Mark Michelson [Tue, 15 Jan 2013 20:15:00 +0000 (20:15 +0000)]
Address further review feedback from David Lee.
* Clarify some documentation
* Change copyright date of taskprocessor files
* Address potential issue of creating taskprocessor with listener if
taskprocessor with that name exists already
Mark Michelson [Tue, 15 Jan 2013 18:40:36 +0000 (18:40 +0000)]
Remove alloc and destroy callbacks from the taskprocessor.
Now user data is allocated by the creator of the taskprocessor
listener and that user data is passed into ast_taskprocessor_listener_alloc().
Similarly, freeing of the user data is left up to the user himself. He can
free the data when the taskprocessor shuts down, or he can choose to hold
onto it if it makes sense to do so.
This, unsurprisingly, makes threadpool allocation a LOT cleaner now.
Fix XML encoding of 'identity display' in NOTIFY messages, continued.
When r378933 was merged into 1.8, it should have also escaped
remote_display, since it will have the same XML encoding problem when
the caller/callee roles are reversed.
Merged revisions 379001 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 379020 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r379023 | dlee | 2013-01-14 09:58:01 -0600 (Mon, 14 Jan 2013) | 20 lines
Masquerades are an insane implementation detail within Asterisk. It generates
a number of useless and confusing events, and manipulates channels in a way
that semantically doesn't make sense. I've given a fairly thorough review of
masquerade code and its usage on the wiki at
https://wiki.asterisk.org/wiki/x/IwBRAQ.
While ultimately it makes the most sense to abandon masquerades altogether,
it will take some time to completely irradicate. Even then, there may always
be code that's not worth rewriting to get rid of the masquerade.
This patch does two things to make masquerades slightly less insane:
* When swapping the names of the original and clone channel, only emit a
single rename event of original -> original<ZOMBIE>. The original code
issued three rename events to accomplish the same end.
* In addition to swapping the names of the channels, also swap their
uniqueid's. This allows the 'Uniqueid' field to be used as a stable
identifier for a channel from and external interface, such as AMI.
David M. Lee [Mon, 14 Jan 2013 15:58:01 +0000 (15:58 +0000)]
Gently reduce masquerade insanity
Masquerades are an insane implementation detail within Asterisk. It generates
a number of useless and confusing events, and manipulates channels in a way
that semantically doesn't make sense. I've given a fairly thorough review of
masquerade code and its usage on the wiki at
https://wiki.asterisk.org/wiki/x/IwBRAQ.
While ultimately it makes the most sense to abandon masquerades altogether,
it will take some time to completely irradicate. Even then, there may always
be code that's not worth rewriting to get rid of the masquerade.
This patch does two things to make masquerades slightly less insane:
* When swapping the names of the original and clone channel, only emit a
single rename event of original -> original<ZOMBIE>. The original code
issued three rename events to accomplish the same end.
* In addition to swapping the names of the channels, also swap their
uniqueid's. This allows the 'Uniqueid' field to be used as a stable
identifier for a channel from and external interface, such as AMI.
David M. Lee [Mon, 14 Jan 2013 15:29:22 +0000 (15:29 +0000)]
Fix XML encoding of 'identity display' in NOTIFY messages, continued.
When r378933 was merged into 1.8, it should have also escaped
remote_display, since it will have the same XML encoding problem when
the caller/callee roles are reversed.
Reset RTP timestamp; sequence number on SSRC change
In r370252 for ASTERISK-18404, Asterisk's handling of RTP was modified to
better account for out of order RTP packets. This was accomplished by using the
RTP timestamp and sequence number to check for out of order packets. However,
when a SSRC change occurs, the timestamp and sequence number will no longer
have any relation to the previously received packets. The variables tracking
the timestamp and sequence number therefore have to be reset.
Matthew Jordan [Sun, 13 Jan 2013 22:07:00 +0000 (22:07 +0000)]
Reset RTP timestamp; sequence number on SSRC change
In r370252 for ASTERISK-18404, Asterisk's handling of RTP was modified to
better account for out of order RTP packets. This was accomplished by using the
RTP timestamp and sequence number to check for out of order packets. However,
when a SSRC change occurs, the timestamp and sequence number will no longer
have any relation to the previously received packets. The variables tracking
the timestamp and sequence number therefore have to be reset.
