George Joseph [Thu, 17 Oct 2024 14:02:08 +0000 (08:02 -0600)]
Add SHA-256 and SHA-512-256 as authentication digest algorithms
* Refactored pjproject code to support the new algorithms and
added a patch file to third-party/pjproject/patches
* Added new parameters to the pjsip auth object:
* password_digest = <algorithm>:<digest>
* supported_algorithms_uac = List of algorithms to support
when acting as a UAC.
* supported_algorithms_uas = List of algorithms to support
when acting as a UAS.
See the auth object in pjsip.conf.sample for detailed info.
* Updated both res_pjsip_authenticator_digest.c (for UAS) and
res_pjsip_outbound_authentocator_digest.c (UAC) to suport the
new algorithms.
The new algorithms are only available with the bundled version
of pjproject, or an external version > 2.14.1. OpenSSL version
1.1.1 or greater is required to support SHA-512-256.
Resolves: #948
UserNote: The SHA-256 and SHA-512-256 algorithms are now available
for authentication as both a UAS and a UAC.
Allan Nathanson [Wed, 30 Oct 2024 20:52:41 +0000 (16:52 -0400)]
config.c: retain leading whitespace before comments
Configurations loaded with the ast_config_load2() API and later written
out with ast_config_text_file_save2() will have any leading whitespace
stripped away. The APIs should make reasonable efforts to maintain the
content and formatting of the configuration files.
This change retains any leading whitespace from comment lines that start
with a ";".
George Joseph [Fri, 3 Jan 2025 22:38:52 +0000 (15:38 -0700)]
Add C++ Standard detection to configure and fix a new C++20 compile issue
* The autoconf-archive package contains macros useful for detecting C++
standard and testing other C++ capabilities but that package was never
included in the install_prereq script so many existing build environments
won't have it. Even if it is installed, older versions won't newer C++
standards and will actually cause an error if you try to test for that
version. To make it available for those environments, the
ax_cxx_compile_stdcxx.m4 macro has copied from the latest release of
autoconf-archive into the autoconf directory.
* A convenience wrapper(ast_cxx_check_std) around ax_cxx_compile_stdcxx was
also added so checking the standard version and setting the
asterisk-specific PBX_ variables becomes a one-liner:
`AST_CXX_CHECK_STD([std], [force_latest_std])`.
Calling that with a version of `17` for instance, will set PBX_CXX17
to 0 or 1 depending on whether the current c++ compiler supports stdc++17.
HAVE_CXX17 will also be 'defined" or not depending on the result.
* C++ compilers hardly ever default to the latest standard they support. g++
version 14 for instance supports up to C++23 but only uses C++17 by default.
If you want to use C++23, you have to add `-std=gnu++=23` to the g++
command line. If you set the second argument of AST_CXX_CHECK_STD to "yes",
the macro will automatically keep the highest `-std=gnu++` value that
worked and pass that to the Makefiles.
* The autoconf-archive package was added to install_prereq for future use.
* Updated configure.ac to use AST_CXX_CHECK_STD() to check for C++
versions 11, 14, 17, 20 and 23.
* Updated configure.ac to accept the `--enable-latest-cxx-std` option which
will set the second option to AST_CXX_CHECK_STD() to "yes". The default
is "no".
* ast_copy_string() in strings.h declares the 'sz' variable as volatile and
does an `sz--` on it later. C++20 no longer allows the `++` and `--`
increment and decrement operators to be used on variables declared as
volatile however so that was changed to `sz -= 1`.
Naveen Albert [Mon, 16 Dec 2024 13:43:04 +0000 (08:43 -0500)]
chan_dahdi: Fix wrong channel state when RINGING recieved.
Previously, when AST_CONTROL_RINGING was received by
a DAHDI device, it would set its channel state to
AST_STATE_RINGING. However, an analysis of the codebase
and other channel drivers reveals RINGING corresponds to
physical power ringing, whereas AST_STATE_RING should be
used for audible ringback on the channel. This also ensures
the correct device state is returned by the channel state
to device state conversion.
Since there seems to be confusion in various places regarding
AST_STATE_RING vs. AST_STATE_RINGING, some documentation has
been added or corrected to clarify the actual purposes of these
two channel states, and the associated device state mapping.
An edge case that prompted this fix, but isn't explicitly
addressed here, is that of an incoming call to an FXO port.
The channel state will be "Ring", which maps to a device state
of "In Use", not "Ringing" as would be more intuitive. However,
this is semantic, since technically, Asterisk is treating this
the same as any other incoming call, and so "Ring" is the
semantic state (put another way, Asterisk isn't ringing anything,
like in the cases where channels are in the "Ringing" state).
