Matt Jordan [Mon, 13 Apr 2015 14:54:18 +0000 (09:54 -0500)]
build_tools/make_version: Update version parsing for Git migration
External systems - such as the Asterisk Test Suite - require knowledge of the
upstream branch. Unfortunately, after moving to Git, the Asterisk version
currently consists of only a 'GIT" prefix followed by an object blob,
e.g., GIT-as08d7. This makes it difficult for such systems to know what
features are available in a particular check out of Asterisk.
This patch fixes this by hardcoding the branch in a variable in the
make_version script. Since the mainline branches are not changed often -
typically only once a year - this is a reasonable approach to solving
the problem, and is more reliable than parsing the output of 'git branch
-vv'. Branches that track off of an upstream primary branch will then get the
benefit of knowing which mainline branch they are currently based off
of.
Matt Jordan [Sun, 12 Apr 2015 04:22:59 +0000 (23:22 -0500)]
.gitignore: Ignore tarballs (*.gz)
This patch updates the root .gitignore file to ignore files with a .gz
extension. This will cause git to ignore downloaded sound tarballs in
the the sounds/ directory.
Matthew Jordan [Sat, 11 Apr 2015 15:34:43 +0000 (15:34 +0000)]
main/event: Remove unnecessary assignment of negative value to enum
When cleaning up some clang compiler warnings, the comparison of a negative
value to an unsigned enum was removed. However, the initial assignment of a
negative value to said enum remained in the variable declaration. This patch
removes that assignment.
Thanks to ibercom in #asterisk-bugs for pointing it out.
Matthew Jordan [Sat, 11 Apr 2015 15:26:15 +0000 (15:26 +0000)]
clang compiler warnings: Fix various warnings for tests
This patch fixes a variety of clang compiler warnings for unit tests. This
includes autological comparison issues, ignored return values, and
interestingly enough, one embedded function. Fun!
Richard Mudgett [Fri, 10 Apr 2015 16:25:13 +0000 (16:25 +0000)]
translate.c: Only select audio codecs to determine the best translation choice.
Given a source capability of h264 and ulaw, a destination capability of
h264 and g722 then ast_translator_best_choice() would pick h264 as the
best choice even though h264 is a video codec and Asterisk only supports
translation of audio codecs. When the audio starts flowing, there are
warnings about a codec mismatch when the channel tries to write a frame to
the peer.
* Made ast_translator_best_choice() only select audio codecs.
* Restore a check in channel.c:set_format() lost after v1.8 to prevent
trying to set a non-audio codec.
This is an intermediate patch for a series of patches aimed at improving
translation path choices for ASTERISK-24841.
This patch is a complete enough fix for ASTERISK-21777 as the v11 version
of ast_translator_best_choice() does the same thing. However, chan_sip.c
still somehow tries to call ast_codec_choose() which then calls
ast_best_codec() with a capability set that doesn't contain any audio
formats for the incoming call. The remaining warning message seems to be
a benign transient.
Matthew Jordan [Fri, 10 Apr 2015 12:35:49 +0000 (12:35 +0000)]
channels/chan_iax2: Improve POKE expiration time calculation for lossy networks
POKE is used to check for peer availability; however, in networks with packet
loss, the current calculations may result in POKE expiration times that are too
short. This patch alters the expiration/retry time logic to take into account
the last known qualify round trip time, as opposed to always using a static
value for each peer.
Review: https://reviewboard.asterisk.org/r/4536
ASTERISK-22352 #close
Reported by: Frederic Van Espen
ASTERISK-24894 #close
Reported by: Y Ateya
patches:
poke_noanswer_duration.diff submitted by Y Ateya (License 6693)
This fixes autological comparison warnings in the following:
* chan_skinny: letohl may return a signed or unsigned value, depending on the
macro chosen
* func_curl: Provide a specific cast to CURLoption to prevent mismatch
* cel: Fix enum comparisons where the enum can never be negative
* enum: Fix comparison of return result of dn_expand, which returns a signed
int value
* event: Fix enum comparisons where the enum can never be negative
* indications: tone_data.freq1 and freq2 are unsigned, and hence can never be
negative
* presencestate: Use the actual enum value for INVALID state
* security_events: Fix enum comparisons where the enum can never be negative
* udptl: Don't bother to check if the return value from encode_length is less
than 0, as it returns an unsigned int
* translate: Since the parameters are unsigned int, don't bother checking
to see if they are negative. The cast to unsigned int would already blow
past the matrix bounds.
Matthew Jordan [Thu, 9 Apr 2015 02:03:57 +0000 (02:03 +0000)]
apps/app_queue: Prevent possible crash when evaluating queue penalty rules
Although it only occurred once, a crash occurred when a queue attempted to
evaluate a queue penalty rule that appeared to have already been destroyed.
In many locations in app_queue, a test is done to see if qe->pr is NULL;
however, when we dispose of a queue's penalty rules, we don't set the pointer
to NULL after free'ing it. This patch does that to prevent any dangling
pointers from lingering on the queue object.
Review: https://reviewboard.asterisk.org/r/4522
ASTERISK-23319 #close
Reported by: Vadim
patches:
rb4552.patch submitted by Stefan Engström (License 6691)
Jonathan Rose [Wed, 8 Apr 2015 16:11:53 +0000 (16:11 +0000)]
Security/tcptls: MitM Attack potential from certificate with NULL byte in CN.
When registering to a SIP server with TLS, Asterisk will accept CA signed
certificates with a common name that was signed for a domain other than the
one requested if it contains a null character in the common name portion of
the cert. This patch fixes that by checking that the common name length
matches the the length of the content we actually read from the common name
segment. Some certificate authorities automatically sign CA requests when
the requesting CN isn't already taken, so an attacker could potentially
register a CN with something like www.google.com\x00www.secretlyevil.net
and have their certificate signed and Asterisk would accept that certificate
as though it had been for www.google.com - this is a security fix and is
noted in AST-2015-003.
