Aaron An [Thu, 22 Sep 2016 06:40:45 +0000 (14:40 +0800)]
channels/chan_pjsip: fix HANGUPCAUSE function bug.
HANGUPCAUSE not return 'SIP 200 Ok' when dialed channel answered.
This patch change the call order of ast_queue_control_data
and ast_queue_control in chan_pjsip_incoming_response.
George Joseph [Tue, 20 Sep 2016 14:42:15 +0000 (08:42 -0600)]
chan_sip: Address runaway when realtime peers subscribe to mailboxes
Users upgrading from asterisk 13.5 to a later version and who use
realtime with peers that have mailboxes were experiencing runaway
situations that manifested as a continuous stream of taskprocessor
congestion errors, memory leaks and an unresponsive chan_sip.
A related issue was that setting rtcachefriends=no NEVER worked in
asterisk 13 (since the move to stasis). In 13.5 and earlier, when a
peer tried to register, all of the stasis threads would block and
chan_sip would again become unresponsive. After 13.5, the runaway
would happen.
There were a number of causes...
* mwi_event_cb was (indirectly) calling build_peer even though calls to
mwi_event_cb are often caused by build_peer.
* In an effort to prevent chan_sip from being unloaded while messages
were still in flight, destroy_mailboxes was calling
stasis_unsubscribe_and_join but in some cases waited forever for the
final message.
* add_peer_mailboxes wasn't properly marking the existing mailboxes
on a peer as "keep" so build_peer would always delete them all.
* add_peer_mwi_subs was unsubscribing existing mailbox subscriptions
then just creating them again.
All of this was causing a flood of subscribes and unsubscribes on
multiple threads all for the same peer and mailbox.
Fixes...
* add_peer_mailboxes now marks mailboxes correctly and build_peer only
deletes the ones that really are no longer needed by the peer.
* add_peer_mwi_subs now only adds subscriptions marked as "new" instead
of unsubscribing and resubscribing everything. It also adds the peer
object's address to the mailbox instead of its name to the subscription
userdata so mwi_event_cb doesn't have to call build_peer.
With these changes, with rtcachefriends=yes (the most common setting),
there are no leaks, locks, loops or crashes at shutdown.
rtcachefriends=no still causes leaks but at least it doesn't lock, loop
or crash. Since making rtcachefriends=no work wasnt in scope for this
issue, further work will have to be deferred to a separate patch.
Side fixes...
* The ast_lock_track structure had a member named "thread" which gdb
doesn't like since it conflicts with it's "thread" command. That
member was renamed to "thread_id".
res_odbc: Make pooling option deprecation notice more useful.
This changes the notice for the deprecation of the old
pooling options to point to the new option for doing
pooling. This gives a clearer direction as to what to
look into.
Corey Farrell [Tue, 16 Aug 2016 20:21:33 +0000 (16:21 -0400)]
logger: Simplify ast_callid handling code.
Routines responsible for managing ast_callid's are overly complicated.
This is left-over code from when ast_callid was an AO2 object. Now that
it is an integer the code can be reduced.
ast_callid handler code no longer prints it's own error message upon failure
to allocate threadstorage as ast_calloc would have already printed a
message. Debug messages that were printed when TEST_FRAMEWORK was
enabled have been also been removed.
logger: Always enable verbose for console channel.
Previous versions of Asterisk did not require verbose to be specified in
logger.conf for the console channel, if it was requested by command line
or asterisk.conf it just worked. This change causes Asterisk to always
enable verbose in the console channel level mask. Verbose is displayed
on consoles if requested by command line, option_verbose or 'core set
verbose'.
This also delays initialization of the logger until after threadstorage
is initialized. Initializing too early can cause messages to be printed
multiple times to the console (stdout).
Tzafrir Cohen [Mon, 27 Jun 2016 19:26:54 +0000 (21:26 +0200)]
sd_notify (systemd status notifications) support
sd_notify() is used to notify systemd of changes to the status of the
process. This allows the systemd daemon to know when the process
finished loading (and thus only start another program after Asterisk has
finished loading).
To use this, use a systemd unit with 'Type=notify' for Asterisk.
This commit also adds the function ast_sd_notify(), a wrapper around
sd_notify that does nothing if not built with systemd support.
