Travis Cross [Sun, 23 Feb 2014 18:07:16 +0000 (18:07 +0000)]
Describe workaround in Debian/README.source
Pre-jessie versions of Debian's mk-build-deps tool rely on libraries
that do not correctly parse debian/control, so we have to clip it down
to a smaller subset of the format to build on e.g. wheezy.
Ken Rice [Fri, 21 Feb 2014 20:51:46 +0000 (14:51 -0600)]
FS-5512 --resolve ; clean up PostgreSQL libpq client detection in configure
Clean up the libpq autodection and make sure it functionswith both pg_config and pkg-config.
if you are installing into a non-FHS standard location such as what happens with RPMs from the Postgres yum repo, you will need to make sure pkg-config can fild the libpq.pc file.
example: export PKG_CONFIG_PATH=/usr/pgsql-9.3/lib/pkgconfig
you may also want to make sure your path can find pg_config
example: export PATH=/usr/pgsql-9.3/bin:$PATH
Travis Cross [Tue, 18 Feb 2014 21:05:01 +0000 (21:05 +0000)]
Exit non-zero from build-all on any build failure
./debian/util.sh build-all will do a number of builds in sequence or
parallel. We now track if any of those builds fail to return a
.changes file and exit non-zero.
FS-6230 --resolve There was no NAT detection enabled on the calls, this patch will activate it explicitly when used with force-rport to avoid a similar problem with other users
Travis Cross [Tue, 11 Feb 2014 17:40:58 +0000 (17:40 +0000)]
Add voicemail parameter storage-dir-shared
If this is set to true (default false) we assume the storage-dir is
shared, organized by realm/domain, with uses other than voicemail, so
we adopt a directory structure of:
Travis Cross [Tue, 11 Feb 2014 15:50:50 +0000 (15:50 +0000)]
Add vm-domain-storage-dir param
This replaces the semantics of the storage-dir parameter without the
deprecation notice. The behavior of storage-dir never should have
been deprecated, though it was probably correct to deprecate the name
itself.
Rather than having both vm-storage-dir and vm-domain-storage-dir it
might be nice if the config system could just notice at what level it
was defined and do the right thing. Indeed, this is why I'd left
things as-is for so long.
But as Master Foo famously said, "which one will reach the other side
of the river: the one who dreams of a raft, or the one that hitchhikes
to the next bridge?"
Travis Cross [Tue, 11 Feb 2014 06:02:54 +0000 (06:02 +0000)]
Add mod_sofia support for setting socket TCP keepalive
Some OSes like linux provide a mechanism for sending TCP keepalive
pings. Sofia provides its own mechanism for doing this in userspace.
We shouldn't conflate these two mechanisms.
Travis Cross [Tue, 11 Feb 2014 06:26:01 +0000 (06:26 +0000)]
Rework handling of Linux TCP keepalives in Sofia
This separates out the Linux socket TCP keepalive timeout interval
from Sofia's internal mechanisms. Earlier we tied these together. In
retrospect this seems improper.
These two values can now be set separately.
You might, for example, want to keep the Sofia internal mechanism
disabled completely while enabling the platform-based mechanism if
your platform supports it.
We also here reform the default value of the socket TCP keepalive
parameter to 30 seconds.
Travis Cross [Tue, 11 Feb 2014 05:33:25 +0000 (05:33 +0000)]
Synchronize Sofia and Linux TCP keepalive timeout units
Sofia keeps the TCP keepalive timeout in milliseconds, but Linux
expects the value in seconds. Before this change, it's unlikely the
TCP_KEEPIDLE and TCP_KEEPINTVL calls were having much effect as we
would have been passing them a huge value.
FS-6128 FS-6200 --resolve allocating the sofia_private on the nua_handle seems to lead to memory corruption, changing it back to malloc as done in the version before the regression
Jonathan Lennox [Thu, 27 Oct 2011 16:06:12 +0000 (16:06 +0000)]
Fix inline functions when compiling as C99.
Make private inlines in C files 'static inline', not just 'inline', or the compiler
can discard the definition if it chooses not to inline it.
Make functions declared in header files not be declared inline (if they're defined in a
.c file). It looks like no functions in this category are used in LibSRTP's critical
path, only for unit tests or generating AES tables.
To see the problem prior to this commit, compile with "gcc -O0 -std=gnu99".
Travis Cross [Thu, 6 Feb 2014 15:27:06 +0000 (15:27 +0000)]
Add support for EECDH to Sofia-SIP
This adds support for the ephemeral elliptic curve Diffie-Hellman key
exchange, which provides for forward secrecy in the event that
long-term keys are compromised.
For the moment, we've hard-coded the curve as prime256v1.
Travis Cross [Thu, 6 Feb 2014 00:20:45 +0000 (00:20 +0000)]
Support setting enabled TLS versions in mod_sofia
Previously if tls-version was set to tlsv1 we supported only TLSv1,
but if it was set to sslv23 we supported all versions of TLS. This
was a weird incorrectly documented behavior that we hope no one was
relying on.
Now we can pass a comma-separated list of TLS/SSL versions that we
would like to support in tls-version.
Travis Cross [Thu, 6 Feb 2014 00:18:05 +0000 (00:18 +0000)]
Allow setting enabled TLS versions in Sofia-SIP
Previously if the TPTAG_TLS_VERSION was set to a non-zero value we
supported only TLSv1 (but not TLSv1.1 or TLSv1.2), and if was set to
zero we supported all versions of TLS and SSL (including the
ridiculous SSLv2).
Now we take an integer field where various bits can be set indicating
which versions of TLS we would like to support.
Travis Cross [Sat, 1 Feb 2014 15:39:28 +0000 (15:39 +0000)]
Improve configure handling of ODBC
This commit changes behavior such that if --disable-core-odbc-support
is provided we'll build without ODBC even if the libraries are there.
Previously we would always quietly build with ODBC support if it was
on the system.
Contrary to what was said in commit 72a804983, my 2012 commit ffc8e81b7 did not affect the behavior of --disable-core-odbc-support.
We never recognized the flag as being different from not providing the
option at all.
What the commit did do was to cause us to fail loudly if
--enable-core-odbc-support was provided but the system libraries were
not there. This behavior is preserved.
(That commit also caused us to potentially run certain checks twice,
which this commit resolves.)
You can also now provide --enable-core-odbc-support=optional which has
the same effect as the default behavior.
FS-6173 --resolve
Thanks-to: James Le Cuirot <chewi@aura-online.co.uk>
Moises Silva [Wed, 29 Jan 2014 00:07:34 +0000 (19:07 -0500)]
Fix ESL infinite loop on handle_recv() when errno is already set
system calls do not clear errno, just set it in case of failure, so we
gotta make sure the recv() syscall really failed by checking the return value
projects / thirdparty / freeswitch.git / log
