Matt Jordan [Thu, 16 Mar 2017 15:39:00 +0000 (10:39 -0500)]
res/res_pjsip_session: Only check localnet if it is defined
If local_net is not defined on a transport, transport_state->localnet
will be NULL. ast_apply_ha will, be default, return AST_SENSE_ALLOW in
this case, causing the external_media_address, if set, to be skipped.
This patch causes us to only check if we are sending within a network if
local_net is defined.
Mark Michelson [Tue, 7 Mar 2017 20:13:02 +0000 (14:13 -0600)]
Add rtcp-mux support
This commit adds support for RFC 5761: Multiplexing RTP Data and Control
Packets on a Single Port. Specifically, it enables the feature when
using chan_pjsip.
A new option, "rtcp_mux" has been added to endpoint configuration in
pjsip.conf. If set, then Asterisk will attempt to use rtcp-mux with
whatever it communicates with. Asterisk follows the rules set forth in
RFC 5761 with regards to falling back to standard RTCP behavior if the
far end does not indicate support for rtcp-mux.
The lion's share of the changes in this commit are in
res_rtp_asterisk.c. This is because it was pretty much hard wired to
have an RTP and an RTCP transport. The strategy used here is that when
rtcp-mux is enabled, the current RTCP transport and its trappings (such
as DTLS SSL session) are freed, and the RTCP session instead just
mooches off the RTP session. This leads to a lot of specialized if
statements throughout.
Sean Bright [Thu, 9 Mar 2017 17:05:12 +0000 (12:05 -0500)]
app_queue: Handle the caller being redirected out of a queue bridge
A caller can leave the Queue() application after being bridged with a
member in a few ways:
* Caller or member hangup
* Caller is transferred somewhere else (blind or atx)
* Caller is externally redirected elsewhere
The first 2 scenarios are currently handled by subscribing to stasis
messages, but the 3rd is not explicitly covered. If a caller is
redirected away from the Queue() application, the member who was last
bridged with that caller will remain in an "In use" state until the
caller hangs up.
This patch adds handling of the caller leaving the queue via
redirection. We monitor the caller-member bridge, and if the caller is
the one that leaves, we treat it the same as we would a caller hangup.
Richard Mudgett [Tue, 14 Mar 2017 21:16:23 +0000 (16:16 -0500)]
pbx.c: Fix crash from malformed exten pattern.
Forgetting to indicate an exten is a pattern can cause a crash if the
"pattern" has a character set range. e.g., "9999[3-5]" The crash is due
to a buffer overwrite because the '-' exten eye-candy wasn't removed as
expected and overran the allocated space.
The buffer overwrite is fixed two ways in this patch.
1) Fix ext_strncpy() to distinguish between pattern and non-pattern
extens. Now '-' characters are removed when they are eye-candy and not
when they are part of a pattern character set. Since the function is
private to pbx.c, the return value now returns the number of bytes written
to the destination buffer instead of the strlen() of the final buffer so
the callers that care don't need to add one.
2) Fix callers to ext_strncpy() to supply the correct available buffer
size of the destination buffer.
Richard Begg [Tue, 14 Mar 2017 21:51:41 +0000 (08:51 +1100)]
chan_iax2: Reload of iax peer results in loss of host address/port
When using a non-dynamic peer address, build_peer() invalidates the
peer address structure by setting the address family to unspecified.
However, if dnsmgr is enabled, the subsequent call to ast_dnsmgr_lookup()
will not amend the peer address if the cache is still valid, resulting
in peer connectivity failures.
To fix this, we call ast_dnsmgr_refresh() instead.
Matt Jordan [Tue, 14 Mar 2017 20:12:28 +0000 (15:12 -0500)]
configure: Don't use the progress bar with curl when downloading to stdout
In some scenarios, such as when there may not be a terminal (such as
inside a Docker container), curl will apparently direct the progress bar
to stdout. This can cause extra data to be appended to a file curl'd
down to stdout, resulting in md5 verification failures.
This patch removes the progress bar, and tells curl to download the file
silently.
Matt Jordan [Tue, 14 Mar 2017 12:50:07 +0000 (07:50 -0500)]
res_pjsip_endpoint_identifier_ip: Add an option to match requests by header
This patch adds a new features to the endpoint identifier module,
'match_header'. When set, inbound requests are matched by a provided SIP
header: value pair. This option works in conjunction with the existing
'match' configuration option, such that if any 'match*' attribute
matches an inbound request, the request is associated with the specified
endpoint.