Also adds support for libsystemd detection in the configure script.
Walter Doekes [Mon, 19 Sep 2016 19:21:23 +0000 (21:21 +0200)]
asterisk.c: Non-root users also get the astcanary after core restart.
Without this change, a 'core restart' would kill the astcanary forever
if you're not running as root. Both with and without this patch, the
scheduling priority was still SCHED_RR after restart.
Additionally, the astcanary is now spawned if you start with high
priority and Asterisk doesn't get a chance to lower it. For example
through: `chrt -r 10 sudo -u asterisk asterisk -c`
Also reap killed astcanary processes on core restart.
Creating ODBC SQL queries resulted in queries too large to fit into the
supplied buffer. The resulting truncated buffer contained an invalid SQL
query.
* Made SQL query generation code use a thread storage buffer that can
increase in size as needed.
Timo Teräs [Fri, 9 Sep 2016 11:35:43 +0000 (14:35 +0300)]
Fix showing of swap details when sysinfo() is available
If sysinfo() is available, but not sysctl() or swapctl() the
printing code for swap buffer sizes is incorrectly omitted.
The above condition happens with musl c-library.
Fix #if rule to consider defined(HAVE_SYSINFO). And also
remove the redundant || defined(HAVE_SYSCTL) which was
incorrectly there to start with. Now swap information is
displayed only if an actual libc function to get it is
available.
This also fixes warnings previously seen with musl libc:
[CC] asterisk.c -> asterisk.o
asterisk.c: In function 'handle_show_sysinfo':
asterisk.c:773:6: warning: variable 'totalswap' set but not used
[-Wunused-but-set-variable]
int totalswap = 0;
^~~~~~~~~
asterisk.c:770:11: warning: variable 'freeswap' set but not used
[-Wunused-but-set-variable]
uint64_t freeswap = 0;
^~~~~~~~
rtp: Only accept the first payload for a format in SDP.
When receiving an SDP offer with multiple payloads for
the same format we would generate an answer with the first
payload, but during the payload crossover operation
(to set the payloads for receiving) we would remove all
payloads but the last. This would result in incoming
traffic being matched against the wrong format and outgoing
traffic being sent using the wrong payload.
This change makes it so that once a format has a payload
number put into the mapping all subsequent ones are ignored.
This ensures there is only ever one payload in the mapping
and that it is the payload placed into the answer SDP.
Steve Davies [Tue, 13 Sep 2016 10:34:47 +0000 (11:34 +0100)]
chan_sip: Fix session timeout on retransmit of non-UDP packets
Change-Id I1cd33453c77c56c8e1394cd60a6f17bb61c1d957 Enable Session-Timers for
SIP over TCP (and TLS) also disables SIP retransmits in chan_sip for non-UDP
connections, allowing the TCP layer to handle the retransmits. Unfortunately,
this caused sessions to be terminated with a retransmit timeout becasue it
stopped at the point of the first retrans call.
This patch waits for the 64*T1 timer to expire instead.
res_pjsip_multihomed: Change Contact port to listening port.
The res_pjsip_multihomed module determines what interface and transport
a request is going out on and updates the SIP message accordingly with
the address information. This currently incorrectly updates the Contact
header for connectionful protocols to the ephemeral connection port,
instead of the bound address for the listening socket which can actually
accept the connection back. If the remote side attempts to connect back on
the epehemeral port it will fail.
This change makes it so the port is updated to the bound port on
connectionful protocols and is maintained on UDP (as there can be
multiple of those).
George Joseph [Wed, 7 Sep 2016 19:48:48 +0000 (13:48 -0600)]
pjproject_bundled: Prevent SERVFAIL from marking name server bad
A name server that returns "Server Failure" is indicating only that
the server couldn't process that particular request. We should NOT
assume that the name server is incapable of serving other requests.
Here's the scenario we've been encountering...
* 2 local name servers configured in resolv.conf.
* An OPTIONS request causes a request for A and AAAA records to go out
to both nameservers.
* The A responses both come back successfully resolved.
* Because of an issue at some upstream nameserver, the AAAA responses
for that particular query come back as "SERVFAIL" from both local
name servers.
* Both local servers are marked as bad and no further queries can be
sent until the 60 second ttl expires. Only previously cached results
can be used.