Since FXO ports don't currently support Call Waiting, a suitable
workaround for the above would be to ignore the device state and
instead check the channel state (e.g. IMPORT(DAHDI/1-1,CHANNEL(state)))
since it will be Ring if the FXO port is idle (but a call is ringing
on it) and Up if the FXO port is actually in use. (In both cases,
the device state would misleadingly be "In Use".)
Upgrade bundled pjproject to 2.15.1
Resolves: asterisk#1016
UserNote: Bundled pjproject has been upgraded to 2.15.1. For more
information visit pjproject Github page: https://github.com/pjsip/pjproject/releases/tag/2.15.1
George Joseph [Tue, 31 Dec 2024 18:10:20 +0000 (11:10 -0700)]
Header fixes for compiling C++ source files
A few tweaks needed to be done to some existing header files to allow them to
be compiled when included from C++ source files.
logger.h had declarations for ast_register_verbose() and
ast_unregister_verbose() which caused C++ issues but those functions were
actually removed from logger.c many years ago so the declarations were just
removed from logger.h.
George Joseph [Fri, 27 Dec 2024 15:19:08 +0000 (08:19 -0700)]
Add ability to pass arguments to unit tests from the CLI
Unit tests can now be passed custom arguments from the command
line. For example, the following command would run the "mytest" test
in the "/main/mycat" category with the option "myoption=54"
`CLI> test execute category /main/mycat name mytest options myoption=54`
You can also pass options to an entire category...
`CLI> test execute category /main/mycat options myoption=54`
Basically, everything after the "options" keyword is passed verbatim to
the test which must decide what to do with it.
* A new API ast_test_get_cli_args() was created to give the tests access to
the cli_args->argc and cli_args->argv elements.
* Although not needed for the option processing, a new macro
ast_test_validate_cleanup_custom() was added to test.h that allows you
to specify a custom error message instead of just "Condition failed".
* The test_skel.c was updated to demonstrate parsing options and the use
of the ast_test_validate_cleanup_custom() macro.
Kent [Tue, 3 Dec 2024 14:24:44 +0000 (08:24 -0600)]
res_pjsip: Add new AOR option "qualify_2xx_only"
Added a new option "qualify_2xx_only" to the res_pjsip AOR qualify
feature to mark a contact as available only if an OPTIONS request
returns a 2XX response. If the option is not specified or is false,
any response to the OPTIONS request marks the contact as available.
UserNote: The pjsip.conf AOR section now has a "qualify_2xx_only"
option that can be set so that only 2XX responses to OPTIONS requests
used to qualify a contact will mark the contact as available.
Jaco Kroon [Tue, 10 Dec 2024 19:47:49 +0000 (21:47 +0200)]
res_odbc: release threads from potential starvation.
Whenever a slot is freed up due to a failed connection, wake up a waiter
before failing.
In the case of a dead connection there could be waiters, for example,
let's say two threads tries to acquire objects at the same time, with
one in the cached connections, one will acquire the dead connection, and
the other will enter into the wait state. The thread with the dead
connection will clear up the dead connection, and then attempt a
re-acquire (at this point there cannot be cached connections else the
other thread would have received that and tried to clean up), as such,
at this point we're guaranteed that either there are no waiting threads,
or that the maxconnections - connection_cnt threads will attempt to
re-acquire connections, and then either succeed, using those
connections, or failing, and then signalling to release more waiters.
Also fix the pointer log for ODBC handle %p dead which would always
reflect NULL.
George Joseph [Mon, 9 Dec 2024 19:54:53 +0000 (12:54 -0700)]
Allow C++ source files (as extension .cc) in the main directory
Although C++ files (as extension .cc) have been handled in the module
directories for many years, the main directory was missing one line in its
Makefile that prevented C++ files from being recognised there.
Sometimes it's impossible to get a file extension from URL
(eg. http://example.com/gsm/your) so we have to rely on content-type header.
Currenly, asterisk does not support content-type for gsm format(unlike wav).
Added audio/gsm according to https://www.rfc-editor.org/rfc/rfc4856.html
Maksim Nesterov [Sun, 1 Dec 2024 19:42:50 +0000 (19:42 +0000)]
func_uuid: Add a new dialplan function to generate UUIDs
This function is useful for uniquely identifying calls, recordings, and other entities in distributed environments, as well as for generating an argument for the AudioSocket application.
Sperl Viktor [Wed, 27 Nov 2024 16:36:39 +0000 (17:36 +0100)]
app_queue: allow dynamically adding a queue member in paused state.
Fixes: #1007
UserNote: use the p option of AddQueueMember() for paused member state.
