* Added ast_sched_clean_by_callback for cleanup of scheduled events
that have not yet fired.
* Run all pending peercnt_remove_cb and replace_callno events in chan_iax2.
Cleanup of replace_callno events is only run 11, since it no longer
releases any references or allocations in 13+.
ASTERISK-24451 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4425/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431916 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The Test Event for MIXMONITOR_END - which signals that a MixMonitor has
completed - technically fired before the filestream was closed. If a test
used this to trigger a condition to verify that the file was written, it
could result in a race condition where the file size would not be what the
test expected.
Luckily, no tests were using this (although they should have been). Since the
test event needed to be moved after the point where the MixMonitor autochan has
been destroyed, the test event no longer emits the channel name. Luckily,
nothing needs it.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431788 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a SIP device that has its registration stored in RealTime unregisters,
the entry for that device is updated with blank values, i.e., "", indicating
that it is no longer registered. Unfortunately, one of those values that is
'blanked' is the device's port. If the column type for the port is not a
string datatype (the recommended type is integer), an ODBC or database error
will be thrown. MariaDB does not coerce empty strings to a valid integer value.
This patch updates the query run from chan_sip such that it replaces the port
value with a value of '0', as opposed to a blank value. This is the value that
other database backends coerce the empty string ("") to already, and the
handling of reading a RealTime registration value from a backend already
anticipates receiving a port of '0' from the backends.
ASTERISK-24772 #close
Reported by: Richard Miller
patches:
chan_sip.diff uploaded by Richard Miller (License 5685)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431673 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Add ast_module_shutdown_ref for use by modules that can
only be unloaded during graceful shutdown.
When REF_DEBUG is enabled:
* Add an empty ao2 object to struct ast_module.
* Allocate ao2 object when the module is loaded.
* Perform an ao2_ref in each place where mod->usecount is manipulated.
* ao2_cleanup on module unload.
ASTERISK-24479 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4141/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431662 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Consider a scenario where Alice and Bob have an established dialog with each
other external to Asterisk. Bob decides to perform an attended transfer of
Alice to Asterisk. In this case, Alice will send an INVITE with Replaces
to Asterisk, where the Replaces specifies Bob's dialog with Asterisk. In this
particular scenario, Asterisk will complete the transfer, but - since Bob's
channel has had Alice masqueraded into it and is now a Zombie - a BYE
request will not be sent.
This patch fixes that issue by adding a new flag to chan_sip that tracks
whether or not we have an INVITE with Replaces. If we do, the flag is used
on the sip_pvt to ensure that a BYE request is sent, even if the channel has
been masqueraded away.
Review: https://reviewboard.asterisk.org/r/4362/
ASTERISK-22436 #close
Reported by: Eelco Brolman
Tested by: Jeremiah Gowdy, Kristian Høgh
patches:
asterisk-11-hangup-replaced-3.diff uploaded by Jeremiah Gowdy (License 6358)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431620 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch modifies the ast_odbc_find_table function such that it only performs
a lookup of the requested table if the table is not already known. Prior to
this patch, a queries would be executed against the database even if the table
was already known and cached.
Review: https://reviewboard.asterisk.org/r/4405/
ASTERISK-24742 #close
Reported by: ibercom
patches:
patch.diff uploaded by ibercom (License 6599)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431617 65c4cc65-6c06-0410-ace0-fbb531ad65f3
RFC 3261 sections 8.1.1.8 and 12.1.1 dictate specific
scenarios when we are required to use SIPS URIs in Contact
headers. Asterisk's non-compliance with this could actually
cause calls to get dropped when communicating with clients
that are strict about checking the Contact header.
Both of the SIP stacks in Asterisk suffered from this issue.
This changeset corrects the behavior in chan_sip.
ASTERISK-24646 #close
Reported by Stephan Eisvogel
Review: https://reviewboard.asterisk.org/r/4346
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431423 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A recent security fix for OpenSSL broke DTLS negotiation for many
applications. This was caused by read ahead not being enabled when it
should be. While a commit has gone into OpenSSL to force read ahead
on for DTLS it may take some time for a release to be made and the
change to be present in distributions (if at all). As enabling read
ahead is a simple one line change this commit does that and fixes
the issue.
