Matt Jordan [Sat, 27 Jun 2015 03:02:42 +0000 (22:02 -0500)]
res/res_corosync: Always decline module load, instead of failing
Returns a 'failure' from the module load routine indicates to Asterisk
that it should abort loading completely. This is rarely - in fact,
really, never - a good option. Aborting load of Asterisk from a dynamic
module implies that the core, and the rest of the dynamic modules, don't
matter: we should abandon all processing.
res_corosync is really not that important.
This patch updates the module such that, if it fails to load, it
politely declines (emitting ERROR messages along the way), and allows
Asterisk to continue to function.
Note that this issue was keeping Asterisk unit tests from running on
certain build agents.
Richard Mudgett [Fri, 19 Jun 2015 23:27:24 +0000 (18:27 -0500)]
res_pjsip_outbound_registration.c: Add a serializer shutdown group.
The client_state objects contain a serializer used to send the outbound
REGISTER messages. Once all those message transactions are complete then
the module can shutdown.
res_pjsip_refer will attempt to add Referred-By or Replaces headers to
outbound INVITEs at times. If the INVITE gets challenged for
authentication, then we will resend the INVITE. Prior to this patch, the
Referred-By or Replaces header would be re-added to the outbound INVITE,
resulting in duplicated headers.
Mark Michelson [Tue, 23 Jun 2015 22:43:31 +0000 (17:43 -0500)]
res_pjsip_nat: Rewrite route set when required.
When performing some provider testing, the rewrite_contact option was
interfering with proper construction of a route set when sending an ACK
after receiving a 200 OK response to an INVITE.
The initial INVITE was sent to address sip:foo. The 200 OK had a Contact
header with URI sip:bar. In addition, the 200 OK had Record-Route
headers for sip:baz and sip:foo, in that order. Since the Record-Route
headers had the lr parameter, the result should have been:
* Set R-URI of the ACK to sip:bar.
* Add Route headers for sip:foo and sip:baz, in that order.
However, the rewrite_contact option resulted in our rewriting the
Contact header on the 200 OK to sip:foo. The result was:
* R-URI remained sip:foo.
* We added Route headers for sip:foo and sip:baz, in that order.
The result was that sip:bar was not indicated in the ACK at all, so the
far end never received our ACK. The call eventually dropped.
The intention of rewrite_contact is to rewrite the most immediate
destination of our SIP request to be the same address on which we
received a request or response. In the case of processing a SIP response
with Record-Route headers, this means that instead of rewriting the
Contact header, we should instead rewrite the bottom-most Record-Route
header. In the case of processing a SIP request with Record-Route
headers, this means we rewrite the top-most Record-route header.
Like when we rewrite the Contact header, we also ensure to update
the dialog's route set if it exists.
* handle_client_state_destruction() must always be passed a ref to
client_state because it will always unref client_state.
handle_registration_response() was not passing a client_state ref.
* Made the final un-REGISTER message get sent normally using the pjproject
register control structure in handle_client_state_destruction(). The
previous code attempted to short circuit the response handling for the
module to unload. That doesn't work for a couple reasons. One,
pjsip_regc_send() may call the registered callback before it returns and
unbalance the client_state ref count. Two, the registered callback
handles any authentication for the un-REGISTER message.
* Made the distinction between internal registration state and external
registration status with sip_outbound_registration_status_str(). This is
necessary to avoid altering documented AMI messages with internal
changes.
* Removed references to client_state->client outside of the serializer
thread. When handle_client_state_destruction() destroys the pjproject
register control structure that memory is freed and cannot be referenced
anymore. These accesses were to provide information for debug and
off-nominal warning messages.
* In sip_outbound_registration_timer_cb() you should not access entry->id
after unrefing client_state because the passed in entry is normally
pointing to the timer entry in the client_state object.
