Follow-on to #244 and #960 regarding how the ast_config_XXX APIs
handle template inheritance.
ast_config_text_file_save2() incorrectly suppressed variables if they
matched any ancestor template. This broke deep chains (dropping values
based on distant parents) and wide inheritance (ignoring last-wins order
across multiple parents).
The function now inspects the full template hierarchy to find the nearest
effective parent (last occurrence wins). Earlier inherited duplicates are
collapsed, explicit overrides are kept unless they exactly match the parent,
and PreserveEffectiveContext avoids writing redundant lines.
Resolves: #1451
In __rtp_sendto(), the check for DTLS negotiation completion for rtcp packets
needs to use the rtp->dtls structure instead of rtp->rtcp->dtls when
AST_RTP_INSTANCE_RTCP_MUX is set.
Resolves: #1474
When handling SIP transfers via ARI, the `referred_by` field in
`transfer_ari_state` may be null, since SIP REFER requests are not
required to include a `Referred-By` header. Without this check, a null
value caused the transfer to fail and triggered a NOTIFY with a 500
Internal Server Error.
* Fixed an issue in webchan_write() where we weren't detecting equivalent
codecs properly.
* Added the "p" dialstring option that puts the channel driver in
"passthrough" mode where it will not attempt to re-frame or re-time
media coming in over the websocket from the remote app. This can be used
for any codec but MUST be used for codecs that use packet headers or whose
data stream can't be broken up on arbitrary byte boundaries. In this case,
the remote app is fully responsible for correctly framing and timing media
sent to Asterisk and the MEDIA text commands that could be sent over the
websocket are disabled. Currently, passthrough mode is automatically set
for the opus, speex and g729 codecs.
* Now calling ast_set_read_format() after ast_channel_set_rawreadformat() to
ensure proper translation paths are set up when switching between native
frames and slin silence frames. This fixes an issue with codec errors
when transcode_via_sln=yes.
Resolves: #1462
Add NULL check for word_list before calling word_in_list()
Add NULL checks for channel snapshots from ast_multi_channel_blob_get_channel()
Resolves: #1425
Add a dialplan function that can be used to get/set properties of
DAHDI channels (as opposed to Asterisk channels). This exposes
properties that were not previously available, allowing for certain
operations to now be performed in the dialplan.
Resolves: #1455
UserNote: The DAHDI_CHANNEL function allows for getting/setting
certain properties about DAHDI channels from the dialplan.
This change introduces a new API called taskpool. This is a pool
of taskprocessors. It provides the following functionality:
1. Task pushing to a pool of taskprocessors
2. Synchronous tasks
3. Serializers for execution ordering of tasks
4. Growing/shrinking of number of taskprocessors in pool
This functionality already exists through the combination of
threadpool+taskprocessors but through investigating I determined
that this carries substantial overhead for short to medium duration
tasks. The threadpool uses a single queue of work, and for management
of threads it involves additional tasks.
I wrote taskpool to eliminate the extra overhead and management
as much as possible. Instead of a single queue of work each
taskprocessor has its own queue and at push time a selector chooses
the taskprocessor to queue the task to. Each taskprocessor also
has its own thread like normal. This spreads out the tasks immediately
and reduces contention on shared resources.
Using the included efficiency tests the number of tasks that can be
executed per second in a taskpool is 6-12 times more than an equivalent
threadpool+taskprocessor setup.
Stasis has been moved over to using this new API as it is a heavy consumer
of threadpool+taskprocessors and produces a lot of tasks.
UpgradeNote: The threadpool_* options in stasis.conf have now been deprecated
though they continue to be read and used. They have been replaced with taskpool
options that give greater control over the underlying taskpool used for stasis.
DeveloperNote: The taskpool API has been added for common usage of a
pool of taskprocessors. It is suggested to use this API instead of the
threadpool+taskprocessor approach.
Added a check to outbound_websocket_apply() that makes sure an outbound
websocket config object in ari.conf has a websocket_client_id parameter.
Resolves: #1457
get_token can return NULL, but process_token uses this result without
checking for NULL; as elsewhere, check for a NULL result to avoid
possible NULL dereference.
Resolves: #1419
In a previous commit, a change was made to
ast_rtp_codecs_payload_code_tx_sample_rate to check for differing sample
rates. This ended up returning an invalid payload int for comfort noise.
A check has been added that returns early if the payload is in fact
supposed to be comfort noise.
