chan_sip: Handle invalid SDP answer to T.38 re-invite
The chan_sip module performs a T.38 re-invite using a single media
stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional
media stream with no joint codec a crash will occur as the code
assumes that at least one joint codec will exist in this
scenario.
George Joseph [Thu, 8 Nov 2018 15:53:44 +0000 (08:53 -0700)]
backtrace: Refactor ast_bt_get_symbols so it doesn't crash
We've been seeing crashes in libbfd when we attempt to generate
a stack trace from multiple threads. It turns out that libbfd
is NOT thread-safe. It can cache the bfd structure and give it to
multiple threads without protecting itself. To get around this,
we've added a global mutex around the bfd functions and also have
refactored the use of those functions to be more efficient and
to provide more information about inlined functions.
Also added a few more tests to test_pbx.c. One just calls
ast_assert() and the other calls ast_log_backtrace(). Neither are
run by default.
WARNING: This change necessitated changing the return value of
ast_bt_get_symbols() from an array of strings to a VECTOR of
strings. However, the use of this function outside Asterisk is not
likely.
The HTTP request processing in res_http_websocket allocates additional
space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.
* No longer allocate memory from the stack in a loop to parse the header
values. NOTE: There is a slight API change when using the passed in
strings as is. We now require the passed in strings to no longer have
leading or trailing whitespace. This isn't a problem as the only callers
have already done this before passing the strings to the affected
function.
res_pjsip: Update default keepalive interval to 90 seconds.
A change recently went in which disabled the built-in PJSIP
keepalive. This defaulted to 90 seconds and kept TCP/TLS
connections alive. Disabling this functionality has resulted
in a behavior change of not doing keepalives by default resulting
in TCP/TLS connections dropping for some people.
This change makes our default keepalive interval 90 seconds
to match the previous behavior and preserve it.
Turn off the periodic sending of CRLNCRLN. Default is on (90 seconds),
which conflicts with the global section's keep_alive_interval option in
pjsip.conf.
patches:
pjsip_keep_not_alive.patch submitted by Alexander Traud (License 6520)
Richard Mudgett [Tue, 3 Jul 2018 17:10:36 +0000 (12:10 -0500)]
res_pjsip/pjsip_transport_management.c: Fix deadlock with transport keep alive.
Using the keep_alive_interval option can result in a deadlock between the
pjproject transport manager group lock and the monitored transports ao2
container lock. The pjproject transport manager group lock has to be
superior in the locking order to the monitored transports ao2 container
lock because of pjproject callbacks called when already holding the group
lock. The lock inversion happens when Asterisk attempts to send a keep
alive packet over the reliable transports.
* Made keepalive_transport_thread() iterate over the monitored transports
container rather than use the ao2_callback() method. This avoids holding
the container lock when sending the keep alive packet.
Richard Mudgett [Fri, 13 Jul 2018 23:26:46 +0000 (18:26 -0500)]
Build: Fix modules getting their optimization setting overridden.
Asterisk modules that use PJPROJECT services have their compiler
optimization and possibly their symbolic debug options overridden by the
PJPROJECT configure script selected settings.
* We need to filter-out any -O and -g options in PJ_CFLAGS before echoing
out the result so the PJPROJECT_INCLUDE variable does not override the
Asterisk module settings when using bundled PJPROJECT.
NOTE: This patch only has an effect when using bundled PJPROJECT.
Jaco Kroon [Tue, 8 May 2018 09:59:02 +0000 (11:59 +0200)]
manager: fix digest auth for ami/http mechanism.
Due to a fixed size buffer the digest authentication could be
incorrectly calculated if a large URI was provided, causing
authentication failure. The buffer is now dynamically allocated to allow
any size URI within the normal limits of the HTTP request size.
George Joseph [Wed, 11 Jul 2018 11:14:49 +0000 (05:14 -0600)]
CI: Initial commit for moving CI into source repo
Create tests/CI directory and add files used by Jenkins to
build and test Asterisk.
With this commit, Jenkins will run the Asterisk Unit Tests using
the Jenkinsfile at tests/CI/unittests.jenkinsfile. Bash scripts
to do the actual building and testing are also in the same directory.
Output is placed in tests/CI/output so that directory has been
added to .gitignore.
George Joseph [Fri, 6 Jul 2018 14:04:56 +0000 (08:04 -0600)]
test.c: Make output jUnit compatible
Separate "name" into "classname" and "name".
