Richard Mudgett [Wed, 13 Sep 2017 17:07:42 +0000 (12:07 -0500)]
AST-2017-008: Improve RTP and RTCP packet processing.
Validate RTCP packets before processing them.
* Validate that the received packet is of a minimum length and apply the
RFC3550 RTCP packet validation checks.
* Fixed potentially reading garbage beyond the received RTCP record data.
* Fixed rtp->themssrc only being set once when the remote could change
the SSRC. We would effectively stop handling the RTCP statistic records.
* Fixed rtp->themssrc to not treat a zero value as special by adding
rtp->themssrc_valid to indicate if rtp->themssrc is available.
ASTERISK-27274
Make strict RTP learning more flexible.
Direct media can cause strict RTP to attempt to learn a remote address
again before it has had a chance to learn the remote address the first
time. Because of the rapid relearn requests, strict RTP could latch onto
the first remote address and fail to latch onto the direct media remote
address. As a result, you have one way audio until the call is placed on
and off hold.
The new algorithm learns remote addresses for a set time (1.5 seconds)
before locking the remote address. In addition, we must see a configured
number of remote packets from the same address in a row before switching.
* Fixed strict RTP learning from always accepting the first new address
packet as the new stream.
* Fixed strict RTP to initialize the expected sequence number with the
last received sequence number instead of the last transmitted sequence
number.
* Fixed the predicted next sequence number calculation in
rtp_learning_rtp_seq_update() to handle overflow.
An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received. The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.
* Add ast_safe_execvp() function. This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding. This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.
* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.
* Document code injection potential from untrusted data sources for other
shell commands that are under user control.
Joshua Colp [Mon, 22 May 2017 15:36:38 +0000 (15:36 +0000)]
res_rtp_asterisk: Only learn a new source in learn state.
This change moves the logic which learns a new source address
for RTP so it only occurs in the learning state. The learning
state is entered on initial allocation of RTP or if we are
told that the remote address for the media has changed. While
in the learning state if we continue to receive media from
the original source we restart the learning process. It is
only once we receive a sufficient number of RTP packets from
the new source that we will switch to it. Once this is done
the closed state is entered where all packets that do not
originate from the expected source are dropped.
The learning process has also been improved to take into
account the time between received packets so a flood of them
while in the learning state does not cause media to be switched.
Finally RTCP now drops packets which are not for the learned
SSRC if strict RTP is enabled.
HCOLON = *( LOWCTL / SP ) ":" SWS
LOWCTL = %x00-1F ; CTL without DEL
This discrepancy meant that SIP proxies in front of Asterisk with
chan_sip could pass on unknown headers with \x00-\x1F in them, which
would be treated by Asterisk as a different (known) header. For
example, the "To\x01:" header would gladly be forwarded by some proxies
as irrelevant, but chan_sip would treat it as the relevant "To:" header.
Those relying on a SIP proxy to scrub certain headers could mistakenly
get unexpected and unvalidated data fed to Asterisk.
This change fixes so chan_sip only considers SP/HTAB as valid tokens
before the colon, making it agree on the headers with other speakers of
SIP.
Joshua Colp [Tue, 23 Aug 2016 11:31:05 +0000 (11:31 +0000)]
chan_sip: Don't allocate new RTP instances on top of old ones.
In some scenarios dialog_initialize_rtp can be called multiple times on
the same dialog. This can cause RTP instances to be leaked along with
multiple file descriptors for each instance.
This change makes it so the existing RTP instances are destroyed and
not overwritten, stopping the memory leak.
ASTERISK-26272 #close
patches:
ASTERISK-26272-11.patch submitted by Corey Farrell (license 5909)
Mark Michelson [Mon, 22 Aug 2016 18:08:02 +0000 (13:08 -0500)]
res_http_websocket: Enable by default
res_http_websocket is an extended support module. Extended support
modules are disabled by default in certified Asterisk.
Unfortunately, res_http_websocket is a dependency for chan_sip. This
means that by default, chan_sip is not built on a fresh checkout of
11.6 certified branches (specifically since release 11.6-cert5). Since
chan_sip is a very important and fundamental module in Asterisk 11, this
is inconvenient.
This commit fixes the problem by making res_http_websocket enabled by
default in menuselect. This in turn causes chan_sip to be built by
default as well.
