Kevin Harwell [Thu, 29 Aug 2013 22:53:18 +0000 (22:53 +0000)]
Verbose logging discrepancies
Refactored cases where a combination of ast_verbose/options_verbose were
present. Also in general tried to eliminate, in as many places as possible,
where the options_verbose global variable was being used. Refactored the way
local and remote consoles handle verbose message logging in an attempt to
solve the various discrepancies that sometimes would show between the two.
Matthew Jordan [Tue, 27 Aug 2013 18:14:30 +0000 (18:14 +0000)]
AST-2013-005: Fix crash caused by invalid SDP
If the SIP channel driver processes an invalid SDP that defines media
descriptions before connection information, it may attempt to reference
the socket address information even though that information has not yet
been set. This will cause a crash.
This patch adds checks when handling the various media descriptions that
ensures the media descriptions are handled only if we have connection
information suitable for that media.
Thanks to Walter Doekes, OSSO B.V., for reporting, testing, and providing
the solution to this problem.
Matthew Jordan [Tue, 27 Aug 2013 17:39:21 +0000 (17:39 +0000)]
AST-2013-004: Fix crash when handling ACK on dialog that has no channel
A remote exploitable crash vulnerability exists in the SIP channel driver if an
ACK with SDP is received after the channel has been terminated. The handling
code incorrectly assumed that the channel would always be present.
This patch adds a check such that the SDP will only be parsed and applied if
Asterisk has a channel present that is associated with the dialog.
Note that the patch being applied was modified only slightly from the patch
provided by Walter Doekes of OSSO B.V.
(closes issue ASTERISK-21064)
Reported by: Colin Cuthbertson
Tested by: wdoekes, Colin Cutherbertson
patches:
issueA21064_fix.patch uploaded by wdoekes (License 5674)
........
Merged revisions 397710 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 397711 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 397712 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 20 Aug 2013 01:25:46 +0000 (01:25 +0000)]
Fix invalid access to disposed memory in main/data unit test
It is not safe to iterate over a macro'd list of ao2 objects, deref them such
that the item's destructor is called, and leave them in the list. The list
macro to iterate over items requires the item to be a valid allocated object
in order to proceed to the next item; with MALLOC_DEBUG on the corruption of
the linked list is caught in the crash.
This patch fixes the invalid access to free'd memory by removing the ao2 item
from the list before de-refing it.
Note that this is a backport of r396915 from Asterisk trunk.
........
Merged revisions 396958 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 396961 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 20 Aug 2013 00:01:10 +0000 (00:01 +0000)]
Resolve conflicts between CONFFLAG_DONT_DENOISE and CONFFLAG_INTROUSER_VMREC
When r382230 added an option to not denoise the MeetMe conference (if a user
had a channel whose format's sample rate changed frequently, for example),
the value added was the maximum allowed value for the constants that define
the options for MeetMe in 1.8. Not so in 11 - unfortunately, the option
CONFFLAG_DONT_DENOISE conflicts with CONFFLAG_INTROUESR_VMREC. This patch
fixes that, and also tweaks one of the way in which the constants was
declared for consistency.
Thanks to Tony Mountifield for pointing out the problem and solution.
(closes issue ASTERISK-22269)
Reported by: Tony Mountifield
........
Merged revisions 396944 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 9 Jul 2013 11:33:02 +0000 (11:33 +0000)]
Fix XML encoding of 'identity display' in NOTIFY messages.
XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
Jason Parker [Wed, 15 May 2013 14:55:37 +0000 (14:55 +0000)]
Fix VM snapshot handling for combined INBOX.
The snapshot API contains an option that allow for combining of new
and old messages within a single snapshot. New messages, however,
include options beyond just 'INBOX' - it also includes the Urgent
folder. A previous patch that combined INBOX and Urgent accidentally
impacted snapshots that attempted to gain messages from just the Old
folder. This patch fixes the snapshot gathering such that the API
returns the appropriate messages for the folder selected, with and
without the combine option.
This should make it more clear about what's happening.
Richard Mudgett [Fri, 10 May 2013 22:34:43 +0000 (22:34 +0000)]
Allow mISDN to send PROGRESS messsage.
* Made isdn_msg_parser.c build a progress message with the mandatory
progress indicator IE. (The mISDNuser NT state machine rejected sending
the incomplete message.)
Note: The associated mISDN and mISDNuser patches respectively are viewable
here:
http://svnview.digium.com/svn/thirdparty?view=rev&rev=200
http://svnview.digium.com/svn/thirdparty?view=rev&rev=201
Matthew Jordan [Wed, 27 Mar 2013 15:24:42 +0000 (15:24 +0000)]
AST-2013-003: Prevent username disclosure in SIP channel driver
When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
* A "407 Proxy Authentication Required" response is sent instead of a
"401 Unauthorized" response
* The presence or absence of additional tags occurs at the end of "403
Forbidden" (such as "(Bad Auth)")
* A "401 Unauthorized" response is sent instead of "403 Forbidden" response
after a retransmission
* Retransmission are sent when a matching peer did not exist, but not when a
matching peer did exist.
This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.
This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.
