Richard Mudgett [Mon, 30 Apr 2018 22:38:58 +0000 (17:38 -0500)]
AST-2018-008: Fix enumeration of endpoints from ACL rejected addresses.
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
Alexander Traud [Fri, 8 Jun 2018 20:02:38 +0000 (22:02 +0200)]
res_rtp_asterisk: Allow OpenSSL configured with no-deprecated.
Furthermore, allow OpenSSL configured with no-dh. Additionally, this change
allows auto-negotiation of the elliptic curve/group for servers, not only with
OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519
(since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect.
Alexei Gradinari [Thu, 31 May 2018 15:25:40 +0000 (11:25 -0400)]
func_odbc: NODATA if SQLNumResultCols returned 0 columns on readsql
The functions acf_odbc_read/cli_odbc_read ignore a number of columns
returned by the SQLNumResultCols.
If the number of columns is zero it means no data.
In this case, a SQLFetch function has to be not called,
because it will cause an error.
George Joseph [Thu, 7 Jun 2018 13:46:03 +0000 (07:46 -0600)]
chan_pjsip: Register for "BEFORE_MEDIA" responses
chan_pjsip wasn't registering for "BEFORE_MEDIA" responses which meant
it was not updating HANGUPCAUSE for 4XX responses. If the remote end
sent a "180 Ringing", then a "486 Busy", the hangup cause was left at
"180 Normal Clearing".
* Removed chan_pjsip_incoming_response from the original session
supplement (which was handling only "AFTER MEDIA") and added it to a
new session supplement which accepts both "BEFORE_MEDIA" and
"AFTER_MEDIA".
* Also cleaned up some cleanup code in load module.
Alexei Gradinari [Tue, 22 May 2018 21:21:10 +0000 (17:21 -0400)]
pjsip_options: handle modification of qualify options in realtime
Currentrly pjsip_options code does not handle the situation when the
qualify options were changed in realtime database.
Only 'module reload res_pjsip' helps.
This patch add a check on contact add/update observers if the contact
qualify options are different than local aor qualify options.
If the qualify options were modified then synchronize
the pjsip_options AOR local state.
Alexei Gradinari [Wed, 23 May 2018 21:20:39 +0000 (17:20 -0400)]
pjsip_options: show/reload AOR qualify options using CLI
Currentrly pjsip_options code does not handle the situation when the
AOR qualify options were changed.
Also there is no way to find out what qualify options are using.
This patch add CLI commands to show and synchronize Aor qualify options:
pjsip show qualify endpoint <id>
Show the current qualify options for all Aors on the PJSIP endpoint.
pjsip show qualify aor <id>
Show the PJSIP Aor current qualify options.
pjsip reload qualify endpoint <id>
Synchronize the qualify options for all Aors on the PJSIP endpoint.
pjsip reload qualify aor <id>
Synchronize the PJSIP Aor qualify options.
Pirmin Walthert [Wed, 30 May 2018 06:12:30 +0000 (08:12 +0200)]
bridge_channel.c: Fix Deadlock when using Local channels and fax gateway
ast_indicate is invoked with the bridge locked. As ast_indicate locks the
other end of the bridge as well this can lead to a deadlock in some situations.
(Especially when a different thread does the same in the reverse order).
This patch calls ast_indicate after unlocking the bridge which fixes the
deadlock. Calling ast_indicate with these parameters without locking the
bridge should be safe as this is done at different places without a
bridge lock.
ASTERISK-27094 #close Reported-by: David Brillert
Change-Id: I5f86c1e2ce75b9929a36ab589b18c450e62ea35f
Joshua Colp [Tue, 5 Jun 2018 09:36:35 +0000 (09:36 +0000)]
rtp: Don't negotiate dynamic codecs using payload.
In Asterisk there are some dynamic codecs that have
a fixed payload number. This number was being improperly
used to negotiate the codec, instead of using the name
and sample rate. This could result in the wrong payload
number being negotiated for a codec.
This change makes it so that only static payloads
will be negotiated using their payload number.
George Joseph [Mon, 4 Jun 2018 14:50:51 +0000 (08:50 -0600)]
app_sendtext: Allow content types other than text/plain
There was no real reason to limit the conteny type to text/plain other
than that's what it was limited to before. Now any text/* content
type will be allowed for channel drivers that don't support enhanced
messaging and any type will be allowed for channel drivers that do
support enhanced messaging.
William McCall [Tue, 29 May 2018 00:17:52 +0000 (00:17 +0000)]
app_confbridge: Add talking indicator for ConfBridgeList AMI response
When an AMI client connects, it cannot determine if a user was talking
prior to a transition in the user speaking state (which would generate
a ConfbridgeTalking event). This patch causes app_confbridge to track the
talking state and make this state available via ConfBridgeList.
Richard Mudgett [Tue, 29 May 2018 17:28:48 +0000 (12:28 -0500)]
app_meetme: Fix manager event documentation for several events.