George Joseph [Thu, 21 Jul 2016 14:05:03 +0000 (08:05 -0600)]
chan_sip: Prevent deadlock when issuing "sip show channels"
sip_show_channels locks the dialogs container first then locks each
sip_pvt so it can spit out the details. The rest of sip dialog
processing locks the sip_pvt first then locks the dialogs container
if it needs to. Both lock in the order they need but deadlocks can
result. To fix, sip_show_channels and sip_show_channelstats have
been converted to use an iterator rather than ao2_callback. This way
the container is locked only while getting the next entry and is
unlocked when the callback is called.
George Joseph [Thu, 9 Jun 2016 14:20:33 +0000 (08:20 -0600)]
build: Fix ast_sockaddr initialization to be more portable
A change to glibc 2.22 changed the order of the sockadddr_storage
members which caused the places where we do an initialization of
ast_sockaddr with '{ { 0, 0, } }' to fail compilation. Those
initializers (which we shouldn't have been using anyway) have been
replaced with memsets.
George Joseph [Mon, 6 Apr 2015 18:58:30 +0000 (18:58 +0000)]
build: Fixes for gcc 5 compilation
These are fixes for compilation under gcc 5.0...
chan_sip.c: In parse_request needed to make 'lim' unsigned.
inline_api.h: Needed to add a check for '__GNUC_STDC_INLINE__' to detect C99
inline semantics (same as clang).
ccss.c: In ast_cc_set_parm, needed to fix weird comparison.
dsp.c: Needed to work around a possible compiler bug. It was throwing
an array-bounds error but neither
sgriepentrog, rmudgett nor I could figure out why.
manager.c: In action_atxfer, needed to correct an array allocation.
This patch will go to 11, 13, trunk.
Review: https://reviewboard.asterisk.org/r/4581/ Reported-by: Jeffrey Ollie Tested-by: George Joseph
ASTERISK-24932 #close
George Joseph [Wed, 22 Jun 2016 15:37:23 +0000 (09:37 -0600)]
chan_unistim: Fix memcpy in get_to_address
A code block only enabled when HAVE_PKTINFO is not defined (FreeBSD)
was using a pointer to a pointer as the destination of a memcpy and a
'&' instead of '*' in the sizeof.
Joshua Colp [Wed, 26 Mar 2014 22:44:11 +0000 (22:44 +0000)]
say: Fix a bug where SayNumber in Polish tries to play incorrect sound.
This change fixes a bug where calling SayNumber with a number divisible by
100 using the Polish language would cause the code to attempt to play a
sound file with an empty name.
Matthew Jordan [Mon, 27 Oct 2014 01:46:02 +0000 (01:46 +0000)]
res/res_srtp: Fix include issue for libsrtp 1.5.0
In libsrtp 1.5.0, crypto_get_random is no longer resolved simply by including
srtp.h. Now, one must include crypto_kernel.h as well. As it turns out, this
header file has been provided by the library since 2006, so this is a
relatively benign change.
ASTERISK-24436 #close
Reported by: Patrick Laimbock
........
Merged revisions 426140 from http://svn.asterisk.org/svn/asterisk/branches/1.8
Corey Farrell [Wed, 12 Nov 2014 13:44:32 +0000 (13:44 +0000)]
Fix compiler error when using ./configure --enable-dev-mode --enable-coverage
When DONT_OPTIMIZE is enabled with dev-mode, it causes a shadow compilation
to be done with output to /dev/null. This can cause errors with coverage
when GCC attempts to write to /dev/null.gcno. This change disables
coverage for the shadow compilation.
chan_sip: Handle a request to negotiate T.38 after it is enabled
Some T.38 implementations may send another re-invite after the initial
one which adds additional negotiation details (such as the max bitrate).
Currently this will fail when passthrough is being done in chan_sip as we
do nothing if T.38 is already active.
Other handlers of T.38 inside of Asterisk (such as res_fax) handle this
scenario so this change adds support for it to chan_sip. If a request
to negotiate is received while T.38 is already enabled a new re-INVITE is
sent and negotiation is done again.
* Local fax starts rtp call to remote fax
* Remote fax starts t38 call back to local fax.
* Local fax sends t38 no-signal to Asterisk before sending an OK.
* udptl processes the frame and increments the expected sequence number.
