]> git.ipfire.org Git - thirdparty/asterisk.git/log
thirdparty/asterisk.git
11 months ago.github: Fix realtime param on Weekly and Nightly tests and...
George Joseph [Mon, 23 Sep 2024 14:24:02 +0000 (08:24 -0600)] 
.github: Fix realtime param on Weekly and Nightly tests and...

Rename the "Cleanup" job in the cherry-pick and recheck jobs
to "Summary".

(cherry picked from commit 94237f684a4094e8d6171408d518d6d83a0ee0b9)

11 months ago.github: Add WeeklyTests and make Nightlies Monday-Saturday
George Joseph [Wed, 18 Sep 2024 17:09:13 +0000 (11:09 -0600)] 
.github: Add WeeklyTests and make Nightlies Monday-Saturday

...and add "realtime" option.

(cherry picked from commit 60ad3efc9dbf8baeaa0ee238589e0236145197af)

11 months agodb.c: Remove limit on family/key length
George Joseph [Wed, 11 Sep 2024 16:06:17 +0000 (10:06 -0600)] 
db.c: Remove limit on family/key length

Consumers like media_cache have been running into issues with
the previous astdb "/family/key" limit of 253 bytes when needing
to store things like long URIs.  An Amazon S3 URI is a good example
of this.  Now, instead of using a static 256 byte buffer for
"/family/key", we use ast_asprintf() to dynamically create it.

Both test_db.c and test_media_cache.c were also updated to use
keys/URIs over the old 253 character limit.

Resolves: #881

UserNote: The `ast_db_*()` APIs have had the 253 byte limit on
"/family/key" removed and will now accept families and keys with a
total length of up to SQLITE_MAX_LENGTH (currently 1e9!).  This
affects the `DB*` dialplan applications, dialplan functions,
manager actions and `databse` CLI commands.  Since the
media_cache also uses the `ast_db_*()` APIs, you can now store
resources with URIs longer than 253 bytes.

(cherry picked from commit cc06c95ed2d32821c88a0d4626b56a739f433e04)

11 months ago.github: Changes required to use cached builds and shorten names
George Joseph [Sun, 28 Jul 2024 19:51:31 +0000 (13:51 -0600)] 
.github: Changes required to use cached builds and shorten names

(cherry picked from commit 24d641f40af4177699dbb41913eb9c2aad8a5c52)

12 months agoUpdate for 21.5.0 21.5.0
Asterisk Development Team [Thu, 17 Oct 2024 15:57:43 +0000 (15:57 +0000)] 
Update for 21.5.0

12 months agoUpdate for 21.5.0-rc2 21.5.0-rc2
Asterisk Development Team [Thu, 26 Sep 2024 16:20:33 +0000 (16:20 +0000)] 
Update for 21.5.0-rc2

12 months agostir_shaken: Fix propagation of attest_level and a few other values
George Joseph [Tue, 24 Sep 2024 16:16:16 +0000 (10:16 -0600)] 
stir_shaken: Fix propagation of attest_level and a few other values

attest_level, send_mky and check_tn_cert_public_url weren't
propagating correctly from the attestation object to the profile
and tn.

* In the case of attest_level, the enum needed to be changed
so the "0" value (the default) was "NOT_SET" instead of "A".  This
now allows the merging of the attestation object, profile and tn
to detect when a value isn't set and use the higher level value.

* For send_mky and check_tn_cert_public_url, the tn default was
forced to "NO" which always overrode the profile and attestation
objects.  Their defaults are now "NOT_SET" so the propagation
happens correctly.

* Just to remove some redundant code in tn_config.c, a bunch of calls to
generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were
replaced with a single call to generate_acfg_common_sorcery_handlers().

Resolves: #904

12 months agores_stir_shaken: Remove stale include for jansson.h in verification.c
George Joseph [Tue, 17 Sep 2024 16:03:59 +0000 (10:03 -0600)] 
res_stir_shaken: Remove stale include for jansson.h in verification.c

verification.c had an include for jansson.h left over from previous
versions of the module.  Since res_stir_shaken no longer has a
dependency on jansson, the bundled version wasn't added to GCC's
include path so if you didn't also have a jansson development package
installed, the compile would fail.  Removing the stale include
was the only thing needed.

Resolves: #889

12 months agores_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
George Joseph [Fri, 13 Sep 2024 14:23:08 +0000 (08:23 -0600)] 
res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid

* If the call to ast_config_load() returns CONFIG_STATUS_FILEINVALID,
check_for_old_config() now returns LOAD_DECLINE instead of continuing
on with a bad pointer.

* If CONFIG_STATUS_FILEMISSING is returned, check_for_old_config()
assumes the config is being loaded from realtime and now returns
LOAD_SUCCESS.  If it's actually not being loaded from realtime,
sorcery will catch that later on.

* Also refactored the error handling in load_module() a bit.

Resolves: #884

13 months agoUpdate for 21.5.0-rc1 21.5.0-rc1
Asterisk Development Team [Thu, 12 Sep 2024 18:46:30 +0000 (18:46 +0000)] 
Update for 21.5.0-rc1

13 months agores_stir_shaken: Check for disabled before param validation
George Joseph [Wed, 11 Sep 2024 16:19:23 +0000 (10:19 -0600)] 
res_stir_shaken: Check for disabled before param validation

For both attestation and verification, we now check whether they've
been disabled either globally or by the profile before validating
things like callerid, orig_tn, dest_tn, etc.  This prevents useless
error messages.

Resolves: #879
(cherry picked from commit 77733275462b4a878ddbc25a4b1b43a8037cd457)

13 months agoapp_chanspy.c: resolving the issue writing frame to whisper audiohook.
Tinet-mucw [Tue, 10 Sep 2024 04:01:21 +0000 (12:01 +0800)] 
app_chanspy.c: resolving the issue writing frame to whisper audiohook.

ChanSpy(${channel}, qEoSw): because flags set o, ast_audiohook_set_frame_feed_direction(audiohook, AST_AUDIOHOOK_DIRECTION_READ); this will effect whisper audiohook and spy audiohook, this makes writing frame to whisper audiohook impossible. So add function start_whispering to starting whisper audiohook.

Resolves: #876
(cherry picked from commit a721f99eb093c2dafff1adc4fb0e249656ac2f45)

13 months agoautoservice: Do not sleep if autoservice_stop is called within autoservice thread
Alexei Gradinari [Wed, 4 Sep 2024 14:28:57 +0000 (10:28 -0400)] 
autoservice: Do not sleep if autoservice_stop is called within autoservice thread

It's possible that ast_autoservice_stop is called within the autoservice thread.
In this case the autoservice thread is stuck in an endless sleep.

To avoid endless sleep ast_autoservice_stop must check that it's not called
within the autoservice thread.

Fixes: #763
(cherry picked from commit b9b0cffc299c1d173b30e254b5374e5cb3a00c38)

13 months agoapp_voicemail: Use ast_asprintf to create mailbox SQL query
George Joseph [Tue, 3 Sep 2024 19:07:13 +0000 (13:07 -0600)] 
app_voicemail: Use ast_asprintf to create mailbox SQL query

...instead of trying to calculate the length of the buffer needed
manually.

(cherry picked from commit d6157aff5b11d74cdc5a47a7e76ef6cacdbc47f9)

13 months agores_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch
Mike Bradeen [Wed, 21 Aug 2024 16:11:31 +0000 (10:11 -0600)] 
res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch

When Asterisk sends an offer to Bob that includes 48K and 8K codecs with
matching 4733 offers, Bob may want to use the 48K audio codec but can not
accept 48K digits and so negotiates for a mixed set.

Asterisk will now check Bob's offer to make sure Bob has indicated this is
acceptible and if not, will use Bob's preference.

