Richard Mudgett [Fri, 7 Feb 2014 19:20:43 +0000 (19:20 +0000)]
chan_iax2: Block unnecessary control frames to/from the wire.
Establishing an IAX2 call between Asterisk v1.4 and v1.8 (or later)
results in an unexpected call disconnect. The problem happens because
newer values in the enum ast_control_frame_type are not consistent between
the branch versions of Asterisk.
For example:
1) v1.4 calls v1.8 (or later) using IAX2
2) v1.8 answers and sends a connected line update control frame. (on v1.8
AST_CONTROL_CONNECTED_LINE = 22)
3) v1.4 receives the control frame as an end-of-q (on v1.4
AST_CONTROL_END_OF_Q = 22)
4) v1.4 disconnects the call once the receive queue becomes empty.
Several things are done by this patch to fix the problem and attempt to
prevent it from happening again in the future:
* Added a warning at the definition of enum ast_control_frame_type about
how to add new control frame values.
* Made block sending and receiving control frames that have no reason to
go over the wire.
* Extended the connectedline iax.conf parameter to also include the
redirecting information updates.
* Updated the connectedline iax.conf parameter documentation to include a
notice that the parameter must be "no" when the peer is an Asterisk v1.4
instance.
Richard Mudgett [Sat, 25 Jan 2014 00:07:39 +0000 (00:07 +0000)]
CEL: Protect data structures during reload and shutdown.
The CEL data structures need to be protected during a configuration reload
and shutdown. Asterisk crashed during a shutdown because CEL events were
still in flight and the CEL data structures were already destroyed.
* Protected the appset and linkedids ao2 containers using the reload_lock.
As a result appset, linkedids, and held objects don't need a lock.
* Added NULL checks before use of the appset and linkedids ao2 containers
in case the CEL module is already shutdown.
* Fixed overloading of the linkedids held objects reference count. During
shutdown any held objects would be leaked.
* Fixed memory leak of linkedids held objects if the LINKEDID_END is not
being tracked. The objects in the linkedids container were not removed if
the LINKEDID_END event is not used.
* Added access protection to the appset container during the CLI "cel show
status" command.
* Made CEL config reload not set defaults if the cel.conf file is invalid.
Richard Mudgett [Fri, 24 Jan 2014 18:18:58 +0000 (18:18 +0000)]
manager: Protect data structures during shutdown.
Occasionally, the manager module would get an "INTERNAL_OBJ: bad magic
number" error on a "core restart gracefully" command if an AMI connection
is established.
* Added ao2_global_obj protection to the sessions global container.
* Fixed the order of unreferencing a session object in session_destroy().
* Removed unnecessary container traversals of the white/black filters
during session_destructor().
Matthew Jordan [Wed, 15 Jan 2014 15:26:19 +0000 (15:26 +0000)]
pbx.c: put copy of ast_exten.data on stack to prevent memory corruption
During dialplan execution in pbx_extension_helper(), the contexts global
read lock prevents link list corruption, but was released with a pointer
to the ast_exten and data later used in variable substitution. Instead,
this patch removes pbx_substitute_variables() and locates a copy of the
ast_exten data on the stack before releasing the lock, where ast_exten
could get free'd by another thread performing a module reload.
(issue AST-1179)
Reported by: Thomas Arimont
(issue AST-1246)
Reported by: Alexander Hömig
Review: https://reviewboard.asterisk.org/r/3055/
........
Merged revisions 403862 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 403863 from http://svn.asterisk.org/svn/asterisk/branches/11
Richard Mudgett [Tue, 14 Jan 2014 18:30:15 +0000 (18:30 +0000)]
verbosity: Fix performance of console verbose messages.
The per console verbose level feature as previously implemented caused a
large performance penalty. The fix required some minor incompatibilities
if the new rasterisk is used to connect to an earlier version. If the new
rasterisk connects to an older Asterisk version then the root console
verbose level is always affected by the "core set verbose" command of the
remote console even though it may appear to only affect the current
console. If an older version of rasterisk connects to the new version
then the "core set verbose" command will have no effect.
* Fixed the verbose performance by not generating a verbose message if
nothing is going to use it and then filtered any generated verbose
messages before actually sending them to the remote consoles.
* Split the "core set debug" and "core set verbose" CLI commands to remove
the per module verbose support that cannot work with the per console
verbose level.
* Added a silent option to the "core set verbose" command.
* Fixed "core set debug off" tab completion.
* Made "core show settings" list the current console verbosity in addition
to the root console verbosity.
* Changed the default verbose level of the 'verbose' setting in the
logger.conf [logfiles] section. The default is now to once again follow
the current root console level. As a result, using the AMI Command action
with "core set verbose" could again set the root console verbose level and
affect the verbose level logged.
When Asterisk is shut down, the astdb_atexit() function releases
(finalize) the previously initiated (prepared) SQL statements in
sqlite3. Another thread making a subsequent request can cause a
crash in sqlite3. This patch eliminates that issue by resetting
the statement pointer after it is released/cleared. The sqlite3
code detects the null pointer, and aborts the operation cleanly.
David M. Lee [Mon, 16 Dec 2013 17:20:38 +0000 (17:20 +0000)]
security: Inhibit execution of privilege escalating functions
This patch allows individual dialplan functions to be marked as
'dangerous', to inhibit their execution from external sources.
