Ben Ford [Mon, 31 Aug 2020 16:14:20 +0000 (11:14 -0500)]
Bridging: Use a ref to bridge_channel's channel to prevent crash.
There's a race condition with bridging where a bridge can be torn down
causing the bridge_channel's ast_channel to become NULL when it's still
needed. This particular case happened with attended transfers, but the
crash occurred when trying to publish a stasis message. Now, the
bridge_channel is locked, a ref to the ast_channel is obtained, and that
ref is passed down the chain.
George Joseph [Fri, 22 Nov 2019 16:39:36 +0000 (09:39 -0700)]
channel.c: Resolve issue with receiving SIP INFO packets for DTMF
The problem is essentially the same as in ASTERISK~28245. Besides
the direct media scenario we have an additional scenario where a
special client is involved. This device mutes audio by default in
transmit direction (no rtp frames) and activates audio only by a
foot switch. In this situation dtmf input (pin for conferences,
transfer features codes , etc) using SIP INFO mode is not
understood properly especially when SIP INFO messages are sent
quickly.
This patch ensures that SIP INFO frames are properly queued and
processed in the above scenario. The patch also corrects situations
where successive dtmf events are received quicker than the
signalled event duration (plus minimum gap/pause) allows, i.e. DTMF
events have to be buffered in the ast channel read queue and
emulation has to be processed asynchronously at slower speed.
Reported by: Thomas Arimont
patches:
trigger_dtmf_emulation.patch submitted by Thomas Arimont (license 5525)
Ben Ford [Fri, 22 Nov 2019 15:31:47 +0000 (09:31 -0600)]
Add directories and README files for staging changes.
While doing a release, problems were encountered running the
process-staging-changes script. These directories and the README.md
files were missing from the certified branches. Adding them in to be in
line with the other branches.
Also fixing the .gitreview file to point to the correct branch.
Ben Ford [Mon, 21 Oct 2019 19:55:06 +0000 (14:55 -0500)]
chan_sip.c: Prevent address change on unauthenticated SIP request.
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.
George Joseph [Thu, 24 Oct 2019 17:41:23 +0000 (11:41 -0600)]
manager.c: Prevent the Originate action from running the Originate app
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Ben Ford [Fri, 8 Nov 2019 19:21:15 +0000 (13:21 -0600)]
res_pjsip_session.c: Check for port of zero on incoming SDP.
If a re-invite comes in initiating T.38, but there is no c line in the
SDP and the port is also 0, a crash can occur. A check is now done on
the port to see if the steam is already declined, preventing the crash.
The logic was moved to res_pjsip_session.c because it is handled in a
similar manner in later versions of Asterisk.
Joshua Colp [Tue, 12 Nov 2019 11:00:44 +0000 (07:00 -0400)]
parking: Use channel snapshot instead of channel.
There exists a scenario where a thread can hold a lock on the
channels container while trying to lock a bridge. At the same
time another thread can hold the lock for said bridge while
attempting to retrieve a channel. This causes a deadlock.
This change fixes this scenario by retrieving a channel snapshot
instead of a channel, as information present in the snapshot
is all that is needed.
Kevin Harwell [Tue, 24 Sep 2019 16:21:12 +0000 (11:21 -0500)]
res_pjsip_pubsub: change warning to debug
The following message:
"Subscription request from endpoint <blah> rejected. Expiration of 0 is invalid"
Would sometimes spam the log with warnings if Asterisk restarted and a bunch
of clients sent unsubscribes. This patch changes it from a warning to a debug
message.
Kevin Harwell [Mon, 23 Sep 2019 16:01:36 +0000 (11:01 -0500)]
res_sorcery_memory_cache: stale item update leak
When a stale item was being updated the object was being retrieved, but its
reference was not being decremented after the update. This patch makes it so
the object is now appropriately de-referenced.
chan_pjsip: Relock correct channel during "fax" redirect.
