Whether a bit-field is signed or unsigned is implementation specific, so
we should be explicit about this.
Change-Id: I8bce847d6ece3d08fc93fa77227f6f970d1353de
Warned-by: lgtm
On Debian buster the latter contains transitive dependencies in Libs,
instead of in Libs.private, which leaks linking implementation details.
Change-Id: Ia131fe82444b8c2204976df75be047ab6d17c561
We need readonly access to /dev/urandom, otherwise the rand()
calls might fail, as seen in kamailio-config-tests.
Change-Id: Id132191994ae5fe74ec3ebb7d34a4a5d50769dbc
Thanks: Victor Seva for reporting
In carrier environments we have foreign DB hosts
configured in /etc/ngcp-mediator/ngcp-mediator.conf,
therefore we can't easily apply IP address filtering.
JFTR, new and current systemd hardening state for ngcp-mediator:
| $ sudo COLUMNS=142 systemd-analyze security ngcp-mediator | grep -v '✓'
| NAME DESCRIPTION EXPOSURE
| ✗ PrivateNetwork= Service has access to the host's … 0.5
| ✗ User=/DynamicUser= Service runs as root user 0.4
| ✗ RestrictAddressFamilies=~AF_(INET… Service may allocate Internet soc… 0.3
| ✗ RestrictAddressFamilies=~… Service may allocate exotic socke… 0.3
| ✗ DeviceAllow= Service has a device ACL with som… 0.1
| ✗ IPAddressDeny= Service does not define an IP add… 0.2
| ✗ RestrictAddressFamilies=~AF_PACKET Service may allocate packet socke… 0.2
| ✗ SystemCallFilter=~@privileged System call whitelist defined for… 0.2
| ✗ RestrictAddressFamilies=~AF_NETLI… Service may allocate netlink sock… 0.1
| ✗ RootDirectory=/RootImage= Service runs within the host's ro… 0.1
| SupplementaryGroups= Service runs as root, option does…
| RemoveIPC= Service runs as root, option does…
| ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1
|
| → Overall exposure level for ngcp-mediator.service: 2.1 OK 🙂
Change-Id: I0e7c474eddd5d4d4c77b9bda157448294ed0a5c4
ngcp-mediator service state BEFORE this change:
| $ systemd-analyze security ngcp-mediator | tail -1
| → Overall exposure level for ngcp-mediator.service: 9.5 UNSAFE 😨
ngcp-mediator service state AFTER this change:
| $ sudo COLUMNS=142 systemd-analyze security ngcp-mediator | grep -v '✓'
| NAME DESCRIPTION EXPOSURE
| ✗ PrivateNetwork= Service has access to the host's network 0.5
| ✗ User=/DynamicUser= Service runs as root user 0.4
| ✗ RestrictAddressFamilies=~AF_(INET|INET6) Service may allocate Internet sockets 0.3
| ✗ RestrictAddressFamilies=~… Service may allocate exotic sockets 0.3
| ✗ DeviceAllow= Service has a device ACL with some special devices 0.1
| ✗ IPAddressDeny= Service defines IP address whitelits with only localhost entries 0.1
| ✗ RestrictAddressFamilies=~AF_PACKET Service may allocate packet sockets 0.2
| ✗ SystemCallFilter=~@privileged System call whitelist defined for service, and @privileged is included 0.2
| ✗ RestrictAddressFamilies=~AF_NETLINK Service may allocate netlink sockets 0.1
| ✗ RootDirectory=/RootImage= Service runs within the host's root directory 0.1
| SupplementaryGroups= Service runs as root, option does not matter
| RemoveIPC= Service runs as root, option does not apply
| ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1
|
| → Overall exposure level for ngcp-mediator.service: 2.0 OK 🙂
Change-Id: If33c303b9df465393f15c0b685d1aab54a465df6
We only ever go into the error handling code before malloc has
succeeded, which means ‘entries’ will always be NULL.
Change-Id: Iaedd1ac668249b0e4516f782c24a2f420e8682a5
Warned-by: coverity
While MariaDB uses my_bool here, MySQL uses the standard bool type. Both
are compatible, so use the more standard one.
Change-Id: I648bc8eb55f7617f6b4eb796a33bc77ce15ca34b
We need to respect user-controlled variables and only append to them
whatever we require for the build.
Change-Id: Ie86415863f806e2c76b6a47929c65aafc0a2d177
With the increased length of src/dst_leg strings, we must also increase
the buffer size for the insert string.
Did I mention that we should really move to dynamic strings here...
Change-Id: I0e77155d36f434055e36124d37bf699179f887b1
This is relevant for records coming from Redis, as the insertion into
the trash and backup tables is done from the strings kept in memory.
Change-Id: I1398f7bfc0d4a0c2da8b8104dc4589ea9d983da7
(cherry picked from commit 6e957e69b7)
/var/lock was deprecated with Debian/wheezy (see
https://wiki.debian.org/ReleaseGoals/RunDirectory), so
/var/lock/mediator.lock is actually /run/lock/mediator.lock.
Reflect this in the definition of MEDIATOR_LOCK_FILE.
