Mark Michelson [Mon, 14 May 2012 19:27:58 +0000 (19:27 +0000)]
Fix broken reinvite glare scenario.
To make a long story short, reinvite glares were broken
because Asterisk would invert the To and From headers
when ACKing a 491 response.
The reason was because the initreq of the dialog was being
changed to the incoming glared reinvite instead of being
set to the outgoing glared reinvite. This change has three
parts
* In handle_incoming, we never will reject an ACK because it
has a to-tag present, even if we think the request may be out
of dialog.
* In handle_request_invite, we do not change the initreq when
receiving a reinvite to which we will respond with a 491.
* In handle_request_invite, several superflous settings up
pendinginvite have been removed since this is dones automatically
by transmit_response_reliable
Russell Bryant [Sat, 12 May 2012 00:03:42 +0000 (00:03 +0000)]
format_mp3: Fix a possible crash in mp3_read().
This patch fixes a potential crash in mp3_read() by not assuming that
dbuf has enough data to finish filling up the output buffer. The patch
also makes sure that the dbuf state gets reset after we know we read
everything out of it already.
In passing, this patch includes some other cleanups of this module,
including stripping trailing whitespace, formatting fixes based on
coding guidelines, and removing a number of unused members from the
private state struct.
(closes issue ASTERISK-19761)
Reported by: Chris Maciejewsk
Tested by: Chris Maciejewsk
........
Merged revisions 366296 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 366297 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Thu, 10 May 2012 21:29:41 +0000 (21:29 +0000)]
Run predial routine on local;2 channel where you would expect.
Before this patch, the predial routine executes on the ;1 channel of a
local channel pair. Executing predial on the ;1 channel of a local
channel pair is of limited utility. Any channel variables set by the
predial routine executing on the ;1 channel will not be available when the
local channel executes dialplan on the ;2 channel.
* Create ast_pre_call() and an associated pre_call() technology callback
to handle running the predial routine. If a channel technology does not
provide the callback, the predial routine is simply run on the channel.
Kinsey Moore [Thu, 10 May 2012 20:56:09 +0000 (20:56 +0000)]
Resolve FORWARD_NULL static analysis warnings
This resolves core findings from ASTERISK-19650 numbers 0-2, 6, 7, 9-11, 14-20,
22-24, 28, 30-32, 34-36, 42-56, 82-84, 87, 89-90, 93-102, 104, 105, 109-111,
and 115. Finding numbers 26, 33, and 29 were already resolved. Those skipped
were either extended/deprecated or in areas of code that shouldn't be
disturbed.
(Closes issue ASTERISK-19650)
........
Merged revisions 366167 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 366168 from http://svn.asterisk.org/svn/asterisk/branches/10
Jonathan Rose [Wed, 9 May 2012 19:28:47 +0000 (19:28 +0000)]
Block on frameout if the hardware has enough samples to complete a frame.
Fixes some problems with skipping audio in elaborate scenarios involving
multiple codecs by making codec_dahdi operate in a more synchronous
fashion similar to codec_g729. This change also fixes the use of file
conversion tools from Asterisk's CLI. This change may cause the thread
responsible for transcoding audio to block briefly (Shaun Ruffell describes
this as 'several milliseconds') while waiting for the hardware transcoder.
Mark Michelson [Wed, 9 May 2012 16:36:10 +0000 (16:36 +0000)]
Prevent sip_pvt refleak when an ast_channel outlasts its corresponding sip_pvt.
chan_sip was coded under the assumption that a SIP dialog with an owner channel
will always be destroyed after the owner channel has been hung up.
However, there are situations where the SIP dialog can time out and auto destruct
before the corresponding channel has hung up. A typical example of this would be
if the 'h' extension in the dialplan takes a long time to complete. In such cases,
__sip_autodestruct() would complain about the dialog being auto destroyed with
an owner channel still in place. The problem is that even once the owner channel
was hung up, the sip_pvt would still be linked in its ao2_container because nothing
would ever unlink it.
The fix for this is that if __sip_autodestruct() is called for a sip_pvt that still
has an owner channel in place, the destruction is rescheduled for 10 seconds in the
future. This will continue until the owner channel is finally hung up.
(closes issue ASTERISK-19425)
reported by David Cunningham
Patches:
ASTERISK-19425.patch uploaded by Mark Michelson (License #5049)
(closes issue ASTERISK-19455)
reported by Dean Vesvuio
Tested by Dean Vesvuio
........