Richard Mudgett [Mon, 15 Jun 2015 20:28:41 +0000 (15:28 -0500)]
res_pjsip_outbound_registration.c: Use ast_sorcery_object_unregister() API
The sorcery pjsip 'registration' config object needs to be destroyed on
module unload. Otherwise, a reload of res_pjsip could try to use
callbacks for a previously unloaded instance of the module provided by
ast_sorcery_object_register() or one of the variants. Also, if
res_pjsip_outbound_registration were subsequently reloaded, the sorcery
config field objects would be registered in sorcery twice.
Richard Mudgett [Mon, 15 Jun 2015 20:28:00 +0000 (15:28 -0500)]
sorcery: Add ast_sorcery_object_unregister() API call.
Find and unlink the specified sorcery object type to complement
ast_sorcery_object_register(). Without this function you cannot
completely unload individual modules that use sorcery for configuration.
Richard Mudgett [Mon, 15 Jun 2015 18:38:58 +0000 (13:38 -0500)]
res_pjsip_outbound_registration.c: Reorder load_module() and unload_module().
It is best if the loading code creates and initializes the module's
infrastructure before letting the system know of its existence. The
unloading code needs to reverse the actions of the loading code and in the
reverse order.
Richard Mudgett [Wed, 24 Jun 2015 19:39:01 +0000 (14:39 -0500)]
Unit tests: Fix unit test description strings.
Analyzing the code shows that the unit test summary and description
strings should not end with a new-line character. Where these strings are
used in the code a new-line is provided for output.
Joshua Colp [Tue, 23 Jun 2015 16:21:41 +0000 (13:21 -0300)]
app_dial: Hold reference to calling channel formats when dialing outbound.
Currently when requesting a channel the native formats of the
calling channel are provided to the core for usage when dialing
the outbound channel. This occurs without holding the channel lock
or keeping a reference to the formats. This is problematic as
the channel driver may end up changing the formats during this time.
In the case of chan_sip this happens when an SDP negotiation
completes.
This change makes it so app_dial keeps a reference to the native
formats of the calling channel which guarantees that they will
remain valid for the period of time needed.
Joshua Colp [Wed, 17 Jun 2015 10:04:39 +0000 (07:04 -0300)]
res_pjsip_mwi: Set up unsolicited MWI upon registration.
The res_pjsip_mwi previously required a reload to set up the proper
subscriptions to allow unsolicited MWI to work. This change
makes it so the act of registering will also cause this to occur.
This is particularly useful if realtime is involved as no reload
needs to occur within Asterisk to cause the MWI information
to get sent.
Kevin Harwell [Mon, 22 Jun 2015 20:11:18 +0000 (15:11 -0500)]
bridge.c: Hangup attended transfer target if bridged
After completing an attended transfer the transfer target channel was not being
hung up after leaving the bridge. Added an explicit softhangup to hangup said
channel, but only if it was previously bridged.
Alexander Traud [Mon, 22 Jun 2015 14:26:48 +0000 (16:26 +0200)]
chan_sip: Reload peer without its old capabilities.
On reload, previously allowed codecs were not removed. Therefore, it was not
possible to remove codecs while Asterisk was running. Furthermore, newly added
codecs got appended behind the previous codecs. Therefore, it was not possible
to add a codec with a priority of #1. This change removes the old capabilities
before the current ones are added.
ASTERISK-25182 #close
Reported by: Alexander Traud
patches:
asterisk_13_allow_codec_reload.patch uploaded by Alexander Traud (License 6520)
Joshua Colp [Sun, 21 Jun 2015 00:38:02 +0000 (21:38 -0300)]
chan_sip: Destroy peers without holding peers container lock.
Due to the use of stasis_unsubscribe_and_join in the peer destructor
it is possible for a deadlock to occur when an event callback is
occurring at the same time.
This happens because the peer may be destroyed while holding the
peers container lock. If this occurs the event callback will never
be able to acquire the container lock and the unsubscribe will
never complete.
This change makes it so the peers that have been removed from the
peers container are not destroyed with the container lock held.