When fax detection occurs on an outbound PJSIP channel the
redirect operation will result in a masquerade occurring and
the underlying channel on the session changing. The code
incorrectly relocked the new channel instead of the old
channel when returning. This resulted in the new channel
being locked indefinitely. The code now always acts on the
expected channel.
George Joseph [Thu, 8 Aug 2019 12:12:18 +0000 (06:12 -0600)]
CI: Add "throttle" label and "skip_gate" capability
To make throttling by label fully active, the "throttle" option
has to be specified with a specific label.
You can now specify "skip_gate" in the Gerrit comments when you
do a +2 code review to tell Jenkins not to actually run the
gate. You'd do this if you plan to manually merge the change.
Also updated the "printenv" debug output to better sort multi-line
comments.
George Joseph [Tue, 6 Aug 2019 15:40:54 +0000 (09:40 -0600)]
CI: Make node labels job-specific
Originally, the eligible nodes for a job were labelled only by
"swdev-docker". So basically any node could run any job. We had
found that allowing a node to run more than 1 gate at a time was
problematic so we limited the nodes to processing 1 job at a time.
With the creation of the Asterisk 17 branches however, we now have
so many active branches that getting checks and gates through in
a timely manner is problematic when a node can run only 1 job
at a time.
Now the nodes are also labelled by the job type they can run.
For instance: "asterisk-check", "asterisk-gate", etc. With the
"Throttle Concurrent Builds" plugin, we can now allow a node to
run more than 1 job BUT throttle by job type. For instance:
Allow 2 jobs but only 1 asterisk-gate at a time.
Now a node can run 2 checks or 1 check and 1 gate or 1 gate but
not 2 gates at a time.
George Joseph [Wed, 24 Jul 2019 20:15:27 +0000 (14:15 -0600)]
CI: Don't enable non-core modules in Certified branches
We don't support non-core modules for Certified releases but we
were enabling them for CI builds which was causing lots of test
failures. Now we don't.
NOTE: This change required that the rest of the CI shell scripts
and jenkinsfiles be updates to the same level as certified/16.3.
chan_sip: Handle invalid SDP answer to T.38 re-invite
The chan_sip module performs a T.38 re-invite using a single media
stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional
media stream with no joint codec a crash will occur as the code
assumes that at least one joint codec will exist in this
scenario.
George Joseph [Thu, 8 Nov 2018 15:53:44 +0000 (08:53 -0700)]
backtrace: Refactor ast_bt_get_symbols so it doesn't crash
We've been seeing crashes in libbfd when we attempt to generate
a stack trace from multiple threads. It turns out that libbfd
is NOT thread-safe. It can cache the bfd structure and give it to
multiple threads without protecting itself. To get around this,
we've added a global mutex around the bfd functions and also have
refactored the use of those functions to be more efficient and
to provide more information about inlined functions.
Also added a few more tests to test_pbx.c. One just calls
ast_assert() and the other calls ast_log_backtrace(). Neither are
run by default.
WARNING: This change necessitated changing the return value of
ast_bt_get_symbols() from an array of strings to a VECTOR of
strings. However, the use of this function outside Asterisk is not
likely.
The HTTP request processing in res_http_websocket allocates additional
space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.
* No longer allocate memory from the stack in a loop to parse the header
values. NOTE: There is a slight API change when using the passed in
strings as is. We now require the passed in strings to no longer have
leading or trailing whitespace. This isn't a problem as the only callers
have already done this before passing the strings to the affected
function.
res_pjsip: Update default keepalive interval to 90 seconds.
A change recently went in which disabled the built-in PJSIP
keepalive. This defaulted to 90 seconds and kept TCP/TLS
connections alive. Disabling this functionality has resulted
in a behavior change of not doing keepalives by default resulting
in TCP/TLS connections dropping for some people.
This change makes our default keepalive interval 90 seconds
to match the previous behavior and preserve it.