ASTERISK-24711 #close
Reported by: Jared Biel
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431384 65c4cc65-6c06-0410-ace0-fbb531ad65f3
CVE-2014-8150 disclosed a vulnerability in libcURL where HTTP request injection
can be performed given properly-crafted URLs.
Since Asterisk makes use of libcURL, and it is possible that users of Asterisk may
get cURL URLs from user input or remote sources, we have made a patch to Asterisk
to prevent such HTTP injection attacks from originating from Asterisk.
ASTERISK-24676 #close
Reported by Matt Jordan
Review: https://reviewboard.asterisk.org/r/4364
AST-2015-002
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431297 65c4cc65-6c06-0410-ace0-fbb531ad65f3
While running through some scenarios using chan_sip and tcp a problem would
occur that resulted in a flood of bad file descriptor messages on the cli:
tcptls.c:712 ast_tcptls_server_root: Accept failed: Bad file descriptor
The message is received because the underlying socket has been closed, so is
valid. This is probably happening because unloading of chan_sip is not atomic.
That however is outside the scope of this patch. This patch simply stops the
logging of multiple occurrences of that message.
ASTERISK-24728 #close
Reported by: Thomas Thompson
Review: https://reviewboard.asterisk.org/r/4380/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431218 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When refreshing (with a small expiration) a registration that was sent to
chan_sip the nonce would be considered stale and reject the registration.
What was happening was that the initial registration's "dialog" still existed
in the dialogs container and upon refresh the dialog match algorithm would
choose that as the "dialog" instead of the newly created one. This occurred
because the algorithm did not check to see if the from tag matched if
authentication info was available after the 401. So, it ended up assuming
the original "dialog" was a match and stopped the search. The old "dialog"
of course had an old nonce, thus the stale nonce message.
This fix attempts to leave the original functionality alone except in the case
of a REGISTER. If a REGISTER is received if searches for an existing "dialog"
matching only on the callid. If the expires value is low enough it will reuse
dialog that is there, otherwise it will create a new one.
ASTERISK-24715 #close
Reported by: John Bigelow
Review: https://reviewboard.asterisk.org/r/4367/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431187 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Starting and stopping conference recording more than once causes the
recording channels to be leaked. For v13 the channels also show up in the
CLI "core show channels" output.
* Reworked and simplified the recording channel code to use
ast_bridge_impart() instead of managing the recording thread in the
ConfBridge code. The recording channel's ref handling easily falls into
place and other off nominal code paths get handled better as a result.
ASTERISK-24719 #close
Reported by: John Bigelow
Review: https://reviewboard.asterisk.org/r/4368/
Review: https://reviewboard.asterisk.org/r/4369/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431135 65c4cc65-6c06-0410-ace0-fbb531ad65f3
All the other configuration options are case insensitive, so this one
should be too.
ASTERISK-24355 #close
Reported by: HZMI8gkCvPpom0tM
patches:
ast.patch uploaded by HZMI8gkCvPpom0tM (License 6658)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430993 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The MixMonitor m() option allows a recording to be pushed to a specific
voicemail mailbox. If the message is delivered to the mailbox's INBOX, however,
no MWI notification is currently raised.
This patch corrects the issue by properly calling notify_new_state from the
msg_create_from_file function. This will cause MWI to be triggered if the
message was placed in the mailbox's INBOX.
ASTERISK-24709 #close
Reported by: Gareth Palmer
patches:
app_voicemail-430919.patch uploaded by Gareth Palmer (License 5169)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430920 65c4cc65-6c06-0410-ace0-fbb531ad65f3
On Debian based systems, the install_prereq tool uses a search command on
Debian that results in selecting both 64-bit and 32-bit packages. Besides the
waste of disk space, this can actually cause aptitude use 100% of memory on a
VM with 1GB of RAM as it tried to work out all of the 32-bit package
dependencies.
This patch filters out the 32-bit packages on a 64-bit machine, and leaves
32-bit machines alone.
