Sean Bright [Wed, 12 Sep 2018 12:18:07 +0000 (08:18 -0400)]
res_pjproject: Fix sockaddr conversion routines for non-bundled PJSIP
The bundled version of pjproject has a patch for Solaris compatability
that changes the definition of various socket structures which we need
to account for when compiling against a non-bundled version.
Frederic LE FOLL [Thu, 30 Aug 2018 08:42:18 +0000 (10:42 +0200)]
res_musiconhold.c: Restart MOH if previous hold just reached end-of-file
On MOH activation, moh_files_readframe() is called while the current
stream attached to the channel is NULL and it calls ast_moh_files_next()
immediately. However, it won't call ast_moh_files_next() again if sample
reading fails. The failure may occur because res_musiconhold retains the
last sample reading position in the channel data and MOH during the
previous hold/retrieve just reached EOF. Obviously, a bit of bad luck is
required here.
* Restructured moh_files_readframe() to try a second time to start MOH if
there was no stream setup and the saved position was at EOF. Also added
comments describing what is going on for each step.
core: Don't stop generators when writing RTCP frames.
Generators provide such functionality as tone generation or
silence generation. RTCP frames provide RTCP information and
should not stop generators from operating.
Sean Bright [Tue, 28 Aug 2018 13:42:13 +0000 (09:42 -0400)]
res_pjproject: Add utility functions to convert between socket structures
Currently, to convert from a pj_sockaddr to an ast_sockaddr, the address
needs to be rendered to a string and then parsed into the correct
structure. This also involves a call to getaddrinfo(3). The same is true
for the inverse operation.
Instead, because we know the internal structure of both ast_sockaddr and
pj_sockaddr, we can translate directly between the two without the
need for an intermediate string.
The stasis cache provides a way to reconstruct the current state
of topic subscribers. Unfortunately, since every subscribe and
unsubscribe is cached, the cache continues to grow unabated while
asterisk is running. This patch removes subscribe messages from
the cache when the corresponding unsubscribe is received.
This patch also registers the cache containers with ao2 so that if
AO2_DEBUG is turned on, you can list the container and get its
stats from the CLI.
Chris-Savinovich [Wed, 15 Aug 2018 19:27:52 +0000 (15:27 -0400)]
pbx_config.c: Fix reloading module if initially declined to load
Added decline if extensions.conf file not available
when loading pbx_config, and also made sure everything
gets properly unregistered and/or destroyed on unload.
Richard Mudgett [Thu, 30 Aug 2018 19:42:06 +0000 (14:42 -0500)]
http.c: Give HTTP error response when received lines are too long.
Added a check when we receive a HTTP request line or header line that is
too long. We now return an error response to the sender because we are
not able to process the request.
Joshua Colp [Wed, 29 Aug 2018 10:18:08 +0000 (07:18 -0300)]
res_fax: Handle fax gateway being started more than once.
The T.38 fax gateway state machine can cause the fax gateway
to be started more than once on a channel depending on the
responses of the remote endpoint. This would previously leak
the channel name, channel unique id, and underlying fax engine
state. This change instead makes it so that if the fax gateway
session is already present and not reserved the fax gateway
is not started again.
Sean Bright [Tue, 28 Aug 2018 13:01:19 +0000 (09:01 -0400)]
res_pjsip_transport_websocket: Properly set src_name for IPv6
SIP responses over WebSockets when the client is using IPv6 have invalid
Via headers according to RFC 3261. The 'received' header parameter
should not be wrapped in brackets if it is an IPv6 address.
When src_name is populated by the built-in PJSIP transports, the code
uses pj_sockaddr_print() with 'flags' set to 0, meaning that the
brackets are not rendered around IPv6 addresses.
This may be related to ASTERISK~27101.
See also: https://github.com/onsip/SIP.js/pull/594
Corey Farrell [Sun, 26 Aug 2018 18:18:42 +0000 (14:18 -0400)]
Create --disable-binary-modules option.
