The test_voicemail_notify_endl test checks the end-of-line
characters of an email message to confirm that they are consistent.
The test wrongfully assumed that reading from the email message
into a buffer will always result in more than 1 character being
read. This is incorrect. If only 1 character was read the test
would go outside of the buffer and access other memory causing
a crash.
The test now checks to ensure that 2 or more characters are read
in ensuring the test stays within the buffer.
app_voicemail/IMAP: IMAP access FATAL error: Out of memory
Sometimes uw-imap function 'mail_fetchbody' returns huge len
which then pass to uw-imap function 'rfc822_base64'.
uw-imap tries to allocate huge memory and abort() on fail.
This patch check the len.
If the len more than max size (128 Mbytes) log error.
This patch also set variables len, newlen to avoid uninizialezed len.
This patch also check pointer returned by rfc822_base64.
Walter Doekes [Thu, 24 Mar 2016 12:36:39 +0000 (13:36 +0100)]
musiconhold: Only warn if music class is not found in memory and database.
The log message when a MusicOnHold music class was not found was changed
from debug level to WARNING level in Asterisk 11.19 and 13.5. For those
using realtime musiconhold, this message is wrong because it warns
before checking the database.
This changeset delays the warning until after the database has been
checked.
Walter Doekes [Thu, 24 Mar 2016 10:38:16 +0000 (11:38 +0100)]
core/logging: Fix broken syslog levels on older glibc.
The fix to ASTERISK-25407 introduced the usage of LOG_MAKEPRI. However
this macro is broken in older glibc (< 2.17); it would left-shift the
facility a second time, causing the resultant priority to become
invalid.
The syslog manpage mentions nothing about LOG_MAKEPRI and suggests this:
The priority argument is formed by ORing the facility and the level
values [...].
chan_sip.c: Space after port causes unnecessary resolution attempt
check_via() already skips leading blanks where the sent-by address (with the
optional port) should be placed.
Since RFC 3261 allows for blanks between the port ant the Via parameters:
> https://tools.ietf.org/html/rfc3261#section-20.42
(actually it allows a lot of blanks more ;-)). I just switched from
ast_skip_blanks() to ast_strip() on the local copy of the string.
Gianluca Merlo [Sat, 19 Mar 2016 12:34:26 +0000 (13:34 +0100)]
config: fix flags in uint option handler
The configuration unsigned integer option handler sets flags for the
parser as if the option should be a signed integer (PARSE_INT32),
leading to errors on "out of range" values. Fix flags (PARSE_UINT32).
Gianluca Merlo [Sat, 19 Mar 2016 01:32:51 +0000 (02:32 +0100)]
func_aes: fix misuse of strlen on binary data
The encryption code for AES_ENCRYPT evaluates the length of the data to
be encoded in base64 using strlen. The data is binary, thus the length
of it can be underestimated at the first NULL character.
Reuse the write pointer offset to evaluate it, instead.
Walter Doekes [Fri, 11 Mar 2016 21:57:30 +0000 (22:57 +0100)]
app_chanspy: Fix occasional deadlock with ChanSpy and Local channels.
Channel masquerading had a conflict with autochannel locking.
When locking autochannel->channel, the channel is fetched from the
autochannel and then locked. During the fetch, the autochannel -- which
has no locks itself -- can be modified by someone who owns the channel
lock. That means that the value of autochan->channel cannot be trusted
until you hold the lock.
In practice, this caused problems with Local channels getting
masqueraded away while the ChanSpy attempted to get info from that
channel. The old channel which was about to get removed got locked, but
the new (replaced) channel got unlocked (no-op). Because the replaced
channel was now locked (and would never get unlocked), it couldn't get
removed from the channel list in a timely manner, and would now cause
deadlocks when iterating over the channel list.
This change checks the autochannel after locking the channel for changes
to the autochannel. If the channel had been changed, the lock is
reobtained on the new channel.
In theory it seems possible that after this fix, the lock attempt on the
old (wrong) channel can be on an already destroyed lock, maybe causing
a crash. But that hasn't been observed in the wild and is harder induce
than the current deadlock.