Turn off the periodic sending of CRLNCRLN. Default is on (90 seconds),
which conflicts with the global section's keep_alive_interval option in
pjsip.conf.
patches:
pjsip_keep_not_alive.patch submitted by Alexander Traud (License 6520)
Richard Mudgett [Tue, 3 Jul 2018 17:10:36 +0000 (12:10 -0500)]
res_pjsip/pjsip_transport_management.c: Fix deadlock with transport keep alive.
Using the keep_alive_interval option can result in a deadlock between the
pjproject transport manager group lock and the monitored transports ao2
container lock. The pjproject transport manager group lock has to be
superior in the locking order to the monitored transports ao2 container
lock because of pjproject callbacks called when already holding the group
lock. The lock inversion happens when Asterisk attempts to send a keep
alive packet over the reliable transports.
* Made keepalive_transport_thread() iterate over the monitored transports
container rather than use the ao2_callback() method. This avoids holding
the container lock when sending the keep alive packet.
Richard Mudgett [Fri, 13 Jul 2018 23:26:46 +0000 (18:26 -0500)]
Build: Fix modules getting their optimization setting overridden.
Asterisk modules that use PJPROJECT services have their compiler
optimization and possibly their symbolic debug options overridden by the
PJPROJECT configure script selected settings.
* We need to filter-out any -O and -g options in PJ_CFLAGS before echoing
out the result so the PJPROJECT_INCLUDE variable does not override the
Asterisk module settings when using bundled PJPROJECT.
NOTE: This patch only has an effect when using bundled PJPROJECT.
Jaco Kroon [Tue, 8 May 2018 09:59:02 +0000 (11:59 +0200)]
manager: fix digest auth for ami/http mechanism.
Due to a fixed size buffer the digest authentication could be
incorrectly calculated if a large URI was provided, causing
authentication failure. The buffer is now dynamically allocated to allow
any size URI within the normal limits of the HTTP request size.
George Joseph [Wed, 11 Jul 2018 11:14:49 +0000 (05:14 -0600)]
CI: Initial commit for moving CI into source repo
Create tests/CI directory and add files used by Jenkins to
build and test Asterisk.
With this commit, Jenkins will run the Asterisk Unit Tests using
the Jenkinsfile at tests/CI/unittests.jenkinsfile. Bash scripts
to do the actual building and testing are also in the same directory.
Output is placed in tests/CI/output so that directory has been
added to .gitignore.
George Joseph [Fri, 6 Jul 2018 14:04:56 +0000 (08:04 -0600)]
test.c: Make output jUnit compatible
Separate "name" into "classname" and "name".
Use '.' for classname separator instead of '/'.
Prefix reserved words with '_'.
Wrap output with a top-level "testsuites" element.
Richard Mudgett [Mon, 30 Apr 2018 22:38:58 +0000 (17:38 -0500)]
AST-2018-008: Fix enumeration of endpoints from ACL rejected addresses.
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
George Joseph [Mon, 4 Jun 2018 14:50:51 +0000 (08:50 -0600)]
app_sendtext: Allow content types other than text/plain
There was no real reason to limit the conteny type to text/plain other
than that's what it was limited to before. Now any text/* content
type will be allowed for channel drivers that don't support enhanced
messaging and any type will be allowed for channel drivers that do
support enhanced messaging.
George Joseph [Tue, 10 Apr 2018 21:09:49 +0000 (15:09 -0600)]
app_sendtext: Enhance SendText to support Enhanced Messaging
SendText now accepts new channel variables that can be used
to override the To and From display names and set the Content-Type
of a message. Since you can now set Content-Type, other text/*
content types are now valid.
George Joseph [Wed, 27 Sep 2017 16:44:53 +0000 (10:44 -0600)]
bridge_softmix: Forward TEXT frames
Core bridging and, more specifically, bridge_softmix have been
enhanced to relay received frames of type TEXT or TEXT_DATA to all
participants in a softmix bridge. res_pjsip_messaging and
chan_pjsip have been enhanced to take advantage of this so when
res_pjsip_messaging receives an in-dialog MESSAGE message from a
user in a conference call, it's relayed to all other participants
in the call.
res_pjsip_messaging already queues TEXT frames to the channel when
it receives an in-dialog MESSAGE from an endpoint and chan_pjsip
will send an MESSAGE when it gets a TEXT frame. On a normal
point-to-point call, the frames are forwarded between the two
correctly. bridge_softmix was not though so messages weren't
getting forwarded to conference bridge participants. Even if they
were, the bridging code had no way to tell the participants who
sent the message so it would look like it came from the bridge
itself.
