 public API"	8 years ago
Joshua Colp	a507c73a78	rtp: Add support for RTP extension negotiation and abs-send-time. When RTP was originally created it had the ability to place a single extension in an RTP packet. In practice people wanted to potentially put multiple extensions in one and so RFC 5285 (obsoleted by RFC 8285) came into existence. This allows RTP extensions to be negotiated with a unique identifier to be used in the RTP packet, allowing multiple extensions to be present in the packet. This change extends the RTP engine API to add support for this. A user of it can enable extensions and the API provides the ability to retrieve the information (to construct SDP for example) and to provide negotiated information (from SDP). The end result is that the RTP engine can then query to see if the extension has been negotiated and what unique identifier is to be used. It is then up to the RTP engine implementation to construct the packet appropriately. The first extension to use this support is abs-send-time which is defined in the REMB draft[1] and is a second timestamp placed in an RTP packet which is for when the packet has left the sending system. It is used to more accurately determine the available bandwidth. ASTERISK-27831 [1] https://tools.ietf.org/html/draft-alvestrand-rmcat-remb-03 Change-Id: I508deac557867b1e27fc7339be890c8018171588	8 years ago
Matthew Fredrickson	9f9dce05b2	netsock2: Add ast_sockaddr_resolve_first_af to netsock2 public API This function originally was used in chan_sip to enable some simplifying assumptions and eventually was copy and pasted into res_pjsip_logger and res_hep. Since it's replicated in three places, it's probably best to move it into the public netsock2 API for these modules to use. Change-Id: Id52e23be885601c51d70259f62de1a5e59d38d04	8 years ago
Alexander Traud	f10fc135d4	res_pjsip_endpoint_identifier_ip: Unregister the module for headers. Asterisk uses Reference Counting to track whether a module can be unloaded. Every consumer who requires a module, increases the reference count. When the consumer goes, is unloaded itself, it has to decrease the reference count on all its used/required modules. That way core stop gracefully works on the command-line interface (CLI): One module after the other is unloaded. A recent change broke this for the module res_pjsip. ASTERISK-27861 Change-Id: I261abcb411d026bbb0691cc78f28300bfd3103a3	8 years ago
Joshua Colp	195af35026	Merge "Fix GCC 8 build issues."	8 years ago
Joshua Colp	a103221de2	Merge "pjsip: Rewrite OPTIONS support with new eyes."	8 years ago
Corey Farrell	b5914d90ac	Fix GCC 8 build issues. This fixes build warnings found by GCC 8. In some cases format truncation is intentional so the warning is just suppressed. ASTERISK-27824 #close Change-Id: I724f146cbddba8b86619d4c4a9931ee877995c84	8 years ago
Matthew Fredrickson	8f55f7c333	res_hep: Adds hostname resolution support for capture_address Previously, only an IP address would be accepted for the capture_address config setting in hep.conf. This change allows capture_address to be a resolvable hostname or an IP address. ASTERISK-27796 #close Reported-By: Sebastian Gutierrez Change-Id: I33e1a37a8b86e20505dadeda760b861a9ef51f6f	8 years ago
Jenkins2	57ad488451	Merge "res_ari: Remove requirement that body exists when debug is on."	8 years ago

1 2 3 4 5 ...

4616 Commits (993ba84cd358683a22603bc09765edfaa7570095)