Some previous behavior was attempted to be restored, but mistakingly I did
not realize that the previous behavior was incorrect. This fixes DTMF not
being detected since DTMF shouldn't cause the SSRC to change.
Don't create a Local channel if the target extension does not exist.
(closes issue #18126)
Reported by: junky
Patches:
followme.diff uploaded by junky (license 177)
(partially restructured by me to avoid a possible memory leak)
........
................
Improve handling of REGISTER requests with multiple contact headers.
The changes here attempt to more strictly follow RFC 3261 section 10.3.
Basically the following will now cause a 400 Bad Response to be returned, if:
- multiple Contact headers are present with one set to expire all bindings ("*")
- wildcard parameter is specified for Contact without Expires header or Expires
header is not set to zero.
When the adaptive jitter buffer is enabled in sip.conf, the first frame placed
in the jitter buffer fails with something like:
jb_warning_output: Resyncing the jb. last_delay 0, this delay -215886466,
threshold 1000, new offset 215886466
This happens because the offset is not initialized before calling jb_put(). This
patch modifies jb_put_first_adaptive() to set the offset to the frame's
timestamp.
Russell Bryant [Thu, 2 Dec 2010 13:20:19 +0000 (13:20 +0000)]
Merged revisions 297229 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r297229 | russell | 2010-12-02 07:16:47 -0600 (Thu, 02 Dec 2010) | 13 lines
Merged revisions 297228 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r297228 | russell | 2010-12-02 07:16:15 -0600 (Thu, 02 Dec 2010) | 6 lines
Add "DAHDI" to a couple of app_meetme error messages.
This is in response to some questions on IRC. To the user, there was nothing
that made it obvious that this error had anything to do with DAHDI not being
loaded.
........
................
Fix not stopping MOH when transfered local channel queue member is answered.
The problem here is only present when local channels are used with the MOH
passthru option as well as no optimization (/nm). I will describe the slightly
bizarre scenario that was used to test, where phones B and C are queue members:
Phone A dials into a queue with two members using local channels and the above
options. Phone B answers. Phone A blind transfers phone B into the same queue.
Phone A hangs up. Phone C answers, but phone B didn't stop playing MOH.
In this scenario, the unhold frame that should have gotten to phone B never
arrived due to the masquerade from the blind transfer. This is usually fine
since app_queue manages the starting and stopping of MOH. However, with the
passthrough option enabled when app_queue attempts to stop MOH it tries to do
so on the local channel rather than the real channel. The easiest solution
was to just make sure to send an unhold frame during the transfer since it
wouldn't make sense to have MOH playing after a transfer anyway. This only
modifies SIP transfers, but the other transfers did not seem to be a problem.
If DTMF based transfers were a problem it might be okay to add ast_moh_stop
to finishup, but I didn't want to have to add that unless required.
Russell Bryant [Mon, 29 Nov 2010 21:26:44 +0000 (21:26 +0000)]
Complete some error handling in transmit_publish() in chan_sip.c.
This error handling block caught my eye. It was missing a couple of things,
but it should be safe now. Thanks to mmichelson for the quick peer review
on IRC.
Invalid mISDN PTMP redirecting signaling as TE towards NT.
The mISDN PTMP redirection signaling (NOTIFY redirecting number and
notification code, SETUP redirecting number) is also sent in PTMP/TE mode.
It should only apply in PTMP/NT mode. The call setup proceeds but the
network (Deutsche Telekom) reacts with ugly ISDN STATUS messages.
Also don't send the redirecting number ie when PTP is also sending the
DivertingLegInformation2 facility. The redirecting number ie is redundant
and the network (Deutsche Telekom) complains about it.
Patches:
abe_2651_v4.patch uploaded by rmudgett (license 664)
Brad Watkins [Fri, 26 Nov 2010 18:19:02 +0000 (18:19 +0000)]
Fix reloading of peer when a user is requested.
