Matthew Jordan [Mon, 20 Oct 2014 14:10:28 +0000 (14:10 +0000)]
AST-2014-011: Fix POODLE security issues
There are two aspects to the vulnerability:
(1) res_jabber/res_xmpp use SSLv3 only. This patch updates the module to use
TLSv1+. At this time, it does not refactor res_jabber/res_xmpp to use the
TCP/TLS core, which should be done as an improvement at a latter date.
(2) The TCP/TLS core, when tlsclientmethod/sslclientmethod is left unspecified,
will default to the OpenSSL SSLv23_method. This method allows for all
encryption methods, including SSLv2/SSLv3. A MITM can exploit this by
forcing a fallback to SSLv3, which leaves the server vulnerable to POODLE.
This patch adds WARNINGS if a user uses SSLv2/SSLv3 in their configuration,
and explicitly disables SSLv2/SSLv3 if using SSLv23_method.
For TLS clients, Asterisk will default to TLSv1+ and WARN if SSLv2 or SSLv3 is
explicitly chosen. For TLS servers, Asterisk will no longer support SSLv2 or
SSLv3.
Much thanks to abelbeck for reporting the vulnerability and providing a patch
for the res_jabber/res_xmpp modules.
Review: https://reviewboard.asterisk.org/r/4096/
ASTERISK-24425 #close
Reported by: abelbeck
Tested by: abelbeck, opsmonitor, gtjoseph
patches:
asterisk-1.8-jabber-tls.patch uploaded by abelbeck (License 5903)
asterisk-11-jabber-xmpp-tls.patch uploaded by abelbeck (License 5903)
AST-2014-011-1.8.diff uploaded by mjordan (License 6283)
AST-2014-011-11.diff uploaded by mjordan (License 6283)
Matthew Jordan [Fri, 17 Oct 2014 13:09:20 +0000 (13:09 +0000)]
channels/chan_sip: Respect outboundproxy setting when sending qualify requests
The outboundproxy setting is currently ignored when sending OPTIONS requests
as a result of the qualify setting. This means that if an Asterisk server is
unable to send the packet directly to a peer, it is unable to qualify any
non-inbound registered peer (e.g. a peer SIP Trunk).
This patch grabs the outboundproxy information for a peer when a qualify
attempt is being constructed and, if it finds the information, uses it
when sending the OPTIONS request.
Fix loss of voice after second call drops (on a second line) in case using multiple lines on unistim phones. There is regression was introduced in r391379.
Corey Farrell [Tue, 14 Oct 2014 16:44:13 +0000 (16:44 +0000)]
res_fax: Fix reference leak caused by gateway sessions
Fax gateway session objects can be re-used, causing the
same gateway session to be added to faxregistry.container
more than once. This change causes fax_session_new to
remove the reserved session from the container before
it's id is changed, ensuring it's possible for the
session to be freed.
Corey Farrell [Tue, 14 Oct 2014 16:17:52 +0000 (16:17 +0000)]
res_fax: Resolve module reference leak caused by reserved sessions
Remove reference to module providing reserved session after
adding a reference to the final module. This re-reference
is done to ensure that module references are correct even
if the final session selects a different module than the
reserved session.
Walter Doekes [Sun, 12 Oct 2014 08:13:07 +0000 (08:13 +0000)]
chan_sip: Fix so asterisk won't send reINVITE after a BYE.
After a reINVITE glare situation, Asterisk would re-send the reINVITE
even though the call had been hung up in the mean time. This patch
unschedules the reinvite when handling the BYE.
ASTERISK-22791 #close
Reported by: Paolo Compagnini
Tested by: Paolo Compagnini
Review: https://reviewboard.asterisk.org/r/4056/
(testcase is in review r4055)
........
Merged revisions 425296 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Walter Doekes [Sun, 12 Oct 2014 07:51:50 +0000 (07:51 +0000)]
build: Relax badshell tilde test to allow for ~ in middle of DESTDIR.
The main Makefile has a target test called 'badshell' that tests if
DESTDIR does not happen to have an an-expanded tilde (~). This might
be the case if you run: make install DESTDIR=~/somewhere/
That test also disallowed valid tildes in directory names. The test is
now changed to only trigger on a tilde at the start of the path.
Kinsey Moore [Fri, 10 Oct 2014 12:55:56 +0000 (12:55 +0000)]
CallerID: Fix parsing regression
This fixes a regression in callerid parsing introduced when another bug
was fixed. This bug occurred when the name was composed entirely of
DTMF keys and quoted without a number section (<>).
