Richard Mudgett [Wed, 27 Jul 2016 22:17:53 +0000 (17:17 -0500)]
pbx.c: Allow dangerous functions when adding a hint to dialplan.
We can allow dangerous functions when adding a hint since altering
dialplan is itself a privileged activity. Otherwise, we could never
execute dangerous functions.
Richard Mudgett [Fri, 22 Jul 2016 03:28:25 +0000 (22:28 -0500)]
dsp.c: Fix erroneous fax tone detection.
The Goertzel calculations get less accurate the lower the signal level
being worked with becomes because there is less resolution remaining.
If it is too low we can erroneously detect a tone where none really
exists. The searched for fax frequencies not only need to be so much
stronger than the background noise they must also be a minimum strength.
* Add needed minimum threshold test to tone_detect().
* Set TONE_THRESHOLD to allow low volume frequency spread detection.
ASTERISK-26237 #close
Reported by: Richard Mudgett
Alexander Traud [Tue, 19 Jul 2016 11:30:39 +0000 (13:30 +0200)]
chan_sip: Enable Session-Timers for SIP over TCP (and TLS).
Asterisk defaults to timers=accept/refresher=uas. In that scenario, only in that
scenario, Sessions-Timers (RFC 4028) had no effect via TCP. This change enables
Session-Timers for SIP over TCP (and for SIP over TLS).
However with longer international calls via TCP, the SIP channel might break,
because all hops on the Internet route must stay online (have not a single power
outage, for example). Therefore with Session-Timers enabled (which are enabled
at default), you might see dropped calls. Consequently even with this change,
you might be better-off going for session-timers=refuse in your sip.conf.
George Joseph [Thu, 21 Jul 2016 14:05:03 +0000 (08:05 -0600)]
chan_sip: Prevent deadlock when issuing "sip show channels"
sip_show_channels locks the dialogs container first then locks each
sip_pvt so it can spit out the details. The rest of sip dialog
processing locks the sip_pvt first then locks the dialogs container
if it needs to. Both lock in the order they need but deadlocks can
result. To fix, sip_show_channels and sip_show_channelstats have
been converted to use an iterator rather than ao2_callback. This way
the container is locked only while getting the next entry and is
unlocked when the callback is called.
This adds support for tagging functions with the noreturn attribute.
If DO_CRASH is enabled then ast_do_crash never returns. If AST_DEVMODE
and DO_CRASH are enabled then failed assertions never return. This can
resolve a large number of false positives with static analyzers.
Unit tests: Use AST_TEST_DEFINE in conditional code only.
If AST_TEST_DEFINE is not conditional to TEST_FRAMEWORK it produces dead
code. This places all existing unit tests into a conditional block if
they weren't already.
Alexander Traud [Mon, 18 Jul 2016 10:13:25 +0000 (12:13 +0200)]
res_rtp_asterisk: Count a roll-over of the sequence number even on lost packets.
With this change, the initial RTP sequence number is randomly chosen not between
0 and 65535 (0xffff) but 0 and 32767 (0x7fff). This assures, the roll-over
counter (ROC) synchronization is not lost for sRTP, when the very first RTP
packets get lost; see http://srtp.sourceforge.net/faq.html#Q6
app_queue: Only remove queue member from pending when state changes.
It is possible for a not in use state change to occur multiple
times causing a queue member to be removed from the pending call
container prematurely.
The first not in use state change will remove the queue member
from the container. At this moment the member may be called and
placed in the pending container. After this another not in use
state change can be received which will remove it from the
container. Despite being called at this point the code will
incorrectly see that there are no pending calls to it.
This change only removes it from the pending container if the
state has actually changed.
ASTERISK-26133 #close
patches:
app_queue.diff submitted by Richard Miller (license 5685)
pbx: Fix leak of timezone for time based includes.
Create include_free to run ast_destroy_timing and ast_free, use that in
all places that freed an ast_include structure. This fixes a couple of
paths that previously did not run ast_destroy_timing.
Alexander Traud [Wed, 22 Jun 2016 12:29:26 +0000 (14:29 +0200)]
res_rtp_asterisk: Enable Forward Secrecy (PFS) for DTLS.
