This change renames the codec preference endpoint options.
incoming_offer_codec_prefs becomes codec_prefs_incoming_offer
to keep the options together when showing an endpoint.
Change-Id: I6202965b4723777f22a83afcbbafcdafb1d11c8d
Added a new configuration option for PJSIP endpoints - stir_shaken. If
set to yes, then STIR/SHAKEN support will be added to inbound and
outbound INVITEs. The default is no. Alembic has been updated to include
this option.
Previously the dialplan function was not trimming the whitespace from
the parameters it recieved. Now it does.
Also added a conditional that, when TEST_FRAMEWORK is enabled, the
timestamp in the identity header will be overlooked. This is just for
testing, since the testsuite will rely on a SIPp scenario with a preset
identity header to trigger the MISMATCH result.
Change-Id: I43d67f1489b8c1c5729ed3ca8d71e35ddf438df1
This commit adds the endpoint options required to control
Advanced Codec Negotiation.
incoming_offer_codec_prefs
outgoing_offer_codec_prefs
incoming_answer_codec_prefs
outgoing_answer_codec_prefs
The documentation may need tweaking and some additional edits
added, especially for the "answer" prefs. That'll be handled
when things finalize.
This commit is safe to merge as it doens't alter any existing
functionality nor does it alter the previous codec negotiation
work which may now be obsolete.
Change-Id: I920ba925d7dd36430dfd2ebd9d82d23f123d0e11
Currently when the pjsip making an outgoing request, it keep adding the
rport parameter in a request message as a default.
This causes unexpected rport handle at the other end.
Added option for disable this behaviour in the pjsip.conf.
This is a system option, but working as a gloabl option.
ASTERISK-28959
Change-Id: I9596675e52a742774738b5aad5d1fec32f477abc
You cannot cast a pjsip_uri to a pjsip_sip_uri using pjsip_uri_get_uri,
without checking that it's a PJSIP_URI_SCHEME_IS_SIP(S).
ASTERISK-28936
Change-Id: I9f572b3677e4730458e9402719e580f8681afe2a
Integrated STIR/SHAKEN support with incoming INVITES. Upon receiving an
INVITE, the Identity header is retrieved, parsing the message to verify
the signature. If any of the parsing fails,
AST_STIR_SHAKEN_VERIFY_NOT_PRESENT will be added to the channel for this
caller ID. If verification itself fails,
AST_STIR_SHAKEN_VERIFY_SIGNATURE_FAILED will be added. If anything in
the payload does not line up with the SIP signaling,
AST_STIR_SHAKEN_VERIFY_MISMATCH will be added. If all of the above steps
pass, then AST_STIR_SHAKEN_VERIFY_PASSED will be added, completing the
verification process.
A new config option has been added to the general section for
stir_shaken.conf. "signature_timeout" is the amount of time a signature
will be considered valid. If an INVITE is received and the amount of
time between when it was received and when it was signed is greater than
signature_timeout, verification will fail.
Some changes were also made to signing and verification. There was an
error where the whole JSON string was being signed rather than the
header combined with the payload. This has been changed to sign the
correct thing. Verification has been changed to do this as well, and the
unit tests have been updated to reflect these changes.
A couple of utility functions have also been added. One decodes a BASE64
string and returns the decoded string, doing all the length calculations
for you. The other retrieves a string value from a header in a rdata
object.
Change-Id: I855f857be3d1c63b64812ac35d9ce0534085b913
When replacing the user portion of the Contact URI the code
was using the ephemeral pool instead of the tdata pool. This
could cause the Contact user value to become invalid after a
period of time.
The code will now use the tdata pool which persists for the
lifetime of the message instead.
ASTERISK-28794
Change-Id: I31e7b958e397cbdaeedd0ebb70bcf8dd2ed3c4d5
This unit test runs through combinations of...
* Local codecs
* Remote Codecs
* Codec Preference
* Incoming/Outgoing
A few new APIs were created to make it easier to test
the functionality but didn't result in any actual
functional change.
ASTERISK_28777
Change-Id: Ic8957c43e7ceeab0e9272af60ea53f056164f164
Based on this new endpoint setting, a joint list of preferred codecs
between those received from the Asterisk core (remote), and those
specified in the endpoint's "allow" parameter (local) is created and
is used to create the outgoing SDP offer.
* Add outgoing_call_offer_pref to pjsip_configuration (endpoint)
* Add "call_direction" to res_pjsip_session.
* Update pjsip_session_caps.c to make the functions more generic
so they could be used for both incoming and outgoing.