ASTERISK-24406 #close
Reported by: Etienne Lessard
Tested by: Etienne Lessard
Patches:
callerid_fix.diff uploaded by Kinsey Moore
Review: https://reviewboard.asterisk.org/r/4067/
........
Merged revisions 425152 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Walter Doekes [Fri, 10 Oct 2014 07:25:56 +0000 (07:25 +0000)]
chan_sip: Fix dialog leak resulting from missing ACK to re-INVITE.
If a device re-INVITEs at the same time as the dialog is hung up, and
if then the ACK to the re-INVITE never reaches Asterisk, chan_sip would
fail to destroy the dialog after a while. This resulted in (most
prominently) file handle leaks.
Kevin Harwell [Thu, 9 Oct 2014 21:26:43 +0000 (21:26 +0000)]
res_rtp_asterisk: Crash if no candidates received for component
When starting ice if there is not at least one remote ice candidate with an RTP
component asterisk will crash. This is due to an assertion in pjnath as it
expects at least one candidate with an RTP component. Added a check to make
sure at least one candidate contains an RTP component and at least one candidate
has an RTCP component.
Walter Doekes [Thu, 9 Oct 2014 08:06:26 +0000 (08:06 +0000)]
safe_asterisk: Don't automatically exceed MAXFILES value of 2^20.
On systems with lots of RAM (e.g. 24GB) /proc/sys/fs/file-max divided
by two can exceed the per-process file limit of 2^20. This patch
ensures the value is capped.
(Patch cleaned up by me.)
ASTERISK-24011 #close
Reported by: Michael Myles
Patches:
safe_asterisk-ulimit.diff uploaded by Michael Myles (License #6626)
........
Merged revisions 424875 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Joshua Colp [Wed, 8 Oct 2014 18:44:30 +0000 (18:44 +0000)]
res_rtp_asterisk: Allow only UDP ICE candidates.
The underlying library, pjnath, that res_rtp_asterisk uses for ICE
support does not have support for ICE-TCP. As candidates are
passed through directly to it this can cause error messages to occur
when it receives something unexpected (such as a TCP candidate).
This change merely ignores all non-UDP candidates so they never
reach pjnath.
Corey Farrell [Tue, 7 Oct 2014 21:30:07 +0000 (21:30 +0000)]
astobj2: Correct REF_DEBUG false leak report
When ao2_callback is run with OBJ_MULTIPLE and not OBJ_NODATA
it allocates a temporary container in a way that does not
record REF_DEBUG log entries. This changes that container
to correctly record unref's when the container is freed.
Matthew Jordan [Mon, 6 Oct 2014 18:36:48 +0000 (18:36 +0000)]
message: Don't close an AMI connection on SendMessage action error
If SendMessage encounters an error (such as incorrect input provided to the
action), it will currently return -1. Actions should only return -1 if the
connection to the AMI client should be closed. In this case, SendMessage
causing the client to disconnect is inappropriate.
This patch causes the action to return 0, which simply causes the action to
fail.
Review: https://reviewboard.asterisk.org/r/4024
ASTERISK-24354 #close
Reported by: Peter Katzmann
patches:
sendMessage.patch uploaded by Peter Katzmann (License 5968)
res_rtp_asterisk: Ensure that the base and mapped address for candidates is present in SDP.
This change fixes an issue where ICE candidates put into the SDP did not contain
the 'raddr' and 'rport' information for server reflexive and relay candidates.
Richard Mudgett [Fri, 26 Sep 2014 15:18:25 +0000 (15:18 +0000)]
res_fax: Fix out of bounds error in update_modem_bits().
ASTERISK-24357 #close
Reported by: Jeremy Laine
Patches:
res_fax_bounds.patch (license #6561) patch uploaded by Jeremy Laine
Modified patch to not use magic numbers.
........
Merged revisions 423979 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Richard Mudgett [Thu, 18 Sep 2014 16:30:10 +0000 (16:30 +0000)]
astobj2.c/refcounter.py: Fix to deal with invalid object refs.
* Make astob2 REF_DEBUG output an invalid object line when an invalid ao2
object ref/unref is attempted. This is similar to the
constructor/destructor lines.
* Fixed refcounter.py to handle skewed objects that have
constructor/destructor states.
* Made refcounter.py highlight the invalid ao2 object refs by putting them
in their own section of the processed output file.
* Made refcounter.py highlight unreffing an object by more than one that
results in a negative ref count and the object being destroyed. The
abnormally destroyed object is reported in the invalid and finalized
object sections of the output.