This new option can be passed for ./configure or
./tests/CI/buildAsterisk.sh to prevent download/install of binary
modules.
Normally enabling the categories MENUSELECT_CODECS or MENUSELECT_RES
will result in binary modules being enabled even if the build target is
incompatible with those modules. This includes CI scripts which enable
categories before disabling specific modules.
If more binary modules are offered in the future this will help avoid
accidentally downloading them if unwanted or incompatible. Adding a
binary module will only require creating a new menuselect entry similar
to the existing ones, it will not be necessary to modify the CI scripts.
Jaco Kroon [Mon, 13 Aug 2018 13:12:21 +0000 (15:12 +0200)]
chan_sip: improved ip:port finding of peers for non-UDP transports.
Also remove function peer_ipcmp_cb since it's not used (according to
rmudgett).
Prior to b2c4e8660a9c89d07041271371151779b7ec75f6 (ASTERISK_27457)
insecure=port was the defacto standard. That commit also prevented
insecure=port from being applied for sip/tcp or sip/tls.
Into consideration there are three sets of behaviour:
1. "previous" - before the above commit.
2. "current" - post above commit, pre this one.
3. "new" - post this commit.
The problem that the above commit tried to address was guests over TCP.
It succeeded in doing that but broke transport!=udp with host!=dynamic.
This commit attempts to restore sane behaviour with respect to
transport!=udp for host!=dynamic whilst still retaining the guest users
over tcp.
It should be noted that when looking for a peer, two passes are made, the
first pass doesn't have SIP_INSECURE_PORT set for the searched-for peer,
thus looking for full matches (IP + Port), the second pass sets
SIP_INSECURE_PORT, thus expecting matches on IP only where the matched
peer allows for that (in the author's opinion: UDP with insecure=port,
or any TCP based, non-dynamic host).
In previous behaviour there was special handling for transport=tcp|tls
whereby a peer would match during the first pass if the utilized
transport was TCP|TLS (and the peer allowed that specific transport).
This behaviour was wrong, or dubious at best. Consider two dynamic tcp
peers, both registering from the same IP (NAT), in this case either peer
could match for connections from an IP. It's also this behaviour that
prevented SIP guests over tcp.
The above referenced commit removed this behaviour, but kept applying
the SIP_INSECURE_PORT only to WS|WSS|UDP. Since WS and WSS is also TCP
based, the logic here should fall into the TCP category.
This patch updates things such that the previously non-explicit (TCP
behaviour) transport test gets performed explicitly (ie, matched peer
must allow for the used transport), as well as the indeterministic
source-port nature of the TCP protocol is taken into account. The new
match algorithm now looks like:
1. As per previous behaviour, IP address is matched first.
2. Explicit filter with respect to transport protocol, previous
behaviour was semi-implied in the test for TCP pure IP match - this now
made explicit.
3. During first pass (without SIP_INSECURE_PORT), always match on port.
4. If doing UDP, match if matched against peer also has
SIP_INSECURE_PORT, else don't match.
5. Match if not a dynamic host (for non-UDP protocols)
6. Don't match if this is WS|WSS, or we can't trust the Contact address
(presumably due to NAT)
7. Match (we have a valid Contact thus if the IP matches we have no
choice, this will likely only apply to non-NAT).
To logic-test this we need a few different scenarios. Towards this end,
I work with a set number of peers defined in sip.conf:
1 - incoming UDP request from 1.1.1.1:
- previous:
- pass 1:
* peer1 or peer2 if from port 5060 (indeterminate, depends on peer
ordering)
* peer3 if from port 5061
* peer5 if registered from 1.1.1.1 and source port matches
- pass 2:
* peer3
- current: as per previous.
- new:
- pass 1:
* peer2 if from port 5060
* peer3 if from port 5061
* peer5 if registered from 1.1.1.1 and source port matches
- pass 2:
* peer3
2 - incoming UDP request from 1.1.1.2:
- previous:
- pass 1:
* peer5 if registered from 1.1.1.2 and port matches
* peer4 if source port is 5060
- pass 2:
* no match (guest)
- current: as previous.