Optionally, use the r(reason) option to specify a custom reason for the pause.
chan_pjsip: Send VIDUPDATE RTP frame for all H.264 streams
Currently, when a chan_pjsip channel receives a VIDUPDATE indication,
an RTP VIDUPDATE frame is only queued on a H.264 stream if WebRTC is
enabled on that endpoint. This restriction does not really make sense.
Now, a VIDUPDATE RTP frame is written even if WebRTC is not enabled (as
is the case with VP8, VP9, and H.265 streams).
Tinet-mucw [Thu, 22 Aug 2024 06:42:19 +0000 (14:42 +0800)]
audiohook.c: resolving the issue with audiohook both reading when packet loss on one side of the call
When there is 0% packet loss on one side of the call and 15% packet loss on the other side, reading frame is often failed when reading direction_both audiohook. when read_factory available = 0, write_factory available = 320; i think write factory is usable read; because after reading one frame, there is still another frame that can be read together with the next read factory frame.
Mike Pultz [Thu, 21 Nov 2024 06:42:44 +0000 (01:42 -0500)]
manager.c: Add Processed Call Count to CoreStatus output
This update adds the processed call count to the CoreStatus AMI Action responsie. This output is
similar to the values returned by "core show channels" or "core show calls" in the CLI.
UserNote: The current processed call count is now returned as CoreProcessedCalls from the
CoreStatus AMI Action.
Mike Pultz [Sat, 9 Nov 2024 19:19:49 +0000 (14:19 -0500)]
func_curl.c: Add additional CURL options for SSL requests
This patch adds additional CURL TLS options / options to support mTLS authenticated requests:
* ssl_verifyhost - perform a host verification on the peer certificate (CURLOPT_SSL_VERIFYHOST)
* ssl_cainfo - define a CA certificate file (CURLOPT_CAINFO)
* ssl_capath - define a CA certificate directory (CURLOPT_CAPATH)
* ssl_cert - define a client certificate for the request (CURLOPT_SSLCERT)
* ssl_certtype - specify the client certificate type (CURLOPT_SSLCERTTYPE)
* ssl_key - define a client private key for the request (CURLOPT_SSLKEY)
* ssl_keytype - specify the client private key type (CURLOPT_SSLKEYTYPE)
* ssl_keypasswd - set a password for the private key, if required (CURLOPT_KEYPASSWD)
UserNote: The following new configuration options are now available
in the res_curl.conf file, and the CURL() function: 'ssl_verifyhost'
(CURLOPT_SSL_VERIFYHOST), 'ssl_cainfo' (CURLOPT_CAINFO), 'ssl_capath'
(CURLOPT_CAPATH), 'ssl_cert' (CURLOPT_SSLCERT), 'ssl_certtype'
(CURLOPT_SSLCERTTYPE), 'ssl_key' (CURLOPT_SSLKEY), 'ssl_keytype',
(CURLOPT_SSLKEYTYPE) and 'ssl_keypasswd' (CURLOPT_KEYPASSWD). See the
libcurl documentation for more details.
Naveen Albert [Thu, 14 Nov 2024 14:15:45 +0000 (09:15 -0500)]
sig_analog: Fix regression with FGD and E911 signaling.
Commit 466eb4a52b69e6dead7ebba13a83f14ef8a559c1 introduced a regression
which completely broke Feature Group D and E911 signaling, by removing
the call to analog_my_getsigstr, which affected multiple switch cases.
Restore the original behavior for all protocols except Feature Group C
CAMA (MF), which is all that patch was attempting to target.
George Joseph [Fri, 8 Nov 2024 18:22:12 +0000 (11:22 -0700)]
res_stir_shaken: Allow sending Identity headers for unknown TNs
Added a new option "unknown_tn_attest_level" to allow Identity
headers to be sent when a callerid TN isn't explicitly configured
in stir_shaken.conf. Since there's no TN object, a private_key_file
and public_cert_url must be configured in the attestation or profile
objects.
Since "unknown_tn_attest_level" uses the same enum as attest_level,
some of the sorcery macros had to be refactored to allow sharing
the enum and to/from string conversion functions.
Also fixed a memory leak in crypto_utils:pem_file_cb().
Resolves: #921
UserNote: You can now set the "unknown_tn_attest_level" option
in the attestation and/or profile objects in stir_shaken.conf to
enable sending Identity headers for callerid TNs not explicitly
configured.
Ben Ford [Tue, 17 Dec 2024 17:42:48 +0000 (11:42 -0600)]
manager.c: Restrict ListCategories to the configuration directory.
When using the ListCategories AMI action, it was possible to traverse
upwards through the directories to files outside of the configured
configuration directory. This action is now restricted to the configured
directory and an error will now be returned if the specified file is
outside of this limitation.