Merged revisions 365896 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365898 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 9 May 2012 01:59:14 +0000 (01:59 +0000)]
Put winning FollowMe outgoing call on hold if the caller put it on hold.
The FollowMe caller call leg is usually answered and listening to MOH.
The caller could put the call on hold while FollowMe is looking for a
winner. The winning outgoing call is now immediately placed on hold if
the caller has put the call on hold before the winning call was selected.
Sean Bright [Tue, 8 May 2012 21:46:21 +0000 (21:46 +0000)]
Add interrupt ('I') command to ExternalIVR.
Sending the 'I' command from an external process will cause the current playlist
to be cleared, including stopping any audio file that is currently playing. This
is useful when you want to interrupt audio playback only when specific DTMF is
entered by the caller.
Richard Mudgett [Tue, 8 May 2012 18:16:04 +0000 (18:16 +0000)]
* Fix accept/decline DTMF buffer overwrite in FollowMe.
* Made use MAX_YN_STRING define to make all accept/decline DTMF buffers
the same size. Just using 20 isn't good enough when someone didn't get
the memo.
* Fix stupid use of a global variable in FollowMe. (ynlongest)
* Fix bit field declarations in FollowMe.
........
Merged revisions 365631 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365632 from http://svn.asterisk.org/svn/asterisk/branches/10
Mark Michelson [Tue, 8 May 2012 15:57:14 +0000 (15:57 +0000)]
Send more accurate identification information in dialog-info SIP NOTIFYs.
This uses the calling channel's caller ID and connected line information
to populate the remote and local identities in the dialog-info NOTIFY when
an extension is ringing.
There is a bit of an oddity here, and that is that we seed the remote target
with the To header of the outbound call rather than the from header. This
is because it was reported that seeding with the from header caused hints
to be broken with certain SNOM devices. A comment has been added to the code
to explain this.
(closes issue ASTERISK-16735)
reported by Maciej Krajewski
patches:
local_remote_hint2.diff uploaded by Mark Michelson (license #5049)
16735_tweak1.diff uploaded by Mark Michelson (license #5049)
Tested by Niccolo Belli
........
Merged revisions 365574 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365575 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 7 May 2012 18:42:48 +0000 (18:42 +0000)]
Support VoiceMail d() option when extension does not exist in channel's context
The VoiceMail d([c]) option is documented to accept digits for a new extension
in context <c>, if played during the greeting. This option works fine if the
extension being redirected to has an extension with the same initial digit in
the channel's current context. If that digit did not happen to exist in some
extension, a dialplan match would fail and the user would not be redirected.
This patch fixes it such that if the <c> option is used, the extensions are
matched in that context as opposed to the caller's original context.
Kinsey Moore [Fri, 4 May 2012 22:17:38 +0000 (22:17 +0000)]
Fix many issues from the NULL_RETURNS Coverity report
Most of the changes here are trivial NULL checks. There are a couple
optimizations to remove the need to check for NULL and outboundproxy parsing
in chan_sip.c was rewritten to avoid use of strtok. Additionally, a bug was
found and fixed with the parsing of outboundproxy when "outboundproxy=," was
set.
(Closes issue ASTERISK-19654)
........
Merged revisions 365398 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365399 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Fri, 4 May 2012 17:38:39 +0000 (17:38 +0000)]
Fix local channel chains optimizing themselves out of a call.
* Made chan_local.c:check_bridge() check the return value of
ast_channel_masquerade(). In long chains of local channels, the
masquerade occasionally fails to get setup because there is another
masquerade already setup on an adjacent local channel in the chain.
* Made the outgoing local channel (the ;2 channel) flush one voice or
video frame per optimization attempt.
* Made sure that the outgoing local channel also does not have any frames
in its queue before the masquerade.
* Made do the masquerade immediately to minimize the chance that the
outgoing channel queue does not get any new frames added and thus
unconditionally flushed.
* Made block indication -1 (Stop tones) event when the local channel is
going to optimize itself out. When the call is answered, a chain of local
channels pass down a -1 indication for each bridge. This blizzard of -1
events really slows down the optimization process.
(closes issue ASTERISK-16711)
Reported by: Alec Davis
Tested by: rmudgett, Alec Davis
Review: https://reviewboard.asterisk.org/r/1894/
........