Fix XML encoding of 'identity display' in NOTIFY messages.
XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
David M. Lee [Sat, 12 Jan 2013 06:43:37 +0000 (06:43 +0000)]
Fix XML encoding of 'identity display' in NOTIFY messages.
XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
This provides a JSON API by pulling in and wrapping the Jansson JSON
library[1]. The Asterisk API basically mirrors the Jansson
functionality, with a few minor tweaks.
* Some names have been asteriskified to protect the innocent.
* Jansson provides both reference-stealing and reference-borrowing
versions of several API's. The Asterisk API is exclusively
reference-stealing for operations that put elements into arrays and
objects.
* No support for doubles, since we usually don't need that.
* Coming along for the ride is the ast_test_validate macro, which made
the unit tests much easier to write.
Retain XMPP filters across reconnections so external modules continue to function as expected.
Previously if an XMPP client reconnected any filters added by an external module were lost.
This issue exhibited itself with chan_motif not receiving and reacting to Jingle signaling.
Joshua Colp [Fri, 11 Jan 2013 23:05:38 +0000 (23:05 +0000)]
Retain XMPP filters across reconnections so external modules continue to function as expected.
Previously if an XMPP client reconnected any filters added by an external module were lost.
This issue exhibited itself with chan_motif not receiving and reacting to Jingle signaling.
David M. Lee [Fri, 11 Jan 2013 22:31:42 +0000 (22:31 +0000)]
Add JSON API for Asterisk.
This provides a JSON API by pulling in and wrapping the Jansson JSON
library[1]. The Asterisk API basically mirrors the Jansson
functionality, with a few minor tweaks.
* Some names have been asteriskified to protect the innocent.
* Jansson provides both reference-stealing and reference-borrowing
versions of several API's. The Asterisk API is exclusively
reference-stealing for operations that put elements into arrays and
objects.
* No support for doubles, since we usually don't need that.
* Coming along for the ride is the ast_test_validate macro, which made
the unit tests much easier to write.
Automerge script [Thu, 10 Jan 2013 00:20:46 +0000 (00:20 +0000)]
Merged revisions 378854,378858-378859 via svnmerge from
file:///srv/subversion/repos/asterisk/trunk
........
r378854 | rmudgett | 2013-01-09 17:22:00 -0600 (Wed, 09 Jan 2013) | 1 line
Fix logger.c function definition.
........
r378858 | rmudgett | 2013-01-09 17:23:41 -0600 (Wed, 09 Jan 2013) | 6 lines
Trivial misc bridge code changes.
* softmix_bridge_thread() was redundantly initializing an 8K buffer.
* Promoted a debug message to a warning in multiplexed_add_or_remove().
........
r378859 | rmudgett | 2013-01-09 17:51:45 -0600 (Wed, 09 Jan 2013) | 6 lines
* Simple optimization of bridge_playfile().
* Squeezed some redundancy out of update_bridge_vars().
* Wrapped long line in __ast_change_name_nolink().
........
* Revert the -r341580 and -r341599 changes adding the queues.conf
check_state_unknown option as it was added in an attempt to fix this
problem. The fix did not need to be optional. The fix should not have
tried to explicitly set the device state. Setting the device state by
something other than the device introduces a race condition. I also could
not see how the change would be effective other than delaying the
app_queue code long enough for the device state to propagate to app_queue.
........
Merged revisions 378663 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378683 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 378687 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r378691 | rmudgett | 2013-01-08 18:05:35 -0600 (Tue, 08 Jan 2013) | 10 lines
app_queue: Fix incorrect assertion.
(issue ASTERISK-16115)
........
Merged revisions 378689 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 378690 from http://svn.asterisk.org/svn/asterisk/branches/11
................