A 'dangerous' function is one which results in a privilege escalation.
For example, if one were to read the channel variable SHELL(rm -rf /)
Bad Things(TM) could happen; even if the external source has only read
permissions.
Execution from external sources may be enabled by setting
'live_dangerously' to 'yes' in the [options] section of asterisk.conf.
Although doing so is not recommended.
app_sms: BufferOverflow when receiving odd length 16 bit message
This patch prevents an infinite loop overwriting memory when
a message is received into the unpacksms16() function, where
the length of the message is an odd number of bytes.
(closes issue ASTERISK-22590)
Reported by: Jan Juergens
Tested by: Jan Juergens
Kevin Harwell [Mon, 4 Nov 2013 21:17:18 +0000 (21:17 +0000)]
chan_sip: notify dialog info ignores presentation indicator in callerid
The presentation indicator in a callerid (e.g. set by dialplan function
Set(CALLERID(name-pres)= ...)) is not checked when SIP Dialog Info Notifies
are generated during extension monitoring. Added a check to make sure the
name and/or number presentations on the callee (remote identity) are set to
allow. If they are restricted then "anonymous" is used instead.
(closes issue AST-1175)
Reported by: Thomas Arimont
Review: https://reviewboard.asterisk.org/r/2976/
........
Merged revisions 402450 from http://svn.asterisk.org/svn/asterisk/branches/11
pbx.c: fix confused match caller id that deleted exten still in hash
This fixes a bug where a zero length callerid match adjacent to a no
match callerid extension entry would be deleted together, which then
resulted in hashtable references to free'd memory. A third state of
the matchcid value has been added to indicate match to any extension
which allows enforcing comparison of matchcid on/off without errors.
Matthew Jordan [Tue, 22 Oct 2013 23:01:38 +0000 (23:01 +0000)]
res_rtp_asterisk: Fix crash when RTCP is not available during SSRC change
In r400089, a patch was put in to correct erroneous RTCP statistic resets.
Unfortunately, ast_rtp_read can be called on an RTP instance that does not
have RTCP information. This patch prevents that crash by only resetting
the statistics if we do actually have an RTCP instance.
(issue AST-1174)
(closes issue ASTERISK-22667)
Reported by: John Bigelow
........
Merged revisions 401445 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 401446 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Sat, 28 Sep 2013 22:41:36 +0000 (22:41 +0000)]
res_rtp_asterisk: Correct erroneous lost packet information in RTCP reports
RTCP's calculation of the number of lost packets in an RTP stream is based on
that stream's sequence number count, the number of received packets, and how
many packets we expect to receive. When the SSRC for an RTP stream changes,
there can - and almost always will be - a large jump in the next packet's
timestamp and sequence number. If we don't reset the number of received
packets, sequence number count, and other metrics used by RTCP, the next RR/SR
report will use the previous SSRC's values to calculate the lost packet count
for the new SSRC - resulting in a very large number of lost packets.
This patch modifies res_rtp_asterisk such that, if it detects a SSRC change, it
will reset the various values used by the RTCP calculations. From the
perspective of RTCP, this appears as a new media stream - which is what it is.
Review: https://reviewboard.asterisk.org/r/2886/
(closes issue AST-1174)
Reported by: Thomas Arimont
........
Merged revisions 400089 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 400093 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Sat, 28 Sep 2013 22:02:37 +0000 (22:02 +0000)]
Add check for openSUSE when detecting bfd library
In ASTERISK-17842, some additional library checks were added to the configure
script so that the bfd library could be found on CentOS and Fedora systems.
As it turns out, openSUSE requires an additional library. This patch adds
another check to the configure script for openSUSE that will add that library.
Kevin Harwell [Tue, 17 Sep 2013 18:50:58 +0000 (18:50 +0000)]
Remote console: more output discrepancies
The remote console continued to have issues with its output. In this case CLI
command output would either not show up (if verbose level = 0) or would contain
verbose prefixes (if verbose level > 0) once log messages were sent to the
remote console. The fix now now adds verbose prefix data to all new lines
contained in a verbose log string.
Richard Mudgett [Wed, 4 Sep 2013 16:16:55 +0000 (16:16 +0000)]
chan_misdn: Fix misdn debug output printed with arbitrary verbose levels.
Fix the misdn debug output to remote consoles. chan_misdn uses
ast_console_puts() which doesn't know about verbose levels. Better to use
ast_verbose() instead. Without this patch the misdn debug messages are
appended to the verbose level which ever was set by the message sent to
the console before, i.e. any undefined level.
Kevin Harwell [Thu, 29 Aug 2013 22:53:18 +0000 (22:53 +0000)]
Verbose logging discrepancies
Refactored cases where a combination of ast_verbose/options_verbose were
present. Also in general tried to eliminate, in as many places as possible,
where the options_verbose global variable was being used. Refactored the way
local and remote consoles handle verbose message logging in an attempt to
solve the various discrepancies that sometimes would show between the two.
Matthew Jordan [Tue, 27 Aug 2013 18:14:30 +0000 (18:14 +0000)]
AST-2013-005: Fix crash caused by invalid SDP
If the SIP channel driver processes an invalid SDP that defines media
descriptions before connection information, it may attempt to reference
the socket address information even though that information has not yet
been set. This will cause a crash.