Resolves: #GHSA-33x6-fj46-6rfh
UserNote: The ListCategories AMI action now restricts files to the
configured configuration directory.
George Joseph [Fri, 15 Nov 2024 17:24:42 +0000 (10:24 -0700)]
res_pjsip: Change suppress_moh_on_sendonly to OPT_BOOL_T
The suppress_moh_on_sendonly endpoint option should have been
defined as OPT_BOOL_T in pjsip_configuration.c and AST_BOOL_VALUES
in the alembic script instead of OPT_YESNO_T and YESNO_VALUES.
Also updated contrib/ast-db-manage/README.md to indicate that
AST_BOOL_VALUES should always be used and provided an example.
George Joseph [Tue, 5 Nov 2024 18:30:55 +0000 (11:30 -0700)]
res_pjsip: Add new endpoint option "suppress_moh_on_sendonly"
Normally, when one party in a call sends Asterisk an SDP with
a "sendonly" or "inactive" attribute it means "hold" and causes
Asterisk to start playing MOH back to the other party. This can be
problematic if it happens at certain times, such as in a 183
Progress message, because the MOH will replace any early media you
may be playing to the calling party. If you set this option
to "yes" on an endpoint and the endpoint receives an SDP
with "sendonly" or "inactive", Asterisk will NOT play MOH back to
the other party.
Resolves: #979
UserNote: The new "suppress_moh_on_sendonly" endpoint option
can be used to prevent playing MOH back to a caller if the remote
end sends "sendonly" or "inactive" (hold) to Asterisk in an SDP.
George Joseph [Wed, 6 Nov 2024 17:31:08 +0000 (10:31 -0700)]
res_pjsip: Move tenantid to end of ast_sip_endpoint
The tenantid field was originally added to the ast_sip_endpoint
structure at the end of the AST_DECLARE_STRING_FIELDS block. This
caused everything after it in the structure to move down in memory
and break ABI compatibility. It's now at the end of the structure
as an AST_STRING_FIELD_EXTENDED. Given the number of string fields
in the structure now, the initial string field allocation was
also increased from 64 to 128 bytes.
Naveen Albert [Thu, 17 Oct 2024 13:18:45 +0000 (09:18 -0400)]
func_evalexten: Add EVAL_SUB function.
This adds an EVAL_SUB function, which is similar to the existing
EVAL_EXTEN function but significantly more powerful, as it allows
executing arbitrary dialplan and capturing its return value as
the function's output. While EVAL_EXTEN should be preferred if it
is possible to use it, EVAL_SUB can be used in a wider variety
of cases and allows arbitrary computation to be performed in
a dialplan function call, leveraging the dialplan.
George Joseph [Fri, 1 Nov 2024 14:22:14 +0000 (08:22 -0600)]
res_srtp: Change Unsupported crypto suite msg from verbose to debug
There's really no point in spamming logs with a verbose message
for every unsupported crypto suite an older client may send
in an SDP. If none are supported, there will be an error or
warning.
Ben Ford [Mon, 28 Oct 2024 19:06:29 +0000 (14:06 -0500)]
app_mixmonitor: Add 'D' option for dual-channel audio.
Adds the 'D' option to app_mixmonitor that interleaves the input and
output frames of the channel being recorded in the monitor output frame.
This allows for two streams in the recording: the transmitted audio and
the received audio. The 't' and 'r' options are compatible with this.
Fixes: #945
UserNote: The MixMonitor application now has a new 'D' option which
interleaves the recorded audio in the output frames. This allows for
stereo recording output with one channel being the transmitted audio and
the other being the received audio. The 't' and 't' options are
compatible with this.
Thomas Guebels [Mon, 28 Oct 2024 16:29:48 +0000 (17:29 +0100)]
pjsip_transport_events: Avoid monitor destruction
When a transport is disconnected, several events can arrive following
each other. The first event will be PJSIP_TP_STATE_DISCONNECT and it
will trigger the destruction of the transport monitor object. The lookup
for the transport monitor to destroy is done using the transport key,
that contains the transport destination host:port.
A reconnect attempt by pjsip will be triggered as soon something needs to
send a packet using that transport. This can happen directly after a
disconnect since ca
Subsequent events can arrive later like PJSIP_TP_STATE_DESTROY and will
also try to trigger the destruction of the transport monitor if not
already done. Since the lookup for the transport monitor to destroy is
done using the transport key, it can match newly created transports
towards the same destination and destroy their monitor object.
Because of this, it was sometimes not possible to monitor a transport
after one or more disconnections.