ASTERISK-24847 #close
Reported by: Maciej Szmigiero
Patches:
asterisk-null-in-cn.patch submitted by mhej (license 6085)
........
Merged revisions 434337 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Matthew Jordan [Wed, 8 Apr 2015 11:59:10 +0000 (11:59 +0000)]
chan_iax2: Fix crash caused by unprotected access to iaxs[peer->callno]
This patch fixes an access to the peer callnumber that is unprotected by a
corresponding mutex. The peer->callno value can be changed by multiple threads,
and all data inside the iaxs array must be procted by a corresponding lock
of iaxsl.
The patch moves the unprotected access to a location where the mutex is
safely obtained.
Matthew Jordan [Wed, 8 Apr 2015 11:51:24 +0000 (11:51 +0000)]
chan_sip: Handle IPv4 mapped IPv6 clients when NAT is enabled
When udpbindaddr is set to the IPv6 bind all address of '::', Asterisk will
attempt to handle both IPv4 and IPv6 addresses, although the information will
be stored in a struct with an AF_INET6 address type. However, the current
NAT handling code won't handle the IPv4 mapped IPv6 addresses correctly.
This patch adds an additional check for the mapped address case, allowing
the NAT code to handle clients even when the address is IPv6.
Review: https://reviewboard.asterisk.org/r/4563/
ASTERISK-18032 #close
Reported by: Christoph Timm
patches:
nat_with_ipv6.diff submitted by Valentin Vidić (License 6697)
This patch fixes several warnings pointed out by the clang compiler.
* app_minivm: Fixed evaluation of etemplate->locale, which will always
evaluate to 'true'. This patch changes the evaluation to use
ast_strlen_zero.
* app_queue:
- Fixed evaluation of qe->parent->monfmt, which always evaluates to
true. Instead, we just check to see if the dereferenced pointer
evaluates to true.
- Fixed evaluation of mem->state_interface, wrapping it with a call to
ast_strlen_zero.
Matthew Jordan [Tue, 7 Apr 2015 02:09:19 +0000 (02:09 +0000)]
clang compiler warnings: Fix sometimes-initialized warning in func_math
This patch fixes a bug in a unit test in func_math where a variable could be
passed to ast_free that wasn't allocated. This patch corrects the issue and
ensures that we only attempt to free a variable if we previously allocated
it.
Clang will flag errors when a char pointer is set to '\0', as opposed to a
value that the char pointer points to. This patch fixes this warning
in a variety of locations.
George Joseph [Mon, 6 Apr 2015 18:58:30 +0000 (18:58 +0000)]
build: Fixes for gcc 5 compilation
These are fixes for compilation under gcc 5.0...
chan_sip.c: In parse_request needed to make 'lim' unsigned.
inline_api.h: Needed to add a check for '__GNUC_STDC_INLINE__' to detect C99
inline semantics (same as clang).
ccss.c: In ast_cc_set_parm, needed to fix weird comparison.
dsp.c: Needed to work around a possible compiler bug. It was throwing
an array-bounds error but neither
sgriepentrog, rmudgett nor I could figure out why.
manager.c: In action_atxfer, needed to correct an array allocation.
This patch will go to 11, 13, trunk.
Review: https://reviewboard.asterisk.org/r/4581/ Reported-by: Jeffrey Ollie Tested-by: George Joseph
ASTERISK-24932 #close
Matthew Jordan [Mon, 6 Apr 2015 18:07:35 +0000 (18:07 +0000)]
clang compiler warnings: Remove large chunks of unused code from extconf
This patch fixes a warning caught by clang, in which it detected that large
chunks of extconf were unused. Frankly, I wish we could pretend that all of
extconf was unused, but alas, that is not yet the case.
Matthew Jordan [Mon, 6 Apr 2015 18:03:23 +0000 (18:03 +0000)]
clang compiler warnings: Fix sometimes-uninitialized warning in pbx_config
This patch fixes a warning caught by clang, in which a char pointer could be
assigned to before it was initialized. The patch re-organizes the code to
ensure that the pointer is always initialized, even on off nominal paths.
Matthew Jordan [Mon, 6 Apr 2015 17:51:59 +0000 (17:51 +0000)]
clang compiler warnings: Fix format specified in framehook
This patch fixes an invalid format specifier used in the formatting of an
ERROR message in the framehook code. The format specifier specifies a
type of 'unsigned short', but the argument passed to it is of type 'int'.
The patch changes the format specifier to 'i'.
Mark Michelson [Wed, 1 Apr 2015 20:43:31 +0000 (20:43 +0000)]
Backport revision 429223 from Asterisk 13
The bug fixed by that patch exists in Asterisk 11 as
well, so the fix should be applied there.
When connecting to a remote Asterisk console, the buffer
used to read the initial hostname/pid/version from the
main Asterisk process did not ensure the input was
NULL-terminated, and the buffer was small for certain
use cases. This patch expands the buffer to be 256
bytes and ensures the input it reads is NULL-terminated.
Corey Farrell [Mon, 30 Mar 2015 11:40:33 +0000 (11:40 +0000)]
Fix an ABI compatibility issue with ast_log_safe for modules.
Binary modules are sometimes built against the latest release of
Asterisk in each branch, and need to be compatible with all
releases of that branch. This change ensures that utils.h only
uses ast_log_safe from the core. For modules and utilities ast_log
is used instead.
This patch fixes several warnings caught by clang - in this case, usage of the
abs function on non-integer values. This patch uses labs and fabs, as
appropriate, in the various affected files.
This patch fixes some invalid enum conversion warnings caught by clang. In
particular, several functions in chan_sip mixed usage of the st_refresher_param
enum and st_refresher enum. This patch corrects that.
That is, if __nbytes is greater than the result of GCC's built-in object size
for the struct, we'll kick back a warning.
As it turns out, this is because there is an error in the code in the patch.
We are passing the address of the pointer to the struct, not iev, which is a
pointer to the struct. Hence, the number of bytes is probably going to be lot
larger than the number of bytes that make up a pointer! This patch changes
the code just read from the pointer to the struct - which fixes the warning.
