[ipfire-2.x.git] / src / patches / asterisk-1.2.4-iax2-bristuff-0.3.0-PRE-1l.patch

diff -urN asterisk-1.2.4/channels/chan_iax2.c asterisk-1.2.4.carrier/channels/chan_iax2.c
--- asterisk-1.2.4/channels/chan_iax2.c	2006-01-31 09:41:43.000000000 +0100
+++ asterisk-1.2.4.carrier/channels/chan_iax2.c	2006-02-08 09:49:45.000000000 +0100
@@ -179,6 +179,8 @@
 static struct ast_netsock_list *netsock;
 static int defaultsockfd = -1;
 
+static char servername[80];
+
 static int usecnt;
 AST_MUTEX_DEFINE_STATIC(usecnt_lock);
 
@@ -232,6 +234,10 @@
 
 static pthread_t netthreadid = AST_PTHREADT_NULL;
 
+static pthread_t regthreadid = AST_PTHREADT_NULL;
+
+static pthread_t auththreadid = AST_PTHREADT_NULL;
+
 enum {
 	IAX_STATE_STARTED = 		(1 << 0),
 	IAX_STATE_AUTHENTICATED = 	(1 << 1),
@@ -606,6 +612,25 @@
 	ast_mutex_t lock;
 } iaxq;
 
+typedef struct iax_auth_frame {
+	struct iax_auth_frame *prev;
+	struct iax_auth_frame *next;
+	struct iax_frame *frame;
+	struct sockaddr_in sin;
+	int fd;
+	int subclass;
+	struct iax_ies ies;
+	unsigned char iebuf[4096];
+} iax_auth_frame;
+
+static struct ast_iax2_auth_queue {
+	struct iax_auth_frame *head;
+	struct iax_auth_frame *tail;
+	int count;
+	ast_cond_t cond;
+	ast_mutex_t lock;
+} callq, regq;
+
 static struct ast_user_list {
 	struct iax2_user *users;
 	ast_mutex_t lock;
@@ -712,6 +737,8 @@
 static struct chan_iax2_pvt *iaxs[IAX_MAX_CALLS];
 static ast_mutex_t iaxsl[IAX_MAX_CALLS];
 static struct timeval lastused[IAX_MAX_CALLS];
+/* some packets have been queued for asynchronous processing */
+static int iaxs_queued[IAX_MAX_CALLS];
 
 
 static int send_command(struct chan_iax2_pvt *, char, int, unsigned int, const unsigned char *, int, int);
@@ -798,11 +825,12 @@
 static int send_lagrq(void *data)
 {
 	int callno = (long)data;
-	/* Ping only if it's real not if it's bridged */
+	/* Ping only if it's real not if it's bridged (and not if it's queued!)*/
 	if (iaxs[callno]) {
 #ifdef BRIDGE_OPTIMIZATION
 		if (!iaxs[callno]->bridgecallno)
 #endif		
+		    if (!iaxs_queued[callno])
 			send_command(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_LAGRQ, 0, NULL, 0, -1);
 		return 1;
 	} else
@@ -1070,8 +1098,9 @@
 		}
 	}
 	if ((res < 1) && (new >= NEW_ALLOW)) {
-		if (!iax2_getpeername(*sin, host, sizeof(host), lockpeer))
-			snprintf(host, sizeof(host), "%s:%d", ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr), ntohs(sin->sin_port));
+		/* We are NOT calling iax2_getpeernme() here, because it WILL BLOCK when using realtime.
+		   Instead we will overwrite the host filed in the iax_pvt for each new call or registration. */
+		snprintf(host, sizeof(host), "%s:%d", ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr), ntohs(sin->sin_port));
 		gettimeofday(&now, NULL);
 		for (x=1;x<TRUNK_CALL_START;x++) {
 			/* Find first unused call number that hasn't been used in a while */
@@ -1141,6 +1170,58 @@
 	return 0;
 }
 
+static int iax2_queue_auth_frame(struct ast_iax2_auth_queue *authq, int subclass, struct iax_frame *ifr, unsigned char *buf, unsigned char *iebuf, int iebuflen, struct sockaddr_in *sin, int fd, int maydrop)
+{
+	struct iax_auth_frame *fr = NULL;
+	/* 
+	    ok, we get here with the iaxsl[callno] still locked. 
+	    in any case we have to unlock it before returning.
+	*/
+	
+	if (!authq || !ifr || !ifr->callno) return 1;	    
+    
+	fr = malloc(sizeof(struct iax_auth_frame));
+	if (!fr) {
+	    ast_log(LOG_ERROR, "Unable to malloc!\n");
+	    return 1;
+	}
+	memset(fr,0,sizeof(fr));
+	fr->next = NULL;
+	fr->prev = NULL;
+	fr->frame = ifr;
+	fr->subclass = subclass;
+	fr->fd = fd;
+	memcpy(fr->iebuf, iebuf, iebuflen);
+	if (iebuflen)
+	    iax_parse_ies(&fr->ies, fr->iebuf, iebuflen);
+	memcpy(&fr->sin, sin, sizeof(struct sockaddr_in));
+	ast_mutex_lock(&authq->lock);
+	if (maydrop && (authq->count > 5000)) {
+	    ast_mutex_unlock(&authq->lock);
+	    ast_mutex_unlock(&iaxsl[ifr->callno]);
+	    free(fr);
+	    if (option_verbose > 5)
+		ast_log(LOG_WARNING, "Queue too long, not queueing frame.\n");
+	    return -1;
+	}
+	if (!authq->head) {
+		/* Empty queue */
+		authq->head = fr;
+		authq->tail = fr;
+	} else {
+		/* Double link */
+		authq->tail->next = fr;
+		fr->prev = authq->tail;
+		authq->tail = fr;
+	}
+	iaxs_queued[ifr->callno]++;
+	authq->count++;
+	ast_mutex_unlock(&iaxsl[ifr->callno]);
+	ast_cond_signal(&authq->cond);
+	ast_mutex_unlock(&authq->lock);
+	return 0;
+}
+
 static void destroy_firmware(struct iax_firmware *cur)
 {
 	/* Close firmware */
@@ -1713,8 +1794,10 @@
 						/* Transfer timeout */
 						send_command(iaxs[f->callno], AST_FRAME_IAX, IAX_COMMAND_TXREJ, 0, NULL, 0, -1);
 					} else if (f->final) {
-						if (f->final) 
+						if (!iaxs_queued[f->callno]) {
+						    if (f->final) 
 							iax2_destroy_nolock(f->callno);
+						}
 					} else {
 						if (iaxs[f->callno]->owner)
 							ast_log(LOG_WARNING, "Max retries exceeded to host %s on %s (type = %d, subclass = %d, ts=%d, seqno=%d)\n", ast_inet_ntoa(iabuf, sizeof(iabuf), iaxs[f->callno]->addr.sin_addr),iaxs[f->callno]->owner->name , f->af.frametype, f->af.subclass, f->ts, f->oseqno);
@@ -1729,12 +1812,14 @@
 							if (iaxs[f->callno]->owner)
 								iaxs[f->callno]->owner->hangupcause = AST_CAUSE_DESTINATION_OUT_OF_ORDER;
 						} else {
-							if (iaxs[f->callno]->reg) {
+							if (!iaxs_queued[f->callno]) {
+							    if (iaxs[f->callno]->reg) {
 								memset(&iaxs[f->callno]->reg->us, 0, sizeof(iaxs[f->callno]->reg->us));
 								iaxs[f->callno]->reg->regstate = REG_STATE_TIMEOUT;
 								iaxs[f->callno]->reg->refresh = IAX_DEFAULT_REG_EXPIRE;
+							    }
+							    iax2_destroy_nolock(f->callno);
 							}
-							iax2_destroy_nolock(f->callno);
 						}
 					}
 
@@ -2706,6 +2791,8 @@
 	snprintf(regseconds, sizeof(regseconds), "%d", (int)nowtime);
 	ast_inet_ntoa(ipaddr, sizeof(ipaddr), sin->sin_addr);
 	snprintf(port, sizeof(port), "%d", ntohs(sin->sin_port));
+//	the following line is commented out for compatibility
+//	ast_update_realtime("iaxpeers", "name", peername, "ipaddr", ipaddr, "port", port, "regseconds", regseconds, "servername", servername, NULL);
 	ast_update_realtime("iaxpeers", "name", peername, "ipaddr", ipaddr, "port", port, "regseconds", regseconds, NULL);
 }
 
@@ -5034,16 +5121,17 @@
 	}
 	/* We release the lock for the call to prevent a deadlock, but it's okay because
 	   only the current thread could possibly make it go away or make changes */
-	ast_mutex_unlock(&iaxsl[callno]);
+//	ast_mutex_unlock(&iaxsl[callno]);
 	/* SLD: first call to lookup peer during registration */
 	p = find_peer(peer, 1);
-	ast_mutex_lock(&iaxsl[callno]);
-
+//	ast_mutex_lock(&iaxsl[callno]);
 	if (!p) {
 		if (authdebug)
 			ast_log(LOG_NOTICE, "No registration for peer '%s' (from %s)\n", peer, ast_inet_ntoa(iabuf, sizeof(iabuf), sin->sin_addr));
 		return -1;
 	}
+	/* set the host name here. instead of doing it in find_callno() */
+	ast_copy_string(iaxs[callno]->host, p->name, sizeof(iaxs[callno]->host));
 
 	if (!ast_test_flag(p, IAX_DYNAMIC)) {
 		if (authdebug)
@@ -5677,11 +5765,13 @@
 	if (!refresh)
 		refresh = min_reg_expire;
 	if (refresh > max_reg_expire) {
-		ast_log(LOG_NOTICE, "Restricting registration for peer '%s' to %d seconds (requested %d)\n",
+		if (option_verbose > 5)
+	    	    ast_log(LOG_NOTICE, "Restricting registration for peer '%s' to %d seconds (requested %d)\n",
 			p->name, max_reg_expire, refresh);
 		p->expiry = max_reg_expire;
 	} else if (refresh < min_reg_expire) {
-		ast_log(LOG_NOTICE, "Restricting registration for peer '%s' to %d seconds (requested %d)\n",
+		if (option_verbose > 5)
+		    ast_log(LOG_NOTICE, "Restricting registration for peer '%s' to %d seconds (requested %d)\n",
 			p->name, min_reg_expire, refresh);
 		p->expiry = min_reg_expire;
 	} else {
@@ -5720,6 +5810,7 @@
 		iax_ie_append_short(&ied, IAX_IE_FIRMWAREVER, version);
 	if (ast_test_flag(p, IAX_TEMPONLY))
 		destroy_peer(p);
+	ast_mutex_lock(&iaxsl[callno]);
 	return send_command_final(iaxs[callno], AST_FRAME_IAX, IAX_COMMAND_REGACK, 0, ied.buf, ied.pos, -1);
 }
 