Matthew Jordan [Wed, 27 Mar 2013 14:38:49 +0000 (14:38 +0000)]
AST-2013-002: Prevent denial of service in HTTP server
AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.
This issue was reported by Christoph Hebeisen of TELUS Security Labs
(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
AST-2013-002-10.diff uploaded by mmichelson (License 5049)
AST-2013-002-11.diff uploaded by mmichelson (License 5049)
........
Merged revisions 383978 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Wed, 27 Mar 2013 14:27:43 +0000 (14:27 +0000)]
AST-2013-001: Prevent buffer overflow through H.264 format negotiation
The format attribute resource for H.264 video performs an unsafe read against a
media attribute when parsing the SDP. The value passed in with the format
attribute is not checked for its length when parsed into a fixed length buffer.
This patch resolves the vulnerability by only reading as many characters from
the SDP value as will fit into the buffer.
Matthew Jordan [Tue, 26 Mar 2013 02:31:26 +0000 (02:31 +0000)]
Resolve deadlock between SIP registration and channel based functions
In r373424, several reentrancy problems in chan_sip were addressed. As a
result, the SIP channel driver is now properly locking the channel driver
private information in certain operations that it wasn't previously. This
exposed two latent problems either in register_verify or by functions called
by register_verify. This includes:
* Holding the private lock while calling sip_send_mwi_to_peer. This can create
a new sip_pvt via sip_alloc, which will obtain the channel container lock.
This is a locking inversion, as any channel related lock must be obtained
prior to obtaining the SIP channel technology private lock.
Note that this issue was already fixed in Asterisk 11.
* Holding the private lock while calling sip_poke_peer. In the same vein as
sip_send_mwi_to_peer, sip_poke_peer can create a new SIP private, causing
the same locking inversion.
Note that this locking inversion typically occured when CLI commands were run
while a SIP REGISTER request was being processed, as many CLI commands (such
as 'sip show channels', 'core show channels', etc.) have to obtain the channel
container lock.
(issue ASTERISK-21068)
Reported by: Nicolas Bouliane
(issue ASTERISK-20550)
Reported by: David Brillert
Matthew Jordan [Tue, 26 Mar 2013 02:01:45 +0000 (02:01 +0000)]
Resolve deadlock between pending CDR and batch CDR locks
r375757 attempted to resolve a race condition between multiple submissions of
CDRs while in batch mode from attempting to destroy the scheduled batch
submission by extending the batch CDR lock. Unfortunately, this causes a
deadlock between the pending CDR lock and the batch CDR lock. This patch
resolves the intent of r375757 by simply providing a new lock that protects
the scheduling of the batches. The original batch CDR lock is kept to protect
manipulation of the batch CDR settings, but has been placed such that it
is not held when the pending lock is held.
Thanks to Chase Venters for providing lock analysis on the issue.
Kinsey Moore [Fri, 15 Mar 2013 13:37:07 +0000 (13:37 +0000)]
tcptls: Prevent unsupported options from being set
AMI, HTTP, and chan_sip all support TLS in some way, but none of them
support all the options that Asterisk's TLS core is capable of
interpreting. This prevents consumers of the TLS/SSL layer from setting
TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting
the client certificate when tlsverifyclient is set. Currently, there is
no consumer of main/tcptls.c in Asterisk that supports this feature and
so it can not be properly tested.
Review: https://reviewboard.asterisk.org/r/2370/ Reported-by: John Bigelow Patch-by: Kinsey Moore
(closes issue AST-1093)
........
Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 383166 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 7 Mar 2013 17:57:49 +0000 (17:57 +0000)]
Let vm_mailbox_snapshot combine "Urgent" when no folder is specified
r381835 fixed a bug in vm_mailbox_snapshot where combining INBOX and Old forgot
that Urgent also "counts" as new messages. This fixed the problem when any of
the three folders was specified and the combine option was used.
It missed the case where the folder isn't specified and we build a snapshot of
all folders. This patch corrects that.
........
Merged revisions 382617 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 7 Mar 2013 15:13:13 +0000 (15:13 +0000)]
Add a 'secret' probation strictrtp mode to handle delayed changes in RTP source
Often, Asterisk may realize that a change in the source of an RTP stream is
about to occur and ask that the RTP engine reset it's lock on the current RTP
source. In certain scenarios, it may take awhile for the new remote system to
send RTP packets, while the old remote system may continue providing RTP during
that time period. This causes Asterisk to re-lock onto the old source, thereby
rejecting the new source when the old source stops sending RTP and the new
source begins.
This patch prevents that by having a constant secondary, 'secret' probation
mode enabled when an RTP source has been chosen. RTP packets from other sources
are always considered, but never chosen unless the current RTP source stops
sending RTP.
Review: https://reviewboard.asterisk.org/r/2364
(closes issue AST-1124)
Reported by: John Bigelow
Tested by: John Bigelow
(closes issue AST-1125)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 382573 from http://svn.asterisk.org/svn/asterisk/branches/11
Kevin Harwell [Mon, 4 Mar 2013 20:21:28 +0000 (20:21 +0000)]
Confbridge CLI new record file name check.