Fixes: #847
(cherry picked from commit ac673dd14e2aadb933e76017249cb18a76c556bd)

13 months agoapp_chanspy.c: resolving the issue with audiohook direction read
Tinet-mucw [Fri, 30 Aug 2024 05:45:32 +0000 (13:45 +0800)] 
app_chanspy.c: resolving the issue with audiohook direction read

ChanSpy(${channel}, qEoS): When chanspy spy the direction read, reading frame is often failed when reading direction read audiohook. because chanspy only read audiohook direction read; write_factory_ms will greater than 100ms soon, then ast_slinfactory_flush will being called, then direction read will fail.

Resolves: #861
(cherry picked from commit e98127d540621c4fc07afa10a0a51333472f38c4)

13 months agosecurity_agreements.c: Refactor the to_str functions and fix a few other bugs
George Joseph [Sat, 17 Aug 2024 18:13:40 +0000 (12:13 -0600)] 
security_agreements.c: Refactor the to_str functions and fix a few other bugs

* A static array of security mechanism type names was created.

* ast_sip_str_to_security_mechanism_type() was refactored to do
  a lookup in the new array instead of using fixed "if/else if"
  statments.

* security_mechanism_to_str() and ast_sip_security_mechanisms_to_str()
  were refactored to use ast_str instead of a fixed length buffer
  to store the result.

* ast_sip_security_mechanism_type_to_str was removed in favor of
  just referencing the new type name array.  Despite starting with
  "ast_sip_", it was a static function so removing it doesn't affect
  ABI.

* Speaking of "ast_sip_", several other static functions that
  started with "ast_sip_" were renamed to avoid confusion about
  their public availability.

* A few VECTOR free loops were replaced with AST_VECTOR_RESET().

* Fixed a meomry leak in pjsip_configuration.c endpoint_destructor
  caused by not calling ast_sip_security_mechanisms_vector_destroy().

* Fixed a memory leak in res_pjsip_outbound_registration.c
  add_security_headers() caused by not specifying OBJ_NODATA in
  an ao2_callback.

* Fixed a few ao2_callback return code misuses.

Resolves: #845
(cherry picked from commit ca60f7db8fe636a4c4973bb8aaadb05b2ec3a427)

13 months agores_pjsip_sdp_rtp fix leaking astobj2 ast_format
Alexei Gradinari [Fri, 23 Aug 2024 20:28:24 +0000 (16:28 -0400)] 
res_pjsip_sdp_rtp fix leaking astobj2 ast_format

PR #700 added a preferred_format for the struct ast_rtp_codecs,
but when set the preferred_format it leaks an astobj2 ast_format.
In the next code
ast_rtp_codecs_set_preferred_format(&codecs, ast_format_cap_get_format(joint, 0));
both functions ast_rtp_codecs_set_preferred_format
and ast_format_cap_get_format increases the ao2 reference count.

Fixes: #856
(cherry picked from commit 95fadcf6db2ca7e7b9855687bb2a57b68431a5a8)

13 months agostir_shaken.conf.sample: Fix bad references to private_key_path
George Joseph [Thu, 22 Aug 2024 18:03:56 +0000 (12:03 -0600)] 
stir_shaken.conf.sample: Fix bad references to private_key_path

They should be private_key_file.

Resolves: #854
(cherry picked from commit 7b0478f17fc3b34af3b760d2ffdff3639eababf8)

13 months agores_pjsip_logger.c: Fix 'OPTIONS' tab completion.
Sean Bright [Mon, 19 Aug 2024 18:12:47 +0000 (14:12 -0400)] 
res_pjsip_logger.c: Fix 'OPTIONS' tab completion.

Fixes #843

(cherry picked from commit ab9c476dd2d091021bfd5d4228c9b57bba095c24)

13 months agoalembic: Make 'revises' header comment match reality.
Sean Bright [Sat, 17 Aug 2024 19:07:08 +0000 (15:07 -0400)] 
alembic: Make 'revises' header comment match reality.

(cherry picked from commit c5fbf5dcaeddf6b75fa7497ab6b6b16bc217a1c4)

13 months agochan_mobile: decrease CHANNEL_FRAME_SIZE to prevent delay
Cade Parker [Wed, 7 Aug 2024 21:11:16 +0000 (16:11 -0500)] 
chan_mobile: decrease CHANNEL_FRAME_SIZE to prevent delay

On modern Bluetooth devices or lower-powered asterisk servers, decreasing the channel frame size significantly improves latency and delay on outbound calls with only a mild sacrifice to the quality of the call (the frame size before was massive overkill to begin with)

(cherry picked from commit 4f5bb1e650ba321d805a3814a7142a9ba56200a4)

13 months agores_pjsip_notify: add dialplan application
Mike Bradeen [Tue, 9 Jul 2024 22:11:36 +0000 (16:11 -0600)] 
res_pjsip_notify: add dialplan application

Add dialplan application PJSIPNOTIFY to send either pre-configured
NOTIFY messages from pjsip_notify.conf or with headers defined in
dialplan.

Also adds the ability to send pre-configured NOTIFY commands to a
channel via the CLI.

Resolves: #799

UserNote: A new dialplan application PJSIPNotify is now available
which can send SIP NOTIFY requests from the dialplan.

The pjsip send notify CLI command has also been enhanced to allow
sending NOTIFY messages to a specific channel. Syntax:

pjsip send notify <option> channel <channel>

(cherry picked from commit e7ca7aa88123c458fae583d271e88cd3c24bd748)

13 months agomanager.c: Fix FRACK when doing CoreShowChannelMap in DEVMODE
George Joseph [Thu, 8 Aug 2024 16:57:14 +0000 (10:57 -0600)] 
manager.c: Fix FRACK when doing CoreShowChannelMap in DEVMODE

If you run an AMI CoreShowChannelMap on a channel that isn't in a
bridge and you're in DEVMODE, you can get a FRACK because the
bridge id is empty.  We now simply return an empty list for that
request.

(cherry picked from commit 63004f2c02a9331c2406da15d8e547b0b8b7cd69)

13 months agochannel: Add multi-tenant identifier.
Ben Ford [Tue, 21 May 2024 16:11:26 +0000 (11:11 -0500)] 
channel: Add multi-tenant identifier.

This patch introduces a new identifier for channels: tenantid. It's
a stringfield on the channel that can be used for general purposes. It
will be inherited by other channels the same way that linkedid is.

You can set tenantid in a few ways. The first is to set it in the
dialplan with the Set and CHANNEL functions:

exten => example,1,Set(CHANNEL(tenantid)=My tenant ID)

It can also be accessed via CHANNEL:

exten => example,2,NoOp(CHANNEL(tenantid))

Another method is to use the new tenantid option for pjsip endpoints in
pjsip.conf:

[my_endpoint]
type=endpoint
tenantid=My tenant ID

This is considered the best approach since you will be able to see the
tenant ID as early as the Newchannel event.

It can also be set using set_var in pjsip.conf on the endpoint like
setting other channel variable:

set_var=CHANNEL(tenantid)=My tenant ID

Note that set_var will not show tenant ID on the Newchannel event,
however.

Tenant ID has also been added to CDR. It's read-only and can be accessed
via CDR(tenantid). You can also get the tenant ID of the last channel
communicated with via CDR(peertenantid).

Tenant ID will also show up in CEL records if it has been set, and the
version number has been bumped accordingly.

Fixes: #740
UserNote: tenantid has been added to channels. It can be read in
dialplan via CHANNEL(tenantid), and it can be set using
Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to
use the new tenantid option for pjsip endpoints (e.g., tenantid=My
tenant ID) so that it will show up in Newchannel events. You can set it
like any other channel variable using set_var in pjsip.conf as well, but
note that this will NOT show up in Newchannel events. Tenant ID is also
available in CDR and can be accessed with CDR(tenantid). The peer tenant
ID can also be accessed with CDR(peertenantid). CEL includes tenant ID
as well if it has been set.