Fixes: #1340
"dialplan eval function" has been using a dummy channel for function
evaluation, much like many of the unit tests. However, sometimes, this
can cause issues for functions that are not expecting dummy channels.
As an example, ast_channel_tech(chan) is NULL on such channels, and
ast_channel_tech(chan)->type consequently results in a NULL dereference.
Normally, functions do not worry about this since channels executing
dialplan aren't dummy channels.
While some functions are better about checking for these sorts of edge
cases, use a real channel with a dummy technology to make this CLI
command inherently safe for any dialplan function that could be evaluated
from the CLI.
Resolves: #1434
In many asterisk-based systems, the pause reason is used to separate
pauses by type,and logically, changing the reason defines two intervals
that should be accounted for separately. The introduction of a new
option allows me to separate the intervals of operator inactivity in
the log by the event of unpausing.
UserNote: Add new global option 'log_unpause_on_reason_change' that
is default disabled. When enabled cause addition of UNPAUSE event on
every re-PAUSE with reason changed.
The functions WaitForNoise() and WaitForSilence() use the time()
functions to calculate elapsed time, which causes the timer to fire on
a whole second boundary, and the actual function execution time to fire
the timer may be 1 second less than expected. This fix replaces time()
with ast_tvnow().
Fixes: #1401
Currently, the 'd' option will play dial tone while waiting
for digits. Allow it to accept an argument for any tone from
indications.conf.
Resolves: #1396
UserNote: The tone used while waiting for digits in WaitExten
can now be overridden by specifying an argument for the 'd'
option.
One of the problems with TONE_DETECT as it was originally written
is that if a tone is detected multiple times, it can trigger
the redirect logic multiple times as well. For example, if we
do an async goto in the dialplan after detecting a tone, because
the detector is still active until explicitly disabled, if we
detect the tone again, we will branch again and start executing
that dialplan a second time. This is rarely ever desired behavior,
and can happen if the detector is not removed quickly enough.
Add a new option, 'e', which automatically disables the detector
once the desired number of matches have been heard. This eliminates
the potential race condition where previously the detector would
need to be disabled immediately, but doing so quickly enough
was not guaranteed. This also allows match criteria to be retained
longer if needed, so the detector does not need to be destroyed
prematurely.
Resolves: #1390
UserNote: The 'e' option for TONE_DETECT now allows detection to
be disabled automatically once the desired number of matches have
been fulfilled, which can help prevent race conditions in the
dialplan, since TONE_DETECT does not need to be disabled after
a hit.
Numerically comparing that the current queue position is less than
last_pos_said can only be done after at least one announcement has been
made, otherwise last_pos_said is at the default (0).
Fixes: #1386
In the highly-unlikely event that get_authorization_hdr() couldn't find an
Authorization header in a request, trying to get the digest algorithm
would cauase a SEGV. We now check that we have an auth header that matches
the realm before trying to get the algorithm from it.
Resolves: #GHSA-64qc-9x89-rx5j
This patch resolves two issues in Sorcery objectset handling with multiple
backends:
1. Prevent duplicate objects:
When an object exists in more than one backend (e.g., a contact in both
'astdb' and 'realtime'), the objectset previously returned multiple instances
of the same logical object. This caused logic failures in components like the
PJSIP registrar, where duplicate contact entries led to overcounting and
incorrect deletions, when max_contacts=1 and remove_existing=yes.
This patch ensures only one instance of an object with a given key is added
to the objectset, avoiding these duplicate-related side effects.
2. Ensure missing objects are created:
When using multiple writable backends, a temporary backend failure can lead
to objects missing permanently from that backend.
Currently, .update() silently fails if the object is not present,
and no .create() is attempted.
This results in inconsistent state across backends (e.g. astdb vs. realtime).
This patch introduces a new global option in sorcery.conf:
[general]
update_or_create_on_update_miss = yes|no
Default: no (preserves existing behavior).
When enabled: if .update() fails with no data found, .create() is attempted
in that backend. This ensures that objects missing due to temporary backend
outages are re-synchronized once the backend is available again.
Added a new CLI command:
sorcery show settings
Displays global Sorcery settings, including the current value of
update_or_create_on_update_miss.
Updated tests to validate both flag enabled/disabled behavior.
Fixes: #1289
UserNote: Users relying on Sorcery multiple writable backends configurations
(e.g., astdb + realtime) may now enable update_or_create_on_update_miss = yes
in sorcery.conf to ensure missing objects are recreated after temporary backend
failures. Default behavior remains unchanged unless explicitly enabled.