This fix checks to make sure that if a confbridge record start command is issued
from the CLI it will always use the file name given on the CLI even if it
changes between start/stop records for a conference. Previously it had been
reusing the same file between start/stops even if a new filename was given.
(issue AST-1088)
Reported by: John Bigelow
........
Merged revisions 382385 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 28 Feb 2013 16:54:25 +0000 (16:54 +0000)]
Let channels joining a MeetMe conference opt out of the denoiser
For some channel drivers, specifically those that have a varying rate in the
number of audio samples, the audio quality for a MeetMe conference can be
exceedingly poor. This is due to a unilateral application of the DENOISE
function in func_speex to channels joining the conference.
The denoiser function in the speex library is initialized with the number of
audio samples in each sample that will be provided to it. If the number of
audio samples changes, the denoiser has to be thrown away and re-initialized.
While this could be worked around by removing func_speex, that doesn't help
if you actually use the denoiser with other channels on the system.
This patches does the following:
* Checks for the presence of func_speex as opposed to codec_speex when
determining if the DENOISE function is present (which is where the function
is actually implemented)
* Adds an option to MeetMe 'n' that causes the denoiser to not be applied
to a channel when it joins. This keeps the current behavior the default, but
let's users disable the denoiser if it causes problems on their system.
Review: https://reviewboard.asterisk.org/r/2358
(closes issue AST-1062)
Reported by: Thomas Arimont
........
Merged revisions 382227 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 382230 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 26 Feb 2013 16:46:52 +0000 (16:46 +0000)]
Ensure that the default bridge/user profiles are always available
ConfBridge and Page require that there always be a default bridge and user
profile available. While properties of the default profiles can be overriden
in the configuration file, removing them can create situations where neither
application can function properly.
This patch ensures that if an administrator removes the profiles from the
confbridge.conf configuration file, the profiles are added upon load.
Documentation clarifying this has been added to the confbridge.conf.sample file.
Review: https://reviewboard.asterisk.org/r/2356/
(closes issue AST-1115)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 382066 from http://svn.asterisk.org/svn/asterisk/branches/11
When the restructuring work got committed to Confbridge in r375470 to
fix many open issues, it caused a regression in the reported count of
users when conference information was requested via CLI or manager.
This corrects the user count and user information displayed when
listing conference information from the CLI and manager.
(closes issue ASTERISK-20938)
Reported By: Timo Teras
Patches:
confbridge-list.patch uploaded by Timo Teras (license 5409)
........
r382068 | mjordan | 2013-02-26 09:35:05 -0600 (Tue, 26 Feb 2013) | 26 lines
Clean up ConfBridge commands to account for wait_marked users
When ConfBridge was refactored to better handle the concept of marked,
wait_marked, and normal users co-existing in a conference (thereby implementing
a state machine for the conference), the wait_marked users were put into their
own list of conference participants, separate from the active users. This list
is used for wait_marked users when they are waiting in a conference but no
marked user has joined; normal users may have joined at this point however.
There are several AMI/CLI commands that affect conference users that were not
checking the wait_marked users list:
* CLI/AMI commands that mute/unmute a participant. In this case, wait_marked
users have to remain in their particular state and should not be affected -
however, the commands would return "Channel not found" as opposed to the
appropriate error condition.
* CLI/AMI commands that kick a participant. An admin should always be able to
kick a participant out of the conference.
This patch fixes both sets of commands, and cleans up the CLI commands slightly
by allowing them to complete a participant name (this was supposed to have been
added, but the function call was commented out and wasn't implemented).
Review: https://reviewboard.asterisk.org/r/2346/
(closes issue AST-1114)
Reported by: John Bigelow
Tested by: John Bigelow
........
r382069 | mjordan | 2013-02-26 09:38:05 -0600 (Tue, 26 Feb 2013) | 3 lines
Fix typo in r382068
Well, that was embarrassing. Removed an '-l' that somehow got in there.
........
Merged revisions 379478,382068-382069 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Wed, 20 Feb 2013 19:15:50 +0000 (19:15 +0000)]
Let vm_mailbox_snapshot_create's combine option apply to "Urgent" as well
The vm_mailbox_snapshot_create function has an option that combines the
contents of INBOX and Old into a single snapshot. The intent of this is that
both 'new' messages and 'deleted' messages are given in a single snapshot, as
some applications prefer this view of the voicemail world. Unfortunately, the
initial implementation ignored the "Urgent" folder. The "Urgent" folder is a
pseudo-INBOX, in that new messages left with the 'U' flag will be placed in
that folder as opposed to INBOX. Thus, the option failed the intent with which
it was added.
This patch makes it so that the "Urgent" folder is included in the snapshot
when that option is used.
........
Merged revisions 381835 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Wed, 20 Feb 2013 18:33:37 +0000 (18:33 +0000)]
Ensure Min-SE is included in outbound INVITEs
Asterisk now includes Min-SE in outbound INVITEs when the value is not
90 (the default) and session timers are not disabled. This has the
effect of Asterisk following RFC4028 more closely with regard to 422
responses and preventing situations in which Asterisk would be forced
to temporarily accept a call to tear it down based on a Session-Expires
below the locally configured Min-SE.