UpgradeNote: A new versioned struct (ast_channel_initializers) has been
added that gets passed to __ast_channel_alloc_ap. The new function
ast_channel_alloc_with_initializers should be used when creating
channels that require the use of this struct. Currently the only value
in the struct is for tenantid, but now more fields can be added to the
struct as necessary rather than the __ast_channel_alloc_ap function. A
new option (tenantid) has been added to endpoints in pjsip.conf as well.
CEL has had its version bumped to include tenant ID.

(cherry picked from commit 3841fa814e0807342a49557559826c83ceab0211)

13 months agoconfigure: Use . file rather than source file.
Jaco Kroon [Mon, 5 Aug 2024 14:50:01 +0000 (16:50 +0200)] 
configure:  Use . file rather than source file.

source is a bash concept, so when /bin/sh points to another shell the
existing construct won't work.

Reference: https://bugs.gentoo.org/927055
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
(cherry picked from commit b45c04a7c41998f1c789163d6dae405074107c30)

13 months agores_stasis: fix intermittent delays on adding channel to bridge
Mike Bradeen [Wed, 10 Jul 2024 18:58:44 +0000 (12:58 -0600)] 
res_stasis: fix intermittent delays on adding channel to bridge

Previously, on command execution, the control thread was awoken by
sending a SIGURG. It was found that this still resulted in some
instances where the thread was not immediately awoken.

This change instead sends a null frame to awaken the control thread,
which awakens the thread more consistently.

Resolves: #801
(cherry picked from commit bdee743cd40901a1a082be749ccb23541e720a49)

13 months agores_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto
Tinet-mucw [Fri, 2 Aug 2024 08:49:58 +0000 (16:49 +0800)] 
res_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto

When the endpoint dtmf_mode is set to auto, a SIP request is sent to the UAC, and the SIP SDP from the UAC does not include the telephone-event. Later, the UAC sends an INVITE, and the SIP SDP includes the telephone-event. In this case, DTMF should be sent by RFC2833 rather than using inband signaling.

Resolves: asterisk#826
(cherry picked from commit 6cf685608000a3b08e4e8b8a62995e233cc536bf)

13 months ago.github: Allow testing an Asterisk PR against a testsuite PR
George Joseph [Fri, 26 Jul 2024 16:37:21 +0000 (10:37 -0600)] 
.github: Allow testing an Asterisk PR against a testsuite PR

(cherry picked from commit d189b5a4d71cf3f4a88b67471101d98bec12a06e)

13 months ago.github: Add params to Releaser for FPBX issue creation
George Joseph [Fri, 26 Jul 2024 13:27:37 +0000 (07:27 -0600)] 
.github: Add params to Releaser for FPBX issue creation

(cherry picked from commit cf09da519e75b9e6094eb8c8cfdde43a3b209019)

13 months agostir_shaken: CRL fixes and a new CLI command
George Joseph [Fri, 19 Jul 2024 14:46:31 +0000 (08:46 -0600)] 
stir_shaken: CRL fixes and a new CLI command

* Fixed a bug in crypto_show_cli_store that was causing asterisk
to crash if there were certificate revocation lists in the
verification certificate store.  We're also now prefixing
certificates with "Cert:" and CRLs with "CRL:" to distinguish them
in the list.

* Added 'untrusted_cert_file' and 'untrusted_cert_path' options
to both verification and profile objects.  If you have CRLs that
are signed by a different CA than the incoming X5U certificate
(indirect CRL), you'll need to provide the certificate of the
CRL signer here.  Thse will show up as 'Untrusted" when showing
the verification or profile objects.

* Fixed loading of crl_path.  The OpenSSL API we were using to
load CRLs won't actually load them from a directory, only a file.
We now scan the directory ourselves and load the files one-by-one.

* Fixed the verification flags being set on the certificate store.
  - Removed the CRL_CHECK_ALL flag as this was causing all certificates
    to be checked for CRL extensions and failing to verify the cert if
    there was none.  This basically caused all certs to fail when a CRL
    was provided via crl_file or crl_path.
  - Added the EXTENDED_CRL_SUPPORT flag as it is required to handle
    indirect CRLs.

* Added a new CLI command...
`stir_shaken verify certificate_file <certificate_file> [ <profile> ]`
which will assist troubleshooting certificate problems by allowing
the user to manually verify a certificate file against either the
global verification certificate store or the store for a specific
profile.

* Updated the XML documentation and the sample config file.

Resolves: #809
(cherry picked from commit 2fb3215f031325c4ffb213f5d475771b6b45a849)

13 months agores_pjsip_config_wizard.c: Refactor load process
George Joseph [Tue, 23 Jul 2024 16:04:26 +0000 (10:04 -0600)] 
res_pjsip_config_wizard.c: Refactor load process

The way we have been initializing the config wizard prevented it
from registering its objects if res_pjsip happened to load
before it.

* We now use the object_type_registered sorcery observer to kick
things off instead of the wizard_mapped observer.

* The load_module function now checks if res_pjsip has been loaded
already and if it was it fires the proper observers so the objects
load correctly.

Resolves: #816

UserNote: The res_pjsip_config_wizard.so module can now be reloaded.
(cherry picked from commit d11dc5247b9c945a2a720e10dfcb4509484b767e)

13 months agobridge_softmix: Fix queueing VIDUPDATE control frames
George Joseph [Wed, 17 Jul 2024 16:44:17 +0000 (10:44 -0600)] 
bridge_softmix: Fix queueing VIDUPDATE control frames

softmix_bridge_write_control() now calls ast_bridge_queue_everyone_else()
with the bridge_channel so the VIDUPDATE control frame isn't echoed back.

softmix_bridge_write_control() was setting bridge_channel to NULL
when calling ast_bridge_queue_everyone_else() for VIDUPDATE control
frames.  This was causing the frame to be echoed back to the
channel it came from.  In certain cases, like when two channels or
bridges are being recorded, this can cause a ping-pong effect that
floods the system with VIDUPDATE control frames.

Resolves: #780
(cherry picked from commit 1272c28a0d9c140d28c35c444b45d49a5f99c711)

13 months agoUpdate for 21.4.3 21.4.3
Asterisk Development Team [Thu, 5 Sep 2024 17:03:28 +0000 (17:03 +0000)] 
Update for 21.4.3

13 months agores_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback
George Joseph [Mon, 12 Aug 2024 17:58:12 +0000 (11:58 -0600)] 
res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback

The ub_result pointer passed to unbound_resolver_callback by
libunbound can be NULL if the query was for something malformed
like `.1` or `[.1]`.  If it is, we now set a 'ns_r_formerr' result
and return instead of crashing with a SEGV.  This causes pjproject
to simply cancel the transaction with a "No answer record in the DNS
response" error.  The existing "off nominal" unit test was also
updated to check this condition.

Although not necessary for this fix, we also made
ast_dns_resolver_completed() tolerant of a NULL result.

Resolves: GHSA-v428-g3cw-7hv9

14 months agoUpdate for 21.4.2 21.4.2
Asterisk Development Team [Thu, 8 Aug 2024 13:29:16 +0000 (13:29 +0000)] 
Update for 21.4.2

14 months agomanager.c: Add entries to Originate blacklist
George Joseph [Mon, 22 Jul 2024 14:05:03 +0000 (08:05 -0600)] 
manager.c: Add entries to Originate blacklist

Added Reload and DBdeltree to the list of dialplan application that
can't be executed via the Originate manager action without also
having write SYSTEM permissions.

Added CURL, DB*, FILE, ODBC and REALTIME* to the list of dialplan
functions that can't be executed via the Originate manager action
without also having write SYSTEM permissions.