* chan_sip drops the frame because the call isn't up so nothing goes out
the external interface to open the port for incoming packets.
* Local fax sends OK and Asterisk sends OK to the remote fax.
* Remote fax sends t38 packets which are dropped by the firewall.
* Local fax re-sends t38 no-signal with the same sequence number.
* udptl drops the frame because it thinks it's a dup.
* Still no outgoing packets to open the firewall.
* t38 negotiation fails.
The patch drops frames t38 received before udptl sequence processing
when the call hasn't been answered yet. The second no-signal frame
is then seen as new and is relayed out the external interface which
opens the port and allows negotiation to continue.
George Joseph [Tue, 17 May 2016 16:14:51 +0000 (10:14 -0600)]
chan_sip: Prevent extra Session-Expires headers from being added
When chan_sip does a re-INVITE to refresh a session and authentication
is required, the INVITE with the Authorization header containes a
second Session-Expires header without the ";refersher=" parameter.
This is causing some proxies to return a 400. Also, when Asterisk is
the uas and the refresher, it is including the Session-Expires and
Min-SE headers in OPTIONS messages which is not allowed per RFC4028.
This patch (based on the reporter's) Checks to see if a Session-Expires
header is already in the message before adding another one. It also
checks that the method is INVITE or UPDATE.
Joshua Colp [Fri, 5 Feb 2016 17:50:00 +0000 (11:50 -0600)]
Merge topic 'ASTERISK-20987' into certified/11.6
* changes:
app_confbridge: Make non-admin users join a muted conference muted.
app_confbridge: Allow muting of users waiting to enter a ConfBridge
app_confbridge: Fix bug - users with startmuted set don't start muted
confbridge: Separate user muting from system muting overrides.
Mark Michelson [Thu, 4 Feb 2016 22:17:55 +0000 (16:17 -0600)]
Check for OpenSSL defines before trying to use them.
The SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 defines did not exist prior
to OpenSSL version 1.0.1. A recent commit attempts to, by default, set
these options, which can cause problems on systems with older OpenSSL
installations.
This commit adds a configure script check for those defines and will not
attempt to make use of those if they do not exist. We will print a
warning urging the user to upgrade their OpenSSL installation if those
defines are not present.
Joshua Colp [Wed, 3 Feb 2016 18:04:51 +0000 (14:04 -0400)]
AST-2016-001 http: Provide greater control of TLS and set modern defaults.
This change exposes the configuration of various aspects of the TLS
support and sets the default to the modern standards.
The TLS cipher is now set to the best values according to the
Mozilla OpSec team, different TLS versions can now be disabled, and
the cipher order can be forced to be that of the server instead of
the client.
Richard Mudgett [Mon, 7 Dec 2015 18:46:53 +0000 (12:46 -0600)]
AST-2016-003 udptl.c: Fix uninitialized values.
Sending UDPTL packets to Asterisk with the right amount of missing
sequence numbers and enough redundant 0-length IFP packets, can make
Asterisk crash.
Setting the sip.conf timert1 value to a value higher than 1245 can cause
an integer overflow and result in large retransmit timeout times. These
large timeout times hold system file descriptors hostage and can cause the
system to run out of file descriptors.
NOTE: The default sip.conf timert1 value is 500 which does not expose the
vulnerability.
* The overflow is now detected and the previous timeout time is
calculated.
ASTERISK-25397 #close
Reported by: Alexander Traud
Matthew Jordan [Thu, 5 Jun 2014 14:32:38 +0000 (14:32 +0000)]
app_confbridge: Allow muting of users waiting to enter a ConfBridge
Prior to this patch, users waiting to enter a ConfBridge were not considered
when muted via the CLI or via AMI. Instead, a confusing message would be
emitted stating that the channel did not exist.
This patch allows a user to be muted when waiting to enter a ConfBridge
conference. This is equivalent to start when muted, only toggled via the CLI
or AMI.
Review: https://reviewboard.asterisk.org/r/3582
ASTERISK-23824 #close
patches:
rb3582.patch uploaded by tm1000 (License 6524)
Richard Mudgett [Sat, 2 Nov 2013 02:11:03 +0000 (02:11 +0000)]
confbridge: Separate user muting from system muting overrides.