* Revert the -r341580 and -r341599 changes adding the queues.conf
check_state_unknown option as it was added in an attempt to fix this
problem. The fix did not need to be optional. The fix should not have
tried to explicitly set the device state. Setting the device state by
something other than the device introduces a race condition. I also could
not see how the change would be effective other than delaying the
app_queue code long enough for the device state to propagate to app_queue.
........
Merged revisions 378663 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378683 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 378687 from http://svn.asterisk.org/svn/asterisk/branches/11
Mark Michelson [Mon, 7 Jan 2013 22:16:06 +0000 (22:16 +0000)]
Address review board feedback from Matt and Richard
* Remove extraneous whitespace
* Bump up debug levels of messages and add identifying info to messages.
* Account for potential failures of ao2_link()
* Add additional test and some more test data
* Add some comments in places where they could be useful
* Make threadpool listeners and their callbacks optional
Rewrite skinny dialing to remove threaded simpleswitch
This rewrite changes skinny dialing from the threaded simpleswitch
to a scheduled timeout approach. There were some underlying issues
with the threaded simple switch with occasional corruption and
possible segfaults.
Damien Wedhorn [Sun, 6 Jan 2013 20:45:12 +0000 (20:45 +0000)]
Rewrite skinny dialing to remove threaded simpleswitch
This rewrite changes skinny dialing from the threaded simpleswitch
to a scheduled timeout approach. There were some underlying issues
with the threaded simple switch with occasional corruption and
possible segfaults.
res_srtp: Prevent a crash from occurring due to srtp_create failures in srtp_create
Under some circumstances, libsrtp's srtp_create function deallocates memory that
it wasn't initially responsible for allocating. Because we weren't initially
aware of this behavior, this memory was still used in spite of being unallocated
during the course of the srtp_unprotect function. A while back I made a patch
which would set this value to NULL, but that exposed a possible condition where
we would then try to check a member of the struct which would cause a segfault.
In order to address these problems, ast_srtp_unprotect will now set an error value
when it ends without a valid SRTP session which will result in the caller of
srtp_unprotect observing this error and hanging up the relevant channel instead of
trying to keep using the invalid session address.
Jonathan Rose [Fri, 4 Jan 2013 23:14:54 +0000 (23:14 +0000)]
res_srtp: Prevent a crash from occurring due to srtp_create failures in srtp_create
Under some circumstances, libsrtp's srtp_create function deallocates memory that
it wasn't initially responsible for allocating. Because we weren't initially
aware of this behavior, this memory was still used in spite of being unallocated
during the course of the srtp_unprotect function. A while back I made a patch
which would set this value to NULL, but that exposed a possible condition where
we would then try to check a member of the struct which would cause a segfault.
In order to address these problems, ast_srtp_unprotect will now set an error value
when it ends without a valid SRTP session which will result in the caller of
srtp_unprotect observing this error and hanging up the relevant channel instead of
trying to keep using the invalid session address.
Fix SIP Notify Messages To Have The Proper IP Address In The FROM Field
On a multihomed server when sending a NOTIFY message, we were not figuring out
which network should be used to contact the peer.
This patch fixes the problem by calling ast_sip_ouraddrfor() and then
build_via() so that our NOTIFY message contains the correct IP address.
Also, a debug message is being added to help follow the call-id changes that
occur. This was helpful for confirming that the IP address was set properly
since the call-id contains the IP address. It also will be helpful for
troubleshooting purposes when following a call in the debug logs.
(closes issue ASTERISK-20805)
Reported by: Bryan Hunt
Tested by: Bryan Hunt, Michael L. Young
Patches:
asterisk-20805-notify-ip-v2.diff uploaded by Michael L. Young (license 5026)
Merged revisions 378554 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378559 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r378585 | kmoore | 2013-01-04 16:19:16 -0600 (Fri, 04 Jan 2013) | 13 lines
Fix pjproject compilation in certain circumstances
On a fresh checkout of Asterisk 11, running make before ./configure
could cause the pjproject subdirectory to get in an odd state that
would prevent compilation. This patch by Tilghman prevents that from
occurring.