George Joseph [Thu, 18 Sep 2014 14:42:26 +0000 (14:42 +0000)]
config: bug: Fix SEGV in ast_category_insert when matching category isn't found
If you call ast_category_insert with a match category that doesn't exist, the
list traverse runs out of 'next' categories and you get a SEGV. This patch
adds check for the end-of-list condition and changes the signature to return
an int for success/failure indication instead of a void.
The only consumer of this function is manager and it was also changed to use
the return value.
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3993/
........
Merged revisions 423276 from http://svn.asterisk.org/svn/asterisk/branches/1.8
res_rtp_asterisk: Fix a myriad of TURN client issues.
1. The number of file descriptors an ioqueue instance can handle is fixed, so we
now spawn the required number to handle the load.
2. Our transport identifiers were exceeding the range supported by pjnath.
3. The TURN client did not set up client binding causing needless bandwidth usage.
4. The code no longer updates address information on each packet.
5. STUN traffic was getting looped back to Asterisk instead of going through the
TURN server.
6. Synchronization now ensures things are completely setup or destroyed.
7. Logging now reflects the target the TURN server is sending to/receiving from
on our behalf.
Kinsey Moore [Fri, 12 Sep 2014 18:18:44 +0000 (18:18 +0000)]
Bridging: Fix bouncing native bridge
This fixes a situation in Asterisk 1.8 and 11 where ast_channel_bridge
could cause a bouncing native bridge. In the case of the
dial_LS_options test, this was a remote RTP bridge which caused the
audio path to continually cycle between Asterisk and the remote
endpoints generating a large number of SIP messages and delaying the
test long enough to cause it to fail (checking timing was part of the
test). The root cause was that the code to decide whether to use native
bridging was expecting a time-remaining value of 0 to be the default
instead of the actual default value of -1. A value of 0 or negative
numbers could also be generated by preceding code in some
circumstances. Both issues are addressed in this patch.
ASTERISK-24211 #close
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3987/
........
Merged revisions 423006 from http://svn.asterisk.org/svn/asterisk/branches/1.8
George Joseph [Wed, 10 Sep 2014 16:01:44 +0000 (16:01 +0000)]
config: bug: fix truncation of included config files on permissions error
ast_config_text_file_save() currently truncates include files as they
are processed. If a subsequent include file or the main config file has
a permissions error that prevents writing, earlier include files are left
truncated resulting in a frantic search for backups.
This patch causes ast_config_text_file_save to check for write access
on all files before it truncates any of them.
Will be applied 1.8 > trunk.
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3986/
........
Merged revisions 422900 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Rusty Newton [Sun, 7 Sep 2014 00:08:48 +0000 (00:08 +0000)]
Sounds/BuildSystem: Modifications to include new releases and Japanese language.
Modifying Makefile and sounds.xml to include new core 1.4.26 and extra 1.4.15
sound prompt releases, plus the new Japanese core sound prompts contributed
by QLOOG.
ASTERISK-23324
Reported by: Kevin McCoy
Tested by: Rusty Newton
........
Merged revisions 422789 from http://svn.asterisk.org/svn/asterisk/branches/1.8
George Joseph [Sat, 30 Aug 2014 17:22:00 +0000 (17:22 +0000)]
manager: Make WaitEvent action respect eventfilters
A WaitEvent issued via an http session isn't respecting eventfilters defined
for the user. I just added a match_filter to the predicate that controls
astman_append.
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3958/
........
Merged revisions 422439 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Fri, 29 Aug 2014 19:39:14 +0000 (19:39 +0000)]
doc: Add a manpage for the smsq utility
This patch adds a manpage for the smsq utility. Note that this is one of
the patches the Debian distro applies for the Asterisk project, as per
ASTERISK-24191.
Review: https://reviewboard.asterisk.org/r/3895/
ASTERISK-24171 #close
Reported by: Jeremy Laine
patches:
smsq.8 uploaded by Jeremy Laine (License 6561)
........
Merged revisions 422376 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Fri, 29 Aug 2014 19:32:04 +0000 (19:32 +0000)]
doc: Add a manpage for the aelparse utility
This patch adds a manpage for the aelparse utility. Note that this is one of
the patches the Debian distro applies for the Asterisk project, as per
ASTERISK-24191.
Review: https://reviewboard.asterisk.org/r/3896/
ASTERISK-24171 #close
Reported by: Jeremy Laine
patches:
aelparse.8 uploaded by Jeremy Laine (License 6561)
........
Merged revisions 422371 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Thu, 28 Aug 2014 21:53:11 +0000 (21:53 +0000)]
LICENSE: Clarify language in Asterisk's LICENSE to allow for linking to UniMRCP
The UniMRCP project distributes Asterisk modules that integrate Asterisk with
UniMRCP, and other Asterisk users use the UniMRCP library as well.