This patch adds checks when handling the various media descriptions that
ensures the media descriptions are handled only if we have connection
information suitable for that media.
Thanks to Walter Doekes, OSSO B.V., for reporting, testing, and providing
the solution to this problem.
Matthew Jordan [Tue, 27 Aug 2013 17:39:21 +0000 (17:39 +0000)]
AST-2013-004: Fix crash when handling ACK on dialog that has no channel
A remote exploitable crash vulnerability exists in the SIP channel driver if an
ACK with SDP is received after the channel has been terminated. The handling
code incorrectly assumed that the channel would always be present.
This patch adds a check such that the SDP will only be parsed and applied if
Asterisk has a channel present that is associated with the dialog.
Note that the patch being applied was modified only slightly from the patch
provided by Walter Doekes of OSSO B.V.
(closes issue ASTERISK-21064)
Reported by: Colin Cuthbertson
Tested by: wdoekes, Colin Cutherbertson
patches:
issueA21064_fix.patch uploaded by wdoekes (License 5674)
........
Merged revisions 397710 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 397711 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 397712 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 20 Aug 2013 01:25:46 +0000 (01:25 +0000)]
Fix invalid access to disposed memory in main/data unit test
It is not safe to iterate over a macro'd list of ao2 objects, deref them such
that the item's destructor is called, and leave them in the list. The list
macro to iterate over items requires the item to be a valid allocated object
in order to proceed to the next item; with MALLOC_DEBUG on the corruption of
the linked list is caught in the crash.
This patch fixes the invalid access to free'd memory by removing the ao2 item
from the list before de-refing it.
Note that this is a backport of r396915 from Asterisk trunk.
........
Merged revisions 396958 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 396961 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 20 Aug 2013 00:01:10 +0000 (00:01 +0000)]
Resolve conflicts between CONFFLAG_DONT_DENOISE and CONFFLAG_INTROUSER_VMREC
When r382230 added an option to not denoise the MeetMe conference (if a user
had a channel whose format's sample rate changed frequently, for example),
the value added was the maximum allowed value for the constants that define
the options for MeetMe in 1.8. Not so in 11 - unfortunately, the option
CONFFLAG_DONT_DENOISE conflicts with CONFFLAG_INTROUESR_VMREC. This patch
fixes that, and also tweaks one of the way in which the constants was
declared for consistency.
Thanks to Tony Mountifield for pointing out the problem and solution.
(closes issue ASTERISK-22269)
Reported by: Tony Mountifield
........
Merged revisions 396944 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 9 Jul 2013 11:33:02 +0000 (11:33 +0000)]
Fix XML encoding of 'identity display' in NOTIFY messages.
XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
Jason Parker [Wed, 15 May 2013 14:55:37 +0000 (14:55 +0000)]
Fix VM snapshot handling for combined INBOX.
The snapshot API contains an option that allow for combining of new
and old messages within a single snapshot. New messages, however,
include options beyond just 'INBOX' - it also includes the Urgent
folder. A previous patch that combined INBOX and Urgent accidentally
impacted snapshots that attempted to gain messages from just the Old
folder. This patch fixes the snapshot gathering such that the API
returns the appropriate messages for the folder selected, with and
without the combine option.
This should make it more clear about what's happening.
Richard Mudgett [Fri, 10 May 2013 22:34:43 +0000 (22:34 +0000)]
Allow mISDN to send PROGRESS messsage.
* Made isdn_msg_parser.c build a progress message with the mandatory
progress indicator IE. (The mISDNuser NT state machine rejected sending
the incomplete message.)
Note: The associated mISDN and mISDNuser patches respectively are viewable
here:
http://svnview.digium.com/svn/thirdparty?view=rev&rev=200
http://svnview.digium.com/svn/thirdparty?view=rev&rev=201
Matthew Jordan [Wed, 27 Mar 2013 15:24:42 +0000 (15:24 +0000)]
AST-2013-003: Prevent username disclosure in SIP channel driver
When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
* A "407 Proxy Authentication Required" response is sent instead of a
"401 Unauthorized" response
* The presence or absence of additional tags occurs at the end of "403
Forbidden" (such as "(Bad Auth)")
* A "401 Unauthorized" response is sent instead of "403 Forbidden" response
after a retransmission
* Retransmission are sent when a matching peer did not exist, but not when a
matching peer did exist.
This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.
This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.
Matthew Jordan [Wed, 27 Mar 2013 14:38:49 +0000 (14:38 +0000)]
AST-2013-002: Prevent denial of service in HTTP server
AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.
This issue was reported by Christoph Hebeisen of TELUS Security Labs
(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
AST-2013-002-10.diff uploaded by mmichelson (License 5049)
AST-2013-002-11.diff uploaded by mmichelson (License 5049)
........
Merged revisions 383978 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Wed, 27 Mar 2013 14:27:43 +0000 (14:27 +0000)]
AST-2013-001: Prevent buffer overflow through H.264 format negotiation
The format attribute resource for H.264 video performs an unsafe read against a
media attribute when parsing the SDP. The value passed in with the format
attribute is not checked for its length when parsed into a fixed length buffer.
This patch resolves the vulnerability by only reading as many characters from
the SDP value as will fit into the buffer.
