George Joseph [Fri, 19 Feb 2021 19:25:13 +0000 (12:25 -0700)]
res_pjsip_refer: Refactor progress locking and serialization
Although refer_progress_notify() always runs in the progress
serializer, the pjproject evsub module itself can cause the
subscription to be destroyed which then triggers
refer_progress_on_evsub_state() to clean it up. In this case,
it's possible that refer_progress_notify() could get the
subscription pulled out from under it while it's trying to use
it.
At one point we tried to have refer_progress_on_evsub_state()
push the cleanup to the serializer and wait for its return before
returning to pjproject but since pjproject calls its state
callbacks with the dialog locked, this required us to unlock the
dialog while waiting for the serialized cleanup, then lock it
again before returning to pjproject. There were also still some
cases where other callers of refer_progress_notify() weren't
using the serializer and crashes were resulting.
Although all callers of refer_progress_notify() now use the
progress serializer, we decided to simplify the locking so we
didn't have to unlock and relock the dialog in
refer_progress_on_evsub_state().
Now, refer_progress_notify() holds the dialog lock for its
duration and since pjproject also holds the dialog lock while
calling refer_progress_on_evsub_state() (which does the cleanup),
there should be no more chances for the subscription to be
cleaned up while still being used to send NOTIFYs.
To be extra safe, we also now increment the session count on
the dialog when we create a progress object and decrement
the count when the progress is destroyed.
Joshua C. Colp [Tue, 16 Feb 2021 18:33:07 +0000 (14:33 -0400)]
res_pjsip_session: Always produce offer on re-INVITE without SDP.
When PJSIP receives a re-INVITE without an SDP offer the INVITE
session library will first call the on_create_offer callback and
if unavailable then use the active negotiated SDP as the offer.
In some cases this would result in a different SDP then was
previously used without an incremented SDP version number. The two
known cases are:
1. Sending an initial INVITE with a set of codecs and having the
remote side answer with a subset. The active negotiated SDP would
have the pruned list but would not have an incremented SDP version
number.
2. Using re-INVITE for unhold. We would modify the active negotiated
SDP but would not increment the SDP version.
To solve these, and potential other unknown cases, the on_create_offer
callback has now been implemented which produces a fresh offer with
incremented SDP version number. This better fits within the model
provided by the INVITE session library.
Ben Ford [Mon, 15 Feb 2021 18:24:42 +0000 (12:24 -0600)]
res_pjsip_session.c: Check topology on re-invite.
Removes an unnecessary check for the conditional that compares the
stream topologies to see if they are equal to suppress re-invites. This
was a problem when a Digium phone received an INVITE that offered codecs
different than what it supported, causing Asterisk to send the
re-invite.
Jaco Kroon [Tue, 23 Feb 2021 11:28:08 +0000 (13:28 +0200)]
res_odbc_transaction: correctly initialise forcecommit value from DSN.
Also improve the in-process documentation to clarify that the value is
initialised from the DSN and not default false, but that the DSN's value
is default false if unset.
Instead of looking for pass-through formats in the list of transcodable
formats (which is going to find nothing), go through the result which
is going to be the jointcaps of the tech_pvt of the channel. Finally,
only with that list, ast_format_cap_remove(.) is going to succeed.
This restores the behaviour of Asterisk 1.8. However, it does not fix
ASTERISK_29282 because that issue report is about chan_sip and PJSIP.
Here, only chan_sip is fixed because PJSIP does not even call
ast_rtp_instance_available_formats -> ast_translate_available_format.
Jaco Kroon [Wed, 17 Feb 2021 20:51:17 +0000 (22:51 +0200)]
func_odbc: Introduce minargs config and expose ARGC in addition to ARGn.
minargs enables enforcing of minimum count of arguments to pass to
func_odbc, so if you're unconditionally using ARG1 through ARG4 then
this should be set to 4. func_odbc will generate an error in this case,
so for example
[FOO]
minargs = 4
and ODBC_FOO(a,b,c) in dialplan will now error out instead of using a
potentially leaked ARG4 from Gosub().
ARGC is needed if you're using optional argument, to verify whether or
not an argument has been passed, else it's possible to use a leaked ARGn
from Gosub (app_stack). So now you can safely do
${IF($[${ARGC}>3]?${ARGV}:default value)} kind of thing.