Unfortunately, the UniMRCP license is Apache 2.0, which per the Free Software
Foundation, is not a compatible license with the GPLv2.
"Please note that this license is not compatible with GPL version 2, because it
has some requirements that are not in that GPL version. These include certain
patent termination and indemnification provisions. The patent termination
provision is a good thing, which is why we recommend the Apache 2.0 license for
substantial programs over other lax permissive licenses."
On the other hand, UniMRCP is a great project and we'd like to let people use
it with Asterisk.
This patch updates the LICENSE text to allow users to link Asterisk with
UniMRCP and distribute the resulting binaries.
........
Merged revisions 422293 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Michael L. Young [Thu, 28 Aug 2014 20:26:58 +0000 (20:26 +0000)]
chan_iax2: Fix Dynamic IAX2 Registrations After Temporary DNS Failure
The reporter on the issue found some issues when upgrading from version 10 to 11
on 55 hosts.
Two situations that can occur with dynamic registrations.
1. With dnsmgr disabled, if the host is not resolvable we are not trying to
resolve the host again when it is time to attempt to register again. This
results in never registering to the host.
2. With dnsmgr enabled, when the host is temporarily not resolvable the
address is set to 0.0.0.0:0 and then when the host is resolvable the port
is not being restored and stays set to 0.
This patch resolves these two issues by:
* Storing the hostname so that it can be used for resolving with DNS.
* Resolve the hostname on the next scheduled attempt to register.
* Storing the port used to reach the host so that when the hostname is
resolvable again, we can set the port again if the port is still unset after
looking up the host.
ASTERISK-23767 #close
Reported by: David Herselman
Tested by: David Herselman, Michael L. Young
Patches:
asterisk-23767-dns_reg_retry_and_set_port_11_v3.diff
uploaded by Michael L. Young (license 5026)
Kinsey Moore [Wed, 27 Aug 2014 15:01:33 +0000 (15:01 +0000)]
CallerID: Fix parsing of malformed callerid
This allows the callerid parsing function to handle malformed input
strings and strings containing escaped and unescaped double quotes.
This also adds a unittest to cover many of the cases where the parsing
algorithm previously failed.
Richard Mudgett [Mon, 25 Aug 2014 16:07:28 +0000 (16:07 +0000)]
res_musiconhold: Fix MOH restarting where it left off from the last hold.
Restore code removed by https://reviewboard.asterisk.org/r/3536/ that
introduced a regression that prevents MOH from restarting were it left off
the last time.
ASTERISK-24019 #close
Reported by: Jason Richards
Patches:
jira_asterisk_24019_v1.8.patch (license #5621) patch uploaded by rmudgett
Joshua Colp [Sun, 24 Aug 2014 17:19:23 +0000 (17:19 +0000)]
chan_sip: Use the server reflexive ICE candidate RTCP port as provided.
This code originally worked around an issue within res_rtp_asterisk itself.
The wrong socket was being used for the STUN check for RTCP, causing the
port to be the same as RTP. This was subsequently fixed and the RTCP port
provided for the ICE candidate is correct and does not need to be incremented.
Jonathan Rose [Thu, 21 Aug 2014 21:00:31 +0000 (21:00 +0000)]
res_musiconhold: Fix reference leaks caused when reloading with REF_DEBUG set
Due to a faulty function for debugging reference decrementing, it was possible
to reduce the refcount on the wrong object if two moh classes of the same name
were in the moh class container.
(closes issue ASTERISK-22252)
Reported by: Walter Doekes
Patches:
18_moh_debug_ref_patch.diff Uploaded by Jonathan Rose (license 6182)
........
Merged revisions 398937 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Thu, 21 Aug 2014 17:32:52 +0000 (17:32 +0000)]
chan_sip: Don't use port derived from fromdomain if it isn't set
If a user does not provide a port in the fromdomain setting, chan_sip will set
the fromdomainport to STANDARD_SIP_PORT (5060). The fromdomainport value will
then get used unilaterally in certain places. This causes issues with TLS,
where the default port is expected to be 5061.
This patch modifies chan_sip such that fromdomainport is only used if it is
not the standard SIP port; otherwise, the port from the SIP pvt's recorded
self IP address is used.
Richard Mudgett [Wed, 20 Aug 2014 22:17:44 +0000 (22:17 +0000)]
cli.c: Fix tab completion of "module load" when MALLOC_DEBUG is enabled.
filename_completion_function() returns memory that was not allocated by
the MALLOC_DEBUG allocation tracker so the memory must be freed by
ast_std_free().