Matthew Jordan [Tue, 26 Mar 2013 02:31:26 +0000 (02:31 +0000)]
Resolve deadlock between SIP registration and channel based functions
In r373424, several reentrancy problems in chan_sip were addressed. As a
result, the SIP channel driver is now properly locking the channel driver
private information in certain operations that it wasn't previously. This
exposed two latent problems either in register_verify or by functions called
by register_verify. This includes:
* Holding the private lock while calling sip_send_mwi_to_peer. This can create
a new sip_pvt via sip_alloc, which will obtain the channel container lock.
This is a locking inversion, as any channel related lock must be obtained
prior to obtaining the SIP channel technology private lock.
Note that this issue was already fixed in Asterisk 11.
* Holding the private lock while calling sip_poke_peer. In the same vein as
sip_send_mwi_to_peer, sip_poke_peer can create a new SIP private, causing
the same locking inversion.
Note that this locking inversion typically occured when CLI commands were run
while a SIP REGISTER request was being processed, as many CLI commands (such
as 'sip show channels', 'core show channels', etc.) have to obtain the channel
container lock.
(issue ASTERISK-21068)
Reported by: Nicolas Bouliane
(issue ASTERISK-20550)
Reported by: David Brillert
Matthew Jordan [Tue, 26 Mar 2013 02:01:45 +0000 (02:01 +0000)]
Resolve deadlock between pending CDR and batch CDR locks
r375757 attempted to resolve a race condition between multiple submissions of
CDRs while in batch mode from attempting to destroy the scheduled batch
submission by extending the batch CDR lock. Unfortunately, this causes a
deadlock between the pending CDR lock and the batch CDR lock. This patch
resolves the intent of r375757 by simply providing a new lock that protects
the scheduling of the batches. The original batch CDR lock is kept to protect
manipulation of the batch CDR settings, but has been placed such that it
is not held when the pending lock is held.
Thanks to Chase Venters for providing lock analysis on the issue.
Kinsey Moore [Fri, 15 Mar 2013 13:37:07 +0000 (13:37 +0000)]
tcptls: Prevent unsupported options from being set
AMI, HTTP, and chan_sip all support TLS in some way, but none of them
support all the options that Asterisk's TLS core is capable of
interpreting. This prevents consumers of the TLS/SSL layer from setting
TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting
the client certificate when tlsverifyclient is set. Currently, there is
no consumer of main/tcptls.c in Asterisk that supports this feature and
so it can not be properly tested.
Review: https://reviewboard.asterisk.org/r/2370/ Reported-by: John Bigelow Patch-by: Kinsey Moore
(closes issue AST-1093)
........
Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 383166 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 7 Mar 2013 17:57:49 +0000 (17:57 +0000)]
Let vm_mailbox_snapshot combine "Urgent" when no folder is specified
r381835 fixed a bug in vm_mailbox_snapshot where combining INBOX and Old forgot
that Urgent also "counts" as new messages. This fixed the problem when any of
the three folders was specified and the combine option was used.
It missed the case where the folder isn't specified and we build a snapshot of
all folders. This patch corrects that.
........
Merged revisions 382617 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 7 Mar 2013 15:13:13 +0000 (15:13 +0000)]
Add a 'secret' probation strictrtp mode to handle delayed changes in RTP source
Often, Asterisk may realize that a change in the source of an RTP stream is
about to occur and ask that the RTP engine reset it's lock on the current RTP
source. In certain scenarios, it may take awhile for the new remote system to
send RTP packets, while the old remote system may continue providing RTP during
that time period. This causes Asterisk to re-lock onto the old source, thereby
rejecting the new source when the old source stops sending RTP and the new
source begins.
This patch prevents that by having a constant secondary, 'secret' probation
mode enabled when an RTP source has been chosen. RTP packets from other sources
are always considered, but never chosen unless the current RTP source stops
sending RTP.
Review: https://reviewboard.asterisk.org/r/2364
(closes issue AST-1124)
Reported by: John Bigelow
Tested by: John Bigelow
(closes issue AST-1125)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 382573 from http://svn.asterisk.org/svn/asterisk/branches/11
Kevin Harwell [Mon, 4 Mar 2013 20:21:28 +0000 (20:21 +0000)]
Confbridge CLI new record file name check.
This fix checks to make sure that if a confbridge record start command is issued
from the CLI it will always use the file name given on the CLI even if it
changes between start/stop records for a conference. Previously it had been
reusing the same file between start/stops even if a new filename was given.
(issue AST-1088)
Reported by: John Bigelow
........
Merged revisions 382385 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 28 Feb 2013 16:54:25 +0000 (16:54 +0000)]
Let channels joining a MeetMe conference opt out of the denoiser
For some channel drivers, specifically those that have a varying rate in the
number of audio samples, the audio quality for a MeetMe conference can be
exceedingly poor. This is due to a unilateral application of the DENOISE
function in func_speex to channels joining the conference.
The denoiser function in the speex library is initialized with the number of
audio samples in each sample that will be provided to it. If the number of
audio samples changes, the denoiser has to be thrown away and re-initialized.
While this could be worked around by removing func_speex, that doesn't help
if you actually use the denoiser with other channels on the system.
This patches does the following:
* Checks for the presence of func_speex as opposed to codec_speex when
determining if the DENOISE function is present (which is where the function
is actually implemented)
* Adds an option to MeetMe 'n' that causes the denoiser to not be applied
to a channel when it joins. This keeps the current behavior the default, but
let's users disable the denoiser if it causes problems on their system.