If the Queue application is attempted to be run by the Originate
manager action and an AGI parameter is specified in the app data,
it'll be rejected unless the manager user has either the AGI or
SYSTEM permissions.

Resolves: #GHSA-c4cg-9275-6w44

15 months agoUpdate for 21.4.1 21.4.1
Asterisk Development Team [Thu, 25 Jul 2024 15:25:40 +0000 (15:25 +0000)] 
Update for 21.4.1

15 months agortp_engine.c: Prevent segfault in ast_rtp_codecs_payloads_unset()
George Joseph [Thu, 25 Jul 2024 12:53:43 +0000 (06:53 -0600)] 
rtp_engine.c: Prevent segfault in ast_rtp_codecs_payloads_unset()

There can be empty slots in payload_mapping_tx corresponding to
dynamic payload types that haven't been seen before so we now
check for NULL before attempting to use 'type' in the call to
ast_format_cmp.

Note: Currently only chan_sip calls ast_rtp_codecs_payloads_unset()

Resolves: #822

15 months agovoicemail.conf.sample: Fix ':' comment typo
George Joseph [Wed, 24 Jul 2024 12:13:03 +0000 (06:13 -0600)] 
voicemail.conf.sample: Fix ':' comment typo

...and removed an errant trailing space.

Resolves: #819

15 months agoUpdate for 21.4.0 21.4.0
Asterisk Development Team [Thu, 18 Jul 2024 15:01:59 +0000 (15:01 +0000)] 
Update for 21.4.0

15 months agoUpdate for 21.4.0-rc1 21.4.0-rc1
Asterisk Development Team [Thu, 11 Jul 2024 13:23:28 +0000 (13:23 +0000)] 
Update for 21.4.0-rc1

15 months agores_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS()
Igor Goncharovsky [Sun, 12 May 2024 08:36:05 +0000 (14:36 +0600)] 
res_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS()

When using the PJSIP_DIAL_CONTACTS() function for use in the Dial()
command, the contacts are returned in text form, so the input to
the path_outgoing_request() function is a contact value of NULL.
The issue was reported in ASTERISK-28211, but was not actually fixed
in ASTERISK-30100. This fix brings back the code that was previously
removed and adds code to search for a contact to extract the path
value from it.

(cherry picked from commit aeefedb08679c170d8bb000b4eb41093390fd13e)

15 months agores_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits
Mike Bradeen [Fri, 21 Jun 2024 22:56:11 +0000 (16:56 -0600)] 
res_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits

After change made in 624f509 to add support for non 8K RFC 4733/2833 digits,
Asterisk would only accept RFC 4733/2833 offers that matched the sample rate of
the negotiated codec(s).

This change allows Asterisk to accept 8K RFC 4733/2833 offers if the UAC
offfers 8K RFC 4733/2833 but negotiates for a non 8K bitrate codec.

A number of corresponding tests in tests/channels/pjsip/dtmf_sdp also needed to
be re-written to allow for these scenarios.

Fixes: #776
(cherry picked from commit 7d53986262268b9b34641457dcc1cc9437265759)

15 months ago.github: Pass app_id and app_priv_key to AsteriskMergePR
George Joseph [Wed, 10 Jul 2024 16:38:00 +0000 (10:38 -0600)] 
.github: Pass app_id and app_priv_key to AsteriskMergePR

(cherry picked from commit e0f7a5f9680044a766cad8d350bb2cad74025239)

15 months ago.github: Change OnPRMergeApproved to use default token
George Joseph [Wed, 10 Jul 2024 15:24:28 +0000 (09:24 -0600)] 
.github: Change OnPRMergeApproved to use default token

(cherry picked from commit 3b55311eb1600b79d851344742e68e15ffdcbab2)

15 months agoast-db-manage: Remove duplicate enum creation
George Joseph [Tue, 9 Jul 2024 02:07:25 +0000 (20:07 -0600)] 
ast-db-manage: Remove duplicate enum creation

Remove duplicate creation of ast_bool_values from
2b7c507d7d12_add_queue_log_option_log_restricted_.py.  This was
causing alembic upgrades to fail since the enum was already created
in fe6592859b85_fix_mwi_subscribe_replaces_.py back in 2018.

Resolves: #797
(cherry picked from commit af580848559b5a8e7516660555442a29fff4c6ef)

15 months agosecurity_agreement.c: Always add the Require and Proxy-Require headers
George Joseph [Wed, 3 Jul 2024 20:50:47 +0000 (14:50 -0600)] 
security_agreement.c: Always add the Require and Proxy-Require headers

The `Require: mediasec` and `Proxy-Require: mediasec` headers need
to be sent whenever we send `Security-Client` or `Security-Verify`
headers but the logic to do that was only in add_security_headers()
in res_pjsip_outbound_register.  So while we were sending them on
REGISTER requests, we weren't sending them on INVITE requests.

This commit moves the logic to send the two headers out of
res_pjsip_outbound_register:add_security_headers() and into
security_agreement:ast_sip_add_security_headers().  This way
they're always sent when we send `Security-Client` or
`Security-Verify`.

Resolves: #789
(cherry picked from commit 210fe614b29eee260cf87b15265da22c64a1e710)

15 months agologger.h: Include SCOPE_CALL_WITH_INT_RESULT() in non-dev-mode builds.
Sean Bright [Sat, 29 Jun 2024 18:09:11 +0000 (14:09 -0400)] 
logger.h: Include SCOPE_CALL_WITH_INT_RESULT() in non-dev-mode builds.

Fixes #785

(cherry picked from commit f55df3621ab1a80e7b2bc636636ccd7bffe09168)

15 months ago.github: Use ASTERISKTEAM_PAT for PR merging
George Joseph [Fri, 28 Jun 2024 19:41:32 +0000 (13:41 -0600)] 
.github: Use ASTERISKTEAM_PAT for PR merging

(cherry picked from commit a9b74ffa52e612db89922ddf63df82a63373aa90)

15 months agostasis_channels: Use uniqueid and name to delete old snapshots
George Joseph [Wed, 8 May 2024 17:32:36 +0000 (11:32 -0600)] 
stasis_channels: Use uniqueid and name to delete old snapshots

Whenver a new channel snapshot is created or when a channel is
destroyed, we need to delete any existing channel snapshot from
the snapshot cache.  Historically, we used the channel->snapshot
pointer to delete any existing snapshots but this has two issues.

First, if something (possibly ast_channel_internal_swap_snapshots)
sets channel->snapshot to NULL while there's still a snapshot in
the cache, we wouldn't be able to delete it and it would be orphaned
when the channel is destroyed.  Since we use the cache to list
channels from the CLI, AMI and ARI, it would appear as though the
channel was still there when it wasn't.

Second, since there are actually two caches, one indexed by the
channel's uniqueid, and another indexed by the channel's name,
deleting from the caches by pointer requires a sequential search of
all of the hash table buckets in BOTH caches to find the matching
snapshots.  Not very efficient.

So, we now delete from the caches using the channel's uniqueid
and name.  This solves both issues.

This doesn't address how channel->snapshot might have been set
to NULL in the first place because although we have concrete
evidence that it's happening, we haven't been able to reproduce it.

Resolves: #783
(cherry picked from commit 27f7cb6ea02c7f2a404a55ae5fe836210d5a0bb8)

15 months ago.github: Replace PR workflows with stubs that call reusables
George Joseph [Tue, 25 Jun 2024 13:07:39 +0000 (07:07 -0600)] 
.github: Replace PR workflows with stubs that call reusables

The PR workflows now are just stubs that call reusable
workflows located in the asterisk-ci-actions repo.