Since this module now identifies by more than just IP address,
appropriate renaming of the module and/or variables can be done in a
non-release branch.
Matt Jordan [Tue, 14 Mar 2017 14:59:48 +0000 (09:59 -0500)]
funcs/func_devstate: Remove new line in Device field of during module load
During module loading of func_devstate, Asterisk emits the current
device state of all Custom device states currently stored in the AstDB.
This was erroneously including a new line character ('\n') to the end of
the device state, causing two new lines to be emitted in
DeviceStateChange AMI events.
Note that this only happened for those device state changes that
occurred during startup. Regular device state changes for Custom device
states are handled elsewhere, and did not have the newline.
ASTERISK-26643 #close
Reported by: Roman Bedros
Tested by: Matt Jordan
patches:
ami_devstate.diff uploaded by Roman Bedros (License 6842)
Matt Jordan [Tue, 14 Mar 2017 14:37:34 +0000 (09:37 -0500)]
main/stasis_cache: Demote the ERROR message when removing a nonexistent item
This patch demotes the ERROR message that is displayed when a
nonexistent item is removed from the Stasis cache. The genesis of this
demotion is due to chan_sip's realtime peers and their interaction with
Asterisk's core ast_endpoint code, but ostensibly it could happen from
other channel drivers as well.
Since Mark Michelson already did an excellent job of explaining on this
issue, it is quoted here for posterity:
"Internally, when a realtime peer is retrieved, Asterisk creates an
ast_endpoint structure. When that peer is destroyed, the ast_endpoint is
destroyed as well. Part of the destruction of the ast_endpoint involves
clearing the Stasis cache of all information about that endpoint. The
problem here is that the act of creating the ast_endpoint is not enough
to actually put any information in the Stasis cache. Instead, something
has to happen, such as a state change, in order for the Stasis cache to
have any information about that endpoint. When a device registers,
chan_sip creates an ast_endpoint structure, processes the REGISTER, and
then destroys the ast_endpoint. When the ast_endpoint is destroyed,
there is nothing to destroy in the Stasis cache, so an error message is
emitted. When you use rtcachefriends, ast_endpoint structures persist
for the lifetime of the module and so you do not see this error
message."
Joshua Colp [Sun, 12 Mar 2017 14:21:16 +0000 (14:21 +0000)]
chan_pjsip: Don't assume a session will have a channel.
When querying for PJSIP specific information using the dialplan
function CHANNEL() it is possible that the underlying session
will no longer have a channel associated with it. This is
most likely to occur when the RTCP HEP module attempts to get
the channel name. If this happens then a crash will occur.
This change just adds a check that the channel exists on the
session before querying it.
George Joseph [Mon, 13 Mar 2017 15:45:47 +0000 (09:45 -0600)]
menuselect: Add a new 'options' support type
The Binaural Rendering patches in the master branch required
menuselect to be updated with a new support type called 'option'.
This allows binaural rendering to be turned on or off when
bridge_softmix is built. This patch backports the 'option'
functionality to the 13 and 14 branches.
To create an option for a module, you can create (or update) the
menuselect-tree xml snippet in the directory where the module
resides and add a member element with an 'option' support_level.
Sean Bright [Mon, 6 Mar 2017 19:15:45 +0000 (14:15 -0500)]
pbx_spool: Gracefully handle long lines in call files
Per the linked issue, we aren't checking the buffer filled by fgets()
to determine if it contains a newline, so we will fail to correctly
parse the trailing portion of a long line.
This patch increases the buffer size from 256 to 1024, and skips any
line that exceeds that length, logging a warning in the process.
Richard Mudgett [Fri, 3 Mar 2017 03:27:00 +0000 (21:27 -0600)]
core: Cleanup ast_get_hint() usage.
* manager.c:manager_state_cb() Fix potential use of uninitialized hint[]
if a hint does not exist for the requested extension. Ran into this when
developing a testsuite test. The AMI event ExtensionStatus came out with
the hint header value containing garbage. The AMI event PresenceStatus
also had the same issue.
* manager.c:action_extensionstate() no need to completely initialize the
hint[]. Only initialize the first element.