Review: https://reviewboard.asterisk.org/r/2358
(closes issue AST-1062)
Reported by: Thomas Arimont
........
Merged revisions 382227 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 382230 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Tue, 26 Feb 2013 16:46:52 +0000 (16:46 +0000)]
Ensure that the default bridge/user profiles are always available
ConfBridge and Page require that there always be a default bridge and user
profile available. While properties of the default profiles can be overriden
in the configuration file, removing them can create situations where neither
application can function properly.
This patch ensures that if an administrator removes the profiles from the
confbridge.conf configuration file, the profiles are added upon load.
Documentation clarifying this has been added to the confbridge.conf.sample file.
Review: https://reviewboard.asterisk.org/r/2356/
(closes issue AST-1115)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 382066 from http://svn.asterisk.org/svn/asterisk/branches/11
When the restructuring work got committed to Confbridge in r375470 to
fix many open issues, it caused a regression in the reported count of
users when conference information was requested via CLI or manager.
This corrects the user count and user information displayed when
listing conference information from the CLI and manager.
(closes issue ASTERISK-20938)
Reported By: Timo Teras
Patches:
confbridge-list.patch uploaded by Timo Teras (license 5409)
........
r382068 | mjordan | 2013-02-26 09:35:05 -0600 (Tue, 26 Feb 2013) | 26 lines
Clean up ConfBridge commands to account for wait_marked users
When ConfBridge was refactored to better handle the concept of marked,
wait_marked, and normal users co-existing in a conference (thereby implementing
a state machine for the conference), the wait_marked users were put into their
own list of conference participants, separate from the active users. This list
is used for wait_marked users when they are waiting in a conference but no
marked user has joined; normal users may have joined at this point however.
There are several AMI/CLI commands that affect conference users that were not
checking the wait_marked users list:
* CLI/AMI commands that mute/unmute a participant. In this case, wait_marked
users have to remain in their particular state and should not be affected -
however, the commands would return "Channel not found" as opposed to the
appropriate error condition.
* CLI/AMI commands that kick a participant. An admin should always be able to
kick a participant out of the conference.
This patch fixes both sets of commands, and cleans up the CLI commands slightly
by allowing them to complete a participant name (this was supposed to have been
added, but the function call was commented out and wasn't implemented).
Review: https://reviewboard.asterisk.org/r/2346/
(closes issue AST-1114)
Reported by: John Bigelow
Tested by: John Bigelow
........
r382069 | mjordan | 2013-02-26 09:38:05 -0600 (Tue, 26 Feb 2013) | 3 lines
Fix typo in r382068
Well, that was embarrassing. Removed an '-l' that somehow got in there.
........
Merged revisions 379478,382068-382069 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Wed, 20 Feb 2013 19:15:50 +0000 (19:15 +0000)]
Let vm_mailbox_snapshot_create's combine option apply to "Urgent" as well
The vm_mailbox_snapshot_create function has an option that combines the
contents of INBOX and Old into a single snapshot. The intent of this is that
both 'new' messages and 'deleted' messages are given in a single snapshot, as
some applications prefer this view of the voicemail world. Unfortunately, the
initial implementation ignored the "Urgent" folder. The "Urgent" folder is a
pseudo-INBOX, in that new messages left with the 'U' flag will be placed in
that folder as opposed to INBOX. Thus, the option failed the intent with which
it was added.
This patch makes it so that the "Urgent" folder is included in the snapshot
when that option is used.
........
Merged revisions 381835 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Wed, 20 Feb 2013 18:33:37 +0000 (18:33 +0000)]
Ensure Min-SE is included in outbound INVITEs
Asterisk now includes Min-SE in outbound INVITEs when the value is not
90 (the default) and session timers are not disabled. This has the
effect of Asterisk following RFC4028 more closely with regard to 422
responses and preventing situations in which Asterisk would be forced
to temporarily accept a call to tear it down based on a Session-Expires
below the locally configured Min-SE.
(issue SWP-5051)
Review: https://reviewboard.asterisk.org/r/2222/ Reported-by: Kinsey Moore Patch-by: Kinsey Moore
........
Merged revisions 377946 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377947 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 377948 from http://svn.asterisk.org/svn/asterisk/branches/11
Kevin Harwell [Tue, 19 Feb 2013 16:26:07 +0000 (16:26 +0000)]
Confbridge channels staying active when all participants leave.
If you started/stopped recording of a conference multiple times channels
would remain active even when all participants left the conference. This
was due to the fact that a reference to the confbridge was being added
every time a start record command was issued, but when the recording was
stopped there was no matching de-reference thus keeping the conference alive.
Made sure only a single reference is added for the record thread no matter how
many times recording is started/stopped. A de-reference is issued upon thread
ending.
Note, this issue is being fixed under AST-1088 since it relates to it and
should have been corrected along with those modifications.
(issue AST-1088)
Reported by: John Bigelow
........
Merged revisions 381737 from http://svn.asterisk.org/svn/asterisk/branches/11
Kevin Harwell [Mon, 18 Feb 2013 22:41:15 +0000 (22:41 +0000)]
Fixed Confbridge file recording deadlock and appending.
A deadlock occurred after starting/stopping and then restarting a confbridge
recording. Upon starting a recording a record thread is created that holds a
lock until just before exiting. Stopping the recording does not stop/exit the
thread or release the lock. The thread waits until recording begins again.