* Update ast_sip_session_create_outgoing to create the
pending_media_state->topology with the results of
ast_sip_session_create_joint_call_stream().
* The endpoint "preferred_codec_only" option now automatically sets
AST_SIP_CALL_CODEC_PREF_FIRST in incoming_call_offer_pref.
* A helper function ast_stream_get_format_count() was added to
streams to return the current count of formats.
ASTERISK-28777
Change-Id: Id4ec0b4a906c2ae5885bf947f101c59059935437
Add a new option, incoming_call_offer_pref, to res_pjsip endpoints that
specifies the preferred order of codecs after receiving an offer.
This patch does the following:
Adds a new enumeration, ast_sip_call_codec_pref, used by the the new
configuration option that's added to the endpoint media structure.
Adds a new ast_sip_session_caps structure that's set for each session media
object.
Creates a new file, res_pjsip_session_caps that "implements" the new
structure and option, and is compiled into the res_pjsip_session library.
ASTERISK-28756 #close
Change-Id: I35e7a2a0c236cfb6bd9cdf89539f57a1ffefc76f
Both res_pjsip and res_pjsip_mwi made use of serializer pools. However, they
both implemented their own serializer pool functionality that was pretty much
identical in each of the source files. This patch removes the duplicated code,
and uses the new 'ast_serializer_pool' object instead.
Additionally res_pjsip_mwi enables a shutdown group on the pool since if the
timing was right the module could be unloaded while taskprocessor threads still
needed to execute, thus causing a crash.
Change-Id: I959b0805ad024585bbb6276593118be34fbf6e1d
Updated ast_sip_create_rdata_with_contact and registrar_find_contact
to check the return from pjsip_parse_uri before attempting to
use the uri returned.
ASTERISK-28402
Reported-by: Ross Beer
Change-Id: I9810b3b163c45ed5a56ec743586e5ce107f13ba7
Added a new PJSIP global setting called norefersub.
Default is true to keep support working as before.
res_pjsip_refer: Configures PJSIP norefersub capability accordingly.
Checks the PJSIP global setting value.
If it is true (default) it adds the norefersub capability to PJSIP.
If it is false (disabled) it does not add the norefersub capability
to PJSIP.
This is useful for Cisco switches that do not follow RFC4488.
ASTERISK-28375 #close
Reported-by: Dan Cropp
Change-Id: I0b1c28ebc905d881f4a16e752715487a688b30e9
chan_sip will always ignore 183 responses that do not contain SDP
however, chan_pjsip will currently always translate it into a
183 with SDP. This new flag allows chan_pjsip to have the same
behavior as chan_sip.
ASTERISK-28322 #close
Change-Id: If81cfaa17c11b6ac703e3d71696f259d86c6be4a
To prevent one subsystem's taskprocessors from causing others
to stall, new capabilities have been added to taskprocessors.
* Any taskprocessor name that has a '/' will have the part
before the '/' saved as its "subsystem".
Examples:
"sorcery/acl-0000006a" and "sorcery/aor-00000019"
will be grouped to subsystem "sorcery".
"pjsip/distributor-00000025" and "pjsip/distributor-00000026"
will bn grouped to subsystem "pjsip".
Taskprocessors with no '/' have an empty subsystem.
* When a taskprocessor enters high-water alert status and it
has a non-empty subsystem, the subsystem alert count will
be incremented.
* When a taskprocessor leaves high-water alert status and it
has a non-empty subsystem, the subsystem alert count will be
decremented.
* A new api ast_taskprocessor_get_subsystem_alert() has been
added that returns the number of taskprocessors in alert for
the subsystem.
* A new CLI command "core show taskprocessor alerted subsystems"
has been added.
* A new unit test was addded.
REMINDER: The taskprocessor code itself doesn't take any action
based on high-water alerts or overloading. It's up to taskprocessor
users to check and take action themselves. Currently only the pjsip
distributor does this.
* A new pjsip/global option "taskprocessor_overload_trigger"
has been added that allows the user to select the trigger
mechanism the distributor uses to pause accepting new requests.
"none": Don't pause on any overload condition.
"global": Pause on ANY taskprocessor overload (the default and
current behavior)
"pjsip_only": Pause only on pjsip taskprocessor overloads.
* The core pjsip pool was renamed from "SIP" to "pjsip" so it can
be properly grouped into the "pjsip" subsystem.
* stasis taskprocessor names were changed to "stasis" as the
subsystem.
* Sorcery core taskprocessor names were changed to "sorcery" to
match the object taskprocessors.