Jørgen H [Thu, 16 Feb 2017 10:22:47 +0000 (10:22 +0000)]
res_pjsip WebRTC/websockets: Fix usage of WS vs WSS.
According to the RFC[1] WSS should only be used in the Via header
for secure Websockets.
* Use WSS in Via for secure transport.
* Only register one transport with the WS name because it would be
ambiguous. Outgoing requests may try to find the transport by name and
pjproject only finds the first one registered. This may mess up unsecure
websockets but the impact should be minimal. Firefox and Chrome do not
support anything other than secure websockets anymore.
* Added and updated some debug messages concerning websockets.
* security_events.c: Relax case restriction when determining security
transport type.
* The res_pjsip_nat module has been updated to not touch the transport
on Websocket originating messages.
George Joseph [Tue, 28 Feb 2017 02:07:06 +0000 (19:07 -0700)]
res_pjsip_pubsub: Remove unneeded endpoint unref
When a subscription was being recreated and the endpoint wasn't
found, we were trying to unref the endpoint. This was causing
FRACKs. Removed the unref.
Jørgen H [Thu, 16 Feb 2017 10:16:47 +0000 (10:16 +0000)]
res_pjsip: Fix crash when contact has no status
This change fixes an assumption in res_pjsip that a contact will
always have a status. There is a race condition where this is
not true and would crash. The status will now be unknown when
this situation occurs.
Vitezslav Novy [Sun, 26 Feb 2017 16:09:29 +0000 (17:09 +0100)]
chan_sip: Allow DTLS to be disabled when reloading.
This change fixes a problem where removing the DTLS configuration
options and reloading would not disable DTLS. This occurred
because the DTLS configuration was not reset to an unconfigured
state on reload.
George Joseph [Mon, 27 Feb 2017 18:25:01 +0000 (11:25 -0700)]
build: Warn if asterisk is installed in both 32 and 64 bit sys dirs
... and clean them both up on uninstall.
We've fixed the issue where 'make install' was installing to
/usr/lib on 64-bit systems that use /usr/lib64. Now we need
to clean up the remnants in /usr/lib.
* 'make install' now prints a warning if DESTDIR/ASTLIBDIR
contains 'lib64' and libasterisk* shared libraries or modules
are also found in DESTDIR/ASTLIBDIR with 'lib64' transformed
to 'lib'.
* 'make uninstall' ALWAYS cleans up both DESTDIR/ASTLIBDIR and
DESTDIR/ASTLIBDIR with 'lib64' transformed to 'lib'.
Joshua Colp [Mon, 27 Feb 2017 13:02:38 +0000 (13:02 +0000)]
bridge_native_rtp: Handle case where channel joins already suspended.
The bridge_native_rtp module did not properly handle the case where
a smart bridge operation occurs while a channel is suspended. In this
scenario the module would incorrectly set up local or remote RTP
bridging despite the media having to flow through Asterisk. The remote
endpoint would see two media streams and experience wonky audio.
The module has been changed so that it ensures both channels are
not suspended when performing the native RTP bridging and this
requirement has been documented in the bridge technology.
Joshua Colp [Fri, 24 Feb 2017 17:49:59 +0000 (17:49 +0000)]
config: Improve documentation and behavior of outbound_proxy option.
This change updates the documentation for the outbound_proxy option
to ensure it is consistently stated that a full SIP URI must be
provided for the option.
The res_pjsip_outbound_registration module has also been changed so
that the provided outbound_proxy value is checked to ensure it is a
URI and if not an error is output stating so.
George Joseph [Fri, 10 Feb 2017 00:05:01 +0000 (17:05 -0700)]
pjproject_bundled: Update for pjproject 2.6
* Removed all 2.5.5 functional patches.
* Updated usages of pj_release_pool to be "safe".
* Updated configure options to disable webrtc.
* Updated config_site.h to disable webrtc in pjmedia.
* Added Richard Mudgett's recent resolver patches.
George Joseph [Thu, 23 Feb 2017 21:49:17 +0000 (14:49 -0700)]
build: Execute ldconfig to build cache. (take two)
On some platforms a multiarch approach is used for libraries.
The build system does not take this into account and still
places libraries into the lib directory if no --libdir is
specified to configure. On initial startup this results in
libasteriskssl.so not being found, as it is not in the multiarch
lib directory. To make matters worse, options were being passed
to ldconfig on both Linux and FreeBSD that actually prevented
the rebuild of the cache.