(cherry picked from commit b13338338952dd8c38a2497c2a4f8a4036c10234)

15 months ago.github: Refactor NightlyTests to use workflow in asterisk-ci-actions
George Joseph [Tue, 25 Jun 2024 01:16:00 +0000 (19:16 -0600)] 
.github: Refactor NightlyTests to use workflow in asterisk-ci-actions

(cherry picked from commit b867fa2fe5bb1061303e346a828ad3c7172fb157)

15 months agoapp_voicemail_odbc: Allow audio to be kept on disk
George Joseph [Tue, 9 Apr 2024 13:23:36 +0000 (07:23 -0600)] 
app_voicemail_odbc: Allow audio to be kept on disk

This commit adds a new voicemail.conf option 'odbc_audio_on_disk'
which when set causes the ODBC variant of app_voicemail to leave
the message and greeting audio files on disk and only store the
message metadata in the database.  This option came from a concern
that the database could grow to large and cause remote access
and/or replication to become slow.  In a clustering situation
with this option, all asterisk instances would share the same
database for the metadata and either use a shared filesystem
or other filesystem replication service much more suitable
for synchronizing files.

The changes to app_voicemail to implement this feature were actually
quite small but due to the complexity of the module, the actual
source code changes were greater.  They fall into the following
categories:

* Tracing.  The module is so complex that it was impossible to
figure out the path taken for various scenarios without the addition
of many SCOPE_ENTER, SCOPE_EXIT and ast_trace statements, even in
code that's not related to the functional change.  Making this worse
was the fact that many "if" statements in this module didn't use
braces.  Since the tracing macros add multiple statements, many "if"
statements had to be converted to use braces.

* Excessive use of PATH_MAX.  Previous maintainers of this module
used PATH_MAX to allocate character arrays for filesystem paths
and SQL statements as though they cost nothing.  In fact, PATH_MAX
is defined as 4096 bytes!  Some functions had (and still have)
multiples of these.  One function has 7.  Given that the vast
majority of installations use the default spool directory path
`/var/spool/asterisk/voicemail`, the actual path length is usually
less than 80 bytes.  That's over 4000 bytes wasted.  It was the
same for SQL statement buffers.  A 4K buffer for statement that
only needed 60 bytes.  All of these PATH_MAX allocations in the
ODBC related code were changed to dynamically allocated buffers.
The rest will have to be addressed separately.

* Bug fixes.  During the development of this feature, several
pre-existing ODBC related bugs were discovered and fixed.  They
had to do with leaving orphaned files on disk, not preserving
original message ids when moving messages between folders,
not honoring the "formats" config parameter in certain circumstances,
etc.

UserNote: This commit adds a new voicemail.conf option
'odbc_audio_on_disk' which when set causes the ODBC variant of
app_voicemail_odbc to leave the message and greeting audio files
on disk and only store the message metadata in the database.
Much more information can be found in the voicemail.conf.sample
file.

(cherry picked from commit 1b3a73cb2489e2c8793dc1512821379fbe20ae29)

15 months agobridge_basic.c: Make sure that ast_bridge_channel is not destroyed while iterating...
Tinet-mucw [Fri, 14 Jun 2024 02:16:36 +0000 (19:16 -0700)] 
bridge_basic.c: Make sure that ast_bridge_channel is not destroyed while iterating over bridge->channels.
From the gdb information, we can see that while iterating over bridge->channels, the ast_bridge_channel reference count is 0, indicating it has already been destroyed.Additionally, when ast_bridge_channel is removed from bridge->channels, the bridge is first locked. Therefore, locking the bridge before iterating over bridge->channels can resolve the race condition.

Resolves: https://github.com/asterisk/asterisk/issues/768
(cherry picked from commit 68a9c5683a51d68a8ff1fd6697bb90e91a47378f)

15 months agoapp_queue: Add option to not log Restricted Caller ID to queue_log
Alexei Gradinari [Wed, 12 Jun 2024 21:18:05 +0000 (17:18 -0400)] 
app_queue:  Add option to not log Restricted Caller ID to queue_log

Add a queue option log-restricted-caller-id to strip the Caller ID when storing the ENTERQUEUE event
in the queue log if the Caller ID is restricted.

Resolves: #765

UpgradeNote: Add a new column to the queues table:
queue_log_option_log_restricted ENUM('0','1','off','on','false','true','no','yes')
to control whether the Restricted Caller ID will be stored in the queue log.

UserNote: Add a Queue option log-restricted-caller-id to control whether the Restricted Caller ID
will be stored in the queue log.
If log-restricted-caller-id=no then the Caller ID will be stripped if the Caller ID is restricted.

(cherry picked from commit 192a848311b0ddcedd3ce36cc00e2e26b092a0b0)

15 months agopbx.c: expand fields width of "core show hints"
Alexei Gradinari [Thu, 13 Jun 2024 16:09:08 +0000 (12:09 -0400)] 
pbx.c: expand fields width of "core show hints"

The current width for "extension" is 20 and "device state id" is 20, which is too small.
The "extension" field contains "ext"@"context", so 20 characters is not enough.
The "device state id" field, for example for Queue pause state contains Queue:"queue_name"_pause_PSJIP/"endpoint", so the 20 characters is not enough.

Increase the width of "extension" field to 30 characters and the width of the "device state id" field to 60 characters.

Resolves: #770

UserNote: The fields width of "core show hints" were increased.
The width of "extension" field to 30 characters and
the width of the "device state id" field to 60 characters.

(cherry picked from commit 8d7ee890476f16747a4717f8045fe8d106c6a606)

15 months agopjsip: Add PJSIP_PARSE_URI_FROM dialplan function.
Sean Bright [Sun, 2 Jun 2024 16:51:07 +0000 (12:51 -0400)] 
pjsip: Add PJSIP_PARSE_URI_FROM dialplan function.

Various SIP headers permit a URI to be prefaced with a `display-name`
production that can include characters (like commas and parentheses)
that are problematic for Asterisk's dialplan parser and, specifically
in the case of this patch, the PJSIP_PARSE_URI function.

This patch introduces a new function - `PJSIP_PARSE_URI_FROM` - that
behaves identically to `PJSIP_PARSE_URI` except that the first
argument is now a variable name and not a literal URI.

Fixes #756

(cherry picked from commit 78d63bc11c6a34de681b614384cb3d551b4f096c)

15 months agomanager.c: Properly terminate `CoreShowChannelMap` event.
Sean Bright [Mon, 10 Jun 2024 16:54:05 +0000 (12:54 -0400)] 
manager.c: Properly terminate `CoreShowChannelMap` event.

Fixes #761

(cherry picked from commit 7920e75da540ff72651ea0290a39ae449c07b318)

15 months agocli: Show configured cache dir
Bastian Triller [Fri, 7 Jun 2024 10:57:52 +0000 (12:57 +0200)] 
cli: Show configured cache dir

Since Asterisk 19 it is possible to cache recorded files into another
directory [1] [2].
Show configured location of cache dir in CLI's core show settings.

[1] ASTERISK-29143
[2] b08427134fd51bb549f198e9f60685f2680c68d7

(cherry picked from commit b56d50ba169e0241b8f5ff861afda0c1064eb2b1)

15 months agoxml.c: Update deprecated libxml2 API usage.
Sean Bright [Thu, 23 May 2024 14:23:03 +0000 (10:23 -0400)] 
xml.c: Update deprecated libxml2 API usage.

Two functions are deprecated as of libxml2 2.12:

  * xmlSubstituteEntitiesDefault
  * xmlParseMemory

So we update those with supported API.

Additionally, `res_calendar_caldav` has been updated to use libxml2's
xmlreader API instead of the SAX2 API which has always felt a little
hacky (see deleted comment block in `res_calendar_caldav.c`).

The xmlreader API has been around since libxml2 2.5.0 which was
released in 2003.

Fixes #725

(cherry picked from commit f9a359c5c58b9e928f0038b952c8277f164f9a32)

15 months agocdr_pgsql: Fix crash when the module fails to load multiple times.
chrsmj [Thu, 16 May 2024 20:12:51 +0000 (14:12 -0600)] 
cdr_pgsql: Fix crash when the module fails to load multiple times.