Asterisk's build system has a tendency to pass include directives for libraries
to everything compiled within a particular group of source files. This means
we pass the header for libxml2 to things that don't necessarily need it. As a
result, we ignore this particular warning.
Matthew Jordan [Mon, 30 Mar 2015 01:51:59 +0000 (01:51 +0000)]
clang compiler warnings: Fix warning for -Wgnu-variable-sized-type-not-at-end
This patch fixes a warning caught by clang, wherein a variable sized struct is
not located at the end of a struct. While the code in question actually
expected this, this is a good warning to watch for. Hence, this patch refactors
the code in question to not have two variable length elements in the same
struct.
Matthew Jordan [Sat, 28 Mar 2015 12:47:19 +0000 (12:47 +0000)]
clang compiler warnings: Fix -Wself-assign
Assigning a variable to itself isn't super useful. However, the WAV format
modules make use of this in order to perform byte endian checks. This patch
works around the warning by only performing the self assignment if we are
going to do more than just assign it to ourselves. Which is odd, but true.
Clang will treat ((a == b)) as a warning, as it reasonably expects that the
developer may have intended to write (a == b) or ((a = b)). This patch cleans
up all instances where equality, not assignment, was intended between two
parantheses.
Matthew Jordan [Sat, 28 Mar 2015 12:17:45 +0000 (12:17 +0000)]
clang compiler warnings: Fix -Wunused-function
This patch fixes clang compilers warnings for unused functions. Specifically:
* channels/chan_iax2: removed user_ref function
* main/dsp.c: removed goertzel_update function
Corey Farrell [Fri, 27 Mar 2015 07:06:24 +0000 (07:06 +0000)]
Improved and portable ast_log recursion avoidance
This introduces a new logger routine ast_log_safe. This routine should be
used for all error messages in code that can be run as a result of ast_log.
ast_log_safe does nothing if run recursively. All error logging in
astobj2.c, strings.c and utils.h have been switched to ast_log_safe.
This required adding support for raw threadstorage. This provides direct
access to the void* pointer in threadstorage. In ast_log_safe, NULL is used
to signify that this thread is not already running ast_log_safe, (void*)1 when
it is already running. This was done since it's critical that ast_log_safe
do nothing that could log during recursion checking.
ASTERISK-24155 #close
Reported by: Timo Teräs
Review: https://reviewboard.asterisk.org/r/4502/
Corey Farrell [Thu, 26 Mar 2015 23:04:43 +0000 (23:04 +0000)]
Fix compile errors caused by r4500 / r4501.
* Add ast_register_cleanup to utils/clicompat.c to deal with
any utils that copy sources from main.
* Asterisk 13+: remove unused variables from core_local.c.
Corey Farrell [Thu, 26 Mar 2015 22:16:31 +0000 (22:16 +0000)]
Replace most uses of ast_register_atexit with ast_register_cleanup.
Since 'core stop now' and 'core restart now' do not stop modules,
it is unsafe for most of the core to run cleanups. Originally all
cleanups used ast_register_atexit, and were only changed when it
was shown to be unsafe. ast_register_atexit is now used only when
absolutely required to prevent corruption and close child processes.
Exceptions that need to use ast_register_atexit:
* CDR: Flush records.
* res_musiconhold: Kill external applications.
* AstDB: Close the DB.
* canary_exit: Kill canary process.
Kevin Harwell [Thu, 26 Mar 2015 17:00:39 +0000 (17:00 +0000)]
app_confbridge: file playback blocks dtmf
Attempting to execute DTMF in a confbridge while file playback (prompt,
announcement, etc) is occurring is not allowed. You have to wait until
the sound file has completed before entering DTMF. This patch fixes it
so that app_confbridge now monitors for dtmf key presses during menu
driven file playback. If a key is pressed playback stops and it executes
the matched menu option.
ASTERISK-24864 #close
Reported by: Steve Pitts
Review: https://reviewboard.asterisk.org/r/4477/
Matthew Jordan [Wed, 25 Mar 2015 15:29:39 +0000 (15:29 +0000)]
res_xmpp: Buddies are always auto-registered when processing the roster
Due to a quirk in the configuration handling of res_xmpp, the 'autoregister'
setting was never actually processed. This was due to not properly copying
over the global settings to the client settings when applying the
configuration to the run-time object.
ASTERISK-14233
ASTERISK-24780 #close
Reported by: Simon Arlott
patches:
asterisk-13.1.0-24780 uploaded by Simon Arlott (License 5756)
Matthew Jordan [Sun, 22 Mar 2015 20:32:17 +0000 (20:32 +0000)]
Fix compilation issues for OpenBSD
This patch addresses compilation issues for OpenBSD. Specifically, it
addresses:
* It allows including <sys/vmmeter.h> in asterisk.c
* Provides a needed (size_t) cast in xmldoc.c
In 13+, it also addresses a conditional inclusion in loader.c.
Matthew Jordan [Thu, 19 Mar 2015 19:19:32 +0000 (19:19 +0000)]
funcs/func_env: Fix regression caused in FILE read operation
When r432935 was merged, it did correctly fix a situation where a FILE read
operation on the middle of a file buffer would not read the requested length
in the parameters passed to the FILE function. Unfortunately, it would also
allow the FILE function to append more bytes than what was available in the
buffer if the length exceeded the end of the buffer length.
This patch takes the minimum of the remaining bytes in the buffer along with
the calculated length to append provided by the original patch, and uses
that as the length to append in the return result. This patch also updates
the unit tests with the scenarios that were originally pointed out in
ASTERISK-21765 that the original implementation treated incorrectly.
Using DEBUG_CHAOS several instances of a null
pointer crash, and one uninitialized variable
were uncovered and fixed. Also added details
on why Asterisk failed to initialize.
Richard Mudgett [Tue, 17 Mar 2015 21:43:32 +0000 (21:43 +0000)]
Audit ast_sockaddr_resolve() usage for memory leaks.
