Matthew Jordan [Fri, 19 Apr 2013 22:25:49 +0000 (22:25 +0000)]
Prevent res_timing_pthread from blocking callers
There were several reports of deadlock when using
res_timing_pthread. Backtraces indicated that one thread was blocked
waiting for the write to the pipe to complete and this thread held
the container lock for the timers. Therefore any thread that wanted
to create a new timer or read an existing timer would block waiting
for either the timer lock or the container lock and deadlock ensued.
This patch changes the way the pipe is used to eliminate this source
of deadlocks:
1) The pipe is placed in non-blocking mode so that it would never
block even if the following changes someone fail...
2) Instead of writing bytes into the pipe for each "tick" that's
fired the pipe now has two states--signaled and unsignaled. If
signaled, the pipe is hot and any pollers of the read side
filedescriptor will be woken up. If unsigned the pipe is idle. This
eliminates even the chance of filling up the pipe and reduces the
potential overhead of calling unnecessary writes.
3) Since we're tracking the signaled / unsignaled state, we can
eliminate the exta poll system call for every firing because we know
that there is data to be read.
(closes issue ASTERISK-21389)
Reported by: Matt Jordan
Tested by: Shaun Ruffell, Matt Jordan, Tony Lewis
patches:
0001-res_timing_pthread-Reduce-probability-of-deadlocking.patch uploaded by sruffell (License 5417)
(closes issue ASTERISK-19754)
Reported by: Nikola Ciprich
(closes issue ASTERISK-20577)
Reported by: Kien Kennedy
(closes issue ASTERISK-17436)
Reported by: Henry Fernandes
David M. Lee [Thu, 18 Apr 2013 16:07:03 +0000 (16:07 +0000)]
Fix lock errors on startup.
In messages.c, there are several places in the code where we create a
tmp_tech_holder and pass that into an ao2_find call. Unfortunately, we
weren't initializing the rwlock on the tmp_tech_holder, which the hash
function was locking. It's apparently harmless, but still not the best
code.
This patch extracts all that copy/pasted code into two functions,
msg_find_by_tech and msg_find_by_tech_name, which properly initialize
and destroy the rwlock on the tmp_tech_holder.
Alec L Davis [Tue, 16 Apr 2013 23:27:51 +0000 (23:27 +0000)]
Distributed Device State broken at sites using res_xmpp or res_jabber where Secuity Advisory AST-2012-015 is inplace
res_xmpp was not adding AST_EVENT_IE_CACHABLE to the event as each message came in,
then devstate_change_collector_cb() was unable to find AST_EVENT_IE_CACHABLE in the event,
so defaulted incorrectly to AST_DEVSTATE_NOT_CACHABLE.
Alec L Davis [Tue, 16 Apr 2013 23:13:58 +0000 (23:13 +0000)]
Distributed Device State broken at sites using res_xmpp or res_jabber where Secuity Advisory AST-2012-015 is inplace
res_jabber/res_xmpp were not adding AST_EVENT_IE_CACHABLE to the event as each message came in,
then devstate_change_collector_cb() was unable to find AST_EVENT_IE_CACHABLE in the event,
so defaulted incorrectly to AST_DEVSTATE_NOT_CACHABLE.
David M. Lee [Mon, 15 Apr 2013 15:18:54 +0000 (15:18 +0000)]
Fix the svn:keywords property on several files.
Normally I think keyword expansion is silly, but the one time it would have
been good, it didn't work because the property had quotes in it. This patch
fixes obviously busted svn:keywords properties.
........
Merged revisions 385683 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Sun, 14 Apr 2013 03:00:27 +0000 (03:00 +0000)]
Calculate the timestamp for outbound RTP if we don't have timing information
This patch calculates the timestamp for outbound RTP when we don't have timing
information. This uses the same approach in res_rtp_asterisk. Thanks to both
Pietro and Tzafrir for providing patches.
(closes issue ASTERISK-19883)
Reported by: Giacomo Trovato
Tested by: Pietro Bertera, Tzafrir Cohen
patches:
rtp-timestamp-1.8.patch uploaded by tzafrir (License 5035)
rtp-timestamp.patch uploaded by pbertera (License 5943)
........
Merged revisions 385636 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Sun, 14 Apr 2013 02:30:19 +0000 (02:30 +0000)]
Don't attempt to create a voice frame on a read error
Prior to this patch, a read error in snd_pcm_readi would still be treated as a
nominal result when constructing a voice frame from the expected data. Since
the value returned is negative, as opposed to the number of samples read,
this could result in a crash. With this patch, we now return a null frame
when a read error is detected.
Note that the patch on ASTERISK-21329 was modified slightly for this commit,
in that we bail immediately on detecting the read error, rather than bypassing
the construction of the voice frame.
Michael L. Young [Fri, 12 Apr 2013 22:37:46 +0000 (22:37 +0000)]
Fix Manager Segfault When app_queue Is Unloaded
When app_queue is unloaded, some manager commands are not being unregistered
which result in a segfault. This patch corrects this.
(closes issue ASTERISK-21397)
Reported by: Peter Katzmann, Corey Farrell
Tested by: Corey Farrell
Patches:
asterisk-21397-missing-unreg-manager-cmd_1.8.diff
Michael L. Young (license 5026)
asterisk-21397-missing-unreg-manager-cmd_11.diff
Michael L. Young (license 5026)
Michael L. Young [Fri, 12 Apr 2013 22:18:42 +0000 (22:18 +0000)]
Fix app_voicemail Segfault And A Few Memory Leaks
The original report was that app_voicemail would crash. This was caused by
ast_config_load() returning CONFIG_STATUS_FILEINVALID but no checks being
performed for that return status. After adding the initial patch to fix this
issue, Jaco Kroon (jkroon) added some fixes to memory leaks he had discovered.