* Fedora has a /usr/share/config.site that automatically tells
autoconf to use /usr/lib64 but CentOS does not. This logic was
copied to configure.ac and modified so systems like Ubuntu,
which still use /usr/lib for 64-bit systems, aren't affected.
Now that we have them in the correct directory...
In order for the system loader to find libasteriskssl and
libasteriskpj, one of 3 things has to happen...
- The linker cache must be rebuilt including the directory
where the libasterisk* libraries were installed. Only root
can rebuild the cache. This was busted.
- We have to link the asterisk binary with an rpath pointing
to the directrory where the libasterisk* libraries were
installed. This makes things very complicated and will happen
over the collective dead bodies of everyone who's had to
package a distribution with an rpath.
- Finally, you can start asterisk with LD_LIBRARY_PATH set to the
directrory where the libasterisk* libraries were installed.
There are no other options. So...
* The invokation of ldconfig has been moved from main/Makefile
to ASTTOPDIR/Makefile, the options have been removed, and
DESTDIR/ASTLIBDIR appended. If you aren't root, you will be
warned after the "Asterisk Installation Compete" banner that
you must re-run 'make install' as root, manually run
'ldconfig DESTDIR/ASTLIBDIR' as root, or run asterisk with
LD_LIBRARY_PATH.
Sean Bright [Wed, 22 Feb 2017 14:53:25 +0000 (09:53 -0500)]
res_config_ldap: Various code improvements
The initial motivation for this patch was to properly handle memory
allocation failures - we weren't checking the return values from the
various LDAP library allocation functions.
In the process, because update_ldap() and update2_ldap() were
substantially the same code, they've been consolidated.
Michael L. Young [Wed, 22 Feb 2017 19:08:05 +0000 (14:08 -0500)]
build_tools: Fix download_externals to allow the use of curl or wget
Not sure if this is really a bug versus an improvement. I can see it being
viewed as a bug though by some.
The current build_tools/download_externals file depends on wget in order to
download external modules. The current build system is able to discover
which tool to use for fetching remote files - either wget or curl.
This patch takes advantage of this capability by modifying the two calls to
the wget binary to instead use what was discovered by the build system.
The patterns provided by pbx_realtime were checked in the order in
which they were returned from the realtime backend. If there was
overlap between multiple patterns, the first one to correctly match was
chosen even though it may not have been the best match.
We now sort the patterns descending by their length and compare in that
order. There may be cases where this still results in a sub-optimal
match, but this patch should improve the overall behavior.
ASTERISK-18271 #close
Reported by: Charlie Smurthwaite
Sean Bright [Tue, 21 Feb 2017 21:09:47 +0000 (16:09 -0500)]
pbx_dundi: DUNDi weight parameter not processed correctly
The DUNDi weight field is not always converted from network byte order
to host byte order. This can result in incorrect weight values and
incorrect selection of DUNDi destinations.
ASTERISK-18731 #close
Reported by: Peter Racz
Patches:
dundi_weight.patch (license #6290) patch uploaded by Peter Racz
Joshua Colp [Tue, 21 Feb 2017 22:34:56 +0000 (16:34 -0600)]
Merge changes from topic 'ASTERISK-26580' into 13
* changes:
res_config_ldap: Don't try to delete non-existent attributes
res_config_ldap: Remove extraneous line numbers from log messages
res_config_ldap: Make memory allocation more consistent
res_config_ldap: Fix configuration inheritance from _general
ast_load_realtime_multientry() returns an ast_config structure whose
ast_categorys are keyed with the empty strings. Several modules were
giving semantic meaning to the category names causing problems at
runtime.
* app_directory: Treated the category name as the mailbox name, and
would fail to direct calls to the appropriate extension after an
entry was chosen.
* app_queue: Queues, queue members, and queue rules were all affected
and needed to be updated.
* pbx_realtime: Pattern matching would never succeed because the
extension entered by the user was always compared to the empty
string.
Sean Bright [Tue, 21 Feb 2017 14:56:54 +0000 (09:56 -0500)]
realtime: Centralize some common realtime backend code
All of the realtime backends create artificial ast_categorys to pass
back into the core as query results. These categories have no filename
or line number information associated with them and the backends differ
slightly on how they create them. So create a couple helper macros to
help make things more consistent.