This fix adds an additional check on the transport pointer to ensure
only a monitor for that specific transport is removed.
Naveen Albert [Wed, 16 Oct 2024 21:46:42 +0000 (17:46 -0400)]
app_dial: Fix progress timeout calculation with no answer timeout.
If to_answer is -1, simply comparing to see if the progress timeout
is smaller than the answer timeout to prefer it will fail. Add
an additional check that chooses the progress timeout if there is
no answer timeout (or as before, if the progress timeout is smaller).
George Joseph [Thu, 17 Oct 2024 15:51:38 +0000 (09:51 -0600)]
pjproject_bundled: Tweaks to support out-of-tree development
* pjproject is now configured with --disable-libsrtp so it will
build correctly when doing "out-of-tree" development. Asterisk
doesn't use pjproject for handling media so pjproject doesn't
need libsrtp itself.
* The pjsua app (which we used to use for the testsuite) no longer
builds in pjproject's master branch so we just skip it. The
testsuite no longer needs it anyway.
See third-party/pjproject/README-hacking.md for more info on building
pjproject "out-of-tree".
The original change from 16 to 15 bit sequence numbers was predicated
on the following from the now-defunct libSRTP FAQ on sourceforge.net:
> *Q6. The use of implicit synchronization via ROC seems
> dangerous. Can senders and receivers lose ROC synchronization?*
>
> **A.** It is possible to lose ROC synchronization between sender and
> receiver(s), though it is not likely in practice, and practical
> steps can be taken to avoid it. A burst loss of 2^16 packets or more
> will always break synchronization. For example, a conversational
> voice codec that sends 50 packets per second will have its ROC
> increment about every 22 minutes. A network with a burst of packet
> loss that long has problems other than ROC synchronization.
>
> There is a higher sensitivity to loss at the very outset of an SRTP
> stream. If the sender's initial sequence number is close to the
> maximum value of 2^16-1, and all packets are lost from the initial
> packet until the sequence number cycles back to zero, the sender
> will increment its ROC, but the receiver will not. The receiver
> cannot determine that the initial packets were lost and that
> sequence-number rollover has occurred. In this case, the receiver's
> ROC would be zero whereas the sender's ROC would be one, while their
> sequence numbers would be so close that the ROC-guessing algorithm
> could not detect this fact.
>
> There is a simple solution to this problem: the SRTP sender should
> randomly select an initial sequence number that is always less than
> 2^15. This ensures correct SRTP operation so long as fewer than 2^15
> initial packets are lost in succession, which is within the maximum
> tolerance of SRTP packet-index determination (see Appendix A and
> page 14, first paragraph of RFC 3711). An SRTP receiver should
> carefully implement the index-guessing algorithm. A naive
> implementation can unintentionally guess the value of
> 0xffffffffffffLL whenever the SEQ in the packet is greater than 2^15
> and the locally stored SEQ and ROC are zero. (This can happen when
> the implementation fails to treat those zero values as a special
> case.)
>
> When ROC synchronization is lost, the receiver will not be able to
> properly process the packets. If anti-replay protection is turned
> on, then the desynchronization will appear as a burst of replay
> check failures. Otherwise, if authentication is being checked, then
> it will appear as a burst of authentication failures. Otherwise, if
> encryption is being used, the desynchronization may not be detected
> by the SRTP layer, and the packets may be improperly decrypted.
However, modern libSRTP (as of 1.0.1[1]) now mentions the following in
their README.md[2]:
> The sequence number in the rtp packet is used as the low 16 bits of
> the sender's local packet index. Note that RTP will start its
> sequence number in a random place, and the SRTP layer just jumps
> forward to that number at its first invocation. An earlier version
> of this library used initial sequence numbers that are less than
> 32,768; this trick is no longer required as the
> rdbx_estimate_index(...) function has been made smarter.
So truncating our initial sequence number to 15 bit is no longer
necessary.
George Joseph [Tue, 15 Oct 2024 17:11:28 +0000 (11:11 -0600)]
core_unreal.c: Fix memory leak in ast_unreal_new_channels()
When the channel tech is multistream capable, the reference to
chan_topology was passed to the new channel. When the channel tech
isn't multistream capable, the reference to chan_topology was never
released. "Local" channels are multistream capable so it didn't
affect them but the confbridge "CBAnn" and the bridge_media
"Recorder" channels are not so they caused a leak every time one
of them was created.
Also added tracing to ast_stream_topology_alloc() and
stream_topology_destroy() to assist with debugging.