Mark Michelson [Thu, 18 Jun 2015 18:16:29 +0000 (13:16 -0500)]
Resolve race conditions involving Stasis bridges.
This resolves two observed race conditions.
First, a bit of background on what the Stasis application does:
1a Creates a stasis_app_control structure. This structure is linked into
a global container and can be looked up using a channel's unique ID.
2a Puts the channel in an event loop. The event loop can exit either
because the stasis_app_control structure has been marked done, or
because of some other factor, such as a hangup. In the event loop, the
stasis_app_control determines if any specific ARI commands need to be
run on the channel and will run them from this thread.
3a Checks if the channel is bridged. If the channel is bridged, then
ast_bridge_depart() is called since channels that are added to Stasis
bridges are always imparted as departable.
4a Unlink the stasis_app_control from the container.
When an ARI command is received by Asterisk, the following occurs
1b A thread is spawned to handle the HTTP request
2b The stasis_app_control(s) that corresponds to the channel(s) in the
request is/are retrieved. If the stasis_app_control cannot be
retrieved, then it is assumed that the channel in question has exited
the Stasis app or perhaps was never in Stasis in the first place.
3b A command is queued onto the stasis_app_control, and the channel's
event loop thread is signaled to run the command.
4b While most ARI commands do nothing further, some, such as adding or
removing channels from a bridge, will block until the command they
issued has been completed by the channel's event loop.
The first race condition that is solved by this patch involves a crash
that can occur due to faulty detection of the channel's bridged status
in step 3a. What can happen is that in step 2a, the event loop may run
the ast_bridge_impart() function to asynchronously place the channel
into a bridge, then immediately exit the event loop because the channel
has hung up. In step 3a, we would detect that the channel was not
bridged and would not call ast_bridge_depart(). The reason that the
channel did not appear to be bridged was that the depart_thread that is
spawned by ast_bridge_impart() had not yet started. That is the thread
where the channel is marked as being bridged. Since we did not call
ast_bridge_depart(), the Stasis application would exit, and then the
channel would be destroyed Then the depart_thread would start up and
try to manipulate the destroyed channel, causing a crash.
The fix for this is to switch from using ast_channel_is_bridged() to
checking the NULLity of ast_channel_internal_bridge_channel() to
determine if ast_bridge_depart() needs to be called. The channel's
internal bridge_channel is set when ast_bridge_impart() is called and
is NULLed by the call to ast_bridge_depart(). If the channel's internal
bridge_channel is non-NULL, then the channel must have been imparted
into the bridge and needs to be departed, even if the actual bridging
operation has not yet started. By departing the channel when necessary,
the thread that is running the Stasis application will block until the
bridge gives the okay that the depart_thread has exited.
The second race condition that is solved by this patch involves a leak
of HTTP handler threads. The problem was that step 2b would successfully
retrieve a stasis_app_control structure. Then step 2a would exit the
channel from the event loop due to a hangup. Steps 3a and 4a would
execute, and then finally steps 3b and 4b would. The problem is that at
step 4b, when attempting to add a channel to a bridge, the thread would
block forever since the channel would never execute the queued command
since it was finished with the event loop. This meant that the HTTP
handling thread would be leaked, along with any references that thread
may have owned (in my case, I was seeing bridges leaked).
The fix for this is to hone in better on when the channel has exited the
event loop. The stasis_app_control structure has an is_done field that
is now set at each point where the channel may exit the event loop. If
step 2b retrieves a valid stasis_app_control structure but the control
is marked as done, then the attempted operation exits immediately since
there will be nothing to service the attempted command.
Mark Michelson [Tue, 16 Jun 2015 16:13:20 +0000 (11:13 -0500)]
Parking: Add documentation for AMI ParkedCallSwap event.
This event was added some time ago in order to clarify when a channel
took the place of another channel in a parking lot. However, there was
no XML documentation added for the event. This patch adds the XML
documentation.
Kevin Harwell [Fri, 12 Jun 2015 21:58:27 +0000 (16:58 -0500)]
res_pjsip: Add option to force G.726 to be treated as AAL2 packed.