Valgrind found some memory leaks associated with ast_sockaddr_resolve().
Most of the leaks had already been fixed by earlier memory leak hunt
patches. This patch performs an audit of ast_sockaddr_resolve() and found
one more.
* Fix ast_sockaddr_resolve() memory leak in
apps/app_externalivr.c:app_exec().
* Made main/netsock2.c:ast_sockaddr_resolve() always set the addrs
parameter for safety so the pointer will never be uninitialized on return.
The same goes for res/res_pjsip_acl.c:extract_contact_addr().
Matthew Jordan [Sat, 14 Mar 2015 02:27:13 +0000 (02:27 +0000)]
main/frame: Don't report empty disallow values as an error
In realtime, it is normal to have a database with both 'allow' and 'disallow'
columns in the schema. It is perfectly valid to have an 'allow' value of
'!all,g722,ulaw,alaw' and no 'disallow' value. Unlike in static conf files,
you can't *not* provide the disallow value. Thus, the empty disallow value
causes a spurious WARNING message, which is kind of annoying.
This patch makes it so that a 'disallow' value with no ... value ... is
ignored. Granted, you can still screw this up as well, as technically
specifying 'disallow=all,!ulaw' allows only ulaw, and then you would have no
'allow' value in your database. But really, why would you do that? WHY?
Joshua Colp [Sat, 14 Mar 2015 01:59:31 +0000 (01:59 +0000)]
func_curl: Don't hold exclusive lock when performing HTTP request.
This code originally kept a lock held when performing the HTTP
request to ensure that the options provided to curl remain valid.
This doesn't seem to be necessary these days and holding the lock
caused requests to happen sequentially instead of in parallel.
Joshua Colp [Sat, 14 Mar 2015 01:36:18 +0000 (01:36 +0000)]
core: Fix tab completion of "core set debug channel" CLI command.
The "core set debug channel" CLI command mistakenly had source filenames
added to its tab completion. This occurred because the CLI generator fell back
to the "core set debug" command which permits setting debug at a source
filename level.
Matthew Jordan [Sat, 14 Mar 2015 01:21:00 +0000 (01:21 +0000)]
FILE: fix retrieval of file contents when offset is specified
The loop that reads in a file was not correctly using the offset when
determining what bytes to append to the output. This patch corrects
the logic such that the correct portion of the file is extracted when an
offset is specified.
ASTERISK-21765
Reported by: John Zhong
Tested by: Matt Jordan, Di-Shi Sun
patches:
file_read_390821.patch uploaded by Di-Shi Sun (License 5076)
This patch corrects the documentation for the AMD application. Specifically:
* It documents the maximum_word_length option, which limits the maximum allowed
length of a single utterance.
* It clarifies the AMDCAUSE values MAXWORDS and MAXWORDLENGTH. MAXWORDLENGTH
was documented as MAXWORDS, while MAXWORDS was undocumented.
Thanks to the issue reporter, Frank DiGennaro, for pointing out the issues.
ASTERISK-19470 #close
Reported by: Frank DiGennaro
Matthew Jordan [Thu, 12 Mar 2015 12:57:03 +0000 (12:57 +0000)]
main/audiohook: Update internal sample rate on reads
When an audiohook is created (which is used by the various Spy applications
and Snoop channel in Asterisk 13+), it initially is given a sample rate of
8kHz. It is expected, however, that this rate may change based on the media
that passes through the audiohook. However, the read/write operations on the
audiohook behave very differently.
When a frame is written to the audiohook, the format of the frame is checked
against the internal sample rate. If the rate of the format does not match
the internal sample rate, the internal sample rate is updated and a new SLIN
format is chosen based on that sample rate. This works just fine.
When a frame is read, however, we do something quite different. If the format
rate matches the internal sample rate, all is fine. However, if the rates
don't match, the audiohook attempts to "fix up" the number of samples that
were requested. This can result in some seriously large number of samples
being requested from the read/write factories.
Consider the worst case - 192kHz SLIN. If we attempt to read 20ms worth of
audio produced at that rate, we'd request 3840 samples (192000 / (1000 / 20)).
However, if the audiohook is still expecting an internal sample rate of 8000,
we'll attempt to "fix up" the requested samples to:
This results in us attempting to read 92160 samples from our factories, as
opposed to the 3840 that we actually wanted. On a 64-bit machine, this
miraculously survives - despite allocating up to two buffers of length 92160
on the stack. The 32-bit machines aren't quite so lucky. Even in the case where
this works, we will either (a) get way more samples than we wanted; or (b) get
about 3840 samples, assuming the timing is pretty good on the machine.
Either way, the calculation being performed is wrong, based on the API users
expectations.
My first inclination was to allocate the buffers on the heap. As it is,
however, there's at least two drawbacks with doing this:
(1) It's a bit complicated, as the size of the buffers may change during the
lifetime of the audiohook (ew).
(2) The stack is faster (yay); the heap is slower (boo).
Since our calculation is flat out wrong in the first place, this patch fixes
this issue by instead updating the internal sample rate based on the format
passed into the read operation. This causes us to read the correct number of
samples, and has the added benefit of setting the audihook with the right
SLIN format.
Note that this issue was caught by the Asterisk Test Suite as a result of
r432195 in the 13 branch. Because this issue is also theoretically possible
in Asterisk 11, the change is being made here as well.
Matthew Jordan [Thu, 12 Mar 2015 12:26:57 +0000 (12:26 +0000)]
Add support for the clang compiler; update RAII_VAR to use BlocksRuntime
RAII_VAR, which is used extensively in Asterisk to manage reference counted
resources, uses a GCC extension to automatically invoke a cleanup function
when a variable loses scope. While this functionality is incredibly useful
and has prevented a large number of memory leaks, it also prevents Asterisk
from being compiled with clang.
This patch updates the RAII_VAR macro such that it can be compiled with clang.
It makes use of the BlocksRuntime, which allows for a closure to be created
that performs the actual cleanup.