During review, Walter Doekes (wdoekes) suggested adding a helper function in
order to determine if we had a valid configuration or not.
This patch does the following:
* Creates a helper function to check if the configuration is valid
* Adds calls to the new helper function where appropiate
* Fixes memory leaks where the code returned without running
ast_config_destroy() on the configuration that was loaded
(closes issue ASTERISK-21302)
Reported by: Jaco Kroon
Tested by: Jaco Kroon, Michael L. Young
Patches:
asterisk-11.3.0-app_voicemail-ast_config-fixes.patch
Jaco Kroon (license 5671)
asterisk-21302-valid_cfg_and_mem_leaks_v3-1.8.diff
Michael L. Young (license 5026)
Michael L. Young [Fri, 12 Apr 2013 15:01:39 +0000 (15:01 +0000)]
Fix One-Way Audio With auto_* NAT Settings When SIP Calls Initiated By PBX
When we reload Asterisk or chan_sip, the flags force_rport and comedia that are
turned on and off when using the auto_force_rport and auto_comedia nat settings
go back to the default setting off. These flags are turned on when needed or
off when not needed at the time that a peer registers, re-registers or initiates
a call. This would apply even when only the default global setting
"nat=auto_force_rport" is being used, which in this case would only affect the
force_rport flag.
Everything is good except for the following: The nat setting is set to
auto_force_rport and auto_comedia. We reload Asterisk and the peer's
registration has not expired. We load in the settings for the peer which turns
force_rport and comedia back to off. Since the peer has not re-registered or
placed a call yet, those flags remain off. We then initiate a call to the peer
from the PBX. The force_rport and comedia flags stay off. If NAT is involved,
we end up with one-way audio since we never checked to see if the peer is behind
NAT or not.
This patch does the following:
* Moves the checking of whether a peer is behind NAT into its own function
* Create a function to set the peer's NAT flags if they are using the auto_* NAT
settings
* Adds calls in sip_request_call() to these new functions in order to setup the
dialog according to the peer's settings
(closes issue ASTERISK-21374)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
asterisk-21374-auto-nat-outgoing-fix_v2.diff Michael L. Young (license 5026)
Alec L Davis [Fri, 12 Apr 2013 08:16:15 +0000 (08:16 +0000)]
IAX2, prevent network thread starting before all helper threads are ready
On startup, it's possible for a frame to arrive before the processing threads were ready.
In iax2_process_thread() the first pass through falls into ast_cond_wait, should a frame arrive
before we are at ast_cond_wait, the signal will be ignored.
The result iax2_process_thread stays at ast_cond_wait forever, with deferred frames being queued.
Fix: When creating initial idle iax2_process_threads, wait for init_cond to be signalled
after each thread is started.
Matthew Jordan [Wed, 10 Apr 2013 14:25:44 +0000 (14:25 +0000)]
Use LDAP memory management functions instead of Asterisk's
When MALLOC_DEBUG is enabled with res_config_ldap, issues (munmap_chunk:
invalid pointer errors) can occur as the memory is being allocated with
Asterisk's wrappers around malloc/calloc/free/strdup, as opposed to the
LDAP library's wrappers.
This patch uses the LDAP library's wrappers where appropriate, so that
compiling with MALLOC_DEBUG doesn't cause more problems than it solves.
Note that the patch listed below was modified slightly for this commit
to account for some additional memory allocation/deallocations.
(closes issue ASTERISK-17386)
Reported by: John Covert
Tested by: Andrew Latham
patches:
issue18789-1.8-r316873.patch uploaded by seanbright (License 5060)
........
Merged revisions 385190 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Wed, 10 Apr 2013 14:05:07 +0000 (14:05 +0000)]
Fix crash in chan_sip when a core initiated op occurs at the same time as a BYE
When a BYE request is processed in chan_sip, the current SIP dialog is detached
from its associated Asterisk channel structure. The tech_pvt pointer in the
channel object is set to NULL, and the dialog persists for an RFC mandated
period of time to handle re-transmits.
While this process occurs, the channel is locked (which is good).
Unfortunately, operations that are initiated externally have no way of knowing
that the channel they've just obtained (which is still valid) and that they are
attempting to lock is about to have its tech_pvt pointer removed. By the time
they obtain the channel lock and call the channel technology callback, the
tech_pvt is NULL.
This patch adds a few checks to some channel callbacks that make sure the
tech_pvt isn't NULL before using it. Prime offenders were the DTMF digit
callbacks, which would crash if AMI initiated a DTMF on the channel at the
same time as a BYE was received from the UA. This patch also adds checks on
sip_transfer (as AMI can also cause a callback into this function), as well
as sip_indicate (as lots of things can queue an indication onto a channel).
Review: https://reviewboard.asterisk.org/r/2434/
(closes issue ASTERISK-20225)
Reported by: Jeff Hoppe
........
Merged revisions 385170 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Rusty Newton [Mon, 8 Apr 2013 23:36:32 +0000 (23:36 +0000)]
Modified the list of keys for the driver backends for sake of sample clarity
Added a line showing the mapping of "mysql" to res_config_mysql available in add-ons. We used "mysql" as an example driver key in the sample, but didn't show what module it mapped too. Also added a subtitle above the list of keys for driver backends.
........
Merged revisions 385047 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Fix For Not Overriding The Default Settings In chan_sip
The initial report was that the "nat" setting in the [general] section was not
having any effect in overriding the default setting. Upon confirming that this
was happening and looking into what was causing this, it was discovered that
other default settings would not be overriden as well.