Since July 2014, TLS based protocols (SIP over TLS, Secure WebSockets, HTTPS)
support PFS thanks to ASTERISK-23905. In July 2015, the same feature was added
for DTLS. The source code from main/tcptls.c should have been re-used to ease
security audits. Therefore, this change rolls back the change from July 2015 and
re-uses the code from July 2014. This has the additional benefits to work under
CentOS 7 and enabling not just ECDHE but DHE based cipher suites as well.
ASTERISK-25659 #close
Reported by: StefanEng86, urbaniak, pay123
Tested by: sarumjanuch, traud
patches:
res_rtp_asterisk.patch submitted by sarumjanuch
dtls_centos_step_1.patch submitted by traud
dtls_centos_step_2.patch submitted by traud
Alexander Traud [Tue, 12 Jul 2016 08:50:22 +0000 (10:50 +0200)]
BuildSystem: Allow own CFLAGS on ./configure.
Before this change, make failed with the error
Unknown value '' found in build_tools/menuselect-deps for NATIVE_ARCH
when CFLAGS were supplied to the configure script. This was introduced with
<https://reviewboard.asterisk.org/r/1852/> which disabled BUILD_NATIVE when
CFLAGS were supplied. Those who need different -march= values, please, go for
./configure
make menuselect.makeopts or make menuselect
./menuselect/menuselect --disable BUILD_NATIVE
chan_sip: Handle a request to negotiate T.38 after it is enabled.
Some T.38 implementations may send another re-invite after the initial
one which adds additional negotiation details (such as the max bitrate).
Currently this will fail when passthrough is being done in chan_sip as we
do nothing if T.38 is already active.
Other handlers of T.38 inside of Asterisk (such as res_fax) handle this
scenario so this change adds support for it to chan_sip. If a request
to negotiate is received while T.38 is already enabled a new re-INVITE is
sent and negotiation is done again.
Alexander Traud [Mon, 4 Jul 2016 10:58:39 +0000 (12:58 +0200)]
BuildSystem: Avoid obsolete warning with libcurl.m4 on autoconf.
Updated the macro-set autoconf/libcurl.m4 to its latest upstream version. This
avoids a warning about an obsolete macro on AC_HELP_STRING, because Asterisk is
using AS_HELP_STRING everywhere else already.
Corey Farrell [Wed, 22 Jun 2016 20:04:54 +0000 (16:04 -0400)]
res_fax: Fix reference leak in fax_v21_session_new.
fax_v21_session_new created a session details object but only released
the allocation reference during error conditions. fax_session_new adds
it's own reference to details if needed so the caller is always
responsible for cleaning it's own reference.
George Joseph [Wed, 22 Jun 2016 15:37:23 +0000 (09:37 -0600)]
chan_unistim: Fix memcpy in get_to_address
A code block only enabled when HAVE_PKTINFO is not defined (FreeBSD)
was using a pointer to a pointer as the destination of a memcpy and a
'&' instead of '*' in the sizeof.
Alexander Traud [Tue, 21 Jun 2016 12:05:30 +0000 (14:05 +0200)]
res_rtp_asterisk: Use latest DTLS version available by underlying platform.
Do not use DTLSv1_method() but DTLS_method() when available in OpenSSL of the
underlying platform. This change enables DTLS 1.2 since OpenSSL 1.0.2, for
WebRTC (DTLS-SRTP via SIP-over-WebSockets). This change enables AEAD-based
cipher-suites.
Alexander Traud [Tue, 21 Jun 2016 13:01:40 +0000 (15:01 +0200)]
BuildSystem: Avoid obsolete warning with HELP_STRING on autoconf.
Some configure scripts used both AC_HELP_STRING and its replacement
AS_HELP_STRING. For consistency and to avoid obsolete warnings, those were
changed to AS_HELP_STRING.
Alexander Traud [Mon, 20 Jun 2016 13:05:09 +0000 (15:05 +0200)]
http: leverage 'bindaddr' for TLS in http.conf
The internal HTTP/WebSocket server supports both TCP and TLS, which can be
activated separately via the file http.conf. The source code intends to re-use
the TCP parameter 'bindaddr' for TLS, even if 'tlsbindaddr' is not specified
explicitly. This did not work because of a typo. This change resolves this typo.
