Since DETECT_DEADLOCKS is now split from DEBUG_THREADS, it must
always be included in buildopts.h instead of only when
ADD_CFLAGS_TO_BUILDOPTS_H is defined. A SEGV will result otherwise.
Resolves: #719
(cherry picked from commit af3dd9e2e3)
Fixed crash error when cli "module reload". The error appears when
compiling with res_prometheus and using the sorcery memory cache for
registrations
(cherry picked from commit 726abbb949)
Commit f2f397c1a8 previously
made it possible to send Caller ID parameters to FXS stations
which, prior to that, could not be sent.
This change is complementary in that we now handle receiving
all these parameters on FXO lines and provide these up to
the dialplan, via chan_dahdi. In particular:
* If a redirecting reason is provided, the channel's redirecting
reason is set. No redirecting number is set, since there is
no parameter for this in the Caller ID protocol, but the reason
can be checked to determine if and why a call was forwarded.
* If the Call Qualifier parameter is received, the Call Qualifier
variable is set.
* Some comments have been added to explain why some of the code
is the way it is, to assist other people looking at it.
With this change, Asterisk's Caller ID implementation is now
reasonably complete for both FXS and FXO operation.
Resolves: #681
(cherry picked from commit 44381b2fe9)
If you're tracing a large function that may call another function
multiple times in different circumstances, it can be difficult to
see from the trace output exactly which location that function
was called from. There's no good way to automatically determine
the calling location. SCOPE_CALL and SCOPE_CALL_WITH_RESULT
simply print out a trace line before and after the call.
The difference between SCOPE_CALL and SCOPE_CALL_WITH_RESULT is
that SCOPE_CALL ignores the function's return value (if any) where
SCOPE_CALL_WITH_RESULT allows you to specify the type of the
function's return value so it can be assigned to a variable.
SCOPE_CALL_WITH_INT_RESULT is just a wrapper for SCOPE_CALL_WITH_RESULT
and the "int" return type.
(cherry picked from commit 2dc89afb2c)
The existing code sets the queue strategy to `ringall` but it is then
immediately overwritten with an invalid one.
Fixes#707
(cherry picked from commit 9de1bc7204)
rtp_engine.c and stun.c were calling ast_register_cleanup which
is skipped if any loadable module can't be cleanly unloaded
when asterisk shuts down. Since this will always be the case,
their cleanup functions never get run. In a practical sense
this makes no difference since asterisk is shutting down but if
you're in development mode and trying to use the leak sanitizer,
the leaks from both of those modules clutter up the output.
(cherry picked from commit c31d3dfd18)
Emit a warning if REDIRECTING(reason) is set to an invalid
reason, consistent with what happens when
REDIRECTING(orig-reason) is set to an invalid reason.
Resolves: #683
(cherry picked from commit c16e3c2ac5)
* Add an AMI action to correspond to the "dahdi show status"
command, allowing span information to be retrieved via AMI.
* Show span number and sig type in "dahdi show channels".
Resolves: #673
(cherry picked from commit 676c7d6ae0)
Add a new identify_by option to res_pjsip_endpoint_identifier_ip
called 'transport' this matches endpoints based on the bound
ip address (local) instead of the 'ip' option, which matches on
the source ip address (remote).
UserNote: set identify_by=transport for the pjsip endpoint. Then
use the existing 'match' option and the new 'transport' option of
the identify.
Fixes: #672
(cherry picked from commit 7c3e2cfda9)
* OpenSSL 1.0.2 doesn't support X509_get0_pubkey so we now use
X509_get_pubkey. The difference is that X509_get_pubkey requires
the caller to free the EVP_PKEY themselves so we now let
RAII_VAR do that.
* OpenSSL 1.0.2 doesn't support upreffing an X509_STORE so we now
wrap it in an ao2 object.
* OpenSSL 1.0.2 doesn't support X509_STORE_get0_objects to get all
the certs from an X509_STORE and there's no easy way to polyfill
it so the CLI commands that list profiles will show a "not
supported" message instead of listing the certs in a store.
Resolves: #676
(cherry picked from commit af6002564b)
There were a few references in the embedded documentation XML
where the case didn't match or where the referenced app or function
simply didn't exist any more. These were causing 404 responses
in docs.asterisk.org.
(cherry picked from commit 3fb9d89586)
Add ability to match against PJSIP request URI.
UserNote: this new feature let users match endpoints based on the
indound SIP requests' URI. To do so, add 'request_uri' to the
endpoint's 'identify_by' option. The 'match_request_uri' option of
the identify can be an exact match for the entire request uri, or a
regular expression (between slashes). It's quite similar to the
header identifer.
Fixes: #599
(cherry picked from commit 136bd5c892)
Commit 729cb1d390 added logic to retry
opening DAHDI channels on "dahdi restart" if they failed initially,
up to 1,000 times in a loop, to address cases where the channel was
still in use. However, this retry loop does not use the actual error,
which means chan_dahdi will also retry opening nonexistent channels
1,000 times per channel, causing a flood of unnecessary warning logs
for an operation that will never succeed, with tens or hundreds of
thousands of open attempts being made.
