George Joseph [Mon, 16 May 2016 20:29:38 +0000 (14:29 -0600)]
res_pjsip_outbound_registration: Clean up state when registration is deleted
Nothing was cleaning up the registration state object when ast_sorcery_delete
was called on a registration. So, the registration was deleted from sorcery
but the state object went right on refreshing the registration (or failing
to refresh the registration) with the peer.
* Added a 'deleted' observer on registration that removes the state object.
George Joseph [Mon, 16 May 2016 00:05:34 +0000 (18:05 -0600)]
res_pjsip: Set TCP_NODELAY on TCP transports
Although it's perfectly legal to place multiple SIP messages in the same packet,
it can cause problems because the Linux default is to enable Path MTU Discovery
which sets the Don't Fragment bit on the packets. If adding a second message to
the packet causes the MTU to be exceeded, and the destination isn't equipped to
send a FRAGMENTATION NEEDED response to a large packet, the packet will just be
dropped.
We can't specifically tell the stack to send only 1 message per packet, but we
can turn on TCP_NODELAY when we create the transport. This will at least tell
the stack to send packets as soon as possible.
ASTERISK-26005 #close Reported-by: Ross Beer
Change-Id: I820f23227183f2416ca5e393bec510e8fe1c8fbd
Matt Jordan [Thu, 12 May 2016 01:17:15 +0000 (20:17 -0500)]
res_hep: Provide an option to pick the UUID type
At one point in time, it seemed like a good idea to use the Asterisk
channel name as the HEP correlation UUID. In particular, it felt like
this would be a useful identifier to tie PJSIP messages and RTCP
messages together, along with whatever other data we may eventually send
to Homer. This also had the benefit of keeping the correlation UUID
channel technology agnostic.
In practice, it isn't as useful as hoped, for two reasons:
1) The first INVITE request received doesn't have a channel. As a
result, there is always an 'odd message out', leading it to be
potentially uncorrelated in Homer.
2) Other systems sending capture packets (Kamailio) use the SIP Call-ID.
This causes RTCP information to be uncorrelated to the SIP message
traffic seen by those capture nodes.
In order to support both (in case someone is trying to use res_hep_rtcp
with a non-PJSIP channel), this patch adds a new option, uuid_type, with
two valid values - 'call-id' and 'channel'. The uuid_type option is used
by a module to determine the preferred UUID type. When available, that
source of a correlation UUID is used; when not, the more readily available
source is used.
For res_hep_pjsip:
- uuid_type = call-id: the module uses the SIP Call-ID header value
- uuid_type = channel: the module uses the channel name if available,
falling back to SIP Call-ID if not
For res_hep_rtcp:
- uuid_type = call-id: the module uses the SIP Call-ID header if the
channel type is PJSIP and we have a channel,
falling back to the Stasis event provided
channel name if not
- uuid_type = channel: the module uses the channel name
Tzafrir Cohen [Tue, 10 May 2016 08:08:33 +0000 (11:08 +0300)]
basic-cfg: asterisk.conf: debug level 5 spams
Don't suggest users to use debug level 5, which spews (usually
non-useful) debug information. Reduce the suggestion to (an
arbitrarily-selected) level 2.
Tzafrir Cohen [Tue, 10 May 2016 08:10:55 +0000 (11:10 +0300)]
basic-cfg: asterisk.conf: don't set languages
* No need to set language in a miniml configuration. 'en' will do just
fine.
* It would be useful to have an example of setting it to a different
language.
* Setting the documentation language explicitly is likewise not
required. Setting it to a different value is not common. At least
until there is a set of translated documentation.
Tzafrir Cohen [Tue, 10 May 2016 13:17:29 +0000 (16:17 +0300)]
followme: delete the right recorded name file
FollowMe with the option a records the name of the caller and plays it
to the callee. However it has failed to clean up that recorded file
as it tried to delete the file name without the '.sln' extension.
Mark Michelson [Thu, 12 May 2016 19:36:25 +0000 (14:36 -0500)]
Use doubles instead of floats for conversions when comparing strings.
In 13.9.0, there was an issue where PJSIP contacts added to an AOR would
be deleted at seemingly random times.