(issue SWP-5051)
Review: https://reviewboard.asterisk.org/r/2222/ Reported-by: Kinsey Moore Patch-by: Kinsey Moore
........
Merged revisions 377946 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377947 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 377948 from http://svn.asterisk.org/svn/asterisk/branches/11
Kevin Harwell [Tue, 19 Feb 2013 16:26:07 +0000 (16:26 +0000)]
Confbridge channels staying active when all participants leave.
If you started/stopped recording of a conference multiple times channels
would remain active even when all participants left the conference. This
was due to the fact that a reference to the confbridge was being added
every time a start record command was issued, but when the recording was
stopped there was no matching de-reference thus keeping the conference alive.
Made sure only a single reference is added for the record thread no matter how
many times recording is started/stopped. A de-reference is issued upon thread
ending.
Note, this issue is being fixed under AST-1088 since it relates to it and
should have been corrected along with those modifications.
(issue AST-1088)
Reported by: John Bigelow
........
Merged revisions 381737 from http://svn.asterisk.org/svn/asterisk/branches/11
Kevin Harwell [Mon, 18 Feb 2013 22:41:15 +0000 (22:41 +0000)]
Fixed Confbridge file recording deadlock and appending.
A deadlock occurred after starting/stopping and then restarting a confbridge
recording. Upon starting a recording a record thread is created that holds a
lock until just before exiting. Stopping the recording does not stop/exit the
thread or release the lock. The thread waits until recording begins again.
Starting a stopped recording signals the thread to continue and start recording
again. However restarting the recording also created another record thread
resulting in a deadlock. The fix was to make sure the record thread was only
created once.
Also it was noted that filenames for the recordings were being concatenated for
each start/stop. This was fixed by creating a new file for each conference
session and appending the actual recorded data within the file (e.g. passing
the 'a' option to MixMonitor).
(issue AST-1088)
Reported by: John Bigelow
Review: http://reviewboard.digium.internal/r/374/
........
Merged revisions 381702 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Sat, 16 Feb 2013 16:31:30 +0000 (16:31 +0000)]
Don't send presencestate information if the state is invalid
Previously, presencestate information was sent whenever the state was not
NOT_SET. When r381594 actually returned INVALID presence state in all the
places it was supposed to, it caused chan_sip to start adding presence
state information to NOTIFY requests that it previously would not have
added. chan_sip shouldn't be adding presence state information when the
provider is in an invalid state; users can't set the state to invalid and
an invalid state always implies that the provider is in an error condition.
(issue AST-1084)
........
Merged revisions 381613 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Fri, 15 Feb 2013 23:36:05 +0000 (23:36 +0000)]
Fix crash in PresenceState AMI action when specifying an invalid provider
This patch fixes a crash in Asterisk that could be caused by using the
PresenceState AMI action while providing an invalid provider. This patch
also adds some additional warnings when a user attempts to provide the
PresenceState action with invalid data, and removes some NOTICE statements
that were still lurking in the code from testing.
(closes issue AST-1084)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 381594 from http://svn.asterisk.org/svn/asterisk/branches/11
This patch adds hangup-related test events in order to support testing
of time-limited bridges. This aids in testing the S() and L() bridge
options.
(issue SWP-4713)
........
Merged revisions 378119 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378120 from http://svn.asterisk.org/svn/asterisk/branches/10
........
r378459 | kmoore | 2013-01-03 12:48:00 -0600 (Thu, 03 Jan 2013) | 10 lines
Add missing test event
This test event was missing from channel.c causing the dial_LS_options
test to fail intermittently because of a race condition where most code
paths emitted the test event but this one did not. The dial_LS_options
test should stop bouncing now.
........
Merged revisions 378455 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378121,378459 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 18:41:21 +0000 (18:41 +0000)]
Fixed failing test from r380696.
When I added my extensive suite of session timer unit tests, apparently one of
them was failing and I never noticed. If neither Min-SE nor Session-Expires is
set in the header, it was responding with a Session-Expires of the global
maxmimum instead of the configured max for the endpoint.
(issue ASTERISK-20787)
........
Merged revisions 380973 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 380974 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 18:40:54 +0000 (18:40 +0000)]
Process session timers, even if Session-Expires header is missing
Previously, Asterisk only processed session timer information if both the
'Supported: timer' and 'Session-Expires' headers were present. However, the
Session-Expires header is optional. If we were to receive a request with a
Min-SE greater than our configured session-expires, we would respond with a
'Session-Expires' header that was too small.
This patch cleans the situation up a bit, always processing timer information
if the 'Supported: timer' header is present.
(closes issue ASTERISK-20787)
Reported by: Mark Michelson
Review: https://reviewboard.asterisk.org/r/2299/
........
Merged revisions 380696 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 380698 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:21:05 +0000 (15:21 +0000)]
app_confbridge: Fix error messages on exiting conference.
A marked user ending a conference with only end_marked users generates
error messages:
ERROR[0000][C-00000000]: confbridge/conf_state.c:47 conf_invalid_event_fn: Invalid event for confbridge user ''
* The MULTI_MARKED state was doing too much when it was kicking out the
end_marked users from the conference. The kicked out users will clean up
after themselves when they exit the conference.