Kinsey Moore [Fri, 4 Jan 2013 22:19:16 +0000 (22:19 +0000)]
Fix pjproject compilation in certain circumstances
On a fresh checkout of Asterisk 11, running make before ./configure
could cause the pjproject subdirectory to get in an odd state that
would prevent compilation. This patch by Tilghman prevents that from
occurring.
(closes issue ASTERISK-20681)
Reported by: Dinesh Ramjuttun
Tested by: danilo borges, Steve Lang
patches:
20121208__ccar_solved.diff.txt uploaded by Tilghman Lesher (license 5003)
........
Merged revisions 378582 from http://svn.asterisk.org/svn/asterisk/branches/11
Fix SIP Notify Messages To Have The Proper IP Address In The FROM Field
On a multihomed server when sending a NOTIFY message, we were not figuring out
which network should be used to contact the peer.
This patch fixes the problem by calling ast_sip_ouraddrfor() and then
build_via() so that our NOTIFY message contains the correct IP address.
Also, a debug message is being added to help follow the call-id changes that
occur. This was helpful for confirming that the IP address was set properly
since the call-id contains the IP address. It also will be helpful for
troubleshooting purposes when following a call in the debug logs.
(closes issue ASTERISK-20805)
Reported by: Bryan Hunt
Tested by: Bryan Hunt, Michael L. Young
Patches:
asterisk-20805-notify-ip-v2.diff uploaded by Michael L. Young (license 5026)
Fix Queue Log Reporting Every Call COMPLETECALLER With "h" Extension Present
When the "h" extension is present within the context of the queue, all calls
are being reported COMPLETECALLER even when the agent is hanging up the call.
This patch checks to see if the agent hung-up or not instead of only relying on
checking if the queue (caller) channel hung-up or not. It would appear that
having the h extension in the mix, the pbx goes to the h extension,
"hanging-up" the queue channel and triggering the reporting of COMPLETECALLER.
(closes issue ASTERISK-20743)
Reported by: call
Tested by: call, Michael L. Young
Patches:
asterisk-20743-q-cmplt-caller.diff
uploaded by Michael L. Young (license 5026)
Fix Queue Log Reporting Every Call COMPLETECALLER With "h" Extension Present
When the "h" extension is present within the context of the queue, all calls
are being reported COMPLETECALLER even when the agent is hanging up the call.
This patch checks to see if the agent hung-up or not instead of only relying on
checking if the queue (caller) channel hung-up or not. It would appear that
having the h extension in the mix, the pbx goes to the h extension,
"hanging-up" the queue channel and triggering the reporting of COMPLETECALLER.
(closes issue ASTERISK-20743)
Reported by: call
Tested by: call, Michael L. Young
Patches:
asterisk-20743-q-cmplt-caller.diff
uploaded by Michael L. Young (license 5026)
* Made agent_cont_sleep() and agent_ack_sleep() stop waiting if the wrapup
time expires. agent_cont_sleep() had tried but returned the wrong value
to stop waiting.
* Made agent_ack_sleep() take a struct agent_pvt pointer instead of a void
pointer for better type safety.
........
Merged revisions 378486 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378487 from http://svn.asterisk.org/svn/asterisk/branches/11
................
Richard Mudgett [Thu, 3 Jan 2013 19:42:54 +0000 (19:42 +0000)]
chan_agent: Fix wrapup time wait response.
* Made agent_cont_sleep() and agent_ack_sleep() stop waiting if the wrapup
time expires. agent_cont_sleep() had tried but returned the wrong value
to stop waiting.
* Made agent_ack_sleep() take a struct agent_pvt pointer instead of a void
pointer for better type safety.
........
Merged revisions 378486 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378487 from http://svn.asterisk.org/svn/asterisk/branches/11
Merged revisions 378456 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378457 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r378460 | kmoore | 2013-01-03 12:51:43 -0600 (Thu, 03 Jan 2013) | 13 lines
Add missing test event
This test event was missing from channel.c causing the dial_LS_options
test to fail intermittently because of a race condition where most code
paths emitted the test event but this one did not. The dial_LS_options
test should stop bouncing now.
........
Merged revisions 378455 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378459 from http://svn.asterisk.org/svn/asterisk/branches/11
................