- new as previous (with the variation that if peer5 didn't have udp as
allowed transport it would not match peer5 whereas previous
and current code could).
3 - incoming UDP request from anywhere else:
- previous:
- pass 1:
* peer5 if registered from that address and source port matches.
- pass 2:
* peer5 if insecure=port is additionally set.
* no match (guest)
- current - as per previous
- new - as per previous
Test cases for TCP based transports:
4 - incoming TCP request from 1.1.1.1
- previous:
- pass 1 (indeterministic, depends on ordering of peers in memory):
* peer1; or
* peer5 if peer5 registered from 1.1.1.1 (irrespective of source port); or
* peer2 if the source port happens to be 5060; or
* peer3 if the source port happens to be 5061.
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer1 or peer2 if from source port 5060
* peer3 if from source port 5060
* peer5 if registered as 1.1.1.1 and source port matches
- pass 2:
* no match (guest)
- new:
- pass 1:
* peer 1 if from port 5060
* peer 5 if registered and source port matches
- pass 2:
* peer 1
5 - incoming TCP request from 1.1.1.2
- previous (indeterminate, depends on ordering):
- pass 1:
* peer4; or
* peer5 if peer5 registered from 1.1.1.2
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer4 if source port is 5060
* peer5 if peer5 registered as 1.1.1.2 and source port matches
- pass 2:
* no match (guest).
- new:
- pass 1:
* peer4 if source port is 5060
* peer5 if peer5 registered as 1.1.1.2 and source port matches
- pass 2:
* peer4
6 - incoming TCP request from anywhere else:
- previous:
- pass 1:
* peer5 if registered from that address
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer5 if registered from that address and port matches.
- pass 2:
* no match (guest)
- new: as per current.
It should be noted the test cases don't make explicit mention of TLS, WS
or WSS. WS and WSS previously followed UDP semantics, they will now
enforce source port matching. TLS follow TCP semantics.
The previous commit specifically tried to address test-case 6, but broke
test-cases 4 and 5 in the process.
Jaco Kroon [Mon, 20 Aug 2018 12:23:38 +0000 (14:23 +0200)]
AMI: be less verbose when adding HTTP headers to AMI/HTTP messages.
All HTTP/AMI message headers are being sent to the verbose channel.
There are multiple places this is happening. Consolidate the loop into
a function. Drop the debug/verbose message.
Convert to using ast_asprintf to perform the length calculation, memory
allocation and snprintf all in one step.
Change disables loading of res_hep.so in default installation. Loading
res_hep has a performance impact whether it's used or not. This disables
loading of it in sample config files.
Florian Floimair [Thu, 23 Aug 2018 11:57:31 +0000 (13:57 +0200)]
alembic: increase uri column size
When mobile SIP clients register with Asterisk that use some sort of
push notifications, the URI can get quite lengthy due to the
additional push-service annotations (things like tokens, pn-type, etc.)
contained in it.
Sean Bright [Tue, 21 Aug 2018 18:50:33 +0000 (14:50 -0400)]
app_queue: Silence GCC 8 compiler warning
I'm only seeing an error in 14+, so I assume it is due to different
compiler options:
app_queue.c: In function ‘handle_queue_add_member’:
app_queue.c:10234:19: error: ‘%d’ directive writing between 1 and 11
bytes into a region of size 3 [-Werror=format-overflow=]
sprintf(num, "%d", state);
^~
app_queue.c:10234:18: note: directive argument in the range
[-2147483648, 99]
sprintf(num, "%d", state);
^~~~
Richard Mudgett [Sat, 11 Aug 2018 00:28:45 +0000 (19:28 -0500)]
res_pjsip_t38.c: Fix crash if already saw a final T.38 reINVITE response.
We were still getting crashes after the first fix. Somehow we receive a
non-2xx final response before we get a 200 final response. With the
failure response we had already cleaned up and destroyed some data
structures. When the unexpected 200 response comes in we crash.