Matthew Jordan [Thu, 14 Feb 2013 15:19:12 +0000 (15:19 +0000)]
app_page and app_confbridge: Fix custom announcement on entering conference.
The Page and ConfBridge custom announcement did not play when users
entered the conference.
* Fix the CONFBRIDGE(user,announcement) file not getting played. The code
to do this got removed accidentally when the ConfBridge code was
restructured to be more state machine like.
* Fixed play_prompt_to_user() doxygen comments.
* Fixed the Page A(x) and n options for the caller. The caller never
played the announcement file and totally ignored the n option. The code
to do this was lost when the application was converted to use ConfBridge.
* Factored out setup_profile_bridge(), setup_profile_paged(), and
setup_profile_caller() routines to setup ConfBridge profiles. Made each
profile setup routine use the default template if one has not already been
setup by dialplan.
Matthew Jordan [Thu, 14 Feb 2013 15:14:53 +0000 (15:14 +0000)]
Fix astcanary startup problem due to wrong pid value from before daemon call
When Asterisk forks itself into the background via a call to daemon, it must
re-set the pid value of the new process. Otherwise, astcanary gets the pid
value of the process before the fork, which prevents it from running. Asterisk
eventually starts lowering its priority, as it can no longer communicate
with the proverbial canary in the coal mine.
This patch ensures that the correct process identifier is used by astcanary.
Note that this is getting committed to 10 as a regression fix.
(closes issue ASTERISK-20947)
Reported by: Jakob Hirsch
Tested by: mjordan
patches:
asterisk-10.12.0.astcanary_ppid.diff uploaded by Jakob Hirsch (license 6113)
........
Merged revisions 379509 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 379510 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 379513 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:13:37 +0000 (15:13 +0000)]
Update init.d scripts to handle stderr; readd splash screen for remote consoles
When r376428 was commited to re-order start up sequences to be more tolerant of
forking with thread primitives, a few items were changed that caused changes
in behavior on some distros. This includes:
* Not displaying the splash screen on a remote console.
* Displaying an error message on stderr when a remote console cannot connect
to a running instance of Asterisk.
In the first case, the splash screen was re-added (thanks to Michael L. Young).
In the second case, the various init.d scripts were modified to pipe stderr
to /dev/null, as the error message is useful - if you execute a remote
console or a remote console command execution and it fail, it should tell
you. Note that the error message was always present, it just failed to be
printed prior to r376428.
Much thanks to the folks who quickly reported this problem, provided solutions,
and promptly tested the various init.d scripts on a variety of distros.
(closes issue ASTERISK-20945)
Reported by: Warren Selby
Tested by: Michael L. Young, Jamuel Starkey, kaldemar, Danny Nicholas, mjordan
patches:
asterisk-20945-remote-intro-msg.diff uploaded by elguero (license 5026)
ASTERISK-20945-1.8-mjordan.diff uploaded by mjordan (license 6283)
........
Merged revisions 379760 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 379777 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 379790 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:10:46 +0000 (15:10 +0000)]
Reset RTP timestamp; sequence number on SSRC change
In r370252 for ASTERISK-18404, Asterisk's handling of RTP was modified to
better account for out of order RTP packets. This was accomplished by using the
RTP timestamp and sequence number to check for out of order packets. However,
when a SSRC change occurs, the timestamp and sequence number will no longer
have any relation to the previously received packets. The variables tracking
the timestamp and sequence number therefore have to be reset.
Matthew Jordan [Thu, 14 Feb 2013 15:09:36 +0000 (15:09 +0000)]
Perform case insensitive comparisons for T.38 attributes
RFC5347 section 2.5.2 states the following:
...
The attribute "T38MaxBitRate" was once incorrectly registered with
IANA as "T38maxBitRate" (lower-case "m"). In accordance with T.38
examples and common implementation practice, the form "T38MaxBitRate"
SHOULD be generated by implementations conforming to this package.
In general, it is RECOMMENDED that implementations of this package
accept lowercase, uppercase, and mixed upper/lowercase encodings of
all the T.38 attributes.
...
Asterisk currently does not perform case insensitive matching on the T.38
attributes. This causes the T38MaxBitRate attribute to be negotiated at
2400 baud instead of 14400 (or whatever value you actually wanted).
This patch makes it so that when we compare T.38 attributes, we do so in a case
insensitive fashion.
Note that while the issue reporter did not directly write the patch, they
contributed to it (and would have provided one themselves if the license had
gone through a tad faster), and hence get attribution for it.
Review: https://reviewboard.asterisk.org/r/2298/
(closes issue ASTERISK-20897)
Reported by: Eric Hill
Tested by: Eric Hill
patches:
-- uploaded by Eric Hill
........
Merged revisions 380458 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 380465 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:08:15 +0000 (15:08 +0000)]
Do not allow native RTP bridging if packetization of media streams differs.
The RTP engine will no longer allow for local and remote native RTP bridges
if packetization of streams differs. Allowing native bridging in this scenario
has been known to cause FAX failures.