Allan Nathanson [Sun, 29 Sep 2024 22:45:51 +0000 (18:45 -0400)]
dnsmgr.c: dnsmgr_refresh() incorrectly flags change with DNS round-robin
The dnsmgr_refresh() function checks to see if the IP address associated
with a name/service has changed. The gotcha is that the ast_get_ip_or_srv()
function only returns the first IP address returned by the DNS query. If
there are multiple IPs associated with the name and the returned order is
not consistent (e.g. with DNS round-robin) then the other IP addresses are
not included in the comparison and the entry is flagged as changed even
though the IP is still valid.
Updated the code to check all IP addresses and flag a change only if the
original IP is no longer valid.
Naveen Albert [Thu, 3 Oct 2024 21:33:39 +0000 (17:33 -0400)]
app_dial: Fix progress timeout.
Under some circumstances, the progress timeout feature added in commit 320c98eec87c473bfa814f76188a37603ea65ddd does not work as expected,
such as if there is no media flowing. Adjust the waitfor call to
explicitly use the progress timeout if it would be reached sooner than
the answer timeout to ensure we handle the timers properly.
Naveen Albert [Wed, 2 Oct 2024 00:24:00 +0000 (20:24 -0400)]
chan_dahdi: Never send MWI while off-hook.
In some circumstances, it is possible for the do_monitor thread to
erroneously think that a line is on-hook and send an MWI FSK spill
to it when the line is really off-hook and no MWI should be sent.
Commit 0a8b3d34673277b70be6b0e8ac50191b1f3c72c6 previously fixed this
issue in a more readily encountered scenario, but it has still been
possible for MWI to be sent when it shouldn't be. To robustly fix
this issue, query DAHDI for the hook status to ensure we don't send
MWI on a line that is actually still off hook.
Sean Bright [Mon, 30 Sep 2024 15:48:56 +0000 (11:48 -0400)]
res_agi.c: Ensure SIGCHLD handler functions are properly balanced.
Calls to `ast_replace_sigchld()` and `ast_unreplace_sigchld()` must be
balanced to ensure that we can capture the exit status of child
processes when we need to. This extends to functions that call
`ast_replace_sigchld()` and `ast_unreplace_sigchld()` such as
`ast_safe_fork()` and `ast_safe_fork_cleanup()`.
The primary change here is ensuring that we do not call
`ast_safe_fork_cleanup()` in `res_agi.c` if we have not previously
called `ast_safe_fork()`.
Additionally we reinforce some of the documentation and add an
assertion to, ideally, catch this sooner were this to happen again.
Naveen Albert [Sun, 29 Sep 2024 13:26:10 +0000 (09:26 -0400)]
main, res, tests: Fix compilation errors on FreeBSD.
asterisk.c, manager.c: Increase buffer sizes to avoid truncation warnings.
config.c: Include header file for WIFEXITED/WEXITSTATUS macros.
res_timing_kqueue: Use more portable format specifier.
test_crypto: Use non-linux limits.h header file.
George Joseph [Mon, 16 Sep 2024 21:17:28 +0000 (15:17 -0600)]
res_rtp_asterisk: Fix dtls timer issues causing FRACKs and SEGVs
In dtls_srtp_handle_timeout(), when DTLSv1_get_timeout() returned
success but with a timeout of 0, we were stopping the timer and
decrementing the refcount on instance but not resetting the
timeout_timer to -1. When dtls_srtp_stop_timeout_timer()
was later called, it was atempting to stop a stale timer and could
decrement the refcount on instance again which would then cause
the instance destructor to run early. This would result in either
a FRACK or a SEGV when ast_rtp_stop(0 was called.
According to the OpenSSL docs, we shouldn't have been stopping the
timer when DTLSv1_get_timeout() returned success and the new timeout
was 0 anyway. We should have been calling DTLSv1_handle_timeout()
again immediately so we now reschedule the timer callback for
1ms (almost immediately).
Additionally, instead of scheduling the timer callback at a fixed
interval returned by the initial call to DTLSv1_get_timeout()
(usually 999 ms), we now reschedule the next callback based on
the last call to DTLSv1_get_timeout().
Ben Ford [Wed, 25 Sep 2024 18:05:58 +0000 (13:05 -0500)]
manager.c: Restrict ModuleLoad to the configured modules directory.
When using the ModuleLoad AMI action, it was possible to traverse
upwards through the directories to files outside of the configured
modules directory. We decided it would be best to restrict access to
modules exclusively in the configured directory. You will now get an
error when the specified module is outside of this limitation.
Fixes: #897
UserNote: The ModuleLoad AMI action now restricts modules to the
configured modules directory.
res_agi.c: Prevent possible double free during `SPEECH RECOGNIZE`
When using the speech recognition module, crashes can occur
sporadically due to a "double free or corruption (out)" error. Now, in
the section where the audio stream is being captured in a loop, each
time after releasing fr, it is set to NULL to prevent repeated
deallocation.
