Alexander Traud [Fri, 26 Aug 2016 13:41:16 +0000 (15:41 +0200)]
channel: No hung-up on failing security requirements.
In your Diaplan, if you specify
same => n,Set(CHANNEL(secure_bridge_media)=1)
same => n,Set(CHANNEL(secure_bridge_signaling)=1)
only the SIP channel driver chan_sip supports this. All other channels drivers
like res_pjsip fail. In case of failure, the original sRTP source code released
the whole channel, even if not hung-up, yet. This change does not release the
channel but instead hangs-up the channel.
Corey Farrell [Fri, 19 Aug 2016 23:19:28 +0000 (19:19 -0400)]
Fix checks for allocation debugging.
MALLOC_DEBUG should not be used to check if debugging is actually
enabled, __AST_DEBUG_MALLOC should be used instead. MALLOC_DEBUG only
indicates that debugging is requested, __AST_DEBUG_MALLOC indicates it
is active.
Alexander Traud [Thu, 18 Aug 2016 14:25:53 +0000 (16:25 +0200)]
sip.conf: tlsclientmethod is using sslv23 as default.
When 'tlsclientmethod' is not specified in sip.conf, chan_sip uses the OpenSSL
SSLv23_method. This was documented incorrectly in the file sip.conf.sample.
SSLv23_method got its name in the 90s. Today, with OpenSSL 1.0.2, this method
enables (just) the secure TLSv1.0 and TLSv1.2. Or stated differently, that
function should have been called 'secure_method' or 'automatic_method' back in
the 90s.
Consequently please, specify 'tlsclientmethod=tlsv1' in your sip.conf only if
you face a server which has problems like not falling back to TLSv1.0
automatically.
Kevin Harwell [Wed, 17 Aug 2016 21:40:49 +0000 (16:40 -0500)]
pbx.c: Crash in handle_hint_change due to uninitialized values
handle_hint_change calls extension_presence_state_helper, which returns the
presence state subtype and message when a valid state is available. If the
state is invalid then those values are not filled. If they have not been
properly initialized to NULL then when ast_free is later called on them
Asterisk crashes.
This patch initializes the subtype and message to NULL.
ASTERISK-25706 #close
patches:
0008-handle_hint_change-initialize-presence_state.patch
submitted by Tzafrir Cohen (license 5035)
Corey Farrell [Wed, 3 Aug 2016 20:38:21 +0000 (16:38 -0400)]
Add missing checks during startup.
This ensures startup is canceled due to allocation failures from the
following initializations.
* channel.c: ast_channels_init
* format.c: ast_format_attr_init and ast_format_list_init
pbx.c: Fix handling of '-' in extension name and callerid
This adds a two strings to ast_exten. name to go with exten and
cidmatch_display to go with cidmatch. The new fields contain input used
to add the extension in the first place. The existing fields now
contain stripped input that excludes insignificant spaces and dashes.
These stripped fields should always be used for comparisons. The
unstripped fields should normally be used for display, but displaying
stripped values will not cause runtime errors.
Note the actual string is only stored twice if it contains dashes. If
no dashes are found then both 'char *' fields point to the same memory.
So this change has a minimum effect on memory usage.
The existing functions ast_get_extension_name and
ast_get_extension_cidmatch return unstripped values as they did before
this change. Other similar bugs likely still exist where unstripped
extensions are saved outside pbx.c then passed back in.
Richard Mudgett [Wed, 27 Jul 2016 22:17:53 +0000 (17:17 -0500)]
pbx.c: Allow dangerous functions when adding a hint to dialplan.
We can allow dangerous functions when adding a hint since altering
dialplan is itself a privileged activity. Otherwise, we could never
execute dangerous functions.
Richard Mudgett [Fri, 22 Jul 2016 03:28:25 +0000 (22:28 -0500)]
dsp.c: Fix erroneous fax tone detection.
The Goertzel calculations get less accurate the lower the signal level
being worked with becomes because there is less resolution remaining.
If it is too low we can erroneously detect a tone where none really
exists. The searched for fax frequencies not only need to be so much
stronger than the background noise they must also be a minimum strength.
* Add needed minimum threshold test to tone_detect().
* Set TONE_THRESHOLD to allow low volume frequency spread detection.
