Dan Cropp [Wed, 21 Aug 2019 15:58:00 +0000 (10:58 -0500)]
pjproject: Configurable setting for cnonce to include hyphens or not
NEC SIP Station interface with authenticated registration only supports cnonce
up to 32 characters. In Linux, PJSIP would generate 36 character cnonce
which included hyphens. Teluu developed this patch adding a compile time
setting to default to not include the hyphens. They felt it best to still
generate the UUID and strip the hyphens.
They have indicated it will be part of PJSIP 2.10.
ASTERISK-28509 Reported-by: Dan Cropp
Change-Id: Ibdfcf845d4f8c0a14df09fd983b11f2d72c5f470
George Joseph [Tue, 20 Aug 2019 18:04:56 +0000 (12:04 -0600)]
res_ari.c: Prefer exact handler match over wildcard
Given the following request path and 2 handler paths...
Request: /channels/externalMedia
Handler: /channels/{channelId} "wildcard"
Handler: /channels/externalmedia "non-wildcard"
...if /channels/externalMedia was registered as a handler after
/channels/{channelId} as shown above, the request would automatically
match the wildcard handler and attempt to parse "externalMedia" into
the channelId variable which isn't what was intended. It'd work
if the non-wildard entry was defined in rest-api/api-docs/channels.json
before the wildcard entry but that makes the json files
order-dependent which isn't a good thing.
To combat this issue, the search loop saves any wildcard match but
continues looking for exact matches at the same level. If it finds
one, it's used. If it hasn't found an exact match at the end of
the current level, the wildcard is used. Regardless, after
searching the current level, the wildcard is cleared so it won't
accidentally match for a different object or a higher level.
BTW, it's currently not possible for more than 1 wildcard entry
to be defined for a level. For instance, there couldn't be:
Handler: /channels/{channelId}
Handler: /channels/{channelName}
We wouldn't know which one to match.
Alexei Gradinari [Wed, 14 Aug 2019 19:52:01 +0000 (15:52 -0400)]
app_voicemail/IMAP: check mailstream not NULL in leave_voicemail
The function leave_voicemail checks if expungeonhangup is set,
but does not check if IMAP stream is closed,
so it could call imap function with NULL stream.
This leads to segfault.
Kevin Harwell [Wed, 7 Aug 2019 22:54:34 +0000 (17:54 -0500)]
srtp: Fix possible race condition, and add NULL checks
Somehow it's possible for the srtp session object to be NULL even though the
Asterisk srtp object itself is valid. When this happened it would cause a
crash down in the srtp code when attempting to protect or unprotect data.
After looking at the code there is at least one spot that makes this situation
possible. If Asterisk fails to unprotect the data, and after several retries
it still can't then the srtp->session gets freed, and set to NULL while still
leaving the Asterisk srtp object around. However, according to the original
issue reporter this does not appear to be their situation since they found
no errors logged stating the above happened (which Asterisk does for that
situation).
An issue was found however, where a possible race condition could occur between
the pjsip incoming negotiation, and the receiving of RTP packets. Both places
could attempt to create/setup srtp for the same rtp instance at the same time.
This potentially could be the cause of the problem as well.
Given the above this patch adds locking around srtp setup for a given rtp, or
rtcp instance. NULL checks for the session have also been added within the
protect and unprotect functions as a precaution. These checks should at least
stop Asterisk from crashing if it gets in this situation again.
This patch also fixes one other issue noticed during investigation. When doing
a replace the old object was freed before creating the replacement. If the new
replacement object failed to create then the rtp/rtcp instance would now point
to freed srtp data which could potentially cause a crash as well when the next
attempt to reference it was made. This is now fixed so the old srtp object is
kept upon replacement failure.
Lastly, more logging has been added to help diagnose future issues.
George Joseph [Thu, 8 Aug 2019 12:12:18 +0000 (06:12 -0600)]
CI: Add "throttle" label and "skip_gate" capability
To make throttling by label fully active, the "throttle" option
has to be specified with a specific label.
You can now specify "skip_gate" in the Gerrit comments when you
do a +2 code review to tell Jenkins not to actually run the
gate. You'd do this if you plan to manually merge the change.