Some phones send g.726 audio packed for AAL2, which differs from what is
recommended by RFC 3351. If Asterisk receives audio formatted as such when
negotiating g.726 then it sounds a bit distorted. Added an option to
res_pjsip_endpoint that allows g.726 negotiated audio to be treated as g.726
AAL2 packed.
mjordan [Mon, 15 Jun 2015 00:48:26 +0000 (19:48 -0500)]
main/cdr: Carry over the disable flag when 'disable all' is specified
The CDR_PROP function (as well as the NoCDR application) set the
'disable all' flag (AST_CDR_FLAG_DISABLE_ALL) on the current CDR. This
flag is supposed to be applied to all CDRs that are currently in the
chain, as well as all CDRs that may be created in the future. Currently,
however, the flag is only applied to the existing CDRs in the chain; new
CDRs do not receive the 'disable all' flag. In particular, this affects
parallel dials, which generate new CDRs for each pair of channels in
the dial attempt.
This patch carries over the 'disable all' flag when it is specified on a
CDR and a new CDR is generated for the chain.
Matt Jordan [Fri, 12 Jun 2015 19:28:47 +0000 (14:28 -0500)]
main/cdr: Copy context/exten on chained CDRs for parallel dials in subroutines
When a parallel dial occurs, a new CDR will be created for each dial
attempt that is made. In most circumstances, the act of creating each
CDR in the chain will include a step that updates the Party A snapshot,
which causes the context/extension of the Party A to be copied onto the
CDR object.
However, when the Party A is in a subroutine, we explicitly do *not*
copy the context/extension onto the CDR. This prevents the Macro or
GoSub routine name from blowing away the context/extension that the
channel was originally executing in. For the original CDR, this is not a
problem: the original CDR already recorded the last known 'good' state
of the channel just prior to it going into the subroutine. However, for
newly generated CDRs in a chain, there is no context/extension set on
them. Since we are in a subroutine, we will never set the Party A's
context/extension on the CDR, and we end up with a CDR with no
destination recorded on it.
This patch updates the creation of a chained CDR such that it copies
over the original CDR's context/extension. This is the last known "good"
state of the CDR, and is a reasonable starting point for the newly
generated CDR. In the case where we are not in a subroutine, subsequent
code will update the location of the CDR from the Party A information;
in the case where we are in a subroutine, the context/extension on the
original CDR is the correct information.
Damian Ivereigh [Thu, 11 Jun 2015 13:18:48 +0000 (23:18 +1000)]
chan_sip.c: Update dialog fromtag after request with auth
If a client sends and INVITE which is 401 rejected, then subsequently
sends a new INVITE with the auth info and uses a different fromtag
from the first INVITE, Asterisk will accept the new INVITE as part of
the original dialog - match_req_to_dialog() specifically ignores the
fromtag. However it does not update the stored dialog with the new
fromtag.
This results in Asterisk being unable to match future packets that are
part of this dialog (such as the ACK to the OK or the OK to the BYE),
and the call is dropped.
This problem was originally found when using an NEC-i SV8100-GE (NEC SIP
Card).
* After a successful match of a packet to the dialog, if the packet is
not a SIP_RESPONSE, authentication is present and the fromtags are
different, the stored fromtag is updated with the one from the recent
INVITE.
Matt Jordan [Thu, 11 Jun 2015 23:52:09 +0000 (18:52 -0500)]
chan_pjsip: Set the context and extension on the channel when created
Prior to this patch, chan_pjsip was failing to pass the endpoint's
context and the desired extension to the ast_channel_alloc_* routine.
This caused a new channel snapshot to be issued without a context and
extension, which can cause some reporting issues for users of AMI, CEL,
and other APIs. The channel driver would later set the context and
extension on the channel such that the channel would start in the
correct location in the dialplan, but the information reported in the
initial event would be incorrect.