Also updated the call sites to remove redundant error messages about
memory allocation failure.
Note that res_config_ldap sets the category filename to the 'table name'
but that is not read by anything in the core, so I've dropped it.
Joshua Colp [Thu, 16 Feb 2017 16:30:00 +0000 (16:30 +0000)]
build: Execute ldconfig to build cache.
On some platforms a multiarch approach is used for libraries.
The build system does not take this into account and still
places libraries into the lib directory if no --libdir is
specified to configure. On initial startup this results in
libasteriskssl.so not being found, as it is not in the multiarch
lib directory.
This change does the minimally invasive thing and executes
ldconfig so that the libraries in the lib directory are found
and their location cached. By doing so Asterisk starts up fine.
If DESTDIR is specified, however, the old logic is executed as
the install process may not have permission to alter the ldconfig
cache.
The inbound authentication object is supposed to be immutable when it is
stored in sorcery. However, the immutable property is violated if the
authentication object does not have a realm set.
The immutable contract violation has a different effect depending upon
what sorcery back end is used. If it is the config file back end you
would get the same object back until res_pjsip is reloaded. If it is the
real-time or AstDB back end you would get a new object on each query. If
it is cached you would get the same object back until it is refreshed from
the database.
Once an inbound authentication object has its realm set it may or may not
get updated again if the default_realm changes.
If the same authentication object is used for inbound and outbound
authentication then the immutable violation can make it very hard to
determine why the outbound authentication now fails. The only diagnostic
message is a complaint about no realms matching when it had worked
earlier. It fails because of the difference in behaviour for an empty
realm setting between inbound and outbound authentication objects.
* Fixed the sorcery object immutable violation by creating a new object
and setting the default_realm on it instead. The new object is a shallow
copy for speed.
* The auth_store thread storage no longer holds an auth ref. It
interferes with the shallow copy and never needed a ref anyway.
There was code attempting to update the artificial authentication object
whenever the default_realm changed. However, once the artificial
authentication object was created it would never get updated. The
artificial authentication object would require a system restart for a
change to the default_realm to take effect.
Using the same auth section for inbound and outbound authentication is not
recommended. There is a difference in meaning for an empty realm setting
between inbound and outbound authentication uses.
An empty inbound auth realm represents the global section's default_realm
value when the authentication object is used to challenge an incoming
request. An empty outgoing auth realm is treated as a don't care wildcard
when the authentication object is used to respond to an incoming
authentication challenge.
Richard Mudgett [Mon, 13 Feb 2017 23:11:06 +0000 (17:11 -0600)]
pjproject: Fixes to resolve DNS SRV crashes.
* Re #1945 (misc): Don't trigger SRV complete callback when there is a
parse error.
* srv_resolver.c: Don't try to send query if already considered resolved.
** In resolve_hostnames() don't try to resolve a query that is already
considered resolved.
** In resolve_hostnames() fix DNS typo in comments.
** In build_server_entries() move a common expression assigning to cnt
earlier.
* sip_transport.c: Fix tdata object name to actually contain the pointer.
It helps if the logs referencing a tdata object buffer actually have a
name that includes the correct pointer as part of the name. Also since
the tdata has its own pool it helps if any logs referencing the pool have
the same name as the tdata object. This change brings tdata logging in
line with how tsx objects are named.
Richard Mudgett [Sat, 4 Feb 2017 22:00:14 +0000 (16:00 -0600)]
res_pjsip: Record the serializer earlier on the tdata.
When PJPROJECT needs to do a DNS resolution and there is not a cached
entry available, the SIP request message goes out on the PJSIP monitor
thread instead of the original serializer thread. Thus when the response
comes back it does not get processed by the original sending serializer.
This patch records the serializer on tdata before passing a request
message to PJPROJECT where it can in Asterisk code. There are several
places in PJPROJECT for outbound registration and publishing support that
would need to record the serializer. Unfortunately, without replacing the
PJPROJECT DNS resolver as was done in v14 we cannot fix those without
modifying PJPROJECT.
Even if we backported the DNS resolver from v14, the outbound registration
refresh timer does not go out on a serializer thread but the PJSIP monitor
thread. Fortunately, Asterisk's outbound publish support doesn't use the
auto refresh timer that would also not go out under the serializer thread.
projects / thirdparty / asterisk.git / log