Also updated the "printenv" debug output to better sort multi-line
comments.
Joshua Colp [Mon, 5 Aug 2019 12:23:53 +0000 (09:23 -0300)]
cdr / cel: Use event time at event creation instead of processing.
When updating times on CDR or CEL records using the time at which
it is done can result in times being incorrect if the system is
heavily loaded and stasis message processing is delayed.
This change instead makes it so CDR and CEL use the time at which
the stasis messages that drive the systems are created. This allows
them to be backed up while still producing correct records.
George Joseph [Tue, 6 Aug 2019 15:40:54 +0000 (09:40 -0600)]
CI: Make node labels job-specific
Originally, the eligible nodes for a job were labelled only by
"swdev-docker". So basically any node could run any job. We had
found that allowing a node to run more than 1 gate at a time was
problematic so we limited the nodes to processing 1 job at a time.
With the creation of the Asterisk 17 branches however, we now have
so many active branches that getting checks and gates through in
a timely manner is problematic when a node can run only 1 job
at a time.
Now the nodes are also labelled by the job type they can run.
For instance: "asterisk-check", "asterisk-gate", etc. With the
"Throttle Concurrent Builds" plugin, we can now allow a node to
run more than 1 job BUT throttle by job type. For instance:
Allow 2 jobs but only 1 asterisk-gate at a time.
Now a node can run 2 checks or 1 check and 1 gate or 1 gate but
not 2 gates at a time.
Kevin Harwell [Thu, 1 Aug 2019 21:22:01 +0000 (16:22 -0500)]
various modules: json integer overflow
There were still a few places in the code that could overflow when "packing"
a json object with a value outside the base type integer's range. For instance:
unsigned int value = INT_MAX + 1
ast_json_pack("{s: i}", value);
would result in a negative number being "packed". In those situations this patch
alters those values to a ast_json_int_t, which widens the value up to a long or
long long.
Joshua Colp [Thu, 1 Aug 2019 10:07:45 +0000 (10:07 +0000)]
res_pjsip: Fix multiple of the same contact in "pjsip show contacts".
The code for gathering contacts could result in the same contact
being retrieved and added to the list multiple times. The container
which stores the contacts to display will now only allow a contact
to be added to it once instead of multiple times.
George Joseph [Mon, 29 Jul 2019 13:31:56 +0000 (07:31 -0600)]
loader.c: Fix possible SEGV when a module fails to register
When a module fails to register itself (usually a coding error
in the module), dlerror() can return NULL. We weren't checking
for that in load_dlopen() before trying to strdup the error message
so a SEGV was thrown. dlerror() is now surrounded with an S_OR
so we don't SEGV.
George Joseph [Wed, 24 Jul 2019 20:15:27 +0000 (14:15 -0600)]
CI: Don't enable non-core modules in Certified branches
We don't support non-core modules for Certified releases but we
were enabling them for CI builds which was causing lots of test
failures. Now we don't.
Details:
- The memcpy() call copied part of "dahdi_conf" and not "dahdi_conf.mfcr2"
- As a result, the memcmp() in dahdi_r2_get_link() always fails
- This cause dahdi_r2_get_link() to create new link for every channel
(instead of a new link for every ~30 channels)
- With the fix, far less links are generated -- so we use far less threads
George Joseph [Fri, 19 Jul 2019 16:20:38 +0000 (10:20 -0600)]
CI: Add cleanWs to cleanup steps in jenkinsfiles
We're at the point where there are enough Jenkins jobs for
Asterisk branches than even cleaned checkouts of Asterisk
will add up to more disk space than is available on the
in-memory workspace mount. Since we archive all relevent
artifacts anyway, there's no need to keep the workspace
around after the job finishes, whether it succeeds or fails.
Walter Doekes [Wed, 17 Jul 2019 13:06:12 +0000 (15:06 +0200)]
sched: Don't allow ast_sched_del to deadlock ast_sched_runq from same thread
When fixing ASTERISK~24212, a change was done so a scheduled callback could not
be removed while it was running. The caller of ast_sched_del would have to wait.
However, when the caller of ast_sched_del is the callback itself (however wrong
this might be), this new check would cause a deadlock: it would wait forever
for itself.