* In this case, 60 seconds is just enough time for another OPTIONS
request to go out to the same host so the cycle repeats.
We could set the bad ttl really low but that also affects REFUSED and
NOTAUTH which probably DO signal a real server issue. Besides, even
a really low bad ttl would be an issue on a pbx.
Although we use our own resolver in 14 and master and don't have this
issue there, Teluu has merged this patch upstream so it's appropriate
to cherry-pick to 14 and master to keep pjproject consistent.
Currently when receiving video over RTP we store only
a calculated samples on the frame. When starting the video
it can take some time for this calculation to actually yield
a value as it requires constant changing timestamps. As well
if a video frame passes over multiple RTP packets this calculation
will fail as the timestamp is the same as the previous RTP
packet and the number of samples calculated will be 0.
This change preserves the timestamp on the frame and allows
it to pass through the core. When sending the video this timestamp
is used instead of a new one being calculated.
Alexander Traud [Fri, 22 Jul 2016 10:46:02 +0000 (12:46 +0200)]
chan_sip: Enable Session-Timers for SIP over TCP (and TLS).
Asterisk defaults to timers=accept/refresher=uas. In that scenario, only in that
scenario, Sessions-Timers (RFC 4028) had no effect via TCP. This change enables
Session-Timers for SIP over TCP (and for SIP over TLS).
However with longer international calls via TCP, the SIP channel might break,
because all hops on the Internet route must stay online (have not a single power
outage, for example). Therefore with Session-Timers enabled (which are enabled
at default), you might see dropped calls. Consequently even with this change,
you might be better-off going for session-timers=refuse in your sip.conf.
res_pjsip: Don't assume a request will have any addresses.
When performing DNS resolution the failover code present in
res_pjsip currently assumes that a request will always have
at least one viable address. In practice this is not true.
A domain may be used that has no records.
The code now checks that at least one address exists on the
request which prevents looping.
Richard Mudgett [Mon, 12 Sep 2016 17:25:54 +0000 (12:25 -0500)]
app_queue: Fix CLI "queue show" and AMI Queues action output truncation.
The output of CLI "queue show" and AMI Queues action is truncated and
"failed to extend from 240 to 327" messages are generated if the queue
member and interface names are lengthy.
* Increase the string buffer size from 240 to 512 in order to accommodate
for more information fields added to the output since v1.8.
ASTERISK-26360 #close
Reported by: Richard Mudgett
Walter Doekes [Mon, 12 Sep 2016 08:28:17 +0000 (10:28 +0200)]
chan_sip: Allow target refresh (Contact update) on re-INVITE.
Previously, the Contact was stored only on initial INVITE and on any
18X and 200. That meant that after re-INVITEs from *us* the Contact
could get updated, but after re-INVITEs from the *peer*, it did not.
This changeset fixes this inconsistency, properly allowing target
refreshes through re-INVITES (RFC3261, 12.2).
If your strictrtp setting allows it, this change allows you to switch
the source IP of a connected/calling device mid-call with a simple
re-INVITE from the new IP.
Richard Mudgett [Mon, 29 Aug 2016 23:08:22 +0000 (18:08 -0500)]
res_pjsip: Add ignore_uri_user_options option.
This implements the chan_sip legacy_useroption_parsing option but with a
better name.
* Made the caller-id number and redirecting number strings obtained from
incoming SIP URI user fields always truncated at the first semicolon.
People don't care about anything after the semicolon showing up on their
displays even though the RFC allows the semicolon.
Walter Doekes [Fri, 9 Sep 2016 11:26:01 +0000 (13:26 +0200)]
contrib: Let safe_asterisk script continue without /dev/tty9.
If you use the safe_asterisk script, it uses hardcoded defaults before
running configurable values from /etc/asterisk/startup.d. The hardcoded
default has TTY=9. Some containerized environments don't have such a
TTY, and safe_asterisk would stop.
The custom configuration from /etc/asterisk/startup.d/* isn't read until
after it stopped, so changing TTY in a custom config did not help.
This changeset changes safe_asterisk to continue if the TTY setting was
untouched and /dev/tty9 and /dev/vc/9 aren't found.