Merged revisions 365313 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365320 from http://svn.asterisk.org/svn/asterisk/branches/10
Mark Michelson [Fri, 4 May 2012 15:52:30 +0000 (15:52 +0000)]
Fix core FINDING 2, FINDING 3, and FINDING 4 from Coverity's CONSTANT_EXPRESSION_RESULT report.
These three all are in RTP code that attempts to print the number of sequence number cycles
in an RTCP RR report. The code was masking out the upper 16 bits and then shifting the number
right by 16 bits. This led to an all zero result in all cases. The fix is to do the shift without
the bit masking.
(issue ASTERISK-19649)
........
Merged revisions 365298 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 365299 from http://svn.asterisk.org/svn/asterisk/branches/10
The security events framework API was changed in Asterisk 10 but the unit tests
were not updated at the same time.
This patch does the following:
* Adds two more security events that were added to the API
* Add challenge, received_challenge and received_hash in the inval_password
security event unit test
(Closes issue ASTERISK-19760)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
issue-asterisk-19760-trunk.diff uploaded by Michael L. Young (license 5026)
Fix a CEL LINKEDID_END race and local channel linkedids
This patch has the ;2 channel inherit the linkedid of the ;1 channel and fixes
the race condition by no longer scanning the channel list for "other" channels
with the same linkedid. Instead, cel.c has an ao2 container of linkedid strings
and uses the refcount of the string as a counter of how many channels with the
linkedid exist. Not only does this eliminate the race condition, but it also
allows us to look up the linkedid by the hashed key instead of traversing the
entire channel list.
Don't leak a ref if out of memory and can't link the linkedid
If the ao2_link fails, we are most likely out of memory and bad things
are going to happen. Before those bad things happen, make sure to clean
up the linkedid references.
This patch also adds a comment explaining why linkedid can't be passed
to both local channel allocations and combines two ao2_ref calls into 1.
The security events framework API was changed in Asterisk 10 but the unit tests
were not updated at the same time.
This patch does the following:
* Adds two more security events that were added to the API
* Add challenge, received_challenge and received_hash in the inval_password
security event unit test
(issue ASTERISK-19760)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
issue-asterisk-19760-branch10.diff uploaded by Michael L. Young (license 5026)
Matthew Jordan [Wed, 2 May 2012 02:51:02 +0000 (02:51 +0000)]
Only log a failure to get read/write samples from factories if it didn't happen
In audiohook_read_frame_both, anytime samples are obtained from the read/write
factories a debug statement is logged stating that samples were not obtained
from the factories. This statement used to only occur if option_debug was
turned on and no samples were obtained; in some refactoring when the
option_debug statement was removed, the "else" clause was removed as well.
This patch makes it so that those debug log statements only occur if the
condition leading up to them actually happened.
........
Merged revisions 364965 from http://svn.asterisk.org/svn/asterisk/branches/10
Mark Michelson [Tue, 1 May 2012 23:23:44 +0000 (23:23 +0000)]
Remove a function that has been marked unused since Asterisk 1.6.0.
The reason I'm removing this is that Coverity reported a STRAY_SEMICOLON
issue here. Since the function has been unused for so long, I just elected
to remove it altogether.
Mark Michelson [Tue, 1 May 2012 23:11:22 +0000 (23:11 +0000)]
Fix Coverity-reported ARRAY_VS_SINGLETON error.
As it turned out, this wasn't a huge deal. We were calling
ast_app_parse_options() for a set of options of which none
took arguments. The proper thing to do for this case is to
pass NULL for the "args" parameter here. We were instead passing
a seemingly-randomly chosen char * from the function. While this
would never get written to, you can rest assured things would
have gotten bad had new options (which took arguments) been added
to func_volume.
(closes issue ASTERISK-19656)
........
Merged revisions 364899 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364900 from http://svn.asterisk.org/svn/asterisk/branches/10
Kinsey Moore [Tue, 1 May 2012 19:10:48 +0000 (19:10 +0000)]
Play conf-placeintoconf message to the correct channel
Correct the code in app_confbridge to play the conf-placeintoconf message to
the marked user entering the bridge instead of to the conference while the
marked user hears silence.
(closes issue ASTERISK-19641) Reported-by: Mark A Walters
........
Merged revisions 364786 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364787 from http://svn.asterisk.org/svn/asterisk/branches/10
Mark Michelson [Mon, 30 Apr 2012 19:51:55 +0000 (19:51 +0000)]
Revert revision 360862.