ASTERISK-26237 #close
Reported by: Richard Mudgett
Alexander Traud [Tue, 19 Jul 2016 11:30:39 +0000 (13:30 +0200)]
chan_sip: Enable Session-Timers for SIP over TCP (and TLS).
Asterisk defaults to timers=accept/refresher=uas. In that scenario, only in that
scenario, Sessions-Timers (RFC 4028) had no effect via TCP. This change enables
Session-Timers for SIP over TCP (and for SIP over TLS).
However with longer international calls via TCP, the SIP channel might break,
because all hops on the Internet route must stay online (have not a single power
outage, for example). Therefore with Session-Timers enabled (which are enabled
at default), you might see dropped calls. Consequently even with this change,
you might be better-off going for session-timers=refuse in your sip.conf.
George Joseph [Thu, 21 Jul 2016 14:05:03 +0000 (08:05 -0600)]
chan_sip: Prevent deadlock when issuing "sip show channels"
sip_show_channels locks the dialogs container first then locks each
sip_pvt so it can spit out the details. The rest of sip dialog
processing locks the sip_pvt first then locks the dialogs container
if it needs to. Both lock in the order they need but deadlocks can
result. To fix, sip_show_channels and sip_show_channelstats have
been converted to use an iterator rather than ao2_callback. This way
the container is locked only while getting the next entry and is
unlocked when the callback is called.
This adds support for tagging functions with the noreturn attribute.
If DO_CRASH is enabled then ast_do_crash never returns. If AST_DEVMODE
and DO_CRASH are enabled then failed assertions never return. This can
resolve a large number of false positives with static analyzers.
Unit tests: Use AST_TEST_DEFINE in conditional code only.
If AST_TEST_DEFINE is not conditional to TEST_FRAMEWORK it produces dead
code. This places all existing unit tests into a conditional block if
they weren't already.
Alexander Traud [Mon, 18 Jul 2016 10:13:25 +0000 (12:13 +0200)]
res_rtp_asterisk: Count a roll-over of the sequence number even on lost packets.
With this change, the initial RTP sequence number is randomly chosen not between
0 and 65535 (0xffff) but 0 and 32767 (0x7fff). This assures, the roll-over
counter (ROC) synchronization is not lost for sRTP, when the very first RTP
packets get lost; see http://srtp.sourceforge.net/faq.html#Q6
app_queue: Only remove queue member from pending when state changes.
It is possible for a not in use state change to occur multiple
times causing a queue member to be removed from the pending call
container prematurely.
The first not in use state change will remove the queue member
from the container. At this moment the member may be called and
placed in the pending container. After this another not in use
state change can be received which will remove it from the
container. Despite being called at this point the code will
incorrectly see that there are no pending calls to it.
This change only removes it from the pending container if the
state has actually changed.
ASTERISK-26133 #close
patches:
app_queue.diff submitted by Richard Miller (license 5685)
pbx: Fix leak of timezone for time based includes.
Create include_free to run ast_destroy_timing and ast_free, use that in
all places that freed an ast_include structure. This fixes a couple of
paths that previously did not run ast_destroy_timing.
Alexander Traud [Wed, 22 Jun 2016 12:29:26 +0000 (14:29 +0200)]
res_rtp_asterisk: Enable Forward Secrecy (PFS) for DTLS.
Since July 2014, TLS based protocols (SIP over TLS, Secure WebSockets, HTTPS)
support PFS thanks to ASTERISK-23905. In July 2015, the same feature was added
for DTLS. The source code from main/tcptls.c should have been re-used to ease
security audits. Therefore, this change rolls back the change from July 2015 and
re-uses the code from July 2014. This has the additional benefits to work under
CentOS 7 and enabling not just ECDHE but DHE based cipher suites as well.
ASTERISK-25659 #close
Reported by: StefanEng86, urbaniak, pay123
Tested by: sarumjanuch, traud
patches:
res_rtp_asterisk.patch submitted by sarumjanuch
dtls_centos_step_1.patch submitted by traud
dtls_centos_step_2.patch submitted by traud
Alexander Traud [Tue, 12 Jul 2016 08:50:22 +0000 (10:50 +0200)]
BuildSystem: Allow own CFLAGS on ./configure.