........
Merged revisions 421600 from http://svn.asterisk.org/svn/asterisk/branches/1.8
George Joseph [Mon, 18 Aug 2014 20:16:08 +0000 (20:16 +0000)]
func_config: Change 'Not Found' message from ERROR to DEBUG
When you call the CONFIG dialplan function with the name of a variable that
doesn't exist in the target context you get an ERROR. This does nothing but
clutter up the logs with messages that may be perfectly acceptable. Just
because a variable wasn't in the context doesn't mean it's an error. Maybei
t's optional or just needs to be defaulted or ignored.
This patch changes the log level from ERROR to DEBUG. If a dialplan developer
wants to debug their dialplan they still canby setting the console debug level
as needed.
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3919/
........
Merged revisions 421327 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Sun, 17 Aug 2014 23:07:06 +0000 (23:07 +0000)]
apps/app_dial: Fix Dial 'z' option
The 'z' option is supposed to disable the dial timeout in the case of a call
forward. Unfortunately, the wrong timeout timer was passed to the do_forward
function, resulting in the option not working.
Matthew Jordan [Sun, 17 Aug 2014 22:32:25 +0000 (22:32 +0000)]
configure: Undefine FORTIFY_SOURCE prior to defining it for patched gcc
Some distributions of Linux patch gcc to define FORTIFY_SOURCE when gcc is
executed with optimization. This "help" unfortunately results in re-definition
warnings when FORTIFY_SOURCE is later defined in Asterisk's build system. This
patch undefines FORTIFY_SOURCE prior to defining it to prevent this warning.
Review: https://reviewboard.asterisk.org/r/3912/
ASTERISK-24032 #close
Reported by: Kilburn
Tested by: Kilburn, wdoekes
patches:
1.8.diff uploaded by cloos (License 5956)
10.diff uploaded by cloos (License 5956)
11.diff uploaded by cloos (License 5956)
12.diff uploaded by cloos (License 5956)
13.diff uploaded by cloos (License 5956)
........
Merged revisions 421227 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Fri, 15 Aug 2014 15:36:44 +0000 (15:36 +0000)]
app_voicemail/app: Remove test events that were duplicated by r421059
Moving the test event raised when a file is played back (which occurred in
r421059) broke the ever loving snot out of the voicemail tests. This caused
duplicate test events to get raised, as app_voicemail and main/app were raising
events prior to call ast_streamfile. The voicemail tests did not enjoy getting
multiple events.
Since raising the playback event in ast_streamfile is far more useful to the
vast majority of tests, this patch keeps the call there and simply removes the
extraneous calls that duplicated the event.
........
Merged revisions 421125 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Walter Doekes [Mon, 11 Aug 2014 10:36:38 +0000 (10:36 +0000)]
general: Fix memory Corruption in __ast_string_field_ptr_build_va.
If the space left in a stringfield is between 0 and
(alignof(ast_string_field_allocation)-1) adding new data would cause
memory corruption, because we would assume enough space (unsigned
underrun).
Thanks Arnd Schmitter for reporting and finding out the cause!
George Joseph [Wed, 6 Aug 2014 16:08:07 +0000 (16:08 +0000)]
pbx_lua: fix regression with global sym export and context clash by pbx_config.
ASTERISK-23818 (lua contexts being overwritten by contexts of the same name in
pbx_config) surfaced because pbx_lua, having the AST_MODFLAG_GLOBAL_SYMBOLS
set, was always force loaded before pbx_config. Since I couldn't find any
reason for pbx_lua to export it's symbols to the rest of Asterisk, I simply
changed the flag to AST_MODFLAG_DEFAULT. Problem solved. What I didn't
realize was that the symbols need to be exported not because Asterisk needs
them but because any external Lua modules like luasql.mysql need the base
Lua language APIs exported (ASTERISK-17279).
Back to ASTERISK-23818... It looks like there's an issue in pbx.c where
context_merge was only merging includes, switches and ignore patterns if
the context was already existing AND has extensions, or if the context was
brand new. If pbx_lua is loaded before pbx_config, the context will exist
BUT pbx_lua, being implemented as a switch, will never place extensions in
it, just the switch statement. The result is that when pbx_config loads,
it never merges the switch statement created by pbx_lua into the final
context.
This patch sets pbx_lua's modflag back to AST_MODFLAG_GLOBAL_SYMBOLS and adds
an "else if" in context_merge that catches the case where an existing context
has includes, switchs or ingore patterns but no actual extensions.
ASTERISK-23818 #close
Reported by: Dennis Guse
Reported by: Timo Teräs
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3891/
........