Use '.' for classname separator instead of '/'.
Prefix reserved words with '_'.
Wrap output with a top-level "testsuites" element.
Richard Mudgett [Mon, 30 Apr 2018 22:38:58 +0000 (17:38 -0500)]
AST-2018-008: Fix enumeration of endpoints from ACL rejected addresses.
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
George Joseph [Mon, 4 Jun 2018 14:50:51 +0000 (08:50 -0600)]
app_sendtext: Allow content types other than text/plain
There was no real reason to limit the conteny type to text/plain other
than that's what it was limited to before. Now any text/* content
type will be allowed for channel drivers that don't support enhanced
messaging and any type will be allowed for channel drivers that do
support enhanced messaging.
George Joseph [Tue, 10 Apr 2018 21:09:49 +0000 (15:09 -0600)]
app_sendtext: Enhance SendText to support Enhanced Messaging
SendText now accepts new channel variables that can be used
to override the To and From display names and set the Content-Type
of a message. Since you can now set Content-Type, other text/*
content types are now valid.
George Joseph [Wed, 27 Sep 2017 16:44:53 +0000 (10:44 -0600)]
bridge_softmix: Forward TEXT frames
Core bridging and, more specifically, bridge_softmix have been
enhanced to relay received frames of type TEXT or TEXT_DATA to all
participants in a softmix bridge. res_pjsip_messaging and
chan_pjsip have been enhanced to take advantage of this so when
res_pjsip_messaging receives an in-dialog MESSAGE message from a
user in a conference call, it's relayed to all other participants
in the call.
res_pjsip_messaging already queues TEXT frames to the channel when
it receives an in-dialog MESSAGE from an endpoint and chan_pjsip
will send an MESSAGE when it gets a TEXT frame. On a normal
point-to-point call, the frames are forwarded between the two
correctly. bridge_softmix was not though so messages weren't
getting forwarded to conference bridge participants. Even if they
were, the bridging code had no way to tell the participants who
sent the message so it would look like it came from the bridge
itself.
* The TEXT frame type doesn't allow storage of any meta data, such
as sender, on the frame so a new TEXT_DATA frame type was added that
uses the new ast_msg_data structure as its payload. A channel
driver can queue a frame of that type when it receives a message
from outside. A channel driver can use it for sending messages
by implementing the new send_text_data channel tech callback and
setting the new AST_CHAN_TP_SEND_TEXT_DATA flag in its tech
properties. If set, the bridging/channel core will use it instead
of the original send_text callback and it will get the ast_msg_data
structure. Channel drivers aren't required to implement this. Even
if a TEXT_DATA enabled driver uses it for incoming messages, an
outgoing channel driver that doesn't will still have it's send_text
callback called with only the message text just as before.
* res_pjsip_messaging now creates a TEXT_DATA frame for incoming
in-dialog messages and sets the "from" to the display name in the
"From" header, or if that's empty, the caller id name from the
channel. This allows the chat client user to set a friendly name
for the chat.
* bridge_softmix now forwards TEXT and TEXT_DATA frames to all
participants (except the sender).
* A new function "ast_sendtext_data" was added to channel which
takes an ast_msg_data structure and calls a channel's
send_text_data callback, or if that's not defined, the original
send_text callback.
* bridge_channel now calls ast_sendtext_data for TEXT_DATA frame
types and ast_sendtext for TEXT frame types.
* chan_pjsip now uses the "from" name in the ast_msg_data structure
(if it exists) to set the "From" header display name on outgoing text
messages.
George Joseph [Wed, 27 Sep 2017 16:44:53 +0000 (10:44 -0600)]
bridge_softmix: Forward TEXT frames
Core bridging and, more specifically, bridge_softmix have been
enhanced to relay received frames of type TEXT or TEXT_DATA to all
participants in a softmix bridge. res_pjsip_messaging and
chan_pjsip have been enhanced to take advantage of this so when
res_pjsip_messaging receives an in-dialog MESSAGE message from a
user in a conference call, it's relayed to all other participants
in the call.
res_pjsip_messaging already queues TEXT frames to the channel when
it receives an in-dialog MESSAGE from an endpoint and chan_pjsip
will send an MESSAGE when it gets a TEXT frame. On a normal
point-to-point call, the frames are forwarded between the two
correctly. bridge_softmix was not though so messages weren't
getting forwarded to conference bridge participants. Even if they
were, the bridging code had no way to tell the participants who
sent the message so it would look like it came from the bridge
itself.
