Josh Roberson [Mon, 27 Mar 2017 16:49:08 +0000 (11:49 -0500)]
cel_pgsql.c: Fix buffer overflow calling libpq
PQEscapeStringConn() expects the buffer passed in to be an
adequitely sized buffer to write out the escaped SQL value string
into. It is possible, for large values (such as large values to
Dial with a lot of devices) to have more than our 512+1 byte
allocation and thus cause libpq to create a buffer overrun.
glibc will nicely ABRT asterisk for you, citing a stack smash.
Let's only allocate it to be as large as needed:
If we have a value, then (strlen(value) * 2) + 1 (as recommended
by libpq), and if we have none, just one byte to hold our null
will do.
Sean Bright [Mon, 27 Mar 2017 13:58:17 +0000 (09:58 -0400)]
res_musiconhold: Don't chdir() when scanning MoH files
There doesn't appear to be any reason that we are chdir'ing in
moh_scan_files, and in the event of an Asterisk crash, the core files
may not get written because we have changed into a read-only directory.
Sean Bright [Fri, 24 Mar 2017 16:29:10 +0000 (12:29 -0400)]
res_pjsip_sdp_rtp: Set hangup cause for RTP timeouts
chan_sip sets the hangup cause code to AST_CAUSE_REQUESTED_CHAN_UNAVAIL
(44) when a channel is hung up due to an RTP timeout. So do the same
when it happens with PJSIP for parity.
Kevin Harwell [Thu, 23 Mar 2017 17:07:09 +0000 (12:07 -0500)]
pjproject_bundled: raise timeout value used when downloading
After configuring Asterisk with '--with-pjproject-bundled' the configure/build
process attempts to download pjproject from its download site. Currently, a
timeout of 10 seconds is used that will stop the download process if pjproject
has not been fully downloaded in that time. For some systems this was not enough
time and the process was timing out too early.
This patch raises the download timeout value to '60'. Also, this patch fixes
another bug where the DOWNLOAD_TIMEOUT variable was not being properly exported
due to a naming error. DOWNLOAD_MAX_TIMEOUT is now properly renamed to
DOWNLOAD_TIMEOUT.
Sean Bright [Thu, 23 Mar 2017 01:33:02 +0000 (21:33 -0400)]
res_xmpp: Correct implementation of JABBER_STATUS & JabberStatus
The documentation for JABBER_STATUS (and the deprecated JabberStatus
app) indicate that a return value of 7 indicates that the specified
buddy was not in the roster. It also indicates that you can specify a
"bare" JID (one without a resource). Unfortunately the actual behavior
does not match the documented behavior.
Assuming that our roster includes the buddy online and available
"valid@example.org/Valid" and does *not* include the buddy
"invalid@example.org", the JABBER_STATUS() function returns the
following before this patch:
+------------------------------+------------+--------------------------+
| Buddy | Status | Result |
+------------------------------+------------+--------------------------+
| valid@example.org | Online | 7 (Not in roster) |
| valid@example.org/Valid | Online | 1 (Online) |
| valid@example.org/Invalid | N/A | 7 (Not in roster) |
| invalid@example.org | N/A | Error logged, no return |
| invalid@example.org/Valid | N/A | Error logged, no return |
+------------------------------+------------+--------------------------+
Sean Bright [Thu, 23 Mar 2017 14:45:35 +0000 (10:45 -0400)]
res_xmpp: Try to provide useful errors messages from OpenSSL
If any errors occur during the TLS connection setup, we currently dump a
fairly generic error message. So instead we try to pull in something
useful from OpenSSL to report instead.
Sean Bright [Thu, 23 Mar 2017 10:19:18 +0000 (06:19 -0400)]
res_xmpp: Fix ref counting issue
The only remaining reference to the endpoint is in the endpoints
container, and because it is unlinked in ast_endpoint_shutdown, we don't
have to explicitly cleanup the endpoint ourselves.
Sean Bright [Wed, 22 Mar 2017 22:32:37 +0000 (18:32 -0400)]
res_xmpp: Don't crash when trying to send a message without a connection
If we never establish a connection to our Jabber server, iksemel never sets up
its internal transport pointer, so attempting to send a message dereferences a
NULL pointer and causes a crash.