One reason this was happening was because of an operation to retrieve
the contacts whose expiration time was less than or equal to the current
time. When retrieving existing contacts, the contact's expiration time
and the current time were converted from a string to a float, and those
two floats were compared.
On some systems, including mine, this conversion was horribly off. For
instance, I could regularly see the string "1463079214" get converted
into 1463079168.000000. When switching from using a float to using a
double, the conversion was as expected.
Why was the conversion to float off? My best guess is that the
conversion to float was attempting to store the entire value in the 23
bit significand of the IEEE-754 floating point number. In particular, if
you take only the 23 most significant bits of 1463079214, you get the
messed up 1463079168 that we were seeing in the conversion. It likely
was possible to get a more precise value by composing the number using
an exponent, but the conversion did not work that way. With a double,
you have a 52 bit significand, allowing the entire value to fit there,
and thereby allowing an accurate conversion.
Sebastian Damm [Tue, 10 May 2016 15:19:48 +0000 (17:19 +0200)]
res_pjsip_outbound_registration: generate correct Contact URI for TLS
There are two types of SIP URIs indicating a secure transport:
* sips:user@example.org
* sip:user@example.org;transport=tls
When using a sips URI, Asterisk checks incoming INVITEs and answers from
the other side for sips URIs, and rejects the packet if there are only
sip URIs. So Asterisk should only generate a sips Contact URI if the
other side supports it.
This patch makes Asterisk generate either a sip or sips Contact URI
depending on the format of the server URI.
If you want a sip URI, use:
server_uri=sip:example.org\;transport=tls
If you want a sips URI, use:
server_uri=sips:example.org
ASTERISK-25990 #close Reported-by: Sebastian Damm
Change-Id: I5ae57d6531ce940b5fc64d5cd2673e60db0f9ba2
Matt Jordan [Wed, 11 May 2016 19:07:17 +0000 (14:07 -0500)]
configure: Fix errors with AST_UNDEFINED_SANITIZER/AST_LEAK_SANITIZER
When running on a system that does not support or use AST_UNDEFINED_SANITIZER
or AST_LEAK_SANITIZER, the configure script would incorrectly set those
constants to a blank value, e.g., 'AST_UNDEFINED_SANITIZER='. This would
cause menuselect to error out, complaining that a blank value is not a
valid option. This patch corrects the issue by setting the value to 0 if
the options that those constants enable/disable is not found.
Kevin Harwell [Thu, 5 May 2016 16:37:37 +0000 (11:37 -0500)]
res_pjsip_authenticator_digest: Don't use source port in nonce verification
From the issue reporter:
"res_pjsip_outbound_authenticator_digest builds a nonce that is a hash of
the timestamp, the source address, the source port, a server UUID that is
calculated at startup, and the authentication realm.
Rather than caching nonces that we create, we instead attempt to re-calculate
the nonce when receiving an incoming request with authentication. We then
compare the re-calculated nonce to the incoming nonce, and if they don't match,
then authentication has failed early.
The problem is that it is possible, especially when using TCP, to receive two
requests from the same endpoint but have differing source ports for those
requests. Asterisk itself commonly will use different source ports for
outbound TCP requests."
This patch removes the source port dependency when building the nonce.
George Joseph [Sat, 7 May 2016 19:39:25 +0000 (13:39 -0600)]
config_transport: Tell pjproject to allow all SSL/TLS protocols
The default tls settings for pjproject only allow TLS 1, TLS 1.1 and TLS 1.2.
SSL is not allowed. So, even if you specify "sslv3" for a transport method,
it's silently ignored and one of the TLS protocols is used. This was a new
behavior of pjsip_tls_setting_default() in 2.4 (when tls.proto was added) that
we never caught.
Now we need to set tls.proto = 0 after we call pjsip_tls_setting_default().
This tells pjproject to set the socket protocol to match the method.
Jaco Kroon [Wed, 4 May 2016 07:40:55 +0000 (09:40 +0200)]
app_confbridge: Add a regcontext option for confbridge bridge profiles.