Change-Id: I8c19068bb2fc26610a9f0b8624bdf577a04fcd56
The commit I2f97ebfa79969a36a97bb7b9afd5b6268cf1a07d removed sending out
the ContactStatus AMI event when a contact is updated.
Thist change broke things which rely on old behavior.
This patch adds a new PJSIP global configuration option
'send_contact_status_on_update_registration' to be able to preserve old
ContactStatus behavior.
By default new behavior, i.e. the ContactStatus event will not be sent when a
device refreshes its registration.
Change-Id: I706adf7584e7077eb6bde6d9799ca408bc82ce46
The use of a '|' in the "global/debug" synopsis documentation caused the
generated html table on the wiki to add an extra column that included the
text after the pipe.
This patch replaces the pipe with a comma.
ASTERISK-28150
Change-Id: I3d79a6ca6d733d9cb290e779438114884b98a719
The current round-robin method does not take the current taskprocessor
load into consideration when distributing requests. Using the least-size
method the request goes to the taskprocessor that is servicing the least
number of active tasks at the current time.
Longer running tasks with the round-robin method can delay processing
tasks.
* Change the algorithm from round-robin to least-size for picking the
PJSIP taskprocessor from the default serializer pool.
Change-Id: I7b8d8cc2c2490494f579374b6af0a4868e3a37cd
This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.
The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.
The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.
The default value is 'yes' for both options.
Change-Id: I16af967815efd904597ec2f033337e4333d097cd
This change implements a few different generic things which were brought
on by Google Voice SIP.
1. The concept of flow transports have been introduced. These are
configurable transports in pjsip.conf which can be used to reference a
flow of signaling to a target. These have runtime configuration that can
be changed by the signaling itself (such as Service-Routes and
P-Preferred-Identity). When used these guarantee an individual connection
(in the case of TCP or TLS) even if multiple flow transports exist to the
same target.
2. Service-Routes (RFC 3608) support has been added to the outbound
registration module which when received will be stored on the flow
transport and used for requests referencing it.
3. P-Associated-URI / P-Preferred-Identity (RFC 3325) support has been
added to the outbound registration module. If a P-Associated-URI header
is received it will be used on requests as the P-Preferred-Identity.
4. Configurable outbound extension support has been added to the outbound
registration module. When set the extension will be placed in the
Supported header.
5. Header parameters can now be configured on an outbound registration
which will be placed in the Contact header.
6. Google specific OAuth / Bearer token authentication
(draft-ietf-sipcore-sip-authn-02) has been added to the outbound
registration module.
All functionality changes are controlled by pjsip.conf configuration
options and do not affect non-configured pjsip endpoints otherwise.
ASTERISK-27971 #close
Change-Id: Id214c2d1c550a41fcf564b7df8f3da7be565bd58
Both pjsip_tx_data.tp_info.dst_name and pjsip_rx_data.pkt_info.src_name
store IPv6 addresses without enclosing brackets. This causes some log
output to be confusing because it is difficult to separate the IPv6
address from a port specification.
* Use pj_sockaddr_print() along with pjsip_tx_data.tp_info.dst_addr and
pjsip_rx_data.pkt_info.src_addr where possible for consistent IPv6
output.
* When a pj_sockaddr is not available, explicitly wrap IPv6 addresses
in brackets.
* When assigning pjsip_rx_data.pkt_info.src_name ourselves, make sure
to also set pjsip_rx_data.pkt_info.src_addr.
Change-Id: I5cfe997ced7883862a12b9c7d8551d76ae02fcf8
If a SIP MESSAGE is triggered for an endpoint that is currently not registered
- and therefore has no valid contact associated - an error message was logged.
Since this is a valid request in a valid use cases this is now changed to a
warning, as discussed with Matt Fredrickson on the asterisk-dev mailing list.
Change-Id: I55eb62d2712818a58c7532119dec288bd98cf0c0
A change recently went in which disabled the built-in PJSIP
keepalive. This defaulted to 90 seconds and kept TCP/TLS
connections alive. Disabling this functionality has resulted
in a behavior change of not doing keepalives by default resulting
in TCP/TLS connections dropping for some people.
This change makes our default keepalive interval 90 seconds
to match the previous behavior and preserve it.
ASTERISK-27978
Change-Id: Ibd9a45f3cbe5d9bb6d2161268696645ff781b1d6
A problem I've seen countless times is a global or system section
for PJSIP not getting applied. This is inevitably the result of
the "type=" line missing. This change alleviates that problem.