The system overrides the user muting requests when MOH is playing or a
waitmarked user is waiting for a marked user to join. System muting
overrides interfere with what the user may wish the muting to be when the
system override ends.
* User muting requests are now independent of the system muting overrides.
The effective muting is now the logical or of the user request and system
override.
* Added a Muted column to the CLI "confbridge list <conference>" command.
* Added a Muted header to the AMI ConfbridgeList action ConfbridgeList
event.
Jonathan Rose [Thu, 10 Dec 2015 17:44:03 +0000 (11:44 -0600)]
chan_sip: Add TCP/TLS keepalive to TCP/TLS server
Adds the TCP Keep Alive option to TCP and TLS server sockets. Previously
this option was only being set on session sockets.
http://www.tldp.org/HOWTO/html_single/TCP-Keepalive-HOWTO/
According to the link above, the SO_KEEPALIVE option is useful for knowing
when a TCP connected endpoint has severed communication without indicating
it or has become unreachable for some reason. Without this patch, keep
alive is not set on the socket listening for incoming TCP sessions and
in Komatsu's report this resulted in the thread listening for TCP becoming
stuck in a waiting state.
Richard Mudgett [Mon, 30 Nov 2015 22:42:47 +0000 (16:42 -0600)]
sched.c: Make not return a sched id of 0.
According to the API doxygen a sched ID of 0 is valid. Unfortunately, 0
was never returned historically and several users incorrectly coded usage
of the returned sched ID assuming that 0 was invalid.
Richard Mudgett [Tue, 24 Nov 2015 18:44:53 +0000 (12:44 -0600)]
Audit improper usage of scheduler exposed by 5c713fdf18f.
channels/chan_iax2.c:
* Initialize struct chan_iax2_pvt scheduler ids earlier because of
iax2_destroy_helper().
channels/chan_sip.c:
channels/sip/config_parser.c:
* Fix initialization of scheduler id struct members. Some off nominal
paths had 0 as a scheduler id to be destroyed when it was never started.
chan_skinny.c:
* Fix some scheduler id comparisons that excluded the valid 0 id.
channel.c:
* Fix channel initialization of the video stream scheduler id.
pbx_dundi.c:
* Fix channel initialization of the packet retransmission scheduler id.
Steve Davies [Wed, 11 Nov 2015 10:16:22 +0000 (10:16 +0000)]
Further fixes to improper usage of scheduler
When ASTERISK-25449 was closed, a number of scheduler issues mentioned in
the comments were missed. These have since beed raised in ASTERISK-25476
and elsewhere.
This patch attempts to collect all of the scheduler issues discovered so
far and address them sensibly.
Matt Jordan [Wed, 7 Oct 2015 01:43:58 +0000 (20:43 -0500)]
res/res_rtp_asterisk: Fix assignment after ao2 decrement
When we decide we will no longer schedule an RTCP write, we remove the
reference to the RTP instance, then assign -1 to the stored scheduler ID
in case something else comes along and wants to see if anything is scheduled.
That scheduler ID is on the RTP instance. After 60a9172d7ef2 was merged to
fix the regression introduced by 3cf0f29310, this improper assignment on a
potentially destroyed object started getting tripped on the build agents.
Frankly, this should have been crashing a lot more often earlier. I can only
assume that the timing was changed just enough by both changes to start
actually hitting this problem.
As it is, simply moving the assignment prior to the ao2 deference is sufficient
to keep the RTP instance from being referenced when it is very, truly,
aboslutely dead.
(Note that it is still good practice to assign -1 to the scheduler ID when we
know we won't be scheduling it again, as the ao2 deref *may* not always destroy
the ao2 object.)
Matt Jordan [Tue, 6 Oct 2015 02:34:41 +0000 (21:34 -0500)]
Fix improper usage of scheduler exposed by 5c713fdf18f
When 5c713fdf18f was merged, it allowed for scheduled items to have an ID of
'0' returned. While this was valid per the documentation for the API, it was
apparently never returned previously. As a result, several users of the
scheduler API viewed the result as being invalid, causing them to reschedule
already scheduled items or otherwise fail in interesting ways.
This patch corrects the users such that they view '0' as valid, and a returned
ID of -1 as being invalid.
Note that the failing HEP RTCP tests now pass with this patch. These tests
failed due to a duplicate scheduling of the RTCP transmissions.