Kevin Harwell [Mon, 1 Feb 2021 21:24:25 +0000 (15:24 -0600)]
AST-2021-002: Remote crash possible when negotiating T.38
When an endpoint requests to re-negotiate for fax and the incoming
re-invite is received prior to Asterisk sending out the 200 OK for
the initial invite the re-invite gets delayed. When Asterisk does
finally send the re-inivite the SDP includes streams for both audio
and T.38.
This happens because when the pending topology and active topologies
differ (pending stream is not in the active) in the delayed scenario
the pending stream is appended to the active topology. However, in
the fax case the pending stream should replace the active.
This patch makes it so when a delay occurs during fax negotiation,
to or from, the audio stream is replaced by the T.38 stream, or vice
versa instead of being appended.
Further when Asterisk sent the re-invite with both audio and T.38,
and the endpoint responded with a declined T.38 stream then Asterisk
would crash when attempting to change the T.38 state.
This patch also puts in a check that ensures the media state has a
valid fax session (associated udptl object) before changing the
T.38 state internally.
Ivan Poddubnyi [Mon, 28 Dec 2020 12:43:23 +0000 (13:43 +0100)]
res_pjsip_diversion: Fix adding more than one histinfo to Supported
New responses sent within a PJSIP sessions are based on those that were
sent before. Therefore, adding/modifying a header once causes it to be
sent on all responses that follow.
Sending 181 Call Is Being Forwarded many times first adds "histinfo"
duplicated more and more, and eventually overflows past the array
boundary.
This commit adds a check preventing adding "histinfo" more than once,
and skipping it if there is no more space in the header.
Similar overflow situations can also occur in res_pjsip_path and
res_pjsip_outbound_registration so those were also modified to
check the bounds and suppress duplicate Supported values.
Joshua C. Colp [Fri, 5 Feb 2021 11:26:02 +0000 (07:26 -0400)]
pjsip: Make modify_local_offer2 tolerate previous failed SDP.
If a remote side is broken and sends an SDP that can not be
negotiated the call will be torn down but there is a window
where a second 183 Session Progress or 200 OK that is forked
can be received that also attempts to negotiate SDP. Since
the code marked the SDP negotiation as being done and complete
prior to this it assumes that there is an active local and remote
SDP which it can modify, while in fact there is not as the SDP
did not successfully negotiate. Since there is no local or remote
SDP a crash occurs.
This patch changes the pjmedia_sdp_neg_modify_local_offer2
function to no longer assume that a previous SDP negotiation
was successful.
George Joseph [Tue, 9 Feb 2021 17:25:27 +0000 (10:25 -0700)]
res_pjsip_refer: Always serialize calls to refer_progress_notify
refer_progress_notify wasn't always being called from the progress
serializer. This could allow clearing notification->progress->sub
in one thread while another was trying to use it.
* Instances where refer_progress_notify was being called in-line,
have been changed to use ast_sip_push_task().
Ben Ford [Mon, 11 Jan 2021 20:20:34 +0000 (14:20 -0600)]
core_unreal: Fix T.38 faxing when using local channels.
After some changes to streams and topologies, receiving fax through
local channels stopped working. This change adds a stream topology with
a stream of type IMAGE to the local channel pair and allows fax to be
received.
Alexander Traud [Fri, 5 Feb 2021 08:33:41 +0000 (09:33 +0100)]
chan_sip: Allow [peer] without audio (text+video).
Two previous commits, 620d9f4 and 6d980de, allow to set up a call
without audio, again. That was introduced originally with commit f04d5fb
but changed and broke over time. The original commit missed one
scenario: A [peer] section in sip.conf, which does not allow audio at
all. In that case, chan_sip rejected the call, although even when the
requester offered no audio. Now, chan_sip does not check whether there
is no audio format but checks whether there is no format in general. In
other words, if there is at least one format to offer, the call succeeds.
However, to prevent calls with no-audio, chan_sip still rejects calls
when both call parties (caller = requester of the call *and* callee =
[peer] section in sip.conf) included audio. In such a case, it is
expected that the call should have audio.
George Joseph [Thu, 28 Jan 2021 18:02:34 +0000 (11:02 -0700)]
chan_iax2.c: Require secret and auth method if encryption is enabled
If there's no secret specified for an iax2 peer and there's no secret
specified in the dial string, Asterisk will crash if the auth method
requested by the peer is MD5 or plaintext. You also couldn't specify
a default auth method in the [general] section of iax.conf so if you
don't have static peers defined and just use the dial string, Asterisk
will still crash even if you have a secret specified in the dial string.