@@ -6279,6 +6370,8 @@
 	struct timeval rxtrunktime;
 	struct iax_ies ies;
 	struct iax_ie_data ied0, ied1;
+	unsigned char iebuf[4096]; 
+	int iebuflen = 0;
 	int format;
 	int exists;
 	int minivid = 0;
@@ -6609,9 +6702,11 @@
 							cur->retries = -1;
 							/* Destroy call if this is the end */
 							if (cur->final) { 
-								if (iaxdebug && option_debug)
+								if (!iaxs_queued[fr.callno]) {
+								    if (iaxdebug && option_debug)
 									ast_log(LOG_DEBUG, "Really destroying %d, having been acked on final message\n", fr.callno);
-								iax2_destroy_nolock(fr.callno);
+								    iax2_destroy_nolock(fr.callno);
+								}
 							}
 						}
 					}
@@ -6639,6 +6734,8 @@
 
 		if (f.datalen) {
 			if (f.frametype == AST_FRAME_IAX) {
+				memcpy(iebuf, buf + sizeof(struct ast_iax2_full_hdr), f.datalen);
+				iebuflen = f.datalen;
 				if (iax_parse_ies(&ies, buf + sizeof(struct ast_iax2_full_hdr), f.datalen)) {
 					ast_log(LOG_WARNING, "Undecodable frame received from '%s'\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr));
 					ast_mutex_unlock(&iaxsl[fr.callno]);
@@ -6772,166 +6869,11 @@
 					break;
 				if (ies.provverpres && ies.serviceident && sin.sin_addr.s_addr)
 					check_provisioning(&sin, fd, ies.serviceident, ies.provver);
-				/* If we're in trunk mode, do it now, and update the trunk number in our frame before continuing */
-				if (ast_test_flag(iaxs[fr.callno], IAX_TRUNK)) {
-					fr.callno = make_trunk(fr.callno, 1);
-				}
 				/* For security, always ack immediately */
 				if (delayreject)
 					send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
-				if (check_access(fr.callno, &sin, &ies)) {
-					/* They're not allowed on */
-					auth_fail(fr.callno, IAX_COMMAND_REJECT);
-					if (authdebug)
-						ast_log(LOG_NOTICE, "Rejected connect attempt from %s, who was trying to reach '%s@%s'\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), iaxs[fr.callno]->exten, iaxs[fr.callno]->context);
-					break;
-				}
-				/* This might re-enter the IAX code and need the lock */
-				if (strcasecmp(iaxs[fr.callno]->exten, "TBD")) {
-					ast_mutex_unlock(&iaxsl[fr.callno]);
-					exists = ast_exists_extension(NULL, iaxs[fr.callno]->context, iaxs[fr.callno]->exten, 1, iaxs[fr.callno]->cid_num);
-					ast_mutex_lock(&iaxsl[fr.callno]);
-				} else
-					exists = 0;
-				if (ast_strlen_zero(iaxs[fr.callno]->secret) && ast_strlen_zero(iaxs[fr.callno]->inkeys)) {
-					if (strcmp(iaxs[fr.callno]->exten, "TBD") && !exists) {
-						memset(&ied0, 0, sizeof(ied0));
-						iax_ie_append_str(&ied0, IAX_IE_CAUSE, "No such context/extension");
-						iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_NO_ROUTE_DESTINATION);
-						send_command_final(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
-						if (authdebug)
-							ast_log(LOG_NOTICE, "Rejected connect attempt from %s, request '%s@%s' does not exist\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), iaxs[fr.callno]->exten, iaxs[fr.callno]->context);
-					} else {
-						/* Select an appropriate format */
-
-						if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOPREFS)) {
-							if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOCAP)) {
-								using_prefs = "reqonly";
-							} else {
-								using_prefs = "disabled";
-							}
-							format = iaxs[fr.callno]->peerformat & iaxs[fr.callno]->capability;
-							memset(&pref, 0, sizeof(pref));
-							strcpy(caller_pref_buf, "disabled");
-							strcpy(host_pref_buf, "disabled");
-						} else {
-							using_prefs = "mine";
-							if(ies.codec_prefs) {
-								ast_codec_pref_convert(&rpref, ies.codec_prefs, 32, 0);
-								/* If we are codec_first_choice we let the caller have the 1st shot at picking the codec.*/
-								if (ast_test_flag(iaxs[fr.callno], IAX_CODEC_USER_FIRST)) {
-									pref = rpref;
-									using_prefs = "caller";
-								} else {
-									pref = iaxs[fr.callno]->prefs;
-								}
-							} else
-								pref = iaxs[fr.callno]->prefs;
-						
-							format = ast_codec_choose(&pref, iaxs[fr.callno]->capability & iaxs[fr.callno]->peercapability, 0);
-							ast_codec_pref_string(&rpref, caller_pref_buf, sizeof(caller_pref_buf) - 1);
-							ast_codec_pref_string(&iaxs[fr.callno]->prefs, host_pref_buf, sizeof(host_pref_buf) - 1);
-						}
-						if (!format) {
-							if(!ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOCAP))
-								format = iaxs[fr.callno]->peercapability & iaxs[fr.callno]->capability;
-							if (!format) {
-								memset(&ied0, 0, sizeof(ied0));
-								iax_ie_append_str(&ied0, IAX_IE_CAUSE, "Unable to negotiate codec");
-								iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_BEARERCAPABILITY_NOTAVAIL);
-								send_command_final(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
-								if (authdebug) {
-									if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOCAP))
-										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested 0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), iaxs[fr.callno]->peerformat, iaxs[fr.callno]->capability);
-									else 
-										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested/capability 0x%x/0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), iaxs[fr.callno]->peerformat, iaxs[fr.callno]->peercapability, iaxs[fr.callno]->capability);
-								}
-							} else {
-								/* Pick one... */
-								if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOCAP)) {
-									if(!(iaxs[fr.callno]->peerformat & iaxs[fr.callno]->capability))
-										format = 0;
-								} else {
-									if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOPREFS)) {
-										using_prefs = ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOCAP) ? "reqonly" : "disabled";
-										memset(&pref, 0, sizeof(pref));
-										format = ast_best_codec(iaxs[fr.callno]->peercapability & iaxs[fr.callno]->capability);
-										strcpy(caller_pref_buf,"disabled");
-										strcpy(host_pref_buf,"disabled");
-									} else {
-										using_prefs = "mine";
-										if(ies.codec_prefs) {
-											/* Do the opposite of what we tried above. */
-											if (ast_test_flag(iaxs[fr.callno], IAX_CODEC_USER_FIRST)) {
-												pref = iaxs[fr.callno]->prefs;								
-											} else {
-												pref = rpref;
-												using_prefs = "caller";
-											}
-											format = ast_codec_choose(&pref, iaxs[fr.callno]->peercapability & iaxs[fr.callno]->capability, 1);
-									
-										} else /* if no codec_prefs IE do it the old way */
-											format = ast_best_codec(iaxs[fr.callno]->peercapability & iaxs[fr.callno]->capability);	
-									}
-								}
-
-								if (!format) {
-									memset(&ied0, 0, sizeof(ied0));
-									iax_ie_append_str(&ied0, IAX_IE_CAUSE, "Unable to negotiate codec");
-									iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_BEARERCAPABILITY_NOTAVAIL);
-									ast_log(LOG_ERROR, "No best format in 0x%x???\n", iaxs[fr.callno]->peercapability & iaxs[fr.callno]->capability);
-									send_command_final(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
-									if (authdebug)
-										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested/capability 0x%x/0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), iaxs[fr.callno]->peerformat, iaxs[fr.callno]->peercapability, iaxs[fr.callno]->capability);
-									ast_set_flag(iaxs[fr.callno], IAX_ALREADYGONE);	
-									break;
-								}
-							}
-						}
-						if (format) {
-							/* No authentication required, let them in */
-							memset(&ied1, 0, sizeof(ied1));
-							iax_ie_append_int(&ied1, IAX_IE_FORMAT, format);
-							send_command(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACCEPT, 0, ied1.buf, ied1.pos, -1);
-							if (strcmp(iaxs[fr.callno]->exten, "TBD")) {
-								ast_set_flag(&iaxs[fr.callno]->state, IAX_STATE_STARTED);
-								if (option_verbose > 2) 