This patch allows for having app_confbridge register the name of the
conference as an extension into a specific context, similar to
regcontext for chan_sip. This variant is not quite as involved as the
one in chan_sip and doesn't allow for multiple contexts or custom
extensions, you can only specify the context and the conference name
will always be used as the extension to register.
George Joseph [Mon, 9 May 2016 01:19:50 +0000 (19:19 -0600)]
pjproject_bundled: Check for python-dev and TEST_FRAMEWORK
The pjsua and pjsystest apps are now built only if TEST_FRAMEWORK is set.
The python bindings are now built only if TEST_FRAMEWORK is set and a
python development package is installed.
The res_pjsip_authenticator_digest, res_pjsip_endpoint_identifier_*
and res_pjsip_registrar modules should load ASAP
to avoid "No matching endpoint found" for legitimate endpoint.
stasis_endpoints: Add new Status and Headers to ContactStatus
ASTERISK-25903 added a new headers to AMI Event ContactStatusDetail.
ASTERISK-25904 added a new Status to AMI Event ContactStatusDetail.
These additions should be also in stasis_endpoints
to include in command "manager show event ContactStatus"
Joshua Colp [Thu, 5 May 2016 10:07:50 +0000 (07:07 -0300)]
file: Ensure nativeformats remains valid for lifetime of use.
It is possible for the nativeformats of a channel to change
throughout its lifetime. As a result a user of it needs to either
ensure the channel is locked when accessing the formats or keep
a reference to the nativeformats themselves.
This change fixes the file playback support so it keeps a
reference to the nativeformats when accessing things.
This patch modified pjsip_options to retrieve only
permament contacts for aor if the qualify_frequency is > 0
and persisted contacts if the qualify_frequency is > 0.
This patch also fixed a bug in res_sorcery_astdb.
res_sorcery_astdb doesn't save object data retrived from astdb.
With the old SIP module AMI sends PeerStatus event on every
successfully REGISTER requests, ie, on start registration,
update registration and stop registration.
With PJSIP AMI sends ContactStatus only when status is changed.
Regarding registration:
on start registration - Created
on stop registration - Removed
but on update registration nothing
res_fax/t38_gateway: Peer V.21 session is created on wrong channel
The channel and peer V.21 sessions are created on the same channel now.
The peer V.21 session should be created only on peer channel
when one of channel can handle T.38.
Also this patch enable debug for T.38 gateway session
if global fax debug enabled.
George Joseph [Sat, 30 Apr 2016 22:52:47 +0000 (16:52 -0600)]
pjproject_bundled: Various fixes discovered during testing of OSes
For all OSes:
* Disabled third-party codecs in pjproject and added
'--disable-speex-codec --disable-speex-aec --disable-gsm-codec' to the
configure options since we don't use the pjsip codec capability.
FreeBSD:
* Added FreeBSD support to install_prereq.
* Changed pjproject/configure.m4 to use $GNU_MAKE instead of hardcoding "make".
* Added __progname and environ to asterisk.exports.in.
* Reverted the use of ldconfig to create shared library symlinks to ln.
* Only enable epoll in pjproject if `uname -s` is Linux.
* Added a patch to pjproject to take the name of the 'make' command from
an environment variable if supplied. This is needed for the python bindings.
(merged by Teluu into pjproject trunk 5/3/2016)
FreeBSD support isn't complete. Still some general issues regarding
make/gmake having nothing to do with pjproject. With some handholding it DOES
build successfully.
CentOS:
Added 'patch' and 'bzip2' to install_prereq PACKAGES_RH.
CentOS 6/7 32/64 build and run the pjsip testsuite successfully.
Ubuntu:
No changes required.
Ubuntu 15/16 32/64 build and run the pjsip testsuite successfully.
Debian:
No changes required.
Debian 6/7/8 32/64 build and run the pjsip testsuite successfully.
There will utimately be a follow-up patch to create an install_prereq for
the testsuite as I've discovered a few missing requirements.
Andrew Nagy [Thu, 17 Mar 2016 19:29:38 +0000 (12:29 -0700)]
app_voicemail: always copy dynamic struct to avoid race condition
Voicemail email addresses can be corrupt or voicemail
emails can end up being sent to the wrong email address if asterisk is
reading voicemail.conf during a reload and processing an email at the
same time. This patch always copies the struct that would otherwise only
be copied once.