* The TEXT frame type doesn't allow storage of any meta data, such
as sender, on the frame so a new TEXT_DATA frame type was added that
uses the new ast_msg_data structure as its payload. A channel
driver can queue a frame of that type when it receives a message
from outside. A channel driver can use it for sending messages
by implementing the new send_text_data channel tech callback and
setting the new AST_CHAN_TP_SEND_TEXT_DATA flag in its tech
properties. If set, the bridging/channel core will use it instead
of the original send_text callback and it will get the ast_msg_data
structure. Channel drivers aren't required to implement this. Even
if a TEXT_DATA enabled driver uses it for incoming messages, an
outgoing channel driver that doesn't will still have it's send_text
callback called with only the message text just as before.
* res_pjsip_messaging now creates a TEXT_DATA frame for incoming
in-dialog messages and sets the "from" to the display name in the
"From" header, or if that's empty, the caller id name from the
channel. This allows the chat client user to set a friendly name
for the chat.
* bridge_softmix now forwards TEXT and TEXT_DATA frames to all
participants (except the sender).
* A new function "ast_sendtext_data" was added to channel which
takes an ast_msg_data structure and calls a channel's
send_text_data callback, or if that's not defined, the original
send_text callback.
* bridge_channel now calls ast_sendtext_data for TEXT_DATA frame
types and ast_sendtext for TEXT frame types.
* chan_pjsip now uses the "from" name in the ast_msg_data structure
(if it exists) to set the "From" header display name on outgoing text
messages.
George Joseph [Wed, 27 Sep 2017 16:44:53 +0000 (10:44 -0600)]
bridge_softmix: Forward TEXT frames
Core bridging and, more specifically, bridge_softmix have been
enhanced to relay received frames of type TEXT or TEXT_DATA to all
participants in a softmix bridge. res_pjsip_messaging and
chan_pjsip have been enhanced to take advantage of this so when
res_pjsip_messaging receives an in-dialog MESSAGE message from a
user in a conference call, it's relayed to all other participants
in the call.
res_pjsip_messaging already queues TEXT frames to the channel when
it receives an in-dialog MESSAGE from an endpoint and chan_pjsip
will send an MESSAGE when it gets a TEXT frame. On a normal
point-to-point call, the frames are forwarded between the two
correctly. bridge_softmix was not though so messages weren't
getting forwarded to conference bridge participants. Even if they
were, the bridging code had no way to tell the participants who
sent the message so it would look like it came from the bridge
itself.
* The TEXT frame type doesn't allow storage of any meta data, such
as sender, on the frame so a new TEXT_DATA frame type was added that
uses the new ast_msg_data structure as its payload. A channel
driver can queue a frame of that type when it receives a message
from outside. A channel driver can use it for sending messages
by implementing the new send_text_data channel tech callback and
setting the new AST_CHAN_TP_SEND_TEXT_DATA flag in its tech
properties. If set, the bridging/channel core will use it instead
of the original send_text callback and it will get the ast_msg_data
structure. Channel drivers aren't required to implement this. Even
if a TEXT_DATA enabled driver uses it for incoming messages, an
outgoing channel driver that doesn't will still have it's send_text
callback called with only the message text just as before.
* res_pjsip_messaging now creates a TEXT_DATA frame for incoming
in-dialog messages and sets the "from" to the display name in the
"From" header, or if that's empty, the caller id name from the
channel. This allows the chat client user to set a friendly name
for the chat.
* bridge_softmix now forwards TEXT and TEXT_DATA frames to all
participants (except the sender).