The MeetmeJoin, MeetmeLeave, MeetmeEnd, MeetmeMute, MeetmeTalking, and
MeetmeTalkRequest AMI events were documented with sending out a Usernum
header when the User header was actually output.
* Change the online documentation to match reality.
Alexander Traud [Mon, 28 May 2018 15:29:23 +0000 (17:29 +0200)]
tcptls.h: Repair ./configure --with-ssl=PATH.
asterisk/tcptls.h was included (explicitly, implicitly, or transitively). Those
inclusions got replaced by forward declarations. As side effect, the inclusions
got completed.
Alexander Traud [Fri, 25 May 2018 14:55:26 +0000 (16:55 +0200)]
tcptls: Allow OpenSSL configured with no-dh.
Additionally, this change allows auto-negotiation of the elliptic curve/group
for servers, not only with OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer.
This enables X25519 (since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a
side-effect.
Torrey Searle [Wed, 9 May 2018 13:31:47 +0000 (15:31 +0200)]
res/res_rtp_asterisk: ensure marker bit is correctly set on ssrc change
Certain race conditions between changing bridge types and DTMF can
cause the current FLAG_NEED_MARKER_BIT to send the marker bit before
the actual first packet of native bridging.
This logic keeps track of the ssrc the bridge is currently sending
and will correctly ensure the marker bit is set if SSRC as changed
from the previous sent packet.
rtp: Add support for RTP extension negotiation and abs-send-time.
When RTP was originally created it had the ability to place a single
extension in an RTP packet. In practice people wanted to potentially
put multiple extensions in one and so RFC 5285 (obsoleted by RFC
8285) came into existence. This allows RTP extensions to be negotiated
with a unique identifier to be used in the RTP packet, allowing
multiple extensions to be present in the packet.
This change extends the RTP engine API to add support for this. A
user of it can enable extensions and the API provides the ability to
retrieve the information (to construct SDP for example) and to provide
negotiated information (from SDP). The end result is that the RTP
engine can then query to see if the extension has been negotiated and
what unique identifier is to be used. It is then up to the RTP engine
implementation to construct the packet appropriately.
The first extension to use this support is abs-send-time which is
defined in the REMB draft[1] and is a second timestamp placed in an
RTP packet which is for when the packet has left the sending system.
It is used to more accurately determine the available bandwidth.
Richard Mudgett [Tue, 22 May 2018 22:17:31 +0000 (17:17 -0500)]
channel.c: Fix off nominal channel allocation failure path.
__ast_channel_alloc_ap() had a failure exit path that hadn't setup the fd
descriptors to -1 yet. The destructor would then attempt to close these
fd's that had never been opened.
Alexei Gradinari [Fri, 18 May 2018 21:45:22 +0000 (17:45 -0400)]
config.c: Fix successful DELETE treated as failure
The config engine destroy_func callback function returns the number of
rows deleted or -1 on error. But the function
ast_destroy_realtime_fields treated non-zero return values as error.
Nic Colledge [Sat, 12 May 2018 11:53:13 +0000 (12:53 +0100)]
app_voicemail: Fix incorrect msg leaving/retrieving an ODBC voicemail
Correct the log warning message shown when ODBC voicemail
retrieve_file is called and there is a null value in the category
column.
A more meaningfull message is now written at debug level.
Brian P. Martin [Wed, 18 Apr 2018 02:15:08 +0000 (19:15 -0700)]
chan_mobile: support handling of caller-id names ("cnam").
Add support to handle caller-ID names ("cnam") in addition to caller-ID
numbers. The prior code ignored the caller-ID name altogether, and
used the local name for the cell phone (e.g. "my-iphone") in its place.
Note: as of this writing, at least some Android phones don't pass cnam to
us. This can be seen by issuing "core set debug 2" in the CLI and watching
the "CLIP" record when a call comes in. If cnam isn't in the CLIP record,
there's nothing we can do to provide one. We'll provide a null cnam field,
so later Asterisk processes know to try other sources (e.g. cidname database,
OpenCNAM, etc.).
Reported by: Brian Martin
Tested by: Brian Martin
ASTERISK-27726
Alexander Traud [Thu, 17 May 2018 06:58:43 +0000 (08:58 +0200)]
res_pjsip_endpoint_identifier_ip: Unregister the module for headers.
Asterisk uses Reference Counting to track whether a module can be unloaded.
Every consumer who requires a module, increases the reference count. When the
consumer goes, is unloaded itself, it has to decrease the reference count on
all its used/required modules. That way
core stop gracefully
works on the command-line interface (CLI): One module after the other is
unloaded. A recent change broke this for the module res_pjsip.
Alexander Traud [Thu, 17 May 2018 05:34:03 +0000 (07:34 +0200)]
res_pjsip: Register pjsip_transport_management not externally but internally.
The module (res_)pjsip_transport_management got moved into res_pjsip. It is no
longer an independent/external module with (un)load_module and therefore has to
register just internally with res_pjsip.
Alexander Traud [Fri, 11 May 2018 17:49:12 +0000 (19:49 +0200)]
rtp_engine: Remove the double assigned RTP payload ID of H.263+.