Change-Id: If50a5fdcfafb289d59ae828f750388e103b5b3ad
Due to the movement of call transfer handling from sems pbx to
standard sems, in case of blind call transfer the BYE ACC is
generated with call_id suffix '_pbx-1_xfer-1' instead of '_xfer-1'.
To be more precise, currently we creates 2 ACCs for INVITEs:
- one without any suffix
- one with '_xfer-1" suffix
and just one for the BYE:
- with '_xfer-1' suffix
Mediator is able to use the BYE to close both the INVITEs
With the new implementation we creats 2 ACCs for INVITEs:
- one without any suffix
- one with '_pbx-1_xfer-1" suffix
and just one for the BYE:
- with '_pbx-1_xfer-1' suffix
The sinlge BYE record is not used to close both the ACC INVITEs.
Change-Id: Id7a68fab8d84ffe987084e925fecc1e051cbaccd
Strings, in particular call IDs, that are coming from Redis are not
necessarily valid UTF-8 since Redis doesn't really do UTF-8. The MySQL
DB schema expects strings in valid UTF-8 however (even though call IDs
really should be raw binary strings), resulting in an error if an
UTF-8 invalid string is attempted to be inserted.
Solve this by verifying each string's UTF-8 correctness before inserting
it, and forcing it to be interpreted as the 100% permissive latin1
charset if it isn't.
Change-Id: I5a218083bc4e3d7a47d1f77911f7ef9a88ce9bd2
Kamailio writes src_leg and dst_leg information of ACCs
in json format. Mediator has been adapted to read them
in this new format.
Due to that the size of src_leg and dst_leg has been
increased from char(256) to char (1024).
For backward compatibility the old format has been preserved
and used if the src_leg and dst_leg are not in json format.
This change is transparent for the final CDR's output.
Change-Id: I4de9c61a5bfe5855628412f6aca988ffc9406a59
In a cluster setup, intermediate CDRs might be written to a different
host than the final CDRs (central vs pair).
Change-Id: I56716d2a96857d52715e48f513ee1d75676b1e52
Since medmysql_flush_med_str() takes the handler from the
_medmysql_batch_definition structure, the last retrieved insert ID must
also be taken from the same handler.
Change-Id: Ieaee3313d94cf41d8953591dd88a12e42be601d5
Json function used to get MOS values has been slitted in
two: one to get the value from the json dict and one to clamp
it in order to have the final value between the desired
range of values.
Change-Id: Ifecb2548ad3d1de8fc307158cb89107c7da6b370
medredis_fetch_records() allocates memory for 0 return records, which in
the calling code is understood as "no memory has been allocated",
leading to a slow leak. Returning early is correct as the mem block
pointer is set to NULL in this case.
Change-Id: I69a2d397edd15cb9e4033531a218658c7ca93b12
This is necessary to avoid issues with ACC records in the
OLD format during an upgrade.
It should be changed to back to -1 in mr9.+
Change-Id: I81097c0823343de066ec436d6f43a4ed279f372f
Tha value is readed from the last field of the the ACC srcleg.
It contains the ID of the peer_host from where the call was received.
Mediator uses it to find the correct peering_contract_id to write in
the CDR.
Change-Id: I2cfb7d0fadb5ade265fde3c1778475eda431a453
The DB schema allows for certain columns to be NULL. Handle this
appropriately to elminiate failed assertions from g_strlcpy.
Change-Id: I8768847b96b169dfad94b2ca448cc2af5058d38b
We must distinguish between old-style acc records without an appended
branch ID (key ends in `:<ts>`) and broken new-stype acc records with an
empty branch ID (key ends in `:<ts>:`). Failure to do so results in
leftover entries in the DB that are never trashed and repeatedly
processed.
Change-Id: I61a4086359369e460cf23cacfd53854605a6a955
The db_redis module also writes simulated non-unique keys for acc
records, so we must use handle them appropriately when deleting the
keys, because otherwise we get leftover entries.
Change-Id: Ic080dc5d4520ac548a726440d0b677028bfb6be3
To prepare for a second kind of CDR records, we refactor the SQL batch
string handling to include the statement definition and data queues in
the string object, and stop passing them around as arguments everywhere.
Change-Id: I2e3b278e859ce0cc22e7827c91d284b39fc34ecc
The mediator is doing nothing when maintenance mode is enabled,
it has been implemented in TT#16753 but later after migration to
systemd and after migration to unit 'type=notify' we forget to send READY=1.
Fixing it here, as it cause 90 seconds delay on ngcpcfg apply on
active node if maintenance mode is enabled.
Change-Id: I66c3dc13506f7069ec60c56edcbe875b4a9912e4
* cdr_tag_data value is now escaped
* simplified cdr_group group escaping code to
bring in line with how it is in the other places
Change-Id: Ie10242fed9d4430247f8ac534b19679d38206fee
* callid that is used in sql statements is now escaped,
for scenarios where there are calls with quotes in callids
Change-Id: I3061a73fe944ec911e84031a1cff40043b7e174c
Guillem Jover
Sipwise Jenkins Builder
Michael Prokop
Richard Fuchs
Marco Capetta
Alexander Lutay
Kirill Solomko