* Added logic to iax2_call() and authenticate_reply() to print
a warning and hanhup the call if encryption is requested and
there's no secret or auth method. This prevents the crash.
* Added the ability to specify a default "auth" in the [general]
section of iax.conf.
Alexander Traud [Wed, 27 Jan 2021 17:42:06 +0000 (18:42 +0100)]
chan_sip: Set up calls without audio (text+video), again.
The previous commit 6d980de fixed this issue in the core of Asterisk.
With that, each channel technology can be used without audio
theoretically. Practically, the channel-technology driver chan_sip
turned out to have an invalid check preventing that. chan_sip tested
whether there is at least one audio format. However, chan_sip has to
test whether there is at least one format. More cannot be tested while
requesting chan_sip because only the [general] capabilities but not the
[peer] caps are known yet. And the [peer] caps might not be a subset or
show any intersection with the [general] caps. This change here fixes
this.
The original commit f04d5fb, thirteen years ago, contained a software
bug as it passed ANY audio capability to the channel-technology driver.
Instead, it should have passed NO audio format. Therefore, this
addressed issue here was not noticed in Asterisk 1.6.x and Asterisk 1.8.
Then, Asterisk 10 changed that from ANY to NO, but nobody reported since
then.
When a Transfer/REFER is executed, TRANSFERSTATUSPROTOCOL variable is
0 when no protocl specific error
SIP example of failure, 3xx-6xx for the SIP error code received
This allows applications to perform actions based on the failure
reason.
ASTERISK-29252 #close Reported-by: Dan Cropp
Change-Id: Ia6a94784b4925628af122409cdd733c9f29abfc4
roadkill [Fri, 22 Jan 2021 13:41:43 +0000 (14:41 +0100)]
res/res_pjsip.c: allow user=phone when number contain *#
if From number contain * or # asterisk will not add user=phone
Currently only number that uses AST_DIGIT_ANYNUM can have "user=phone" but the validation should use AST_DIGIT_ANY
this is a problem when you want to send call to ISUP
as they will disregard the From header and either replace From with anonymous or with p-asserted-identity
ASTERISK-29261
Reported by: Mark Petersen
Tested by: Mark Petersen
Alexander Traud [Thu, 21 Jan 2021 19:28:06 +0000 (20:28 +0100)]
chan_sip: SDP: Reject audio streams correctly.
This completes the fix for ASTERISK_24543. Only when the call is an
outgoing call, consult and append the configured format capabilities
(p->caps). When all audio formats got rejected the negotiated format
capabilities (p->jointcaps) contain no audio formats for incoming
calls. This is required when there are other accepted media streams.
Robert Cripps [Tue, 22 Dec 2020 10:42:35 +0000 (11:42 +0100)]
res/res_pjsip_session.c: Check that media type matches in
function ast_sip_session_media_state_add.
Check ast_media_type matches when a ast_sip_session_media is found
otherwise when transitioning from say image to audio, the wrong
session is returned in the first if statement.
Jaco Kroon [Fri, 8 Jan 2021 16:02:47 +0000 (18:02 +0200)]
AC_HEADER_STDC causes a compile failure with autoconf 2.70
From https://www.mail-archive.com/bug-autoconf@gnu.org/msg04408.html
> ... the long-obsolete AC_HEADER_STDC, previously used internally by
> AC_INCLUDES_DEFAULT, used AC_EGREP_HEADER. The AC_HEADER_STDC macro
> is now a no-op (and is not used at all within Autoconf anymore), so
> that change is likely what made the first use of AC_EGREP_HEADER the
> one inside the if condition, causing the observed results.
The implication is that the test does nothing anyway, and due to it
being a no-op from 2.70 onwards, results in the required not being set
to yes, resulting in ./configure to fail.
Ben Ford [Mon, 11 Jan 2021 20:25:09 +0000 (14:25 -0600)]
chan_pjsip.c: Add parameters to frame in indicate.
There are a couple of parameters (datalen and data) that do not get set
in chan_pjsip_indicate which could cause an Invalid message to pop up
for things such as fax. This patch adds them to the frame.