Naveen Albert [Tue, 24 Sep 2024 11:29:59 +0000 (07:29 -0400)]
astfd.c: Avoid calling fclose with NULL argument.
Don't pass through a NULL argument to fclose, which is undefined
behavior, and instead return -1 and set errno appropriately. This
also avoids a compiler warning with glibc 2.38 and newer, as glibc
commit 71d9e0fe766a3c22a730995b9d024960970670af
added the nonnull attribute to this argument.
Peter Jannesen [Fri, 20 Sep 2024 20:13:08 +0000 (22:13 +0200)]
channel: Preserve CHANNEL(userfield) on masquerade.
In certain circumstances a channel may undergo an operation
referred to as a masquerade. If this occurs the CHANNEL(userfield)
value was not preserved causing it to get lost. This change makes
it so that this field is now preserved.
George Joseph [Fri, 20 Sep 2024 13:47:53 +0000 (07:47 -0600)]
Fix application references to Background
The app is actually named "BackGround" but several references
in XML documentation were spelled "Background" with the lower
case "g". This was causing documentation links to return
"not found" messages.
George Joseph [Wed, 31 Jul 2024 22:05:45 +0000 (16:05 -0600)]
manager: Enhance event filtering for performance
UserNote: You can now perform more granular filtering on events
in manager.conf using expressions like
`eventfilter(name(Newchannel),header(Channel),method(starts_with)) = PJSIP/`
This is much more efficient than
`eventfilter = Event: Newchannel.*Channel: PJSIP/`
Full syntax guide is in configs/samples/manager.conf.sample.
George Joseph [Wed, 11 Sep 2024 16:06:17 +0000 (10:06 -0600)]
db.c: Remove limit on family/key length
Consumers like media_cache have been running into issues with
the previous astdb "/family/key" limit of 253 bytes when needing
to store things like long URIs. An Amazon S3 URI is a good example
of this. Now, instead of using a static 256 byte buffer for
"/family/key", we use ast_asprintf() to dynamically create it.
Both test_db.c and test_media_cache.c were also updated to use
keys/URIs over the old 253 character limit.
Resolves: #881
UserNote: The `ast_db_*()` APIs have had the 253 byte limit on
"/family/key" removed and will now accept families and keys with a
total length of up to SQLITE_MAX_LENGTH (currently 1e9!). This
affects the `DB*` dialplan applications, dialplan functions,
manager actions and `databse` CLI commands. Since the
media_cache also uses the `ast_db_*()` APIs, you can now store
resources with URIs longer than 253 bytes.
George Joseph [Tue, 24 Sep 2024 16:16:16 +0000 (10:16 -0600)]
stir_shaken: Fix propagation of attest_level and a few other values
attest_level, send_mky and check_tn_cert_public_url weren't
propagating correctly from the attestation object to the profile
and tn.
* In the case of attest_level, the enum needed to be changed
so the "0" value (the default) was "NOT_SET" instead of "A". This
now allows the merging of the attestation object, profile and tn
to detect when a value isn't set and use the higher level value.
* For send_mky and check_tn_cert_public_url, the tn default was
forced to "NO" which always overrode the profile and attestation
objects. Their defaults are now "NOT_SET" so the propagation
happens correctly.
* Just to remove some redundant code in tn_config.c, a bunch of calls to
generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were
replaced with a single call to generate_acfg_common_sorcery_handlers().
George Joseph [Tue, 17 Sep 2024 16:03:59 +0000 (10:03 -0600)]
res_stir_shaken: Remove stale include for jansson.h in verification.c
verification.c had an include for jansson.h left over from previous
versions of the module. Since res_stir_shaken no longer has a
dependency on jansson, the bundled version wasn't added to GCC's
include path so if you didn't also have a jansson development package
installed, the compile would fail. Removing the stale include
was the only thing needed.
George Joseph [Fri, 13 Sep 2024 14:23:08 +0000 (08:23 -0600)]
res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
* If the call to ast_config_load() returns CONFIG_STATUS_FILEINVALID,
check_for_old_config() now returns LOAD_DECLINE instead of continuing
on with a bad pointer.
* If CONFIG_STATUS_FILEMISSING is returned, check_for_old_config()
assumes the config is being loaded from realtime and now returns
LOAD_SUCCESS. If it's actually not being loaded from realtime,
sorcery will catch that later on.
* Also refactored the error handling in load_module() a bit.