Richard Mudgett [Tue, 8 Oct 2013 20:14:14 +0000 (20:14 +0000)]
app_confbridge: Set the language used for announcements to the conference.
ConfBridge now has the ability to set the language of announcements to the
conference. The language can be set on a bridge profile in
confbridge.conf or by the dialplan function
CONFBRIDGE(bridge,language)=en.
(closes issue ASTERISK-19983)
Reported by: Jonathan White
Patches:
M19983_rev2.diff (license #5138) patch uploaded by junky (modified)
Tested by: rmudgett
Mark Michelson [Thu, 10 Sep 2015 22:19:26 +0000 (17:19 -0500)]
scheduler: Use queue for allocating sched IDs.
It has been observed that on long-running busy systems, a scheduler
context can eventually hit INT_MAX for its assigned IDs and end up
overflowing into a very low negative number. When this occurs, this can
result in odd behaviors, because a negative return is interpreted by
callers as being a failure. However, the item actually was successfully
scheduled. The result may be that a freed item remains in the scheduler,
resulting in a crash at some point in the future.
The scheduler can overflow because every time that an item is added to
the scheduler, a counter is bumped and that counter's current value is
assigned as the new item's ID.
This patch introduces a new method for assigning scheduler IDs. Instead
of assigning from a counter, a queue of available IDs is maintained.
When assigning a new ID, an ID is pulled from the queue. When a
scheduler item is released, its ID is pushed back onto the queue. This
way, IDs may be reused when they become available, and the growth of ID
numbers is directly related to concurrent activity within a scheduler
context rather than the uptime of the system.
Jonathan Rose [Wed, 13 May 2015 20:41:07 +0000 (15:41 -0500)]
Message.c: Clear message channel frames on cleanup
The message channel is a special channel that doesn't actually process frames.
However, certain actions can cause frames to be placed in the channel's read
queue including the Hangup application which is called on the channel after
each message is processed. Since the channel will continually be reused for
many messages, it's necessary to flush these frames at some point.
Joshua Colp [Wed, 26 Aug 2015 10:40:32 +0000 (07:40 -0300)]
chan_sip: Allow call pickup to set the hangup cause.
The call pickup implementation in chan_sip currently sets the channel
hangup cause to "normal clearing" if call pickup is successfully
performed. This action overwrites the "answered elsewhere" hangup cause
set by the call pickup code and can result in the SIP device in
question showing a missed call when it should not.
This change sets the hangup cause to "normal clearing" as a
default initially but allows the call pickup to change it as
needed.
Kevin Harwell [Wed, 12 Aug 2015 17:59:53 +0000 (12:59 -0500)]
chan_sip.c: wrong peer searched in sip_report_security_event
In chan_sip, after handling an incoming invite a security event is raised
describing authorization (success, failure, etc...). However, it was doing
a lookup of the peer by extension. This is fine for register messages, but
in the case of an invite it may search and find the wrong peer, or a non
existent one (for instance, in the case of call pickup). Also, if the peers
are configured through realtime this may cause an unnecessary database lookup
when caching is enabled.
This patch makes it so that sip_report_security_event searches by IP address
when looking for a peer instead of by extension after an invite is processed.
Matt Jordan [Mon, 13 Apr 2015 14:54:18 +0000 (09:54 -0500)]
build_tools/make_version: Update version parsing for Git migration
External systems - such as the Asterisk Test Suite - require knowledge of the
upstream branch. Unfortunately, after moving to Git, the Asterisk version
currently consists of only a 'GIT" prefix followed by an object blob,
e.g., GIT-as08d7. This makes it difficult for such systems to know what
features are available in a particular check out of Asterisk.
This patch fixes this by hardcoding the branch in a variable in the
make_version script. Since the mainline branches are not changed often -
typically only once a year - this is a reasonable approach to solving
the problem, and is more reliable than parsing the output of 'git branch
-vv'. Branches that track off of an upstream primary branch will then get the
benefit of knowing which mainline branch they are currently based off
of.
Matt Jordan [Sun, 12 Apr 2015 17:59:22 +0000 (12:59 -0500)]
git migration: Remove support for file versions
Git does not support the ability to replace a token with a version
string during check-in. While it does have support for replacing a
token on clone, this is somewhat sub-optimal: the token is replaced
with the object hash, which is not particularly easy for human
consumption. What's more, in practice, the source file version was often
not terribly useful. Generally, when triaging bugs, the overall version
of Asterisk is far more useful than an individual SVN version of a file.