Missing or corrupt cdr_pgsql.conf configuration file can cause the
second attempt to load the PostgreSQL CDR module to crash Asterisk via
the Command Line Interface because a null CLI command is registered on
the first failed attempt to load the module.

Resolves: #736
(cherry picked from commit 735330bbd1a6290efdc7d1d69fe27d7e9083af37)

15 months agoasterisk.c: Don't log an error if .asterisk_history does not exist.
Sean Bright [Mon, 27 May 2024 13:43:12 +0000 (09:43 -0400)] 
asterisk.c: Don't log an error if .asterisk_history does not exist.

Fixes #751

(cherry picked from commit fa043c8239d3de8e3554dea56e75404d4ddbf42b)

15 months agochan_ooh323: Fix R/0 typo in docs
Walter Doekes [Mon, 27 May 2024 13:50:37 +0000 (15:50 +0200)] 
chan_ooh323: Fix R/0 typo in docs

Change-Id: I00d79a807dd0fea9e42fca919aa2fb0b71cdf20e
(cherry picked from commit f5a6ff5de500cd4845025588350a615cbf8eb608)

15 months agobundled_pjproject: Disable UPnP support.
Sean Bright [Fri, 24 May 2024 14:27:32 +0000 (10:27 -0400)] 
bundled_pjproject: Disable UPnP support.

Fixes #747

(cherry picked from commit 542cd37830f929d947453728518f8dc47dc3e50c)

15 months agofile.h: Rename function argument to avoid C++ keyword clash.
Sean Bright [Fri, 24 May 2024 14:32:09 +0000 (10:32 -0400)] 
file.h: Rename function argument to avoid C++ keyword clash.

Fixes #744

(cherry picked from commit d51a86dc91531d411b527e4af1116c76c7e4e66b)

15 months ago.github: Add branches to workflow_dispatch for NightlyTests
George Joseph [Tue, 14 May 2024 17:54:17 +0000 (11:54 -0600)] 
.github: Add branches to workflow_dispatch for NightlyTests

(cherry picked from commit 12b997312b8f9cf1d26a20b423fa4a43324adf6c)

15 months agortp_engine: add support for multirate RFC2833 digits
Mike Bradeen [Mon, 8 Apr 2024 17:00:14 +0000 (11:00 -0600)] 
rtp_engine: add support for multirate RFC2833 digits

Add RFC2833 DTMF support for 16K, 24K, and 32K bitrate codecs.

Asterisk currently treats RFC2833 Digits as a single rtp payload type
with a fixed bitrate of 8K.  This change would expand that to 8, 16,
24 and 32K.

This requires checking the offered rtp types for any of these bitrates
and then adding an offer for each (if configured for RFC2833.)  DTMF
generation must also be changed in order to look at the current outbound
codec in order to generate appropriately timed rtp.

For cases where no outgoing audio has yet been sent prior to digit
generation, Asterisk now has a concept of a 'preferred' codec based on
offer order.

On inbound calls Asterisk will mimic the payload types of the RFC2833
digits.

On outbound calls Asterisk will choose the next free payload types starting
with 101.

UserNote: No change in configuration is required in order to enable this
feature. Endpoints configured to use RFC2833 will automatically have this
enabled. If the endpoint does not support this, it should not include it in
the SDP offer/response.

Resolves: #699
(cherry picked from commit 624f509ce4c74df852269d6eddd93de678ec4d1b)

17 months agoUpdate for 21.3.1 21.3.1
Asterisk Development Team [Fri, 17 May 2024 16:49:46 +0000 (16:49 +0000)] 
Update for 21.3.1

17 months agoRevert "res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address."
George Joseph [Fri, 17 May 2024 14:04:40 +0000 (08:04 -0600)] 
Revert "res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address."

This reverts PR #602

Resolves: #GHSA-qqxj-v78h-hrf9

17 months agoUpdate for 21.3.0 21.3.0
Asterisk Development Team [Thu, 16 May 2024 12:54:43 +0000 (12:54 +0000)] 
Update for 21.3.0

17 months agoUpdate for 21.3.0-rc1 21.3.0-rc1
Asterisk Development Team [Thu, 9 May 2024 13:48:13 +0000 (13:48 +0000)] 
Update for 21.3.0-rc1

17 months agoconfigs: Fix a misleading IPv6 ACL example in Named ACLs
Ivan Poddubny [Sun, 5 May 2024 14:20:15 +0000 (16:20 +0200)] 
configs: Fix a misleading IPv6 ACL example in Named ACLs

"deny=::" is equivalent to "::/128".
In order to mean "deny everything by default" it must be "::/0".

(cherry picked from commit 685f525b286382e316da6a7d8f5ebeb03046f2c3)

17 months agoasterisk.c: Fix sending incorrect messages to systemd notify
Ivan Poddubny [Sun, 5 May 2024 12:53:11 +0000 (14:53 +0200)] 
asterisk.c: Fix sending incorrect messages to systemd notify

Send "RELOADING=1" instead of "RELOAD=1" to follow the format
expected by systemd (see sd_notify(3) man page).

Do not send STOPPING=1 in remote console mode:
attempting to execute "asterisk -rx" by the main process leads to
a warning if NotifyAccess=main (the default) or to a forced termination
if NotifyAccess=all.

(cherry picked from commit d3ff7c3eee6f1130b20e640f5fb60da7c797ebe1)

17 months agores/stasis/control.c: include signal.h
Fabrice Fontaine [Wed, 1 May 2024 14:50:50 +0000 (16:50 +0200)] 
res/stasis/control.c: include signal.h

Include signal.h to avoid the following build failure with uclibc-ng
raised since
https://github.com/asterisk/asterisk/commit/2694792e13c7f3ab1911c4a69fba0df32c544177:

stasis/control.c: In function 'exec_command_on_condition':
stasis/control.c:313:3: warning: implicit declaration of function 'pthread_kill'; did you mean 'pthread_yield'? [-Wimplicit-function-declaration]
  313 |   pthread_kill(control->control_thread, SIGURG);
      |   ^~~~~~~~~~~~
      |   pthread_yield
stasis/control.c:313:41: error: 'SIGURG' undeclared (first use in this function)
  313 |   pthread_kill(control->control_thread, SIGURG);
      |                                         ^~~~~~

cherry-pick-to: 18
cherry-pick-to: 20
cherry-pick-to: 21

Fixes: #729
(cherry picked from commit c47307567aca418ccaacf12c1e12c04776470a00)

17 months agores_pjsip_logger: Preserve logging state on reloads.
Naveen Albert [Wed, 9 Aug 2023 22:41:24 +0000 (22:41 +0000)] 
res_pjsip_logger: Preserve logging state on reloads.

Currently, reloading res_pjsip will cause logging
to be disabled. This is because logging can also
be controlled via the debug option in pjsip.conf
and this defaults to "no".

To improve this, logging is no longer disabled on
reloads if logging had not been previously
enabled using the debug option from the config.
This ensures that logging enabled from the CLI
will persist through a reload.

ASTERISK-29912 #close

Resolves: #246

UserNote: Issuing "pjsip reload" will no longer disable
logging if it was previously enabled from the CLI.

(cherry picked from commit 9fc596aaa77730bf5f45d84dcc3eeaddd7f11977)

17 months agologger: Add unique verbose prefixes for levels 5-10.
Naveen Albert [Sat, 27 Apr 2024 15:06:47 +0000 (11:06 -0400)] 
logger: Add unique verbose prefixes for levels 5-10.

Add unique verbose prefixes for levels higher than 4, so
that these can be visually differentiated from each other.