Thanks go to Filip Frank for suggesting a fix similar to this and
especially to IRC user hexanol for pointing out why this deadlock was
possible and testing this fix. And to Richard for catching my rookie
while loop mistake ;)
Richard Mudgett [Wed, 17 Feb 2016 19:30:06 +0000 (13:30 -0600)]
cel.c: Fix mismatch in ast_cel_track_event() return type.
The return type of ast_cel_track_event() is not large enough to return all
64 potential bits of the event enable mask. Fortunately, the defined CEL
events do not really need all 64 bits and the return value is only used to
determine if the requested CEL event is enabled.
* Made the ast_cel_track_event() return 0 or 1 only so the return value
can fit inside an int type instead of zero or a truncated 64 bit non-zero
value.
Corey Farrell [Sat, 21 Feb 2015 02:51:35 +0000 (02:51 +0000)]
main/asterisk.c: Reverse #if statement in listener() to fix code folding.
listener() opens the same code block in two places (#if and #else). This
confuses some folding editors causing it to think that an extra code block
was opened. Folding in 'geany' causes all code after listener() to be
folded as if it were part of that procedure.
Corey Farrell [Tue, 9 Feb 2016 20:21:05 +0000 (15:21 -0500)]
Simplify and fix conditional in FD_SET.
FD_SET contains a conditional statement to protect against buffer
overruns. The statement was overly complicated and prevented use
of the last array element of ast_fdset. We now just verify the fd
is less than ast_FDMAX.
Mark Michelson [Thu, 4 Feb 2016 22:17:55 +0000 (16:17 -0600)]
Check for OpenSSL defines before trying to use them.
The SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 defines did not exist prior
to OpenSSL version 1.0.1. A recent commit attempts to, by default, set
these options, which can cause problems on systems with older OpenSSL
installations.
This commit adds a configure script check for those defines and will not
attempt to make use of those if they do not exist. We will print a
warning urging the user to upgrade their OpenSSL installation if those
defines are not present.
Joshua Colp [Wed, 3 Feb 2016 18:02:01 +0000 (14:02 -0400)]
AST-2016-001 http: Provide greater control of TLS and set modern defaults.
This change exposes the configuration of various aspects of the TLS
support and sets the default to the modern standards.
The TLS cipher is now set to the best values according to the
Mozilla OpSec team, different TLS versions can now be disabled, and
the cipher order can be forced to be that of the server instead of
the client.
Richard Mudgett [Mon, 7 Dec 2015 18:46:53 +0000 (12:46 -0600)]
AST-2016-003 udptl.c: Fix uninitialized values.
Sending UDPTL packets to Asterisk with the right amount of missing
sequence numbers and enough redundant 0-length IFP packets, can make
Asterisk crash.
Setting the sip.conf timert1 value to a value higher than 1245 can cause
an integer overflow and result in large retransmit timeout times. These
large timeout times hold system file descriptors hostage and can cause the
system to run out of file descriptors.
NOTE: The default sip.conf timert1 value is 500 which does not expose the
vulnerability.
* The overflow is now detected and the previous timeout time is
calculated.
ASTERISK-25397 #close
Reported by: Alexander Traud
The module res_xmpp does not accept usernames in the form used in component
mode (XEP-0114). In component mode there is no @something in the name.
In component mode the connection is now not dropped anymore.
If the xmpp server sends out a "stream" tag before handshake is finished,
the connection gets dropped in res_xmpp. Now this tag will be ignored and
the connection will be established.
After connecting there will be an exchange of presence states. This does
not work as expected in component mode. The responsible function
"xmpp_pak_presence" is left before the states get sent out. Sending
presence states in component mode is now moved to the top of the function.
StefanEng86 [Fri, 29 Jan 2016 13:39:06 +0000 (14:39 +0100)]
chan_sip.c: AMI & CLI notify methods get different values of asterisk's own ip.