ASTERISK-24463 #close
Reported by: John Campbell
Tested by: Etienne Lessard
Tested by: Andrew Nagy
Change-Id: I3a0643813116da84e2617291903d0d489b7425fb
If the Asterisk system name is set in asterisk.conf, it will be stored
into the "reg_server" field in the ps_contacts table to facilitate
multi-server setups.
When pjsip_parse_uri is called with PJSIP_UNESCAPE_IN_PLACE enabled,
the input uri string will become corrupted if it contains escape sequences.
It's not possible to automatically strdup or strdupa the input string because
the output uri pj_str_t's will have pointers to chunks of the input string.
Getting around this would require more memory management code and wouldn't
be worth the savings of doing the unescape in place.
George Joseph [Tue, 8 Mar 2016 00:34:31 +0000 (17:34 -0700)]
res_pjsip: Add ability to identify by Authorization username
A feature of chan_sip that service providers relied upon was the ability to
identify by the Authorization username. This is most often used when customers
have a PBX that needs to register rather than identify by IP address. From my
own experiance, this is pretty common with small businesses who otherwise
don't need a static IP.
In this scenario, a register from the customer's PBX may succeed because From
will usually contain the PBXs account id but an INVITE will contain the caller
id. With nothing recognizable in From, the service provider's Asterisk can
never match to an endpoint and the INVITE just stays unauthorized.
The fixes:
A new value "auth_username" has been added to endpoint/identify_by that
will use the username and digest fields in the Authorization header
instead of username and domain in the the From header to match an endpoint,
or the To header to match an aor. This code as added to
res_pjsip_endpoint_identifier_user rather than creating a new module.
Although identify_by was always a comma-separated list, there was only
1 choice so order wasn't preserved. So to keep the order, a vector was added
to the end of ast_sip_endpoint. This is only used by res_pjsip_registrar
to find the aor. The res_pjsip_endpoint_identifier_* modules are called in
globals/endpoint_identifier_order.
Along the way, the logic in res_pjsip_registrar was corrected to match
most-specific to least-specific as res_pjsip_endpoint_identifier_user does.
The order is:
username@domain
username@domain_alias
username
Auth by username does present 1 problem however, the first INVITE won't have
an Authorization header so the distributor, not finding a match on anything,
sends a securty_alert. It still sends a 401 with a challenge so the next
INVITE will have the Authorization header and presumably succeed. As a result
though, that first security alert is actually a false alarm.
To address this, a new feature has been added to pjsip_distributor that keeps
track of unidentified requests and only sends the security alert if a
configurable number of unidentified requests come from the same IP in a
configurable amout of time. Those configuration options have been added to
the global config object. This feature is only used when auth_username
is enabled.
Finally, default_realm was added to the globals object to replace the hard
coded "asterisk" used when an endpoint is not yet identified.
The testsuite tests all pass but new tests are forthcoming for this new
feature.
ASTERISK-25835 #close Reported-by: Ross Beer
Change-Id: I30ba62d208e6f63439600916fcd1c08a365ed69d
Mark Michelson [Wed, 27 Apr 2016 18:23:37 +0000 (13:23 -0500)]
func_odbc: Check connection status before executing queries.
A recent change to func_odbc made it so that a single connection was
maintained per DSN. The problem was that the code was optimistic about
the health of the connection after initially opening it and did nothing
to re-connect in case the connection had died.
This change adds a check before executing a query to ensure that the
connection to the database is still up and running.
res_pjsip: disable multi domain to improve realtime performace
This patch added new global pjsip option 'disable_multi_domain'.
Disabling Multi Domain can improve Realtime performance by reducing
number of database requests.
chan_sip: Give more time for TCP/TLS threads to stop.
The unload process currently tells each TCP/TLS to terminate but
does not wait for them to do so. This introduces a race condition
where the container holding the threads may be destroyed before
the threads are able to remove themselves from it. When they
finally do the container is invalid and can't be used causing a
crash.