-									ast_verbose(VERBOSE_PREFIX_3 "Accepting UNAUTHENTICATED call from %s:\n"
-												"%srequested format = %s,\n"
-												"%srequested prefs = %s,\n"
-												"%sactual format = %s,\n"
-												"%shost prefs = %s,\n"
-												"%spriority = %s\n",
-												ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), 
-												VERBOSE_PREFIX_4,
-												ast_getformatname(iaxs[fr.callno]->peerformat), 
-												VERBOSE_PREFIX_4,
-												caller_pref_buf,
-												VERBOSE_PREFIX_4,
-												ast_getformatname(format), 
-												VERBOSE_PREFIX_4,
-												host_pref_buf, 
-												VERBOSE_PREFIX_4,
-												using_prefs);
-								
-								if(!(c = ast_iax2_new(fr.callno, AST_STATE_RING, format)))
-									iax2_destroy_nolock(fr.callno);
-							} else {
-								ast_set_flag(&iaxs[fr.callno]->state, IAX_STATE_TBD);
-								/* If this is a TBD call, we're ready but now what...  */
-								if (option_verbose > 2)
-									ast_verbose(VERBOSE_PREFIX_3 "Accepted unauthenticated TBD call from %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr));
-							}
-						}
-					}
-					break;
-				}
-				if (iaxs[fr.callno]->authmethods & IAX_AUTH_MD5)
-					merge_encryption(iaxs[fr.callno],ies.encmethods);
-				else
-					iaxs[fr.callno]->encmethods = 0;
-				authenticate_request(iaxs[fr.callno]);
-				ast_set_flag(&iaxs[fr.callno]->state, IAX_STATE_AUTHENTICATED);
+				fr.af.datalen = 0;
+				iax2_queue_auth_frame(&callq, f.subclass, iaxfrdup2(&fr), buf, iebuf, iebuflen, &sin, fd, 0);
 				break;
 			case IAX_COMMAND_DPREQ:
 				/* Request status in the dialplan */
@@ -6947,14 +6889,22 @@
 				}
 				break;
 			case IAX_COMMAND_HANGUP:
-				ast_set_flag(iaxs[fr.callno], IAX_ALREADYGONE);
-				ast_log(LOG_DEBUG, "Immediately destroying %d, having received hangup\n", fr.callno);
-				/* Set hangup cause according to remote */
-				if (ies.causecode && iaxs[fr.callno]->owner)
-					iaxs[fr.callno]->owner->hangupcause = ies.causecode;
-				/* Send ack immediately, before we destroy */
-				send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
-				iax2_destroy_nolock(fr.callno);
+				if (iaxs_queued[fr.callno]) {
+				    /* there is something queued, maybe the call has not been authorized yet. */
+				    /* Send ack immediately, before we destroy */
+				    send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
+				    fr.af.datalen = 0;
+				    iax2_queue_auth_frame(&callq, f.subclass, iaxfrdup2(&fr), buf, iebuf, iebuflen, &sin, fd, 0);
+				} else {
+				    ast_set_flag(iaxs[fr.callno], IAX_ALREADYGONE);
+				    ast_log(LOG_DEBUG, "Immediately destroying %d, having received hangup\n", fr.callno);
+				    /* Set hangup cause according to remote */
+				    if (ies.causecode && iaxs[fr.callno]->owner)
+					    iaxs[fr.callno]->owner->hangupcause = ies.causecode;
+				    /* Send ack immediately, before we destroy */
+				    send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
+				    iax2_destroy_nolock(fr.callno);
+				}
 				break;
 			case IAX_COMMAND_REJECT:
 				memset(&f, 0, sizeof(f));
@@ -7183,31 +7133,36 @@
 				/* For security, always ack immediately */
 				if (delayreject)
 					send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
-				/* Ignore once we've started */
-				if (ast_test_flag(&iaxs[fr.callno]->state, IAX_STATE_STARTED | IAX_STATE_TBD)) {
+				if (iaxs_queued[fr.callno]) {
+				    /* there is something queued, take the same path  */
+				    fr.af.datalen = 0;
+				    iax2_queue_auth_frame(&callq, f.subclass, iaxfrdup2(&fr), buf, iebuf, iebuflen, &sin, fd, 0);
+				} else {
+				    /* Ignore once we've started */
+				    if (ast_test_flag(&iaxs[fr.callno]->state, IAX_STATE_STARTED | IAX_STATE_TBD)) {
 					ast_log(LOG_WARNING, "Call on %s is already up, can't start on it\n", iaxs[fr.callno]->owner ? iaxs[fr.callno]->owner->name : "<Unknown>");
 					break;
-				}
-				if (authenticate_verify(iaxs[fr.callno], &ies)) {
+				    }
+				    if (authenticate_verify(iaxs[fr.callno], &ies)) {
 					if (authdebug)
 						ast_log(LOG_NOTICE, "Host %s failed to authenticate as %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), iaxs[fr.callno]->addr.sin_addr), iaxs[fr.callno]->username);
 					memset(&ied0, 0, sizeof(ied0));
 					auth_fail(fr.callno, IAX_COMMAND_REJECT);
 					break;
-				}
-				if (strcasecmp(iaxs[fr.callno]->exten, "TBD")) {
+				    }
+				    if (strcasecmp(iaxs[fr.callno]->exten, "TBD")) {
 					/* This might re-enter the IAX code and need the lock */
 					exists = ast_exists_extension(NULL, iaxs[fr.callno]->context, iaxs[fr.callno]->exten, 1, iaxs[fr.callno]->cid_num);
-				} else
+				    } else
 					exists = 0;
-				if (strcmp(iaxs[fr.callno]->exten, "TBD") && !exists) {
+				    if (strcmp(iaxs[fr.callno]->exten, "TBD") && !exists) {
 					if (authdebug)
 						ast_log(LOG_NOTICE, "Rejected connect attempt from %s, request '%s@%s' does not exist\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr), iaxs[fr.callno]->exten, iaxs[fr.callno]->context);
 					memset(&ied0, 0, sizeof(ied0));
 					iax_ie_append_str(&ied0, IAX_IE_CAUSE, "No such context/extension");
 					iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_NO_ROUTE_DESTINATION);
 					send_command_final(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
-				} else {
+				    } else {
 					/* Select an appropriate format */
 					if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOPREFS)) {
 						if(ast_test_flag(iaxs[fr.callno], IAX_CODEC_NOCAP)) {
@@ -7332,6 +7287,7 @@
 								ast_verbose(VERBOSE_PREFIX_3 "Accepted AUTHENTICATED TBD call from %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), sin.sin_addr));
 						}
 					}
+				    }
 				}
 				break;
 			case IAX_COMMAND_DIAL:
@@ -7357,11 +7313,16 @@
 				}
 				break;
 			case IAX_COMMAND_INVAL:
-				iaxs[fr.callno]->error = ENOTCONN;
-				ast_log(LOG_DEBUG, "Immediately destroying %d, having received INVAL\n", fr.callno);
-				iax2_destroy_nolock(fr.callno);
-				if (option_debug)
+				if (iaxs_queued[fr.callno]) {
+				    fr.af.datalen = 0;
+				    iax2_queue_auth_frame(&callq, f.subclass, iaxfrdup2(&fr), buf, iebuf, iebuflen, &sin, fd, 0);
+				} else {
+				    iaxs[fr.callno]->error = ENOTCONN;
+				    ast_log(LOG_DEBUG, "Immediately destroying %d, having received INVAL\n", fr.callno);
+				    iax2_destroy_nolock(fr.callno);
+				    if (option_debug)
 					ast_log(LOG_DEBUG, "Destroying call %d\n", fr.callno);
+				}
 				break;
 			case IAX_COMMAND_VNAK:
 				ast_log(LOG_DEBUG, "Received VNAK: resending outstanding frames\n");
@@ -7373,21 +7334,11 @@
 				/* For security, always ack immediately */
 				if (delayreject)
 					send_command_immediate(iaxs[fr.callno], AST_FRAME_IAX, IAX_COMMAND_ACK, fr.ts, NULL, 0,fr.iseqno);
-				if (register_verify(fr.callno, &sin, &ies)) {
-					/* Send delayed failure */
-					auth_fail(fr.callno, IAX_COMMAND_REGREJ);
-					break;
-				}
-				if ((ast_strlen_zero(iaxs[fr.callno]->secret) && ast_strlen_zero(iaxs[fr.callno]->inkeys)) || ast_test_flag(&iaxs[fr.callno]->state, IAX_STATE_AUTHENTICATED)) {
-					if (f.subclass == IAX_COMMAND_REGREL)
-						memset(&sin, 0, sizeof(sin));
-					if (update_registry(iaxs[fr.callno]->peer, &sin, fr.callno, ies.devicetype, fd, ies.refresh))
-						ast_log(LOG_WARNING, "Registry error\n");
-					if (ies.provverpres && ies.serviceident && sin.sin_addr.s_addr)
-						check_provisioning(&sin, fd, ies.serviceident, ies.provver);
-					break;
+				fr.af.datalen = 0;
+				if (iax2_queue_auth_frame(&regq, f.subclass, iaxfrdup2(&fr), buf, iebuf, iebuflen, &sin, fd, 1)) {
+				    /* queueing failed due to a full queue */
+				    iax2_destroy_nolock(fr.callno);
 				}
-				registry_authrequest(iaxs[fr.callno]->peer, fr.callno);
 				break;
 			case IAX_COMMAND_REGACK:
 				if (iax2_ack_registry(&ies, &sin, fr.callno)) 
@@ -7989,6 +7940,478 @@
 	return ast_pthread_create(&netthreadid, NULL, network_thread, NULL);
 }
 