Starting a stopped recording signals the thread to continue and start recording
again. However restarting the recording also created another record thread
resulting in a deadlock. The fix was to make sure the record thread was only
created once.
Also it was noted that filenames for the recordings were being concatenated for
each start/stop. This was fixed by creating a new file for each conference
session and appending the actual recorded data within the file (e.g. passing
the 'a' option to MixMonitor).
(issue AST-1088)
Reported by: John Bigelow
Review: http://reviewboard.digium.internal/r/374/
........
Merged revisions 381702 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Sat, 16 Feb 2013 16:31:30 +0000 (16:31 +0000)]
Don't send presencestate information if the state is invalid
Previously, presencestate information was sent whenever the state was not
NOT_SET. When r381594 actually returned INVALID presence state in all the
places it was supposed to, it caused chan_sip to start adding presence
state information to NOTIFY requests that it previously would not have
added. chan_sip shouldn't be adding presence state information when the
provider is in an invalid state; users can't set the state to invalid and
an invalid state always implies that the provider is in an error condition.
(issue AST-1084)
........
Merged revisions 381613 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Fri, 15 Feb 2013 23:36:05 +0000 (23:36 +0000)]
Fix crash in PresenceState AMI action when specifying an invalid provider
This patch fixes a crash in Asterisk that could be caused by using the
PresenceState AMI action while providing an invalid provider. This patch
also adds some additional warnings when a user attempts to provide the
PresenceState action with invalid data, and removes some NOTICE statements
that were still lurking in the code from testing.
(closes issue AST-1084)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 381594 from http://svn.asterisk.org/svn/asterisk/branches/11
This patch adds hangup-related test events in order to support testing
of time-limited bridges. This aids in testing the S() and L() bridge
options.
(issue SWP-4713)
........
Merged revisions 378119 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378120 from http://svn.asterisk.org/svn/asterisk/branches/10
........
r378459 | kmoore | 2013-01-03 12:48:00 -0600 (Thu, 03 Jan 2013) | 10 lines
Add missing test event
This test event was missing from channel.c causing the dial_LS_options
test to fail intermittently because of a race condition where most code
paths emitted the test event but this one did not. The dial_LS_options
test should stop bouncing now.
........
Merged revisions 378455 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378121,378459 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 18:41:21 +0000 (18:41 +0000)]
Fixed failing test from r380696.
When I added my extensive suite of session timer unit tests, apparently one of
them was failing and I never noticed. If neither Min-SE nor Session-Expires is
set in the header, it was responding with a Session-Expires of the global
maxmimum instead of the configured max for the endpoint.
(issue ASTERISK-20787)
........
Merged revisions 380973 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 380974 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 18:40:54 +0000 (18:40 +0000)]
Process session timers, even if Session-Expires header is missing
Previously, Asterisk only processed session timer information if both the
'Supported: timer' and 'Session-Expires' headers were present. However, the
Session-Expires header is optional. If we were to receive a request with a
Min-SE greater than our configured session-expires, we would respond with a
'Session-Expires' header that was too small.
This patch cleans the situation up a bit, always processing timer information
if the 'Supported: timer' header is present.
(closes issue ASTERISK-20787)
Reported by: Mark Michelson
Review: https://reviewboard.asterisk.org/r/2299/
........
Merged revisions 380696 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 380698 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:21:05 +0000 (15:21 +0000)]
app_confbridge: Fix error messages on exiting conference.
A marked user ending a conference with only end_marked users generates
error messages:
ERROR[0000][C-00000000]: confbridge/conf_state.c:47 conf_invalid_event_fn: Invalid event for confbridge user ''
* The MULTI_MARKED state was doing too much when it was kicking out the
end_marked users from the conference. The kicked out users will clean up
after themselves when they exit the conference.
Matthew Jordan [Thu, 14 Feb 2013 15:19:12 +0000 (15:19 +0000)]
app_page and app_confbridge: Fix custom announcement on entering conference.
The Page and ConfBridge custom announcement did not play when users
entered the conference.
* Fix the CONFBRIDGE(user,announcement) file not getting played. The code
to do this got removed accidentally when the ConfBridge code was
restructured to be more state machine like.
* Fixed play_prompt_to_user() doxygen comments.
* Fixed the Page A(x) and n options for the caller. The caller never
played the announcement file and totally ignored the n option. The code
to do this was lost when the application was converted to use ConfBridge.
* Factored out setup_profile_bridge(), setup_profile_paged(), and
setup_profile_caller() routines to setup ConfBridge profiles. Made each
profile setup routine use the default template if one has not already been
setup by dialplan.
Matthew Jordan [Thu, 14 Feb 2013 15:14:53 +0000 (15:14 +0000)]
Fix astcanary startup problem due to wrong pid value from before daemon call
When Asterisk forks itself into the background via a call to daemon, it must
re-set the pid value of the new process. Otherwise, astcanary gets the pid
value of the process before the fork, which prevents it from running. Asterisk
eventually starts lowering its priority, as it can no longer communicate
with the proverbial canary in the coal mine.
This patch ensures that the correct process identifier is used by astcanary.
Note that this is getting committed to 10 as a regression fix.