A previous change existed which waited a bit to wait for any
stranglers to finish. This change extends this and waits longer.
When unloading the app_queue module the members in each queue are
destroyed and as part of this they are removed from the pending
members container. Unfortunately a crash would occur as the container
was destroyed before the members were removed.
This change tweaks ordering so the container destruction occurs
after the members are destroyed.
Merge changes from topic 'system_stress_patches' into 13
* changes:
test_message.c: Wait longer in case dialplan also processes the test message.
Manager: Short circuit AMI message processing.
manager.c: Eliminate most RAII_VAR usage.
manager_channels.c: Fix allocation failure crash.
George Joseph [Mon, 25 Apr 2016 03:51:16 +0000 (21:51 -0600)]
config: Fix ast_config_text_file_save2 writability check for missing files
A patch I did back in 2014 modified ast_config_text_file_save2 to check the
writability of the main file and include files before truncating and re-writing
them. An unintended side-effect of this was that if a file doesn't exist,
the check fails and the write is aborted.
This patch causes ast_config_text_file_save2 to check the writability of the
parent directory of missing files instead of checking the file itself. This
allows missing files to be created again. A unit test was also added to
test_config to test saving of config files.
The regression was discovered when app_voicemail's passwordlocation=spooldir
feature stopped working.
ASTERISK-25917 #close Reported-by: Jonathan Rose
Change-Id: Ic4dbe58c277a47b674679e49daed5fc6de349f80
chan_sip: Make autocreated peers send PeerStatus events
Since Stasis has been introduced, an attempt to send AMI messages by an
autocreated peer caused a crash, and all events from autocreated peers were
semi-inadvertently disabled altogether in 0b83761. This change restores the
disabled functionality.
Kevin Harwell [Thu, 21 Apr 2016 19:23:21 +0000 (14:23 -0500)]
app_queue: queue members can receive multiple calls
It was possible for a queue member that is a member of at least 2 or more
queues to receive mulitiple calls at the same time. This happened because
of a race between when a member was being rung and when the device state
notified the other queue(s) member object of the state change.
This patch makes it so when a queue member is being rung it gets added to
a global pool of queue members. If that same member is tried again, e.g.
from another queue, and it is found to already exist in the pending member
container then it will not ring that member.
George Joseph [Fri, 22 Apr 2016 22:53:23 +0000 (16:53 -0600)]
res_agi: Prevent run_agi from eating frames it shouldn't
The run_agi function is eating control frames when it shouldn't be. This is
causing issues when an AGI is run from CONNECTED_LINE_SEND_SUB in a blond
transfer.
Alice calls Bob. Bob attended transfers to Charlie but hangs up before Charlie
answers.
Alice gets the COLP UPDATE indicating Charlie but Charlie never gets an UPDATE
and is left thinking he's connected to Bob.
In this case, when CONNECTED_LINE_SEND_SUB runs on Alice's channel and it calls
an AGI, the extra eaten frames prevent CONNECTED_LINE_SEND_SUB from running on
Charlie's channel.
The fix was to accumulate deferrable frames in the "forever" loop instead of
dropping them, and re-queue them just before running the actual agi command
or exiting.
Richard Mudgett [Tue, 12 Apr 2016 20:29:52 +0000 (15:29 -0500)]
Manager: Short circuit AMI message processing.
Improve AMI message processing performance if there are no consumers
listening for the messages. We now skip creating the AMI event message
text strings.
Richard Mudgett [Wed, 13 Apr 2016 22:09:53 +0000 (17:09 -0500)]
manager_channels.c: Fix allocation failure crash.
An earlier allocation failure failed to create a channel snapshot for the
AMI HangupRequest/SoftHangupRequest event which resulted in a crash in
channel_hangup_request_cb(). Where the stasis message gets generated
cannot tell if the NULL snapshot returned was because of an allocation
failure or the channel was a dummy channel.
* Made channel_hangup_request_cb() check if the channel blob has a
snapshot and exit if it doesn't.
* Eliminated the RAII_VAR usage in channel_hangup_request_cb().
projects / thirdparty / asterisk.git / log