Mantis-3709 (Commit 68ff3c3, Asterisk 1.2) added support for the video format
H.263+. For this, the RTP payload ID 103 got assigned statically. Commit f1aadc8
assigned another payload ID 98 for this format in Asterisk 1.6.
Alexander Traud [Fri, 11 May 2018 12:10:51 +0000 (14:10 +0200)]
rtp_engine: Allow Media Formats with add_static_payload(-1) on egress again.
This issue affected only installations with rtp_use_dynamic=yes in asterisk.conf
which is the default since Asterisk 15. Codec 2 and SiLK were built-in examples
of media formats which were affected.
res_hep: Adds hostname resolution support for capture_address
Previously, only an IP address would be accepted for the capture_address config
setting in hep.conf. This change allows capture_address to be a resolvable
hostname or an IP address.
ASTERISK-27796 #close Reported-By: Sebastian Gutierrez
Change-Id: I33e1a37a8b86e20505dadeda760b861a9ef51f6f
Sean Bright [Mon, 16 Apr 2018 19:13:58 +0000 (15:13 -0400)]
AST-2018-007: iostreams potential DoS when client connection closed prematurely
Before Asterisk sends an HTTP response (at least in the case of errors),
it attempts to read & discard the content of the request. If the client
lies about the Content-Length, or the connection is closed from the
client side before "Content-Length" bytes are sent, the request handling
thread will busy loop.
Jaco Kroon [Tue, 8 May 2018 09:59:02 +0000 (11:59 +0200)]
manager: fix digest auth for ami/http mechanism.
Due to a fixed size buffer the digest authentication could be
incorrectly calculated if a large URI was provided, causing
authentication failure. The buffer is now dynamically allocated to allow
any size URI within the normal limits of the HTTP request size.
Corey Farrell [Fri, 4 May 2018 18:47:25 +0000 (14:47 -0400)]
app_macro: Prevent infinite loop in find_matching_priority.
Use AST_PBX_MAX_STACK to escape if we recurse 128 times. This will
prevent crash if dialplan contains an include loop. Log an error when
this occurs, at most one message per call to Macro() so we avoid logger
spam.
stream: Make the topology a reference counted object.
The stream topology has no lock of its own resulting in
another lock protecting it in some way (for example the
channel lock). If multiple channels are being juggled at
the same time this can be problematic. This change makes
the topology a reference counted object instead which
guarantees it will remain valid even without the channel
lock being held.
Joshua Colp [Thu, 3 May 2018 11:34:32 +0000 (11:34 +0000)]
res_ari: Remove requirement that body exists when debug is on.
The "ari set debug" code for incoming requests incorrectly assumed
that all requests would contain a body. If one did not exist the
request would be incorrectly rejected. The response that was sent
was also incomplete as an incorrect function was used to construct
the response.
The code has now been changed to no longer require a request to have
a body and the response updated to use the correct function.
res_rtp_asterisk: Always update SRTP on local SSRC change.
When the local SSRC changes we need to update the SRTP information
so that the proper key is used. This is commonly done as a result
of bridging two channels together. Previously we only updated
the SRTP information if media had already flowed, but in practice
the channel driver may have already performed SRTP negotiation and
set up the previous SSRC. We now always do it on a local SSRC
change.
Joshua Colp [Mon, 11 Dec 2017 18:34:53 +0000 (18:34 +0000)]
pjsip: Rewrite OPTIONS support with new eyes.
The OPTIONS support in PJSIP has organically grown, like many things in
Asterisk. It has been tweaked, changed, and adapted based on situations
run into. Unfortunately this has taken its toll. Configuration file
based objects have poor performance and even dynamic ones aren't that
great.
This change scraps the existing code and starts fresh with new eyes. It
leverages all of the APIs made available such as sorcery observers and
serializers to provide a better implementation.
1. The state of contacts, AORs, and endpoints relevant to the qualify
process is maintained. This state can be updated by external forces (such
as a device registering/unregistering) and also the reload process. This
state also includes the association between endpoints and AORs.
2. AORs are scheduled and not contacts. This reduces the amount of work
spent juggling scheduled items.
3. Manipulation of which AORs are being qualified and the endpoint states
all occur within a serializer to reduce the conflict that can occur with
multiple threads attempting to modify things.
4. Operations regarding an AOR use a serializer specific to that AOR.
5. AORs and endpoint state act as state compositors. They take input
from lower level objects (contacts feed AORs, AORs feed endpoint state)
and determine if a sufficient enough change has occurred to be fed further
up the chain.
6. Realtime is supported by using observers to know when a contact has
been registered. If state does not exist for the associated AOR then it
is retrieved and becomes active as appropriate.
The end result of all of this is best shown with a configuration file of
3000 endpoints each with an AOR that has a static contact. In the old
code it would take over a minute to load and use all 8 of my cores. This
new code takes 2-3 seconds and barely touches the CPU even while dealing
with all of the OPTIONS requests.
projects / thirdparty / asterisk.git / log