Note that this does not attempt to address the numerous warnings that the clang
compiler catches in Asterisk.
Much thanks for this patch goes to:
* The folks on StackOverflow who asked this question and Leushenko for
providing the answer that formed the basis of this code:
http://stackoverflow.com/questions/24959440/rewrite-gcc-cleanup-macro-with-nested-function-for-clang
* Diederik de Groot, who has been extremely patient in working on getting this
patch into Asterisk.
Review: https://reviewboard.asterisk.org/r/4370/
ASTERISK-24133
ASTERISK-23666
ASTERISK-20399
ASTERISK-20850 #close
Reported by: Diederik de Groot
patches:
RAII_CLANG.patch uploaded by Diederik de Groot (License 6600)
Matthew Jordan [Tue, 10 Mar 2015 21:32:25 +0000 (21:32 +0000)]
res/res_config_odbc: Fix improper escaping of backslashes with MySQL
When escaping backslashes with MySQL, the proper way to escape the characters
in a LIKE clause is to escape the '\' four times, i.e., '\\\\'. To quote the
MySQL manual:
"Because MySQL uses C escape syntax in strings (for example, “\n” to represent
a newline character), you must double any “\” that you use in LIKE strings.
For example, to search for “\n”, specify it as “\\n”. To search for “\”,
specify it as “\\\\”; this is because the backslashes are stripped once by the
parser and again when the pattern match is made, leaving a single backslash to
be matched against."
ASTERISK-24808 #close
Reported by: Javier Acosta
patches:
res_config_odbc.diff uploaded by Javier Acosta (License 6690)
Matthew Jordan [Tue, 10 Mar 2015 18:11:26 +0000 (18:11 +0000)]
app_voicemail: Fix crash with IMAP backends when greetings aren't present
When an IMAP backend is in use and greetings are set to be used, but aren't
present for a user in their IMAP folder, Asterisk will crash. This occurs
due to the mailstream being set to the 'greetings' folder and being left
in that particular state, regardless of the success/failure of the attempt
to access the folder the mailstream points to. Later access of the mailstream
assumes that it points to the 'INBOX' (or some other folder), resulting in
either a crash (if the greetings folder didn't exist and the mailstream is
invalid) or an inability to read messages from the 'INBOX' folder.
This patch restores the mailstream to its correct state after accessing the
greetings. This fixes the crash, and sets the mailstream to the state that
VoiceMailMain expects.
Note that while ASTERISK-23390 also contained a patch for this issue, the
patch on ASTERISK-24786 is the one being merged here.
Review: https://reviewboard.asterisk.org/r/4459/
ASTERISK-23390 #close
Reported by: Ben Smithurst
ASTERISK-24786 #close
Reported by: Graham Barnett
Tested by: Graham Barnett
patches:
app_voicemail.c.patch.SIGSEGV3rev2 uploaded by Graham Barnett (License 6685)
Matthew Jordan [Tue, 10 Mar 2015 17:42:57 +0000 (17:42 +0000)]
localtime: Fix file descriptor leak on kqueue(2) systems
The localtime management in the Asterisk core contains a thread that watches
for changes in the local timezone. On systems where the directory containing
/etc/localtime is modified frequently, the thread monitoring the changes will
be woken up to determine if any changes in timezone have occurred. When using
kqueue(2), this can cause a leak of file descriptors due to some improper
management of resources.
This patch updates the kqueue(2) handling in localtime, such that is no longer
leaks resources.
Review: https://reviewboard.asterisk.org/r/4450/
ASTERISK-24739 #close
Reported by: Ed Hynan
patches:
11.15.0-u.diff uploaded by Ed Hynan (Licnese 6680)
11.7.0-u.diff uploaded by Ed Hynan (License 6680)
svn-trunk-Jan-26-2015-u.diff uploaded by Ed Hynan (License 6680)
Richard Mudgett [Fri, 6 Mar 2015 19:52:04 +0000 (19:52 +0000)]
chan_dahdi/sig_analog: Fix distinctive ring detection to suck less.
The distinctive ring feature interferes with detecting Caller ID and
appears to have been broken for years. What happens is if you have a
ring-ring cadence as used in the UK you get too many DAHDI events for the
distinctive ring pattern array and Caller ID detection is aborted. I
think when Zapata/DAHDI added the ring begin event it broke distinctive
ring. More events happen than before and the code does no filtering of
which event times are recorded in the pattern array.
* Made distinctive ring only record the ringt count when the ring ends
instead of on just any DAHDI event. Distinctive ring can be ring,
ring-ring, ring-ring-ring, or different ring durations for the up to three
rings.
* Fixed the distinctive ring detection enable (chan_dahdi.conf option
usedistinctiveringdetection) to be per port instead of somewhat per port
and somewhat global. This has been broken since v1.8.
* Fixed using the default distinctive ring context when the detected
pattern does not match any configured dringX patterns. The default
context did not get set when the previous call was a matched distinctive
ring pattern and the current call is not matched. This has been broken
since v1.8.
* Made distinctive ring have no effect on Caller ID detection when it is
disabled. Caller ID detection just monitors for 10 seconds before giving
up.
* Fixed leak of struct callerid_state memory when a polarity reversal
during Caller ID detection causes the incoming call to be aborted.
DAHDI-1143
AST-1545
ASTERISK-24825 #close
Reported by: Richard Mudgett
Richard Mudgett [Fri, 6 Mar 2015 19:17:45 +0000 (19:17 +0000)]
chan_sip: Fix realtime locking inversion when poking a just built peer.
When a realtime peer is built it can cause a locking inversion when the
just built peer is poked. If the CLI command "sip show channels" is
periodically executed then a deadlock can happen because of the locking
inversion.
* Push the peer poke off onto the scheduler thread to avoid the locking
inversion of the just built realtime peer.
AST-1540
ASTERISK-24838 #close
Reported by: Richard Mudgett
George Joseph [Thu, 5 Mar 2015 16:35:22 +0000 (16:35 +0000)]
app_voicemail: Fix compile breaking in app_voicemail with IMAP_STORAGE.