This patch modifies the channel driver such that it now passes the
context and extension directly into the allocation routine. This
provides the information in the new channel snapshot published over
Stasis.
Joshua Colp [Wed, 10 Jun 2015 23:28:26 +0000 (20:28 -0300)]
bridge: When performing a blonde transfer update connected line information.
When performing a blonde transfer the code uses the old masquerade
mechanism to move a channel around. As a result of this certain information,
such as connected line, is moved between the channels involved. Upon
completion of the move a frame is queued which is supposed to update the
connected line information on the channel. This does not occur as the
code considers it a redundant update since the masquerade operation
updated the channel (but did not inform it of the new connected line
information). The code also does not queue a connected line update
to be handled by the thread handling the channel. Without this any
other channel that may be loosely involved does not know it is
talking to a different caller.
This change does the following to resolve this:
1. The indicated connected line information is cleared upon
completion of the masquerade operation when doing a blonde transfer.
This prevents the connected line update from being considered
redundant.
2. A connected line update frame is now queued upon the completion
of the masquerade operation so any other channel loosely involved
knows that there is a different caller.
Richard Mudgett [Thu, 11 Jun 2015 19:39:45 +0000 (14:39 -0500)]
app_directory: Fix crash when using the alias option 'a'.
The voicemail.conf mailbox key/value pair is defined as:
<mailbox>=[<password>[,<full-name>[,<email>[,<pager>[,<options>]]]]]
Where all fields in the value including the field values are optional.
Since the parsing code for the mailbox key/value pair is sloppy, this
patch tightens the parsing for the directory information.
* Renamed the 'pos' and 'bufptr' variables to 'name' and 'options'
respectively in search_directory_sub(). Those names make more sense.
* Made sure that search_directory_sub() is dealing with the voicemail.conf
mailbox options field if it even exists when looking for the 'hidefromdir'
and 'alias' options.
* Fix crash if a voicemail.conf mailbox is just
<mailbox>=<password>,<name> when the 'a' option is used. If there were no
fields after the name then the 'options' pointer was not checked for NULL.
* Fix users.conf alias processing if the 'a' option is used. The wrong
variable was used.
chan_iax2: Prevent deadlock between hangup and sending lagrq/ping
channels/chan_iax.c: Prevent the deadlock between iax2_hangup and send_lagrq/
send_ping. This deadlock happens because the scheduled task send_lagrq(or
send_ping) starts execution after the call hangup procedure starts but before
it deletes the tasks in the scheduler.
The solution is to delete scheduled lagrq (and ping) task asynchronously
(i.e. schedule AST_SCHED_DEL for these tasks); By this, AST_SCHED_DEL will
be called in a new context (doesn't have callno locked).
This commit also cleans up the procedure of sending LAGRQ and PING.
main/sched.c: Do not assert when deleting non existant entry from scheduler.
This assert seems to be the reason for a lot of awkward code to avoid it.
This patch fixes use-after-free bugs caught by AddressSanitizer.
1. PJSIP transport manager may decide to destroy transport on its own.
For example, when the contact registered via websocket has not renewed
its registration in time. The transport was destoyed, but the websocket
listener thread was still active until the socket closes, and then tried
to call transport_shutdown on transport that has been freed.
Also, the transport destructor accessed wstransport->rdata.tp_info.pool
right after freeing memory that contained wstransport itself.
This patch converts transport to an ao2 object, allowing it to be
refcounted, so that it is available until both websocket listener and
pjsip transport manager are finished with it.
2. The websocket listener deletes the last reference on websocket session
when the tcp connection is closed, and it gets destroyed, but
the transport manager may still use it, for example when disconnect
happens in the middle of a SIP transaction.
A new reference to websocket session has been added that is released
with the transport to prevent this.
Corey Farrell [Mon, 8 Jun 2015 15:09:22 +0000 (11:09 -0400)]
Fix unsafe uses of ast_context pointers.