When I ask asterisk to send a SIP NOTIFY message to a sip peer using either a)
AMI action: SIPnotify or b) cli command: sip notify <cmd> <peer>, I expect
asterisk to include the same value for its own ip in both cases a) and b),
but it seems a) produces a contact header like Contact:
<sip:asterisk@192.168.1.227:8060> whereas b) produces a contact header like
<sip:asterisk@127.0.0.1:8060>. 0.0.0.0:8060 is my udpbindaddr in sip.conf
My guess is that manager_sipnotify should call
ast_sip_ouraddrfor(&p->sa, &p->ourip, p) the same way sip_cli_notify does,
because after applying this patch, both cases a) and b) produce
the contact header that I expect: <sip:asterisk@192.168.1.227:8060>
Reported by: Stefan Engström
Tested by: Stefan Engström
George Joseph [Wed, 27 Jan 2016 16:29:13 +0000 (09:29 -0700)]
build_system: Prevent goals needing makeopts from running when it's missing
The Makefile only optionally includes makeopts so when goals like uninstall that
dont depend on anything else are run after a distclean, rules like
'rm -f "$(DESTDIR)$(ASTMODDIR)/"*' get run as 'rm -f ""/*' which attempts
to remove everything in the root directory.
Although there's a rule defined for makeopts which prints a message and does
an 'exit 1', since '-include makepopts' was specified (with the -), the exit
was ignored letting the rest of the rules run.
This patch makes makeopts required unless the goal has the string 'clean' in it.
ASTERISK-25730 #close Reported-by: George Joseph
Change-Id: I1bce59a7ea4f48e7a468e22b2abbb13c63417ac7
Rusty Newton [Mon, 25 Jan 2016 22:56:04 +0000 (16:56 -0600)]
sounds/Makefile: Incremented core and extra sounds versions to 1.5
Core and extra sounds 1.5 was recently released! The tarballs contain
change descriptions however I figure more people will see this one so
I'll try to be a bit detailed. Approximately 60 sounds were moved from Extra
to Core for en, en_GB, fr and added for languages that didn't already
have Extra sound sets (it,ja,ru).
In addition all of the English and Russian sounds have been completely
re-recorded.
Sounds moved and added:
activated,added,all-circuits-busy-now,astcc-followed-by-pound
at-tone-time-exactly,call-forwarding,call-fwd-no-ans,call-fwd-on-busy
,call-fwd-unconditional,calling,call-waiting,cancelled,
cannot-complete-as-dialed,check-number-dial-again,conf-full,de-activated
,disabled,do-not-disturb,enabled,enter-num-blacklist,entr-num-rmv-blklist
,extension,feature-not-avail-line,for,from-unknown-caller,goodbye,hello
,if-correct-press,im-sorry,info-about-last-call,is,is-in-use,is-set-to
,location,number,number-not-answering,num-was-successfully,one-moment-please
,please-try-again,pls-hold-while-try,pls-try-call-later,pm-invalid-option
,privacy-to-blacklist-last-caller,removed,simul-call-limit-reached
,something-terribly-wrong,sorry,sorry-youre-having-problems,speed-dial
,speed-dial-empty,telephone-number,time,to-call-this-number,to-extension
,to-listen-to-it,to-rerecord-it,unidentified-no-callback,with,you-entered
,your
There were also a few random fixes here and there to file names for a few
of the languages.
Corey Farrell [Mon, 25 Jan 2016 17:03:21 +0000 (12:03 -0500)]
chan_sip: Fix buffer overrun in sip_sipredirect.
sip_sipredirect uses sscanf to copy up to 256 characters to a stacked buffer
of 256 characters. This patch reduces the copy to 255 characters to leave
room for the string null terminator.
Joshua Colp [Tue, 12 Jan 2016 17:14:29 +0000 (13:14 -0400)]
app: Queue hangup if channel is hung up during sub or macro execution.
This issue was exposed when executing a connected line subroutine.
When connected or redirected subroutines or macros are executed it is
expected that the underlying applications and logic invoked are fast
and do not consume frames. In practice this constraint is not enforced
and if not adhered to will cause channels to continue when they shouldn't.
This is because each caller of the connected or redirected logic does not
check whether the channel has been hung up on return. As a result the
the hung up channel continues.