Sean Bright [Thu, 14 Jan 2021 14:47:21 +0000 (09:47 -0500)]
res_pjsip_pubsub: Fix truncation of persisted SUBSCRIBE packet
The last argument to ast_copy_string() is the buffer size, not the
number of characters, so we add 1 to avoid stamping out the final \n
in the persisted SUBSCRIBE message.
Jean Aunis [Wed, 30 Dec 2020 13:56:47 +0000 (14:56 +0100)]
Stasis/messaging: tech subscriptions conflict with endpoint subscriptions.
When both a tech subscription and an endpoint subscription exist for a given
endpoint, TextMessageReceived events are dispatched to the tech subscription
only.
Alexander Traud [Wed, 23 Dec 2020 14:44:45 +0000 (15:44 +0100)]
chan_sip: SDP: Sidestep stream parsing when its media is disabled.
Previously, chan_sip parsed all known media streams in an SDP offer
like video (and text) even when videosupport=no (and textsupport=no).
This wasted processor power. Furthermore, chan_sip accepted SDP offers,
including no audio but just video (or text) streams although
videosupport=no (or textsupport=no). Finally, chan_sip denied the whole
offer instead of individual streams when they had encryption (SDES-sRTP)
unexpectedly enabled.
Ivan Poddubnyi [Tue, 29 Dec 2020 18:16:00 +0000 (19:16 +0100)]
chan_pjsip: Assign SIPDOMAIN after creating a channel
session->channel doesn't exist until chan_pjsip creates it, so intead of
setting a channel variable every new incoming call sets one and the same
global variable.
This patch moves the code to chan_pjsip so that SIPDOMAIN is set on
a newly created channel, it also removes a misleading reference to
channel->session used to fetch call pickup configuraion.
Ivan Poddubnyi [Thu, 31 Dec 2020 11:53:34 +0000 (12:53 +0100)]
chan_pjsip: Stop queueing control frames twice on outgoing channels
The fix for ASTERISK-27902 made chan_pjsip process SIP responses twice.
This resulted in extra noise in logs (for example, "is making progress"
and "is ringing" get logged twice by app_dial), as well as in noise in
signalling: one incoming 183 Session Progress results in 2 outgoing 183-s.
This change splits the response handler into 2 functions:
- one for updating HANGUPCAUSE, which is still called twice,
- another that does the rest, which is called only once as before.
ASTERISK-28016 Reported-by: Alex Hermann
ASTERISK-28549 Reported-by: Gant Liu
ASTERISK-28185 Reported-by: Julien
Change-Id: I0a1874be5bb5ed12d572d17c7f80de6e5e542940
Jaco Kroon [Wed, 23 Dec 2020 17:41:10 +0000 (19:41 +0200)]
pbx_lua: Add LUA_VERSIONS environment variable to ./configure.
On Gentoo it's possible to have multiple lua versions installed, all
with a path of /usr, so it's not possible to use the current --with-lua
option to determisticly pin to a specific version as is required by the
Gentoo PMS standards.
This environment variable allows to lock to specific versions,
unversioned check will be skipped if this variable is supplied.
Jaco Kroon [Fri, 18 Dec 2020 19:06:20 +0000 (21:06 +0200)]
func_lock: fix multiple-channel-grant problems.
Under contention it becomes possible that multiple channels will be told
they successfully obtained the lock, which is a bug. Please refer
ASTERISK-29217
This introduces a couple of changes.
1. Replaces requesters ao2 container with simple counter (we don't
really care who is waiting for the lock, only how many). This is
updated undex ->mutex to prevent memory access races.
2. Correct semantics for ast_cond_timedwait() as described in
pthread_cond_broadcast(3P) is used (multiple threads can be released
on a single _signal()).
3. Module unload races are taken care of and memory properly cleaned
up.
Dan Cropp [Mon, 7 Dec 2020 22:59:51 +0000 (16:59 -0600)]
chan_pjsip: Incorporate channel reference count into transfer_refer().
Add channel reference count for PJSIP REFER. The call could be terminated
prior to the result of the transfer. In that scenario, when the SUBSCRIBE/NOTIFY
occurred several minutes later, it would attempt to access a session which was
no longer valid. Terminate event subscription if pjsip_xfer_initiate() or
pjsip_xfer_send_request() fails in transfer_refer().