As a result, this patch removes Asterisk's support for showing source file
versions.
Specifically, it does the following:
* main/asterisk:
- Refactor the file_version structure to reflect that it no longer
tracks a version field.
- Alter the "core show file version" CLI command such that it always
reports the version of Asterisk. The file version is no longer
available.
* main/manager: The Version key now always reports the Asterisk version.
* UPGRADE: Add notes for:
- Modification to the ModuleCheck AMI Action.
- Modification to the CLI "core show file version" command.
Matt Jordan [Sun, 12 Apr 2015 04:22:59 +0000 (23:22 -0500)]
.gitignore: Ignore tarballs (*.gz)
This patch updates the root .gitignore file to ignore files with a .gz
extension. This will cause git to ignore downloaded sound tarballs in
the the sounds/ directory.
Jonathan Rose [Wed, 8 Apr 2015 17:15:07 +0000 (17:15 +0000)]
Security/tcptls: MitM Attack potential from certificate with NULL byte in CN.
When registering to a SIP server with TLS, Asterisk will accept CA signed
certificates with a common name that was signed for a domain other than the
one requested if it contains a null character in the common name portion of
the cert. This patch fixes that by checking that the common name length
matches the the length of the content we actually read from the common name
segment. Some certificate authorities automatically sign CA requests when
the requesting CN isn't already taken, so an attacker could potentially
register a CN with something like www.google.com\x00www.secretlyevil.net
and have their certificate signed and Asterisk would accept that certificate
as though it had been for www.google.com - this is a security fix and is
noted in AST-2015-003.
ASTERISK-24847 #close
Reported by: Maciej Szmigiero
Patches:
asterisk-null-in-cn.patch submitted by mhej (license 6085)
........
Merged revisions 434337 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 434338 from http://svn.asterisk.org/svn/asterisk/branches/11
Mitigate possible HTTP injection attacks using CURL() function in Asterisk.
CVE-2014-8150 disclosed a vulnerability in libcURL where HTTP request injection
can be performed given properly-crafted URLs.
Since Asterisk makes use of libcURL, and it is possible that users of Asterisk may
get cURL URLs from user input or remote sources, we have made a patch to Asterisk
to prevent such HTTP injection attacks from originating from Asterisk.
Richard Mudgett [Mon, 22 Dec 2014 20:31:18 +0000 (20:31 +0000)]
queue_log: Post QUEUESTART entry when Asterisk fully boots.
The QUEUESTART log entry has historically acted like a fully booted event
for the queue_log file. When the QUEUESTART entry was posted to the log
was broken by the change made by ASTERISK-15863.
* Made post the QUEUESTART queue_log entry when Asterisk fully boots.
This restores the intent of that log entry and happens after realtime has
had a chance to load.
chan_sip: Allow T.38 switch-over when SRTP is in use.
Previously when SRTP was enabled on a channel it was not possible
to switch to T.38 as no crypto attributes would be present.
This change makes it so it is now possible. If a T.38 re-invite
comes in SRTP is terminated since in practice you can't encrypt
a UDPTL stream. Now... if we were doing T.38 over RTP (which
does exist) then we'd have a chance but almost nobody does that so
here we are.
ASTERISK-24449 #close
Reported by: Andreas Steinmetz
patches:
udptl-ignore-srtp-v2.patch submitted by Andreas Steinmetz (license 6523)
........
Merged revisions 429632 from http://svn.asterisk.org/svn/asterisk/branches/11
Matthew Jordan [Fri, 19 Dec 2014 19:58:50 +0000 (19:58 +0000)]
stun: correct attribute string padding to match rfc
When sending the USERNAME attribute in an RTP STUN
response, the implementation in append_attr_string
passed the actual length, instead of padding it up
to a multiple of four bytes as required by the RFC
3489. This change adds separate variables for the
string and padded attributed lengths, and performs
padding correctly.
Reported by: Thomas Arimont
Review: https://reviewboard.asterisk.org/r/4139/
........
Merged revisions 427874 from http://svn.asterisk.org/svn/asterisk/branches/11
projects / thirdparty / asterisk.git / log