Prevent peer reloading from causing multiple MWI subscriptions to be created when using realtime. This had the effect of sending one NOTIFY for every time a sip peer made a call, in one case eventually overwhelming the phone and causing it to reboot.
Russell Bryant [Wed, 24 Nov 2010 23:29:44 +0000 (23:29 +0000)]
Merged revisions 296221 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r296221 | russell | 2010-11-24 17:28:19 -0600 (Wed, 24 Nov 2010) | 13 lines
Merged revisions 296213 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r296213 | russell | 2010-11-24 17:26:43 -0600 (Wed, 24 Nov 2010) | 6 lines
Make Asterisk less crashy.
Since we might not put a new translation path on the channel, go ahead and
set it to NULL right after destroying the old one to ensure we don't try
to free an invalid translation path later on.
........
................
Oneway audio to SIP phone from FXS port after FXS port gets a CallWaiting pip.
The FXS connected phone has to have CW/CID support to fail, as it will
send back a DTMF 'A' or 'D' when it's ready to receive CallerID. A normal
phone with no CID never fails. Also the SIP phone does not hear MOH when
the CW call is answered.
The DTMF end frame is suppressed when the phone acknowledges the CW signal
for CID. The problem is the DTMF begin frame needs to be suppressed as
well. The DTMF begin frame is causing SIP to start sending the DTMF RTP
frames. Since the DTMF end frame is suppressed, SIP will not stop sending
those DTMF RTP packets.
* Suppress the DTMF begin and end frames when the channel driver is
looking for DTMF digits.
* Fixed a couple issues caused by not cleaning up the CID spill if you
answer the CW call while it is sending the CID spill.
* Fixed not sending CW/CID spill to the phone when the call is natively
bridged. (Fixed by not using native bridge if CW/CID is possible.)
* Suppress received audio when sending CW/CID spills. The other parties
involved do not need to hear the CW/CID spills and may be confused if the
CW call is for them.
* v1.4 does not have the main problem fixed by suppressing the DTMF start
frames. The other three items fixed are relevant.
* If you really must restore native bridging between analog ports, you
need to disable CW/CID either by configuring chan_dahdi.conf
callwaitingcallerid=no or dialing *70 before dialing the number to
temporarily disable CW.
........
................
Russell Bryant [Wed, 24 Nov 2010 20:23:46 +0000 (20:23 +0000)]
Merged revisions 296083 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r296083 | russell | 2010-11-24 14:23:11 -0600 (Wed, 24 Nov 2010) | 19 lines
Merged revisions 296082 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r296082 | russell | 2010-11-24 14:22:32 -0600 (Wed, 24 Nov 2010) | 12 lines
Fix false reporting of an error by set_format().
In the case that the native format was able to be changed to match the
new requested format, the code proceeded to attempt to build a translation
path, anyway. The result would be NULL, since no translation path is
necessary and resulted in this function thinking an error has occurred.
This case is now specifically caught and no attempt to build a translation
path is attempted.
Thanks to our automated tests and bamboo.asterisk.org for catching this problem
and making a whole lot of noise when things started failing. :-)
........
................
Russell Bryant [Wed, 24 Nov 2010 17:13:08 +0000 (17:13 +0000)]
Merged revisions 296001 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r296001 | russell | 2010-11-24 11:03:16 -0600 (Wed, 24 Nov 2010) | 45 lines
Merged revisions 296000 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r296000 | russell | 2010-11-24 10:48:39 -0600 (Wed, 24 Nov 2010) | 38 lines
Handle failures building translation paths more effectively.
The problem scenario occurred on a heavily loaded system that was using the
codec_dahdi module and exceeded the hardware transcoding capacity. The failure
mode at that point was not good. The report came in to us as an Asterisk
lock-up. The "core show locks" shows a ton of threads locked up (but no
obvious deadlock). Upon deeper investigation, when the system is in this
state, the CPU was maxed out. The CPU was being consumed by the Asterisk
logger spewing messages on every audio frame for calls set up after transcoder
capacity was reached.