This change makes it so when the API to execute a subroutine or
macro is invoked the channel is checked to determine if it has hung up.
If it has then a hangup is queued again so the caller will see it
and stop.
Kevin Harwell [Wed, 6 Jan 2016 19:03:28 +0000 (13:03 -0600)]
pbx: Deadlock between contexts container and context_merge locks
Recent changes (ASTERISK-25394 commit 2bd27d12223fe33b58c453965ed5c6ed3af7c4f5)
introduced the possibility of a deadlock. Due to the mentioned modifications
ast_change_hints now needs to keep both merge/delete and state callbacks from
occurring while it executes. Unfortunately, sometimes ast_change_hints can be
called with the contexts container locked. When this happens it's possible for
another thread to grab the context_merge_lock before the thread calling into
ast_change_hints does and then try to obtain the contexts container lock. This
of course causes a deadlock between the two threads. The thread calling into
ast_change_hints waits for the other thread to release context_merge_lock and
the other thread is waiting on that one to release the contexts container lock.
Unfortunately, there is not a great way to fix this problem. When hints change,
the subsequent state callbacks cannot run at the same time as a merge/delete,
nor when the usual state callbacks do. This patch alleviates the problem by
having those particular callbacks (the ones run after a hint change) occur in a
serialized task. By moving the context_merge_lock to a task it can now safely be
attempted or held without a deadlock occurring.
ASTERISK-25640 #close
Reported by: Krzysztof Trempala
include/asterisk/time.h: Renamed global declaration:tv
Renamed global declaration:tv to dummy_tv_var_for_types,
which would oltherwise cause 'shadow' warnings when 'tv'
was declared as a local variable elsewhere.
Added comment to note that dummy_tv_var_for_types is never
really exported and only used as a place holder.
Richard Mudgett [Thu, 7 Jan 2016 01:00:27 +0000 (19:00 -0600)]
ccss.c: Replace space in taskprocessor name.
The CLI "core ping taskprocessor" command does not work very
well with taskprocessor names that have spaces in them. You
have to put quotes around the name so using tab completion
becomes awkward.
Aaron An [Mon, 4 Jan 2016 10:26:55 +0000 (18:26 +0800)]
cel/cel_radius: Fix wrong pointer.
The macro ADD_VENDOR_CODE defined in the cel_radius.c should use the parameter
y not the address of y.
I capture the radius UDP packet via tcpdump, and the AV pairs are not correct,
then i review the source code and compare it with cdr/cdr_radius.c. Fix it and
it works.
ASTERISK-25647 #close
Reported by: Aaron An
Tested by: Aaron An
George Joseph [Tue, 5 Jan 2016 20:52:16 +0000 (13:52 -0700)]
asterisk.h: Add ASTERISK_REGISTER_FILE macro
The 11/13 branches and master use 2 different file version macros. 11/13
uses ASTERISK_FILE_VERSION but master uses ASTERISK_REGISTER_FILE. This
means a new file added to 11/13 can't just be cherry-picked to master
because the macro has to be changed.
To make cherry-picking possible, ASTERISK_REGISTER_FILE was added
to asterisk.h as a simple alias for ASTERISK_FILE_VERSION(__FILE__, NULL)
The "$Revision$" tag doesn't do anything since Asterisk moved to git so
just passing NULL as the verison works fine. asterisk.h was also
annotated to deprecate ASTERISK_FILE_VERSION and suggest using
ASTERISK_REGISTER_FILE for all new files.
Martin Tomec [Tue, 29 Dec 2015 11:44:29 +0000 (12:44 +0100)]
app_queue: Add member flag "in_call" to prevent reading wrong lastcall time
Member lastcall time is updated later than member status. There was chance to
check wrapuptime for available member with wrong (old) lastcall time.
New boolean flag "in_call" is set to true right before connecting call, and
reset to false after update of lastcall time. Members with "in_call" set to true
are treat as unavailable.
Richard Mudgett [Fri, 4 Dec 2015 23:22:29 +0000 (17:22 -0600)]
app_dial: Immediately exit dial if the caller is already hung up.