Kevin Harwell [Mon, 20 Mar 2017 18:26:08 +0000 (13:26 -0500)]
rtp_engine: allocate RTP dynamic payloads per session
Dynamic payload types were statically defined in Asterisk. This unfortunately
limited the number of dynamic payloads that could be registered. With this patch
dynamic payload type numbers are now assigned dynamically and per RTP instance.
However, in order to limit any issues where some clients expect the old
statically defined value this patch makes it so the value Asterisk used to pre-
designate is used for the dynamic assignment if available.
An option, "rtp_use_dynamic", has also been added (can be set in asterisk.conf)
that turns the new dynamic behavior on or off. When off it reverts back to using
statically defined payload values. This option defaults to "no" in Asterisk 14.
ASTERISK-26515 #close
patches:
ASTERISK-26515.diff submitted by jcolp (license 5000)
cdr: Allow setting of user field from 'h' extension
The CDR code previously did not allow the user field to be set
from the 'h' extension in the dialplan. This change removes that
limitation and allows it to be set.
Support for RFC3578 overlap dialling (i.e. 484 Response to partially matched
destinations) as currently provided by chan_sip is missing from res_pjsip.
This patch adds a new endpoint attribute (allow_overlap) [defaults to yes]
which when set to yes enables 484 responses to partial destination
matches rather than the current 404.
Sean Bright [Tue, 21 Mar 2017 11:59:12 +0000 (07:59 -0400)]
res_hep: Capture actual transport type in use
Rather than hard-coding UDP, allow consumers of the HEP API to specify
which protocol is in use. Update the PJSIP provider to pass in the
current protocol type.
Sean Bright [Tue, 21 Mar 2017 13:26:28 +0000 (09:26 -0400)]
res_pjsip_messaging: Check URI type before dereferencing
We aren't validating that the URI we just parsed is a SIP/SIPS one before
trying to access the user, host, and port members of a possibly uninitialized
structure.
Also update the MessageSend documentation to indicate what 'from' formats are
accepted.
Sean Bright [Mon, 20 Mar 2017 21:27:24 +0000 (17:27 -0400)]
bridge_softmix: Ignore non-voice frames from translator
Some codecs - codec_speex specifically - take voice frames and return
other types of frames, like CNG. If we subsequently treat those as
voice frames, we'll run into trouble when destroying the frame because
of the requirement that each voice frame have an associated format.
Aaron An [Wed, 15 Mar 2017 04:49:12 +0000 (12:49 +0800)]
audiohook.c: Lost RTP packets lead to out-of-sync MixMonitor.
Fixed a bug in function "ast_audiohook_write_frame" that checked the
variable other_factory_samples and only flushed the factories, so they
would be in sync, when other_factory_samples > 0. When there is not any
rtp incoming the variable other_factory_samples will be 0, and although
the result of "our_factory_ms - other_factory_ms" may be very large,
this led to the record file not syncing.
ASTERISK-26875 #close Reported-by: Aaron An Tested-by: Aaron An
Change-Id: Ia4d890fb8fc1636a7188502bab35f555685aea22
Sean Bright [Sat, 18 Mar 2017 17:30:32 +0000 (13:30 -0400)]
thread safety: Don't use getprotobyname()
POSIX does not require getprotobyname() to be thread safe and some
implementations use static memory which causes issues when multiple
threads are used.
Further, our usage of it today is just to ultimately get IPPROTO_TCP
for calls to setsockopt(). So instead we just use IPPROTO_TCP directly.
Richard Mudgett [Thu, 23 Feb 2017 05:26:13 +0000 (23:26 -0600)]
CHANNEL(callid): Give dialplan access to the callid.
* Added CHANNEL(callid) to retrieve the call identifier log tag associated
with the channel. Dialplan now has access to the call log search key
associated with the channel so it can be saved in case there is a problem
with the call.
Sean Bright [Thu, 16 Mar 2017 13:42:54 +0000 (09:42 -0400)]
app_queue: Fix locking behavior in stasis message handlers
The queue_stasis_data structure contains various mutable fields that require
appropriate locking. Specifically, the 'dying,' 'member_uniqueid,' and
'caller_uniqueid' fields need to be locked when read from or written to.