The purpose of this patch is to make Asterisk handle failures to create a
translation path in a more graceful manner. If we can't translate, then the
call just needs to be dropped, as it's not going to work. These are the
changes:
1) In set_format() of channel.c (which is called by set_read_format() and
set_write_format()), it was ignoring if ast_translator_build_path() failed and
returned NULL. It now pays attention to that case and returns a result
reflecting failure. With this change in place, the bridging code will
immediately detect a failure and end the bridge instead of proceeding to try to
bridge frames that can't be translated and making channel drivers freak out by
sending them frames in a format they weren't expecting.
2) In ast_indicate_data() of channel.c, failure of ast_playtones_start() was
ignored. It is now reflected in the return value of the function. This didn't
turn out to have any affect on the bug, but seemed like a good change to leave
in.
3) In app_dial(), when only sending a call to a single endpoint, it will
attempt to do some bridging of its own of early audio. It uses
make_compatible() when it's going to do this. However, it ignored failure from
make compatible. So, even with the fix from #1, if there was early audio going
through app_dial, there would still be a period of invalid frames passing
through. After detecting failure here, Dial() exits.
The channel redirect function (CLI or AMI) hangs up the call instead of redirecting the call.
To recreate the problem:
1) Party A calls Party B
2) Invoke CLI "channel redirect" command to redirect channel call leg
associated with A.
3) All associated channels are hung up.
Note that if the CLI command were done on the channel call leg associated
with B it works.
This regression was a result of the fix for issue #16946
(https://reviewboard.asterisk.org/r/740/).
The regression affects all features that use an async goto to execute the
dialplan because of an external event: Channel redirect, AMI redirect, SIP
REFER, and FAX detection.
The struct ast_channel._softhangup code is a mess. The variable is used
for several purposes that do not necessarily result in the call being hung
up. I have added doxygen comments to describe how the various _softhangup
bits are used. I have corrected all the places where the variable was
tested in a non-bit oriented manner.
The primary fix is the new AST_CONTROL_END_OF_Q frame. It acts as a weak
hangup request so the soft hangup requests that do not normally result in
a hangup do not hangup.
Richard Mudgett [Sat, 20 Nov 2010 03:11:15 +0000 (03:11 +0000)]
One way audio before answering call waiting call on analog port.
* Analog call waiting Caller ID spills could get stuck resulting in one
way audio until the waiting call is answered. This only happens on the
second (and later) call waiting call if the active call is not the first
call.
* The CLI/AMI "dahdi show channel" command could report the wrong channel
information.
Must keep the struct analog_pvt.owner and struct dahdi_pvt.owner pointer
in sync.
Russell Bryant [Sat, 20 Nov 2010 00:50:00 +0000 (00:50 +0000)]
Merged revisions 295710 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
........
r295710 | russell | 2010-11-19 18:45:51 -0600 (Fri, 19 Nov 2010) | 29 lines
Fix cache of device state changes for multiple servers.
This patch addresses a regression where device states across multiple servers
were not being processing completely correctly. The code works to determine
the overall state by looking at the last known state of a device on each
server. However, there was a regression due to some invasive rewrites of how
the cache works that led to the cache only storing the last device state change
for a device, regardless of which server it was on.
The code is set up to cache device state change events by ensuring that each
event in the cache has a unique device name + entity ID (server ID). The code
that was responsible for comparing raw information elements (which EID is)
always returned a match due to a memcmp() with a length of 0.
There isn't much code to fix the actual bug. This patch also introduces a new
CLI command that was very useful for debugging this problem. The command
allows you to dump the contents of the event cache.
(closes issue #18284)
Reported by: klaus3000
Patches:
issue18284.rev1.txt uploaded by russell (license 2)
Tested by: russell, klaus3000
This is not a perfect solution as headers that are joined via commas are not
detected. This is a parsing issue that to fix "correctly" would necessitate
a new SIP parser.