This changeset introduces an additional check: if ast_sched_del is called
by the callback itself, it is immediately rejected (along with an ERROR log and
a backtrace). Additionally, the AST_SCHED_DEL_UNREF macro is adjusted so the
after-ast_sched_del-refcall function is only run if ast_sched_del returned
success.
This should fix the following spurious race condition found in chan_sip:
- thread 1: schedule sip_poke_peer_now (using AST_SCHED_REPLACE)
- thread 2: run sip_poke_peer_now
- thread 2: blank out sched-ID (too soon!)
- thread 1: set sched-ID (too late!)
- thread 2: try to delete the currently running sched-ID
After this fix, an ERROR would be logged, but no deadlocks (in do_monitor) nor
excess calls to sip_unref_peer(peer) (causing double frees of rtp_instances and
other madness) should occur.
(Thanks Richard Mudgett for reviewing/improving this "scary" change.)
Note that this change does not fix the observed race condition: unlocked
access to peer->pokeexpire (and potentially other scheduled items in chan_sip),
causing AST_SCHED_DEL_UNREF to look at a changing id. But it will make the
deadlock go away. And in the observed case, it will not have adverse affects
(like memory leaks) because the scheduled item is removed through a different
path.
George Joseph [Tue, 16 Jul 2019 12:55:49 +0000 (06:55 -0600)]
Build: Separate header install/uninstall
Asterisk headers are no longer installed and uninstalled
automatically when performing a "make install" or a
"make uninstall". To install/uninstall the headers, use
"make install-headers" and "make uninstall-headers".
The headers also continue to be uninstalled when performing a
"make uninstall-all".
Also corrects an issue where /usr/include/asterisk.h was never
being removed at all.
chan_sip: Handle invalid SDP answer to T.38 re-invite
The chan_sip module performs a T.38 re-invite using a single media
stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional
media stream with no joint codec a crash will occur as the code
assumes that at least one joint codec will exist in this
scenario.
Kevin Harwell [Wed, 12 Jun 2019 18:49:30 +0000 (13:49 -0500)]
app_voicemail: Remove dependency on the stasis cache
app_voicemail utilized the stasis cache when polling mailboxes for MWI. This
caused a memory leak (items were not being appropriately removed from the
cache), and subsequent slowdown in system processing. This patch removes the
stasis cache dependency, thus alleviating the memory leak. It does this by
utilizing the new MWI API that better manages state lifetime.
Kevin Harwell [Wed, 12 Jun 2019 18:11:42 +0000 (13:11 -0500)]
MWI: Update modules that subscribe to MWI to use new API calls
The MWI core recently got some new API calls that make tracking MWI state
lifetime more reliable. This patch updates those modules that subscribe to
specific MWI topics to use the new API. Specifically, these modules now
subscribe to both MWI topics and MWI state.
Kevin Harwell [Tue, 11 Jun 2019 19:12:12 +0000 (14:12 -0500)]
mwi: Update the MWI core to use stasis_state API
** Note **
This patch is meant to be the minimum needed in order for the MWI core to use
the now underlying stasis_state module. As such it does not completely remove
its reliance on the stasis_cache. Doing so has allowed current consumers to
not have to change, and update those code paths for this patch. When time
allows, subsequent patches can/will be made to those consumers to take advantage
of some of the new MWI API included here. Thus, eventually and ultimately
removing MWI dependency on the stasis_cache.
** End Note **
This patch makes it so the MWI core now takes advantage of the new stasis_state
API. Consumers of MWI should no longer need to depend upon stasis topic pooling,
and the stasis cache directly. Similar functionality and implementation details
have now been pushed into the stasis_state module. However, all MWI state should
be accessed via the MWI API itself.
As such a few new methods, and constructs have been added to the MWI core that
facilitate consumer publishing, subscribing, and iterating over MWI state data.
* ast_mwi_subscriber *
Created via ast_mwi_add_subscriber, a subscriber subscribes to a given mailbox
in order to receive updates about the given mailbox. Adding a subscriber will
create the underlying topic, and associated state data if those do not already
exist for it. The topic, and last known state data is guaranteed to exist for
the lifetime of the subscriber.