Revision 360862 was intended to improve identities sent in dialog-info
NOTIFY requests. Some users reported that hint became broken once this
was done. It's not clear exactly what part of the patch has caused this
regression, but broken hints are bad.
For now, this revision is being reverted so that the next releases of
Asterisk do not have bad behavior in them. The original reported issue
will have to be fixed differently in the next version of Asterisk.
(issue ASTERISK-16735)
........
Merged revisions 364706 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364707 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Sun, 29 Apr 2012 19:50:57 +0000 (19:50 +0000)]
Fix error that caused truncate operations to fail
Another very inappropriate placement of a ')' (again introduced in r362151)
caused the various truncate operations to attempt to truncate the sound file
at a position of '0'.
Michael L. Young [Sun, 29 Apr 2012 02:23:22 +0000 (02:23 +0000)]
Fix configuring custom sound_leader_has_left in confbridge.conf
The configuration option to specify a custom sound_leader_has_left file for a
conference bridge was not being parsed. This patch fixes it so that a custom
sound file will now be used.
(closes issue ASTERISK-19771)
Reported by: Pawel Kuzak
Tested by: Pawel Kuzak, Michael L. Young
Patches: leaderhasleft_sound.dpatch uploaded by Pawel Kuzak (license 6380)
If enabled using the keepalive option in sip.conf a small packet will be sent
at a regular interval to keep the NAT mapping open. This is lightweight as the
remote side does not need to parse and handle a SIP message.
Russell Bryant [Sat, 28 Apr 2012 01:10:35 +0000 (01:10 +0000)]
app_minivm: Fix a couple compiler warnings.
The warnings were about argv[0] being used uninitialized, which is correct.
Just remove setting username to this value, since username is set again before
it actually gets used.
Russell Bryant [Sat, 28 Apr 2012 00:58:54 +0000 (00:58 +0000)]
features: Add FEATURE() and FEATUREMAP() functions.
Add two new dialplan functions: FEATURE() and FEATUREMAP(). FEATURE()
lets you set some of the configuration options from the [general] section
of features.conf on a per-channel basis. FEATUREMAP() lets you customize
the key sequence used to activate built-in features, such as blindxfer,
and automon. See the built-in documentation for details.
Fix ast_parse_arg numeric type range checking and add tests
ast_parse_arg wasn't checking for strto* parse errors or limiting
the results by the actual range of the numeric types. This patch fixes
that and adds unit tests as well.
Matthew Jordan [Fri, 27 Apr 2012 19:30:59 +0000 (19:30 +0000)]
Prevent overflow in calculation in ast_tvdiff_ms on 32-bit machines
The method ast_tvdiff_ms attempts to calculate the difference, in milliseconds,
between two timeval structs, and return the difference in a 64-bit integer.
Unfortunately, it assumes that the long tv_sec/tv_usec members in the timeval
struct are large enough to hold the calculated values before it returns. On
64-bit machines, this might be the case, as a long may be 64-bits. On 32-bit
machines, however, a long may be less (32-bits), in which case, the calculation
can overflow.
This overflow caused significant problems in MixMonitor, which uses the method
to determine if an audio factory, which has not presented audio to an audiohook,
is merely late in providing said audio or will never provide audio. In an
overflow situation, the audiohook would incorrectly determine that an audio
factory that will never provide audio is merely late instead. This led to
situations where a MixMonitor never recorded any audio. Note that this happened
most frequently when that MixMonitor was started by the ConfBridge application
itself, or when the MixMonitor was attached to a Local channel.
(issue ASTERISK-19497)
Reported by: Ben Klang
Tested by: Ben Klang
Patches:
32-bit-time-overflow-10-2012-04-26.diff (license #6283) by mjordan
(closes issue ASTERISK-19727)
Reported by: Mark Murawski
Tested by: Michael L. Young
Patches:
32-bit-time-overflow-2012-04-27.diff (license #6283) by mjordan)
Kinsey Moore [Fri, 27 Apr 2012 18:59:36 +0000 (18:59 +0000)]
Allow SIP pvts involved in Replaces transfers to fall out of reference sooner
Unref the SIP pvt stored in the refer structure as soon as it is no longer
needed so that the pvt and associated file descriptors can be freed sooner.
This change makes a reference decrement unnecessary in code that handles SIP
BYE/Also transfers which should not touch the reference anyway.
(Closes issue ASTERISK-19579)
Reported by: Maciej Krajewski
Tested by: Maciej Krajewski
........