If a caller hangs up before dial is executed within an AGI then the AGI
has likely eaten all queued frames before executing the dial in DeadAGI
mode. With the caller hung up and no pending frames from the caller's
read queue, dial would not know that the call has hung up until a called
channel answers. It is rather annoying to whoever just answered the
non-existent call.
Dial should not continue execution in DeadAGI mode, hangup handlers, or
the h exten.
* Added a check early in dial to abort dialing if the caller has hungup.
ASTERISK-25307 #close
Reported by: David Cunningham
Joshua Colp [Mon, 28 Dec 2015 20:02:19 +0000 (16:02 -0400)]
test_time: Provide a timeout when waiting.
The test_timezone_watch unit test is written to expect a
condition to be signaled when the inotify daemon thread runs.
There exists a small window where the test_timezone_watch
thread can signal the inotify daemon thread while it is not
reading on the underlying file descriptor. If this occurs
the test_timezone_watch thread will wait indefinitely for a
signal that will never arrive.
This change adds a timeout to the condition so it will return
regardless after a period of time.
Dade Brandon [Fri, 25 Dec 2015 04:19:59 +0000 (20:19 -0800)]
res_http_websocket.c: prevent avoidable disconnections caused by write errors
Updated ast_websocket_write to encode the entire frame in to one
write operation, to ensure that we don't end up with a situation
where the websocket header has been sent, while the body can not
be written.
Previous to August's patch in commit b9bd3c14, certain network
conditions could cause the header to be written, and then the
sub-sequent body to fail - which would cause the next successful
write to contain a new header, and a new body (resulting in
the peer receiving two headers - the second of which would be
read as part of the body for the first header).
This was patched to have both write operations individually fail
by closing the websocket.
In a case available to the submitter of this patch, the same
body which would consistently fail to write, would succeed
if written at the same time as the header.
This update merges the two operations in to one, adds debug messages
indicating the reason for a websocket connection being closed during
a write operation, and clarifies some variable names for code legibility.
Dade Brandon [Fri, 25 Dec 2015 15:56:44 +0000 (07:56 -0800)]
chan_sip.c: fix websocket_write_timeout default value
websocket_write_timeout was not being set to its default value
during sip config reload, which meant that prior to this commit,
1) the default value of 100 was not used, unless an invalid value
(or 1) was specified in sip.conf for websocket_write_timeout, and
2) if the websocket_write_timeout directive was removed from sip.conf
without a full restart of asterisk, then the previous value would
continue to be used indefinitely.
This essentially lead to a 0ms write timeout (the first write attempt
in ast_careful_fwrite must have succeeded) in websocket write requests
from chan_sip, unless websocket_write_timeout was explicitely set in sip.conf.
Changes to websocket_write_timeout still only apply to new websocket
sessions, after the sip reload -- timeouts on existing sessions are
not adjusted during sip reload.
Dade Brandon [Mon, 21 Dec 2015 03:33:02 +0000 (19:33 -0800)]
app_amd: Correct documentation to reflect functionality
Update documentation to reflect that maximum_number_of_words
has functionality inconsistent with the variable name (and inconsistent
with prior documentation.)
Update documentation for silence_threshold, which previously implied
that it was measuring time, rather than noise averages in the sample.
Dade Brandon [Fri, 18 Dec 2015 01:05:00 +0000 (17:05 -0800)]
res_rtp_asterisk: Resolve further timing issues with DTLS negotiation
Resolves an edge case dtls negotiation delay for certain networks which
somehow manage to drop the rtcp side's packet when these are both sent
ast_rtp_remote_address_set, causing it to have to time-out and restart
the handshake.
Move dtls pending bio flush in to it's own function, and call it from
ast_rtp_on_ice_complete, when we're rtp->ice, rather than when
ast_rtp_remote_address_set.
Keep the existing flush from the recent change to res_rtp_remote_address_set
if ice is not being used.