* ast_mwi_publisher *
Before publishing to a particular topic a publisher should be created. This can
be achieved by using ast_mwi_add_publisher. Publishing to a mailbox should then
be done using one of the MWI publish functions. This ensures the message is
published to the appropriate topic, and the last known state is maintained.
* ast_mwi_observer *
Add an observer in order to watch for particular MWI module related events. For
instance if a submodule needs to know when a subscription is added to any
mailbox an observer can be added to watch for that.
* other *
Urgent message count is now part of the published MWI state object. Also state
can be iterated over using defined callbacks.
Fixes a crash in chan_dahdi occurring on 32-bit systems. A previous
patch introduced a variable of type unassigned long long which is 64-bits.
Casting it as 'ast_json_int_t' along with JSON type 'I' makes it work
with 32-bit systems.
Kevin Harwell [Tue, 11 Jun 2019 17:30:27 +0000 (12:30 -0500)]
stasis_state: Add new stasis_state module
This new module describes an API that can be thought of as a combination of
stasis topic pools, and caching. Except, hopefully done in a more efficient
and less memory "leaky" manner.
The API defines methods, and data structures for managing, and tracking
published message state through stasis. By adding a subscriber or publisher,
consumers can more easily track the lifetime of the contained state. For
instance, when no more publishers and/or subscribers have need of the topic,
and associated state its data is removed from the managed container.
* stasis_state_manager *
The manager stores and well, manages state data. Each state is an association
of a unique stasis topic, and the last known published stasis message on that
topic. There is only ever one managed state object per topic. For each topic
all messages are forwarded to an "all" topic also maintained by the manager.
* stasis_state_subscriber *
Topic and state can be created, or referenced within the manager by adding a
stasis_state_subscriber. When adding a subscriber if no state currently exists
new managed state is immediately created. If managed state already exists then
a new subscriber is created referencing that state. The managed state is
guaranteed to live throughout the subscriber's lifetime. State is only removed
from the manager when no other entities require it.
* stasis_state_publisher *
Topic and state can be created, or referenced within the manager by also adding
a stasis_state_publisher. When adding a publisher if no state currently exists
new managed state is created. If managed state already exists then a new
publisher is created referencing that state. The managed state is guaranteed to
live throughout the publisher's lifetime. State is only removed from the
manager when no other entities require it.
* stasis_state_observer *
Some modules may wish to watch for, and react to managed state events. By
registering a state observer, and implementing handlers for the desired
callbacks those modules can do so.
* other *
Callbacks also exist that allow consumers to iterate over all, or some of the
managed state.
Chris-Savinovich [Thu, 27 Jun 2019 18:50:57 +0000 (13:50 -0500)]
app_voicemail.c: Build all three variants for app_voicemail at the same time
Changes made to apps/Makefile to optionally build all three app_voicemail
variations at the same time: 1) file (default), 2) odbc, and 3) imap.
This functionality was requested by users. modules.conf.sample warns the
user to make sure only one voicemail is loaded at a time.
George Joseph [Thu, 27 Jun 2019 17:46:44 +0000 (11:46 -0600)]
pjproject_bundled: Add peer information to most SSL/TLS errors
Most SSL/TLS error messages coming from pjproject now have either
the peer address:port or peer hostname, depending on what was
available at the time and code location where the error was
generated.
sungtae kim [Mon, 15 Apr 2019 23:26:46 +0000 (01:26 +0200)]
res/ari/resource_channels.c: Added hangup reason code for channels
Currently, DELETE /ari/channels/<channelID> supports only few hangup reasons.
It's good enough for simple use, but when it needs to set the detail reason,
it comes challenges.
Added reason_code query parameter for that.
Dan Cropp [Tue, 2 Apr 2019 19:42:44 +0000 (14:42 -0500)]
chan_pjsip: Transmit REFER waits for the REFER result setting TRANSFERSTATUS
Previously, when a Transfer (REFER) was performed, chan_pjsip would set
the TRANSFERSTATUS to SUCCESS when the REFER was queued up. This did not
reflect a successful/unsuccessful transfer the way chan_sip did.
Added a callback module to process the refer subscription information.
