cdr_object_update_party_b_userfield_cb() could overrun the fixed buffer if
the supplied string is too long. The long string could be supplied by
external means using the CDR(userfield) function.
This may seem reminiscent to AST-2017-001 (ASTERISK_26897) and it is. The
earlier patch fixed the buffer overrun for Party A's userfield while this
patch fixes the same thing for Party B's userfield.
Corey Farrell [Mon, 6 Nov 2017 18:51:32 +0000 (13:51 -0500)]
CLI: Remove unused internal command.
The internal CLI command "_command complete" was last used by Asterisk
0.2.0. Since then we've been using "_command nummatches" and "_command
matchesarray".
When (v)asprintf() fails, the state of the allocated buffer is undefined.
The library had better not leave an allocated buffer as a result or no one
will know to free it. The most likely way it can return failure is for an
allocation failure. If the printf conversion fails then you actually have
a threading problem which is much worse because another thread modified
the parameter values.
* Made __ast_asprintf()/__ast_vasprintf() set the returned buffer to NULL
on failure. That is much more useful than either an uninitialized pointer
or a pointer that has already been freed. Many uses won't have to check
for failure to ensure that the buffer won't be double freed or prevent an
attempt to free an uninitialized pointer.
* stasis.c: Fixed memory leak in multi_object_blob_to_ami() allocated by
ast_asprintf().
* ari/resource_bridges.c:ari_bridges_play_helper(): Remove assignment to
the wrong thing which is now not needed even if assigning to the right
thing.
Sean Bright [Mon, 6 Nov 2017 14:05:56 +0000 (09:05 -0500)]
res_pjsip: Ignore empty TLS configuration
When using realtime, fields that are not explicitly set by an
administrator are still presented to sorcery as empty strings. Handle
this case explicitly.
In this particular case, if any of these fields are required for TLS
support, their existence should be validated in the 'apply' handler once
we have a complete transport definition.
Alexander Traud [Mon, 6 Nov 2017 09:18:24 +0000 (10:18 +0100)]
tcptls: Print notice when TLS is enabled but not configured.
Asterisk can be compiled without a SSL/TLS library, without the Development
Headers of OpenSSL. However, if TLS (SIP) or Secure-WebSockets (WebRTC) was
enabled in a configuration file, Asterisk did not notice the user. Asterisk
failed silently, only the corresponding TCP ports were not open.
Corey Farrell [Mon, 6 Nov 2017 09:21:12 +0000 (04:21 -0500)]
configure: Add autoconf check for libopusfile.
This check is being added to make it easier for end-users of third party
open source Opus modules. This was removed by ASTERISK-26426 but only
the module needed to be removed.
Corey Farrell [Fri, 3 Nov 2017 15:35:34 +0000 (11:35 -0400)]
Build System: Fix build failure caused by recent CLI improvements.
We use the editline library to help with filename completion in our CLI
interface. Some systems failed to find the header when included from
loader.c. This is fixed by setting the proper CFLAGS for the build of
loader.o.
Ben Ford [Wed, 1 Nov 2017 16:12:45 +0000 (11:12 -0500)]
res_pjsip: Add to list of valid characters for from_user.
Fixes a regression where some characters were unable to be used in
the from_user field of an endpoint. Additionally, the backtick was
removed from the list of valid characters, since it is not valid,
and it was replaced with a single quote, which is a valid character.
Corey Farrell [Mon, 30 Oct 2017 22:30:18 +0000 (18:30 -0400)]
Modules: Additional improvements to CLI completion.
Replace 'needsreload' argument with a 'type' argument to specify which
type of modules you want completion. This provides more accurate CLI
completion for load and unload commands.
* 'module unload' now excludes modules that have active references or are
not running.
* 'module load' now excludes modules that are already running.
* 'core set debug [atleast] <level> [module]' shows running modules only.
Corey Farrell [Thu, 2 Nov 2017 00:46:11 +0000 (20:46 -0400)]
Prevent unload of modules which implement an Optional API.
Once an Optional API module is loaded it should stay loaded. Unloading
an optional API module runs the risk of a crash if something else is
using it. This patch causes all optional API providers to tell the
module loader not to unload except at shutdown.
Kevin Harwell [Tue, 31 Oct 2017 20:08:38 +0000 (15:08 -0500)]
features: Bridge application's BRIDGERESULT not appropriately set
The dialplan application "Bridge" was not setting the BRIDGERESULT to failure
when a failure did occur. Even worse if it did fail to join the bridge it would
still report success.
This patch now sets the BRIDGERESULT variable to an appropriate value for a
given condition state. Also, removed the value INCOMPATIBLE as a valid result
type since it is no longer used.
Adds an extra option, --asterisk-bin=<path> to ast_coredumper. If
provided, the binary given to gdb will be the parameter, rather than
asterisk from the PATH.
Corey Farrell [Mon, 30 Oct 2017 05:32:32 +0000 (01:32 -0400)]
Modules: Fix issues with CLI completion.
* Stop using ast_module_helper to check if a module is loaded, use
ast_module_check instead (app_confbridge and app_meetme).