ASTERISK-29201 #close Reported-by: Dan Cropp
Change-Id: I3fd92fd14b4e3844d3d7b0f60fe417a4df5f2435
Kevin Harwell [Wed, 23 Dec 2020 19:06:19 +0000 (13:06 -0600)]
app_mixmonitor: cleanup datastore when monitor thread fails to launch
launch_monitor_thread is responsible for creating and initializing
the mixmonitor, and dependent data structures. There was one off
nominal path after the datastore gets created that triggers when
the channel being monitored is hung up prior to monitor starting
itself.
If this happened the monitor thread would not "launch", and the
mixmonitor object and associated objects are freed, including the
underlying datastore data object. However, the datastore itself was
not removed from the channel, so when the channel eventually gets
destroyed it tries to access the previously freed datastore data
and crashes.
This patch removes and frees datastore object itself from the channel
before freeing the mixmonitor object thus ensuring the channel does
not call it when destroyed.
Sean Bright [Fri, 11 Dec 2020 19:27:56 +0000 (14:27 -0500)]
app_chanspy: Spyee information missing in ChanSpyStop AMI Event
The documentation in the wiki says there should be spyee-channel
information elements in the ChanSpyStop AMI event.
https://wiki.asterisk.org/wiki/x/Xc5uAg
However, this is not the case in Asterisk <= 16.10.0 Version. We're
using these Spyee* arguments since Asterisk 11.x, so these arguments
vanished in Asterisk 12 or higher.
For maximum compatibility, we still send the ChanSpyStop event even if
we are not able to find any 'Spyee' information.
George Joseph [Thu, 10 Dec 2020 15:09:52 +0000 (08:09 -0700)]
logger.c: Automatically add a newline to formats that don't have one
Scope tracing allows you to not specify a format string or
variable, in which case it just prints the indent, file,
function, and line number. The trace output automatically
adds a newline to the end in this case. If you also have
debugging turned on for the module, a debug message is
also printed but the standard log functionality which
prints it doesn't add the newline so you have messages
that don't break correctly.
* format_log_message_ap(), which is the common log
message formatter for all channels, now adds a
newline to the end of format strings that don't
already have a newline.
Pirmin Walthert [Tue, 8 Dec 2020 17:37:13 +0000 (18:37 +0100)]
res_pjsip_nat.c: Create deep copies of strings when appropriate
In rewrite_uri asterisk was not making deep copies of strings when
changing the uri. This was in some cases causing garbage in the route
header and in other cases even crashing asterisk when receiving a
message with a record-route header set. Thanks to Ralf Kubis for
pointing out why this happens. A similar problem was found in
res_pjsip_transport_websocket.c. Pjproject needs as well to be patched
to avoid garbage in CANCEL messages.
lvl [Thu, 29 Oct 2020 11:25:27 +0000 (12:25 +0100)]
Introduce astcachedir, to be used for temporary bucket files
As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.
I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).
This commit just makes the cache directory configurable, but leaves
it at /tmp by default, to ensure backwards compatibility.
A future commit that only targets master could change the default
location to something more sensible such as /var/tmp/asterisk. At
that point, the cachedir could be created and cleaned up during
uninstall by the Makefile script.
Joshua C. Colp [Thu, 29 Oct 2020 17:21:13 +0000 (14:21 -0300)]
pjsip: Match lifetime of INVITE session to our session.
In some circumstances it was possible for an INVITE
session to be destroyed while we were still using it.
This occurred due to the reference on the INVITE session
being released internally as a result of its state
changing to DISCONNECTED.
This change adds a reference to the INVITE session
which is released when our own session is destroyed,
ensuring that the INVITE session remains valid for
the lifetime of our session.
Sean Bright [Sat, 21 Nov 2020 17:51:48 +0000 (12:51 -0500)]
res_http_media_cache.c: Set reasonable number of redirects
By default libcurl does not follow redirects, so we explicitly enable
it by setting CURLOPT_FOLLOWLOCATION. Once that is enabled, libcurl
will follow up to CURLOPT_MAXREDIRS redirects, which by default is
configured to be unlimited.
This patch sets CURLOPT_MAXREDIRS to a more reasonable default (8). If
we determine at some point that this needs to be increased on
configurable it is a trivial change.
Alexander Traud [Wed, 4 Nov 2020 13:39:10 +0000 (14:39 +0100)]
chan_sip: Remove unused sip_socket->port.