The ability to specify an explicit section name has been
added to res_sorcery_config. If the configured section
name matches this and there are no unknown things configured
the section is taken as being for the given type.
Both the PJSIP "global" and "system" types now support this
so you can just name your section "global" or "system" and it
will be matched and used, even without a "type=" line.
ASTERISK-27972
Change-Id: Ie22723663c1ddd24f869af8c9b4c1b59e2476893
A new option 'suppress_q850_reason_headers' has been added to the
endpoint object. Some devices can't accept multiple Reason headers and
get confused when both 'SIP' and 'Q.850' Reason headers are received.
This option allows the 'Q.850' Reason header to be suppressed.
The default value is 'no'.
ASTERISK-27949
Reported-by: Ross Beer
Change-Id: I54cf37a827d77de2079256bb3de7e90fa5e1deb1
The Websocket transport uses the built-in HTTP server. As a result
the TLS configuration is done in http.conf and not in pjsip.conf.
This change adds a warning if this is configured in pjsip.conf and
also clarifies in the sample configuration file.
Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9
pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response. We handle this correctly. There have
been reported cases where the To tag is the same but we still need to
follow the media. The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime. The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.
So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.
The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.
Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer
The OPTIONS support in PJSIP has organically grown, like many things in
Asterisk. It has been tweaked, changed, and adapted based on situations
run into. Unfortunately this has taken its toll. Configuration file
based objects have poor performance and even dynamic ones aren't that
great.
This change scraps the existing code and starts fresh with new eyes. It
leverages all of the APIs made available such as sorcery observers and
serializers to provide a better implementation.
1. The state of contacts, AORs, and endpoints relevant to the qualify
process is maintained. This state can be updated by external forces (such
as a device registering/unregistering) and also the reload process. This
state also includes the association between endpoints and AORs.
2. AORs are scheduled and not contacts. This reduces the amount of work
spent juggling scheduled items.
3. Manipulation of which AORs are being qualified and the endpoint states
all occur within a serializer to reduce the conflict that can occur with
multiple threads attempting to modify things.
4. Operations regarding an AOR use a serializer specific to that AOR.
5. AORs and endpoint state act as state compositors. They take input
from lower level objects (contacts feed AORs, AORs feed endpoint state)
and determine if a sufficient enough change has occurred to be fed further
up the chain.
6. Realtime is supported by using observers to know when a contact has
been registered. If state does not exist for the associated AOR then it
is retrieved and becomes active as appropriate.
The end result of all of this is best shown with a configuration file of
3000 endpoints each with an AOR that has a static contact. In the old
code it would take over a minute to load and use all 8 of my cores. This
new code takes 2-3 seconds and barely touches the CPU even while dealing
with all of the OPTIONS requests.
ASTERISK-26806
Change-Id: I6a5ebbfca9001dfe933eaeac4d3babd8d2e6f082
ast_sip_push_task_synchronous() did not necessarily execute the passed in
task under the specified serializer. If the current thread is any
registered pjsip thread then it would execute the task immediately instead
of under the specified serializer. Reentrancy issues could result if the
task does not execute with the right serializer.
The original reason ast_sip_push_task_synchronous() checked to see if the
current thread was a registered pjsip thread was because of a deadlock
with masquerades and the channel technology's fixup callback
(ASTERISK_22936). A subsequent masquerade deadlock fix (ASTERISK_24356)
involving call pickups avoided the original deadlock situation entirely.
The PJSIP channel technology's fixup callback no longer needed to call
ast_sip_push_task_synchronous().
However, there are a few places where this unexpected behavior is still
required to avoid deadlocks. The pjsip monitor thread executes callbacks
that do calls to ast_sip_push_task_synchronous() that would deadlock if
the task were actually pushed to the specified serializer. I ran into one
dealing with the pubsub subscriptions where an ao2 destructor called
ast_sip_push_task_synchronous().
* Split ast_sip_push_task_synchronous() into
ast_sip_push_task_wait_servant() and ast_sip_push_task_wait_serializer().
ast_sip_push_task_wait_servant() has the old behavior of
ast_sip_push_task_synchronous(). ast_sip_push_task_wait_serializer() has
the new behavior where the task is always executed by the specified
serializer or a picked serializer if one is not passed in. Both functions
behave the same if the current thread is not a SIP servant.
* Redirected ast_sip_push_task_synchronous() to
ast_sip_push_task_wait_servant() to preserve API for released branches.