The original patch would have been more targeted if it only retried
on the specific relevant error (likely EBUSY, although it's hard to
say since the original issue is no longer available).
To avoid the problem above while avoiding the possibility of breakage,
this skips the retry logic if the error is ENXIO (No such device or
address), since this will never succeed.
Resolves: #669
(cherry picked from commit 4e244528b3)
This commit introduces configurable TCP keepalive settings for both TCP and TLS transports. The changes allow for finer control over TCP connection keepalives, enhancing stability and reliability in environments prone to connection timeouts or where intermediate devices may prematurely close idle connections. This has proven necessary and has already been tested in production in several specialized environments where access to the underlying transport is unreliable in ways invisible to the operating system directly, so these keepalive and timeout mechanisms are necessary.
Fixes#657
(cherry picked from commit 3d40d34271)
There was functionality in chan_sip to get REFER headers, with GET_TRANSFERRER_DATA variable. This commit implements the same functionality in pjsip, to ease transfer from chan_sip to pjsip.
Fixes: #579
UserNote: the GET_TRANSFERRER_DATA dialplan variable can now be used also in pjsip.
(cherry picked from commit f3de77f91f)
SQLAlchemy 2.0 changed the way that commits/rollbacks are handled
causing the final `UPDATE` to our `alembic_version_<whatever>` tables
to be rolled back instead of committed.
We now use one connection to determine which
`alembic_version_<whatever>` table to use and another to run the
actual migrations. This prevents the erroneous rollback.
This change is compatible with both SQLAlchemy 1.4 and 2.0.
(cherry picked from commit 8715a700e2)
manager.c: Add new parameter 'PreDialGoSub' to Originate AMI action
The action originate does not has the ability to run an subroutine at initial channel, like the Aplication Originate. This update give this ability for de action originate too.
For example, we can run a routine via Gosub on the channel to request an automatic answer, so the caller does not need to accept the call when using the originate command via manager, making the operation more efficient.
UserNote: When using the Originate AMI Action, we now can pass the PreDialGoSub parameter, instructing the asterisk to perform an subrouting at channel before call start. With this parameter an call initiated by AMI can request the channel to start the call automaticaly, adding a SIP header to using GoSUB, instructing to autoanswer the channel, and proceeding the outbuound extension executing. Exemple of an context to perform the previus indication:
[addautoanswer]
exten => _s,1,Set(PJSIP_HEADER(add,Call-Info)=answer-after=0)
exten => _s,n,Set(PJSIP_HEADER(add,Alert-Info)=answer-after=0)
exten => _s,n,Return()
(cherry picked from commit 97c0388830)
It is possible for dialplan to result in an infinite
recursion of variable substitution, which eventually
leads to stack overflow. If we detect this, abort
substitution and log an error for the user to fix
the broken dialplan.
Resolves: #480
UpgradeNote: The maximum amount of dialplan recursion
using variable substitution (such as by using EVAL_EXTEN)
is capped at 15.
(cherry picked from commit 6991d36332)
The prometheus exposition format requires each line to be unique[1].
This is handled by struct prometheus_metric having a list of children
that is managed when registering a metric. In case the scrape callback
is used, it is the responsibility of the implementation to handle this
correctly.
Originally the bridge callback didn't handle NULL snapshots, the crash
fix lead to NULL metrics, and fixing that lead to duplicates.
The original code assumed that snapshots are not NULL and then relied on
"if (i > 0)" to establish the parent/children relationship between
metrics of the same class. This is not workerable as the first bridge
might be invisible/lacks a snapshot.
Fix this by keeping a separate array of the first metric by class.
Instead of relying on the index of the bridge, check whether the array
has an entry. Use that array for the output.
Add a test case that verifies that the help text is not duplicated.
Resolves: #642
[1] https://prometheus.io/docs/instrumenting/exposition_formats/#grouping-and-sorting
(cherry picked from commit d11eba69a6)
This adds a CLI command that can be used to manually
kick specific AMI sessions.
Resolves: #485
UserNote: The "manager kick session" CLI command now
allows kicking a specified AMI session.
(cherry picked from commit 3b9f3c0bbf)
The existing "waitfordialtone" setting in chan_dahdi.conf
applies permanently to a specific channel, regardless of
how it is being used. This rather restrictively prevents
a system from simultaneously being able to pick free lines
for outgoing calls while also allowing barge-in to a trunk
by some other arrangement.
This allows specifying "waitfordialtone" using the CHANNEL
function for only the next call that will be placed, allowing
significantly more flexibility in the use of trunk interfaces.
Resolves: #472
UserNote: "waitfordialtone" may now be specified for DAHDI
trunk channels on a per-call basis using the CHANNEL function.