There is a leftover "assert" in app_voicemail/__messagecount that references
variables that don't exist. This causes the compile to fail when
--enable-dev-mode and IMAP_STORAGE are selected.
This patch removes the assert.
Tested-by: George Joseph
Review: https://reviewboard.asterisk.org/r/4461/
Matthew Jordan [Thu, 26 Feb 2015 04:56:28 +0000 (04:56 +0000)]
make: Remove 'res_features' from libraries to link against with cygwin/mingw32
Both the apps and channels Makefiles still listed 'res_features' as modules to
link against when compiling for cygwin or mingw32. This module hasn't existed
for quite some time.
Matthew Jordan [Thu, 26 Feb 2015 03:02:24 +0000 (03:02 +0000)]
channels/chan_sip: Don't send a BYE after final response when PBX thread fails
When Asterisk fails to start a PBX thread for a new channel - for example, when
the maxcalls setting in asterisk.conf is exceeded - we currently send a final
response, and then attempt to send a BYE request to the UA. Since that's all
sorts of wrong, this patch fixes that by setting sipalreadygone on the sip_pvt
such that we don't get stuck sending BYE requests to something that does not
want it.
Note that this patch is a slight modification of the one on ASTERISK-15434.
For clarity, it explicitly calls sipalreadygone with the calls to transmit a
final response.
ASTERISK-21845
ASTERISK-15434 #close
Reported by: Makoto Dei
Tested by: Matt Jordan
patches:
sip-pbxstart-failed.patch uploaded by Makoto Dei (License 5027)
Matthew Jordan [Wed, 25 Feb 2015 23:02:17 +0000 (23:02 +0000)]
channels/chan_sip: Clarify WARNING message in mismatched SRTP scenario
When we receive an SDP as part of an offer/answer for a peer/friend has been
configured to require encryption, and that SDP offer/answer failed to provide
acceptable crypto attributes, we currently issue a WARNING that uses the phrase
"we" and "requested". In this case, both of those terms are ambiguous - the
user will probably think "we" is Asterisk (it most likely isn't) and it may
not be a "request", so much as an SDP that was received in some fashion.
This patch makes the WARNING messages slightly less bad and a bit more
accurate as well.
Matthew Jordan [Wed, 25 Feb 2015 21:13:39 +0000 (21:13 +0000)]
channels/sip/sdp_crypto: Handle SRTP keys negotiated with key lifetime/MKI
Prior to this patch, SDP offers negotiating SDES-SRTP crypto attributes would
be rejected if those crypto attributes contained either a key lifetime or a
MKI parameter. While from a theoretical point of view this was defensible -
Asterisk does not support key lifetimes or multiple crypto keys - from a
practical point of view, this is quite a problem. A large number of endpoints
offer lifetimes/MKI, which Asterisk can tolerate so long as it doesn't actually
have to support anything more than a single key or refresh the key.
In reality, this is (so far as we've seen) always the case.
This patch is a forward port of Olle's work in the lingon-srtp-key-lifetime-1.8
branch. To quote Olle from ASTERISK-17721, it handles lifetime/MKI parameters
in the following fashion:
> The Lingon branch now handle lifetime and MKI parameters.
>
> We only accept lifetimes up to max for the crypto and higher than 10 hours
> for packetization of 20 ms (50 pps).
>
> We only handle MKI with index 1.
>
> We do not really bother with counting packets and reinviting at end of
> lifetime, so the min of 10 hours kind of takes care of most calls. If there
> are longer ones, we rely on the other side for re-invites.
>
> It's still not perfect, but I personally think this is an improvement. A
> configuration option for minimum lifetime accepted could be added.
When the patch was ported forward, I decided against adding a configuration
option as Olle's handling was more than sufficient for every case I've seen
come through the issue tracker or through interoperability testing. We can
revisit that decision if it proves to be false.
A few small other tweaks were made to the surrounding code to reduce
indentation and provide better type safety for the 'tag' parameter.
David M. Lee [Wed, 25 Feb 2015 20:43:16 +0000 (20:43 +0000)]
Increase WebSocket frame size and improve large read handling
Some WebSocket applications, like [chan_respoke][], require a larger
frame size than the default 8k; this patch bumps the default to 16k.
This patch also fixes some problems exacerbated by large frames.
The sanity counter was decremented on every fread attempt in
ws_safe_read(), regardless of whether data was read from the socket or
not. For large frames, this could result in loss of sanity prior to
reading the entire frame. (16k frame / 1448 bytes per segment = 12
segments).
This patch changes the sanity counter so that it only decrements when
fread() doesn't read any bytes. This more closely matches the original
intention of ws_safe_read(), given that the error message is
"Websocket seems unresponsive".
This patch also properly logs EOF conditions, so disconnects are no
longer confused with unresponsive connections.
Matthew Jordan [Tue, 24 Feb 2015 22:14:02 +0000 (22:14 +0000)]
channels/chan_sip: Fix crash when transmitting packet after thread shutdown
When the monitor thread is stopped, its pthread ID is set to a specific value
(AST_PTHREADT_STOP) so that later portions of the code can determine whether
or not it is safe to manipulate the thread. Unfortunately, __sip_reliable_xmit
failed to check for that value, checking instead only for AST_PTHREAD_STOP.
Passing the invalid yet very specific value to pthread_kill causes a crash.
This patch adds a check for AST_PTHREADT_STOP in __sip_reliable_xmit such that
it doesn't attempt to poke the thread if the thread has already been stopped.
Kevin Harwell [Tue, 24 Feb 2015 18:22:58 +0000 (18:22 +0000)]
bridge_softmix: G.729 codec license held
When more than one call using the same codec type enters into a softmix bridge
and no audio is present for a channel the bridge optimizes the out frame by
using the same one for all channels with the same codec type. Unfortunately,
when that number (channels with same codec type) dropped to <= 1 the codec
was not dereferenced. At least not until all parties left the bridge. Thus in
the case of G.729 the license was not released. This patch ensures that the
codec is dereferenced immediately when the optimization no longer applies.