Vasil Kolev [Tue, 31 May 2016 14:10:29 +0000 (17:10 +0300)]
chan_sip: bigger buffers for headers, better failure mode
Currently chan_sip can give weird messages if the contacts don't
fit in the From: or To: headers. This fix changes the from,to and
invite variables to use ast_str, allocates and deallocates them and
resizes them if needed.
Alexander Traud [Wed, 8 Jun 2016 12:20:26 +0000 (14:20 +0200)]
core: Not the configured but granted number of possible file descriptors.
With CLI "core show settings", simply the parameter maxfiles of the file
asterisk.conf was shown. If that parameter was not set, nothing was displayed
although the environment might have set a default number itself. Or if maxfiles
were not granted (completely), still maxfiles was shown. Now, the maximum number
of possible file descriptors in the environment is shown.
George Joseph [Thu, 9 Jun 2016 14:20:33 +0000 (08:20 -0600)]
build: Fix ast_sockaddr initialization to be more portable
A change to glibc 2.22 changed the order of the sockadddr_storage
members which caused the places where we do an initialization of
ast_sockaddr with '{ { 0, 0, } }' to fail compilation. Those
initializers (which we shouldn't have been using anyway) have been
replaced with memsets.
Alexander Traud [Wed, 8 Jun 2016 10:58:48 +0000 (12:58 +0200)]
astfd: Not maximum size of a single file but maximum file descriptors.
With menuselect "DEBUG_FD_LEAKS" and CLI "core show fd", the maximum size of a
single file was shown. Now, the maximum number of possible file descriptors is
shown.
Timo Teräs [Thu, 2 Jun 2016 19:53:39 +0000 (22:53 +0300)]
Fix #include poll.h and sys/cdefs.h
POSIX defines poll.h, sys/poll.h should not be used at is c-library
internal header which may or may not exist. Notable in musl it
generates warning of being incorrect. And add explict include of
sys/cdefs.h where needed.
Alexander Traud [Tue, 7 Jun 2016 07:16:02 +0000 (09:16 +0200)]
BuildSystem: Avoid 'ar cru' and use 'ar cr' instead.
In several internal library projects, the files are archived with the help of
'ar cr'. Only the projects editline and the Objective Open H.323 stack
implementation in C (ooh323c) use 'ar cru' instead. Recently, some platforms
changed the default parameters of AR which creates "/usr/bin/ar: `u' modifier
ignored since `D' is the default (see `U')". For consistency and to avoid this
message all projects use 'ar cr' now.
* Local fax starts rtp call to remote fax
* Remote fax starts t38 call back to local fax.
* Local fax sends t38 no-signal to Asterisk before sending an OK.
* udptl processes the frame and increments the expected sequence number.
* chan_sip drops the frame because the call isn't up so nothing goes out
the external interface to open the port for incoming packets.
* Local fax sends OK and Asterisk sends OK to the remote fax.
* Remote fax sends t38 packets which are dropped by the firewall.
* Local fax re-sends t38 no-signal with the same sequence number.
* udptl drops the frame because it thinks it's a dup.
* Still no outgoing packets to open the firewall.
* t38 negotiation fails.
The patch drops frames t38 received before udptl sequence processing
when the call hasn't been answered yet. The second no-signal frame
is then seen as new and is relayed out the external interface which
opens the port and allows negotiation to continue.
George Joseph [Tue, 17 May 2016 16:14:51 +0000 (10:14 -0600)]
chan_sip: Prevent extra Session-Expires headers from being added
When chan_sip does a re-INVITE to refresh a session and authentication
is required, the INVITE with the Authorization header containes a
second Session-Expires header without the ";refersher=" parameter.
This is causing some proxies to return a 400. Also, when Asterisk is
the uas and the refresher, it is including the Session-Expires and
Min-SE headers in OPTIONS messages which is not allowed per RFC4028.
This patch (based on the reporter's) Checks to see if a Session-Expires
header is already in the message before adding another one. It also
checks that the method is INVITE or UPDATE.