Although ast_context_find, ast_context_find_or_create and
ast_context_destroy perform locking of the contexts table,
any context pointer can become invalid at any time that the
contexts table is unlocked. This change adds locking around
all complete operations involving these functions.
Places where ast_context_find was followed by ast_context_destroy
have been replaced with calls ast_context_destroy_by_name.
Mark Michelson [Wed, 3 Jun 2015 22:41:23 +0000 (17:41 -0500)]
res_pjsip: Prevent access of NULL channels.
It is possible to receive incoming requests or responses after the channel
on an ast_sip_session has been destroyed and NULLed out. Handlers of these
sorts of requests or responses need to be prepared for the possibility
that the channel is NULL or else they could cause a crash.
While several places have been amended to deal with NULL channels, there
were still a couple of places that needed updating.
res_pjsip_dtmf_info.c: When handling incoming INFO requests, we need to
return early if there is no channel on the session.
res_pjsip_session.c: When handling a 302 response, we need to stop the
redirecting attempt if there is no channel on the session.
Kevin Harwell [Mon, 1 Jun 2015 16:45:30 +0000 (11:45 -0500)]
AMI: Escape string values.
So this issue is a bit complicated. Since it is possible to pass values to AMI
that contain a '\r\n' (or other similar sequences) these values need to be
escaped. One way to solve this is to escape the values and then pass the escaped
values to the AMI variable parameter string building function. However, this
puts the onus on the pre-build function to escape all string values. This
potentially requires a fair amount of changes along with a lot of string
allocations/freeing for all values.
Surely there is a way to push this complexity down a level into the string
building function itself? This of course is possible, but ends up requiring a
way to distinguish between strings that need to be escaped and those that don't.
The best way to handle this is by introducing a new format specifier in the
format string. For instance a %s (no escape) and %S (escape). However, that is
a bit weird and unexpected.
So faced with those possibilities this patch implements a limited version of the
first option. Instead of attempting to escape all string values this patch only
escapes those values that make sense. This approach limits the number of changes
and doesn't suffer from the odd format specifier problem.
George Joseph [Wed, 3 Jun 2015 18:17:58 +0000 (12:17 -0600)]
res_pjsip/location: Fix ref leak in contact_apply_handler
contact_apply_handler calls ast_res_pjsip_find_or_create_contact_status
to force the creation of a contact_status object whenever a new
contact is added but it didn't unref the returned object.
David M. Lee [Tue, 2 Jun 2015 20:07:08 +0000 (15:07 -0500)]
Fixes for OS X
* Add some type casting so tv_usec can really be a long, instead of
some strange platform specific type.
* Add some .dylib style files to .gitignore.
* Switch from using -Xlinker to -Wl,. For [reasons unknown][], newer
versions of GCC, when compiling the Homebrew formula for Asterisk,
are not properly passing the -Xlinker options to the linker. Given
that -Wl, does exactly the [same thing][], and does it properly, this
patch changes the -Xlinker options to use -Wl, instead.
Corey Farrell [Sun, 31 May 2015 01:22:00 +0000 (21:22 -0400)]
pjsip_configuration: Fix leak in persistent_endpoint_update_state.
The loop to find the first available contact of an endpoint grabbed
contact from the iterator, then checked for offline state. This
caused the first contact after the state was found to leak a reference.
George Joseph [Wed, 27 May 2015 18:22:39 +0000 (12:22 -0600)]
endpoint/stasis: Eliminate duplicate events on endpoint status change
When an endpoint was created, it's messages were being forwarded to
both the tech endpoint topic and the all endpoints topic. Since
the tech topic was also forwarded to all, this was resulting in
duplicate messages whenever an endpoint published. This patch
causes the endpoint to only forward to the tech topic and lets
the tech topic forward to all.
To accomplish this, the existing stasis_cp_single_create function
(which both creates and forwards) was cloned and split into 2
functions, one that creates the topic and one that sets up the
forwarding. This allows endpoint_internal_create to create
the topic from the endpoint_all cache without forwarding it there,
then allows it to do the forward to the tech's topic.