* Add protection code to prevent processing another final T.38 reINVITE
response.
Richard Mudgett [Thu, 16 Aug 2018 02:31:45 +0000 (21:31 -0500)]
pbx_dundi.c: Misc memory management fixes when destroying peers
* In destroy_peer(), fixed memory leaks of lookup history strings and
qualify transactions when destroying peers.
* In destroy_peer(), fixed leaving the registerexpire scheduled callback
active when a peer is destroyed on a reload. The reload marks and sweeps
peers so any peers not explicitly configured get destroyed. Peers created
dynamically from the '*' peer will not exist until they re-register after
the reload. These destroyed peers caused memory corruption when the
registerexpire timer expired.
* Made build_peer() not schedule any callbacks on the '*' peer
(empty_eid). It is a special peer that is cloned to dynamically created
peers so it doesn't actually get involved in any message transactions.
* Made do_register_expire() remove the dundi/dpeers AstDB entry when a
peer registration expires.
* Fix deep_copy_peer() to not copy some things that cannot be copied to
the cloned peer structure. Timers, message transactions, and lookup
history are specific to a peer instance.
* Made set_config() lock around processing the mappings configuration.
* Reordered unload_module() to handle load_module() declining the load due
to error.
Richard Mudgett [Wed, 15 Aug 2018 23:14:52 +0000 (18:14 -0500)]
pbx_dundi: Fix debug frame decode string.
* Fixed a typo in the name of the REGREQ frame decode string array.
* Fixed off by one range check indexing into the frame decode string
array.
* Removed some unneeded casts associated with the decode string array.
Richard Mudgett [Wed, 15 Aug 2018 19:44:48 +0000 (14:44 -0500)]
res_rtp_asterisk.c: Fix unused variable warnings
Compiling without SRTP support installed resulted in some unused variable
warnings. These warnings also showed that the srtp variable was obtained
and passed around some functions but not really used even when a system
has SRTP installed.
George Joseph [Thu, 16 Aug 2018 17:08:21 +0000 (11:08 -0600)]
CI: Add https credentials to gerrit checkouts
If the review to be tested is in a project with restricted access,
we need to use the jenkins user's gerrit https credentials when we
do the checkout or the checkout will fail.
Joshua Colp [Tue, 14 Aug 2018 12:29:18 +0000 (09:29 -0300)]
res_pjsip_caller_id: Add "party" parameter to RPID header.
This change adds the "party" parameter to the Remote-Party-ID header
which indicates which party the header information is applicable
to. In Asterisk this is determined on whether we are the calling
or called party. This is added to improve interoperability with some
implementations.
Ben Ford [Tue, 7 Aug 2018 15:57:29 +0000 (10:57 -0500)]
res_pjsip/rtp: No joint capabilities between streams.
When a conference contained a mixture of audio/video and audio-only
users, a NOTICE message would pop up stating there are no joint
capabilities between streams. This happens because streams can never be
removed, but they can be in a REMOVED state. If we have the scenario
where user A joins with audio/video, user B joins with audio-only, and
user C joins with audio/video, then user A leaves, the message would
be triggered. That removed stream is still in the SDP, but Asterisk
would pass it through, causing it to be seen as a ulaw stream. A check
has been added for removed streams, setting their status to REMOVED when
handling negotiated SDPs.
Also addressed an issue where user A joins, then user B joins but does
not receive video until much later. Full frames were not being sent,
causing some PLI from the browser. Because the video was flowing in one
direction, the browser sets the SSRC to 1, but Asterisk was dropping the
PLI because of that. Added a check to see if the SSRC is 1 or not, which
sends full frames and allows video to flow between user A and user B.
This should only happen when dealing with PSFB or FUR, and in the case
of PSFB, only for PLI.
Ivan Poddubny [Sun, 12 Aug 2018 16:04:42 +0000 (18:04 +0200)]
app_queue: set QUEUESTATUS to LEAVEEMPTY instead of CONTINUE
When a call leaves a queue on leaveempty condition, QUEUESTATUS
must be set to LEAVEEMPTY, no matter whether Queue was executed with or
without the "c" (continue) option.