(closes ASTERISK-20650)
Reported by: Maciej Krajewski
Patches:
ASTERISK-20659.patch uploaded by Mark Michelson (License #5049)
Jonathan Rose [Fri, 8 Feb 2013 19:42:50 +0000 (19:42 +0000)]
Merge r379892 into Certified 11.2
........
r379892 | jrose | 2013-01-22 13:07:42 -0600 (Tue, 22 Jan 2013) | 16 lines
app_meetme: Use new prompts for administrator menu
The old prompts for the administrator menu were inadequate. They didn't mention
that the menu had additional options through the 8 key and pressing the 8 key
wouldn't reveal what those options were. This patch fixes all of that while
also organizing code pertaining to each individual menu type which was
previously all stored in one gigantic function along with many of the basic
conference functions.
(closes issue AST-996)
Reported by: John Bigelow
Review: http://reviewboard.digium.internal/r/360/
........
Merged revisions 379885 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Tilghman Lesher [Mon, 10 Dec 2012 01:41:02 +0000 (01:41 +0000)]
Improve documentation by making all of the colors used readable,
no matter what the background color is.
Dark blue on a black background is unreadable, as is yellow on a
light background. This patch turns on the bright attribute for
colors when on a dark background and turns *off* the bright
attribute when the -W command line option is used (indicating a
_light_ background). This ensures that text is readable in both
cases.
Richard Mudgett [Sat, 8 Dec 2012 00:29:56 +0000 (00:29 +0000)]
Fix order of SIP allow/disallow in MySQL contrib script.
Using the contrib sippeers.sql script to create the sippeers MySQL table
would result in being unable to place calls if you set the disallow value
to all.
(closes issue ASTERISK-20756)
Reported by: Andre Luis
Patches:
sippeers.patch patch uploaded by Andre Luis
........
Merged revisions 377431 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377432 from http://svn.asterisk.org/svn/asterisk/branches/10
Kinsey Moore [Fri, 7 Dec 2012 22:02:50 +0000 (22:02 +0000)]
codec_dahdi: Fix output of "transcoder show" CLI command.
In r306010 "Asterisk media architecture conversion - no more format
bitfields", the logic for incrementing encoders and decoders when
opening transcoder channels was changed without making the corresponding
change when decrementing encoder / decoder channels. The result being
that when a channel was destroyed, codec_dahdi couldn't properly tell if
it was an encoder or decoder, and the default case is to assume it was a
decoder.
This could result in negative numbers for decoders in use like in:
VOIP6*CLI> transcoder show
2/-2 encoders/decoders of 92 channels are in use.
Matthew Jordan [Thu, 6 Dec 2012 14:11:21 +0000 (14:11 +0000)]
Fix memory leak in 'manager show event' when command entered incorrectly
When the CLI command 'manager show event' was run incorrectly and its usage
instructions returned, a reference to the event container was leaked. This
would prevent the container from being reclaimed when Asterisk exits. We now
properly decrement the count on the ao2 object using the nifty RAII_VAR macro.
Thanks to Russell for helping me stumble on this, and Terry for writing that
ridiculously helpful macro.
Jonathan Rose [Wed, 5 Dec 2012 17:08:12 +0000 (17:08 +0000)]
res_srtp: Fix a crash caused by srtp_dealloc on an already dealloced session
When srtp_create fails, the session may be dealloced or just not alloced. At
the same time though, the session pointer might not be set to NULL in this
process and attempting to srtp_dealloc it again will cause a segfault. This
patch checks for failure of srtp_create and sets the session pointer to NULL
if it fails.
Joshua Colp [Wed, 5 Dec 2012 16:50:43 +0000 (16:50 +0000)]
Fix a SIP request memory leak with TLS connections.
During the TLS re-work in chan_sip some TLS specific code was moved
into a separate function. This function operates on a copy of the
incoming SIP request. This copy was never deinitialized causing a
memory leak for each request processed.
This function is now given a SIP request structure which it can use
to copy the incoming request into. This reduces the amount of memory
allocations done since the internal allocated components are reused
between packets and also ensures the SIP request structure is
deinitialized when the TLS connection is torn down.
(closes issue ASTERISK-20763)
Reported by: deti
........
Merged revisions 377257 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377258 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 5 Dec 2012 01:09:39 +0000 (01:09 +0000)]
confbridge: Fix several small issues.
* Made func_confbridge_helper() allow an empty value when setting options.
You previously could not Set(CONFBRIDGE(user,pin)=) and clear the
configured pin from the dialplan.
* Made func_confbridge_helper() handle its datastore better if multiple
threads attempt to set the first CONFBRIDGE option value on the channel.
* Made the func_confbridge_helper() only output one diagnostic message
concerning the option.
* Made the bridge video_mode able to repeatedly change in the config file
and CONFBRIDGE dialplan function. The video_mode option values are an
enum and not independent of each other.
* Made handle_cli_confbridge_show_bridge_profile() better handle the
video_mode option.
* Simplified datastore handling code in conf_find_user_profile() and
conf_find_bridge_profile().
Richard Mudgett [Mon, 3 Dec 2012 22:58:46 +0000 (22:58 +0000)]
Cleanup ast_run_atexits() atexits list.
* Convert atexits list to a mutex instead of a rd/wr lock. The lock is
only write locked.