ASTERISK-24797 #close
Reported by: Luke Hulsey
Review: https://reviewboard.asterisk.org/r/4429/
Matthew Jordan [Sat, 21 Feb 2015 17:34:52 +0000 (17:34 +0000)]
apps/app_voicemail: Demote an ERROR message to a WARNING message
When using IMAP voicemail with FreePBX, you will often get ERROR messages
complaining about not being able to find a mailbox. This is due to how FreePBX
handles voicemail mailboxes. Unfortunately, app_voicemail has to consider this
a configuration error, as in any other system it would be indicative of
someone misconfiguring their system.
Regardless, a misconfiguration is a WARNING, and not an ERROR. This patch
demotes the message so that system administrators can hopefully reduce some
of the noise in their log files.
Note that in the original patch this was made into a NOTICE, but that's a
too forgiving.
ASTERISK-24790 #close
Reported by: Graham Barnett
patches:
app_voicemail.c.patch_noise uploaded by Graham Barnett (License 6685)
Corey Farrell [Sat, 21 Feb 2015 02:55:26 +0000 (02:55 +0000)]
Allow shutdown to unload modules that register bucket scheme's or codec's.
* Change __ast_module_shutdown_ref to be NULL safe (11+).
* Allow modules that call ast_bucket_scheme_register or ast_codec_register
to be unloaded during graceful shutdown only (13+ only).
Matthew Jordan [Fri, 20 Feb 2015 15:45:35 +0000 (15:45 +0000)]
apps/app_voicemail: Fix IMAP header compatibility issue with Microsoft Exchange
When interfacing with Microsoft Exchange, custom headers will be returned as
all lower case. Currently, the IMAP header code will fail to parse the returned
custom headers, as it will be performing a case sensitive comparison. This can
cause playback of messages to fail, as needed information - such as origtime -
will not be present.
This patch updates app_voicemail's header parsing code to perform a case
insensitive lookup for the requested custom headers. Since the headers are
specific to Asterisk, e.g., 'x-asterisk-vm-orig-time', and headers should be
unique in an IMAP message, this should cause no issues with other systems.
ASTERISK-24787 #close
Reported by: Graham Barnett
patches:
app_voicemail.c.patch_MSExchange uploaded by Graham Barnett (License 6685)
Matthew Jordan [Thu, 19 Feb 2015 15:21:06 +0000 (15:21 +0000)]
tcptls: Handle new OpenSSL compile time option to disable SSLv3
Some distributions are going to disable SSLv3 at compile time. This option can
be checked using the directive OPENSSL_NO_SSL3_METHOD. This patch updates the
TCP/TLS handling in Asterisk to look for that directive before attempting to
use the SSLv3 specific methods.
ASTERISK-24799 #close
Reported by: Alexander Traud
patches:
no-ssl3-method.patch uploaded by Alexander Traud (License 6520)
Corey Farrell [Thu, 19 Feb 2015 01:59:05 +0000 (01:59 +0000)]
Create work around for scheduler leaks during shutdown.
* Added ast_sched_clean_by_callback for cleanup of scheduled events
that have not yet fired.
* Run all pending peercnt_remove_cb and replace_callno events in chan_iax2.
Cleanup of replace_callno events is only run 11, since it no longer
releases any references or allocations in 13+.
Matthew Jordan [Sun, 15 Feb 2015 00:31:55 +0000 (00:31 +0000)]
apps/app_mixmonitor: Move Test Event for MIXMONITOR_END to after it finishes
The Test Event for MIXMONITOR_END - which signals that a MixMonitor has
completed - technically fired before the filestream was closed. If a test
used this to trigger a condition to verify that the file was written, it
could result in a race condition where the file size would not be what the
test expected.
Luckily, no tests were using this (although they should have been). Since the
test event needed to be moved after the point where the MixMonitor autochan has
been destroyed, the test event no longer emits the channel name. Luckily,
nothing needs it.
Matthew Jordan [Wed, 11 Feb 2015 17:11:41 +0000 (17:11 +0000)]
channels/chan_sip: Fix RealTime error during SIP unregistration with MariaDB
When a SIP device that has its registration stored in RealTime unregisters,
the entry for that device is updated with blank values, i.e., "", indicating
that it is no longer registered. Unfortunately, one of those values that is
'blanked' is the device's port. If the column type for the port is not a
string datatype (the recommended type is integer), an ODBC or database error
will be thrown. MariaDB does not coerce empty strings to a valid integer value.
This patch updates the query run from chan_sip such that it replaces the port
value with a value of '0', as opposed to a blank value. This is the value that
other database backends coerce the empty string ("") to already, and the
handling of reading a RealTime registration value from a backend already
anticipates receiving a port of '0' from the backends.
ASTERISK-24772 #close
Reported by: Richard Miller
patches:
chan_sip.diff uploaded by Richard Miller (License 5685)
Kevin Harwell [Wed, 11 Feb 2015 16:46:12 +0000 (16:46 +0000)]
res_http_websocket: websocket write timeout fails to fully disconnect
When writing to a websocket if a timeout occurred the underlying socket did not
get closed/disconnected. This patch makes sure the websocket gets disconnected
on a write timeout.
ASTERISK-24701 #close
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/4412/
Corey Farrell [Wed, 11 Feb 2015 15:38:39 +0000 (15:38 +0000)]
Enable REF_DEBUG for ast_module_ref / ast_module_unref.
Add ast_module_shutdown_ref for use by modules that can
only be unloaded during graceful shutdown.
When REF_DEBUG is enabled:
* Add an empty ao2 object to struct ast_module.
* Allocate ao2 object when the module is loaded.
* Perform an ao2_ref in each place where mod->usecount is manipulated.
* ao2_cleanup on module unload.