12 years ago, with ASTERISK_12115 the last four get/uses of socket.port
vanished. However, the struct member itself and all seven set/uses
remained as dead code.
res_pjsip: set Accept-Encoding to identity in OPTIONS response
RFC 3261 says that the Accept-Encoding header should be present
in an options response. Permitted values according to RFC 2616
are only compression algorithms like gzip or the default identity
encoding. Therefore "text/plain" is not a correct value here.
As long as the header is hard coded, it should be set to "identity".
Without this fix an Alcatel OmniPCX periodically logs warnings like
"[sip_acceptIncorrectHeader] Header Accept-Encoding is malformed"
on a SIP Trunk.
Boris P. Korzun [Fri, 13 Nov 2020 12:19:30 +0000 (15:19 +0300)]
bridge_basic: Fixed setup of recall channels
Fixed a bug (like a typo) in retransfer_enter()
at main/bridge_basic.c:2641. common_recall_channel_setup() setups
common things on the recalled transfer target, but used same target
as source instead trasfered.
George Joseph [Wed, 11 Nov 2020 14:55:22 +0000 (07:55 -0700)]
app_queue: Fix deadlock between update and show queues
Operations that update queues when shared_lastcall is set lock the
queue in question, then have to lock the queues container to find the
other queues with the same member. On the other hand, __queues_show
(which is called by both the CLI and AMI) does the reverse. It locks
the queues container, then iterates over the queues locking each in
turn to display them. This creates a deadlock.
* Moved queue print logic from __queues_show to a separate function
that can be called for a single queue.
* Updated __queues_show so it doesn't need to lock or traverse
the queues container to show a single queue.
* Updated __queues_show to snap a copy of the queues container and iterate
over that instead of locking the queues container and iterating over
it while locked. This prevents us from having to hold both the
container lock and the queue locks at the same time. This also
allows us to sort the queue entries.
George Joseph [Mon, 2 Nov 2020 19:53:02 +0000 (12:53 -0700)]
res_pjsip_outbound_registration.c: Use our own scheduler and other stuff
* Instead of using the pjproject timer heap, we now use our own
pjsip_scheduler. This allows us to more easily debug and allows us to
see times in "pjsip show/list registrations" as well as being able to
see the registrations in "pjsip show scheduled_tasks".
* Added the last registration time, registration interval, and the next
registration time to the CLI output.
* Removed calls to pjsip_regc_info() except where absolutely necessary.
Most of the calls were just to get the server and client URIs for log
messages so we now just save them on the client_state object when we
create it.
* Added log messages where needed and updated most of the existong ones
to include the registration object name at the start of the message.
George Joseph [Mon, 2 Nov 2020 19:53:58 +0000 (12:53 -0700)]
pjsip_scheduler.c: Add type ONESHOT and enhance cli show command
* Added a ONESHOT type that never reschedules.
* Added "like" capability to "pjsip show scheduled_tasks" so you can do
the following:
CLI> pjsip show scheduled_tasks like outreg
PJSIP Scheduled Tasks:
Task Name Interval Times Run ...
============================================= ========= ========= ...
pjsip/outreg/testtrunk-reg-0-00000074 50.000 oneshot ...
pjsip/outreg/voipms-reg-0-00000073 110.000 oneshot ...
* Fixed incorrect display of "Next Start".
* Compacted the displays of times in the CLI.
* Added two new functions (ast_sip_sched_task_get_times2,
ast_sip_sched_task_get_times_by_name2) that retrieve the interval,
next start time, and next run time in addition to the times already
returned by ast_sip_sched_task_get_times().
sched: AST_SCHED_REPLACE_UNREF can lead to use after free of data
The data can be freed if the old object '_data' is the same object as
new 'data'. Because at first the object is unreferenced which can lead
to destroying it.
This could happened in res_pjsip_pubsub when the publication is updated
which could lead to segfault in function publish_expire.
Dovid Bender [Sun, 18 Oct 2020 18:40:10 +0000 (18:40 +0000)]
func_curl.c: Allow user to set what return codes constitute a failure.