Kinsey Moore [Thu, 3 Jan 2013 18:51:43 +0000 (18:51 +0000)]
Add missing test event
This test event was missing from channel.c causing the dial_LS_options
test to fail intermittently because of a race condition where most code
paths emitted the test event but this one did not. The dial_LS_options
test should stop bouncing now.
........
Merged revisions 378455 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378459 from http://svn.asterisk.org/svn/asterisk/branches/11
Prevent crashes in res_xmpp when receiving large messages
Similar to r378287, res_xmpp was marshaling data read from an external source
onto the stack. For a sufficiently large message, this could cause a stack
overflow. This patch modifies res_xmpp in a similar fashion to res_jabber by
removing the stack allocation, as it was unnecessary.
Merged revisions 378411 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r378414 | tilghman | 2013-01-03 10:04:11 -0600 (Thu, 03 Jan 2013) | 11 lines
Add aliases to the Directory.
This is an interesting feature that allows additional strings to be used to
search the Directory, primarily intended to be used with nicknames, but could
be used with affiliations and the like. Because the name field is used in
more than one place (such as email notifications), it is important that these
additional strings not be placed in the name field, but be specified
separately.
Tilghman Lesher [Thu, 3 Jan 2013 16:04:11 +0000 (16:04 +0000)]
Add aliases to the Directory.
This is an interesting feature that allows additional strings to be used to
search the Directory, primarily intended to be used with nicknames, but could
be used with affiliations and the like. Because the name field is used in
more than one place (such as email notifications), it is important that these
additional strings not be placed in the name field, but be specified
separately.
Matthew Jordan [Thu, 3 Jan 2013 15:37:31 +0000 (15:37 +0000)]
Prevent crashes in res_xmpp when receiving large messages
Similar to r378287, res_xmpp was marshaling data read from an external source
onto the stack. For a sufficiently large message, this could cause a stack
overflow. This patch modifies res_xmpp in a similar fashion to res_jabber by
removing the stack allocation, as it was unnecessary.
Fix AMI redirect action with two channels failing to redirect both channels.
The AMI redirect action can fail to redirect two channels that are bridged
together. There is a race between the AMI thread redirecting the two
channels and the bridge thread noticing that a channel is hungup from the
redirects.
* Made the bridge wait for both channels to be redirected before exiting.
* Made the AMI redirect check that all required headers are present before
proceeding with the redirection.
* Made the AMI redirect require that any supplied ExtraChannel exist
before proceeding. Previously the code fell back to a single channel
redirect operation.
(closes issue ASTERISK-18975)
Reported by: Ben Klang
Merged revisions 378356 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378358 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r378377 | mjordan | 2013-01-02 16:10:32 -0600 (Wed, 02 Jan 2013) | 24 lines
Prevent crashes from occurring when reading from data sources with large values
When reading configuration data from an Asterisk .conf file or when pulling
data from an Asterisk RealTime backend, Asterisk was copying the data on the
stack for manipulation. Unfortunately, it is possible to read configuration
data or realtime data from some data source that provides a large blob of
characters. This could potentially cause a crash via a stack overflow.
This patch prevents large sets of data from being read from an ARA backend or
from an Asterisk conf file.
Merged revisions 378375 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378376 from http://svn.asterisk.org/svn/asterisk/branches/11
................
r378384 | mjordan | 2013-01-02 16:19:32 -0600 (Wed, 02 Jan 2013) | 11 lines
Clean up app_mysql's application entry points to properly parse arguments
When parsing arguments, application entry points should not attempt to
directly modify the parameters to the function. This patch properly duplicates
the passed in parameters before attempting to parse them.
Matthew Jordan [Wed, 2 Jan 2013 22:19:32 +0000 (22:19 +0000)]
Clean up app_mysql's application entry points to properly parse arguments
When parsing arguments, application entry points should not attempt to
directly modify the parameters to the function. This patch properly duplicates
the passed in parameters before attempting to parse them.
