When Asterisk sends an outbound SIP request, if there is no direct
reason to place a specific value for the username in the From header,
Asterisk would generate a UUID. For example, this would happen when
sending outbound OPTIONS requests when qualifying or when sending
outbound INVITE requests when originating (if no explicit caller ID were
provided). The issue is that some SIP providers reject these sorts of
requests with a "Name too long" error response.
This patch aims to fix this by changing the default outbound username in
From headers to "asterisk". This value can be overridden by changing the
default_from_user option in the global options if desired.
ASTERISK-25377 #close
Reported by Mark Michelson
Change-Id: I6a4d34a56ff73ff4f661b0075aeba5461b7f3190
In ast_endpoint_snapshot_create(), a failure to init the
string fields results in two attempts to ao2_cleanup the
same pointer. Removed RAII_VAR to eliminate problem.
ASTERISK-25375 #close
Reported by: Scott Griepentrog
Change-Id: If4d9dfb1bbe3836b623642ec690b6d49b25e8979
Pjsip is refusing to use unsecure transport with "sips" in url.
WSS should be considered as secure transport.
ASTERISK-24602 #comment Partially fixed by setting WSS as secure
Change-Id: Iddac406c6deba6240c41a603b8859dfefe1a5353
When sending a stateful response, creation of the transaction can fail,
most commonly because we are trying to create a transaction from a
retransmitted request. When creation of the transaction fails, we end up
leaking a reference to a contact that was bumped when the response was
created.
This patch adds the missing deref and fixes the reference leak.
Change-Id: I2f97ad512aeb1b17e87ca29ae0abacb4d6395f07
When issuing the "core show hints" CLI command a combination of both
the hint extension and context is created. This uses a fixed size
buffer expecting that the extension will not exceed maximum extension
length. When the extension is actually a pattern match this constraint
does not hold true, and the extension may exceed the maximum extension
length. In this case extra characters are written past the end of the
fixed size buffer.
This change makes it so the construction of the combined hint extension
and context can not exceed the size of the buffer.
ASTERISK-25367 #close
Change-Id: Idfa1b95d0d4dc38e675be7c1de8900b3f981f499
A recent change to res_pjsip_pubsub switched to using pjsip_msg_print as
a means of writing an appropriate packet to persistent storage. While
this partially solved the issue, it had its own problems.
pjsip_msg_print will always add a Content-Length header to the message
it prints. Frequent restarts of Asterisk can result in persistent
subscriptions being written with five or more Content-Length headers. In
addition, sometimes some apparent corruption of individual headers could
be seen.
This aims to fix the problem by not running a parsed message through an
interpreter but rather by taking the raw message and saving it. The
logic for what to save is going to be different depending on whether a
SUBSCRIBE was received from the wire or if it was pulled from
persistence. When receiving a packet from the wire, when using a
streaming transport, the rdata->pkt_info.packet may contain multiple SIP
messages or fragments. However, the rdata->msg_info.msg_buf will always
contain the current SIP message to be processed. When pulling from
persistence, though, the rdata->msg_info.msg_buf will be NULL since no
transport actually handled the packet. However, since we know that we
will always ever pull one SIP message from persistence, we are free to
save directly from rdata->pkt_info.packet instead.
ASTERISK-25365 #close
Reported by Mark Michelson
Change-Id: I33153b10d0b4dc8e3801aaaee2f48173b867855b
A deadlock was observed where three threads were competing for different
locks:
* One thread held the hints lock and was attempting to lock a specific
hint.
* One thread was holding the specific hint's lock and was attempting to
lock the contexts lock
* One thread was holding the contexts lock and attempting to lock the
hints lock.
Clearly the second thread was doing the wrong thing here. The fix for
this is to make sure that the hint's lock is not held on presence state
changes. Something similar is already done (and commented about) for
device state changes.
ASTERISK-25362 #close
Reported by Mark Michelson
Change-Id: I15ec2416b92978a4c0c08273b2d46cb21aff97e2
When unreferencing a taskprocessor its reference count is checked
to determine if it should be unlinked from the taskprocessors
container and its listener shut down. In between the time when the
reference count is checked and unlinking it is possible for
another thread to jump in, find it, and get a reference to it. If
the thread then uses the taskprocessor it may find that it is not
in the state it expects.