Before this change, make failed with the error
Unknown value '' found in build_tools/menuselect-deps for NATIVE_ARCH
when CFLAGS were supplied to the configure script. This was introduced with
<https://reviewboard.asterisk.org/r/1852/> which disabled BUILD_NATIVE when
CFLAGS were supplied. Those who need different -march= values, please, go for
./configure
make menuselect.makeopts or make menuselect
./menuselect/menuselect --disable BUILD_NATIVE
chan_sip: Handle a request to negotiate T.38 after it is enabled.
Some T.38 implementations may send another re-invite after the initial
one which adds additional negotiation details (such as the max bitrate).
Currently this will fail when passthrough is being done in chan_sip as we
do nothing if T.38 is already active.
Other handlers of T.38 inside of Asterisk (such as res_fax) handle this
scenario so this change adds support for it to chan_sip. If a request
to negotiate is received while T.38 is already enabled a new re-INVITE is
sent and negotiation is done again.
Alexander Traud [Mon, 4 Jul 2016 10:58:39 +0000 (12:58 +0200)]
BuildSystem: Avoid obsolete warning with libcurl.m4 on autoconf.
Updated the macro-set autoconf/libcurl.m4 to its latest upstream version. This
avoids a warning about an obsolete macro on AC_HELP_STRING, because Asterisk is
using AS_HELP_STRING everywhere else already.
Corey Farrell [Wed, 22 Jun 2016 20:04:54 +0000 (16:04 -0400)]
res_fax: Fix reference leak in fax_v21_session_new.
fax_v21_session_new created a session details object but only released
the allocation reference during error conditions. fax_session_new adds
it's own reference to details if needed so the caller is always
responsible for cleaning it's own reference.
George Joseph [Wed, 22 Jun 2016 15:37:23 +0000 (09:37 -0600)]
chan_unistim: Fix memcpy in get_to_address
A code block only enabled when HAVE_PKTINFO is not defined (FreeBSD)
was using a pointer to a pointer as the destination of a memcpy and a
'&' instead of '*' in the sizeof.
Alexander Traud [Tue, 21 Jun 2016 12:05:30 +0000 (14:05 +0200)]
res_rtp_asterisk: Use latest DTLS version available by underlying platform.
Do not use DTLSv1_method() but DTLS_method() when available in OpenSSL of the
underlying platform. This change enables DTLS 1.2 since OpenSSL 1.0.2, for
WebRTC (DTLS-SRTP via SIP-over-WebSockets). This change enables AEAD-based
cipher-suites.
Alexander Traud [Tue, 21 Jun 2016 13:01:40 +0000 (15:01 +0200)]
BuildSystem: Avoid obsolete warning with HELP_STRING on autoconf.
Some configure scripts used both AC_HELP_STRING and its replacement
AS_HELP_STRING. For consistency and to avoid obsolete warnings, those were
changed to AS_HELP_STRING.
Alexander Traud [Mon, 20 Jun 2016 13:05:09 +0000 (15:05 +0200)]
http: leverage 'bindaddr' for TLS in http.conf
The internal HTTP/WebSocket server supports both TCP and TLS, which can be
activated separately via the file http.conf. The source code intends to re-use
the TCP parameter 'bindaddr' for TLS, even if 'tlsbindaddr' is not specified
explicitly. This did not work because of a typo. This change resolves this typo.
Vasil Kolev [Tue, 31 May 2016 14:10:29 +0000 (17:10 +0300)]
chan_sip: bigger buffers for headers, better failure mode
Currently chan_sip can give weird messages if the contacts don't
fit in the From: or To: headers. This fix changes the from,to and
invite variables to use ast_str, allocates and deallocates them and
resizes them if needed.
Alexander Traud [Wed, 8 Jun 2016 12:20:26 +0000 (14:20 +0200)]
core: Not the configured but granted number of possible file descriptors.
With CLI "core show settings", simply the parameter maxfiles of the file
asterisk.conf was shown. If that parameter was not set, nothing was displayed
although the environment might have set a default number itself. Or if maxfiles
were not granted (completely), still maxfiles was shown. Now, the maximum number
of possible file descriptors in the environment is shown.
George Joseph [Thu, 9 Jun 2016 14:20:33 +0000 (08:20 -0600)]
build: Fix ast_sockaddr initialization to be more portable
A change to glibc 2.22 changed the order of the sockadddr_storage
members which caused the places where we do an initialization of
ast_sockaddr with '{ { 0, 0, } }' to fail compilation. Those
initializers (which we shouldn't have been using anyway) have been
replaced with memsets.