Merged revisions 364258 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 364259 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Fri, 27 Apr 2012 14:45:08 +0000 (14:45 +0000)]
Allow for reloading SRTP crypto keys within the same SIP dialog
As a continuation of the patch in r356604, which allowed for the
reloading of SRTP keys in re-INVITE transfer scenarios, this patch
addresses the more common case where a new key is requested within
the context of a current SIP dialog. This can occur, for example, when
certain phones request a SIP hold.
Previously, once a dialog was associated with an SRTP object, any
subsequent attempt to process crypto keys in any SDP offer - either
the current one or a new offer in a new SIP request - were ignored. This
patch changes this behavior to only ignore subsequent crypto keys within
the current SDP offer, but allows future SDP offers to change the keys.
(issue ASTERISK-19253)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
Stefan Schmidt [Fri, 27 Apr 2012 12:58:03 +0000 (12:58 +0000)]
fix a wrong behavior of alarm timezones in caldav and icalendar when an alarm doesnt use utc. This change uses the same timezone from the start time.
........
Merged revisions 364163 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Thu, 26 Apr 2012 20:35:41 +0000 (20:35 +0000)]
Fix DTMF atxfer running h exten after the wrong bridge ends.
When party B does an attended transfer of party A to party C, the
attending bridge between party B and C should not be running an h exten
when the bridge ends. Running an h exten now sets a softhangup flag to
ensure that an AGI will run in dead AGI mode.
* Set the AST_FLAG_BRIDGE_HANGUP_DONT on the party B channel for the
attending bridge between party B and C.
The reference held for SIP blind transfers using the Replaces header in an
INVITE was never freed on success and also failed to be freed in some error
conditions. This caused a file descriptor leak since the RTP structures in use
at the time of the transfer were never freed. This reference leak and another
relating to subscriptions in the same code path have now been corrected.
(closes issue ASTERISK-19579)
........
Merged revisions 363986 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363987 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 25 Apr 2012 20:51:58 +0000 (20:51 +0000)]
Make DAHDISendCallreroutingFacility wait 5 seconds for a reply before disconnecting the call.
Some switches may not handle the call-deflection/call-rerouting message if
the call is disconnected too soon after being sent. Asteisk was not
waiting for any reply before disconnecting the call.
* Added a 5 second delay before disconnecting the call to wait for a
potential response if the peer does not disconnect first.
(closes issue ASTERISK-19708)
Reported by: mehdi Shirazi
Patches:
jira_asterisk_19708_v1.8.patch (license #5621) patch uploaded by rmudgett
Tested by: rmudgett
........
Merged revisions 363730 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363734 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 25 Apr 2012 19:55:12 +0000 (19:55 +0000)]
Clear ISDN channel resetting state if the peer continues to use it.
Some ISDN switches occasionally fail to send a RESTART ACKNOWLEDGE in
response to a RESTART request.
* Made the second SETUP received after sending a RESTART request clear the
channel resetting state as if the peer had sent the expected RESTART
ACKNOWLEDGE before continuing to process the SETUP. The peer may not be
sending the expected RESTART ACKNOWLEDGE.
Richard Mudgett [Wed, 25 Apr 2012 01:26:44 +0000 (01:26 +0000)]
Fix recalled party B feature flags for a failed DTMF atxfer.
1) B calls A with Dial option T
2) B DTMF atxfer to C
3) B hangs up
4) C does not answer
5) B is called back
6) B answers
7) B cannot initiate transfers anymore
* Add dial features datastore to recalled party B channel that is a copy
of the original party B channel's dial features datastore.
* Extracted add_features_datastore() from add_features_datastores().
* Renamed struct ast_dial_features features_caller and features_callee
members to my_features and peer_features respectively. These better names
eliminate the need for some explanatory comments.
* Simplified code accessing the struct ast_dial_features datastore.
Jonathan Rose [Mon, 23 Apr 2012 14:48:22 +0000 (14:48 +0000)]
AST-2012-004: Fix an error that allows AMI users to run shell commands sans authorization.
As detailed in the advisory, AMI users without write authorization for SYSTEM class AMI
actions were able to run system commands by going through other AMI commands which did
not require that authorization. Specifically, GetVar and Status allowed users to do this
by setting their variable/s options to the SHELL or EVAL functions.
Also, within 1.8, 10, and trunk there was a similar flaw with the Originate action that
allowed users with originate permission to run MixMonitor and supply a shell command
in the Data argument. That flaw is fixed in those versions of this patch.