This change locks the taskprocessors container during almost the
entire unreference operation to ensure that any other thread which
may attempt to find the taskprocessor has to wait.
ASTERISK-25295
Change-Id: Icb842db82fe1cf238da55df92e95938a4419377c
The keepalive support in res_pjsip_sdp_rtp currently assumes
that a stream will only be negotiated once. This is false.
If the stream is replaced and later added back it can be
negotiated again causing multiple keepalive scheduled items
to exist. This change explicitly deletes the existing
keepalive scheduled item before adding the new one.
The res_pjsip_sdp_rtp module also does not stop RTP
keepalives or timeout timer if the stream has been
replaced. This change adds a callback to the session media
interface to allow a media stream to be stopped without
the resources being destroyed. This allows the scheduled
items and RTP to be stopped when the stream no longer
exists.
ASTERISK-25356 #close
Change-Id: Ibe6a7cc0927c87326fd5f1c0d4ad889dbfbea1de
When deleting a scheduled item if the item in question is currently
executing the ast_sched_del function waits until it has completed.
This is accomplished using ast_cond_wait. Unfortunately the
ast_cond_wait function can suffer from spurious wakeups so the
predicate needs to be checked after it returns to make sure it has
really woken up as a result of being signaled.
This change adds a loop around the ast_cond_wait to make sure that
it only exits when the executing task has really completed.
ASTERISK-25355 #close
Change-Id: I51198270eb0b637c956c61aa409f46283432be61
When a BYE request is received the PJSIP invite session implementation
creates and sends a 200 OK response before we are aware of it. This
causes the INVITE session state callback to be called into and ultimately
the session supplements run on the BYE request. Once this response has
been sent the normal transaction state callback is invoked which
invokes the session supplements on the BYE request again. This can
be problematic in particular with res_pjsip_rfc3326 as it may
attempt to update the hangup cause code on the channel while it is
in the process of being hung up.
This change makes it so the session supplements are only invoked
once by the INVITE session state callback.
ASTERISK-25318 #close
Change-Id: I69c17df55ccbb61ef779ac38cc8c6b411376c19a
If the ast_strndup() call fails to allocate a copy of the
transport string for parsing, fail gracefully.
ASTERISK-25323
Reported by: Scott Griepentrog
Change-Id: Ia4b905ce6d03da53fea526224455c1044b1a5a28
In chan_pjsip_new, if allocation of the pvt
structure fails, ast_hangup is called. But
it was written to assume pvt was valid, and
this change corrects that.
ASTERISK-25323
Reported by: Scott Griepentrog
Change-Id: I5f47860fe9cee4cd56abd3f79b108678ab72cc87
The call pickup implementation in chan_sip currently sets the channel
hangup cause to "normal clearing" if call pickup is successfully
performed. This action overwrites the "answered elsewhere" hangup cause
set by the call pickup code and can result in the SIP device in
question showing a missed call when it should not.
This change sets the hangup cause to "normal clearing" as a
default initially but allows the call pickup to change it as
needed.
ASTERISK-25346 #close
Change-Id: I00ac2c269cee9e29586ee2c65e83c70e52a02cff
Modules commonly used the pj_gethostip function for retrieving the
IP address of the host. This function does not cache the result and may
result in a DNS lookup occurring, or additional work. If the DNS
server is unreachable or network issues arise this can cause the
pj_gethostip function to block for a period of time.
This change adds an ast_sip_get_host_ip and ast_sip_get_host_ip_string
function which does the same thing but caches the host IP address at
module load time. This results in no additional work being done each
time the local host IP address is needed.
ASTERISK-25342 #close
Change-Id: I3205deb679b01fa5ac05a94b623bfd620a2abe1e
When recreating a subscription it is possible for a freed sub_tree
to be referenced when the initial NOTIFY fails to be created.
Change-Id: I681c215309aad01b21d611c2de47b3b0a6022788
When executing an action in a bridge it is possible for the
channel to be hung up without the bridge becoming aware of it.
This is most easily reproducible by hanging up when the bridge
is streaming DTMF due to a feature timeout. This change makes
it so after action execution the channel is checked to determine
if it has been hung up and if it has it is kicked from the bridge.