Joshua Colp [Tue, 23 Aug 2016 11:35:11 +0000 (11:35 +0000)]
chan_sip: Don't allocate new RTP instances on top of old ones.
In some scenarios dialog_initialize_rtp can be called multiple times on
the same dialog. This can cause RTP instances to be leaked along with
multiple file descriptors for each instance.
This change makes it so the existing RTP instances are destroyed and
not overwritten, stopping the memory leak.
ASTERISK-26272 #close
patches:
ASTERISK-26272-13.patch submitted by Corey Farrell (license 5909)
Mark Michelson [Tue, 16 Aug 2016 20:34:53 +0000 (15:34 -0500)]
res_pjsip: Do not crash on ACKs from unknown endpoints.
The endpoint identification PJSIP module is intended to identify which
endpoint an incoming request is from. If an endpoint is not identified,
then an artificial endpoint is used in its place when proceeding.
The problem is that the ACK request type is an exception to the rule.
The artificial endpoint is not used when processing an ACK. This results
in the possibility of having a NULL endpoint being used further on.
The reason ACK is an exception is an attempt not to spam security logs
with unidentified requests. Presumably, you've already logged the
unidentified request on the preceeding INVITE.
Up until Asterisk 13.10, retrieving a NULL endpoint in this fashion
didn't cause an issue. A new change in 13.10 added endpoint ACL checking
shortly after endpoint identification. Because we are accessing a NULL
endpoint, this ACL check resulted in a crash.
The fix here is to be sure to retrieve the artificial endpoint for all
request types. ACKs still do not generate unidentified request security
events.
Richard Mudgett [Tue, 6 Sep 2016 16:46:16 +0000 (11:46 -0500)]
res_pjsip_messaging.c: Misc cleanups and fixes.
* Eliminated RAII_VAR in get_outbound_endpoint().
* Simplify update_to() coding. However, this function can only be a NoOp
because the To string can only be a URI and not a name-address formatted
string.
* Simplify update_from() coding. Also fixed a code path modifying the
from string when the caller could still want to use the original string.
* Fixed msg_data_create() incompletely removing the "pjsip:" to then add
back the "sip:" string if needed. The code didn't handle the "pjsip:sip:"
case because it left the colon after pjsip in the string.
Currently when you add global headers from the dialplan both
the header in the dialplan and the globally configured header
are added to the resulting SIP INVITE. This change makes it
so the headers in the dialplan take precedence and are the
only ones added.
Mark Michelson [Wed, 10 Aug 2016 20:14:09 +0000 (15:14 -0500)]
ConfBridge: Make some announcements asynchronous.
Confbridge announcements tend to block a channel while they are being
played. In some circumstances, this is warranted since you want that
particular channel not to hear the announcement (Example: "John Doe has
entered the conference"). For others it makes less sense.
This change first introduces methods for playing sounds asynchronously
into the conference. This is very similar to how synchronous sounds are
played, except the channel initiating the playback does not wait for the
sound to complete before moving on.
Asynchronous announcements are used for two circumstances:
* Sounds played for a user after they have left the bridge
* Sounds that play first to a single user and then the rest of the
conference (if the channel and conference use the same language)
Matt Jordan [Tue, 6 Sep 2016 20:25:28 +0000 (15:25 -0500)]
res/res_stasis_playback: Cancel the entire playlist when a stop occurs
Prior to this patch, a stop issued by a delete of a Playback resource
(indicated by the control frame AST_CONTROL_STREAM_STOP) would only stop
the current media URI playing. Subsequent URIs specified by a playback
operation would then proceed on, even though we had just indicated to
the User that the Playback was finished *and* after they had just
'deleted' the resource. Whoops.
This patch corrects it by bailing out of the sequence of URIs to play if
one of them is terminated with an AST_CONTROL_STREAM_STOP indication.
George Joseph [Tue, 2 Aug 2016 01:55:33 +0000 (19:55 -0600)]
build: Add download capability for external packages
The DPMA and g729a, silk, siren7 and siren14 codecs hosted at
http://downloads.digium.com/pub/telephony/ are now listed in the
"External" sections of the "Resource Modules" and "Codec Translators"
pages in menuselect. Any that are selected will automatically be
downloaded and installed when "make install" is run. Their LICENSE and
README (if avaialble) files will be installed to
ASTVARLIBDIR/documentation/thirdparty/<product_name>.