* A new function "ast_sendtext_data" was added to channel which
takes an ast_msg_data structure and calls a channel's
send_text_data callback, or if that's not defined, the original
send_text callback.
* bridge_channel now calls ast_sendtext_data for TEXT_DATA frame
types and ast_sendtext for TEXT frame types.
* chan_pjsip now uses the "from" name in the ast_msg_data structure
(if it exists) to set the "From" header display name on outgoing text
messages.
Alexander Traud [Thu, 17 May 2018 06:58:43 +0000 (08:58 +0200)]
res_pjsip_endpoint_identifier_ip: Unregister the module for headers.
Asterisk uses Reference Counting to track whether a module can be unloaded.
Every consumer who requires a module, increases the reference count. When the
consumer goes, is unloaded itself, it has to decrease the reference count on
all its used/required modules. That way
core stop gracefully
works on the command-line interface (CLI): One module after the other is
unloaded. A recent change broke this for the module res_pjsip.
Alexander Traud [Thu, 17 May 2018 05:34:03 +0000 (07:34 +0200)]
res_pjsip: Register pjsip_transport_management not externally but internally.
The module (res_)pjsip_transport_management got moved into res_pjsip. It is no
longer an independent/external module with (un)load_module and therefore has to
register just internally with res_pjsip.
Kevin Harwell [Mon, 30 Oct 2017 20:24:53 +0000 (15:24 -0500)]
Initialize 13.21-cert branch
A new branch was created for what will be Asterisk certified 13.21. A couple
of things needed to be done to the branch in order to complete initialization:
Modified the version file to reflect the certified version.
Updated all extended modules to be disabled by default.
George Joseph [Fri, 13 Apr 2018 20:17:36 +0000 (14:17 -0600)]
utils: Add ast_assert_return
Similar to pjproject's PJ_ASSERT_RETURN macro, this one will do the
following...
If the assert passes... NoOp
If the assert fails and AST_DEVMODE is defined, execute ast_assert()
then, if DO_CRASH isn't set, return from the calling function with
the supplied value.
If the assert fails and AST_DEVMODE is not defined, return from the
calling function with the supplied value.
The macro will execute a return without a value if one isn't suppled.
Ben Ford [Fri, 13 Apr 2018 19:32:48 +0000 (14:32 -0500)]
res_musiconhold: Don't restart MOH from beginning after announcement.
This reverts a problem introduced by the fix for ASTERISK_24329.
Now, when an announcement is played while waiting in a queue, music on
hold will not restart from the beginning of the sound file and will
instead pick up where it left off. However, the incorrect behavior in
ASTERISK_24329 is now present again; if an announcement X seconds
long is played when music on hold starts, music on hold will start X
seconds into the file.
Richard Mudgett [Tue, 27 Mar 2018 16:04:42 +0000 (11:04 -0500)]
res_pjsip.c: Split ast_sip_push_task_synchronous() to fit expectations.
ast_sip_push_task_synchronous() did not necessarily execute the passed in
task under the specified serializer. If the current thread is any
registered pjsip thread then it would execute the task immediately instead
of under the specified serializer. Reentrancy issues could result if the
task does not execute with the right serializer.
The original reason ast_sip_push_task_synchronous() checked to see if the
current thread was a registered pjsip thread was because of a deadlock
with masquerades and the channel technology's fixup callback
(ASTERISK_22936). A subsequent masquerade deadlock fix (ASTERISK_24356)
involving call pickups avoided the original deadlock situation entirely.
The PJSIP channel technology's fixup callback no longer needed to call
ast_sip_push_task_synchronous().
However, there are a few places where this unexpected behavior is still
required to avoid deadlocks. The pjsip monitor thread executes callbacks
that do calls to ast_sip_push_task_synchronous() that would deadlock if
the task were actually pushed to the specified serializer. I ran into one
dealing with the pubsub subscriptions where an ao2 destructor called
ast_sip_push_task_synchronous().
