app.c: make sure that no non-async-signal-safe syscalls are used after
fork before exec
Posix does only allow async-signal-safe syscalls after fork before exec.
As asterisk ignores this, functions like TrySystem or System sometimes
end up in a deadlocked child process. The patch prevents the use of
non-async-signal-safe syscalls.
Guido Falsi [Sun, 3 May 2020 10:30:15 +0000 (12:30 +0200)]
pjproject: Remove bashism from configure.m4 script
The configure.m4 script for pjproject contains some += syntax, which
is specific to bash, replacing it with string substitutions makes
the script compatible with traditional Bourne shells.
ASTERISK-28866 #close Reported-by: Christoph Moench-Tegeder <cmt@FreeBSD.org>
Change-Id: I382a78160e028044598b7da83ec7e1ff42b91c05
George Joseph [Thu, 30 Apr 2020 15:56:03 +0000 (09:56 -0600)]
app_voicemail: Add workaround for a gcc 10 issue with -Wrestrict
The gcc 10 -Wrestrict option was causing "overlap" errors when
snprintf was copying one char[256] structure member to another
char[256] member in the same structure.
Using ast_alloca instead of declaring the structure inline
solves the issue.
Here's a link to the "enhancement":
https://gcc.gnu.org/legacy-ml/gcc-patches/2019-10/msg00570.html
Alexander Traud [Mon, 27 Apr 2020 15:28:01 +0000 (17:28 +0200)]
core_local: Local calls are always secure.
In a Dialplan, the channel drivers 'chan_sip' and 'chan_iax2' support
the channel items 'secure_bridge_media' and 'secure_bridge_signaling'.
That way, a channel can be forced to use encryption even if not
specified in its configuration.
However, when the Local Proxy kicks in, for example, in case of a
forwarding (SIP status 302), Local Proxy stated it does not know those
items. Consequently, such a call could not be proxied how clever your
Dialplan was. Because local calls within Asterisk are always secure,
Local Proxy accepts such a request now.
In practice it has been seen that some users come
close to our maximum ICE candidate count of 32.
In case people have gone over this increases the
count to 64, giving ample room.
res_rtp_asterisk: Protect access to nochecksums with #ifdef
Recently code accessing nochecksums variable has been added without including #ifdef SO_NO_CHECK protection, while the variable is created only when such constant is defined.
Peter Turczak [Fri, 17 Apr 2020 07:39:09 +0000 (08:39 +0100)]
chan_mobile: Add smoother to make SIP/RTP endpoints happy.
In contrast to RFC 3551, section 4.2, several SIP/RTP clients misbehave
severly (up to crashing). This patch adds another smoother for the audio
received via bt. Therefore the audio frames sent to the core will be
CHANNEL_FRAME_SIZE.
Jaco Kroon [Tue, 3 Dec 2019 18:35:20 +0000 (20:35 +0200)]
res_rtp_asterisk: iterate all local addresses looking to populate ICE.
By using pjproject to give us a list of candidates, and then filtering,
if the host has >32 addresses configured, then it is possible that we
end up filtering out all 32 of those, and ending up with no candidates
at all. Instead, get getifaddrs (which pjsip is using underlying
anyway) to retrieve all local addresses, and iterate those, adding the
first 32 addresses not excluded by the ICE ACL.
In our setup at any point in time We've got between 6 and 328 addresses
on any given system. The lower limit is the lower limit but the upper
limit is growing on a near daily basis currently.
Alexander Traud [Sun, 12 Apr 2020 14:53:50 +0000 (16:53 +0200)]
BuildSystem: Search for Python/C API when possibly needed only.
The Python/C API is used only if the Test Framework was enabled in Asterisk
'make menuselect'. The Test Framework is available only if the Developer Mode
was enabled in Asterisk './configure --enable-dev-mode'. And that Python/C API
is used only if the PJProject was found and not disabled in Asterisk; the user
did not go for './configure --without-pjproject'.
Furthermore, because version 2 of that Python/C API is required (currently) and
because some platforms do not offer a generic version 2, the script searches
for 2.7 explicitly as well.
To avoid version mismatch between the Python/C API and the Python environment,
the script searches for the latter in the same versions, in the same the order
as well. Because this Python/C API is just for (some) Asterisk contributors,
the script also goes for the Python 3 environment as a last resort for all
other Asterisk users. This allows 'make full' even on minimal installations of
Ubuntu 18.04 LTS and newer.