+struct iax_auth_frame *iax2_get_next_auth_frame(struct ast_iax2_auth_queue *authq) {
+	struct iax_auth_frame *frame = NULL;
+
+	/* sleep until the network_thread queues us a frame, then grab it and release the lock A.S.A.P. */
+	ast_mutex_lock(&authq->lock);
+	if (authq->count == 0) 
+		ast_cond_wait(&authq->cond, &authq->lock);
+	frame = authq->head;
+	if (frame) {
+	    if (frame->next) {
+//		frame->next->prev = NULL;
+		authq->head = frame->next;
+	    } else {
+		authq->head = NULL;
+		authq->tail = NULL;
+	    }
+	    authq->count--;
+	} else {
+	    ast_log(LOG_ERROR, "I SHOULD NEVER HAPPEN! EXPECT SOME MAJOR KABOOM! DUCK AND COVER!\n");
+	}
+	ast_mutex_unlock(&authq->lock);
+	return frame;
+}
+
+
+void *auth_thread(void *data)
+{
+	/* 
+	    The network_thread queues iax_frames into our queue and wakes us up.
+	    We will authenticate IAX_COMMAND_NEWs and IAX_COMMAND_REGREQs.
+
+	    We also have to process IAX_COMMAND_HANGUP when somebody hangs up a call
+	    before it has been authorized!
+
+	    If ever possible we shall not lock any iaxsl[...].
+	*/
+	struct ast_iax2_auth_queue *authq = (struct ast_iax2_auth_queue *)data;
+	struct iax_frame *ifr;
+	struct iax_auth_frame *fr;
+	struct iax_ies *ies;
+	struct iax_ie_data ied0, ied1;
+	struct ast_channel *c;
+	char iabuf[INET_ADDRSTRLEN];
+	int exists;
+	int format;
+	int dequeued = 0;
+	char host_pref_buf[128];
+	char caller_pref_buf[128];
+	struct ast_codec_pref pref,rpref;
+	char *using_prefs = "mine";
+
+	if (!authq) {
+	    ast_log(LOG_ERROR, "no queue!\n");
+	    return NULL;
+	}
+
+	for(;;) {
+	    fr = iax2_get_next_auth_frame(authq);
+	    ifr = fr->frame;
+	    ies = &fr->ies;
+		if (ifr) {
+		    if (ifr->callno > 0) {
+			/* we will not lock iaxsl[ifr->callno], instead we will haveset a flag in iaxs_queued[ifr->callno]. 
+			   if this flag is set the socket_read thread may not touch iaxs[ifr->callno]. instead of
+			   processing the incoming packets there it has to queue them to us!
+			   This should only happen with IAX_COMMAND_HANGUP when hanging up a not-yet-established call.
+
+			   However we will try to deliver audio frames in socket_read. If we get audio data for call
+			   whos signalling frames have been queued we should be safe to just drop them.
+			   
+			   When we really want to destroy something we will aquire the lock first.
+			*/
+			switch(fr->subclass) {
+			    case IAX_COMMAND_NEW:
+				iax2_getpeername(fr->sin, iaxs[ifr->callno]->host, sizeof(iaxs[ifr->callno]->host), 1);
+				if (check_access(ifr->callno, &fr->sin, ies)) {
+					/* They're not allowed on */
+					if (authdebug)
+						ast_log(LOG_NOTICE, "Rejected connect attempt from %s, who was trying to reach '%s@%s'\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->exten, iaxs[ifr->callno]->context);
+					auth_fail(ifr->callno, IAX_COMMAND_REJECT);
+					break;
+				}
+				/* If we're in trunk mode, do it now, and update the trunk number in our frame before continuing */
+				if (ast_test_flag(iaxs[ifr->callno], IAX_TRUNK)) {
+					ifr->callno = make_trunk(ifr->callno, 1);
+				}
+				/* This might re-enter the IAX code and need the lock */
+				if (strcasecmp(iaxs[ifr->callno]->exten, "TBD")) {
+				//	ast_mutex_unlock(&iaxsl[ifr->callno]);
+					exists = ast_exists_extension(NULL, iaxs[ifr->callno]->context, iaxs[ifr->callno]->exten, 1, iaxs[ifr->callno]->cid_num);
+				//	ast_mutex_lock(&iaxsl[ifr->callno]);
+				} else
+					exists = 0;
+				if (ast_strlen_zero(iaxs[ifr->callno]->secret) && ast_strlen_zero(iaxs[ifr->callno]->inkeys)) {
+					if (strcmp(iaxs[ifr->callno]->exten, "TBD") && !exists) {
+						memset(&ied0, 0, sizeof(ied0));
+						iax_ie_append_str(&ied0, IAX_IE_CAUSE, "No such context/extension");
+						iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_NO_ROUTE_DESTINATION);
+						send_command_final(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
+						if (authdebug)
+							ast_log(LOG_NOTICE, "Rejected connect attempt from %s, request '%s@%s' does not exist\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->exten, iaxs[ifr->callno]->context);
+					} else {
+						/* Select an appropriate format */
+						if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOPREFS)) {
+							if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP)) {
+								using_prefs = "reqonly";
+							} else {
+								using_prefs = "disabled";
+							}
+							format = iaxs[ifr->callno]->peerformat & iaxs[ifr->callno]->capability;
+							memset(&pref, 0, sizeof(pref));
+							strcpy(caller_pref_buf, "disabled");
+							strcpy(host_pref_buf, "disabled");
+						} else {
+							using_prefs = "mine";
+							if(ies->codec_prefs) {
+								ast_codec_pref_convert(&rpref, ies->codec_prefs, 32, 0);
+								/* If we are codec_first_choice we let the caller have the 1st shot at picking the codec.*/
+								if (ast_test_flag(iaxs[ifr->callno], IAX_CODEC_USER_FIRST)) {
+									pref = rpref;
+									using_prefs = "caller";
+								} else {
+									pref = iaxs[ifr->callno]->prefs;
+								}
+							} else
+								pref = iaxs[ifr->callno]->prefs;
+						
+							format = ast_codec_choose(&pref, iaxs[ifr->callno]->capability & iaxs[ifr->callno]->peercapability, 0);
+							ast_codec_pref_string(&rpref, caller_pref_buf, sizeof(caller_pref_buf) - 1);
+							ast_codec_pref_string(&iaxs[ifr->callno]->prefs, host_pref_buf, sizeof(host_pref_buf) - 1);
+						}
+						if (!format) {
+							if(!ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP))
+								format = iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability;
+							if (!format) {
+								memset(&ied0, 0, sizeof(ied0));
+								iax_ie_append_str(&ied0, IAX_IE_CAUSE, "Unable to negotiate codec");
+								iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_BEARERCAPABILITY_NOTAVAIL);
+								send_command_final(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
+								if (authdebug) {
+									if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP))
+										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested 0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->capability);
+									else 
+										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested/capability 0x%x/0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->peercapability, iaxs[ifr->callno]->capability);
+								}
+							} else {
+								/* Pick one... */
+								if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP)) {
+									if(!(iaxs[ifr->callno]->peerformat & iaxs[ifr->callno]->capability))
+										format = 0;
+								} else {
+									if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOPREFS)) {
+										using_prefs = ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP) ? "reqonly" : "disabled";
+										memset(&pref, 0, sizeof(pref));
+										format = ast_best_codec(iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability);
+										strcpy(caller_pref_buf,"disabled");
+										strcpy(host_pref_buf,"disabled");
+									} else {
+										using_prefs = "mine";
+										if(ies->codec_prefs) {
+											/* Do the opposite of what we tried above. */
+											if (ast_test_flag(iaxs[ifr->callno], IAX_CODEC_USER_FIRST)) {
+												pref = iaxs[ifr->callno]->prefs;								
+											} else {
+												pref = rpref;
+												using_prefs = "caller";
+											}
+											format = ast_codec_choose(&pref, iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability, 1);
+									
+										} else /* if no codec_prefs IE do it the old way */
+											format = ast_best_codec(iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability);	
+									}
+								}
+
+								if (!format) {
+									memset(&ied0, 0, sizeof(ied0));
+									iax_ie_append_str(&ied0, IAX_IE_CAUSE, "Unable to negotiate codec");
+									iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_BEARERCAPABILITY_NOTAVAIL);
+									ast_log(LOG_ERROR, "No best format in 0x%x???\n", iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability);
+									send_command_final(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
+									if (authdebug)
+										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested/capability 0x%x/0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->peercapability, iaxs[ifr->callno]->capability);
+									ast_set_flag(iaxs[ifr->callno], IAX_ALREADYGONE);	
+									break;
+								}
+							}
+						}
+						if (format) {
+							/* No authentication required, let them in */
+							memset(&ied1, 0, sizeof(ied1));
+							iax_ie_append_int(&ied1, IAX_IE_FORMAT, format);
+							send_command(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_ACCEPT, 0, ied1.buf, ied1.pos, -1);
+							if (strcmp(iaxs[ifr->callno]->exten, "TBD")) {
+								ast_set_flag(&iaxs[ifr->callno]->state, IAX_STATE_STARTED);
+								if (option_verbose > 2) 
+									ast_verbose(VERBOSE_PREFIX_3 "Accepting UNAUTHENTICATED call from %s:\n"
+												"%srequested format = %s,\n"
+												"%srequested prefs = %s,\n"
+												"%sactual format = %s,\n"
+												"%shost prefs = %s,\n"
+												"%spriority = %s\n",
+												ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), 
+												VERBOSE_PREFIX_4,
+												ast_getformatname(iaxs[ifr->callno]->peerformat), 
+												VERBOSE_PREFIX_4,
+												caller_pref_buf,
+												VERBOSE_PREFIX_4,
+												ast_getformatname(format), 
+												VERBOSE_PREFIX_4,
+												host_pref_buf, 
+												VERBOSE_PREFIX_4,
+												using_prefs);
+								
+								if(!(c = ast_iax2_new(ifr->callno, AST_STATE_RING, format))) {
+								    ast_mutex_lock(&iaxsl[ifr->callno]);
+									iax2_destroy_nolock(ifr->callno);
+								    ast_mutex_unlock(&iaxsl[ifr->callno]);
+								}
+							} else {
+								ast_set_flag(&iaxs[ifr->callno]->state, IAX_STATE_TBD);
+								/* If this is a TBD call, we're ready but now what...  */
+								if (option_verbose > 2)
+									ast_verbose(VERBOSE_PREFIX_3 "Accepted unauthenticated TBD call from %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr));
+							}
+						}
+					}
+					break;
+				}
+				if (iaxs[ifr->callno]->authmethods & IAX_AUTH_MD5)
+					merge_encryption(iaxs[ifr->callno],ies->encmethods);
+				else
+					iaxs[ifr->callno]->encmethods = 0;
+				authenticate_request(iaxs[ifr->callno]);
+				ast_set_flag(&iaxs[ifr->callno]->state, IAX_STATE_AUTHENTICATED);
+				break;
+			    case IAX_COMMAND_REGREQ:
+		    	    case IAX_COMMAND_REGREL:
+		//	    	    usleep(1000000);
+				if (register_verify(ifr->callno, &fr->sin, ies)) {
+					/* Send delayed failure */
+				        auth_fail(ifr->callno, IAX_COMMAND_REGREJ);
+				    break;
+				}
+				if ((ast_strlen_zero(iaxs[ifr->callno]->secret) && ast_strlen_zero(iaxs[ifr->callno]->inkeys)) || ast_test_flag(&iaxs[ifr->callno]->state, IAX_STATE_AUTHENTICATED)) {
+				    if (fr->subclass == IAX_COMMAND_REGREL)