Matt Jordan [Thu, 16 Mar 2017 15:39:00 +0000 (10:39 -0500)]
res/res_pjsip_session: Only check localnet if it is defined
If local_net is not defined on a transport, transport_state->localnet
will be NULL. ast_apply_ha will, be default, return AST_SENSE_ALLOW in
this case, causing the external_media_address, if set, to be skipped.
This patch causes us to only check if we are sending within a network if
local_net is defined.
Richard Begg [Tue, 14 Mar 2017 21:22:42 +0000 (08:22 +1100)]
res_pjsip_sdp_rtp: RTP instance does not use same IP as explicit transport
Currently a wildcard address is used for the local RTP socket, which
will not always result in the same address as used by the SIP socket
(e.g. if explicit transport addresses are configured).
Use the transport's host address when binding new local RTP sockets if
available.
George Joseph [Tue, 7 Mar 2017 14:33:26 +0000 (07:33 -0700)]
res_pjsip: Symmetric transports
A new transport parameter 'symmetric_transport' has been added.
When a request from a dynamic contact comes in on a transport with
this option set to 'yes', the transport name will be saved and used
for subsequent outgoing requests like OPTIONS, NOTIFY and INVITE.
It's saved as a contact uri parameter named 'x-ast-txp' and will
display with the contact uri in CLI, AMI, and ARI output. On the
outgoing request, if a transport wasn't explicitly set on the
endpoint AND the request URI is not a hostname, the saved transport
will be used and the 'x-ast-txp' parameter stripped from the
outgoing packet.
* config_transport was modified to accept and store the new parameter.
* config_transport/transport_apply was updated to store the transport
name in the pjsip_transport->info field using the pjsip_transport->pool
on UDP transports.
* A 'multihomed_on_rx_message' function was added to
pjsip_message_ip_updater that, for incoming requests, retrieves the
transport name from pjsip_transport->info and retrieves the transport.
If transport->symmetric_transport is set, an 'x-ast-txp' uri parameter
containing the transport name is added to the incoming Contact header.
* An 'ast_sip_get_transport_name' function was added to res_pjsip.
It takes an ast_sip_endpoint and a pjsip_sip_uri and returns a
transport name if endpoint->transport is set or if there's an
'x-ast-txp' parameter on the uri and the uri host is an ipv4 or
ipv6 address. Otherwise it returns NULL.
* An 'ast_sip_dlg_set_transport' function was added to res_pjsip
which takes an ast_sip_endpoint, a pjsip_dialog, and an optional
pjsip_tpselector. It calls ast_sip_get_transport_name() and if
a non-NULL is returned, sets the selector and sets the transport
on the dialog. If a selector was passed in, it's updated.
* res_pjsip/ast_sip_create_dialog_uac and ast_sip_create_dialog_uas
were modified to call ast_sip_dlg_set_transport() instead of their
original logic.
* res_pjsip/create_out_of_dialog_request was modified to call
ast_sip_get_transport_name() and pjsip_tx_data_set_transport()
instead of its original logic.
* Existing transport logic was removed from endpt_send_request
since that can only be called after a create_out_of_dialog_request.
* res_pjsip/ast_sip_create_rdata was converted to a wrapper around
a new 'ast_sip_create_rdata_with_contact' function which allows
a contact_uri to be specified in addition to the existing
parameters. (See below)
* res_pjsip_pubsub/internal_pjsip_evsub_send_request was eliminated
since all it did was transport selection and that is now done in
ast_sip_create_dialog_uac and ast_sip_create_dialog_uas.
* 'contact_uri' was added to subscription_persistence. This was
necessary because although the parsed rdata contact header has the
x-ast-txp parameter added (if appropriate),
subscription_persistence_update stores the raw packet which
doesn't have it. subscription_persistence_recreate was then
updated to call ast_sip_create_rdata_with_contact with the
persisted contact_uri so the recreated subscription has the
correct transport info to send the NOTIFYs.