This patch works similar to what occurs in build_peer(). We create a temporary
ast_flags structure and using a mask, we override the default settings with
whatever is set in the [general] section.
In the bug report, the reporter who helped to test this patch noted that the
directmedia settings were being overriden properly as well as the nat settings.
(closes issue ASTERISK-21225)
Reported by: Alexandre Vezina
Tested by: Alexandre Vezina, Michael L. Young
Patches:
asterisk-21225-handle-options-default-prob_1.8_v4.diff.diff
Michael L. Young (license 5026)
Fix For Not Overriding The Default Settings In chan_sip
The initial report was that the "nat" setting in the [general] section was not
having any effect in overriding the default setting. Upon confirming that this
was happening and looking into what was causing this, it was discovered that
other default settings would not be overriden as well.
This patch works similar to what occurs in build_peer(). We create a temporary
ast_flags structure and using a mask, we override the default settings with
whatever is set in the [general] section.
In the bug report, the reporter who helped to test this patch noted that the
directmedia settings were being overriden properly as well as the nat settings.
This issue is also present in Asterisk 1.8 and a separate patch will be applied
to it.
(issue ASTERISK-21225)
Reported by: Alexandre Vezina
Tested by: Alexandre Vezina, Michael L. Young
Patches:
asterisk-21225-handle-options-default-prob_v4.diff
Michael L. Young (license 5026)
In ASTERISK-20904, the focus was around the changes to NAT that took place in
Asterisk 11. Since the report stated that 1.8 was fine, we didn't take a look
at 1.8 at the time.
While working on ASTERISK-21225, I could see that 1.8 would benefit from having
some of those changes applied to it.
This patch does the following:
* The important part of this patch is that it sets the peer's flags earlier in
build_peer so that the code properly uses the peer's flags based on the peer's
configuration.
* constify req parameter in check_via()
* update realtime schemas under the contrib directory to handle properly the NAT
settings available in 1.8 as well as to handle the changes made in 11 to make
upgrading easier when installing newer versions of Asterisk
(closes issue ASTERISK-21243)
Reported by: Michael L. Young
Patches:
asterisk-20904-changes_for_1.8.diff Michael L. Young (license 5026)
The new inband_on_proceeding option causes Asterisk to assume inband audio
may be present when a PROCEEDING message is received.
Q.931 Section 5.1.2 says the network cannot assume that the CPE side has
attached to the B channel at this time without explicitly sending the
progress indicator ie informing the CPE side to attach to the B channel
for audio. However, some non-compliant ISDN switches send a PROCEEDING
without the progress indicator ie indicating inband audio is available and
assume that the CPE device has connected the media path for listening to
ringback and other messages.
ASTERISK-17834 which causes this issue was dealing with a non-compliant
network switch.
David M. Lee [Tue, 2 Apr 2013 17:34:50 +0000 (17:34 +0000)]
Fixed spurious rebuilds of func_version.
func_version.so was being rebuilt every time, because build.h was
changing every build, because of the cleantest dependency that was
added in r384410 to fix parallel make bugs.
Now build.h will only be created if it does not exist, which was the
original behavior of the Makefile.
........
Merged revisions 384544 from http://svn.asterisk.org/svn/asterisk/branches/1.8
David M. Lee [Mon, 1 Apr 2013 13:28:02 +0000 (13:28 +0000)]
Fix parallel make problems.
Occasionally, make -j would fail due to missing includes, or other
unusual errors.
This was due to the 'cleantest' target, which was designed to force a
make clean when some change in the code would cause the typical
depedency checking to fail. Several targets in the main Makefile did
not depend upon cleantest, hence would run in parallel to it. By
adding the dependency, make -j runs happily now.
Jonathan Rose [Fri, 29 Mar 2013 16:31:45 +0000 (16:31 +0000)]
app_voicemail: Add blank argument to externnotify if no context argument
At least one call to run_externnotify provides a NULL context parameter and
because the snprintf statement doesn't account for a NULL context parameter,
it simply writes '(null)' to the arguments string instead. This patch makes
it write two quotes back to back for that argument instead in the event of
a NULL context.
(closes issue ASTERISK-18207)
Reported by: Barry L. Kline
Patches:
modified from patch-20130306 uploaded by Karsten Wemheuer (License 5930)
........
Merged revisions 384325 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Wed, 27 Mar 2013 18:51:11 +0000 (18:51 +0000)]
Fix a file descriptor leak in off nominal path
While looking at the security vulnerability in ASTERISK-20967, Walter noticed
a file descriptor leak and some other issues in off nominal code paths. This
patch corrects them.
Note that this patch is not related to the vulnerability in ASTERISK-20967,
but the patch was placed on that issue.
Kinsey Moore [Wed, 27 Mar 2013 17:06:07 +0000 (17:06 +0000)]
Fix white noise on SRTP decryption
When res_rtp_asterisk.c was altered to avoid attempting to apply
unprotect algorithms to non-audio RTP packets, the test used was
incorrect. This caused the audio packets to not be decrypted and
resulted in loud white noise on the other endpoint (or both endpoints
depending on the call legs involved). The test now properly checks the
version field in the RTP header to ensure that RTP and RTCP are
decrypted while other types of packets are not.
(closes issue ASTERISK-21323)
Reported by: andrea
Tested by: Kinsey Moore, andrea, John Bigelow
Patches:
whitenoise_fix.diff uploaded by Kinsey Moore
........
Merged revisions 384048 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Wed, 27 Mar 2013 15:23:08 +0000 (15:23 +0000)]
AST-2013-003: Prevent username disclosure in SIP channel driver
When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
* A "407 Proxy Authentication Required" response is sent instead of a
"401 Unauthorized" response
* The presence or absence of additional tags occurs at the end of "403
Forbidden" (such as "(Bad Auth)")
* A "401 Unauthorized" response is sent instead of "403 Forbidden" response
after a retransmission
* Retransmission are sent when a matching peer did not exist, but not when a
matching peer did exist.