Alexander Traud [Wed, 8 Jun 2016 10:58:48 +0000 (12:58 +0200)]
astfd: Not maximum size of a single file but maximum file descriptors.
With menuselect "DEBUG_FD_LEAKS" and CLI "core show fd", the maximum size of a
single file was shown. Now, the maximum number of possible file descriptors is
shown.
Timo Teräs [Thu, 2 Jun 2016 19:53:39 +0000 (22:53 +0300)]
Fix #include poll.h and sys/cdefs.h
POSIX defines poll.h, sys/poll.h should not be used at is c-library
internal header which may or may not exist. Notable in musl it
generates warning of being incorrect. And add explict include of
sys/cdefs.h where needed.
Alexander Traud [Tue, 7 Jun 2016 07:16:02 +0000 (09:16 +0200)]
BuildSystem: Avoid 'ar cru' and use 'ar cr' instead.
In several internal library projects, the files are archived with the help of
'ar cr'. Only the projects editline and the Objective Open H.323 stack
implementation in C (ooh323c) use 'ar cru' instead. Recently, some platforms
changed the default parameters of AR which creates "/usr/bin/ar: `u' modifier
ignored since `D' is the default (see `U')". For consistency and to avoid this
message all projects use 'ar cr' now.
* Local fax starts rtp call to remote fax
* Remote fax starts t38 call back to local fax.
* Local fax sends t38 no-signal to Asterisk before sending an OK.
* udptl processes the frame and increments the expected sequence number.
* chan_sip drops the frame because the call isn't up so nothing goes out
the external interface to open the port for incoming packets.
* Local fax sends OK and Asterisk sends OK to the remote fax.
* Remote fax sends t38 packets which are dropped by the firewall.
* Local fax re-sends t38 no-signal with the same sequence number.
* udptl drops the frame because it thinks it's a dup.
* Still no outgoing packets to open the firewall.
* t38 negotiation fails.
The patch drops frames t38 received before udptl sequence processing
when the call hasn't been answered yet. The second no-signal frame
is then seen as new and is relayed out the external interface which
opens the port and allows negotiation to continue.
George Joseph [Tue, 17 May 2016 16:14:51 +0000 (10:14 -0600)]
chan_sip: Prevent extra Session-Expires headers from being added
When chan_sip does a re-INVITE to refresh a session and authentication
is required, the INVITE with the Authorization header containes a
second Session-Expires header without the ";refersher=" parameter.
This is causing some proxies to return a 400. Also, when Asterisk is
the uas and the refresher, it is including the Session-Expires and
Min-SE headers in OPTIONS messages which is not allowed per RFC4028.
This patch (based on the reporter's) Checks to see if a Session-Expires
header is already in the message before adding another one. It also
checks that the method is INVITE or UPDATE.
Tzafrir Cohen [Tue, 10 May 2016 13:17:29 +0000 (16:17 +0300)]
followme: delete the right recorded name file
FollowMe with the option a records the name of the caller and plays it
to the callee. However it has failed to clean up that recorded file
as it tried to delete the file name without the '.sln' extension.
Alexei Gradinari [Tue, 10 May 2016 14:20:54 +0000 (10:20 -0400)]
res_fax/t38_gateway: Peer V.21 session is created on wrong channel
The channel and peer V.21 sessions are created on the same channel now.
The peer V.21 session should be created only on peer channel
when one of channel can handle T.38.
Also this patch enable debug for T.38 gateway session
if global fax debug enabled.
Andrew Nagy [Thu, 17 Mar 2016 19:29:38 +0000 (12:29 -0700)]
app_voicemail: always copy dynamic struct to avoid race condition
Voicemail email addresses can be corrupt or voicemail
emails can end up being sent to the wrong email address if asterisk is
reading voicemail.conf during a reload and processing an email at the
same time. This patch always copies the struct that would otherwise only
be copied once.