Matthew Jordan [Wed, 2 Jan 2013 22:10:32 +0000 (22:10 +0000)]
Prevent crashes from occurring when reading from data sources with large values
When reading configuration data from an Asterisk .conf file or when pulling
data from an Asterisk RealTime backend, Asterisk was copying the data on the
stack for manipulation. Unfortunately, it is possible to read configuration
data or realtime data from some data source that provides a large blob of
characters. This could potentially cause a crash via a stack overflow.
This patch prevents large sets of data from being read from an ARA backend or
from an Asterisk conf file.
Richard Mudgett [Wed, 2 Jan 2013 21:23:16 +0000 (21:23 +0000)]
Fix AMI redirect action with two channels failing to redirect both channels.
The AMI redirect action can fail to redirect two channels that are bridged
together. There is a race between the AMI thread redirecting the two
channels and the bridge thread noticing that a channel is hungup from the
redirects.
* Made the bridge wait for both channels to be redirected before exiting.
* Made the AMI redirect check that all required headers are present before
proceeding with the redirection.
* Made the AMI redirect require that any supplied ExtraChannel exist
before proceeding. Previously the code fell back to a single channel
redirect operation.
(closes issue ASTERISK-18975)
Reported by: Ben Klang
Prevent exhaustion of system resources through exploitation of event cache
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
Matthew Jordan [Wed, 2 Jan 2013 18:11:59 +0000 (18:11 +0000)]
Prevent exhaustion of system resources through exploitation of event cache
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
Resolve crashes due to large stack allocations when using TCP
Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.
This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
* For SIP, the allocation now has an upper limit
* For HTTP, the allocation is now a heap allocation instead of a stack
allocation
* For XMPP (in res_jabber), the allocation has been eliminated since it was
unnecesary.
Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.
Matthew Jordan [Wed, 2 Jan 2013 15:39:42 +0000 (15:39 +0000)]
Resolve crashes due to large stack allocations when using TCP
Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.
This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
* For SIP, the allocation now has an upper limit
* For HTTP, the allocation is now a heap allocation instead of a stack
allocation
* For XMPP (in res_jabber), the allocation has been eliminated since it was
unnecesary.
Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.
Bail out early when building an ast_trans_pvt and the translator doesn't supply a 'newpvt'
........
r378249 | seanbright | 2013-01-01 11:10:42 -0600 (Tue, 01 Jan 2013) | 2 lines
Revert 378248. I changed the logic of this function unitentionally, pointed out by file.
........
Ensure chan_sip rejects encrypted streams without crypto info
This ensures that Asterisk rejects encrypted media streams (RTP/SAVP
audio and video) that are missing cryptographic keys and ensures that
the incoming SDP is consistent with RFC4568 as far as having a crypto
attribute present for any SAVP streams.
Kinsey Moore [Mon, 31 Dec 2012 14:46:06 +0000 (14:46 +0000)]
Ensure chan_sip rejects encrypted streams without crypto info
This ensures that Asterisk rejects encrypted media streams (RTP/SAVP
audio and video) that are missing cryptographic keys and ensures that
the incoming SDP is consistent with RFC4568 as far as having a crypto
attribute present for any SAVP streams.
* awesome_locking() does not need to thrash the pvt lock as much.
* local_setoption() does not need to check for NULL pvt on cleanup since
it will never be NULL.
* Made ref the pvt before locking for consistency.
................
r378074 | qwell | 2012-12-17 14:59:51 -0600 (Mon, 17 Dec 2012) | 10 lines
Make libasteriskssl.so symlink use a relative path.
This was causing issues when using DESTDIR, since the path to which the link
pointed is not likely to exist (and not useful to exist) on the target system.
(issue ASTNOW-284)
........
Merged revisions 378073 from http://svn.asterisk.org/svn/asterisk/branches/11
................
Jason Parker [Mon, 17 Dec 2012 20:59:51 +0000 (20:59 +0000)]
Make libasteriskssl.so symlink use a relative path.
This was causing issues when using DESTDIR, since the path to which the link
pointed is not likely to exist (and not useful to exist) on the target system.
(issue ASTNOW-284)
........
Merged revisions 378073 from http://svn.asterisk.org/svn/asterisk/branches/11