This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.
This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.
Matthew Jordan [Wed, 27 Mar 2013 14:38:02 +0000 (14:38 +0000)]
AST-2013-002: Prevent denial of service in HTTP server
AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.
This issue was reported by Christoph Hebeisen of TELUS Security Labs
(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
AST-2013-002-10.diff uploaded by mmichelson (License 5049)
AST-2013-002-11.diff uploaded by mmichelson (License 5049)
Matthew Jordan [Wed, 27 Mar 2013 14:26:44 +0000 (14:26 +0000)]
AST-2013-001: Prevent buffer overflow through H.264 format negotiation
The format attribute resource for H.264 video performs an unsafe read against a
media attribute when parsing the SDP. The value passed in with the format
attribute is not checked for its length when parsed into a fixed length buffer.
This patch resolves the vulnerability by only reading as many characters from
the SDP value as will fit into the buffer.
Matthew Jordan [Tue, 26 Mar 2013 02:28:31 +0000 (02:28 +0000)]
Resolve deadlock between SIP registration and channel based functions
In r373424, several reentrancy problems in chan_sip were addressed. As a
result, the SIP channel driver is now properly locking the channel driver
private information in certain operations that it wasn't previously. This
exposed two latent problems either in register_verify or by functions called
by register_verify. This includes:
* Holding the private lock while calling sip_send_mwi_to_peer. This can create
a new sip_pvt via sip_alloc, which will obtain the channel container lock.
This is a locking inversion, as any channel related lock must be obtained
prior to obtaining the SIP channel technology private lock.
Note that this issue was already fixed in Asterisk 11.
* Holding the private lock while calling sip_poke_peer. In the same vein as
sip_send_mwi_to_peer, sip_poke_peer can create a new SIP private, causing
the same locking inversion.
Note that this locking inversion typically occured when CLI commands were run
while a SIP REGISTER request was being processed, as many CLI commands (such
as 'sip show channels', 'core show channels', etc.) have to obtain the channel
container lock.
(issue ASTERISK-21068)
Reported by: Nicolas Bouliane
(issue ASTERISK-20550)
Reported by: David Brillert
Matthew Jordan [Tue, 26 Mar 2013 01:52:21 +0000 (01:52 +0000)]
Resolve deadlock between pending CDR and batch CDR locks
r375757 attempted to resolve a race condition between multiple submissions of
CDRs while in batch mode from attempting to destroy the scheduled batch
submission by extending the batch CDR lock. Unfortunately, this causes a
deadlock between the pending CDR lock and the batch CDR lock. This patch
resolves the intent of r375757 by simply providing a new lock that protects
the scheduling of the batches. The original batch CDR lock is kept to protect
manipulation of the batch CDR settings, but has been placed such that it
is not held when the pending lock is held.
Thanks to Chase Venters for providing lock analysis on the issue.
Russell Bryant [Tue, 26 Mar 2013 01:36:27 +0000 (01:36 +0000)]
Fix multi-station answer race condition.
When an SLA trunk is ringing (inbound call on the trunk) Asterisk will
make outbound calls to the stations that have that trunk. If more than
one station answers the call at the same time, all channels other than
the first one to answer are left in a bad state. The channel gets
leaked, is not connected to anything, and there's no way to get rid of
it.
We now properly clean up these losing channels by hanging up on them.
Since they lost the race, as we process their answer, there is no
ringing trunk for them to answer.
........
Merged revisions 383835 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Richard Mudgett [Mon, 25 Mar 2013 23:24:29 +0000 (23:24 +0000)]
Set the CALLERID(dnid-num-plan) for incoming ISDN calls.
The CALLEDTON channel variable is set for incoming ISDN calls to the lower
7 bits of the Q.931 type-of-number/numbering-plan octet. The
CALLERID(dnid-num-plan) should have the same value.
Michael L. Young [Fri, 22 Mar 2013 20:41:40 +0000 (20:41 +0000)]
Fix StopMixMonitor Hanging Up When Unable To Stop MixMonitor On A Channel
A regression was accidentally introduced when allowing an optional ID to be used
when calling StopMixMonitor. When we are unable to stop MixMonitor on a
channel, -1 is being returned which triggers the hangup of the channel.
This patch restores the prior behavior by returning 0 whether we were successful
or not. It also allows the call from the manager to use the return code when
the action fails.
(closes issue ASTERISK-21294)
Reported by: daroz
Tested by: daroz
Patches:
asterisk-21294-stop_mixmonitor_hangingup.diff Michael L. Young (license 5026)
Kinsey Moore [Fri, 15 Mar 2013 12:51:34 +0000 (12:51 +0000)]
tcptls: Prevent unsupported options from being set
AMI, HTTP, and chan_sip all support TLS in some way, but none of them
support all the options that Asterisk's TLS core is capable of
interpreting. This prevents consumers of the TLS/SSL layer from setting
TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting
the client certificate when tlsverifyclient is set. Currently, there is
no consumer of main/tcptls.c in Asterisk that supports this feature and
so it can not be properly tested.
Review: https://reviewboard.asterisk.org/r/2370/ Reported-by: John Bigelow Patch-by: Kinsey Moore
(closes issue AST-1093)
........
Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Fri, 15 Mar 2013 01:34:12 +0000 (01:34 +0000)]
When a session timer expires during a T.38 call, re-invite with correct SDP
When a session timer expires during a dialog that has re-negotiated to T.38
and Asterisk is the refresher, Asterisk will send a re-INVITE with an SDP
containing audio media only. This causes some hilarity with the poor fax
session under weigh.