Currently any response from res_curl where we get an answer from the
web server, regardless of what the response is (404, 403 etc.) Asterisk
currently treats it as a success. This patch allows you to set which
codes should be considered as a failure by Asterisk. If say we set
failurecodes=404,403 then when using curl in realtime if a server gives
a 404 error Asterisk will try to failover to the next option set in
extconfig.conf
Kevin Harwell [Mon, 19 Oct 2020 22:21:57 +0000 (17:21 -0500)]
AST-2020-001 - res_pjsip: Return dialog locked and referenced
pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference
and removes the lock prior to returning. This makes it possible,
under some circumstances, for another thread to free said dialog
before the thread that created it attempts to use it again. Of
course when the thread that created it tries to use a freed dialog
a crash can occur.
This patch makes it so Asterisk now returns the newly created
dialog both locked, and with an added reference. This allows the
caller to de-reference, and unlock the dialog when it is safe to
do so.
In the case of a new SIP Invite the lock, and reference are now
held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects,
like the transaction, to disappear. For example if there is a TCP
transport error.
Ben Ford [Mon, 2 Nov 2020 16:29:31 +0000 (10:29 -0600)]
AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
If Asterisk sends out an INVITE and receives a challenge with a
different nonce value each time, it will continuously send out INVITEs,
even if the call is hung up. The endpoint must be configured for
outbound authentication for this to occur. A limit has been set on
outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate.
Alexander Traud [Fri, 23 Oct 2020 15:26:15 +0000 (17:26 +0200)]
chan_sip: On authentication, pick MD5 for sure.
RFC 8760 added new digest-access-authentication schemes. Testing
revealed that chan_sip does not pick MD5 if several schemes are offered
by the User Agent Server (UAS). This change does not implement any of
the new schemes like SHA-256. This change makes sure, MD5 is picked so
UAS with SHA-2 enabled, like the service www.linphone.org/freesip, can
still be used. This should have worked since day one because SIP/2.0
already envisioned several schemes (see RFC 3261 and its augmented BNF
for 'algorithm' which includes 'token' as third alternative; note: if
'algorithm' was not present, MD5 is still assumed even in RFC 7616).
Walter Doekes [Thu, 4 Jun 2020 14:23:37 +0000 (16:23 +0200)]
main/say: Work around gcc 9 format-truncation false positive
Version: gcc (Ubuntu 9.3.0-10ubuntu2) 9.3.0
Warning:
say.c:2371:24: error: ā%dā directive output may be truncated writing
between 1 and 11 bytes into a region of size 10
[-Werror=format-truncation=]
2371 | snprintf(buf, 10, "%d", num);
say.c:2371:23: note: directive argument in the range [-2147483648, 9]
That's not possible though, as the if() starts out checking for (num < 0),
making this Warning a false positive.
(Also replaced some else<TAB>if with else<SP>if while in the vicinity.)
Kevin Harwell [Mon, 19 Oct 2020 20:31:14 +0000 (15:31 -0500)]
res_pjsip, res_pjsip_session: initialize local variables
This patch initializes a couple of local variables to some default values.
Interestingly, in the 'pj_status_t dlg_status' case the value not being
initialized caused memory to grow, and not be recovered, in the off nominal
path (at least on my machine).
Alexander Traud [Fri, 23 Oct 2020 14:55:18 +0000 (16:55 +0200)]
install_prereq: Add GMime 3.0.
Ubuntu 20.10 does not come with GMime 2.6. Ubuntu 16.04 LTS does not
come with GMime 3.0. aptitude ignores any missing package. Therefore,
it installs the correct package(s). However, in Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS, both versions are installed alongside although only
one is really needed.
Alexander Traud [Fri, 23 Oct 2020 14:49:02 +0000 (16:49 +0200)]
BuildSystem: Enable Lua 5.4.
Note to maintainers: Lua 5.4, Lua 5.3, and Lua 5.2 have not been tested
at runtime with pbx_lua. Until then, use the lowest available version
of Lua, if you enabled the module pbx_lua at all.
Kevin Harwell [Fri, 28 Aug 2020 21:32:37 +0000 (16:32 -0500)]
Logging: Add debug logging categories
Added debug logging categories that allow a user to output debug
information based on a specified category. This lets the user limit,
and filter debug output to data relevant to a particular context,
or topic. For instance the following categories are now available for
debug logging purposes:
These debug categories can be enable/disable via an Asterisk CLI command.