Merged revisions 420146 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Rusty Newton [Mon, 4 Aug 2014 19:44:08 +0000 (19:44 +0000)]
Manager - Improve documentation for manager commands Getvar and Setvar.
The documentation for these commands did not make it clear that they could
accept expressions and functions. Modified to make this clear, but tried
not to be overly explicit.
ASTERISK-21178 #close
Reported by: Rusty Newton
Tested by: Rusty Newton
Richard Mudgett [Fri, 25 Jul 2014 23:13:48 +0000 (23:13 +0000)]
features.c: Allow appliationmap to use Gosub.
Using DYNAMIC_FEATURES with a Gosub application as the mapped application
does not work. It does not work because Gosub just pushes the current
dialplan context, exten, and priority onto a stack and sets the specified
Gosub location. Gosub does not have a dialplan execution loop to run
dialplan like Macro.
* Made the DYNAMIC_FEATURES application mapping feature call
ast_app_exec_macro() and ast_app_exec_sub() for the Macro and Gosub
applications respectively.
* Backported ast_app_exec_macro() and ast_app_exec_sub() from v11 to
execute dialplan routines from the DYNAMIC_FEATURES application mapping
feature.
NOTE: This issue does not affect v12+ because it already does what this
patch implements.
chan_sip: sip_subscribe_mwi_destroy should not call sip_destroy
sip_subscribe_mwi_destroy calls sip_destroy on the reference counted
mwi->call. This results in the fields of mwi->call being freed, but
mwi->call itself it leaked. If other code is still using mwi->call
it can cause problems. This change uses dialog_unref instead, to
balance the ref provided by sip_alloc().
When updating voicemail.conf when a user changes
their pin, change the generator string to be the
same as the module name when reading so that the
same config_hook will be called.
Matthew Jordan [Tue, 15 Jul 2014 22:05:16 +0000 (22:05 +0000)]
manager: Return ActionID on nominal responses to PresenceState action
When the PresenceState action is executed, the nominal path fails to include
the ActionID in the successful response. This patch adds a call to
astman_start_ack, which guarantees that an ActionID (if provided) will be
sent back to the AMI client.
Jonathan Rose [Tue, 15 Jul 2014 17:32:15 +0000 (17:32 +0000)]
func_uri: URIENCODE/URIDECODE - allow empty strings as argument
Previously these two dialplan functions would issue warnings and
return failure when an empty string is used as the argument. Now
they will not issue a warning and will successfully return an
empty string.
ASTERISK-23911 #close
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3745/
........
Merged revisions 418641 from http://svn.asterisk.org/svn/asterisk/branches/1.8
config: inform config hook of change when writing file
When updated configuration is written back to the conf
file - for example when a user changes their voicemail
pin, make sure that any config hook that wants to know
of changes is informed.
The new inband_on_setup_ack option causes Asterisk to assume inband audio
may be present when a SETUP_ACKNOWLEDGE message is received.
Q.931 Section 5.1.3 says that in scenarios with overlap dialing, when a
dialtone is sent from the network side, progress indicator 8 "Inband info
now available" MAY be sent to the CPE if no digits were received with the
SETUP. It is thus implied that the ie is mandatory if digits came with
the SETUP and dialtone is needed. This option should be enabled, when the
network sends dialtone and you want to hear it, but the network doesn't
send the progress indicator when needed.
NOTE: For Q.SIG setups this option should be enabled when outgoing overlap
dialing is also enabled because Q.SIG does not send the progress indicator
with the SETUP ACK.
The commit -r413714 (AST-1338) which causes this issue was dealing with a
SIP-to-ISDN interoperability issue.
This commit is a merge of the two patches indicated below.
ASTERISK-23897 #close
Reported by: Pavel Troller
Patches:
pri-4.diff (license #6302) patch uploaded by Pavel Troller
jira_asterisk_23897_v11.patch (license #5621) patch uploaded by rmudgett
Matthew Jordan [Thu, 3 Jul 2014 11:24:50 +0000 (11:24 +0000)]
main/untils: Prevent potential infinite loop in ast_careful_fwrite
A loop in ast_careful_fwrite exists that will continually attempt to write to
a file stream, even in the presence of EAGAIN/EINTR errors. However, if a
connection that uses ast_careful_fwrite closes suddenly, ast_careful_fwrite's
call to fflush may return EAGAIN/EINTER along with EOF. A subsequent call to
fflush will return EOF but not clear errno, resulting in an infinite loop.
This patch clears errno after it is detected and handled the loop, such that
any subsequent call to fflush will not get erroneously stuck.