* Move CLI verbose Asterisk ending message to where AMI message is output
in really_quit() to avoid further surprises about using stuff already
shutdown.
Joshua Colp [Mon, 3 Dec 2012 14:54:54 +0000 (14:54 +0000)]
Fix an RTP instance reference count leak in chan_motif.
When setting up an RTP instance the RTCP portion of the instance
keeps a reference to the instance itself. In order to release this
reference and stop RTCP the stop API call must be called before
destroying the instance.
Joshua Colp [Sat, 1 Dec 2012 00:46:40 +0000 (00:46 +0000)]
Tweak extension used for incoming calls received on Motif.
Based on feedback from numerous individuals this patch tweaks incoming calls
to first look for an extension with the name of the endpoint. If no such extension
exists the call will silently fall back to the "s" extension as it previously
did.
Mark Michelson [Fri, 30 Nov 2012 16:36:54 +0000 (16:36 +0000)]
Fix potential crashes during SIP attended transfers.
The principal behind this patch is simple. During a transfer,
we manipulate channels that are owned by a separate thread than
the one we currently are running in, so it makes sense that we
need to grab a reference to the channels so that they cannot
disappear out from under us.
In the wild, crashes were sometimes seen when the transferring
party would hang up the call before the transfer target answered
the call. The most common place to see the crash occur was when
attempting to send a connected line update to the transferer
channel.
(closes issue ASTERISK-20226)
Reported by Jared Smith
Patches:
ASTERISK-20226.patch uploaded by Mark Michelson (License #5049)
Tested by: Jared Smith
........
Merged revisions 376901 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376916 from http://svn.asterisk.org/svn/asterisk/branches/10
Michael L. Young [Thu, 29 Nov 2012 21:57:00 +0000 (21:57 +0000)]
Improve Code Readability And Fix Setting natdetected Flag
For 1.8, 10, 11 and trunk we are are improving the code readability.
For 11 and trunk, auto nat detection was added. The natdetected flag was being
set to 1 when the host address in the VIA header did not specifiy a port. This
patch fixes this by setting the port on the temporary sock address used to
SIP_STANDARD_PORT in order for the sock address comparison to work properly.
(closes issue ASTERISK-20724)
Reported by: Michael L. Young
Patches:
asterisk-20724-set-port-v2.diff uploaded by Michael L. Young (license 5026)
Pedro Kiefer [Thu, 29 Nov 2012 17:17:11 +0000 (17:17 +0000)]
Fix chan_sip websocket payload handling
Websocket by default doesn't return an ast_str for the payload received. When
converting it to an ast_str on chan_sip the last character was being omitted,
because ast_str functions expects that the given length includes the trailing
0x00. payload_len only has the actual string length without counting the
trailing zero.
For most cases this passed unnoticed as most of SIP messages ends with \r\n.
* Adds the following CLI commands to control MALLOC_DEBUG reporting of
unreleased malloc memory when Asterisk is shut down.
memory atexit list on
memory atexit list off
memory atexit summary byline
memory atexit summary byfunc
memory atexit summary byfile
memory atexit summary off
* Made check all remaining allocated region blocks atexit for fence
violations.
* Increased the allocated region hash table size by about three times. It
still isn't large enough considering the number of malloced blocks
Asterisk uses.
* Made CLI "memory show allocations anomalies" use
regions_check_all_fences().
Jonathan Rose [Wed, 28 Nov 2012 16:37:26 +0000 (16:37 +0000)]
manager: Make challenge work with allowmultiplelogin=no
Prior to this patch, challenge would yield a multiple logins error if used
without providing the username (which isn't really supposed to be an argument
to challenge) if allowmultiplelogin was set to no because allowmultiplelogin
finds a user with a zero length login name. This check is simply disabled for
the challenge action when the username is empty by this patch.
(closes issue ASTERISK-20677)
Reported by: Vladimir
Patches:
challenge_action_nomultiplelogin.diff uploaded by Jonathan Rose (license 6182)
........
Merged revisions 376725 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376726 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 28 Nov 2012 00:08:09 +0000 (00:08 +0000)]
Fix extension matching with the '-' char.
The '-' char is supposed to be ignored by the dialplan extension matching.
Unfortunately, it's treatment is not handled consistently throughout the
extension matching code.
* Made the old exten matching code consistently ignore '-' chars.
* Made the old exten matching code consistently handle case in the
matching.
* Made ignore empty character sets.
* Fixed ast_extension_cmp() to return -1, 0, or 1 as documented. The only
user of it in pbx_lua.c was testing for -1. It was originally returning
the strcmp() value for less than which is not usually going to be -1.
* Fix character set sorting if the sets have the same number of characters
and start with the same character. Character set [0-9] now sorts before
[02-9a] as originally intended.
* Updated some extension label and priority already in use warnings to
also indicate if the extension is aliased.
Richard Mudgett [Tue, 27 Nov 2012 20:38:23 +0000 (20:38 +0000)]
Remove unnecessary channel module references.
* Removed call to ast_module_user_hangup_all() in res_config_mysql.c since
it is effectively a noop. No channels can attach a reference to that
module.