Because the Python/C API is Asterisk contributor specific, the Python packages
are removed from the script './contrib/scripts/install_prereq' as this script
is intended for Asterisk users. Asterisk contributors have to install much more
packages in any case, like:
sudo apt install autoconf automake git git-review python2.7-dev
It is possible to configure a TCP/TLS client without having a TCP/TLS
server. In that case, no error or warning was printed but the headers
Contact and Via in SIP REGISTER were "(null)".
Kevin Harwell [Wed, 8 Apr 2020 19:01:55 +0000 (14:01 -0500)]
chan_pjsip: digit_begin - constant DTMF tone if RTP is not setup yet
If chan_pjsip is configured for DTMF_RFC_4733, and the core triggers a
digit begin before media, or rtp has been setup then it's possible the
outgoing channel will hear a constant DTMF tone upon answering.
This happens because when there is no media, or rtp chan_pjsip notifies
the core to initiate inband DTMF. However, upon digit end if media, and
rtp become available then chan_pjsip does not notify the core to stop
inband DTMF. Thus the tone continues playing.
This patch makes it so chan_pjsip only notifies the core to start
inband DTMF in only the required cases. Now if there is no media, or
rtp availabe upon digit begin chan_pjsip does nothing, but tells the
core it handled it.
Joshua C. Colp [Thu, 26 Mar 2020 22:42:27 +0000 (19:42 -0300)]
res_pjsip: Don't set endpoint to unavailable in all cases.
When an AOR is modified endpoints are updated that reference
the AOR so they can start receiving updates and reflect the
correct state. If this is the case then we shouldn't change
the endpoint to be offline if it does not reference the AOR
but instead only when the endpoint is completely updated for
all its AORs.
ASTERISK-28056
patches:
pjsip_options-aor.diff submitted by jhord (license 6978)
sungtae kim [Thu, 26 Mar 2020 22:18:17 +0000 (22:18 +0000)]
dial.c: Removed dial string 80 character limitation
The dial application had 80 characters of destination length
limitation. But this limitation causes unexpected dial string
cut if the dial string is long.
Removed unnecessary limited buffer to support longer dial
destination.
Jaco Kroon [Wed, 18 Mar 2020 13:49:56 +0000 (15:49 +0200)]
acl: implement a centralized ACL output mechanism for HAs and ACLs.
named_acl.c (which is really a named_ha) now uses ast_ha_output.
I've also updated main/manager.c to output the actual ACL on "manager
show user <username>" if one is set. If this works then we can add
similar to other modules as required.
Kevin Harwell [Tue, 17 Mar 2020 20:54:25 +0000 (15:54 -0500)]
ast_coredumper: add Asterisk information dump
This patch makes it so ast_coredumper now outputs the following information to
a *-info.txt file when processing a core file:
asterisk version and "built by" string
BUILD_OPTS
system start, and last reloaded date/time
taskprocessor list
equivalent of "bridge show all"
equivalent of "core show channels verbose"
Also a slight modification was made when trying to obtain the pid(s) of a
running Asterisk. If it fails to retrieve any it now reports an error.
Jaco Kroon [Fri, 20 Mar 2020 14:12:05 +0000 (16:12 +0200)]
netsock2: compile fixes.
This fixes ast_addressfamily_to_sockaddrsize to reference the
provided argument, and ast_sockaddr_from_sockaddr to not use the name of
a structure as argument.
Jaco Kroon [Wed, 18 Mar 2020 09:38:30 +0000 (11:38 +0200)]
dundi: fix NULL dereference.
If a negative (error) return is received from dundi_lookup_internal,
this is not handled correctly when assigning the result to the buffer.
As such, use a signed integer in the assignment and do a proper
comparison.
When the Asterisk receives 200 OK with invalid SDP,
the Asterisk/PJPROJECT terminating the session.
But if the channel was in the Bridge, Asterisk tries send
the Re-Invite before terminating the session.
And when the Asterisk sending the Re-Invite, it doesn't check
the SDP is NULL or not. This crashes the Asterisk.