Example use with codecs:
The codecs/codecs.xml file is a menuselect style xml file that lists
the codecs to be included. Their support levels are 'external', which
triggers the download and install, and defaultenabled is no. Also
because codec_g729a is actually in a directory named codec_g729 on the
download server, the newly added 'member_data' element is used to
override the default of the directory name being the package name. You
can use the 'directory_name' attribute to keep default base URL
(http://downloads.digium.com/pub/telephony/) but use the new directory,
or you use the 'remote_url' attribute to specify a full URL to the
download directory. In this case, you must still follow the same
subdirectory naming conventions as that used for the packages located
at 'http://downloads.digium.com/pub/telephony'.
A new configure option '--with-externals-cache' was added and like
'--with-sounds-cache' it allows the installer to cache tarballs so
they're not downloaded every time.
To assist with the download and install process, each external package
now has a manifest.xml file that, among other things, contains a package
version and checksums for each file in the tarball. The manifest is
saved to both the cache directory and ASTMODDIR and together with the
manifest.xml on the downloads site, tells the install scripts whether
a download and/or update is needed.
bash and xmlstarlet are required for downloader operation. If they're
not installed, the external items in menuselect will be unavailable.
Alexei Gradinari [Thu, 18 Aug 2016 19:45:59 +0000 (15:45 -0400)]
res_pjsip_session: segfault on already disconnected session
On heavy loaded system the TCP/TLS incoming calls could be
disconnected by pjproject while these calls are being
processed by asterisk which could use the session's memory pools.
If the session in the disconnected state then the session memory
pools were already freed, so we get segfault.
This patch adds a lifetime control on an INVITE session to pjproject.
The lifetime of the session is manipulated by calling
pjsip_inv_add_ref/pjsip_inv_dec_ref.
This patch uses these functions to inform pjproject that the
session is in use.
This patch adds check if the session state is not disconnected
and also checks if the memory pool is not NULL.
This patch also places tasks 'session_end' and 'session_end_completion'
into session's serializer to avoid race condition.
A crypto line is supplied, but the m-line does not have SAVP.
When res_srtp.so is *not* loaded, then chan_sip.so treats the optional
crypto as regular RTP, but when res_srtp.so *is* loaded, it refuses the
incoming call with the following message:
WARNING: process_sdp: Failed to receive SDP offer/answer with
required SRTP crypto attributes for audio
For platforms that want to start providing SRTP this presents a
compatibility problem.
This changeset lets chan_sip handle the SDP as if no crypto-line was
supplied: i.e. accept the call as regular RTP, just like it did before
res_srtp was loaded.
Now you'll get this informative warning instead:
WARNING: Ignoring crypto attribute in SDP because RTP transport is
insecure
Matt Jordan [Sat, 3 Sep 2016 21:04:21 +0000 (16:04 -0500)]
apps/app_dial: Fix crash on non-connect call paths for Privacy/Screening option
In any scenario in which the callee is not connected to the caller, the
current code in app_dial will crash due to raising a Dial End Stasis
Message after the callee channel has been hung up. This patch corrects
the error by simply moving the explicit hangup of the callee (peer)
channel until after the dial end message.
Matt Jordan [Sat, 3 Sep 2016 21:02:37 +0000 (16:02 -0500)]
apps/app_dial: Set the DIALSTATUS to NOANSWER on privacy option 5
If the callee selects option '5' using the Dial application's privacy
(P) option, the DIALSTATUS is erroneously set to ANSWER. This option
reflects the callee sending the caller to VoiceMail one time; the call
is definitely *not* ANSWERed in such a scenario. With this patch, the
DIALSTATUS is instead set to NOANSWER, which is the same DIALSTATUS that
is set when the 'send to VoiceMail every time' option is set.
Corey Farrell [Thu, 18 Aug 2016 18:28:57 +0000 (14:28 -0400)]
named_locks: Use ao2_weakproxy to deal with cleanup from container.
This allows standard ao2 functions to be used to release references to
an ast_named_lock. This change can cause less frequent locking of the
global named_locks container. The container is no longer locked when a
named_lock reference is being release except when this causes the
named_lock to be destroyed.
projects / thirdparty / asterisk.git / log