ASTERISK-25341 #close
Change-Id: I6dd8b0c3f5888da1c57afed9e8a802ae0a053062
When an endpoint is backed by a non-static conf file backend (such as
the AstDB or Realtime), the 'auth' object may be returned as being an
empty string. Currently, res_pjsip will interpret that as being a valid
auth object, and will attempt to authenticate inbound requests. This
isn't desired; is an auth value is empty (which the name of an auth
object cannot be), we should instead interpret that as being an invalid
auth object and skip it.
ASTERISK-25339 #close
Change-Id: Ic32b0c6eb5575107d5164a8c40099e687cd722c7
This is a type mismatch fix of the debugging commit
c63316eec1 made to find out why
a testsuite test was failing only on one of the continuous
integration build agents.
Change-Id: Iba34f6e87cec331f6ac80e4daff6476ea6f00a75
Asterisk needs the sqlite 3 library, which is package
sqlite-devel in CentOS. By adding this package to the
script, a problem with configure failing is resolved.
ASTERISK-25331 #close
Reported by: Kevin Harwell
Change-Id: I90efaf6a01914fea03f21e5cdbd91c348f44b0ec
* Extract set_queue_member_pause() from set_member_paused() for simpler
and more consistent code.
* Extract set_queue_member_ringinuse() from
set_member_ringinuse_help_members() for simpler code.
Change-Id: Iecc1f4119c63347341d7ea6b65f5fc4963706306
Setting the 'paused' and 'ringinuse' options on a queue member using the
dialplan function QUEUE_MEMBER did not behave the same way as the
equivalent dialplan applications or AMI actions.
* Made queue_function_mem_write() call the set_member_paused() and
set_member_value() for the 'paused' and 'ringinuse' options respectively.
A beneficial side effect is that the queue name is now optional and sets
the value in all queues the interface is a member.
* Update QUEUE_MEMBER XML documentation.
* Fix error checking in QUEUE_MEMBER() write.
ASTERISK-25215 #close
Reported by: Lorne Gaetz
Change-Id: I3a016be8dc94d63a9cc155295ff9c9afa5f707cb
When allocating a sorcery object, fail if the
id value was not allocated.
ASTERISK-25323
Reported by: Scott Griepentrog
Change-Id: I152133fb7545a4efcf7a0080ada77332d038669e
When sending an RTP keepalive, we need to be sure we're not dealing with
a NULL RTP instance. There had been a NULL check, but the commit that
added the rtp_timeout and rtp_hold_timeout options removed the NULL
check.
Change-Id: I2d7dcd5022697cfc6bf3d9e19245419078e79b64
The built frame format in audiohook_read_frame_both() is now set to a
signed linear format before the rx and tx frames are duplicated instead of
only for the mixed audio frame duplication.
ASTERISK-25322 #close
Reported by Sean Pimental
Change-Id: I86f85b5c48c49e4e2d3b770797b9d484250a1538
In chan_sip, after handling an incoming invite a security event is raised
describing authorization (success, failure, etc...). However, it was doing
a lookup of the peer by extension. This is fine for register messages, but
in the case of an invite it may search and find the wrong peer, or a non
existent one (for instance, in the case of call pickup). Also, if the peers
are configured through realtime this may cause an unnecessary database lookup
when caching is enabled.
This patch makes it so that sip_report_security_event searches by IP address
when looking for a peer instead of by extension after an invite is processed.
ASTERISK-25320 #close
Change-Id: I9b3f11549efb475b6561c64f0e6da1a481d98bc4
Due to the use of ast_websocket_close in session termination it is
possible for the underlying socket to already be closed when the
session is terminated. This occurs when the close frame is attempted
to be written out but fails.
Change-Id: I7572583529a42a7dc911ea77a974d8307d5c0c8b
The res_http_websocket module will currently attempt to close
the WebSocket connection if fatal cases occur, such as when
attempting to write out data and being unable to. When the
fatal cases occur the code attempts to write a WebSocket close
frame out to have the remote side close the connection. If
writing this fails then the connection is not terminated.
This change forcefully terminates the connection if the
WebSocket is to be closed but is unable to send the close frame.
ASTERISK-25312 #close
Change-Id: I10973086671cc192a76424060d9ec8e688602845