* Stop ast_module_helper from listing reload classes when needsreload
was not requested.
Richard Mudgett [Wed, 25 Oct 2017 19:38:19 +0000 (14:38 -0500)]
codec.c: Defensively check the returned samples.
Earlier versions of the codec_opus samples_count callback can return
negative error values on undecodable frames. This resulted in a divide by
zero exception.
* Added a defensive check in ast_codec_samples_count() for a "negative"
samples count return value. Log the event and set the count to zero.
Joshua Colp [Tue, 24 Oct 2017 15:33:57 +0000 (15:33 +0000)]
res_pjsip: Add 'ip' as a valid option to 'identify_by' on endpoint.
When the identify_by option on an endpoint is set to ip it will
only be identified using the res_pjsip_endpoint_identifier_ip module.
This ensures that it is not mistakenly matched using the username of
the From header. To ensure behavior has not changed the default has
been changed to "username,ip" for the identify_by option.
George Joseph [Wed, 25 Oct 2017 17:26:06 +0000 (11:26 -0600)]
ast_coredumper: Add gzipping of binaries and display of signal info
The --tarball-coredump option now creates a gzipped tarball of
coredumps processed, their results txt files and copies of
/etc/os-release, /usr/sbin/asterisk, /usr/lib(64)/libasterisk* and
/usr/lib(64)/asterisk as those files are needed to properly examine
the coredump. The file will be named
/tmp/asterisk.<timestamp>.coredumps.tar.gz or
/tmp/asterisk-<uniqueid>.coredumps.tar.gz if --tarball-uniqueid was
specified.
Added dumps of *_siginfo to the top of the txt files so you can
tell what signal was invoked.
Corey Farrell [Thu, 30 Mar 2017 14:51:14 +0000 (10:51 -0400)]
Build System: Fix --disable-xmldoc option.
The configure option to disable XML documentation does not currently
work. This patch makes it effective, but also causes an ABI change by
removing the ast_xmldoc_* symbols. Disabling xmldoc also prevents docs
from being automatically generated, but they can still be manually
generated with 'make doc/core-en_US.xml'.
Ben Ford [Mon, 23 Oct 2017 18:42:27 +0000 (13:42 -0500)]
http.c: Fix http header send content.
Currently ast_http_send barricades a portion of the content that
needs to be sent in order to establish a connection for things
like the ARI client. The conditional and contents have been changed
to ensure that everything that needs to be sent, will be sent.
Corey Farrell [Tue, 24 Oct 2017 14:43:15 +0000 (10:43 -0400)]
chan_sip: Fix SUBSCRIBE with missing "Expires" header.
When chan_sip receives a SUBSCRIBE request with no "Expires" header it
processes the request as an unsubscribe. This is incorrect, per RFC3264
when the "Expires" header is missing a default expiry should be used.
Corey Farrell [Mon, 23 Oct 2017 17:42:37 +0000 (13:42 -0400)]
test_config: Fix failure and segfault when config_hook is run twice.
On second run the config_hook test was unexpectedly failing to load
test_config.conf because it was still unmodified since the last load.
This is fixed by not passing CONFIG_FLAG_FILEUNCHANGED for the initial
loads, only using it when we are tested that a reload of unmodified
files do not initiate the hook.
George Joseph [Mon, 23 Oct 2017 17:23:04 +0000 (11:23 -0600)]
res_pjsip_sdp_rtp: Fix setting of address type for rtp_ipv6
create_outgoing_sdp_stream was setting "addr_type = STR_IP6" only
when an ipv6 media_address was specified on the endpoint. If
rtp_ipv6 was set and ast_sip_get_host_ip_string returned an ipv6
address, we were leaving the addr_type set at the default of
STR_IP4. This caused the address type to be set incorrectly on the
"o" and "c" SDP attributes even though the address was set
correctly. Some clients don't like the mismatch.
* Removed the test for endpoint/media_address and now check all
addresses for ipv6.
Joshua Colp [Sun, 22 Oct 2017 22:32:20 +0000 (19:32 -0300)]
res_xmpp: Ensure the connection filter is available.
Users of the API that res_xmpp provides expect that a
filter be available on the client at all times. When
OAuth authentication support was added this requirement
was not maintained.
This change merely moves the OAuth authentication to
after the filter is created, ensuring users of res_xmpp
can add things to the filter as needed.
Corey Farrell [Wed, 18 Oct 2017 18:41:25 +0000 (14:41 -0400)]
res_pjsip_pubsub: Prevent unload except during shutdown.
Prevent unload of the module as certain pjsip initialization functions
cannot be reversed. This required a reorder of the module_load so that
the non-reversable pjsip functions are not called until all potential
errors have been ruled out.
Corey Farrell [Wed, 18 Oct 2017 17:04:29 +0000 (13:04 -0400)]
chan_sip: Fix output of 'sip set debug off'.
When sip.conf contains 'sipdebug=yes' it is impossible to disable it
using CLI 'sip set debug off'. This corrects the output of that CLI
command to instruct the user to turn sipdebug off in the configuration
file.
projects / thirdparty / asterisk.git / log