+					memset(&fr->sin, 0, sizeof(struct sockaddr_in));
+				    if (update_registry(iaxs[ifr->callno]->peer, &fr->sin, ifr->callno, ies->devicetype, fr->fd, ies->refresh))
+					ast_log(LOG_WARNING, "Registry error\n"); 
+				    if (ies->provverpres && ies->serviceident && fr->sin.sin_addr.s_addr)
+					check_provisioning(&fr->sin, fr->fd, ies->serviceident, ies->provver);
+				    /* update registry leaves us locked, so we have to unlock to not deadlock */
+				    iaxs_queued[ifr->callno]--;
+				    if (iaxs_queued[ifr->callno] < 0) iaxs_queued[ifr->callno] = 0;
+				    ast_mutex_unlock(&iaxsl[ifr->callno]);
+				    break;
+				}
+				registry_authrequest(iaxs[ifr->callno]->peer, ifr->callno);
+				break;
+			    case IAX_COMMAND_HANGUP:
+				/* Here we really have to lock */
+				ast_mutex_lock(&iaxsl[ifr->callno]);
+				if (iaxs[ifr->callno]) {
+				    ast_set_flag(iaxs[ifr->callno], IAX_ALREADYGONE);
+				    ast_log(LOG_DEBUG, "Asynchronously destroying %d, having received hangup\n", ifr->callno);
+				    /* Set hangup cause according to remote */
+				    if (ies->causecode && iaxs[ifr->callno]->owner)
+					iaxs[ifr->callno]->owner->hangupcause = ies->causecode;
+				    iax2_destroy_nolock(ifr->callno);
+				}
+				iaxs_queued[ifr->callno]--;
+				if (iaxs_queued[ifr->callno] < 0) iaxs_queued[ifr->callno] = 0;
+				dequeued = 1;
+				ast_mutex_unlock(&iaxsl[ifr->callno]);
+				break;
+			case IAX_COMMAND_INVAL:
+				/* Here we really have to lock */
+				ast_mutex_lock(&iaxsl[ifr->callno]);
+				if (iaxs[ifr->callno]) {
+				    iaxs[ifr->callno]->error = ENOTCONN;
+				    ast_log(LOG_DEBUG, "Asynchronously destroying %d, having received INVAL\n", ifr->callno);
+				    iax2_destroy_nolock(ifr->callno);
+				    if (option_debug)
+					ast_log(LOG_DEBUG, "Destroying call %d\n", ifr->callno);
+				}
+				iaxs_queued[ifr->callno]--;
+				if (iaxs_queued[ifr->callno] < 0) iaxs_queued[ifr->callno] = 0;
+				dequeued = 1;
+				ast_mutex_unlock(&iaxsl[ifr->callno]);
+				break;
+			case IAX_COMMAND_AUTHREP:
+				/* Ignore once we've started */
+				if (ast_test_flag(&iaxs[ifr->callno]->state, IAX_STATE_STARTED | IAX_STATE_TBD)) {
+				    ast_log(LOG_WARNING, "Call on %s is already up, can't start on it\n", iaxs[ifr->callno]->owner ? iaxs[ifr->callno]->owner->name : "<Unknown>");
+				    break;
+				}
+				if (authenticate_verify(iaxs[ifr->callno], ies)) {
+					if (authdebug)
+						ast_log(LOG_NOTICE, "Host %s failed to authenticate as %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), iaxs[ifr->callno]->addr.sin_addr), iaxs[ifr->callno]->username);
+					memset(&ied0, 0, sizeof(ied0));
+					auth_fail(ifr->callno, IAX_COMMAND_REJECT);
+					break;
+				}
+				ast_mutex_lock(&iaxsl[ifr->callno]);
+				if (strcasecmp(iaxs[ifr->callno]->exten, "TBD")) {
+					/* This might re-enter the IAX code and need the lock */
+					exists = ast_exists_extension(NULL, iaxs[ifr->callno]->context, iaxs[ifr->callno]->exten, 1, iaxs[ifr->callno]->cid_num);
+				} else
+					exists = 0;
+				    if (strcmp(iaxs[ifr->callno]->exten, "TBD") && !exists) {
+					if (authdebug)
+						ast_log(LOG_NOTICE, "Rejected connect attempt from %s, request '%s@%s' does not exist\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->exten, iaxs[ifr->callno]->context);
+					memset(&ied0, 0, sizeof(ied0));
+					iax_ie_append_str(&ied0, IAX_IE_CAUSE, "No such context/extension");
+					iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_NO_ROUTE_DESTINATION);
+					send_command_final(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
+				} else {
+					/* Select an appropriate format */
+					if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOPREFS)) {
+						if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP)) {
+							using_prefs = "reqonly";
+						} else {
+							using_prefs = "disabled";
+						}
+						format = iaxs[ifr->callno]->peerformat & iaxs[ifr->callno]->capability;
+						memset(&pref, 0, sizeof(pref));
+						strcpy(caller_pref_buf, "disabled");
+						strcpy(host_pref_buf, "disabled");
+					} else {
+						using_prefs = "mine";
+						if(ies->codec_prefs) {
+							/* If we are codec_first_choice we let the caller have the 1st shot at picking the codec.*/
+							ast_codec_pref_convert(&rpref, ies->codec_prefs, 32, 0);
+							if (ast_test_flag(iaxs[ifr->callno], IAX_CODEC_USER_FIRST)) {
+								ast_codec_pref_convert(&pref, ies->codec_prefs, 32, 0);
+								using_prefs = "caller";
+							} else {
+								pref = iaxs[ifr->callno]->prefs;
+							}
+						} else /* if no codec_prefs IE do it the old way */
+							pref = iaxs[ifr->callno]->prefs;
+					
+						format = ast_codec_choose(&pref, iaxs[ifr->callno]->capability & iaxs[ifr->callno]->peercapability, 0);
+						ast_codec_pref_string(&rpref, caller_pref_buf, sizeof(caller_pref_buf) - 1);
+						ast_codec_pref_string(&iaxs[ifr->callno]->prefs, host_pref_buf, sizeof(host_pref_buf) - 1);
+					}
+					if (!format) {
+						if(!ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP)) {
+							ast_log(LOG_DEBUG, "We don't do requested format %s, falling back to peer capability %d\n", ast_getformatname(iaxs[ifr->callno]->peerformat), iaxs[ifr->callno]->peercapability);
+							format = iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability;
+						}
+						if (!format) {
+							if (authdebug) {
+								if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP)) 
+									ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested 0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->capability);
+								else
+									ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested/capability 0x%x/0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->peercapability, iaxs[ifr->callno]->capability);
+							}
+							memset(&ied0, 0, sizeof(ied0));
+							iax_ie_append_str(&ied0, IAX_IE_CAUSE, "Unable to negotiate codec");
+							iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_BEARERCAPABILITY_NOTAVAIL);
+							send_command_final(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
+						} else {
+							/* Pick one... */
+							if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP)) {
+								if(!(iaxs[ifr->callno]->peerformat & iaxs[ifr->callno]->capability))
+									format = 0;
+							} else {
+								if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOPREFS)) {
+									using_prefs = ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP) ? "reqonly" : "disabled";
+									memset(&pref, 0, sizeof(pref));
+									format = ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP) ?
+										iaxs[ifr->callno]->peerformat : ast_best_codec(iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability);
+									strcpy(caller_pref_buf,"disabled");
+									strcpy(host_pref_buf,"disabled");
+								} else {
+									using_prefs = "mine";
+									if(ies->codec_prefs) {
+										/* Do the opposite of what we tried above. */
+										if (ast_test_flag(iaxs[ifr->callno], IAX_CODEC_USER_FIRST)) {
+											pref = iaxs[ifr->callno]->prefs;						
+										} else {
+											pref = rpref;
+											using_prefs = "caller";
+										}
+										format = ast_codec_choose(&pref, iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability, 1);
+									} else /* if no codec_prefs IE do it the old way */
+										format = ast_best_codec(iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability);	
+								}
+							}
+							if (!format) {
+								ast_log(LOG_ERROR, "No best format in 0x%x???\n", iaxs[ifr->callno]->peercapability & iaxs[ifr->callno]->capability);
+								if (authdebug) {
+									if(ast_test_flag(iaxs[ifr->callno], IAX_CODEC_NOCAP))
+										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested 0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->capability);
+									else
+										ast_log(LOG_NOTICE, "Rejected connect attempt from %s, requested/capability 0x%x/0x%x incompatible with our capability 0x%x.\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), iaxs[ifr->callno]->peerformat, iaxs[ifr->callno]->peercapability, iaxs[ifr->callno]->capability);
+								}
+								memset(&ied0, 0, sizeof(ied0));
+								iax_ie_append_str(&ied0, IAX_IE_CAUSE, "Unable to negotiate codec");
+								iax_ie_append_byte(&ied0, IAX_IE_CAUSECODE, AST_CAUSE_BEARERCAPABILITY_NOTAVAIL);
+								send_command_final(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_REJECT, 0, ied0.buf, ied0.pos, -1);
+							}
+						}
+					}
+					if (format) {
+						/* Authentication received */
+						memset(&ied1, 0, sizeof(ied1));
+						iax_ie_append_int(&ied1, IAX_IE_FORMAT, format);
+						send_command(iaxs[ifr->callno], AST_FRAME_IAX, IAX_COMMAND_ACCEPT, 0, ied1.buf, ied1.pos, -1);
+						if (strcmp(iaxs[ifr->callno]->exten, "TBD")) {
+							ast_set_flag(&iaxs[ifr->callno]->state, IAX_STATE_STARTED);
+							if (option_verbose > 2) 
+								ast_verbose(VERBOSE_PREFIX_3 "Accepting AUTHENTICATED call from %s:\n"
+											"%srequested format = %s,\n"
+											"%srequested prefs = %s,\n"
+											"%sactual format = %s,\n"
+											"%shost prefs = %s,\n"
+											"%spriority = %s\n", 
+											ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr), 
+											VERBOSE_PREFIX_4,
+											ast_getformatname(iaxs[ifr->callno]->peerformat),
+											VERBOSE_PREFIX_4,
+											caller_pref_buf,
+											VERBOSE_PREFIX_4,
+											ast_getformatname(format),
+											VERBOSE_PREFIX_4,
+											host_pref_buf,
+											VERBOSE_PREFIX_4,
+											using_prefs);
+
+							ast_set_flag(&iaxs[ifr->callno]->state, IAX_STATE_STARTED);
+							if(!(c = ast_iax2_new(ifr->callno, AST_STATE_RING, format)))
+								iax2_destroy_nolock(ifr->callno);
+						} else {
+							ast_set_flag(&iaxs[ifr->callno]->state, IAX_STATE_TBD);
+							/* If this is a TBD call, we're ready but now what...  */
+							if (option_verbose > 2)
+								ast_verbose(VERBOSE_PREFIX_3 "Accepted AUTHENTICATED TBD call from %s\n", ast_inet_ntoa(iabuf, sizeof(iabuf), fr->sin.sin_addr));
+						}
+					}
+				}
+				iaxs_queued[ifr->callno]--;
+				if (iaxs_queued[ifr->callno] < 0) iaxs_queued[ifr->callno] = 0;
+				ast_mutex_unlock(&iaxsl[ifr->callno]);
+			}
+			if (!dequeued) {
+    			    ast_mutex_lock(&iaxsl[ifr->callno]);
+				iaxs_queued[ifr->callno]--;
+				if (iaxs_queued[ifr->callno] < 0) iaxs_queued[ifr->callno] = 0;
+    			    ast_mutex_unlock(&iaxsl[ifr->callno]);
+			}
+		    }
+		iax_frame_free(ifr);
+		free(fr);
+		fr = NULL;
+		}
+	
+	}
+	return NULL;
+}
+
+
+static int start_auth_thread(void)
+{
+	return ast_pthread_create(&auththreadid, NULL, auth_thread, &callq);
+}
+
+static int start_reg_thread(void)
+{
+	return ast_pthread_create(&regthreadid, NULL, auth_thread, &regq);
+}
+
 static struct iax2_context *build_context(char *context)
 {
 	struct iax2_context *con = malloc(sizeof(struct iax2_context));
@@ -8882,6 +9305,7 @@
 	tmpstr = ast_strdupa(data);
 	parse_dial_string(tmpstr, &pds);
 