* Split ast_sip_push_task_synchronous() into
ast_sip_push_task_wait_servant() and ast_sip_push_task_wait_serializer().
ast_sip_push_task_wait_servant() has the old behavior of
ast_sip_push_task_synchronous(). ast_sip_push_task_wait_serializer() has
the new behavior where the task is always executed by the specified
serializer or a picked serializer if one is not passed in. Both functions
behave the same if the current thread is not a SIP servant.
* Redirected ast_sip_push_task_synchronous() to
ast_sip_push_task_wait_servant() to preserve API for released branches.
Richard Mudgett [Thu, 22 Mar 2018 00:43:21 +0000 (19:43 -0500)]
pjsip_scheduler.c: Fix some corner cases.
* Fix the periodic interval wander because it may take significant time
between the sched thread queueing the task in the serializer and the
serializer actually executing the task. The time it takes to actually
execute the task was already taken into account.
* Pass a schtd ref to the serializer when we queue a scheduled task on
the serializer. We don't want it going away on us while it is in the
serializer queue.
* Skip the scheduled task if the task was canceled between queueing the
task to the serializer and the serializer actually executing the task.
* Reorder struct ast_sip_sched_task to avoid unnecessary padding. Removed
task_id and added next_periodic.
* Hold a ref to the passed in serializer so the serializer cannot go away
on the scheduled task.
cdr_mysql: Compile error because MYSQL_PORT definition is missing
If it is not defined, it will add MYSQL_PORT definition. After some
research on MySQL/MariaDB development tree, I couldn't find any reference
to MYSQL_PORT definition in include files.
res_pjsip_session: Rewrite o= with external_media_address.
It now appends the external IP address on the
o= line of the SDP packet. The decision was made to write
the numeric IP address as opposed to the RFC that states
the FQDN should be used if and when available. We believe
the usage of literal IP address will help avoid
potential problems.
Nathan Bruning [Thu, 22 Feb 2018 18:18:48 +0000 (19:18 +0100)]
res_pjsip_notify.c: enable in-dialog NOTIFY
This patch adds support to send in-dialog SIP NOTIFY commands on
chan_pjsip channels, similar to the functionality recently added
for chan_sip (ASTERISK_27461).
This extends res_pjsip_notify to allow for in-dialog messages.
Richard Mudgett [Thu, 22 Mar 2018 18:35:04 +0000 (13:35 -0500)]
pjsip_scheduler.c: Fix ao2 usage errors.
* Removed several invalid uses of OBJ_NOLOCK. These uses resulted in the
'tasks' container being accessed without a lock in a multi-threaded
environment. A recipe for crashes.
* Removed needlessly obtaining schtd object references. If the caller
providing you a pointer to an object doesn't have a valid reference then
you cannot safely get one from it.
* Getting a ref to 'tasks' when you aren't copying the pointer into
another location is useless. The 'tasks' container pointer is global.
* Removed many unnecessary uses of RAII_VAR.
* Make ast_sip_schedule_task() name parameter const.
Corey Farrell [Fri, 23 Mar 2018 11:49:59 +0000 (07:49 -0400)]
Build System: Enable python3 compatibility.
* Consistently use spaces in rest-api-templates/asterisk_processor.py.
* Exclude third-party from docs/full-en_US.xml.
* Add docs/full-en_US.xml to .gitignore.
* Use list() to convert python3 view.
* Use python3 print function.
* Replace cmp() with equivalent equation.
* Replace reference to out of scope subtype variable with name
parameter.
* Use unescaping triple bracket notation in mustache templates where
needed. This causes behavior of Python2 to be maintained when using
Python3.
* Fix references to has_websocket / is_websocket in
res_ari_resource.c.mustache.
* Update calculation of has_websocket to use any().
* Use unicode mode for writing output file in transform.py.
* Replace 'from swagger_model import *' with explicit import of required
symbols.
* Add missing 'import os'
* Fix invalid reference to swagger_version from exception handler.
I have not tested voicemailpwcheck.py, only the print syntax has
been fixed.
projects / thirdparty / asterisk.git / log