ASTERISK-24048 #close
Reported by: Ben Klang
Tested by: Ben Klang, Matt Jordan
patches:
install_prereq_64-bit_compat.patch uploaded by Ben Klang (License 5876)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430798 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When using ODBC or IMAP storage, temporary files created on the file system
must be disposed of using the DISPOSE macro. The DELETE macro will map to a
deletion function for the backend storage, but does not clean up any local
files created as a result of the operation.
When using voicemail with the operator and review options enabled, pressing
0 to enter the menu, followed by 1 to save the message, followed by any
other DTMF press to delete the message, will result in the temporary file
lingering on the file system.
This patch properly calls DISPOSE after the DELETE. This causes the local
file to be disposed of.
ASTERISK-24288 #close
Reported by: LEI FU
patches:
voicemail_odbc_review_fix.diff uploaded by LEI FU (License 6640)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430795 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The mkpkgconfig script incorrectly concatenates Cflags options together. As an
example, the following:
Cflags: -I/usr/include/libxml2 -g3
Is instead generated as:
Cflags: -I/usr/include/libxml2-g3
This patch corrects the generation of Cflags in mkpkgconfig such that the
Cflags options are output correctly.
Review: https://reviewboard.asterisk.org/r/3707/
ASTERISK-23991 #close
Reported by: Diederik de Groot
patches:
fix_mkpkgconfig.diff uploaded by Diederik de Groot (License 6600)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430589 65c4cc65-6c06-0410-ace0-fbb531ad65f3
v11: If a channel redirect to a macro exten of a macro that is active
happens, the redirect location doesn't get executed. Instead the original
macro location is restored and gets reexecuted.
v13: An additional effect happens if a parked call times out to an
extension in the macro that parked the call then the macro is reexecuted
instead of the expected park return location.
* Made not restore the macro calling location on an
AST_SOFTHANGUP_ASYNCGOTO.
* Increased the locked channel range when setting up the macro execution
environment to cover things that should be done while the channel is
locked.
* Removed unnecessary NULL tests before calling ast_free() in
_macro_exec().
ASTERISK-23850 #close
Reported by: Andrew Nagy
Review: https://reviewboard.asterisk.org/r/4292/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430564 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The security event log uses a dynamic log level (SECURITY) that is registered
with the Asterisk logging core. Unfortunately, the syslog would ignore log
statements that had a dynamic log level associated with them. Because the
syslog cannot handle ad hoc dynamic log levels, this patch treats any dynamic
log entries sent to the syslog as logs with a level of NOTICE.
ASTERISK-20744 #close
Reported by: Michael Keuter
Tested by: Michael L. Young, Jacek Konieczny
patches:
asterisk-20744-syslog-dynamic-logging_trunk.diff uploaded by Michael L. Young (license 5026)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430506 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the channel datastore associated with the usage of CURLOPT on a specific
channel is freed, the underlying structure holding the list of options is not
disposed of. This patch properly frees the structure in the datastore .destroy
callback.
ASTERISK-24672 #close
Reported by: Kristian Hogh
patches:
func_curl-memory-leak.diff uploaded by Kristian Hogh (License 6639)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430487 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change makes the T.38 negotiation timeout configurable via
't38timeout' in res_fax.conf or FAXOPT(t38timeout). It was previously
hard coded to be 5000 milliseconds.
This change also handles T.38 switch failures by aborting the fax since
in the case where this can happen, both sides have agreed to switch to
T.38 and Asterisk is unable to do so.
Review: https://reviewboard.asterisk.org/r/4320/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430415 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Updated the queues.conf.sample file to explicitly state which channel queue
variables are propagated to.
ASTERISK-24267
Reported by: Mitch Claborn
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430126 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The QUEUESTART log entry has historically acted like a fully booted event
for the queue_log file. When the QUEUESTART entry was posted to the log
was broken by the change made by ASTERISK-15863.
* Made post the QUEUESTART queue_log entry when Asterisk fully boots.
This restores the intent of that log entry and happens after realtime has
had a chance to load.