+ast_log(LOG_NOTICE, "calling create_addr here\n");
 	/* Populate our address from the given */
 	if (create_addr(pds.peer, &sin, &cai))
 		return -1;
@@ -9492,6 +9916,11 @@
 static int __unload_module(void)
 {
 	int x;
+	/* Cancel the authentication thread */
+	if (auththreadid != AST_PTHREADT_NULL) {
+		pthread_cancel(auththreadid);
+		pthread_join(auththreadid, NULL);
+	}
 	/* Cancel the network thread, close the net socket */
 	if (netthreadid != AST_PTHREADT_NULL) {
 		pthread_cancel(netthreadid);
@@ -9514,6 +9943,8 @@
 
 int unload_module()
 {
+	ast_mutex_destroy(&regq.lock);
+	ast_mutex_destroy(&callq.lock);
 	ast_mutex_destroy(&iaxq.lock);
 	ast_mutex_destroy(&userl.lock);
 	ast_mutex_destroy(&peerl.lock);
@@ -9535,6 +9966,9 @@
 	struct ast_netsock *ns;
 	struct sockaddr_in sin;
 	
+	/* you never can tell */
+	memset(iaxs_queued, 0, sizeof(iaxs_queued));
+	
 	ast_custom_function_register(&iaxpeer_function);
 
 	iax_set_output(iax_debug_output);
@@ -9577,7 +10011,14 @@
 	}
 	ast_netsock_init(netsock);
 
+	gethostname(servername, sizeof(servername) - 1);
+	ast_log(LOG_NOTICE, "servername = %s\n", servername);
+
 	ast_mutex_init(&iaxq.lock);
+	ast_mutex_init(&regq.lock);
+	ast_cond_init(&regq.cond, NULL);
+	ast_mutex_init(&callq.lock);
+	ast_cond_init(&callq.cond, NULL);
 	ast_mutex_init(&userl.lock);
 	ast_mutex_init(&peerl.lock);
 	ast_mutex_init(&waresl.lock);
@@ -9621,6 +10062,16 @@
 		ast_netsock_release(netsock);
 	}
 
+	res = start_reg_thread();
+	if (res) {
+		ast_log(LOG_ERROR, "Unable to start registration thread\n");
+	}
+
+	res = start_auth_thread();
+	if (res) {
+		ast_log(LOG_ERROR, "Unable to start authentication thread\n");
+	}
+
 	for (reg = registrations; reg; reg = reg->next)
 		iax2_do_register(reg);
 	ast_mutex_lock(&peerl.lock);
diff -urN asterisk-1.2.4/res/Makefile asterisk-1.2.4.carrier/res/Makefile
--- asterisk-1.2.4/res/Makefile	2006-01-31 09:41:43.000000000 +0100
+++ asterisk-1.2.4.carrier/res/Makefile	2006-01-31 15:04:30.000000000 +0100
@@ -13,6 +13,21 @@
 
 MODS=res_indications.so res_monitor.so res_adsi.so res_agi.so res_features.so res_watchdog.so
 
+#
+# MySQL stuff...  Autoconf anyone??
+#
+MODS+=$(shell if [ -d /usr/local/mysql/include ] || [ -d /usr/include/mysql ] || [ -d /usr/local/include/mysql ] || [ -d /opt/mysql/include ]; then echo "res_config_mysql.so"; fi)
+CFLAGS+=$(shell if [ -d /usr/local/mysql/include ]; then echo "-I/usr/local/mysql/include"; fi)
+CFLAGS+=$(shell if [ -d /usr/include/mysql ]; then echo "-I/usr/include/mysql"; fi)
+CFLAGS+=$(shell if [ -d /usr/local/include/mysql ]; then echo "-I/usr/local/include/mysql"; fi)
+CFLAGS+=$(shell if [ -d /opt/mysql/include/mysql ]; then echo "-I/opt/mysql/include/mysql"; fi)
+MLFLAGS=
+MLFLAGS+=$(shell if [ -d /usr/lib/mysql ]; then echo "-L/usr/lib/mysql"; fi)
+MLFLAGS+=$(shell if [ -d /usr/lib64/mysql ]; then echo "-L/usr/lib64/mysql"; fi)
+MLFLAGS+=$(shell if [ -d /usr/local/mysql/lib ]; then echo "-L/usr/local/mysql/lib"; fi)
+MLFLAGS+=$(shell if [ -d /usr/local/lib/mysql ]; then echo "-L/usr/local/lib/mysql"; fi)
+MLFLAGS+=$(shell if [ -d /opt/mysql/lib/mysql ]; then echo "-L/opt/mysql/lib/mysql"; fi)
+
 ifneq ($(wildcard $(CROSS_COMPILE_TARGET)/usr/include/odbcinst.h)$(wildcard $(CROSS_COMPILE_TARGET)/usr/local/include/odbcinst.h),)
   ifneq (${OSARCH},FreeBSD)
     MODS+=res_config_odbc.so
@@ -109,6 +124,9 @@
 res_config_odbc.so: res_config_odbc.o
 	$(CC) $(SOLINK) -o $@ ${CYGSOLINK} $< ${CYGSOLIB} ${CYG_RES_CONFIG_ODBC_LIB}
 