ASTERISK-24463 #close
Reported by: John Campbell
Tested by: Etienne Lessard
Tested by: Andrew Nagy
Change-Id: I3a0643813116da84e2617291903d0d489b7425fb
George Joseph [Mon, 25 Apr 2016 03:51:16 +0000 (21:51 -0600)]
config: Fix ast_config_text_file_save writability check for missing files
A patch I did back in 2014 modified ast_config_text_file_save to check the
writability of the main file and include files before truncating and re-writing
them. An unintended side-effect of this was that if a file doesn't exist,
the check fails and the write is aborted.
This patch causes ast_config_text_file_save to check the writability of the
parent directory of missing files instead of checking the file itself. This
allows missing files to be created again. A unit test was also added to
test_config to test saving of config files.
The regression was discovered when app_voicemail's passwordlocation=spooldir
feature stopped working.
ASTERISK-25917 #close Reported-by: Jonathan Rose
Change-Id: Ic4dbe58c277a47b674679e49daed5fc6de349f80
Kevin Harwell [Thu, 21 Apr 2016 20:35:26 +0000 (15:35 -0500)]
app_queue: queue members can receive multiple calls
It was possible for a queue member that is a member of at least 2 or more
queues to receive mulitiple calls at the same time. This happened because
of a race between when a member was being rung and when the device state
notified the other queue(s) member object of the state change.
This patch makes it so when a queue member is being rung it gets added to
a global pool of queue members. If that same member is tried again, e.g.
from another queue, and it is found to already exist in the pending member
container then it will not ring that member.
The test_voicemail_notify_endl test checks the end-of-line
characters of an email message to confirm that they are consistent.
The test wrongfully assumed that reading from the email message
into a buffer will always result in more than 1 character being
read. This is incorrect. If only 1 character was read the test
would go outside of the buffer and access other memory causing
a crash.
The test now checks to ensure that 2 or more characters are read
in ensuring the test stays within the buffer.
app_voicemail/IMAP: IMAP access FATAL error: Out of memory
Sometimes uw-imap function 'mail_fetchbody' returns huge len
which then pass to uw-imap function 'rfc822_base64'.
uw-imap tries to allocate huge memory and abort() on fail.
This patch check the len.
If the len more than max size (128 Mbytes) log error.
This patch also set variables len, newlen to avoid uninizialezed len.
This patch also check pointer returned by rfc822_base64.
Walter Doekes [Thu, 24 Mar 2016 12:36:39 +0000 (13:36 +0100)]
musiconhold: Only warn if music class is not found in memory and database.
The log message when a MusicOnHold music class was not found was changed
from debug level to WARNING level in Asterisk 11.19 and 13.5. For those
using realtime musiconhold, this message is wrong because it warns
before checking the database.
This changeset delays the warning until after the database has been
checked.
Walter Doekes [Thu, 24 Mar 2016 10:38:16 +0000 (11:38 +0100)]
core/logging: Fix broken syslog levels on older glibc.
The fix to ASTERISK-25407 introduced the usage of LOG_MAKEPRI. However
this macro is broken in older glibc (< 2.17); it would left-shift the
facility a second time, causing the resultant priority to become
invalid.
The syslog manpage mentions nothing about LOG_MAKEPRI and suggests this:
The priority argument is formed by ORing the facility and the level
values [...].
chan_sip.c: Space after port causes unnecessary resolution attempt
check_via() already skips leading blanks where the sent-by address (with the
optional port) should be placed.
Since RFC 3261 allows for blanks between the port ant the Via parameters:
> https://tools.ietf.org/html/rfc3261#section-20.42
(actually it allows a lot of blanks more ;-)). I just switched from
ast_skip_blanks() to ast_strip() on the local copy of the string.
Gianluca Merlo [Sat, 19 Mar 2016 12:34:26 +0000 (13:34 +0100)]
config: fix flags in uint option handler
The configuration unsigned integer option handler sets flags for the
parser as if the option should be a signed integer (PARSE_INT32),
leading to errors on "out of range" values. Fix flags (PARSE_UINT32).
Gianluca Merlo [Sat, 19 Mar 2016 01:32:51 +0000 (02:32 +0100)]
func_aes: fix misuse of strlen on binary data
The encryption code for AES_ENCRYPT evaluates the length of the data to
be encoded in base64 using strlen. The data is binary, thus the length
of it can be underestimated at the first NULL character.
Reuse the write pointer offset to evaluate it, instead.
projects / thirdparty / asterisk.git / log