ASTERISK-25137 #close Reported-by: Vitezslav Novy
ASTERISK-25116 #close Reported-by: George Joseph <george.joseph@fairview5.com> Tested-by: George Joseph <george.joseph@fairview5.com>
Change-Id: I26d7d4926a0861748fd3bdffe316b75b549a801c
Richard Mudgett [Tue, 26 May 2015 18:56:42 +0000 (13:56 -0500)]
res_pjsip_session: Fix in-dialog authentication.
When the remote peer requires authentication for in-dialog requests then
re-INVITEs to the peer cause the call to be disconnected and other
in-dialog requests to the peer like MESSAGE just don't go through.
* Made session_inv_on_tsx_state_changed() handle in-dialog authentication
for re-INVITEs and other methods. Initial INVITEs cannot be handled here
because the INVITE transaction must be restarted earlier.
* Pulled needed code from res/res_pjsip/pjsip_outbound_auth.c in
preparation for removing the file. The generic outbound authentication
code did not work as well as anticipated.
* Created outbound_invite_auth() to only handle initial outbound INVITEs.
Re-INVITEs cannot be handled here. The re-INVITE transaction is still in
progress and the PJSIP library cannot handle the overlapping INVITE
transactions. Other method types should not be handled here as this code
only works on outgoing calls and we need to handle incoming and outgoing
calls.
ASTERISK-25131 #close
Reported by: Richard Mudgett
George Joseph [Thu, 21 May 2015 22:21:01 +0000 (16:21 -0600)]
res_pjsip: Add AMI events for chan_pjsip contact lifecycle changes
Add a new ContactStatus AMI event.
Publish the following status/state changes:
Created
Removed
Reachable
Unreachable
Unknown
Contact URI, new status/state, aor and endpoint names, and the
last qualify rtt result are included in the event.
ASTERISK-25114 #close
Change-Id: Id25aae5f7122facba183273efb3e8f36c20fb61e Reported-by: George Joseph <george.joseph@fairview5.com> Tested-by: George Joseph <george.joseph@fairview5.com>
The code in astobj2_hash.c wrongly assumed that abs(int) is always > 0.
However, abs(INT_MIN) = INT_MIN and is still negative, as well as
abs(INT_MIN) % num_buckets, and as a result this led to a crash.
One way to trigger the bug is using host=::80 or 0.0.0.128 in peer
configuration section in chan_sip or chan_iax.
This patch takes the remainder before applying abs, so that bucket
number is always in range.
Ivan Poddubny [Sat, 23 May 2015 09:36:18 +0000 (12:36 +0300)]
res_pjsip_transport_websocket: Fix crash on receiving large SIP packets
Incoming SIP packets larger than PJSIP_MAX_PKT_LEN were themselves
truncated before passing to pjsip_tpmgr_receive_packet, but the length
was passed unaltered, thus causing memory corruption and segfault.
Corey Farrell [Sat, 23 May 2015 02:50:43 +0000 (22:50 -0400)]
Stasis: Fix unsafe use of stasis_unsubscribe in modules.
Many uses of stasis_unsubscribe in modules can be reached through unload.
These have been switched to stasis_unsubscribe_and_join.
Some subscription callbacks do nothing, for these I've created a noop
callback function in stasis.c. This is used by some modules that monitor
MWI topics in order to enable cache, since the callback does not become
invalid after dlclose it is safe to use stasis_unsubscribe on these, even
during module unload.
Matt Jordan [Fri, 22 May 2015 17:22:39 +0000 (12:22 -0500)]
res/res_pjsip_pubsub: Note that 'dialog' is also a valid event type for RLS
In addition to specifying lists of 'presence' and 'message-summary',
users can also create lists of type 'dialog'. These should be treated in
the same fashion as 'presence'.
When a SUBSCRIBE request is made to a dialplan hint that doesn't exist,
the current NOTICE message informing users of this swaps the context and
extension parameters. This can cause a bit of confusion.