+res_config_mysql.so: res_config_mysql.o
+	$(CC) $(SOLINK) -o $@ $< -lmysqlclient -lz $(MLFLAGS)
+
 ifneq ($(wildcard .depend),)
   include .depend
 endif
diff -urN asterisk-1.2.4/res/res_config_mysql.c asterisk-1.2.4.carrier/res/res_config_mysql.c
--- asterisk-1.2.4/res/res_config_mysql.c	1970-01-01 01:00:00.000000000 +0100
+++ asterisk-1.2.4.carrier/res/res_config_mysql.c	2006-01-31 14:54:49.000000000 +0100
@@ -0,0 +1,680 @@
+/*
+ * Asterisk -- A telephony toolkit for Linux.
+ *
+ * Copyright (C) 1999-2005, Digium, Inc.
+ *
+ * Mark Spencer <markster@digium.com>  - Asterisk Author
+ * Matthew Boehm <mboehm@cytelcom.com> - MySQL RealTime Driver Author
+ *
+ * res_config_mysql.c <mysql plugin for RealTime configuration engine>
+ *
+ * v2.0   - (10-07-05) - mutex_lock fixes (bug #4973, comment #0034602)
+ *
+ * v1.9   - (08-19-05) - Added support to correctly honor the family database specified
+ *                       in extconfig.conf (bug #4973)
+ *
+ * v1.8   - (04-21-05) - Modified return values of update_mysql to better indicate
+ *                       what really happened.
+ *
+ * v1.7   - (01-28-05) - Fixed non-initialization of ast_category struct
+ *                       in realtime_multi_mysql function which caused segfault. 
+ *
+ * v1.6   - (00-00-00) - Skipped to bring comments into sync with version number in CVS.
+ *
+ * v1.5.1 - (01-26-05) - Added better(?) locking stuff
+ *
+ * v1.5   - (01-26-05) - Brought up to date with new config.h changes (bug #3406)
+ *                     - Added in extra locking provided by georg (bug #3248)
+ *
+ * v1.4   - (12-02-04) - Added realtime_multi_mysql function
+ *                        This function will return an ast_config with categories,
+ *                        unlike standard realtime_mysql which only returns
+ *                        a linked list of ast_variables
+ *
+ * v1.3   - (12-01-04) - Added support other operators
+ *                       Ex: =, !=, LIKE, NOT LIKE, RLIKE, etc...
+ *
+ * v1.2   - (11-DD-04) - Added reload. Updated load and unload.
+ *                       Code beautification (doc/CODING-GUIDELINES)
+ */
+
+#include <asterisk/channel.h>
+#include <asterisk/logger.h>
+#include <asterisk/config.h>
+#include <asterisk/module.h>
+#include <asterisk/lock.h>
+#include <asterisk/options.h>
+#include <asterisk/cli.h>
+#include <asterisk/utils.h>
+#include <stdlib.h>
+#include <string.h>
+#include <mysql.h>
+#include <mysql_version.h>
+#include <errmsg.h>
+
+static char *res_config_mysql_desc = "MySQL RealTime Configuration Driver";
+
+AST_MUTEX_DEFINE_STATIC(mysql_lock);
+#define RES_CONFIG_MYSQL_CONF "res_mysql.conf"
+MYSQL         mysql;
+static char   dbhost[50];
+static char   dbuser[50];
+static char   dbpass[50];
+static char   dbname[50];
+static char   dbsock[50];
+static int    dbport;
+static int    connected;
+static time_t connect_time;
+
+static int parse_config(void);
+static int mysql_reconnect(const char *database);
+static int realtime_mysql_status(int fd, int argc, char **argv);
+
+STANDARD_LOCAL_USER;
+
+LOCAL_USER_DECL;
+
+static char cli_realtime_mysql_status_usage[] =
+"Usage: realtime mysql status\n"
+"       Shows connection information for the MySQL RealTime driver\n";
+
+static struct ast_cli_entry cli_realtime_mysql_status = {
+        { "realtime", "mysql", "status", NULL }, realtime_mysql_status,
+        "Shows connection information for the MySQL RealTime driver", cli_realtime_mysql_status_usage, NULL };
+
+static struct ast_variable *realtime_mysql(const char *database, const char *table, va_list ap)
+{
+	MYSQL_RES *result;
+	MYSQL_ROW row;
+	MYSQL_FIELD *fields;
+	int numFields, i;
+	char sql[256];
+	char *stringp;
+	char *chunk;
+	char *op;
+	const char *newparam, *newval;
+	struct ast_variable *var=NULL, *prev=NULL;
+
+	if(!table) {
+		ast_log(LOG_WARNING, "MySQL RealTime: No table specified.\n");
+		return NULL;
+	}
+
+	/* Get the first parameter and first value in our list of passed paramater/value pairs */
+	newparam = va_arg(ap, const char *);
+	newval = va_arg(ap, const char *);
+	if(!newparam || !newval)  {
+		ast_log(LOG_WARNING, "MySQL RealTime: Realtime retrieval requires at least 1 parameter and 1 value to search on.\n");
+		mysql_close(&mysql);
+		return NULL;
+	}
+
+	/* Create the first part of the query using the first parameter/value pairs we just extracted
+	   If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
+
+	if(!strchr(newparam, ' ')) op = " ="; else op = "";
+
+	snprintf(sql, sizeof(sql), "SELECT * FROM %s WHERE %s%s '%s'", table, newparam, op, newval);
+	while((newparam = va_arg(ap, const char *))) {
+		newval = va_arg(ap, const char *);
+		if(!strchr(newparam, ' ')) op = " ="; else op = "";
+		snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " AND %s%s '%s'", newparam, op, newval);
+	}
+	va_end(ap);
+
+	ast_log(LOG_DEBUG, "MySQL RealTime: Retrieve SQL: %s\n", sql);
+
+	/* We now have our complete statement; Lets connect to the server and execute it. */
+	ast_mutex_lock(&mysql_lock);
+	if(!mysql_reconnect(database)) {
+		ast_mutex_unlock(&mysql_lock);
+		return NULL;
+	}
+	
+//	ast_log(LOG_NOTICE, "SQL: %s\m", sql);
+
+	if(mysql_real_query(&mysql, sql, strlen(sql))) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Failed to query database. Check debug for more info.\n");
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query: %s\n", sql);
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query Failed because: %s\n", mysql_error(&mysql));
+		ast_mutex_unlock(&mysql_lock);
+		return NULL;
+	}
+
+	if((result = mysql_store_result(&mysql))) {
+		numFields = mysql_num_fields(result);
+		fields = mysql_fetch_fields(result);
+
+		while((row = mysql_fetch_row(result))) {
+			for(i = 0; i < numFields; i++) {
+				stringp = row[i];
+				while(stringp) {
+					chunk = strsep(&stringp, ";");
+					if(chunk && !ast_strlen_zero(ast_strip(chunk))) {
+						if(prev) {
+							prev->next = ast_variable_new(fields[i].name, chunk);
+							if (prev->next) {
+								prev = prev->next;
+							}
+						} else {
+							prev = var = ast_variable_new(fields[i].name, chunk);
+						}
+					}
+				}
+			}
+		}
+	} else {                                
+		ast_log(LOG_WARNING, "MySQL RealTime: Could not find any rows in table %s.\n", table);
+	}
+
+	mysql_free_result(result);
+	ast_mutex_unlock(&mysql_lock);
+
+	return var;
+}
+
+static struct ast_config *realtime_multi_mysql(const char *database, const char *table, va_list ap)
+{
+	MYSQL_RES *result;
+	MYSQL_ROW row;
+	MYSQL_FIELD *fields;
+	int numFields, i;
+	char sql[256];
+	const char *initfield = NULL;
+	char *stringp;
+	char *chunk;
+	char *op;
+	const char *newparam, *newval;
+	struct ast_realloca ra;
+	struct ast_variable *var=NULL;
+	struct ast_config *cfg = NULL;
+	struct ast_category *cat = NULL;
+
+	if(!table) {
+		ast_log(LOG_WARNING, "MySQL RealTime: No table specified.\n");
+		return NULL;
+	}
+	
+	memset(&ra, 0, sizeof(ra));
+
+	cfg = ast_config_new();
+	if (!cfg) {
+		/* If I can't alloc memory at this point, why bother doing anything else? */
+		ast_log(LOG_WARNING, "Out of memory!\n");
+		return NULL;
+	}
+
+	/* Get the first parameter and first value in our list of passed paramater/value pairs */
+	newparam = va_arg(ap, const char *);
+	newval = va_arg(ap, const char *);
+	if(!newparam || !newval)  {
+		ast_log(LOG_WARNING, "MySQL RealTime: Realtime retrieval requires at least 1 parameter and 1 value to search on.\n");
+		mysql_close(&mysql);
+		return NULL;
+	}
+
+	initfield = ast_strdupa(newparam);
+	if(initfield && (op = strchr(initfield, ' '))) {
+		*op = '\0';
+	}
+
+	/* Create the first part of the query using the first parameter/value pairs we just extracted
+	   If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
+
+	if(!strchr(newparam, ' ')) op = " ="; else op = "";
+
+	snprintf(sql, sizeof(sql), "SELECT * FROM %s WHERE %s%s '%s'", table, newparam, op, newval);
+	while((newparam = va_arg(ap, const char *))) {
+		newval = va_arg(ap, const char *);
+		if(!strchr(newparam, ' ')) op = " ="; else op = "";
+		snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " AND %s%s '%s'", newparam, op, newval);
+	}
+
+	if(initfield) {
+		snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " ORDER BY %s", initfield);
+	}
+
+	va_end(ap);
+
+	ast_log(LOG_DEBUG, "MySQL RealTime: Retrieve SQL: %s\n", sql);
+
+	/* We now have our complete statement; Lets connect to the server and execute it. */
+	ast_mutex_lock(&mysql_lock);
+	if(!mysql_reconnect(database)) {
+		ast_mutex_unlock(&mysql_lock);
+		return NULL;
+	}
+
+	if(mysql_real_query(&mysql, sql, strlen(sql))) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Failed to query database. Check debug for more info.\n");
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query: %s\n", sql);
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query Failed because: %s\n", mysql_error(&mysql));
+		ast_mutex_unlock(&mysql_lock);
+		return NULL;
+	}
+
+	if((result = mysql_store_result(&mysql))) {
+		numFields = mysql_num_fields(result);
+		fields = mysql_fetch_fields(result);
+
+		while((row = mysql_fetch_row(result))) {
+			var = NULL;
+			cat = ast_category_new("");
+			if(!cat) {
+				ast_log(LOG_WARNING, "Out of memory!\n");
+				continue;
+			}
+			for(i = 0; i < numFields; i++) {
+				stringp = row[i];
+				while(stringp) {
+					chunk = strsep(&stringp, ";");
+					if(chunk && !ast_strlen_zero(ast_strip(chunk))) {
+						if(initfield && !strcmp(initfield, fields[i].name)) {
+							ast_category_rename(cat, chunk);
+						}
+						var = ast_variable_new(fields[i].name, chunk);
+						ast_variable_append(cat, var);
+					}
+				}
+			}
+			ast_category_append(cfg, cat);
+		}
+	} else {
+		ast_log(LOG_WARNING, "MySQL RealTime: Could not find any rows in table %s.\n", table);
+	}
+
+	mysql_free_result(result);
+	ast_mutex_unlock(&mysql_lock);
+
+	return cfg;
+}
+
+static int update_mysql(const char *database, const char *table, const char *keyfield, const char *lookup, va_list ap)
+{
+	my_ulonglong numrows;
+	char sql[256];
+	const char *newparam, *newval;
+
+	if(!table) {
+		ast_log(LOG_WARNING, "MySQL RealTime: No table specified.\n");
+               return -1;
+	}
+
+	/* Get the first parameter and first value in our list of passed paramater/value pairs */
+	newparam = va_arg(ap, const char *);
+	newval = va_arg(ap, const char *);
+	if(!newparam || !newval)  {
+		ast_log(LOG_WARNING, "MySQL RealTime: Realtime retrieval requires at least 1 parameter and 1 value to search on.\n");
+		mysql_close(&mysql);
+               return -1;
+	}
+
+	/* Create the first part of the query using the first parameter/value pairs we just extracted
+	   If there is only 1 set, then we have our query. Otherwise, loop thru the list and concat */
+
+	snprintf(sql, sizeof(sql), "UPDATE %s SET %s = '%s'", table, newparam, newval);
+	while((newparam = va_arg(ap, const char *))) {
+		newval = va_arg(ap, const char *);
+		snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), ", %s = '%s'", newparam, newval);
+	}
+	va_end(ap);
+	snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " WHERE %s = '%s'", keyfield, lookup);
+
+	ast_log(LOG_DEBUG,"MySQL RealTime: Update SQL: %s\n", sql);
+
+	/* We now have our complete statement; Lets connect to the server and execute it. */
+	ast_mutex_lock(&mysql_lock);
+	if(!mysql_reconnect(database)) {
+		ast_mutex_unlock(&mysql_lock);
+		return -1;
+	}
+