While this overrides, and outputs debug data, core system debugging is
not affected by this patch. Statements still output at their appropriate
debug level. As well backwards compatibility has been maintained with
past debug groups that could be enabled using the CLI (e.g. rtpdebug,
stundebug, etc.).
Ben Ford [Tue, 4 Aug 2020 19:36:22 +0000 (14:36 -0500)]
utils.c: NULL terminate ast_base64decode_string.
With the addition of STIR/SHAKEN, the function ast_base64decode_string
was added for convenience since there is a lot of converting done during
the STIR/SHAKEN process. This function returned the decoded string for
you, but did not NULL terminate it, causing some issues (specifically
with MALLOC_DEBUG). Now, the returned string is NULL terminated, and the
documentation has been updated to reflect this.
Ben Ford [Wed, 24 Jun 2020 16:49:11 +0000 (11:49 -0500)]
res_stir_shaken: Add stir_shaken option and general improvements.
Added a new configuration option for PJSIP endpoints - stir_shaken. If
set to yes, then STIR/SHAKEN support will be added to inbound and
outbound INVITEs. The default is no. Alembic has been updated to include
this option.
Previously the dialplan function was not trimming the whitespace from
the parameters it recieved. Now it does.
Also added a conditional that, when TEST_FRAMEWORK is enabled, the
timestamp in the identity header will be overlooked. This is just for
testing, since the testsuite will rely on a SIPp scenario with a preset
identity header to trigger the MISMATCH result.
Ben Ford [Tue, 2 Jun 2020 14:04:23 +0000 (09:04 -0500)]
res_stir_shaken: Add outbound INVITE support.
Integrated STIR/SHAKEN support with outgoing INVITEs. When an INVITE is
sent, the caller ID will be checked to see if there is a certificate
that corresponds to it. If so, that information will be retrieved and an
Identity header will be added to the SIP message. The format is:
Header, payload, and signature are all BASE64 encoded. The public key
URL is retrieved from the certificate. Currently the algorithm and ppt
are ES256 and shaken, respectively. This message is signed and can be
used for verification on the receiving end.
Two new configuration options have been added to the certificate object:
attestation and origid. The attestation is required and must be A, B, or
C. origid is the origination identifier.
A new utility function has been added as well that takes a string,
allocates space, BASE64 encodes it, then returns it, eliminating the
need to calculate the size yourself.
Ben Ford [Tue, 19 May 2020 19:46:45 +0000 (14:46 -0500)]
res_stir_shaken: Add inbound INVITE support.
Integrated STIR/SHAKEN support with incoming INVITES. Upon receiving an
INVITE, the Identity header is retrieved, parsing the message to verify
the signature. If any of the parsing fails,
AST_STIR_SHAKEN_VERIFY_NOT_PRESENT will be added to the channel for this
caller ID. If verification itself fails,
AST_STIR_SHAKEN_VERIFY_SIGNATURE_FAILED will be added. If anything in
the payload does not line up with the SIP signaling,
AST_STIR_SHAKEN_VERIFY_MISMATCH will be added. If all of the above steps
pass, then AST_STIR_SHAKEN_VERIFY_PASSED will be added, completing the
verification process.
A new config option has been added to the general section for
stir_shaken.conf. "signature_timeout" is the amount of time a signature
will be considered valid. If an INVITE is received and the amount of
time between when it was received and when it was signed is greater than
signature_timeout, verification will fail.
Some changes were also made to signing and verification. There was an
error where the whole JSON string was being signed rather than the
header combined with the payload. This has been changed to sign the
correct thing. Verification has been changed to do this as well, and the
unit tests have been updated to reflect these changes.
A couple of utility functions have also been added. One decodes a BASE64
string and returns the decoded string, doing all the length calculations
for you. The other retrieves a string value from a header in a rdata
object.
Ben Ford [Wed, 13 May 2020 21:37:25 +0000 (16:37 -0500)]
res_stir_shaken: Add unit tests for signing and verification.
Added two unit tests, one for signing and another for verifying.
stir_shaken_sign checks to make sure that all the required parameters
are passed in and then signs the actual payload. If a signature is
produced and a payload returned as a result, the test passes.
stir_shaken_verify takes the signature from a signed payload to verify.
This unit test also verifies that all the required information is passed
in, and then attempts to verify the signature. If verification is
successful and a payload is returned, the test passes.
projects / thirdparty / asterisk.git / log