* Removed call to ast_module_user_hangup_all() in app_celgenuserevent.c.
The caller of unload_module() has already called it.
* Removed redundant channel module references in pbx_dundi.c. The
registered dialplan function callback dispatchers for the read/read2/write
callbacks already reference the module before calling.
* pbx_dundi: Moved unregistering CLI commands, DUNDi switch, and dialplan
functions to the first thing the unload_module() does. This will reduce
the chance of new channels using DUNDi services while the module is being
torn down.
........
Merged revisions 376657 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376658 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Thu, 22 Nov 2012 23:58:08 +0000 (23:58 +0000)]
Re-initialize logmsgs mutex upon logger initialization to prevent lock errors
Similar to the patch that moved the fork earlier in the startup sequence to
prevent mutex errors in the recursive mutex surrounding the read/write thread
registration lock, this patch re-initializes the logmsgs mutex. Part of the
start up sequence before forking the process into the background includes
reading asterisk.conf; this has to occur prior to the call to daemon in order
to read startup parameters. When reading in a conf file, log statements can
be generated. Since this can't be avoided, the mutex instead is
re-initialized to ensure a reset of any thread tracking information.
This patch also includes some additional debugging to catch errors when
locking or unlocking the recursive mutex that surrounds locks when the
DEBUG_THREADS build option is enabled. DO_CRASH or THREAD_CRASH will
cause an abort() if a mutex error is detected.
Alec L Davis [Tue, 20 Nov 2012 17:37:28 +0000 (17:37 +0000)]
Reduce CLI spam of "Extension Changed" device state messages.
Asterisk 11 follows RFC3265 that states that after every subscribe or resubscribe a notify should be sent.
Thus the console if filled continuously with the following after every subscribe;
== Extension Changed 8512[phones] new state IDLE for Notify User cisco1
In Asterisk 1.8 only changes would be sent. Thus only when a device state changed was anything emitted to the console.
fix:
Only print to console when device state isn't forced.
Matthew Jordan [Sun, 18 Nov 2012 20:22:14 +0000 (20:22 +0000)]
Reorder startup sequence to prevent lockups when process is sent to background
Although it is very rare and timing dependent, the potential exists for the
call to 'daemon' to cause what appears to be a deadlock in Asterisk during
startup. This can occur when a recursive mutex is obtained prior to the
daemon call executing. Since daemon uses fork to send the process into the
background, any threading primitives are unsafe to re-use after the call.
Implementations of pthread recursive mutexes are highly likely to store the
thread identifier of the thread that previously obtained the mutex. If
the mutex was locked prior to the fork, a subsequent unlock operation will
potentially fail as the thread identifier is no longer valid. Since the
mutex is still locked, all subsequent attempts to grab the mutex by other
threads will block.
This behavior exhibited itself most often when DEBUG_THREADS was enabled, as
this compile time option surrounds the mutexes in Asterisk with another
recursive mutex that protects the storage of thread related information. This
made it much more likely that a recursive mutex would be obtained prior to
daemon and unlocked after the call.
This patch does the following:
a) It backports a patch from Asterisk 11 that prevents the spawning of the
localtime monitoring thread. This thread is now spawned after Asterisk has
fully booted.
b) It re-orders the startup sequence to call daemon earlier during Asterisk
startup. This limits the potential of threading primitives being accessed
by initialization calls before daemon is called.
c) It removes calls to ast_verbose/ast_log/etc. prior to daemon being called.
Developers should send error messages directly to stderr prior to daemon,
as calls to ast_log may access recursive mutexes that store thread related
information.
d) It reorganizes when thread local storage is created for storing lock
information during the creation of threads. Prior to this patch, the
read/write lock protecting the list of threads in ast_register_thread would
utilize the lock in the thread local storage prior to it being initialized;
this patch prevents that.
On a very related note, this patch will *greatly* improve the stability of the
Asterisk Test Suite.
Matthew Jordan [Sun, 18 Nov 2012 14:27:20 +0000 (14:27 +0000)]
Add a test event that reports changes in ConfBridge state
This patch adds a test event to ConfBridge that reports transitions between
states in ConfBridge. This is used by tests in the Asterisk Test Suite
that verify state changes based on the entering/leaving of conference
participants.
........
Merged revisions 376414 from http://svn.asterisk.org/svn/asterisk/branches/10
Jonathan Rose [Fri, 16 Nov 2012 19:59:45 +0000 (19:59 +0000)]
monitor: prevent attempts to move/remove recordings skipped with 'i' and 'o'.
The i and o options for monitor skip the input and output sides of a recording
respectively. This patch addresses a problem in those options when monitor is
called without specifying a specific filename where monitor will try to move
the recording that was skipped. Since this usually doesn't exist when these
options are used, it would produce a warning when it does this in most cases,
but it is conceivable that there are use cases where this could result in
moving/removing a file unintentionally.
(closes issue ASTERISK-20641)
Reported by: Jonathan Rose
Review: https://reviewboard.asterisk.org/r/2190/
........
Merged revisions 376389 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376390 from http://svn.asterisk.org/svn/asterisk/branches/10
projects / thirdparty / asterisk.git / log