Tzafrir Cohen [Tue, 10 May 2016 13:17:29 +0000 (16:17 +0300)]
followme: delete the right recorded name file
FollowMe with the option a records the name of the caller and plays it
to the callee. However it has failed to clean up that recorded file
as it tried to delete the file name without the '.sln' extension.
Alexei Gradinari [Tue, 10 May 2016 14:20:54 +0000 (10:20 -0400)]
res_fax/t38_gateway: Peer V.21 session is created on wrong channel
The channel and peer V.21 sessions are created on the same channel now.
The peer V.21 session should be created only on peer channel
when one of channel can handle T.38.
Also this patch enable debug for T.38 gateway session
if global fax debug enabled.
Andrew Nagy [Thu, 17 Mar 2016 19:29:38 +0000 (12:29 -0700)]
app_voicemail: always copy dynamic struct to avoid race condition
Voicemail email addresses can be corrupt or voicemail
emails can end up being sent to the wrong email address if asterisk is
reading voicemail.conf during a reload and processing an email at the
same time. This patch always copies the struct that would otherwise only
be copied once.
ASTERISK-24463 #close
Reported by: John Campbell
Tested by: Etienne Lessard
Tested by: Andrew Nagy
Change-Id: I3a0643813116da84e2617291903d0d489b7425fb
George Joseph [Mon, 25 Apr 2016 03:51:16 +0000 (21:51 -0600)]
config: Fix ast_config_text_file_save writability check for missing files
A patch I did back in 2014 modified ast_config_text_file_save to check the
writability of the main file and include files before truncating and re-writing
them. An unintended side-effect of this was that if a file doesn't exist,
the check fails and the write is aborted.
This patch causes ast_config_text_file_save to check the writability of the
parent directory of missing files instead of checking the file itself. This
allows missing files to be created again. A unit test was also added to
test_config to test saving of config files.
The regression was discovered when app_voicemail's passwordlocation=spooldir
feature stopped working.
ASTERISK-25917 #close Reported-by: Jonathan Rose
Change-Id: Ic4dbe58c277a47b674679e49daed5fc6de349f80
Kevin Harwell [Thu, 21 Apr 2016 20:35:26 +0000 (15:35 -0500)]
app_queue: queue members can receive multiple calls
It was possible for a queue member that is a member of at least 2 or more
queues to receive mulitiple calls at the same time. This happened because
of a race between when a member was being rung and when the device state
notified the other queue(s) member object of the state change.
This patch makes it so when a queue member is being rung it gets added to
a global pool of queue members. If that same member is tried again, e.g.
from another queue, and it is found to already exist in the pending member
container then it will not ring that member.
The test_voicemail_notify_endl test checks the end-of-line
characters of an email message to confirm that they are consistent.
The test wrongfully assumed that reading from the email message
into a buffer will always result in more than 1 character being
read. This is incorrect. If only 1 character was read the test
would go outside of the buffer and access other memory causing
a crash.
The test now checks to ensure that 2 or more characters are read
in ensuring the test stays within the buffer.
app_voicemail/IMAP: IMAP access FATAL error: Out of memory
Sometimes uw-imap function 'mail_fetchbody' returns huge len
which then pass to uw-imap function 'rfc822_base64'.
uw-imap tries to allocate huge memory and abort() on fail.
This patch check the len.
If the len more than max size (128 Mbytes) log error.
This patch also set variables len, newlen to avoid uninizialezed len.
This patch also check pointer returned by rfc822_base64.
Walter Doekes [Thu, 24 Mar 2016 12:36:39 +0000 (13:36 +0100)]
musiconhold: Only warn if music class is not found in memory and database.
The log message when a MusicOnHold music class was not found was changed
from debug level to WARNING level in Asterisk 11.19 and 13.5. For those
using realtime musiconhold, this message is wrong because it warns
before checking the database.
This changeset delays the warning until after the database has been
checked.
Walter Doekes [Thu, 24 Mar 2016 10:38:16 +0000 (11:38 +0100)]
core/logging: Fix broken syslog levels on older glibc.