* The TEXT frame type doesn't allow storage of any meta data, such
as sender, on the frame so a new TEXT_DATA frame type was added that
uses the new ast_msg_data structure as its payload. A channel
driver can queue a frame of that type when it receives a message
from outside. A channel driver can use it for sending messages
by implementing the new send_text_data channel tech callback and
setting the new AST_CHAN_TP_SEND_TEXT_DATA flag in its tech
properties. If set, the bridging/channel core will use it instead
of the original send_text callback and it will get the ast_msg_data
structure. Channel drivers aren't required to implement this. Even
if a TEXT_DATA enabled driver uses it for incoming messages, an
outgoing channel driver that doesn't will still have it's send_text
callback called with only the message text just as before.
* res_pjsip_messaging now creates a TEXT_DATA frame for incoming
in-dialog messages and sets the "from" to the display name in the
"From" header, or if that's empty, the caller id name from the
channel. This allows the chat client user to set a friendly name
for the chat.
* bridge_softmix now forwards TEXT and TEXT_DATA frames to all
participants (except the sender).
* A new function "ast_sendtext_data" was added to channel which
takes an ast_msg_data structure and calls a channel's
send_text_data callback, or if that's not defined, the original
send_text callback.
* bridge_channel now calls ast_sendtext_data for TEXT_DATA frame
types and ast_sendtext for TEXT frame types.
* chan_pjsip now uses the "from" name in the ast_msg_data structure
(if it exists) to set the "From" header display name on outgoing text
messages.
Alexander Traud [Thu, 17 May 2018 06:58:43 +0000 (08:58 +0200)]
res_pjsip_endpoint_identifier_ip: Unregister the module for headers.
Asterisk uses Reference Counting to track whether a module can be unloaded.
Every consumer who requires a module, increases the reference count. When the
consumer goes, is unloaded itself, it has to decrease the reference count on
all its used/required modules. That way
core stop gracefully
works on the command-line interface (CLI): One module after the other is
unloaded. A recent change broke this for the module res_pjsip.
Alexander Traud [Thu, 17 May 2018 05:34:03 +0000 (07:34 +0200)]
res_pjsip: Register pjsip_transport_management not externally but internally.
The module (res_)pjsip_transport_management got moved into res_pjsip. It is no
longer an independent/external module with (un)load_module and therefore has to
register just internally with res_pjsip.
Kevin Harwell [Mon, 30 Oct 2017 20:24:53 +0000 (15:24 -0500)]
Initialize 13.21-cert branch
A new branch was created for what will be Asterisk certified 13.21. A couple
of things needed to be done to the branch in order to complete initialization:
Modified the version file to reflect the certified version.
Updated all extended modules to be disabled by default.
George Joseph [Fri, 13 Apr 2018 20:17:36 +0000 (14:17 -0600)]
utils: Add ast_assert_return
Similar to pjproject's PJ_ASSERT_RETURN macro, this one will do the
following...
If the assert passes... NoOp
If the assert fails and AST_DEVMODE is defined, execute ast_assert()
then, if DO_CRASH isn't set, return from the calling function with
the supplied value.
If the assert fails and AST_DEVMODE is not defined, return from the
calling function with the supplied value.
The macro will execute a return without a value if one isn't suppled.
Ben Ford [Fri, 13 Apr 2018 19:32:48 +0000 (14:32 -0500)]
res_musiconhold: Don't restart MOH from beginning after announcement.
This reverts a problem introduced by the fix for ASTERISK_24329.
Now, when an announcement is played while waiting in a queue, music on
hold will not restart from the beginning of the sound file and will
instead pick up where it left off. However, the incorrect behavior in
ASTERISK_24329 is now present again; if an announcement X seconds
long is played when music on hold starts, music on hold will start X
seconds into the file.
Richard Mudgett [Tue, 27 Mar 2018 16:04:42 +0000 (11:04 -0500)]
res_pjsip.c: Split ast_sip_push_task_synchronous() to fit expectations.
ast_sip_push_task_synchronous() did not necessarily execute the passed in
task under the specified serializer. If the current thread is any
registered pjsip thread then it would execute the task immediately instead
of under the specified serializer. Reentrancy issues could result if the
task does not execute with the right serializer.
The original reason ast_sip_push_task_synchronous() checked to see if the
current thread was a registered pjsip thread was because of a deadlock
with masquerades and the channel technology's fixup callback
(ASTERISK_22936). A subsequent masquerade deadlock fix (ASTERISK_24356)
involving call pickups avoided the original deadlock situation entirely.