The regression was introduced in the fix for ASTERISK_25665.
The following fix (ASTERISK_27065) was incomplete, as QUEUESTATUS was
overwritten in case when "c" is set, regardless of what was the cause
for leaving the queue.
Corey Farrell [Thu, 9 Aug 2018 20:25:41 +0000 (16:25 -0400)]
Sample configs: Fix pjsip.conf syntax error.
It is valid for a config file to be empty or contain only comments, but
not valid for a config value to be set when no uncommented context
exists. This caused an error to be loged numerous times during start
when loading the default pjsip.conf.
Enable coverage with `./tests/CI/buildAsterisk.sh --coverage`. This
will cause Asterisk to be compiled with coverage support. It also
initializes 'before' coverage data for all sources. Accept
--tested-only to disable modules which are not run by any test.
Enabling coverage also sets tested-only true by default. To build
everything with coverage enabled use `--coverage --tested-only=0`.
./tests/CI/processCoverage.sh is used to process the coverage and
generate HTML reports.
Fix utils/check_expr2 which failed to compiled with coverage enabled.
Add status output 5 times per stage of astobj2_test_perf to ensure
remote CLI does not timeout when compiled with coverage. Remote CLI
disconnects if no output is received for 60 seconds. When coverage is
enabled it takes about 70 seconds for my laptop to run the stages of
this test, so with the change a message is printed every 14 seconds.
Joshua Colp [Mon, 6 Aug 2018 11:36:22 +0000 (08:36 -0300)]
stasis: Reduce calculation of stasis message type hash.
When the stasis cache is used a hash is calculated for
retrieving or inserting messages. This change calculates
a hash when the message type is initialized that is then
used each time needed. This ensures that the hash is
calculated only once for the message type.
Alexander Traud [Mon, 30 Jul 2018 12:49:08 +0000 (14:49 +0200)]
pjproject_bundled: Fix for Solaris builds. Do not undef s_addr.
The authors of PJProject undef s_addr because of some issue in Microsoft
Windows. However in Oracle Solaris, s_addr is not a structure member, but
defined to map to the real structure member.
Salah Ahmed [Thu, 2 Aug 2018 19:37:16 +0000 (14:37 -0500)]
dialplan_functions: wrong srtp use status report of a dialplan function
If asterisk offer an endpoint with SRTP and that endpoint respond
with non srtp, in that case channel(rtp,secure,audio) reply wrong
status.
Why delete flag AST_SRTP_CRYPTO_OFFER_OK while check identical remote_key:
Currently this flag has being set redundantly. In either case identical
or different remote_key this flag has being set. So if we
don't set it while we receive identical remote_key or non SRTP SDP
response then we can take decision of srtp use by using that flag.
Alexander Traud [Mon, 30 Jul 2018 11:05:34 +0000 (13:05 +0200)]
pjproject_bundled: Find shared libraries in root --with-ssl=PATH.
The script configure from Teluu expects shared libraries (.so) in a subfolder
called 'lib', when --with-xyz=PATH is specified. However for OpenSSL, the
default location is the root of the source folder = PATH. Furthermore, Asterisk
supports both, 'lib' and root. For consistency and because Asterisk is using
(only) OpenSSL in PJProject, it is enhanced to support both locations, just
like Asterisk.
Joshua Colp [Wed, 1 Aug 2018 14:45:04 +0000 (14:45 +0000)]
res_pjsip_registrar: Improve performance on inbound handling.
This change removes a sorcery lookup for retrieving all
contacts at the end of the registration process by keeping
track of the contacts that are added/updated/deleted.
This ensures at the end of the process the container of
contacts we have is the current state.
Pool usage has also been reduced by allocating one for
usage throughout the handling of a REGISTER and resetting
it to a clean state. This ensures that in most cases
we allocate once and just reuse it.
projects / thirdparty / asterisk.git / log