The fix to ASTERISK-25407 introduced the usage of LOG_MAKEPRI. However
this macro is broken in older glibc (< 2.17); it would left-shift the
facility a second time, causing the resultant priority to become
invalid.
The syslog manpage mentions nothing about LOG_MAKEPRI and suggests this:
The priority argument is formed by ORing the facility and the level
values [...].
chan_sip.c: Space after port causes unnecessary resolution attempt
check_via() already skips leading blanks where the sent-by address (with the
optional port) should be placed.
Since RFC 3261 allows for blanks between the port ant the Via parameters:
> https://tools.ietf.org/html/rfc3261#section-20.42
(actually it allows a lot of blanks more ;-)). I just switched from
ast_skip_blanks() to ast_strip() on the local copy of the string.
Gianluca Merlo [Sat, 19 Mar 2016 12:34:26 +0000 (13:34 +0100)]
config: fix flags in uint option handler
The configuration unsigned integer option handler sets flags for the
parser as if the option should be a signed integer (PARSE_INT32),
leading to errors on "out of range" values. Fix flags (PARSE_UINT32).
Gianluca Merlo [Sat, 19 Mar 2016 01:32:51 +0000 (02:32 +0100)]
func_aes: fix misuse of strlen on binary data
The encryption code for AES_ENCRYPT evaluates the length of the data to
be encoded in base64 using strlen. The data is binary, thus the length
of it can be underestimated at the first NULL character.
Reuse the write pointer offset to evaluate it, instead.
Walter Doekes [Fri, 11 Mar 2016 21:57:30 +0000 (22:57 +0100)]
app_chanspy: Fix occasional deadlock with ChanSpy and Local channels.
Channel masquerading had a conflict with autochannel locking.
When locking autochannel->channel, the channel is fetched from the
autochannel and then locked. During the fetch, the autochannel -- which
has no locks itself -- can be modified by someone who owns the channel
lock. That means that the value of autochan->channel cannot be trusted
until you hold the lock.
In practice, this caused problems with Local channels getting
masqueraded away while the ChanSpy attempted to get info from that
channel. The old channel which was about to get removed got locked, but
the new (replaced) channel got unlocked (no-op). Because the replaced
channel was now locked (and would never get unlocked), it couldn't get
removed from the channel list in a timely manner, and would now cause
deadlocks when iterating over the channel list.
This change checks the autochannel after locking the channel for changes
to the autochannel. If the channel had been changed, the lock is
reobtained on the new channel.
In theory it seems possible that after this fix, the lock attempt on the
old (wrong) channel can be on an already destroyed lock, maybe causing
a crash. But that hasn't been observed in the wild and is harder induce
than the current deadlock.
Thanks go to Filip Frank for suggesting a fix similar to this and
especially to IRC user hexanol for pointing out why this deadlock was
possible and testing this fix. And to Richard for catching my rookie
while loop mistake ;)
Richard Mudgett [Wed, 17 Feb 2016 19:30:06 +0000 (13:30 -0600)]
cel.c: Fix mismatch in ast_cel_track_event() return type.
The return type of ast_cel_track_event() is not large enough to return all
64 potential bits of the event enable mask. Fortunately, the defined CEL
events do not really need all 64 bits and the return value is only used to
determine if the requested CEL event is enabled.
* Made the ast_cel_track_event() return 0 or 1 only so the return value
can fit inside an int type instead of zero or a truncated 64 bit non-zero
value.
Corey Farrell [Sat, 21 Feb 2015 02:51:35 +0000 (02:51 +0000)]
main/asterisk.c: Reverse #if statement in listener() to fix code folding.
listener() opens the same code block in two places (#if and #else). This
confuses some folding editors causing it to think that an extra code block
was opened. Folding in 'geany' causes all code after listener() to be
folded as if it were part of that procedure.
Corey Farrell [Tue, 9 Feb 2016 20:21:05 +0000 (15:21 -0500)]
Simplify and fix conditional in FD_SET.
FD_SET contains a conditional statement to protect against buffer
overruns. The statement was overly complicated and prevented use
of the last array element of ast_fdset. We now just verify the fd
is less than ast_FDMAX.
projects / thirdparty / asterisk.git / log