If Caller ID is disabled for an FXS port, then we should not send any
Caller ID spill on the line, as we have no Caller ID information that
we can/should be sending.
Resolves: #1394
It is possible to modify the dialmode setting in the chan_dahdi/sig_analog
private using the CHANNEL function, to modify it during calls. However,
it was not being reset between calls, meaning that if, for example, tone
dialing was disabled, it would never work again unless explicitly enabled.
This fixes the setting by pairing it with a "perm" version of the setting,
as a few other features have, so that it can be reset to the permanent
setting between calls. The documentation is also clarified to explain
the interaction of this setting and the digitdetect setting more clearly.
Resolves: #1378
* Added a new option to the WebSocket dial string to capture the additional
URI parameters.
* Added a new API ast_uri_verify_encoded() that verifies that a string
either doesn't need URI encoding or that it has already been encoded.
* Added a new API ast_websocket_client_add_uri_params() to add the params
to the client websocket session.
* Added XML documentation that will show up with `core show application Dial`
that shows how to use it.
Resolves: #1352
UserNote: A new WebSocket channel driver option `v` has been added to the
Dial application that allows you to specify additional URI parameters on
outgoing connections. Run `core show application Dial` from the Asterisk CLI
to see how to use it.
ast_websocket_read() receives data into a fixed 64K buffer then continually
reallocates a final buffer that, after all continuation frames have been
received, is the exact length of the data received and returns that to the
caller. process_text_message() in chan_websocket was attempting to set a
NULL terminator on the received payload assuming the payload buffer it
received was the large 64K buffer. The assumption was incorrect so when it
tried to set a NULL terminator on the payload, it could, depending on the
state of the heap at the time, cause heap corruption.
process_text_message() now allocates its own payload_len + 1 sized buffer,
copies the payload received from ast_websocket_read() into it then NULL
terminates it prevent the possibility of the overrun and corruption.
Resolves: #1384
Adds an ARI command to send a progress indication to a channel.
DeveloperNote: A new ARI endpoint is available at `/channels/{channelId}/progress` to indicate progress to a channel.
The debug logging during DSP processing has always been kind
of overwhelming and annoying to troubleshoot. Simplify and
improve the logging in a few ways to aid DSP debugging:
* If we had a DSP hit, don't also emit the previous debug message that
was always logged. It is duplicated by the hit message, so this can
reduce the number of debug messages during detection by 50%.
* Include the hit count and required number of hits in the message so
on partial detections can be more easily troubleshot.
* Use debug level 9 for hits instead of 10, so we can focus on hits
without all the noise from the per-frame debug message.
* 1-index the hit count in the debug messages. On the first hit, it
currently logs '0', just as when we are not detecting anything,
which can be confusing.
Resolves: #1375
After an asterisk restart, the deletion of ARI Devicestates didn't
return error, but the devicestate was not deleted.
Found a typo on populate_cache function that created wrong cache for
device states.
This bug caused wrong assumption that devicestate didn't exist,
since it was not in cache, so deletion didn't returned error.
Fixes: #1327
Add an option for ChanSpy and ExtenSpy to not answer the channel
automatically. Most applications that auto-answer by default
already have an option to disable this behavior if unwanted.
Resolves: #1358
UserNote: ChanSpy and ExtenSpy can now be configured to not
automatically answer the channel by using the 'N' option.
If you do a `core show application Dial`, you'll see it's kind of a mess.
Indents are wrong is some places, examples are printed in black which makes
them invisible on most terminals, and the lack of line breaks in some cases
makes it hard to follow.
* Fixed the rendering of examples so they are indented properly and changed
the color so they can be seen.
* There is now a line break before each option.
* Options are now printed on their own line with all option content indented
below them.
Example from Dial before fixes:
```
Example: Dial 555-1212 on first available channel in group 1, searching
from highest to lowest
Example: Ringing FXS channel 4 with ring cadence 2
Example: Dial 555-1212 on channel 3 and require answer confirmation
...
O([mode]):
mode - With <mode> either not specified or set to '1', the originator
hanging up will cause the phone to ring back immediately.
- With <mode> set to '2', when the operator flashes the trunk, it will ring
their phone back.
Enables *operator services* mode. This option only works when bridging a DAHDI
channel to another DAHDI channel only. If specified on non-DAHDI interfaces, it
will be ignored. When the destination answers (presumably an operator services
station), the originator no longer has control of their line. They may hang up,
but the switch will not release their line until the destination party (the
operator) hangs up.
p: This option enables screening mode. This is basically Privacy mode
without memory.