Matthew Jordan [Mon, 9 Feb 2015 02:44:24 +0000 (02:44 +0000)]
channels/chan_sip: Ensure that a BYE is sent during INVITE w/Replaces transfer
Consider a scenario where Alice and Bob have an established dialog with each
other external to Asterisk. Bob decides to perform an attended transfer of
Alice to Asterisk. In this case, Alice will send an INVITE with Replaces
to Asterisk, where the Replaces specifies Bob's dialog with Asterisk. In this
particular scenario, Asterisk will complete the transfer, but - since Bob's
channel has had Alice masqueraded into it and is now a Zombie - a BYE
request will not be sent.
This patch fixes that issue by adding a new flag to chan_sip that tracks
whether or not we have an INVITE with Replaces. If we do, the flag is used
on the sip_pvt to ensure that a BYE request is sent, even if the channel has
been masqueraded away.
Review: https://reviewboard.asterisk.org/r/4362/
ASTERISK-22436 #close
Reported by: Eelco Brolman
Tested by: Jeremiah Gowdy, Kristian Høgh
patches:
asterisk-11-hangup-replaced-3.diff uploaded by Jeremiah Gowdy (License 6358)
Matthew Jordan [Mon, 9 Feb 2015 02:34:17 +0000 (02:34 +0000)]
res/res_odbc: Remove unneeded queries when determining if a table exists
This patch modifies the ast_odbc_find_table function such that it only performs
a lookup of the requested table if the table is not already known. Prior to
this patch, a queries would be executed against the database even if the table
was already known and cached.
Mark Michelson [Thu, 29 Jan 2015 20:40:04 +0000 (20:40 +0000)]
Use SIPS URIs in Contact headers when appropriate.
RFC 3261 sections 8.1.1.8 and 12.1.1 dictate specific
scenarios when we are required to use SIPS URIs in Contact
headers. Asterisk's non-compliance with this could actually
cause calls to get dropped when communicating with clients
that are strict about checking the Contact header.
Both of the SIP stacks in Asterisk suffered from this issue.
This changeset corrects the behavior in chan_sip.
ASTERISK-24646 #close
Reported by Stephan Eisvogel
Joshua Colp [Thu, 29 Jan 2015 12:08:39 +0000 (12:08 +0000)]
res_rtp_asterisk: Fix DTLS when used with OpenSSL 1.0.1k
A recent security fix for OpenSSL broke DTLS negotiation for many
applications. This was caused by read ahead not being enabled when it
should be. While a commit has gone into OpenSSL to force read ahead
on for DTLS it may take some time for a release to be made and the
change to be present in distributions (if at all). As enabling read
ahead is a simple one line change this commit does that and fixes
the issue.
Mark Michelson [Wed, 28 Jan 2015 17:05:26 +0000 (17:05 +0000)]
Mitigate possible HTTP injection attacks using CURL() function in Asterisk.
CVE-2014-8150 disclosed a vulnerability in libcURL where HTTP request injection
can be performed given properly-crafted URLs.
Since Asterisk makes use of libcURL, and it is possible that users of Asterisk may
get cURL URLs from user input or remote sources, we have made a patch to Asterisk
to prevent such HTTP injection attacks from originating from Asterisk.
Kevin Harwell [Tue, 27 Jan 2015 22:53:57 +0000 (22:53 +0000)]
tcptls: Bad file descriptor error when reloading chan_sip
While running through some scenarios using chan_sip and tcp a problem would
occur that resulted in a flood of bad file descriptor messages on the cli:
tcptls.c:712 ast_tcptls_server_root: Accept failed: Bad file descriptor
The message is received because the underlying socket has been closed, so is
valid. This is probably happening because unloading of chan_sip is not atomic.
That however is outside the scope of this patch. This patch simply stops the
logging of multiple occurrences of that message.
ASTERISK-24728 #close
Reported by: Thomas Thompson
Review: https://reviewboard.asterisk.org/r/4380/
Kevin Harwell [Tue, 27 Jan 2015 19:19:25 +0000 (19:19 +0000)]
chan_sip: stale nonce causes failure
When refreshing (with a small expiration) a registration that was sent to
chan_sip the nonce would be considered stale and reject the registration.
What was happening was that the initial registration's "dialog" still existed
in the dialogs container and upon refresh the dialog match algorithm would
choose that as the "dialog" instead of the newly created one. This occurred
because the algorithm did not check to see if the from tag matched if
authentication info was available after the 401. So, it ended up assuming
the original "dialog" was a match and stopped the search. The old "dialog"
of course had an old nonce, thus the stale nonce message.
This fix attempts to leave the original functionality alone except in the case
of a REGISTER. If a REGISTER is received if searches for an existing "dialog"
matching only on the callid. If the expires value is low enough it will reuse
dialog that is there, otherwise it will create a new one.
ASTERISK-24715 #close
Reported by: John Bigelow
Review: https://reviewboard.asterisk.org/r/4367/
Richard Mudgett [Tue, 27 Jan 2015 17:11:59 +0000 (17:11 +0000)]
app_confbridge: Repeatedly starting and stopping recording ref leaks the recording channel.
Starting and stopping conference recording more than once causes the
recording channels to be leaked. For v13 the channels also show up in the
CLI "core show channels" output.
* Reworked and simplified the recording channel code to use
ast_bridge_impart() instead of managing the recording thread in the
ConfBridge code. The recording channel's ref handling easily falls into
place and other off nominal code paths get handled better as a result.
Matthew Jordan [Thu, 22 Jan 2015 14:22:02 +0000 (14:22 +0000)]
apps/app_voicemail: Trigger MWI notification with MixMonitor m() option
The MixMonitor m() option allows a recording to be pushed to a specific
voicemail mailbox. If the message is delivered to the mailbox's INBOX, however,
no MWI notification is currently raised.
This patch corrects the issue by properly calling notify_new_state from the
msg_create_from_file function. This will cause MWI to be triggered if the
message was placed in the mailbox's INBOX.
projects / thirdparty / asterisk.git / log