Richard Mudgett [Fri, 19 Nov 2010 16:47:11 +0000 (16:47 +0000)]
Bring sig_analog extraction more into alignment with orig-trunk/v1.6.2 chan_dahdi.
* Restore SMDI support.
* Fixed initial value of struct analog_pvt.use_callerid. It may get
forced on depending upon other config options.
* Call analog_dnd() instead of manual inlined code.
* Removed unused struct analog_pvt.usedistinctiveringdetection.
* Removed the struct analog_pvt.unknown_alarm flag. It was really the
struct analog_pvt.inalarm flag.
* Use ast_debug() instead of ast_log(LOG_DEBUG).
* Rename several function's index variable to idx.
* Some formatting tweaks.
Fix regression causing abort in voicemail after opening a mailbox with no mesgs.
In order to be more safe, some error handling code was changed to respect more
error conditions including the potential memory allocation failure for deleted
and heard message tracking introduced in 293004. However, last_message_index
returns -1 for zero messages (perhaps as expected) and was triggering the
stricter error checking. Because last_message_index is only called directly
in one place, just return 0 from open_mailbox (for file based storage) when no
messages are detected unless a real error has occurred.
Russell Bryant [Thu, 11 Nov 2010 22:13:38 +0000 (22:13 +0000)]
Remove most of the contents of the doc dir in favor of the wiki content.
This merge does the following things:
* Removes most of the contents from the doc/ directory in favor
of the wiki - http://wiki.asterisk.org/
* Updates the build_tools/prep_tarball script to know how to export
the contents of the wiki in both PDF and plain text formats so that
the documentation is still included in Asterisk release tarballs.
Fix problem with qualify option packets for realtime peers never stopping.
The option packets not only never stopped, but if a realtime peer was not in
the peer list multiple options dialogs could accumulate over time. This
scenario has the potential to progress to the point of saturating a link just
from options packets. The fix was to ensure that the poke scheduler checks to
see if a peer is in the peer list before continuing to poke. The reason a peer
must be in the peer list to be able to properly manage an options dialog is
because otherwise the call pointer is lost when the peer is regenerated from
the database, which is how existing qualify dialogs are detected.
Copied from some notes from the original author (Russell):
Deadlock scenario:
Thread 1: device state change thread
Holds - rdlock on contexts
Holds - hints lock
Waiting on channels container lock
Thread 2: SIP monitor thread
Holds the "iflock"
Holds a sip_pvt lock
Holds channel container lock
Waiting for a channel lock
Thread 3: A channel thread (chan_local in this case)
Holds 2 channel locks acquired within app_dial
Holds a 3rd channel lock it got inside of chan_local
Holds a local_pvt lock
Waiting on a rdlock of the contexts lock
A bunch of other threads waiting on a wrlock of the contexts lock
To address this deadlock, some locking order rules must be put in place and
enforced. Existing relevant rules:
1) channel lock before a pvt lock
2) contexts lock before hints lock
3) channels container before a channel
What's missing is some enforcement of the order when you involve more than any
two. To fix this problem, I put in some code that ensures that (at least in the
code paths involved in this bug) the locks in (3) come before the locks in (2).
To change the operation of thread 1 to comply, I converted the storage of hints
to an astobj2 container. This allows processing of hints without holding the
hints container lock. So, in the code path that led to thread 1's state, it no
longer holds either the contexts or hints lock while it attempts to lock the
channels container.
Richard Mudgett [Tue, 9 Nov 2010 16:55:32 +0000 (16:55 +0000)]
Analog lines do not transfer CONNECTED LINE or execute the interception macros.
Add connected line update for sig_analog transfers and simplify the
corresponding sig_pri and chan_misdn transfer code.
Note that if you create a three-way call in sig_analog before transferring
the call, the distinction of the caller/callee interception macros make
little sense. The interception macro writer needs to be prepared for
either caller/callee macro to be executed. The current implementation
swaps which caller/callee interception macro is executed after a three-way
call is created.