Resolves: #721
(cherry picked from commit 57bb09667d50dd2a7f7de5ae1ca38d35802c599e)

17 months agosay.c: Fix cents off-by-one due to floating point rounding.
Naveen Albert [Wed, 10 Jan 2024 13:26:05 +0000 (08:26 -0500)] 
say.c: Fix cents off-by-one due to floating point rounding.

Some of the money announcements can be off by one cent,
due to the use of floating point in the money calculations,
which is bad for obvious reasons.

This replaces floating point with simple string parsing
to ensure the cents value is converted accurately.

Resolves: #525
(cherry picked from commit 3a49f9ade55db1cd030c93e914dd56011ac79466)

17 months agoloader.c: Allow dependent modules to be unloaded recursively.
Naveen Albert [Sat, 2 Dec 2023 23:07:02 +0000 (18:07 -0500)] 
loader.c: Allow dependent modules to be unloaded recursively.

Because of the (often recursive) nature of module dependencies in
Asterisk, hot swapping a module on the fly is cumbersome if a module
is depended on by other modules. Currently, dependencies must be
popped manually by unloading dependents, unloading the module of
interest, and then loading modules again in reverse order.

To make this easier, the ability to do this recursively in certain
circumstances has been added, as an optional extension to the
"module refresh" command. If requested, Asterisk will check if a module
that has a positive usecount could be unloaded safely if anything
recursively dependent on it were unloaded. If so, it will go ahead
and unload all these modules and load them back again. This makes
hot swapping modules that provide dependencies much easier.

Resolves: #474

UserNote: In certain circumstances, modules with dependency relations
can have their dependents automatically recursively unloaded and loaded
again using the "module refresh" CLI command or the ModuleLoad AMI command.

(cherry picked from commit a056e94885747244a69fd114db5eb8dfc894cc06)

17 months agores_pjsip_sdp_rtp.c: Initial RTP inactivity check must consider the rtp_timeout setting.
Henrik Liljedahl [Thu, 11 Apr 2024 10:56:55 +0000 (12:56 +0200)] 
res_pjsip_sdp_rtp.c: Initial RTP inactivity check must consider the rtp_timeout setting.

First rtp activity check was performed after 500ms regardless of the rtp_timeout setting. Having a call in ringing state for more than rtp_timeout and the first rtp package is received more than 500ms after sdp negotiation and before the rtp_timeout, erronously caused the call to be hungup. Changed to perform the first rtp inactivity check after the timeout setting preventing calls to be disconnected before the rtp_timeout has elapsed since sdp negotiation.

Fixes #710

(cherry picked from commit 1423cfee29baac8460bb709907e4aab80de5bafb)

17 months agotcptls/iostream: Add support for setting SNI on client TLS connections
George Joseph [Tue, 23 Apr 2024 20:15:20 +0000 (14:15 -0600)] 
tcptls/iostream:  Add support for setting SNI on client TLS connections

If the hostname field of the ast_tcptls_session_args structure is
set (which it is for websocket client connections), that hostname
will now automatically be used in an SNI TLS extension in the client
hello.

Resolves: #713

UserNote: Secure websocket client connections now send SNI in
the TLS client hello.

(cherry picked from commit 4d6f84a14f3c5f151d722c8697d6f27c7a2d37ab)

17 months agostir_shaken: Fix memory leak, typo in config, tn canonicalization
George Joseph [Thu, 25 Apr 2024 17:56:15 +0000 (11:56 -0600)] 
stir_shaken:  Fix memory leak, typo in config, tn canonicalization

* Fixed possible memory leak in tn_config:tn_get_etn() where we
weren't releasing etn if tn or eprofile were null.
* We now canonicalize TNs before using them for lookups or adding
them to Identity headers.
* Fixed a typo in stir_shaken.conf.sample.

Resolves: #716
(cherry picked from commit b7ed77a7c5e2db6883e16d14a01d886dda1a0d8f)

17 months agomake_buildopts_h: Always include DETECT_DEADLOCKS
George Joseph [Sat, 27 Apr 2024 20:40:28 +0000 (14:40 -0600)] 
make_buildopts_h: Always include DETECT_DEADLOCKS

Since DETECT_DEADLOCKS is now split from DEBUG_THREADS, it must
always be included in buildopts.h instead of only when
ADD_CFLAGS_TO_BUILDOPTS_H is defined.  A SEGV will result otherwise.

Resolves: #719
(cherry picked from commit d1d80af0c0e26a4c4aa95578c2d88c35901c587d)

17 months agosorcery.c: Fixed crash error when executing "module reload"
Spiridonov Dmitry [Sun, 14 Apr 2024 12:41:47 +0000 (15:41 +0300)] 
sorcery.c: Fixed crash error when executing "module reload"

Fixed crash error when cli "module reload". The error appears when
compiling with res_prometheus and using the sorcery memory cache for
registrations

(cherry picked from commit b8525e87aeb11c780b0b5d4e8729258c77352fcb)

17 months agocallerid.c: Parse previously ignored Caller ID parameters.
Naveen Albert [Mon, 1 Apr 2024 21:16:29 +0000 (17:16 -0400)] 
callerid.c: Parse previously ignored Caller ID parameters.

Commit f2f397c1a8cc48913434ebb297f0ff50d96993db previously
made it possible to send Caller ID parameters to FXS stations
which, prior to that, could not be sent.

This change is complementary in that we now handle receiving
all these parameters on FXO lines and provide these up to
the dialplan, via chan_dahdi. In particular:

* If a redirecting reason is provided, the channel's redirecting
  reason is set. No redirecting number is set, since there is
  no parameter for this in the Caller ID protocol, but the reason
  can be checked to determine if and why a call was forwarded.
* If the Call Qualifier parameter is received, the Call Qualifier
  variable is set.
* Some comments have been added to explain why some of the code
  is the way it is, to assist other people looking at it.

With this change, Asterisk's Caller ID implementation is now
reasonably complete for both FXS and FXO operation.

Resolves: #681
(cherry picked from commit 4cf8d9d94a46b8b49498e8d15fde9f35dcb3a6d5)

17 months agologger.h: Add SCOPE_CALL and SCOPE_CALL_WITH_RESULT
George Joseph [Tue, 9 Apr 2024 20:49:36 +0000 (14:49 -0600)] 
logger.h:  Add SCOPE_CALL and SCOPE_CALL_WITH_RESULT

If you're tracing a large function that may call another function
multiple times in different circumstances, it can be difficult to
see from the trace output exactly which location that function
was called from.  There's no good way to automatically determine
the calling location.  SCOPE_CALL and SCOPE_CALL_WITH_RESULT
simply print out a trace line before and after the call.

The difference between SCOPE_CALL and SCOPE_CALL_WITH_RESULT is
that SCOPE_CALL ignores the function's return value (if any) where
SCOPE_CALL_WITH_RESULT allows you to specify the type of the
function's return value so it can be assigned to a variable.
SCOPE_CALL_WITH_INT_RESULT is just a wrapper for SCOPE_CALL_WITH_RESULT
and the "int" return type.

(cherry picked from commit cf5c46d8ae563c60ff6bf4348fcc0abd723031d6)

17 months agoapp_queue.c: Properly handle invalid strategies from realtime.
Sean Bright [Sat, 13 Apr 2024 17:30:22 +0000 (13:30 -0400)] 
app_queue.c: Properly handle invalid strategies from realtime.

The existing code sets the queue strategy to `ringall` but it is then
immediately overwritten with an invalid one.

Fixes #707

(cherry picked from commit 6914c93791062f8841e0062b5bab8fa6406f7bef)

17 months agofile.c, channel.c: Don't emit warnings if progress received.
Naveen Albert [Wed, 10 Apr 2024 00:01:36 +0000 (20:01 -0400)] 
file.c, channel.c: Don't emit warnings if progress received.