+	if(mysql_real_query(&mysql, sql, strlen(sql))) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Failed to query database. Check debug for more info.\n");
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query: %s\n", sql);
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query Failed because: %s\n", mysql_error(&mysql));
+		ast_mutex_unlock(&mysql_lock);
+		return -1;
+	}
+
+	numrows = mysql_affected_rows(&mysql);
+	ast_mutex_unlock(&mysql_lock);
+
+	ast_log(LOG_DEBUG,"MySQL RealTime: Updated %llu rows on table: %s\n", numrows, table);
+
+	/* From http://dev.mysql.com/doc/mysql/en/mysql-affected-rows.html
+	 * An integer greater than zero indicates the number of rows affected
+	 * Zero indicates that no records were updated
+	 * -1 indicates that the query returned an error (although, if the query failed, it should have been caught above.)
+	*/
+
+	if(numrows >= 0)
+		return (int)numrows;
+
+	return -1;
+}
+
+static struct ast_config *config_mysql(const char *database, const char *table, const char *file, struct ast_config *cfg)
+{
+	MYSQL_RES *result;
+	MYSQL_ROW row;
+	my_ulonglong num_rows;
+	struct ast_config *new;
+	struct ast_variable *cur_v, *new_v;
+	struct ast_category *cur_cat, *new_cat;
+	char sql[250] = "";
+	char last[80] = "";
+	int cat_started = 0;
+	int var_started = 0;
+	int last_cat_metric = 0;
+
+	last[0] = '\0';
+
+	if(!file || !strcmp(file, RES_CONFIG_MYSQL_CONF)) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Cannot configure myself.\n");
+		return NULL;
+	}
+
+	snprintf(sql, sizeof(sql), "SELECT category, var_name, var_val, cat_metric FROM %s WHERE filename='%s' and commented=0 ORDER BY filename, cat_metric desc, var_metric asc, category, var_name, var_val, id", table, file);
+
+	ast_log(LOG_DEBUG, "MySQL RealTime: Static SQL: %s\n", sql);
+
+	/* We now have our complete statement; Lets connect to the server and execute it. */
+	ast_mutex_lock(&mysql_lock);
+	if(!mysql_reconnect(database)) {
+		ast_mutex_unlock(&mysql_lock);
+		return NULL;
+	}
+
+	if(mysql_real_query(&mysql, sql, strlen(sql))) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Failed to query database. Check debug for more info.\n");
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query: %s\n", sql);
+		ast_log(LOG_DEBUG, "MySQL RealTime: Query Failed because: %s\n", mysql_error(&mysql));
+		ast_mutex_unlock(&mysql_lock);
+		return NULL;
+	}
+
+	if((result = mysql_store_result(&mysql))) {
+		num_rows = mysql_num_rows(result);
+		ast_log(LOG_DEBUG, "MySQL RealTime: Found %llu rows.\n", num_rows);
+
+		/* There might exist a better way to access the column names other than counting,
+                   but I believe that would require another loop that we don't need. */
+
+		while((row = mysql_fetch_row(result))) {
+			if(!strcmp(row[1], "#include")) {
+				if (!ast_config_internal_load(row[2], cfg)) {
+					mysql_free_result(result);
+					ast_mutex_unlock(&mysql_lock);
+					return NULL;
+				}
+				continue;
+			}
+
+			if(strcmp(last, row[0]) || last_cat_metric != atoi(row[3])) {
+				cur_cat = ast_category_new(row[0]);
+				if (!cur_cat) {
+					ast_log(LOG_WARNING, "Out of memory!\n");
+					break;
+				}
+				strcpy(last, row[0]);
+				last_cat_metric = atoi(row[3]);
+				ast_category_append(cfg, cur_cat);
+			}
+			new_v = ast_variable_new(row[1], row[2]);
+			ast_variable_append(cur_cat, new_v);
+		}
+	} else {
+		ast_log(LOG_WARNING, "MySQL RealTime: Could not find config '%s' in database.\n", file);
+	}
+
+	mysql_free_result(result);
+	ast_mutex_unlock(&mysql_lock);
+
+	return cfg;
+}
+
+static struct ast_config_engine mysql_engine = {
+	.name = "mysql",
+	.load_func = config_mysql,
+	.realtime_func = realtime_mysql,
+	.realtime_multi_func = realtime_multi_mysql,
+	.update_func = update_mysql
+};
+
+int load_module (void)
+{
+	parse_config();
+
+	ast_mutex_lock(&mysql_lock);
+
+	if(!mysql_reconnect(NULL)) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Couldn't establish connection. Check debug.\n");
+		ast_log(LOG_DEBUG, "MySQL RealTime: Cannot Connect: %s\n", mysql_error(&mysql));
+	}
+
+	ast_config_engine_register(&mysql_engine);
+	if(option_verbose) {
+		ast_verbose("MySQL RealTime driver loaded.\n");
+	}
+	ast_cli_register(&cli_realtime_mysql_status);
+
+	ast_mutex_unlock(&mysql_lock);
+
+	return 0;
+}
+
+int unload_module (void)
+{
+	/* Aquire control before doing anything to the module itself. */
+	ast_mutex_lock(&mysql_lock);
+
+	mysql_close(&mysql);
+	ast_cli_unregister(&cli_realtime_mysql_status);
+	ast_config_engine_deregister(&mysql_engine);
+	if(option_verbose) {
+		ast_verbose("MySQL RealTime unloaded.\n");
+	}
+
+	STANDARD_HANGUP_LOCALUSERS;
+
+	/* Unlock so something else can destroy the lock. */
+	ast_mutex_unlock(&mysql_lock);
+
+	return 0;
+}
+
+int reload (void)
+{
+	/* Aquire control before doing anything to the module itself. */
+	ast_mutex_lock(&mysql_lock);
+
+	mysql_close(&mysql);
+	connected = 0;
+	parse_config();
+
+	if(!mysql_reconnect(NULL)) {
+		ast_log(LOG_WARNING, "MySQL RealTime: Couldn't establish connection. Check debug.\n");
+		ast_log(LOG_DEBUG, "MySQL RealTime: Cannot Connect: %s\n", mysql_error(&mysql));
+	}
+
+	ast_verbose(VERBOSE_PREFIX_2 "MySQL RealTime reloaded.\n");
+
+	/* Done reloading. Release lock so others can now use driver. */
+	ast_mutex_unlock(&mysql_lock);
+
+	return 0;
+}
+
+int parse_config (void)
+{
+	struct ast_config *config;
+	char *s;
+
+	config = ast_config_load(RES_CONFIG_MYSQL_CONF);
+
+	if(config) {
+		if(!(s=ast_variable_retrieve(config, "general", "dbuser"))) {
+			ast_log(LOG_WARNING, "MySQL RealTime: No database user found, using 'asterisk' as default.\n");
+			strncpy(dbuser, "asterisk", sizeof(dbuser) - 1);
+		} else {
+			strncpy(dbuser, s, sizeof(dbuser) - 1);
+		}
+
+		if(!(s=ast_variable_retrieve(config, "general", "dbpass"))) {
+                        ast_log(LOG_WARNING, "MySQL RealTime: No database password found, using 'asterisk' as default.\n");
+                        strncpy(dbpass, "asterisk", sizeof(dbpass) - 1);
+                } else {
+                        strncpy(dbpass, s, sizeof(dbpass) - 1);
+                }
+
+		if(!(s=ast_variable_retrieve(config, "general", "dbhost"))) {
+                        ast_log(LOG_WARNING, "MySQL RealTime: No database host found, using localhost via socket.\n");
+			dbhost[0] = '\0';
+                } else {
+                        strncpy(dbhost, s, sizeof(dbhost) - 1);
+                }
+
+		if(!(s=ast_variable_retrieve(config, "general", "dbname"))) {
+                        ast_log(LOG_WARNING, "MySQL RealTime: No database name found, using 'asterisk' as default.\n");
+			strncpy(dbname, "asterisk", sizeof(dbname) - 1);
+                } else {
+                        strncpy(dbname, s, sizeof(dbname) - 1);
+                }
+
+		if(!(s=ast_variable_retrieve(config, "general", "dbport"))) {
+                        ast_log(LOG_WARNING, "MySQL RealTime: No database port found, using 3306 as default.\n");
+			dbport = 3306;
+                } else {
+			dbport = atoi(s);
+                }
+
+		if(dbhost && !(s=ast_variable_retrieve(config, "general", "dbsock"))) {
+                        ast_log(LOG_WARNING, "MySQL RealTime: No database socket found, using '/tmp/mysql.sock' as default.\n");
+                        strncpy(dbsock, "/tmp/mysql.sock", sizeof(dbsock) - 1);
+                } else {
+                        strncpy(dbsock, s, sizeof(dbsock) - 1);
+                }
+	}
+	ast_config_destroy(config);
+
+	if(dbhost) {
+		ast_log(LOG_DEBUG, "MySQL RealTime Host: %s\n", dbhost);
+		ast_log(LOG_DEBUG, "MySQL RealTime Port: %i\n", dbport);
+	} else {
+		ast_log(LOG_DEBUG, "MySQL RealTime Socket: %s\n", dbsock);
+	}
+	ast_log(LOG_DEBUG, "MySQL RealTime User: %s\n", dbuser);
+	ast_log(LOG_DEBUG, "MySQL RealTime Password: %s\n", dbpass);
+
+	return 1;
+}
+
+char *description (void)
+{
+	return res_config_mysql_desc;
+}
+
+int usecount (void)
+{
+	/* Try and get a lock. If unsuccessful, than that means another thread is using the mysql object. */
+	if(ast_mutex_trylock(&mysql_lock)) {
+		ast_log(LOG_DEBUG, "MySQL RealTime: Module usage count is 1.\n");
+		return 1;
+	}
+	ast_mutex_unlock(&mysql_lock);
+	return 0;
+}
+
+char *key ()
+{
+	return ASTERISK_GPL_KEY;
+}
+
+static int mysql_reconnect(const char *database)
+{
+	char my_database[50];
+
+	if(!database || ast_strlen_zero(database))
+		ast_copy_string(my_database, dbname, sizeof(my_database));
+	else
+		ast_copy_string(my_database, database, sizeof(my_database));
+
+	/* mutex lock should have been locked before calling this function. */
+
+	if((!connected) && (dbhost || dbsock) && dbuser && dbpass && my_database) {
+		if(!mysql_init(&mysql)) {
+			ast_log(LOG_WARNING, "MySQL RealTime: Insufficient memory to allocate MySQL resource.\n");
+			connected = 0;
+			return 0;
+		}
+		if(mysql_real_connect(&mysql, dbhost, dbuser, dbpass, my_database, dbport, dbsock, 0)) {
+			ast_log(LOG_DEBUG, "MySQL RealTime: Successfully connected to database.\n");
+			connected = 1;
+			connect_time = time(NULL);
+			return 1;
+		} else {
+			ast_log(LOG_ERROR, "MySQL RealTime: Failed to connect database server %s on %s. Check debug for more info.\n", dbname, dbhost);
+			ast_log(LOG_DEBUG, "MySQL RealTime: Cannot Connect: %s\n", mysql_error(&mysql));
+			connected = 0;
+			return 0;
+		}
+	} else {
+		if(mysql_ping(&mysql) != 0) {
+			connected = 0;
+			ast_log(LOG_ERROR, "MySQL RealTime: Failed to reconnect. Check debug for more info.\n");
+			ast_log(LOG_DEBUG, "MySQL RealTime: Server Error: %s\n", mysql_error(&mysql));
+			return 0;
+		}
+
+		connected = 1;
+
+		if(mysql_select_db(&mysql, my_database) != 0) {
+			ast_log(LOG_WARNING, "MySQL RealTime: Unable to select database: %s. Still Connected.\n", my_database);
+			ast_log(LOG_DEBUG, "MySQL RealTime: Database Select Failed: %s\n", mysql_error(&mysql));
+			return 0;
+		}
+
+		ast_log(LOG_DEBUG, "MySQL RealTime: Everything is fine.\n");
+		return 1;
+	}
+}
+
+static int realtime_mysql_status(int fd, int argc, char **argv)
+{
+	char status[256], status2[100] = "";
+	int ctime = time(NULL) - connect_time;
+
+	ast_mutex_lock(&mysql_lock);
+	if(mysql_reconnect(NULL)) {
+		if(dbhost) {
+			snprintf(status, 255, "Connected to %s@%s, port %d", dbname, dbhost, dbport);
+		} else if(dbsock) {
+			snprintf(status, 255, "Connected to %s on socket file %s", dbname, dbsock);
+		} else {
+			snprintf(status, 255, "Connected to %s@%s", dbname, dbhost);
+		}
+
+		if(dbuser && *dbuser) {
+			snprintf(status2, 99, " with username %s", dbuser);
+		}
+
+		if (ctime > 31536000) {
+			ast_cli(fd, "%s%s for %d years, %d days, %d hours, %d minutes, %d seconds.\n", status, status2, ctime / 31536000, (ctime % 31536000) / 86400, (ctime % 86400) / 3600, (ctime % 3600) / 60, ctime % 60);
+		} else if (ctime > 86400) {
+			ast_cli(fd, "%s%s for %d days, %d hours, %d minutes, %d seconds.\n", status, status2, ctime / 86400, (ctime % 86400) / 3600, (ctime % 3600) / 60, ctime % 60);
+		} else if (ctime > 3600) {
+			ast_cli(fd, "%s%s for %d hours, %d minutes, %d seconds.\n", status, status2, ctime / 3600, (ctime % 3600) / 60, ctime % 60);
+		} else if (ctime > 60) {
+			ast_cli(fd, "%s%s for %d minutes, %d seconds.\n", status, status2, ctime / 60, ctime % 60);
+		} else {
+			ast_cli(fd, "%s%s for %d seconds.\n", status, status2, ctime);
+		}
+
+		ast_mutex_unlock(&mysql_lock);
+		return RESULT_SUCCESS;
+	} else {
+		ast_mutex_unlock(&mysql_lock);
+		return RESULT_FAILURE;
+	}
+}