Thanks to CptBurger in #asterisk for helping to point this out.
Matt Jordan [Mon, 18 May 2015 01:36:41 +0000 (20:36 -0500)]
res/ari: Register Stasis application on WebSocket attempt
Prior to this patch, when a WebSocket connection is made, ARI would not
be informed of the connection until after the WebSocket layer had
accepted the connection. This created a brief race condition where the
ARI client would be notified that it was connected, a channel would be
sent into the Stasis dialplan application, but ARI would not yet have
registered the Stasis application presented in the HTTP request that
established the WebSocket.
This patch resolves this issue by doing the following:
* When a WebSocket attempt is made, a callback is made into the ARI
application layer, which verifies and registers the apps presented in
the HTTP request. Because we do not yet have a WebSocket, we cannot
have an event session for the corresponding applications. Some
defensive checks were thus added to make the application objects
tolerant to a NULL event session.
* When a WebSocket connection is made, the registered application is
updated with the newly created event session that wraps the WebSocket
connection.
This patch refactors the transaction timeout processing to eliminate
calling the lower level public pjsip functions and reverts to calling
pjsip_endpt_send_request again. This is the result of me noticing
a possible incompatibility with pjproject-2.4 which was causing
contact status flapping.
The original version of this feature used the lower level calls to
get access to the tsx structure in order to cancel the transaction
when our own timer expires. Since we no longer have that access,
if our own timer expires before the pjsip timer, we call the callbacks
and just let the pjsip transaction take it's own course. When the
transaction ends, it discovers the callbacks have already been run
and just cleans itself up.
A few messages in pjsip_configuration were also added/cleaned up.
ASTERISK-25105 #close
Change-Id: I0810f3999cf63f3a72607bbecac36af0a957f33e Reported-by: George Joseph <george.joseph@fairview5.com> Tested-by: George Joseph <george.joseph@fairview5.com>
demon-ru [Wed, 20 May 2015 05:45:13 +0000 (08:45 +0300)]
res_pjsip_outbound_registration: Check request URI for line.
When an inbound call is received the To header is checked
for the "line" option. Some remote servers will place this
in the request URI instead. This adds an additional check for
the option in the request URI.
Corey Farrell [Thu, 21 May 2015 01:53:46 +0000 (21:53 -0400)]
Logger: Reset defaults before processing config.
Reset options to default values before reloading config. This ensures
that if a setting is removed or commented out of the configuration file
it is unset on reload.
George Joseph [Thu, 21 May 2015 00:05:20 +0000 (18:05 -0600)]
app_playback: Suppress warnings on playback if channel hung up
If a channel hangs up while an audio file is playing, there's
no need to clutter up the logs with a warning so suppress it
if ast_check_hangup returns true.
Also, change warning to debug/2 in file.c if writing a frame
fails. Same reasoning.
Change-Id: I2e66191af3c5b6e951c98e8f1c3fe3cf2cf7ed89 Reported-by: George Joseph <george.joseph@fairview5.com> Tested-by: George Joseph <george.joseph@fairview5.com>
Kevin Harwell [Thu, 14 May 2015 20:21:23 +0000 (15:21 -0500)]
audiohook.c: Difference in read/write rates caused continuous buffer resets
Currently, everytime a sample rate change occurs (on read or write) the
associated factory buffers are reset. If the requested sample rate on a
read differed from that of a write then the buffers are continually reset
on every read and write. This has the side effect of emptying the buffer,
thus there being no data to read and then write to a file in the case of
call recording.
This patch fixes it so that an audiohook_list's rate always maintains the
maximum sample rate among hooks and formats. Audiohook sample rates are
only overwritten by this value when slin native compatibility is turned on.
Also, the audiohook sample rate can only overwrite the list's sample rate
when its rate is greater than that of the list or if compatibility is
turned off. This keeps the rate from constantly switching/resetting.
projects / thirdparty / asterisk.git / log