Carlos Oliva [Fri, 18 Dec 2015 15:54:41 +0000 (16:54 +0100)]
app_queue: update RT members when the 1st call joins a queue with no agents
If a call enters on a queue and the members on that queue are updated in
realtime (ex: using mysql inserting a new agent) the queue members are
never refreshed and the call will stay in the queue until other event occurs.
This happens only if this is the first call of the queue and there is no
agents servicing.
This patch prevent this issue, ensuring realtime members are updated if
there is one call in the queue and no available agents
server-pandora [Mon, 14 Dec 2015 19:53:20 +0000 (11:53 -0800)]
res_rtp_asterisk.c: Fix DTLS negotiation delays.
- Trigger pending DTLS packets to send out, once the RTP instance's remote
address is set.
- Avoids locking the DTLS structure unnecessarily by only doing this if
DTLS is passive.
- Add DTLS locks around the structurally sensitive calls in the SSL
portion of __rtp_recvfrom, since dtls_srtp_check_pending does not lock
inside of itself, and we're dealing with the SSL BIO in at least two
threads.
WebRTC channels may receive a DTLS handshake before
ast_rtp_remote_address_set is called, which causes there to be a pending
response to send out. Previous to 1ad827, this was handled by calling
dtls_srtp_check_pending on receipt of any RTP packet - a STUN or RTP
packet could trigger the pending handshake response. Since that was
rightfully removed, whenever the DTLS handshake is received before the
remote address is set, we would have to wait until another SSL packet
arrives.
As of Chrome M47's optimizations to their handshake process, WebRTC
conversations between Chrome M47+ and Asterisk, where Asterisk is passive,
experience a 1 second delay without this patch, because the SSL handshake
is received before ICE negotation stores the remote_address, and the next
SSL packet isn't received until after a 1 second timeout in Chrome, which
causes a new handshake request.
Matt Jordan [Sun, 13 Dec 2015 19:13:55 +0000 (13:13 -0600)]
main/utils: Don't emit an ERROR message if the read end of a pipe closes
An ERROR or WARNING message should generally indicate that something has gone
wrong in Asterisk. In the case of writing to a file descriptor, Asterisk is not
in control of when the far end closes its reading on a file descriptor. If the
far end does close the file descriptor in an unclean fashion, this isn't a bug
or error in Asterisk, particularly when the situation can be gracefully
handled in Asterisk.
Currently, when this happens, a user would see the following somewhat cryptic
ERROR message:
"utils.c: write() returned error: Broken pipe"
There's a few problems with this:
(1) It doesn't provide any context, other than 'something broke a pipe'
(2) As noted, it isn't actually an error in Asterisk
(3) It can get rather spammy if the thing breaking the pipe occurs often, such
as a FastAGI server
(4) Spammy ERROR messages make Asterisk appear to be having issues, or can even
mask legitimate issues
This patch changes ast_carefulwrite to only log an ERROR if we actually had one
that was reasonably under our control. For debugging purposes, we still emit
a debug message if we detect that the far side has stopped reading.
Jonathan Rose [Thu, 10 Dec 2015 17:44:03 +0000 (11:44 -0600)]
chan_sip: Add TCP/TLS keepalive to TCP/TLS server
Adds the TCP Keep Alive option to TCP and TLS server sockets. Previously
this option was only being set on session sockets.
http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/
According to the link above, the SO_KEEPALIVE option is useful for knowing
when a TCP connected endpoint has severed communication without indicating
it or has become unreachable for some reason. Without this patch, keep
alive is not set on the socket listening for incoming TCP sessions and
in Komatsu's report this resulted in the thread listening for TCP becoming
stuck in a waiting state.
Eugene Voityuk [Wed, 2 Dec 2015 18:42:15 +0000 (20:42 +0200)]
chan_sip.c: Start ICE negotiation when response is sent or received.
The current logic for ICE negotiation starts it
when receiving an SDP with ICE candidates. This is
incorrect as ICE negotiation can only start when each
call party have at least one pair of local and remote
candidate. Starting ICE negotiation early would result
in negotiation failure and ultimately no audio.
This change makes it so ICE negotiation is only started
when a response with SDP is received or when a response
with SDP is sent.
projects / thirdparty / asterisk.git / log