* res_pjsip_session/internal_pjsip_inv_send_msg was eliminated since
all it did was transport selection and that is now done in
ast_sip_create_dialog_uac.
* pjsip_message_ip_updater/multihomed_on_tx_message was updated
to remove all traces of the x-ast-txp parameter from the
outgoing headers.
NOTE: This change does NOT modify the behavior of permanent
contacts specified on an aor. To do so would require that the
permanent contact's contact uri be updated with the x-ast-txp
parameter and the aor sorcery object updated. If we need to
persue this, we need to think about cloning permanent contacts into
the same store as the dynamic ones on an aor load so they can be
updated without disturbing the originally configured value.
You CAN add the x-ast-txp parameter to a permanent contact's uri
but it would be much simpler to just set endpoint->transport.
Richard Mudgett [Wed, 15 Mar 2017 18:24:33 +0000 (13:24 -0500)]
autochan/mixmonitor/chanspy: Fix unsafe channel locking and references.
Dereferencing struct ast_autochan.chan without first calling
ast_autochan_channel_lock() is unsafe because the pointer could change at
any time due to a masquerade. Unfortunately, ast_autochan_channel_lock()
itself uses struct ast_autochan.chan unsafely and can result in a deadlock
if the original channel happens to get destroyed after a masquerade in
addition to the pointer getting changed.
The problem is more likely to happen with v11 and earlier because
masquerades are used to optimize out local channels on those versions.
However, it could still happen on newer versions if the channel is
executing a dialplan application when the channel is transferred or
redirected. In this situation a masquerade still must be used.
* Added a lock to struct ast_autochan to safely be able to use
ast_autochan.chan while trying to get the channel lock in
ast_autochan_channel_lock(). The locking order is the channel lock then
the autochan lock. Locking in the other direction requires deadlock
avoidance.
* Fix unsafe ast_autochan.chan usages in app_mixmonitor.c.
* Fix unsafe ast_autochan.chan usages in app_chanspy.c.
* app_chanspy.c: Removed unused autochan parameter from next_channel().
Mark Michelson [Tue, 7 Mar 2017 20:13:02 +0000 (14:13 -0600)]
Add rtcp-mux support
This commit adds support for RFC 5761: Multiplexing RTP Data and Control
Packets on a Single Port. Specifically, it enables the feature when
using chan_pjsip.
A new option, "rtcp_mux" has been added to endpoint configuration in
pjsip.conf. If set, then Asterisk will attempt to use rtcp-mux with
whatever it communicates with. Asterisk follows the rules set forth in
RFC 5761 with regards to falling back to standard RTCP behavior if the
far end does not indicate support for rtcp-mux.
The lion's share of the changes in this commit are in
res_rtp_asterisk.c. This is because it was pretty much hard wired to
have an RTP and an RTCP transport. The strategy used here is that when
rtcp-mux is enabled, the current RTCP transport and its trappings (such
as DTLS SSL session) are freed, and the RTCP session instead just
mooches off the RTP session. This leads to a lot of specialized if
statements throughout.
Sean Bright [Thu, 9 Mar 2017 17:05:12 +0000 (12:05 -0500)]
app_queue: Handle the caller being redirected out of a queue bridge
A caller can leave the Queue() application after being bridged with a
member in a few ways:
* Caller or member hangup
* Caller is transferred somewhere else (blind or atx)
* Caller is externally redirected elsewhere
The first 2 scenarios are currently handled by subscribing to stasis
messages, but the 3rd is not explicitly covered. If a caller is
redirected away from the Queue() application, the member who was last
bridged with that caller will remain in an "In use" state until the
caller hangs up.
This patch adds handling of the caller leaving the queue via
redirection. We monitor the caller-member bridge, and if the caller is
the one that leaves, we treat it the same as we would a caller hangup.
Richard Mudgett [Tue, 14 Mar 2017 21:16:23 +0000 (16:16 -0500)]
pbx.c: Fix crash from malformed exten pattern.
Forgetting to indicate an exten is a pattern can cause a crash if the
"pattern" has a character set range. e.g., "9999[3-5]" The crash is due
to a buffer overwrite because the '-' exten eye-candy wasn't removed as
expected and overran the allocated space.