The PJSIP channel technology's fixup callback no longer needed to call
ast_sip_push_task_synchronous().
However, there are a few places where this unexpected behavior is still
required to avoid deadlocks. The pjsip monitor thread executes callbacks
that do calls to ast_sip_push_task_synchronous() that would deadlock if
the task were actually pushed to the specified serializer. I ran into one
dealing with the pubsub subscriptions where an ao2 destructor called
ast_sip_push_task_synchronous().
* Split ast_sip_push_task_synchronous() into
ast_sip_push_task_wait_servant() and ast_sip_push_task_wait_serializer().
ast_sip_push_task_wait_servant() has the old behavior of
ast_sip_push_task_synchronous(). ast_sip_push_task_wait_serializer() has
the new behavior where the task is always executed by the specified
serializer or a picked serializer if one is not passed in. Both functions
behave the same if the current thread is not a SIP servant.
* Redirected ast_sip_push_task_synchronous() to
ast_sip_push_task_wait_servant() to preserve API for released branches.
Richard Mudgett [Thu, 22 Mar 2018 00:43:21 +0000 (19:43 -0500)]
pjsip_scheduler.c: Fix some corner cases.
* Fix the periodic interval wander because it may take significant time
between the sched thread queueing the task in the serializer and the
serializer actually executing the task. The time it takes to actually
execute the task was already taken into account.
* Pass a schtd ref to the serializer when we queue a scheduled task on
the serializer. We don't want it going away on us while it is in the
serializer queue.
* Skip the scheduled task if the task was canceled between queueing the
task to the serializer and the serializer actually executing the task.
* Reorder struct ast_sip_sched_task to avoid unnecessary padding. Removed
task_id and added next_periodic.
* Hold a ref to the passed in serializer so the serializer cannot go away
on the scheduled task.
cdr_mysql: Compile error because MYSQL_PORT definition is missing
If it is not defined, it will add MYSQL_PORT definition. After some
research on MySQL/MariaDB development tree, I couldn't find any reference
to MYSQL_PORT definition in include files.
res_pjsip_session: Rewrite o= with external_media_address.
It now appends the external IP address on the
o= line of the SDP packet. The decision was made to write
the numeric IP address as opposed to the RFC that states
the FQDN should be used if and when available. We believe
the usage of literal IP address will help avoid
potential problems.
Nathan Bruning [Thu, 22 Feb 2018 18:18:48 +0000 (19:18 +0100)]
res_pjsip_notify.c: enable in-dialog NOTIFY
This patch adds support to send in-dialog SIP NOTIFY commands on
chan_pjsip channels, similar to the functionality recently added
for chan_sip (ASTERISK_27461).
This extends res_pjsip_notify to allow for in-dialog messages.
Richard Mudgett [Thu, 22 Mar 2018 18:35:04 +0000 (13:35 -0500)]
pjsip_scheduler.c: Fix ao2 usage errors.
* Removed several invalid uses of OBJ_NOLOCK. These uses resulted in the
'tasks' container being accessed without a lock in a multi-threaded
environment. A recipe for crashes.
* Removed needlessly obtaining schtd object references. If the caller
providing you a pointer to an object doesn't have a valid reference then
you cannot safely get one from it.
* Getting a ref to 'tasks' when you aren't copying the pointer into
another location is useless. The 'tasks' container pointer is global.
* Removed many unnecessary uses of RAII_VAR.
* Make ast_sip_schedule_task() name parameter const.
Corey Farrell [Fri, 23 Mar 2018 11:49:59 +0000 (07:49 -0400)]
Build System: Enable python3 compatibility.
* Consistently use spaces in rest-api-templates/asterisk_processor.py.
* Exclude third-party from docs/full-en_US.xml.
* Add docs/full-en_US.xml to .gitignore.
* Use list() to convert python3 view.
* Use python3 print function.
* Replace cmp() with equivalent equation.
* Replace reference to out of scope subtype variable with name
parameter.
* Use unescaping triple bracket notation in mustache templates where
needed. This causes behavior of Python2 to be maintained when using
Python3.
* Fix references to has_websocket / is_websocket in
res_ari_resource.c.mustache.
* Update calculation of has_websocket to use any().
* Use unicode mode for writing output file in transform.py.