George Joseph [Wed, 11 Sep 2024 16:19:23 +0000 (10:19 -0600)]
res_stir_shaken: Check for disabled before param validation
For both attestation and verification, we now check whether they've
been disabled either globally or by the profile before validating
things like callerid, orig_tn, dest_tn, etc. This prevents useless
error messages.
app_chanspy.c: resolving the issue writing frame to whisper audiohook.
ChanSpy(${channel}, qEoSw): because flags set o, ast_audiohook_set_frame_feed_direction(audiohook, AST_AUDIOHOOK_DIRECTION_READ); this will effect whisper audiohook and spy audiohook, this makes writing frame to whisper audiohook impossible. So add function start_whispering to starting whisper audiohook.
George Joseph [Mon, 12 Aug 2024 17:58:12 +0000 (11:58 -0600)]
res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback
The ub_result pointer passed to unbound_resolver_callback by
libunbound can be NULL if the query was for something malformed
like `.1` or `[.1]`. If it is, we now set a 'ns_r_formerr' result
and return instead of crashing with a SEGV. This causes pjproject
to simply cancel the transaction with a "No answer record in the DNS
response" error. The existing "off nominal" unit test was also
updated to check this condition.
Although not necessary for this fix, we also made
ast_dns_resolver_completed() tolerant of a NULL result.
Mike Bradeen [Wed, 21 Aug 2024 16:11:31 +0000 (10:11 -0600)]
res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch
When Asterisk sends an offer to Bob that includes 48K and 8K codecs with
matching 4733 offers, Bob may want to use the 48K audio codec but can not
accept 48K digits and so negotiates for a mixed set.
Asterisk will now check Bob's offer to make sure Bob has indicated this is
acceptible and if not, will use Bob's preference.
Tinet-mucw [Fri, 30 Aug 2024 05:45:32 +0000 (13:45 +0800)]
app_chanspy.c: resolving the issue with audiohook direction read
ChanSpy(${channel}, qEoS): When chanspy spy the direction read, reading frame is often failed when reading direction read audiohook. because chanspy only read audiohook direction read; write_factory_ms will greater than 100ms soon, then ast_slinfactory_flush will being called, then direction read will fail.
George Joseph [Sat, 17 Aug 2024 18:13:40 +0000 (12:13 -0600)]
security_agreements.c: Refactor the to_str functions and fix a few other bugs
* A static array of security mechanism type names was created.
* ast_sip_str_to_security_mechanism_type() was refactored to do
a lookup in the new array instead of using fixed "if/else if"
statments.
* security_mechanism_to_str() and ast_sip_security_mechanisms_to_str()
were refactored to use ast_str instead of a fixed length buffer
to store the result.
* ast_sip_security_mechanism_type_to_str was removed in favor of
just referencing the new type name array. Despite starting with
"ast_sip_", it was a static function so removing it doesn't affect
ABI.
* Speaking of "ast_sip_", several other static functions that
started with "ast_sip_" were renamed to avoid confusion about
their public availability.
* A few VECTOR free loops were replaced with AST_VECTOR_RESET().
* Fixed a meomry leak in pjsip_configuration.c endpoint_destructor
caused by not calling ast_sip_security_mechanisms_vector_destroy().
* Fixed a memory leak in res_pjsip_outbound_registration.c
add_security_headers() caused by not specifying OBJ_NODATA in
an ao2_callback.
Alexei Gradinari [Fri, 23 Aug 2024 20:28:24 +0000 (16:28 -0400)]
res_pjsip_sdp_rtp fix leaking astobj2 ast_format
PR #700 added a preferred_format for the struct ast_rtp_codecs,
but when set the preferred_format it leaks an astobj2 ast_format.
In the next code
ast_rtp_codecs_set_preferred_format(&codecs, ast_format_cap_get_format(joint, 0));
both functions ast_rtp_codecs_set_preferred_format
and ast_format_cap_get_format increases the ao2 reference count.
Cade Parker [Wed, 7 Aug 2024 21:11:16 +0000 (16:11 -0500)]
chan_mobile: decrease CHANNEL_FRAME_SIZE to prevent delay
On modern Bluetooth devices or lower-powered asterisk servers, decreasing the channel frame size significantly improves latency and delay on outbound calls with only a mild sacrifice to the quality of the call (the frame size before was massive overkill to begin with)
George Joseph [Thu, 8 Aug 2024 16:57:14 +0000 (10:57 -0600)]
manager.c: Fix FRACK when doing CoreShowChannelMap in DEVMODE
If you run an AMI CoreShowChannelMap on a channel that isn't in a
bridge and you're in DEVMODE, you can get a FRACK because the
bridge id is empty. We now simply return an empty list for that
request.
projects / thirdparty / asterisk.git / log