Fixed it to close the session correctly if the UAS sends the
200 OK with wrong SDP.
Jaco Kroon [Wed, 18 Mar 2020 09:49:39 +0000 (11:49 +0200)]
build: enable building with uClibc
This patch has been included in Gentoo distribution for at least since
asterisk 1.8, but there are references in the logs going back as far as
1.0.0 - not sure if this is still required in any way, it does apply,
and it doesn't (as far as we can determine) cause build failures.
chan_psip, res_pjsip_sdp_rtp: ignore rtptimeout if direct-media is active
Do not hang up a PJSIP channel on RTP timeout if that channel is in
a direct-media bridge. Also reset the time of the last received RTP packet when
direct-media ends (wait full rtp_timeout period before checking first time after
audio came back to Asterisk).
ASTERISK-28774 Reported-by: Michael Neuhauser
Change-Id: I8b62012be7685849e8fb2b1c5dd39d35313ca2d1
Jaco Kroon [Wed, 27 Nov 2019 13:54:39 +0000 (15:54 +0200)]
res_rtp_asterisk: implement ACL mechanism for ICE and STUN addresses.
A pure blacklist is not good enough, we need a whitelist mechanism as
well, and the simplest way to do that is to re-use existing ACL
infrastructure.
This makes it simpler to blacklist say an entire block (/24) except a
smaller block (eg, a /29 or even a /32). Normally you'd need to
recursively split the block, so if you want to blacklist a /24 except
for a /29 you'd end up with a blacklit for a /25, /26, /27 and /28. I
feel that having an ACL instead of a blacklist only is clearer.
So in order to remain backwards compatible we need to detect this API
change, and adjust accordingly. The simplest is to notice that the
bfd_get_section_size and bfd_get_section_vma MACROs are no longer
defined, and define then onto the new API. The alternative is to litter
the code with a number of #ifdef #else #endif splatters right through
the code.
Joshua C. Colp [Thu, 12 Mar 2020 14:22:06 +0000 (11:22 -0300)]
audiohook: Don't allow audiohooks to attach to hung up channels.
Given a scenario where MixMonitor was initiated over AMI it
was possible for the channel and MixMonitor thread to remain
alive past hang up of the channel. This scenario required
the AMI initiated MixMonitor to retrieve the channel, a
hangup to occur on the channel in another thread, and then
for MixMonitor to actually start. If this occurred the
MixMonitor thread would remain alive indefinitely and
the channel reference would remain.
This change ensures that audiohooks are never able to
be attached to channels that have been hung up. An
additional fix has also been done in app_mixmonitor to
properly release the channel reference if this occurs.
George Joseph [Wed, 4 Mar 2020 21:45:40 +0000 (14:45 -0700)]
CI: Create generic jenkinsfile
This is a generic jenkinsfile to build Asterisk and optionally
perform one or more of the following:
* Publish the API docs to the wiki
* Run the Unit tests
* Run Testsuite Tests
This job can be triggered manually from Jenkins or be triggered
automatically on a schedule based on a cron string.
Torrey Searle [Fri, 6 Mar 2020 16:13:34 +0000 (17:13 +0100)]
res_rtp_asterisk: Send correct sender SSRC when p2p bridge in use
bridge_p2p_rtp_write will forward rtp to the bridged rtp instance
without modifying the ssrc. However, it is not updating the SSRC
in the bridged rtp. Thus, when SSRC packets are generated, they
have the correct SSRC for the sender.
Paulo Vicentini [Wed, 26 Feb 2020 00:30:04 +0000 (01:30 +0100)]
chan_pjsip: Check audio frame when remote SSRC changes.
If the SSRC of a received RTP packet differed from the previous SSRC
an SSRC change control frame would be queued ahead of the media
frame. In the case of audio this would result in the format of the
audio frame not being checked, and if it differed or was not allowed
then it could cause the call to drop due to failure to set up a
translation path.
The chan_pjsip module will now no longer assume the first frame
will be the audio frame and instead goes through the complete list
to find it.
Sean Bright [Fri, 6 Mar 2020 20:59:37 +0000 (15:59 -0500)]
enum.c: Add support for regular expression flag in NAPTR record
A regular expression in a NAPTR response record can have a trailing
'i' flag to indicate that the expression should be evaluated in a
case-insensitive way. We were not checking for that flag which caused
the record parsing to fail on otherwise valid input.
Although this change will initially go into Asterisk 13, 16, and 17,
it is my intention to replace the majority of this code in 16 and up -
including this fix - by changing enum.c to consume the new DNS API
which duplicates most of this logic already. Asterisk 13 doesn't have
the DNS API, so this fix will be as good as it gets.
res_rtp_asterisk: Add 'rtp show settings' cli command
This change introduce a CLI command for the RTP to display the general
configuration.