This patch corrects that by sending T.38 parameters if we are in the middle of
a T.38 session.
Matthew Jordan [Fri, 15 Mar 2013 01:23:33 +0000 (01:23 +0000)]
Fix processing of call files when using KQueue on OS X
In certain situations, call files are not processed when using KQueue with
pbx_spool. Asterisk was sending an invalid timeout value when the spool
directory is empty, causing the call to kevent to error immediately. This
can create a tight loop, increasing the CPU load on the system.
Michael L. Young [Tue, 12 Mar 2013 21:17:17 +0000 (21:17 +0000)]
Fix Sorting Order For Parking Lots Stored In Static Realtime
When retrieving the parking lots from a MySQL database table, the current order
is "filename, cat_metric desc, var_metric asc, category". If there are multiple
parking lots with the same cat_metric but different categories, everything is
being sorted on cat_metric first resulting in errors when loading the parking
lots.
This patch fixes the problem by sorting on the category field first, then the
cat_metric field.
(closes issue ASTERISK-21035)
Reported by: Alex Epshteyn
Patches:
asterisk-21035-orderby.diff Michael L. Young (license 5026)
........
Merged revisions 382942 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Tue, 12 Mar 2013 16:23:16 +0000 (16:23 +0000)]
Include the Username field in SIP Registry events when Status is registered
In ASTERISK-17888, the AMI Registry event during SIP registrations was supposed
to include the Username field. Somehow, one of the events was missed. This
patch corrects that - the Username field should be included in all AMI Registry
events involving SIP registrations.
Jonathan Rose [Fri, 8 Mar 2013 20:16:43 +0000 (20:16 +0000)]
chan_sip: Update the via header when relaying SMS MESSAGE
Prior to this change, certain conditions for sending the message would
result in an address of '(null)' being used in the via header of the
SIP message because a NULl value of pvt->ourip was used when initially
generating the via header. This is fixed by adding a call to build_via
when the address is set before sending the message.
Matthew Jordan [Thu, 7 Mar 2013 17:57:08 +0000 (17:57 +0000)]
Let vm_mailbox_snapshot combine "Urgent" when no folder is specified
r381835 fixed a bug in vm_mailbox_snapshot where combining INBOX and Old forgot
that Urgent also "counts" as new messages. This fixed the problem when any of
the three folders was specified and the combine option was used.
It missed the case where the folder isn't specified and we build a snapshot of
all folders. This patch corrects that.
Matthew Jordan [Thu, 7 Mar 2013 14:58:23 +0000 (14:58 +0000)]
Add a 'secret' probation strictrtp mode to handle delayed changes in RTP source
Often, Asterisk may realize that a change in the source of an RTP stream is
about to occur and ask that the RTP engine reset it's lock on the current RTP
source. In certain scenarios, it may take awhile for the new remote system to
send RTP packets, while the old remote system may continue providing RTP during
that time period. This causes Asterisk to re-lock onto the old source, thereby
rejecting the new source when the old source stops sending RTP and the new
source begins.
This patch prevents that by having a constant secondary, 'secret' probation
mode enabled when an RTP source has been chosen. RTP packets from other sources
are always considered, but never chosen unless the current RTP source stops
sending RTP.
Review: https://reviewboard.asterisk.org/r/2364
(closes issue AST-1124)
Reported by: John Bigelow
Tested by: John Bigelow
(closes issue AST-1125)
Reported by: John Bigelow
Tested by: John Bigelow
Kevin Harwell [Mon, 4 Mar 2013 20:03:09 +0000 (20:03 +0000)]
Confbridge CLI new record file name check.
This fix checks to make sure that if a confbridge record start command is issued
from the CLI it will always use the file name given on the CLI even if it
changes between start/stop records for a conference. Previously it had been
reusing the same file between start/stops even if a new filename was given.
Fix / Clean Up Some Items To Handle The New auto_* NAT Options
The original report had to do with a realtime peer behind NAT being pruned and
the peer's private address being used instead of its external address. Upon
debugging, it was discovered that this was being caused by the addition of
the auto_force_rport and auto_comedia settings.
This patch does the following:
* Adds a missing note to the CHANGES file indicating that the default global nat
setting is auto_force_rport
* Constify the 'req' parameter for check_via()
* Add calls to check_via() in a couple of places in order for the auto_*
settings to do their job in attempting to determine if NAT is involved
* Set the flags SIP_NAT_FORCE_RPORT and SIP_PAGE2_SYMMETRICRTP if the auto_*
settings are in use where it was needed
* Moves the copying of peer flags up in build_peer() to before they are used;
this fixes the realtime prune issue
* Update the contrib/realtime schemas to allow the nat column to handle the
different nat setting combinations we have
This patch received a review and "Ship It!" on the issue itself.
(closes issue ASTERISK-20904)
Reported by: JoshE
Tested by: JoshE, Michael L. Young
Patches:
asterisk-20904-nat-auto-and-rt-peersv2.diff Michael L. Young (license 5026)
Joshua Colp [Thu, 28 Feb 2013 21:37:01 +0000 (21:37 +0000)]
Fix a bug with ICE and strictrtp where media could get dropped.
If the end result of the ICE negotiation resulted in the path for media
changing it was possible for the strictrtp code to discard the RTP packets.
This change causes strictrtp to enter learning mode once again when the
ICE negotiation has completed successfully.