Fix playback failure when using IAX with the timerfd module.
To fix this issue the alert pipe will now be used when the timerfd module is
in use. There appeared to be a race that was not solved by adding locking in the
timerfd module, but needed to be there anyway. The race was between the timer
being put in non-continuous mode in ast_read on the channel thread and the IAX
frame scheduler queuing a frame which would enable continuous mode before the
non-continuous mode event was read. This race for now is simply avoided.
Richard Mudgett [Mon, 8 Nov 2010 17:16:01 +0000 (17:16 +0000)]
valgrind reported references to freed memory during a mISDN hangup collision.
Bad things have been happening in chan_misdn because the chan_misdn
channel private struct chan_list is not protected from reentrancy. Hangup
collisions have be causing read and write accesses to freed memory.
Converted chan_misdn struct chan_list to an ao2 object for its reference
counting feature.
**********
Removed an impediment to converting chan_list to an ao2 object.
The use of the other_ch member in chan_list is shaky at best. It is set
if the incoming and outgoing call legs are mISDN. The use of the other_ch
member goes against the Asterisk architecture and can even cause problems.
1) It is used to disable echo cancellation. This could be bad if the call
is forked and the winning call leg is not mISDN or the winning call leg is
not the last mISDN channel called by the fork. The other_ch would become
a dangling pointer.
2) It is used when the far end is alerting to hear the far end's inband
audio instead of Asterisk's generated ringback tone. This is bad if the
call is forked. You would only hear the last forked mISDN channel and it
may not be ringing yet.
The other_ch would become a dangling pointer if the call is later
transferred.
**********
codecs/codec_dahdi: Prevent "choppy" audio when receiving unexpected frame sizes.
dahdi-linux 2.4.0 (specifically commit 9034) added the capability for
the wctc4xxp to return more than a single packet of data in response to
a read. However, when decoding packets, codec_dahdi was still assuming
that the default number of samples was in each read.
In other words, each packet your provider sent you, regardless of size,
would result in 20 ms of decoded data (30 ms if decoding G723). If your
provider was sending 60 ms packets then codec_dahdi would end up
stripping 40 ms of data from each transcoded frame resulting in "choppy"
audio.
This would only affect systems where G729 packets are arriving in sizes
greater than 20ms or G723 packets arriving in sizes greater than 30ms.
Party A in an analog 3-way call would continue to hear ringback after party C answers.
All parties are analog FXS ports.
1) A calls B.
2) A flash hooks to call C.
3) A flash hooks to bring C into 3-way call before C answers. (A and B hear ringback)
4) C answers
5) A continues to hear ringback during the 3-way call. (All parties can hear each other.)
* Fixed use of wrong variable in dahdi_bridge() that stopped ringback on
the wrong subchannel.
* Made several debug messages have more information.
A similar issue happens if B and C are SIP channels. B continues to hear
ringback. For some reason this only affects v1.8 and trunk.
* Don't start ringback on the real and 3-way subchannels when creating the
3-way conference. Removing this code is benign on v1.6.2 and earlier.
........
................
Terry Wilson [Wed, 3 Nov 2010 18:05:14 +0000 (18:05 +0000)]
Avoid valgrind warnings for ast_rtp_instance_get_xxx_address
The documentation for ast_rtp_instance_get_(local/remote)_address stated that
they returned 0 for success and -1 on failure. Instead, they returned 0 if the
address structure passed in was already equivalent to the address instance
local/remote address or 1 otherwise. 90% of the calls to these functions
completely ignored the return address and passed in an uninitialized struct,
which would make valgrind complain even though the operation was technically
safe.
This patch fixes the documentation and converts the get_xxx_address functions
to void since all they really do is copy the address and cannot fail.
Additionally two new functions
(ast_rtp_instance_get_and_cmp_(local/remote)_address) are created for the 3
times where the return value was actually checked. The
get_and_cmp_local_address function is currently unused, but exists for the sake
of symmetry.