Now depends on res_pjsip_pubsub so call transfer progress can be monitored
and reported
ASTERISK-26968 #close Reported-by: Dan Cropp
Change-Id: If6c27c757c66f71e8b75e3fe49da53ebe62395dc
Alexei Gradinari [Wed, 29 May 2019 22:54:16 +0000 (18:54 -0400)]
res_fax: gateway sends T.38 request to both endpoints if V.21 detected
According T.38 Gateway 'Use case 3'
https://wiki.asterisk.org/wiki/display/AST/T.38+Gateway
T.38 Gateway should send T.38 negotiation request to called endpoint
if FAX preamble (using V.21 detector) generated by called endpoint.
But it does not, because fax_gateway_detect_v21 constructs T.38
negotiation request, but forwards it only to other channel,
not to the channel on which FAX preamble is detected.
Some SIP endpoints could be improperly configured to rely on the other side
to initiate T.38 re-INVITEs.
With this patch the T.38 Gateway tries to negotiate with both sides
by sending T.38 negotiation request to both endpoints supported T.38.
George Joseph [Wed, 19 Jun 2019 16:58:39 +0000 (10:58 -0600)]
CI: New way to determnine libdir
We were using the presence of /usr/lib64 to determine where
shared libraries should be installed. This only existed on
Redhat based systems and was safe. If it existed, use it,
otherwise use /usr/lib.
Unfortunately, Ubuntu 19 decided to create a /usr/lib64 BUT
NOT INCLUDE IT IN THE DEFAULT ld.so.conf. So if anything is
installed there, it won't work.
The new method, just looks for $ID in /etc/os-release and if it's
centos or fedora, uses /usr/lib64 and if ubuntu, uses /usr/lib.
NOTE: This applies only to the CI scripts. Normal asterisk
build and install is not affected.
Alexei Gradinari [Fri, 14 Jun 2019 20:45:39 +0000 (16:45 -0400)]
translate.c do not log WARNING on empty audio frame
There is WARNING "no samples for ..." on each Playtones.
The function ast_playtones_start calls ast_activate_generator,
which calls ast_prod.
The function ast_prod calls ast_write with empty audio frame.
In this case it's spam log.
George Joseph [Mon, 17 Jun 2019 17:11:49 +0000 (11:11 -0600)]
chan_dahdi: Address gcc9 issues
Fixed format-truncation issues in chan_dahdi.c and
sig_analog.c. Since they're related to fields provided
by dahdi-tools we can't change the buffer sizes so we're just
checking the return from snprintf and printing an errior if we
overflow.
George Joseph [Mon, 10 Jun 2019 21:58:59 +0000 (15:58 -0600)]
app_confbridge: Attended transfer event fixup
When a channel already in a conference bridge is attended transfered
to another extension, or when an existing call is attended
transferred into a conference bridge, we now generate ConfbridgeJoin
and ConfbridgeLeave events for the entering and departing channels.
Joshua Colp [Tue, 11 Jun 2019 12:26:42 +0000 (09:26 -0300)]
res_rtp_asterisk: Add support for DTLS packet fragmentation.
This change adds support for larger TLS certificates by allowing
OpenSSL to fragment the DTLS packets according to the configured
MTU. By default this is set to 1200.
This is accomplished by implementing our own BIO method that
supports MTU querying. The configured MTU is returned to OpenSSL
which fragments the packet accordingly. When a packet is to be
sent it is done directly out the RTP instance.
[custom_atxfer]
exten => s,1,
same => n,Playback(pbx-transfer)
same => n,Read(dest,dial,10,i,3,3)
same => n,AttendedTransfer(${dest})
same => n,Return()
agupta [Thu, 6 Jun 2019 12:48:18 +0000 (18:18 +0530)]
chan_pjsip.c: Check for channel and session to not be NULL in hangup
We have seen some rare case of segmentation fault in hangup function
and we could notice that channel pointer was NULL. Debug log shows
that there is a 200 OK answer and SIP timeout at the same time. It
looks that while the SIP session was being destroyed due to timeout
call hangup due to answer event lead to race condition and channel
is being destroyed from two different places. The check ensures we
check it not to be NULL before freeing it.
projects / thirdparty / asterisk.git / log