Review: https://reviewboard.asterisk.org/r/3704
#ASTERISK-23984 #close
Reported by: Steve Davies
patches:
fflush_loop_fix uploaded by one47 (License 5012)
........
Merged revisions 417797 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Joshua Colp [Mon, 30 Jun 2014 19:42:18 +0000 (19:42 +0000)]
res_rtp_asterisk: Add SHA-256 support for DTLS and perform DTLS negotiation on RTCP.
This change fixes up DTLS support in res_rtp_asterisk so it can accept and provide
a SHA-256 fingerprint, so it occurs on RTCP, and so it occurs after ICE negotiation
completes. Configuration options to chan_sip have also been added to allow behavior
to be tweaked (such as forcing the AVP type media transports in SDP).
Matthew Jordan [Mon, 30 Jun 2014 03:23:20 +0000 (03:23 +0000)]
chan_sip: be more tolerant of whitespace between attributes in SDP fmtp line
This patch is essentially a backport of a small portion of r397526 from
ASTERISK-21981. In that patch, pass through support and format attribute
negotiation was added for Opus. Part of that included being more tolerant to
whitespace in the fmtp line of an SDP; that part of the patch is being
applied here.
As the author of the backport pointed out, in SDP, the fmtp line is allowed to
include whitespace between attributes. RFC 3267 chapter 8.3 (from 2001)
includes an example for this. This was not removed in the updated RFC 4867 in
2007.
Review: https://reviewboard.asterisk.org/r/3658
ASTERISK-23916 #close
Reported by: Alexander Traud
patches:
sdpFMTPspace_Asterisk11.patch uploaded by Alexander Traud (License 6520)
........
Merged revisions 417587 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Corey Farrell [Fri, 27 Jun 2014 19:26:07 +0000 (19:26 +0000)]
Ensure REF_DEBUG records entrys for attempts to ao2_ref an invalid object
This change ensures that __ao2_ref_debug writes to ref_log when given a
non-NULL pointer to an invalid ao2 object. This is to ensure that we
record any attempt manipulate references of already freed objects.
Matthew Jordan [Thu, 26 Jun 2014 12:22:22 +0000 (12:22 +0000)]
udptl: Correct FEC to not consider negative sequence numbers as missing
When using FEC, with span=3 and entries=4 Asterisk will attempt to repair
the packet with sequence number 5, as it will see that packet -4 is
missing. The result is Asterisk sending garbage packets that can kill a
fax.
This patch adds a check to see if the sequence number is valid before
checking if the packet is missing.
Matthew Jordan [Thu, 26 Jun 2014 12:06:22 +0000 (12:06 +0000)]
res_http_websocket: Close websocket correctly and use careful fwrite
When a client takes a long time to process information received from Asterisk,
a write operation using fwrite may fail to write all information. This causes
the underlying file stream to be in an unknown state, such that the socket
must be disconnected. Unfortunately, there are two problems with this in
Asterisk's existing websocket code:
1. Periodically, during the read loop, Asterisk must write to the connected
websocket to respond to pings. As such, Asterisk maintains a reference to
the session during the loop. When ast_http_websocket_write fails, it may
cause the session to decrement its ref count, but this in and of itself
does not break the read loop. The read loop's write, on the other hand,
does not break the loop if it fails. This causes the socket to get in a
'stuck' state, preventing the client from reconnecting to the server.
2. More importantly, however, is that the fwrite in ast_http_websocket_write
fails with a large volume of data when the client takes awhile to process
the information. When it does fail, it fails writing only a portion of
the bytes. With some debugging, it was shown that this was failing in a
similar fashion to ASTERISK-12767. Switching this over to ast_careful_fwrite
with a long enough timeout solved the problem.
Rusty Newton [Mon, 23 Jun 2014 14:35:53 +0000 (14:35 +0000)]
main/features - documentation - reformat examples and options in features.conf.sample to show clearly which options apply in which section
The features.conf sample can be a bit confusing about what parking options can be set only in the general context, or both in the general context (for the default parking lot) and in other parking lot contexts. A bug was filed due to confusion and a little googling will show lots of other confused users.
Despite some comments on the individual options, it still reads in a confusing way. In this patch I separate out those options with some headings in to attempt a better layout. I went ahead and modified other headings in the file, or added them to facilitate better visual scanning.
George Joseph [Sun, 22 Jun 2014 20:52:19 +0000 (20:52 +0000)]
build: Turn FORTIFY_SOURCE off if DONT_OPTIMIZE is set.