(closes issue ASTERISK-20947)
Reported by: Jakob Hirsch
Tested by: mjordan
patches:
asterisk-10.12.0.astcanary_ppid.diff uploaded by Jakob Hirsch (license 6113)
........
Merged revisions 379509 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 379510 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 379513 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:13:37 +0000 (15:13 +0000)]
Update init.d scripts to handle stderr; readd splash screen for remote consoles
When r376428 was commited to re-order start up sequences to be more tolerant of
forking with thread primitives, a few items were changed that caused changes
in behavior on some distros. This includes:
* Not displaying the splash screen on a remote console.
* Displaying an error message on stderr when a remote console cannot connect
to a running instance of Asterisk.
In the first case, the splash screen was re-added (thanks to Michael L. Young).
In the second case, the various init.d scripts were modified to pipe stderr
to /dev/null, as the error message is useful - if you execute a remote
console or a remote console command execution and it fail, it should tell
you. Note that the error message was always present, it just failed to be
printed prior to r376428.
Much thanks to the folks who quickly reported this problem, provided solutions,
and promptly tested the various init.d scripts on a variety of distros.
(closes issue ASTERISK-20945)
Reported by: Warren Selby
Tested by: Michael L. Young, Jamuel Starkey, kaldemar, Danny Nicholas, mjordan
patches:
asterisk-20945-remote-intro-msg.diff uploaded by elguero (license 5026)
ASTERISK-20945-1.8-mjordan.diff uploaded by mjordan (license 6283)
........
Merged revisions 379760 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 379777 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 379790 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:10:46 +0000 (15:10 +0000)]
Reset RTP timestamp; sequence number on SSRC change
In r370252 for ASTERISK-18404, Asterisk's handling of RTP was modified to
better account for out of order RTP packets. This was accomplished by using the
RTP timestamp and sequence number to check for out of order packets. However,
when a SSRC change occurs, the timestamp and sequence number will no longer
have any relation to the previously received packets. The variables tracking
the timestamp and sequence number therefore have to be reset.
Matthew Jordan [Thu, 14 Feb 2013 15:09:36 +0000 (15:09 +0000)]
Perform case insensitive comparisons for T.38 attributes
RFC5347 section 2.5.2 states the following:
...
The attribute "T38MaxBitRate" was once incorrectly registered with
IANA as "T38maxBitRate" (lower-case "m"). In accordance with T.38
examples and common implementation practice, the form "T38MaxBitRate"
SHOULD be generated by implementations conforming to this package.
In general, it is RECOMMENDED that implementations of this package
accept lowercase, uppercase, and mixed upper/lowercase encodings of
all the T.38 attributes.
...
Asterisk currently does not perform case insensitive matching on the T.38
attributes. This causes the T38MaxBitRate attribute to be negotiated at
2400 baud instead of 14400 (or whatever value you actually wanted).
This patch makes it so that when we compare T.38 attributes, we do so in a case
insensitive fashion.
Note that while the issue reporter did not directly write the patch, they
contributed to it (and would have provided one themselves if the license had
gone through a tad faster), and hence get attribution for it.
Review: https://reviewboard.asterisk.org/r/2298/
(closes issue ASTERISK-20897)
Reported by: Eric Hill
Tested by: Eric Hill
patches:
-- uploaded by Eric Hill
........
Merged revisions 380458 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 380465 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Thu, 14 Feb 2013 15:08:15 +0000 (15:08 +0000)]
Do not allow native RTP bridging if packetization of media streams differs.
The RTP engine will no longer allow for local and remote native RTP bridges
if packetization of streams differs. Allowing native bridging in this scenario
has been known to cause FAX failures.
(closes ASTERISK-20650)
Reported by: Maciej Krajewski
Patches:
ASTERISK-20659.patch uploaded by Mark Michelson (License #5049)
Jonathan Rose [Fri, 8 Feb 2013 19:42:50 +0000 (19:42 +0000)]
Merge r379892 into Certified 11.2
........
r379892 | jrose | 2013-01-22 13:07:42 -0600 (Tue, 22 Jan 2013) | 16 lines
app_meetme: Use new prompts for administrator menu
The old prompts for the administrator menu were inadequate. They didn't mention
that the menu had additional options through the 8 key and pressing the 8 key
wouldn't reveal what those options were. This patch fixes all of that while
also organizing code pertaining to each individual menu type which was
previously all stored in one gigantic function along with many of the basic
conference functions.
(closes issue AST-996)
Reported by: John Bigelow
Review: http://reviewboard.digium.internal/r/360/
........
Merged revisions 379885 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Tilghman Lesher [Mon, 10 Dec 2012 01:41:02 +0000 (01:41 +0000)]
Improve documentation by making all of the colors used readable,
no matter what the background color is.
Dark blue on a black background is unreadable, as is yellow on a
light background. This patch turns on the bright attribute for
colors when on a dark background and turns *off* the bright
attribute when the -W command line option is used (indicating a
_light_ background). This ensures that text is readable in both
cases.
Richard Mudgett [Sat, 8 Dec 2012 00:29:56 +0000 (00:29 +0000)]
Fix order of SIP allow/disallow in MySQL contrib script.
Using the contrib sippeers.sql script to create the sippeers MySQL table
would result in being unable to place calls if you set the disallow value
to all.
(closes issue ASTERISK-20756)
Reported by: Andre Luis
Patches:
sippeers.patch patch uploaded by Andre Luis
........