AST-1444 #close
Reported by: Denis Martinez
Review: https://reviewboard.asterisk.org/r/4282/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@430009 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Given the following scenario:
* Three SIP phones (A, B, C), all communicating via a proxy with Asterisk
* A call is established between A and B. B performs a SIP attended transfer of
A to C. B sets the call on hold (A is hearing MOH) and dials the extension of
C. While phone C is ringing, B transfers the call (that is, what we typically
call a 'blond transfer').
* When the transfer completes, A hears the ringing of phone C, while B is idle.
In the SIP messaging for the above scenario, a REFER request is sent to
transfer the call. When "sendrpid=yes" is set in sip.conf, Asterisk may send an
UPDATE request to phone C to update party information. This update is sent
directly to phone C, not through the intervening proxy. This has the unfortunate
side effect of providing route information, which is then set on the sip_pvt
structure for C. If someone (e.g. B) is trying to get the call back (through a
directed pickup), Asterisk will send a CANCEL request to C. However, since we
have now updated the route set, the CANCEL request will be sent directly to C
and not through the proxy. The phone ignores this CANCEL according to RFC3261
(Section 9.1).
This patch updates reqprep such that the route is not updated if an UPDATE
request is being sent while the INVITE state is INV_PROCEEDING or
INV_EARLY_MEDIA. This ensures that a subsequent CANCEL request is still sent
to the correct location.
Review: https://reviewboard.asterisk.org/r/4279
ASTERISK-24628 #close
Reported by: Karsten Wemheuer
patches:
issue.patch uploaded by Karsten Wemheuer (License 5930)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429982 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The named ACL code incorrectly destroyed the config options information if loading
of the configuration file failed at startup. This would result in reloading
also failing even if a valid configuration file was put in place.
ASTERISK-23733 #close
Reported by: Richard Kenner
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429893 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the configuration section scheme of chan_dahdi.conf is used (keyword
dahdichan instead of channel) all setvar= options are completely ignored.
No variable defined this way appears in the created DAHDI channels.
* Move the clearing of setvar values to after the deferred processing of
dahdichan.
AST-1378 #close
Reported by: Guenther Kelleter
Patch by: Guenther Kelleter
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429825 65c4cc65-6c06-0410-ace0-fbb531ad65f3
For the featdmf signaling mode the incoming MF Caller-ID information is
formatted as follows: *${CALLERID(ani2)}${CALLERID(ani)}#*${EXTEN}#
Rather than discarding the ani2 digits, populate the CALLERID(ani2) value
with what is received instead.
AST-1368 #close
Reported by: Denis Martinez
Patches:
extract_ani2_for_featdmf_v11.patch (license #5621) patch uploaded by Richard Mudgett
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429783 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r413586 (1.8) various casts were added to silence gcc 4.10 warnings.
Those fixes included things like:
-out += sprintf(out, "%%%02X", (unsigned char) *ptr);
+out += sprintf(out, "%%%02X", (unsigned) *ptr);
That works for low ascii characters, but for the high range that yields
e.g. FFFFFFC3 when C3 is expected.
This changeset:
- fixes those casts to use the 'hh' unsigned char modifier instead
- consistently uses %02x instead of %2.2x (or other non-standard usage)
- adds a few 'h' modifiers in various places
- fixes a 'replcaes' typo
- dev/urandon typo (in 13+ patch)
Review: https://reviewboard.asterisk.org/r/4263/
ASTERISK-24619 #close
Reported by: Stefan27 (on IRC)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429673 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Previously when SRTP was enabled on a channel it was not possible
to switch to T.38 as no crypto attributes would be present.
This change makes it so it is now possible. If a T.38 re-invite
comes in SRTP is terminated since in practice you can't encrypt
a UDPTL stream. Now... if we were doing T.38 over RTP (which
does exist) then we'd have a chance but almost nobody does that so
here we are.
ASTERISK-24449 #close
Reported by: Andreas Steinmetz
patches:
udptl-ignore-srtp-v2.patch submitted by Andreas Steinmetz (license 6523)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429632 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch started with David Lee's patch at
https://reviewboard.asterisk.org/r/2826/ and includes a regression fix
introduced by the ASTERISK-22455 patch.