AST_FORTIFY_SOURCE is automatically set in ./Makefile even if DONT_OPTIMIZE
is set in menuselect. This causes gcc to complain that _FORTIFY_SOURCE
requires optimization and the build will fail. You can specify
"make AST_FORTIFY_SOURCE=''" but I always forget.
This patch moves the set of AST_FORTIFY_SOURCE to Makefile.rules and only
sets it if DONT_OPTIMIZE is "no". The move is necessary because the
top-level Makefile doesn't include menuselect.makeopts.
This doesn't solve the entire problem however because res_config_mysql
seems to force _FORTIFY_SOURCE so res_config_mysql has to be disabled
for now if DONT_OPTIMIZE is set.
Tested by: George Joseph
Review: https://reviewboard.asterisk.org/r/3664/
........
Merged revisions 417016 from http://svn.asterisk.org/svn/asterisk/branches/1.8
George Joseph [Fri, 20 Jun 2014 23:14:52 +0000 (23:14 +0000)]
build: Allow autoconf/ast_ext_tool_check to handle cross-compiling better.
ast_ext_tool_check.m4 isn't handling cases where a path to a package is
provided (E.G. --with-mysqlclient=/some/sysroot) and the package has a config
tool (E.G. mysql_config) and the package has its own subdirectories in include
or lib. For example, mysql's libraries are in ${MYSQLCLIENT_DIR}/usr/lib/mysql
but ast_ext_tool_check sets MYSQLCLIENT_LIB to ${MYSQLCLIENT_DIR}/usr/lib.
libxml2 has the same problem with its includes. They're in
${LIBXML2_DIR}/usr/include/libxml2 not directly in ${LIBXML2_DIR}/usr/include.
Both cause configure to fail and there are others in the same boat.
The problem is caused by logic in ast_ext_tool_check that overrides the result
of the config tool's --cflags and --libs options if package_DIR is set.
This patch prepends package_DIR (if specified) to the -L and -I results from
the package's config tool instead of overriding them.
A regenerated ./configure and include/asterisk/autoconfig.h.in are included
but can be regenerated by running ./bootstrap.sh at any time.
Tested by: George Joseph
Tested by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3550/
........
Merged revisions 416929 from http://svn.asterisk.org/svn/asterisk/branches/1.8
George Joseph [Fri, 20 Jun 2014 21:57:00 +0000 (21:57 +0000)]
build: Allow autoconf/ast_ext_tool_check to handle cross-compiling better.
ast_ext_tool_check.m4 isn't handling cases where a path to a package is
provided (E.G. --with-mysqlclient=/some/sysroot) and the package has a config
tool (E.G. mysql_config) and the package has its own subdirectories in include
or lib. For example, mysql's libraries are in ${MYSQLCLIENT_DIR}/usr/lib/mysql
but ast_ext_tool_check sets MYSQLCLIENT_LIB to ${MYSQLCLIENT_DIR}/usr/lib.
libxml2 has the same problem with its includes. They're in
${LIBXML2_DIR}/usr/include/libxml2 not directly in ${LIBXML2_DIR}/usr/include.
Both cause configure to fail and there are others in the same boat.
The problem is caused by logic in ast_ext_tool_check that overrides the result
of the config tool's --cflags and --libs options if package_DIR is set.
This patch prepends package_DIR (if specified) to the -L and -I results from
the package's config tool instead of overriding them.
Tested by: George Joseph
Tested by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3550/
George Joseph [Thu, 19 Jun 2014 16:02:12 +0000 (16:02 +0000)]
Remove the problematic and unneeded AST_MODFLAG_GLOBAL_SYMBOLS from pbx_lua.c
AST_MODFLAG_GLOBAL_SYMBOLS was causing the module to be incorrectly loaded
before pbx_config. pbx_config was therefore blowing away contexts that were
created by pbx_lua. With AST_MODFLAG_DEFAULT the load order is now correct
and contexs are being properly merged. AST_MODFLAG_GLOBAL_SYMBOLS was not
needed anyway since no other modules needed its global symbols that early.
ASTERISK-23818 #close
Reported by: Dennis Guse
Tested by: Dennis Guse
Tested by: George Joseph
George Joseph [Wed, 18 Jun 2014 17:06:39 +0000 (17:06 +0000)]
Update extensions.lua.sample with naming conflict guidance.
The sample extensions.lua was causing pbx_lua to fail to load when parsing
'app.goto("default", "s", 1)' because in Lua 5.2, 'goto' is now a reserved
word. This patch adds guidance to extensions.lua.sample and changed
'app.goto("default", "s", 1)' to 'app.['goto']("default", "s", 1)'.
projects / thirdparty / asterisk.git / log