Merged revisions 377431 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377432 from http://svn.asterisk.org/svn/asterisk/branches/10
Kinsey Moore [Fri, 7 Dec 2012 22:02:50 +0000 (22:02 +0000)]
codec_dahdi: Fix output of "transcoder show" CLI command.
In r306010 "Asterisk media architecture conversion - no more format
bitfields", the logic for incrementing encoders and decoders when
opening transcoder channels was changed without making the corresponding
change when decrementing encoder / decoder channels. The result being
that when a channel was destroyed, codec_dahdi couldn't properly tell if
it was an encoder or decoder, and the default case is to assume it was a
decoder.
This could result in negative numbers for decoders in use like in:
VOIP6*CLI> transcoder show
2/-2 encoders/decoders of 92 channels are in use.
Matthew Jordan [Thu, 6 Dec 2012 14:11:21 +0000 (14:11 +0000)]
Fix memory leak in 'manager show event' when command entered incorrectly
When the CLI command 'manager show event' was run incorrectly and its usage
instructions returned, a reference to the event container was leaked. This
would prevent the container from being reclaimed when Asterisk exits. We now
properly decrement the count on the ao2 object using the nifty RAII_VAR macro.
Thanks to Russell for helping me stumble on this, and Terry for writing that
ridiculously helpful macro.
Jonathan Rose [Wed, 5 Dec 2012 17:08:12 +0000 (17:08 +0000)]
res_srtp: Fix a crash caused by srtp_dealloc on an already dealloced session
When srtp_create fails, the session may be dealloced or just not alloced. At
the same time though, the session pointer might not be set to NULL in this
process and attempting to srtp_dealloc it again will cause a segfault. This
patch checks for failure of srtp_create and sets the session pointer to NULL
if it fails.
Joshua Colp [Wed, 5 Dec 2012 16:50:43 +0000 (16:50 +0000)]
Fix a SIP request memory leak with TLS connections.
During the TLS re-work in chan_sip some TLS specific code was moved
into a separate function. This function operates on a copy of the
incoming SIP request. This copy was never deinitialized causing a
memory leak for each request processed.
This function is now given a SIP request structure which it can use
to copy the incoming request into. This reduces the amount of memory
allocations done since the internal allocated components are reused
between packets and also ensures the SIP request structure is
deinitialized when the TLS connection is torn down.
(closes issue ASTERISK-20763)
Reported by: deti
........
Merged revisions 377257 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377258 from http://svn.asterisk.org/svn/asterisk/branches/10
Richard Mudgett [Wed, 5 Dec 2012 01:09:39 +0000 (01:09 +0000)]
confbridge: Fix several small issues.
* Made func_confbridge_helper() allow an empty value when setting options.
You previously could not Set(CONFBRIDGE(user,pin)=) and clear the
configured pin from the dialplan.
* Made func_confbridge_helper() handle its datastore better if multiple
threads attempt to set the first CONFBRIDGE option value on the channel.
* Made the func_confbridge_helper() only output one diagnostic message
concerning the option.
* Made the bridge video_mode able to repeatedly change in the config file
and CONFBRIDGE dialplan function. The video_mode option values are an
enum and not independent of each other.
* Made handle_cli_confbridge_show_bridge_profile() better handle the
video_mode option.
* Simplified datastore handling code in conf_find_user_profile() and
conf_find_bridge_profile().
Richard Mudgett [Mon, 3 Dec 2012 22:58:46 +0000 (22:58 +0000)]
Cleanup ast_run_atexits() atexits list.
* Convert atexits list to a mutex instead of a rd/wr lock. The lock is
only write locked.
* Move CLI verbose Asterisk ending message to where AMI message is output
in really_quit() to avoid further surprises about using stuff already
shutdown.
Joshua Colp [Mon, 3 Dec 2012 14:54:54 +0000 (14:54 +0000)]
Fix an RTP instance reference count leak in chan_motif.
When setting up an RTP instance the RTCP portion of the instance
keeps a reference to the instance itself. In order to release this
reference and stop RTCP the stop API call must be called before
destroying the instance.
Joshua Colp [Sat, 1 Dec 2012 00:46:40 +0000 (00:46 +0000)]
Tweak extension used for incoming calls received on Motif.
Based on feedback from numerous individuals this patch tweaks incoming calls
to first look for an extension with the name of the endpoint. If no such extension
exists the call will silently fall back to the "s" extension as it previously
did.
Mark Michelson [Fri, 30 Nov 2012 16:36:54 +0000 (16:36 +0000)]
Fix potential crashes during SIP attended transfers.
The principal behind this patch is simple. During a transfer,
we manipulate channels that are owned by a separate thread than
the one we currently are running in, so it makes sense that we
need to grab a reference to the channels so that they cannot
disappear out from under us.
In the wild, crashes were sometimes seen when the transferring
party would hang up the call before the transfer target answered
the call. The most common place to see the crash occur was when
attempting to send a connected line update to the transferer
channel.
(closes issue ASTERISK-20226)
Reported by Jared Smith
Patches:
ASTERISK-20226.patch uploaded by Mark Michelson (License #5049)
Tested by: Jared Smith
........
Merged revisions 376901 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376916 from http://svn.asterisk.org/svn/asterisk/branches/10
projects / thirdparty / asterisk.git / log