ASTERISK_26806
Change-Id: Id040fa42c0e5972f4c8deef380921461d213b9f3
This patch adds support to send in-dialog SIP NOTIFY commands on
chan_pjsip channels, similar to the functionality recently added
for chan_sip (ASTERISK_27461).
This extends res_pjsip_notify to allow for in-dialog messages.
ASTERISK-27697
Change-Id: If7f3151a6d633e414d5dc319d5efc1443c43dd29
* acl (named_acl.c)
* cdr
* cel
* ccss
* dnsmgr
* dsp
* enum
* extconfig (config.c)
* features
* http
* indications
* logger
* manager
* plc
* sounds
* udptl
These modules are now loaded at appropriate time by the module loader.
Unlike loadable modules these use AST_MODULE_LOAD_FAILURE on error so
the module loader will abort startup on failure of these modules.
Some of these modules are still initialized or shutdown from outside the
module loader. logger.c is initialized very early and shutdown very
late, manager.c is initialized by the module loader but is shutdown by
the Asterisk core (too much uses it without holding references).
Change-Id: I371a9a45064f20026c492623ea8062d02a1ab97f
The pool cache gets in the way of finding use after free errors of memory
pool contents. Tools like valgrind and MALLOC_DEBUG don't know when a
pool is released because it gets put into the cache instead of being
freed.
* Added the "cache_pools" option to pjproject.conf. Disabling the option
helps track down pool content mismanagement when using valgrind or
MALLOC_DEBUG. The cache gets in the way of determining if the pool
contents are used after free and who freed it.
To disable the pool caching simply disable the cache_pools option in
pjproject.conf and restart Asterisk.
Sample pjproject.conf setting:
[startup]
cache_pools=no
* Made current users of the caching pool factory initialization and
destruction calls call common routines to create and destroy cached pools.
ASTERISK-27704
Change-Id: I64d5befbaeed2532f93aa027a51eb52347d2b828
Since res_pjsip_transport_management provides several attack
mitigation features, its functionality moved to res_pjsip and
this module has been removed. This way the features will always
be available if res_pjsip is loaded.
ASTERISK-27618
Reported By: Sandro Gauci
Change-Id: I21a2d33d9dda001452ea040d350d7a075f9acf0d
pjsip_distributor:
authenticate() creates a tdata and uses it to send a challenge or
failure response. When pjsip_endpt_send_response2() succeeds, it
automatically decrements the tdata ref count but when it fails, it
doesn't. Since we weren't checking for a return status, we weren't
decrementing the count ourselves on error and were therefore leaking
tdatas.
res_pjsip_session:
session_reinvite_on_rx_request wasn't decrementing the ref count
if an error happened while sending a 491 response.
pre_session_setup wasn't decrementing the ref count if
while sending an error after a pjsip_inv_verify_request failure.
res_pjsip:
ast_sip_send_response wasn't decrementing the ref count on error.
ASTERISK-27618
Reported By: Sandro Gauci
Change-Id: Iab33a6c7b6fba96148ed465b690ba8534ac961bf
It was discovered that there are some corner cases where a pjsip tsx
might have no last_tx so calling ast_sip_failover_request with
a NULL last_tx as its tdata would cause a crash.
ASTERISK-27618
Reported By: Sandro Gauci
Change-Id: Ic2b63f6d4ae617c4c19dcdec2a7a6156b54fd15b
There is a dedicated slot in the pjsip_sip_uri for the 'user'
parameter, so use that instead of adding to the list of generic URI
parameters.
Change-Id: I0a0ce8a60ecee27489735bf56fd707719d8c2ed6
In an earlier release, inbound registrations on a reliable transport
were pruned on Asterisk restart since the TCP connection would have
been torn down and become unusable when Asterisk stopped. This same
process is now also applied to inbound subscriptions.
Also fixed issues in res_pjsip_registrar where it wasn't handling the
monitoring correctly when multiple registrations came in over the same
transport.
To accomplish this, the pjsip_transport_event feature needed to
be refactored to allow multiple monitors (multiple subcriptions or
registrations from the same endpoint) to exist on the same transport.
Since this changed the API, any external modules that may have used the
transport monitor feature (highly unlikey) will need to be changed.
ASTERISK-27612
Reported by: Ross Beer
Change-Id: Iee87cf4eb9b7b2b93d5739a72af52d6ca8fbbe36
This removes references that are no longer needed due to automatic
references created by module dependencies.
In addition this removes most calls to ast_module_check as they were
checking modules which are listed as dependencies.
Change-Id: I332a6e8383d4c72c8e89d988a184ab8320c4872e