The only functional change as a result of this change is that we will not do an
ast_sockaddr_cmp() on (mostly uninitialized) addresses before doing the
ast_sockaddr_copy() in the get_*_address functions. So, even though it is an
API change, it shouldn't have a noticeable change in behavior.
Make warning message have more useful information in it.
Change "Unable to get index, and nullok is not asserted" to "Unable to get
index for '<channel-name>' on channel <number> (<function>(), line
<number>)".
........
................
Terry Wilson [Mon, 1 Nov 2010 14:58:00 +0000 (14:58 +0000)]
Only offer codecs both sides support for directmedia
When using directmedia, Asterisk needs to limit the codecs offered to just
the ones that both sides recognize, otherwise they may end up sending audio
that the other side doesn't understand.
Jeff Peeler [Fri, 29 Oct 2010 21:48:38 +0000 (21:48 +0000)]
Modify sip_setoption to not complain about unknown options.
This now behaves just like the other setoption callbacks. For the curious the
offending option for the reporter was AST_OPTION_CHANNEL_WRITE which was getting
passed due to a fix for chan_local in 286189.
"!00" evaluated as false, which is incorrect. Fixing.
Reported (though the reporter did not understand he was reporting a bug) on the asterisk-users list:
http://lists.digium.com/pipermail/asterisk-users/2010-October/255505.html
........
................
r293196 | tilghman | 2010-10-28 14:54:34 -0500 (Thu, 28 Oct 2010) | 12 lines
Merged revisions 293194 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
"!00" evaluated as false, which is incorrect. Fixing.
Reported (though the reporter did not understand he was reporting a bug) on the asterisk-users list:
http://lists.digium.com/pipermail/asterisk-users/2010-October/255505.html
........
................
Fix inprocess_container in voicemail to correctly restrict max messages.
The comparison function logic was off, so the number of sessions for a given
mailbox were not being incremented properly. This problem caused the maximum
number of messages per folder to not be respected when simultaneously leaving
multiple voicemails just below the threshold.
These problems should be fixed by the above, but just in case:
Fixed resequence_mailbox to rely on the actual number of detected number of
files in a directory rather than just assuming only 10 messages more than the
maximum had been left. Also if more messages than the maximum are deleted they
are actually removed now.
The second purpose of this commit should have been separated out probably, but
is related to the above. Again, if the number of messages in a given voicemail
folder exceeds the maximum set limit make sure to allocate enough space for the
deleted and heard index tracking array.
A few random fixes:
There was a forgotten decrement of the inprocess count in imap_store_file.
When using IMAP storage, do not look in the directory where file based storage
messages may still reside and influence the message count.
This patch turns chan_local pvts into astobj2 objects.
chan_local does some dangerous things involving deadlock avoidance.
tech_pvt functions like hangup and queue_frame are provided with a
locked channel upon entry. Those functions are completely safe as
long as you don't attempt to give up that channel lock, but that is
impossible to guarantee due to the required deadlock avoidance necessary
to lock both the tech_pvt and both channels involved.
In the past, we have tried to account for this by doing things like
setting a "glare" flag that indicates what function should destroy the
pvt. This was used in local_hangup and local_queue_frame to decided
who should destroy the pvt if they collided in separate threads. I
have removed the need to do this by converting all chan_local tech_pvts
to astobj2. This means we can ref a pvt before deadlock avoidance
and not have to worry about that pvt possibly getting destroyed under
us. It also cleans up where we destroy the tech_pvt. The only unlink
from the tech_pvt container occurs in local_hangup now, which is where
it should occur.
Since there still may be thread collisions on some functions like
local_hangup after deadlock avoidance, I have added some checks to detect
those collisions and exit appropriately. I think this patch is going to
solve quite a bit of weirdness we have had with local channels in the past.
........
................
Update the LDIF file for LDAP.