(cherry picked from commit 8dd77df69b)
Currently, if a parking lot is full, bridge setup returns -1,
causing dialplan execution to terminate without TryExec.
However, such failures should be handled more gracefully,
the same way they are on other paths, as indicated by the
module's author, here:
http://lists.digium.com/pipermail/asterisk-dev/2018-December/077144.html
Now, callers will hear the parking failure announcement, and dialplan
will continue, which is consistent with existing failure modes.
Resolves: #624
(cherry picked from commit b05865d8e9)
In handle_negotiated_sdp the pending_media_state->read_callbacks must be
reset before they are added in the SDP handlers in
handle_negotiated_sdp_session_media. Otherwise, old callbacks for
removed streams and file descriptors could be added to the channel and
Asterisk would poll on non-existing file descriptors.
Resolves: #611
(cherry picked from commit 3d71b494d8)
Code was added in 030f7d41 to warn if an unrecognized option was
passed to an application, but code in Monitor was taking advantage of
the fact that the application would silently accept an invalid option.
We now recognize the invalid option but we don't do anything if it's
set.
Fixes#639
(cherry picked from commit 6938b7f962)
* Added checks for missing session, session->channel and rdata
in stir_shaken_incoming_request.
* Added checks for missing session, session->channel and tdata
in stir_shaken_outgoing_request.
Resolves: #645
Add a timeout option to control the amount of time
to wait if no early media is received before giving
up. This allows aborting early if the destination
is not being responsive.
Resolves: #588
UserNote: The timeout argument to Dial now allows
specifying the maximum amount of time to dial if
early media is not received.
(cherry picked from commit e4adc962ca)
Most app_voicemail unit tests were not properly cleaning up
after themselves after running. This led to test mailboxes
lingering around in the system. It also meant that if any
unit tests in app_voicemail that create mailboxes were executed
and the module was not unloaded/loaded again prior to running
the test_voicemail_vm_info unit test, Asterisk would segfault
due to an attempt to copy a NULL string.
The load_config test did actually have logic to reinitialize
the config after the test. However, this did not work in practice
since load_config() would not reload the config since voicemail.conf
had not changed during the test; thus, additional logic has been
added to ensure that voicemail.conf is truly reloaded, after any
unit tests which modify the users list.
This prevents the SEGV due to invalid mailboxes lingering around,
and also ensures that the system state is restored to what it was
prior to the tests running.
Resolves: #629
(cherry picked from commit 082966bdad)
This adds an option to allow preventing callers from leaving
messages marked as 'urgent'.
Resolves: #619
UserNote: The leaveurgent mailbox option can now be used to
control whether callers may leave messages marked as 'Urgent'.
(cherry picked from commit 3c42b141d7)
This migrates the relevant schema objects from the `('yes', 'no')`
definition to the `('0', '1', 'off', 'on', 'false', 'true', 'yes', 'no')`
one.
Fixes#617
(cherry picked from commit 93e40968c3)
In as_check_common_config, we were calling ast_std_free on
raw_key but raw_key was allocated with ast_malloc so it
should be freed with ast_free.
Resolves: #636
(cherry picked from commit 267348bee3)
The default location for the stir_shaken cache is
/var/lib/asterisk/keys/stir_shaken/cache but we were only creating
/var/lib/asterisk/keys/stir_shaken on istall. We now create
the cache sub-directory.
Resolves: #634
(cherry picked from commit df0221b53d)
Why do we need a refactor?
The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation. The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.
There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.
Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use. With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.
What's changed?
* Configuration objects have been refactored to be clearer about
their uses and to fix issues.
* The "general" object was renamed to "verification" since it
contains parameters specific to the incoming verification
process. It also never handled ca_path and crl_path
correctly.
* A new "attestation" object was added that controls the
outgoing attestation process. It sets default certificates,
keys, etc.
* The "certificate" object was renamed to "tn" and had it's key
change to telephone number since outgoing call attestation
needs to look up certificates by telephone number.
* The "profile" object had more parameters added to it that can
override default parameters specified in the "attestation"
and "verification" objects.
* The "store" object was removed altogther as it was never
implemented.
* We now use libjwt to create outgoing Identity headers and to
parse and validate signatures on incoming Identiy headers. Our
previous custom implementation was much of the source of the
interoperability issues.
* General code cleanup and refactor.
* Moved things to better places.
* Separated some of the complex functions to smaller ones.
* Using context objects rather than passing tons of parameters
in function calls.
* Removed some complexity and unneeded encapsuation from the
config objects.
Resolves: #351Resolves: #46
UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.
UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed. The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information. This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added. Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
(cherry picked from commit e6c7f1aee0)
This adds a dummy migration to 18 and 20 so that our alembic heads are
synchronized across all supported branches.
In this case the migration we are stubbing (24c12d8e9014) is:
775352ee6c
(cherry picked from commit d122225279)