```
After:
```
Example: Dial 555-1212 on first available channel in group 1, searching
from highest to lowest
same => n,Dial(DAHDI/g1/5551212)
Example: Ringing FXS channel 4 with ring cadence 2
same => n,Dial(DAHDI/4r2)
Example: Dial 555-1212 on channel 3 and require answer confirmation
same => n,Dial(DAHDI/3c/5551212)
...
O([mode]):
mode - With <mode> either not specified or set to '1', the originator
hanging up will cause the phone to ring back immediately.
With <mode> set to '2', when the operator flashes the trunk, it will
ring their phone back.
Enables *operator services* mode. This option only works when bridging
a DAHDI channel to another DAHDI channel only. If specified on
non-DAHDI interfaces, it will be ignored. When the destination answers
(presumably an operator services station), the originator no longer has
control of their line. They may hang up, but the switch will not
release their line until the destination party (the operator) hangs up.
p:
This option enables screening mode. This is basically Privacy mode
without memory.
```
There are still things we can do to make this more readable but this is a
start.
This can be reproduced under certain curcomstences.
For example: call app.playback from lua with invalid data: app.playback({}).
pbx_lua.c will try to get data for this playback using lua_tostring function.
This function returs NULL for everything but strings and numbers.
Then, it calls term_color with NULL data.
term_color function can call(if we don't use vt100 compat term)
ast_copy_string with NULL inbuf which cause segfault. bt example:
ast_copy_string (size=8192, src=0x0, dst=0x7fe44b4be8b0)
at /usr/src/asterisk/asterisk-20.11.0/include/asterisk/strings.h:412
Resolves: https://github.com/asterisk/asterisk/issues/1363
If the BRIDGE_NOANSWER variable is set on a channel, it is not supposed
to answer when another channel bridges to it using Bridge(), and this is
checked when ast_bridge_call* is called. However, another path exists
(bridge_exec -> ast_bridge_add_channel) where this variable was not
checked and channels would be answered. We now check the variable there.
Resolves: #401Resolves: #1364
There was no check in __rtp_sendto that prevented Asterisk from sending
RTP before DTLS had finished negotiating. This patch adds logic to do
so.
Fixes: #1260
It's reproducible with pbx_lua, not regular dialplan.
deadlock description:
1. asterisk locks a channel
2. calls function onedigit_goto
3. calls ast_goto_if_exists funciton
4. checks ast_exists_extension -> pbx_extension_helper
5. pbx_extension_helper calls pbx_find_extension
6. Then asterisk starts autoservice in a new thread
7. autoservice run tries to lock the channel again
Because our channel is locked already, autoservice can't lock.
Autoservice can't lock -> autoservice stop is waiting forever.
onedigit_goto waits for autoservice stop.
Resolves: https://github.com/asterisk/asterisk/issues/1335
Based on the firing order of the PJSIP call-backs on a redirect, it was possible for
the Diversion header to not be included in the outgoing 181 response to the UAC and
the INVITE to the UAS.
This change moves the Diversion header processing to an earlier PJSIP callback while also
preventing the corresponding update that can cause a duplicate 181 response when processing
the header at that time.
Resolves: #1349
With `sounds_search_custom_dir = yes`, we are supposed to search for sounds
in the `AST_DATA_DIR/sounds/custom` directory before searching the normal
directories. Unfortunately, a recent change
(https://github.com/asterisk/asterisk/pull/1172) had a typo resulting in
the "custom" directory not being searched. This change restores this
expected behavior.
Resolves: #1353
Fixes: #1280
UserNote: Enabling the tracking of the
STREAM_BEGIN and the STREAM_END event
types in cel.conf will log media files and
music on hold played to each channel.
The STREAM_BEGIN event's extra field will
contain a JSON with the file details (path,
format and language), or the class name, in
case of music on hold is played. The DTMF
event's extra field will contain a JSON with
the digit and the duration in milliseconds.
Remove VALID_EXTEN, which was deprecated/superseded by DIALPLAN_EXISTS
in Asterisk 11 (commit 8017b65bb9),
as DIALPLAN_EXISTS does the same thing and is more flexible.
Resolves: #1347
UpgradeNote: The deprecated VALID_EXTEN function has been removed.
Use DIALPLAN_EXISTS instead.