(closes issue ASTERISK-17465)
Reported By: David Woolley
Patches:
162_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
18_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
10_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
........
Merged revisions 363117 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363141 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363156 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 23 Apr 2012 14:10:19 +0000 (14:10 +0000)]
AST-2012-006: Fix crash in UPDATE handling when no channel owner exists
If Asterisk receives a SIP UPDATE request after a call has been terminated and
the channel has been destroyed but before the SIP dialog has been destroyed, a
condition exists where a connected line update would be attempted on a
non-existing channel. This would cause Asterisk to crash. The patch resolves
this by first ensuring that the SIP dialog has an owning channel before
attempting a connected line update. If an UPDATE request is received and no
channel is associated with the dialog, a 481 response is sent.
(closes issue ASTERISK-19770)
Reported by: Thomas Arimont
Tested by: Matt Jordan
Patches:
ASTERISK-19278-2012-04-16.diff uploaded by Matt Jordan (license 6283)
........
Merged revisions 363106 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363107 from http://svn.asterisk.org/svn/asterisk/branches/10
Matthew Jordan [Mon, 23 Apr 2012 13:53:24 +0000 (13:53 +0000)]
AST-2012-005: Fix remotely exploitable heap overflow in keypad button handling
When handling a keypad button message event, the received digit is placed into
a fixed length buffer that acts as a queue. When a new message event is
received, the length of that buffer is not checked before placing the new digit
on the end of the queue. The situation exists where sufficient keypad button
message events would occur that would cause the buffer to be overrun. This
patch explicitly checks that there is sufficient room in the buffer before
appending a new digit.
(closes issue ASTERISK-19592)
Reported by: Russell Bryant
........
Merged revisions 363100 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363102 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363103 from http://svn.asterisk.org/svn/asterisk/branches/10
Russell Bryant [Sat, 21 Apr 2012 11:40:42 +0000 (11:40 +0000)]
res_corosync: reimplement "corosync show members" command.
Reimplement the "corosync show members" CLI command using a CPG iterator
instead of the cpg_membership_get API call. This will also show all
CPG members, including those in groups other than 'asterisk', which may
be useful at some point for debugging purposes.
Richard Mudgett [Fri, 20 Apr 2012 23:29:56 +0000 (23:29 +0000)]
Fix connected-line/redirecting interception gosubs executing more than intended.
* Redo ast_app_run_sub()/ast_app_exec_sub() to use a known return point so
execution will stop after the routine returns there.
(s@gosub_virtual_context:1)
* Create ast_app_exec_macro() and ast_app_exec_sub() to run the macro and
gosub application respectively with the parameter string already created.
Michael L. Young [Fri, 20 Apr 2012 16:50:38 +0000 (16:50 +0000)]
Add missing payload type to events API
The Security Events Framework API was changed while adding the generation of
security events in chan_sip. A payload type and name was missed from being
added to struct ie_maps.
(closes issue ASTERISK-19759)
Reported by: Michael L. Young
Patches:
issue-asterisk-19759.diff uploaded by Michael L. Young (license 5026)
........
Merged revisions 362918 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Fri, 20 Apr 2012 16:23:01 +0000 (16:23 +0000)]
Use ast_channel_lock_both() where it was inlined before.
The CHANNEL_DEADLOCK_AVOIDANCE() feature of preserving where the channel
lock was originally obtained is overkill where ast_channel_lock_both() was
inlined.
Terry Wilson [Fri, 20 Apr 2012 14:50:42 +0000 (14:50 +0000)]
Document Speech* apps hangup on failure and suggest TryExec
The Speech API apps return -1 on failure, which will hang up the channel. This
may not be desirable behavior for some, but it isn't something that can be
changed without breaking people's dialplans or writing an option to all of the
Speech apps that does what TryExec already does. This patch documents the
hangup behavior of the apps, and suggests TryExec as the solution.
(closes issue AST-813)
........
Merged revisions 362815 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362816 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Fri, 20 Apr 2012 00:57:13 +0000 (00:57 +0000)]
Add original party id and reason support.
ISDN ETSI PTP and Q.SIG (And SS7 in future) have support for reporting who
was the original redirecting party of a call.
* Added support for the original redirecting party and reason to the
REDIRECTING function and the system core as well as to the stubbed
locations in sig_pri.c.
projects / thirdparty / asterisk.git / log