Matthew Jordan [Thu, 28 Feb 2013 17:16:31 +0000 (17:16 +0000)]
Prevent deadlock in chan_iax2 when attempting to set caller ID
A deadlock can occur in chan_iax2 when it attempts to set the caller ID, as it
already holds the iax2 private lock and improperly fails to obtain the channel
lock before calling ast_set_callerid. By not safely obtaining the channel lock,
a locking inversion can take place, causing a deadlock.
This patch solves this by calling the required deadlock avoidance functions
that obtain the channel lock before setting the caller ID.
Thanks to Pavel for fixing my syntax errors and testing this patch out.
(closes issue ASTERISK-21128)
Reported by: Pavel Troller
Tested by: Pavel Troller
patches:
ASTERISK-21128-1.8.diff uploaded by mjordan (license 6283)
ASTERISK-21128-modified-1.8.diff uploaded by Pavel Troller (license 6302)
........
Merged revisions 382233 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Thu, 28 Feb 2013 16:52:34 +0000 (16:52 +0000)]
Let channels joining a MeetMe conference opt out of the denoiser
For some channel drivers, specifically those that have a varying rate in the
number of audio samples, the audio quality for a MeetMe conference can be
exceedingly poor. This is due to a unilateral application of the DENOISE
function in func_speex to channels joining the conference.
The denoiser function in the speex library is initialized with the number of
audio samples in each sample that will be provided to it. If the number of
audio samples changes, the denoiser has to be thrown away and re-initialized.
While this could be worked around by removing func_speex, that doesn't help
if you actually use the denoiser with other channels on the system.
This patches does the following:
* Checks for the presence of func_speex as opposed to codec_speex when
determining if the DENOISE function is present (which is where the function
is actually implemented)
* Adds an option to MeetMe 'n' that causes the denoiser to not be applied
to a channel when it joins. This keeps the current behavior the default, but
let's users disable the denoiser if it causes problems on their system.
Review: https://reviewboard.asterisk.org/r/2358
(closes issue AST-1062)
Reported by: Thomas Arimont
........
Merged revisions 382227 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Tzafrir Cohen [Tue, 26 Feb 2013 19:45:09 +0000 (19:45 +0000)]
Consider linux-gnuspe as linux-gnu
* The powerpcspe Linux port uses linux-gnuspe as the OS string.
* Our build system shouldn't really care for that, so just call it linux-gnu.
* Original report: Roland Stigge , http://bugs.debian.org/701505
Matthew Jordan [Tue, 26 Feb 2013 15:35:05 +0000 (15:35 +0000)]
Clean up ConfBridge commands to account for wait_marked users
When ConfBridge was refactored to better handle the concept of marked,
wait_marked, and normal users co-existing in a conference (thereby implementing
a state machine for the conference), the wait_marked users were put into their
own list of conference participants, separate from the active users. This list
is used for wait_marked users when they are waiting in a conference but no
marked user has joined; normal users may have joined at this point however.
There are several AMI/CLI commands that affect conference users that were not
checking the wait_marked users list:
* CLI/AMI commands that mute/unmute a participant. In this case, wait_marked
users have to remain in their particular state and should not be affected -
however, the commands would return "Channel not found" as opposed to the
appropriate error condition.
* CLI/AMI commands that kick a participant. An admin should always be able to
kick a participant out of the conference.
This patch fixes both sets of commands, and cleans up the CLI commands slightly
by allowing them to complete a participant name (this was supposed to have been
added, but the function call was commented out and wasn't implemented).
Review: https://reviewboard.asterisk.org/r/2346/
(closes issue AST-1114)
Reported by: John Bigelow
Tested by: John Bigelow
Matthew Jordan [Tue, 26 Feb 2013 15:24:35 +0000 (15:24 +0000)]
Ensure that the default bridge/user profiles are always available
ConfBridge and Page require that there always be a default bridge and user
profile available. While properties of the default profiles can be overriden
in the configuration file, removing them can create situations where neither
application can function properly.
This patch ensures that if an administrator removes the profiles from the
confbridge.conf configuration file, the profiles are added upon load.
Documentation clarifying this has been added to the confbridge.conf.sample file.
Review: https://reviewboard.asterisk.org/r/2356/
(closes issue AST-1115)
Reported by: John Bigelow
Tested by: John Bigelow
Matthew Jordan [Mon, 25 Feb 2013 12:50:07 +0000 (12:50 +0000)]
Clean up use of va_end/va_args in res_config_mysql
There were several problems using variadic argument macros in res_config_mysql.
* Improper use of va_end. Multiple calls to va_end were possible resulting in
an unbalanced matching of va_start/va_end.
* Calls to va_arg after a possible encounter of a SENTINEL value.
Matthew Jordan [Sun, 24 Feb 2013 23:00:05 +0000 (23:00 +0000)]
Set the sin_family on the bind address socket during initialization
Somehow, chan_jingle has managed to operate for years without setting the
sin_family on its bindaddr socket. This patch properly sets the field during
initial module load to AF_INET.
Note that the patch on the issue was modified slightly to change the
initialization of the socket from allocation of a chan_jingle private to the
module initialization, as the bindaddr object (which is static) only needs to
have the address set once.
(closes issue ASTERISK-19341)
Reported by: andre valentin
patches:
0105-chan_jingle.patch uploaded by avalentin (License 6064)
........
Merged revisions 381975 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Sun, 24 Feb 2013 16:26:10 +0000 (16:26 +0000)]
Don't display the AMI ALL class authorization for users if they don't have it
When converting AMI class authorizations to a string representation, the
method always appends the ALL class authorization. This is especially
important for events, as they should always communicate that class
authorization - even if the event itself does not specify ALL as a class
authorization for itself. (Events have always assumed that the ALL class
authorization is implied when they are raised)
Unfortunately, this did mean that specifying a user with restricted class
authorizations would show up in the 'manager show user' CLI command as
having the ALL class authorization.