The initialization of a mutex's lock tracking structure was not protected
in a critical section. This is fine for any mutex that is explicitly
initialized, but a static mutex may have its lock tracking double
initialized if multiple threads attempt the first lock simultaneously.
* Added a global mutex to properly serialize initialization of the lock
tracking structure. The painful global lock can be mitigated by adding a
double checked lock flag as discussed on the original review request.
* Defer lock tracking initialization until first use.
* Don't be "helpful" and initialize an uninitialized lock when
DEBUG_THREADS is enabled. Debug code is not supposed to fix or change
normal code behavior. We don't need a lock initialization race that would
force a re-setup of lock tracking. Lock tracking already handles
initialization on first use.
* Properly handle allocation failures of the lock tracking structure.
* No need to initialize tracking data in __ast_pthread_mutex_destroy()
just to turn around and destroy it.
The regression introduced by ASTERISK-22455 is the result of manipulating
a pthread_mutex_t struct outside of the pthread library code. The
pthread_mutex_t struct seems to have a global linked list pointer member
that can get changed by other threads. Therefore, saving and restoring
the contents of a pthread_mutex_t struct is a bad thing.
Thanks to Thomas Airmont for finding this obscure regression.
* Don't overwrite the struct ast_lock_track.reentr_mutex member to restore
tracking data in __ast_cond_wait() and __ast_cond_timedwait(). The
pthread_mutex_t struct must be treated as a read-only opaque variable.
Miscellaneous other items fixed by this patch:
* Match ast_suspend_lock_info() with ast_restore_lock_info() in
__ast_cond_timedwait().
* Made some uninitialized lock sanity checks return EINVAL and try a
DO_THREAD_CRASH.
* Fix bad canlog initialization expressions.
ASTERISK-24614 #close
Reported by: Thomas Airmont
Review: https://reviewboard.asterisk.org/r/4247/
Review: https://reviewboard.asterisk.org/r/2826/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429539 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The Verbose message displayed when a file is played back via 'stream file'
was formatted differently than other playbacks:
* It didn't include the channel name
* It didn't include the channel language
It does, however, include the playback offset as well as any escape digits.
That information was kept; however, this patch updates the formatting to more
closely match the Verbose messages displayed when a file is played back by
'control stream file', Playback, ControlPlayback, or any other file playback
operation.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429517 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Frames with a payload length of 0 were incorrectly handled in res_http_websocket.
Provided a frame with a payload had been received prior it was possible for a double
free to occur. The realloc operation would succeed (thus freeing the payload) but be
treated as an error. When the session was then torn down the payload would be
freed again causing a crash. The read function now takes this into account.
This change also fixes assumptions made by users of res_http_websocket. There is no
guarantee that a frame received from it will be NULL terminated.
ASTERISK-24472 #close
Reported by: Badalian Vyacheslav
Review: https://reviewboard.asterisk.org/r/4220/
Review: https://reviewboard.asterisk.org/r/4219/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429270 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When repeatedly starting/stopping a Monitor on a channel, the accumulated
in/out sample counts are never reset to 0. This can cause inadvertent jumps
in the recordings, as the code in the channel core will determine incorrectly
that a jump in the recorded file position should occur. Setting the sample
counts to 0 simply reflects the initial state a Monitor should be in when it
is started, as this is the initial count that would be on the channels at that
time.
ASTERISK-24573 #close
Reported by: Nuno Borges
patches:
24573.patch uploaded by Nuno Borges (License 6116)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429031 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the app_meetme module is loaded without its configuration file, the
module settings aren't initialized. In particular, this impacts the use
of logging realtime members. This patch guarantees that we always set the
default module settings on initial load.
Review: https://reviewboard.asterisk.org/r/4242/
ASTERISK-24572 #close
Reported by: Nuno Borges
patches:
24572.patch uploaded by Nuno Borges (License 6116)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@429027 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The UW IMAP library is instrinsically not thread-safe, and relies upon higher
level applications to guarantee thread safety. For the most part, this is
provided by the vms object, which provides locking for individual streams.