In the first step add the follow fields of the configurations:
- rtpstart
- rtpend
- dtmftimeout
- rtpchecksum
- strictrtp
- learning_min_sequential
- icesupport
Torrey Searle [Thu, 5 Mar 2020 09:08:54 +0000 (10:08 +0100)]
res_pjsip_sdp_rtp: Don't wait for ICE if not negotiated
If ICE support is enabled but not negotiated, the rtp->ice structure is
not being destroyed. This leads to Asterisk waiting for ICE to complete
instead of immediately starting the DTLS handshake, resulting in the
call leg having no RTP.
Sean Bright [Wed, 4 Mar 2020 22:53:57 +0000 (17:53 -0500)]
enum.c: Make ast_get_txt() actually do something.
The ast_get_txt() API function (and by extension, the TXTCIDNAME
dialplan function) were broken in 65b8381550a9f46fdce84de79960073e9d51b05d such that we would never
actually make a DNS TXT query as described.
Sebastian Kemper [Sun, 12 Jan 2020 11:37:46 +0000 (12:37 +0100)]
check_expr2: fix cross-compile/hardening issues
When building check_expr2 with ASLR PIE hardening enabled the linker
fails. This is resolved by adding the regular compiler flags when
building the object files from ast_expr2f.c and ast_expr2.c.
Note: The STANDALONE define is removed because it is already defined in
_ASTCFLAGS. YY_NO_INPUT is defined so that the compile survives
'--enable-dev-mode'.
Also, a Makefile variable "CROSS_COMPILING" is added so that the
build system doesn't try to run check_expr2 when cross-compiling,
because that will fail the build as will.
ASTERISK-28685 #close
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Change-Id: If435b7db9f9ad8266245bda51c81c220f9658915
Kevin Harwell [Fri, 28 Feb 2020 18:53:40 +0000 (12:53 -0600)]
message & stasis/messaging: make text message variables work in ARI
When a text message was received any associated variable was not written to
the ARI TextMessageReceived event. This occurred because Asterisk only wrote
out "send" variables. However, even those "send" variables would fail ARI
validation due to a TextMessageVariable formatting bug.
Since it seems the TextMessageReceived event has never been able to include
actual variables it was decided to remove the TextMessageVariable object type
from ARI, and simply return a JSON object of key/value pairs for variables.
This aligns more with how the ARI sendMessage handles variables, and other
places in ARI.
That being the case, and since this is technically an API breaking change (no
one should really be affected since things never really worked) the ARI version
was updated to reflect that.
Jaco Kroon [Thu, 20 Feb 2020 12:52:06 +0000 (14:52 +0200)]
addons/res_config_mysql: silense warnings about printf format errors.
Warnings without this:
res_config_mysql.c: In function 'update2_mysql':
res_config_mysql.c:741:15: warning: format '%llu' expects argument of type
'long long unsigned int', but argument 6 has type 'my_ulonglong'
{aka 'long unsigned int'} [-Wformat=]
ast_debug(1, "MySQL RealTime: Updated %llu rows on table: %s\n",
numrows, tablename);
Ben Ford [Thu, 23 Jan 2020 19:17:06 +0000 (13:17 -0600)]
RTP/ICE: Send on first valid pair.
When handling ICE negotiations, it's possible that there can be a delay
between STUN binding requests which in turn will cause a delay in ICE
completion, preventing media from flowing. It should be possible to send
media when there is at least one valid pair, preventing this scenario
from occurring.
A change was added to PJPROJECT that adds an optional callback
(on_valid_pair) that will be called when the first valid pair is found
during ICE negotiation. Asterisk uses this to start the DTLS handshake,
allowing media to flow. It will only be called once, either on the first
valid pair, or when ICE negotiation is complete.
Joshua C. Colp [Tue, 18 Feb 2020 13:10:16 +0000 (13:10 +0000)]
pjsip: Update ACLs on named ACL changes.
This change extends the Sorcery API to allow a wizard to be
told to explicitly reload objects or a specific object type
even if the wizard believes that nothing has changed.
This has been leveraged by res_pjsip and res_pjsip_acl to
reload endpoints and PJSIP ACLs when a named ACL changes.
projects / thirdparty / asterisk.git / log