Rather then modifying the existing string manipulation function, this patch
adds a function that will only return a string if the field being compared
explicitly matches class authorization field it is being compared against.
This prevents ALL from being returned unless it is actually specified for
the user.
(closes issue ASTERISK-20397)
Reported by: Johan Wilfer
........
Merged revisions 381939 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Sun, 24 Feb 2013 15:37:26 +0000 (15:37 +0000)]
Make ParkAndAnnounce return to priority + 1 when return context is not defined
The ParkAndAnnounce application documentation for the optional return_context
parameter states the following:
return_context
The goto-style label to jump the call back into after timeout. Default
'priority+1'.
Unfortunately, the application was sending the channel back into the dialplan
at 'priority', which is the ParkAndAnnounce application call. This causes an
infinite loop of the channel constantly being parked, announced, timed out,
parked, announced, timed out... while fun, especially for those callers you
wish to drive to the end of madness, this was not the intent of the
application.
Michael L. Young [Fri, 22 Feb 2013 19:38:06 +0000 (19:38 +0000)]
Fix FastAGI To Properly Check For A Connection
When IPv6 support was added to FastAGI, the intent was to have the ability to
check all addresses resolved for a host since we might receive an IPv4 address
and an IPv6 address. The problem with the current code, is that, since we are
doing O_NONBLOCK, we get EINPROGRESS when calling ast_connect() but are ignoring
this instead of handling it. We break out of the loop and continue on. When we
later call ast_poll(), it succeeds but we never check if we have a connection or
not on the socket level. We then attempt to send data to the host address that
we think is setup and it fails. We then check the errno and see that we have
"connection refused" and then return with agi failed.
This patch does the following:
* Handles EINPROGRESS by creating the function handle_connection()
- ast_poll() was moved into this function
- This function checks the results of the connection on the socket level after
calling ast_poll()
* Continues to the next address if the above fails to create a connection
* Once all addresses resolved are tried and we still are unable to establish a
connection, then we return that the FastAGI call failed
(closes issue ASTERISK-21065)
Reported by: Jeremy Kister
Tested by: Jeremy Kister, Michael L. Young
Patches:
asterisk-21065_poll_correctly_v4.diff Michael L. Young (license 5026)
Matthew Jordan [Thu, 21 Feb 2013 22:48:14 +0000 (22:48 +0000)]
Properly detect launchd
Asterisk was a little too pro-active in claiming that it found launchd. On
systems without launchd - such as FreeBSD - this resulted in certain items
in Asterisk that conflict with launchd to not be selectable, such as
res_timing_kqueue.
Matthew Jordan [Wed, 20 Feb 2013 19:14:32 +0000 (19:14 +0000)]
Let vm_mailbox_snapshot_create's combine option apply to "Urgent" as well
The vm_mailbox_snapshot_create function has an option that combines the
contents of INBOX and Old into a single snapshot. The intent of this is that
both 'new' messages and 'deleted' messages are given in a single snapshot, as
some applications prefer this view of the voicemail world. Unfortunately, the
initial implementation ignored the "Urgent" folder. The "Urgent" folder is a
pseudo-INBOX, in that new messages left with the 'U' flag will be placed in
that folder as opposed to INBOX. Thus, the option failed the intent with which
it was added.
This patch makes it so that the "Urgent" folder is included in the snapshot
when that option is used.
Kevin Harwell [Tue, 19 Feb 2013 19:44:58 +0000 (19:44 +0000)]
Write the correct callid to the data1 field in queue_log for transfer events.
The incorrect callid was being written to the "data1" field in queue_log table
for transfer events. The callid of the queue was being written instead of the
transfer target's callid. This now gets the correct "transfer to" number and
places that in the "data1" field of the queue_log table when a transfer event
is triggered.
(closes issue ASTERISK-19960)
Reported by: vladimir shmagin
........
Merged revisions 381770 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Kevin Harwell [Tue, 19 Feb 2013 16:21:18 +0000 (16:21 +0000)]
Confbridge channels staying active when all participants leave.
If you started/stopped recording of a conference multiple times channels
would remain active even when all participants left the conference. This
was due to the fact that a reference to the confbridge was being added
every time a start record command was issued, but when the recording was
stopped there was no matching de-reference thus keeping the conference alive.
Made sure only a single reference is added for the record thread no matter how
many times recording is started/stopped. A de-reference is issued upon thread
ending.
Note, this issue is being fixed under AST-1088 since it relates to it and
should have been corrected along with those modifications.
Kevin Harwell [Mon, 18 Feb 2013 22:21:10 +0000 (22:21 +0000)]
Fixed Confbridge file recording deadlock and appending.
A deadlock occurred after starting/stopping and then restarting a confbridge
recording. Upon starting a recording a record thread is created that holds a
lock until just before exiting. Stopping the recording does not stop/exit the
thread or release the lock. The thread waits until recording begins again.
Starting a stopped recording signals the thread to continue and start recording
again. However restarting the recording also created another record thread
resulting in a deadlock. The fix was to make sure the record thread was only
created once.
Also it was noted that filenames for the recordings were being concatenated for
each start/stop. This was fixed by creating a new file for each conference
session and appending the actual recorded data within the file (e.g. passing
the 'a' option to MixMonitor).
(issue AST-1088)
Reported by: John Bigelow
Review: http://reviewboard.digium.internal/r/374/
Walter Doekes [Mon, 18 Feb 2013 20:30:32 +0000 (20:30 +0000)]
Remove "registertrying" and add "rtp_engine" from/to sip.conf.sample
The "registertrying" option was removed in r343220. The "rtp_engine"
option was added in r186078 but erroneously named "engine" in the sample.