Silently ignore AST_CONTROL_PROGRESS where appropriate,
as most control frames already are.

Resolves: #696
(cherry picked from commit 051ddbe72955b95dd4e8c80fd091d1b305a736a3)

17 months agoalembic: Correct NULLability of PJSIP id columns.
Sean Bright [Sat, 6 Apr 2024 13:57:43 +0000 (09:57 -0400)] 
alembic: Correct NULLability of PJSIP id columns.

Fixes #695

(cherry picked from commit df6f30022f30dd787b10f5a71fa2789a6be1dee8)

17 months agortp_engine and stun: call ast_register_atexit instead of ast_register_cleanup
George Joseph [Tue, 2 Apr 2024 20:28:35 +0000 (14:28 -0600)] 
rtp_engine and stun: call ast_register_atexit instead of ast_register_cleanup

rtp_engine.c and stun.c were calling ast_register_cleanup which
is skipped if any loadable module can't be cleanly unloaded
when asterisk shuts down.  Since this will always be the case,
their cleanup functions never get run.  In a practical sense
this makes no difference since asterisk is shutting down but if
you're in development mode and trying to use the leak sanitizer,
the leaks from both of those modules clutter up the output.

(cherry picked from commit 1eec3b6d18f41334e263a9f69125ae08f5a445f9)

17 months agomanager.c: Add missing parameters to Login documentation
George Joseph [Wed, 3 Apr 2024 13:51:31 +0000 (07:51 -0600)] 
manager.c: Add missing parameters to Login documentation

* Added the AuthType and Key parameters for MD5 authentication.

* Added the Events parameter.

Resolves: #689
(cherry picked from commit b2bcc0cd09ac1c93ef4943013efed23d2c3236b3)

17 months agofunc_callerid: Emit warning if invalid redirecting reason set.
Naveen Albert [Mon, 1 Apr 2024 21:24:13 +0000 (17:24 -0400)] 
func_callerid: Emit warning if invalid redirecting reason set.

Emit a warning if REDIRECTING(reason) is set to an invalid
reason, consistent with what happens when
REDIRECTING(orig-reason) is set to an invalid reason.

Resolves: #683
(cherry picked from commit 9ba6875a3f7b55c0349deee3586b8747bfe43990)

17 months agochan_dahdi: Add DAHDIShowStatus AMI action.
Naveen Albert [Fri, 29 Mar 2024 14:46:18 +0000 (10:46 -0400)] 
chan_dahdi: Add DAHDIShowStatus AMI action.

* Add an AMI action to correspond to the "dahdi show status"
  command, allowing span information to be retrieved via AMI.
* Show span number and sig type in "dahdi show channels".

Resolves: #673
(cherry picked from commit 4ff93474dfa75d7ae219a4140305d181f0d59046)

17 months agores_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address.
Sperl Viktor [Thu, 28 Mar 2024 15:22:24 +0000 (16:22 +0100)] 
res_pjsip_endpoint_identifier_ip: Add endpoint identifier transport address.

Add a new identify_by option to res_pjsip_endpoint_identifier_ip
called 'transport' this matches endpoints based on the bound
ip address (local) instead of the 'ip' option, which matches on
the source ip address (remote).

UserNote: set identify_by=transport for the pjsip endpoint. Then
use the existing 'match' option and the new 'transport' option of
the identify.

Fixes: #672
(cherry picked from commit c8769f3d5a8b365d919030713982209516bac3b1)

17 months agores_stir_shaken: Fix compilation for CentOS7 (openssl 1.0.2)
George Joseph [Mon, 1 Apr 2024 20:10:32 +0000 (14:10 -0600)] 
res_stir_shaken:  Fix compilation for CentOS7 (openssl 1.0.2)

* OpenSSL 1.0.2 doesn't support X509_get0_pubkey so we now use
  X509_get_pubkey.  The difference is that X509_get_pubkey requires
  the caller to free the EVP_PKEY themselves so we now let
  RAII_VAR do that.
* OpenSSL 1.0.2 doesn't support upreffing an X509_STORE so we now
  wrap it in an ao2 object.
* OpenSSL 1.0.2 doesn't support X509_STORE_get0_objects to get all
  the certs from an X509_STORE and there's no easy way to polyfill
  it so the CLI commands that list profiles will show a "not
  supported" message instead of listing the certs in a store.

Resolves: #676
(cherry picked from commit 16b264d6a9cdeb4a85d225744b905ee58e184efc)

17 months agoFix incorrect application and function documentation references
George Joseph [Mon, 1 Apr 2024 12:30:54 +0000 (06:30 -0600)] 
Fix incorrect application and function documentation references

There were a few references in the embedded documentation XML
where the case didn't match or where the referenced app or function
simply didn't exist any more.  These were causing 404 responses
in docs.asterisk.org.

(cherry picked from commit 9e2179baa10de329f7626f6a43af2a365194ce85)

17 months agocli.c: `core show channels concise` is not really deprecated.
Sean Bright [Mon, 1 Apr 2024 15:08:59 +0000 (11:08 -0400)] 
cli.c: `core show channels concise` is not really deprecated.

Fixes #675

(cherry picked from commit 41daf01866dbbb45f4dd7b3e634b827255d44161)

17 months agores_pjsip_endpoint_identifier_ip: Endpoint identifier request URI
Sperl Viktor [Thu, 28 Mar 2024 13:20:26 +0000 (14:20 +0100)] 
res_pjsip_endpoint_identifier_ip: Endpoint identifier request URI

Add ability to match against PJSIP request URI.

UserNote: this new feature let users match endpoints based on the
indound SIP requests' URI. To do so, add 'request_uri' to the
endpoint's 'identify_by' option. The 'match_request_uri' option of
the identify can be an exact match for the entire request uri, or a
regular expression (between slashes). It's quite similar to the
header identifer.

Fixes: #599
(cherry picked from commit ac297d15f879816947195c5acb28b12bad9306a6)

17 months agochan_dahdi: Don't retry opening nonexistent channels on restart.
Naveen Albert [Tue, 26 Mar 2024 11:43:32 +0000 (07:43 -0400)] 
chan_dahdi: Don't retry opening nonexistent channels on restart.

Commit 729cb1d390b136ccc696430aa5c68d60ea4028be added logic to retry
opening DAHDI channels on "dahdi restart" if they failed initially,
up to 1,000 times in a loop, to address cases where the channel was
still in use. However, this retry loop does not use the actual error,
which means chan_dahdi will also retry opening nonexistent channels
1,000 times per channel, causing a flood of unnecessary warning logs
for an operation that will never succeed, with tens or hundreds of
thousands of open attempts being made.

The original patch would have been more targeted if it only retried
on the specific relevant error (likely EBUSY, although it's hard to
say since the original issue is no longer available).

To avoid the problem above while avoiding the possibility of breakage,
this skips the retry logic if the error is ENXIO (No such device or
address), since this will never succeed.

Resolves: #669
(cherry picked from commit 63aa08fa0b3e30e8d2f1406936c740bf5a5bf539)

17 months agoImplement Configurable TCP Keepalive Settings in PJSIP Transports
Joshua Elson [Mon, 18 Mar 2024 19:14:36 +0000 (15:14 -0400)] 
Implement Configurable TCP Keepalive Settings in PJSIP Transports

This commit introduces configurable TCP keepalive settings for both TCP and TLS transports. The changes allow for finer control over TCP connection keepalives, enhancing stability and reliability in environments prone to connection timeouts or where intermediate devices may prematurely close idle connections. This has proven necessary and has already been tested in production in several specialized environments where access to the underlying transport is unreliable in ways invisible to the operating system directly, so these keepalive and timeout mechanisms are necessary.

Fixes #657

(cherry picked from commit 555eb9d3d2bf9b3afac18a81d1da67fae8651e08)