* Replace 'from swagger_model import *' with explicit import of required
symbols.
* Add missing 'import os'
* Fix invalid reference to swagger_version from exception handler.
I have not tested voicemailpwcheck.py, only the print syntax has
been fixed.
Richard Mudgett [Thu, 5 Apr 2018 23:33:40 +0000 (18:33 -0500)]
res_pjsip_refer/chan_sip: Fix INVITE with replaces transfer to ConfBridge
There is a problem when an INVITE-with-Replaces transfer targets a channel
in a ConfBridge. The transfer will unconditionally swap out the
ConfBridge channel. Unfortunately, the ConfBridge state will not be aware
of this change. Unexpected behavior will happen as a result since
ConfBridge channels currently can only be replaced by a masquerade and not
normal bridge channel moves.
* We just need to pretend that the channel isn't in a bridge (like other
transfer methods already do) so the transfer channel will masquerade into
the ConfBridge channel.
Richard Mudgett [Thu, 5 Apr 2018 22:40:52 +0000 (17:40 -0500)]
chan_sip.c: Fix INVITE with replaces channel ref leak.
Given the below call scenario:
A -> Ast1 -> B
C <- Ast2 <- B
1) A calls B through Ast1
2) B calls C through Ast2
3) B transfers A to C
When party B transfers A to C, B sends a REFER to Ast1 causing Ast1 to
send an INVITE with replaces to Ast2. Ast2 then leaks a channel ref of
the channel between Ast1 and Ast2.
Channel ref leaks are easily seen in the CLI "core show channels" output.
The leaked channels appear in the output but you can do nothing with them
and they never go away unless you restart Asterisk.
* Properly account for the channel refs when imparting a channel into a
bridge when handling an INVITE with replaces in handle_invite_replaces().
The ast_bridge_impart() function steals a channel ref but the code didn't
account for how many refs were held by the code at the time and which ref
was stolen.
* Eliminated RAII_VAR in handle_invite_replaces().
Build System: Strip '-std=c99' from CFLAGS provided by libraries.
Asterisk requires GNU C extensions. On some systems certain libraries
may incorrectly push -std=c99 into CFLAGS, thus breaking the build.
This change causes that flag to be stripped so the Asterisk build is not
broken by those libraries. This change is made for both pkgconfig and
tool based libraries.
George Joseph [Sun, 25 Mar 2018 18:35:12 +0000 (12:35 -0600)]
pjroject_bundled: Add already-destroyed check to tsx_timer_callback
There have been cases that when the transaction timer callback is called
the tsx is already destroyed. This causes a crash. We now check the
tsx state and return if the tsx is already destroyed.
Richard Mudgett [Thu, 29 Mar 2018 22:07:56 +0000 (17:07 -0500)]
res_pjsip: Fix deadlock on reliable transport shutdown.
A deadlock can happen when the PJSIP monitor thread is shutting down a
connection oriented transport (TCP/TLS) used by a subscription at the same
time as another thread tries to send something for that subscription. The
deadlock is between the pjsip monitor thread attempting to get the dialog
lock and another thread sending something for that dialog when it tries to
get the transport manager lock.
* res_pjsip_pubsub.c: Avoid the deadlock by pushing the subscription
removal to the subscription serializer.
* res_pjsip_registrar.c: Pushed off incoming registration contact removals
to a default serializer as a precaution. Removing the contacts involves
sorcery access which in this case will involve database access. Depending
upon the setup, the database may not be on the same machine and could take
awhile. We don't want to hold up the pjsip monitor thread with
potentially long access times.
George Joseph [Sun, 25 Mar 2018 18:12:39 +0000 (12:12 -0600)]
pjproject_bundled: Add patch for pj_atomic crashes
There have been some crashes in the past where something attempts
to use a pj_atomic after it's already been destroyed. This patch
tries to prevent it by making sure that pj_atomic_destroy sets
its mutex to NULL when it's done. The pj_mutex functions already check
for a NULL mutex and just return PJ_EINVAL.
Teluu also added some checks to the win32 implementation as well.
Corey Farrell [Wed, 28 Mar 2018 13:18:06 +0000 (09:18 -0400)]
core: Create main/options.c.
This creates a separate source to 'own' symbols related to options.h and
paths.h. This significantly reduces the number of exports created by
main/asterisk.o. This change is required to eventually be able to
link unmodified Asterisk sources to utilities and/or stand-alone tests.
projects / thirdparty / asterisk.git / log