Note that there is no global sip setting for a different engine.
........
Merged revisions 381668 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Jonathan Rose [Mon, 18 Feb 2013 19:43:10 +0000 (19:43 +0000)]
PRESENCE_STATE: Provide better documentation for the 'e' option.
Notes that the 'e' option actually decodes data when used as a write function
such as with the SET application while it encodes data when used to read.
Matthew Jordan [Sat, 16 Feb 2013 16:22:37 +0000 (16:22 +0000)]
Don't send presencestate information if the state is invalid
Previously, presencestate information was sent whenever the state was not
NOT_SET. When r381594 actually returned INVALID presence state in all the
places it was supposed to, it caused chan_sip to start adding presence
state information to NOTIFY requests that it previously would not have
added. chan_sip shouldn't be adding presence state information when the
provider is in an invalid state; users can't set the state to invalid and
an invalid state always implies that the provider is in an error condition.
Matthew Jordan [Fri, 15 Feb 2013 23:23:49 +0000 (23:23 +0000)]
Fix crash in PresenceState AMI action when specifying an invalid provider
This patch fixes a crash in Asterisk that could be caused by using the
PresenceState AMI action while providing an invalid provider. This patch
also adds some additional warnings when a user attempts to provide the
PresenceState action with invalid data, and removes some NOTICE statements
that were still lurking in the code from testing.
(closes issue AST-1084)
Reported by: John Bigelow
Tested by: John Bigelow
Mark Michelson [Fri, 15 Feb 2013 18:42:02 +0000 (18:42 +0000)]
Fix a crash that occurred when a BYE was received on a replaced dialog.
Reference counting for the channel and its tech_pvt got messed up at
some point between 1.8 and 11. The result was that if a BYE for a dialog
that had been replaced (via an INVITE with Replaces) was received, Asterisk
would crash due to trying to access data on a channel that was no longer there.
The fix I introduced is to remove code that both unrefs the sip_pvt and sets
the channel's tech_pvt to NULL when an INVITE with Replaces is handled. This
way when a BYE is received, the tech_pvt will be non-NULL and so the BYE can
be processed and not cause a crash.
(closes issue ASTERISK-20929)
reported by Kristopher Lalletti
patches:
ASTERISK-20929.patch uploaded by Mark Michelson (License #5049)
Kevin Harwell [Fri, 15 Feb 2013 17:17:27 +0000 (17:17 +0000)]
Stopped spamming of debug messages during attended transfer.
While autoservice is running and servicing a channel the callid is being stored
and removed in the thread's local storage for each iteration of the thread loop.
If debug was set to a sufficient level the log file would be spammed with callid
thread local storage debug messages.
Added a new function that checks to see if the callid to be stored is different
than what is already contained (if anything). If it is different then
store/replace and log, otherwise just leave as is. Also made it so all logging
of debug messages pertaining to the callid thread storage outputs only when
TEST_FRAMEWORK is defined.
Jonathan Rose [Fri, 15 Feb 2013 17:12:20 +0000 (17:12 +0000)]
chan_sip: Use video and text crypto attributes to append RTP profiles to SDP
Some bad copy/pasting resulted in using the audio crypto attribute for both
text and video RTP. Also the audio crypto isn't set until after these, so it
was really just bad all around.
(closes ASTERISK-20905)
Reported by: Kristopher Lalletti
patches:
rtp_crypto_video_text.diff uploaded by Jonathan Rose (license 6182)
Matthew Jordan [Thu, 14 Feb 2013 03:48:39 +0000 (03:48 +0000)]
Don't throw a spurious error when using DBdeltree
The function call ast_db_deltree returns the number of row deleted, or a
negative number if it failed. DBdeltree was treating any non-zero return
as an error, causing a spurious verbose error message to be displayed.
This patch handles the return code of ast_db_deltree correctly.
Mark Michelson [Tue, 12 Feb 2013 20:31:52 +0000 (20:31 +0000)]
Do not allow native RTP bridging if packetization of media streams differs.
The RTP engine will no longer allow for local and remote native RTP bridges
if packetization of streams differs. Allowing native bridging in this scenario
has been known to cause FAX failures.
(closes ASTERISK-20650)
Reported by: Maciej Krajewski
Patches:
ASTERISK-20659.patch uploaded by Mark Michelson (License #5049)
Kinsey Moore [Tue, 12 Feb 2013 20:16:45 +0000 (20:16 +0000)]
Fix some more REF_DEBUG-related build errors
When sip_ref_peer and sip_unref_peer were exported to be usable in
channels/sip/security_events.c, modifications to those functions when
building under REF_DEBUG were not taken into account. This change
moves the necessary defines into sip.h to make them accessible to
other parts of chan_sip that need them.
Kevin Harwell [Mon, 11 Feb 2013 20:55:04 +0000 (20:55 +0000)]
Properly load say.conf upon reload of module app_playback.
If say.conf did not exists prior to originally loading module app_playback it
would not load on subsequent reloads of the module once it had been created.
This occurred because upon reload of the app_playback module it would only
load a new configuration if an old one had previously existed. This fix simply
removed the association between checking if an old configuration existed and
the loading of the new one.
Matthew Jordan [Mon, 11 Feb 2013 15:03:40 +0000 (15:03 +0000)]
Fix crash in res_xmpp when deleting pubsub node from CLI
An error existed in res_xmpp where it would attempt to delete attributes from
a node that itself was also deleted. Per the iksemel documentation, attributes
added using iks_insert are copied to the parent node's stack, and will be
reclaimed when that node is itself destroyed.
projects / thirdparty / asterisk.git / log