The LDIF file asterisk.ldif was quite a bit out of date from the asterisk.ldap-schema file, so I've
now updated that to be in sync. The asterisk.ldif file being out of sync was a problem on my systems
where I was doing an ldapadd to import the schema into the LDAP database, and the existing file
would cause problems and ERROR messages when registering.
Additional documention has been added based on feedback in the issue I'm closing.
Mark Michelson [Fri, 22 Oct 2010 17:09:52 +0000 (17:09 +0000)]
Prevent multiple runs of event_sub_test from producing false failure results.
The array of test subscriptions was declared "static," meaning that the
data.count field would retain its value between runs of the test. After the
first test run, this would result in false reports of test failures.
I chose to just remove the "static" keyword from the structure since it's not
a huge deal to construct this structure during each run of the test. Another
alternative would have been to zero out the data.count fields of each test
subscription instead.
Terry Wilson [Fri, 22 Oct 2010 16:49:34 +0000 (16:49 +0000)]
Add TLS cert helper script
This script is useful for quickly generating self-signed CA, server, and client
certificates for use with Asterisk. It is still recommended to obtain
certificates from a recognized Certificate Authority and to develop an
understanding how SSL certificates work. Real security is hard work.
OPTIONS:
-h Show this message
-m Type of cert "client" or "server". Defaults to server.
-f Config filename (openssl config file format)
-c CA cert filename (creates new CA cert/key as ca.crt/ca.key if not passed)
-k CA key filename
-C Common name (cert field)
For a server cert, this should be the same address that clients
attempt to connect to. Usually this will be the Fully Qualified
Domain Name, but might be the IP of the server. For a CA or client
cert, it is merely informational. Make sure your certs have unique
common names.
-O Org name (cert field)
An informational string (company name)
-o Output filename base (defaults to asterisk)
-d Output directory (defaults to the current directory)
Example:
To create a CA and a server (pbx.mycompany.com) cert with output in /tmp:
ast_tls_cert -C pbx.mycompany.com -O "My Company" -d /tmp
This will create a CA cert and key as well as asterisk.pem and the the two
files that it is made from: asterisk.crt and asterisk.key. Copy asterisk.pem
and ca.crt somewhere (like /etc/asterisk) and set tlscertfile=/etc/asterisk.pem
and tlscafile=/etc/ca.crt. Since this is a self-signed key, many devices will
require you to import the ca.crt file as a trusted cert.
To create a client cert using the CA cert created by the example above:
ast_tls_cert -m client -c /tmp/ca.crt -k /tmp/ca.key -C "Joe User" -O \
"My Company" -d /tmp -o joe_user
This will create client.crt/key/pem in /tmp. Use this if your device supports
a client certificate. Make sure that you have the ca.crt file set up as
a tlscafile in the necessary Asterisk configs. Make backups of all .key files
in case you need them later.
Richard Mudgett [Fri, 22 Oct 2010 15:47:08 +0000 (15:47 +0000)]
Connected line is not updated when chan_dahdi/sig_pri or chan_misdn transfers a call.
When a call is transfered by ECT or implicitly by disconnect in sig_pri or
implicitly by disconnect in chan_misdn, the connected line information is
not exchanged. The connected line interception macros also need to be
executed if defined.
The CALLER interception macro is executed for the held call.
The CALLEE interception macro is executed for the active/ringing call.
JIRA ABE-2589
JIRA SWP-2296
Patches:
abe_2589_c3bier.patch uploaded by rmudgett (license 664)
abe_2589_v1.8_v2.patch uploaded by rmudgett (license 664)
David Vossel [Thu, 21 Oct 2010 16:14:33 +0000 (16:14 +0000)]
Fixes recursive lock problem in manager.c
It is possible for a AMI session to freeze because of invalid
use of recursive locks during the EVENT processing. This
patch removes the unnecessary locks.
(closes issue #18167)
Reported by: sustav
Patches:
manager_locking_v1.diff uploaded by dvossel (license 671)
Tested by: sustav
projects / thirdparty / asterisk.git / log