Unfortunately, this is not sufficient for calls to mail_open which create the
IMAP stream. mail_open can, on some systems, call into a UW IMAP specific
function for determining the address of a system based on a hostname,
ip_nametoaddr.
In the ip6_unix implementation of this function, static variables are used
to hold parsing buffers. This can cause a crash if multiple threads attempt
to convert a hostname to an address at the same time. Locking on a single
mail stream is not sufficient to prevent simultaneous access to these static
variables.
In the IMAP library, this function can be called from the mail_open and
imap_status functions. As the imap_status function is not used by
app_voicemail, locking on access to mail_open is sufficient to prevent
any mangling of the buffers.
Review: https://reviewboard.asterisk.org/r/4188/
ASTERISK-24516 #close
Reported by: David Duncan Ross Palmer
Tested by: David Duncan Ross Palmer
patches:
ASTERISK-24516.diff uploaded by David Duncan Ross Palmer (License 6660)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428863 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch makes a small rearrangement to only do dialplan lookups during
loopback switches if the pattern matches. Prior to this patch, the dialplan
lookups were always performed, even when the result would be discarded.
Dialplan lookups can be very costly if remote switches - like DUNDi - are
present. In those cases extension matching is sped up considerably, making
the issue of lost digits more manageable.
As collateral damage, 6 trailing spaces were killed.
Review: https://reviewboard.asterisk.org/r/4211
ASTERISK-24577 #close
Reported by: Birger Harzenetter
patches:
ast-loopback.patch uploaded by Birger Harzenetter (License 5870)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428787 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The Record dialplan function trims 1/4 of a second from the end of recordings in case
they are terminated because of DTMF. When hanging up, however, you don't want this to happen.
This change makes it so on hangup this does not occur.
ASTERISK-24530 #close
Reported by: Ben Smithurst
patches:
app_record_v2.diff submitted by Ben Smithurst (license 6529)
Review: https://reviewboard.asterisk.org/r/4201/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428653 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When shutting down Asterisk that has an active AMI connection, you get
several "failed to extend from %d to %d" messages because use of the
EVENT_FLAG_SHUTDOWN attempts to add all AMI permission strings to the
event.
* Created MAX_AUTH_PERM_STRING to use when creating stack based struct
ast_str variables used with the authority_to_str() and
user_authority_to_str() functions instead of a variety of magic numbers
that could be too small.
* Added a special check for EVENT_FLAG_SHUTDOWN to authority_to_str() so
it will not attempt to add all permission level strings.
Review: https://reviewboard.asterisk.org/r/4200/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428570 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this commit, the address family of the first item in an ACL
was used to compare all incoming traffic. This could lead to traffic
of other IP address families bypassing ACLs.
ASTERISK-24469 #close
Reported by Matt Jordan
Patches:
ASTERISK-24469-11.diff uploaded by Matt Jordan (License #6283)
AST-2014-012
........
Merged revisions 428402 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428417 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The DB dialplan function when executed from an external protocol (for instance
AMI), could result in a privilege escalation.
Asterisk now inhibits the DB function from being executed from an external
interface if the live_dangerously option is set to no.
ASTERISK-24534
Reported by: Gareth Palmer
patches: submitted by Gareth Palmer (license 5169)
........
Merged revisions 428331 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428363 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Confbridge dialplan function permission escalation via AMI and inappropriate
class authorization on the ConfbridgeStartRecord action. The CONFBRIDGE dialplan
function when executed from an external protocol (for instance AMI), could
result in a privilege escalation. Also, the AMI action “ConfbridgeStartRecord”
could also be used to execute arbitrary system commands without first checking
for system access.
Asterisk now inhibits the CONFBRIDGE function from being executed from an
external interface if the live_dangerously option is set to no. Also, the
“ConfbridgeStartRecord” AMI action is now only allowed to execute under a
user with system level access.
ASTERISK-24490
Reported by: Gareth Palmer
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@428332 65c4cc65-6c06-0410-ace0-fbb531ad65f3