The buffer overwrite is fixed two ways in this patch.
1) Fix ext_strncpy() to distinguish between pattern and non-pattern
extens. Now '-' characters are removed when they are eye-candy and not
when they are part of a pattern character set. Since the function is
private to pbx.c, the return value now returns the number of bytes written
to the destination buffer instead of the strlen() of the final buffer so
the callers that care don't need to add one.
2) Fix callers to ext_strncpy() to supply the correct available buffer
size of the destination buffer.
Richard Begg [Tue, 14 Mar 2017 21:51:41 +0000 (08:51 +1100)]
chan_iax2: Reload of iax peer results in loss of host address/port
When using a non-dynamic peer address, build_peer() invalidates the
peer address structure by setting the address family to unspecified.
However, if dnsmgr is enabled, the subsequent call to ast_dnsmgr_lookup()
will not amend the peer address if the cache is still valid, resulting
in peer connectivity failures.
To fix this, we call ast_dnsmgr_refresh() instead.
Matt Jordan [Tue, 14 Mar 2017 20:12:28 +0000 (15:12 -0500)]
configure: Don't use the progress bar with curl when downloading to stdout
In some scenarios, such as when there may not be a terminal (such as
inside a Docker container), curl will apparently direct the progress bar
to stdout. This can cause extra data to be appended to a file curl'd
down to stdout, resulting in md5 verification failures.
This patch removes the progress bar, and tells curl to download the file
silently.
Matt Jordan [Tue, 14 Mar 2017 14:59:48 +0000 (09:59 -0500)]
funcs/func_devstate: Remove new line in Device field of during module load
During module loading of func_devstate, Asterisk emits the current
device state of all Custom device states currently stored in the AstDB.
This was erroneously including a new line character ('\n') to the end of
the device state, causing two new lines to be emitted in
DeviceStateChange AMI events.
Note that this only happened for those device state changes that
occurred during startup. Regular device state changes for Custom device
states are handled elsewhere, and did not have the newline.
ASTERISK-26643 #close
Reported by: Roman Bedros
Tested by: Matt Jordan
patches:
ami_devstate.diff uploaded by Roman Bedros (License 6842)
Matt Jordan [Tue, 14 Mar 2017 14:37:34 +0000 (09:37 -0500)]
main/stasis_cache: Demote the ERROR message when removing a nonexistent item
This patch demotes the ERROR message that is displayed when a
nonexistent item is removed from the Stasis cache. The genesis of this
demotion is due to chan_sip's realtime peers and their interaction with
Asterisk's core ast_endpoint code, but ostensibly it could happen from
other channel drivers as well.
Since Mark Michelson already did an excellent job of explaining on this
issue, it is quoted here for posterity:
"Internally, when a realtime peer is retrieved, Asterisk creates an
ast_endpoint structure. When that peer is destroyed, the ast_endpoint is
destroyed as well. Part of the destruction of the ast_endpoint involves
clearing the Stasis cache of all information about that endpoint. The
problem here is that the act of creating the ast_endpoint is not enough
to actually put any information in the Stasis cache. Instead, something
has to happen, such as a state change, in order for the Stasis cache to
have any information about that endpoint. When a device registers,
chan_sip creates an ast_endpoint structure, processes the REGISTER, and
then destroys the ast_endpoint. When the ast_endpoint is destroyed,
there is nothing to destroy in the Stasis cache, so an error message is
emitted. When you use rtcachefriends, ast_endpoint structures persist
for the lifetime of the module and so you do not see this error
message."
Matt Jordan [Tue, 14 Mar 2017 12:50:07 +0000 (07:50 -0500)]
res_pjsip_endpoint_identifier_ip: Add an option to match requests by header
This patch adds a new features to the endpoint identifier module,
'match_header'. When set, inbound requests are matched by a provided SIP
header: value pair. This option works in conjunction with the existing
'match' configuration option, such that if any 'match*' attribute
matches an inbound request, the request is associated with the specified
endpoint.
Since this module now identifies by more than just IP address,
appropriate renaming of the module and/or variables can be done in a
non-release branch.
projects / thirdparty / asterisk.git / log
