Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
event-cachability-3.diff uploaded by jcolp (license 5000)
........
Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@378323 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r375519 | rmudgett | 2012-10-30 16:06:15 -0500 (Tue, 30 Oct 2012) | 11 lines
chan_misdn: Timer primitives must be handled first.
The frm->addr is a different "address space" than the stack/instance
address of other Lx primitives. The test for B channel instance address
could fail.
Patches:
patch01_timers.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2888
........
r375520 | rmudgett | 2012-10-30 16:14:58 -0500 (Tue, 30 Oct 2012) | 10 lines
chan_misdn: Free memory in error paths and other memory leaks.
The one line commented with BUG is not easily fixable because there is no
de-init function one can call.
Patches:
patch02_memory.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2888
........
r375521 | rmudgett | 2012-10-30 16:38:41 -0500 (Tue, 30 Oct 2012) | 14 lines
chan_misdn: ISDN NT L2 de-establish/establish
* An NT-PTMP cannot de/establish L2 since it doesn't know the TEIs.
* On NT-PTP L2 is started when L1 is finally active in handle_l1.
* L2 deactivation logging cleanup.
* L2 aggregate link status is unknown for NT-PTMP, show as "UNKN".
* Removed unused functions and code for L2 handling.
Patches:
patch03_L2estab.diff (license #6372) patch uploaded by Guenther Kelleter
Modified
JIRA ABE-2888
........
r375522 | rmudgett | 2012-10-30 16:56:14 -0500 (Tue, 30 Oct 2012) | 22 lines
chan_misdn: Fix broken upper_id/lower_id usage.
Sending PH prim via lower_id layer (3 or 1) simply does not work. For TE
(3) it returns an error (len=-6) which is not evaluated by handle_l1(), so
the L1 layer status ends up wrong. Instead PH must be sent via L4, only
then does it reach L1 without an error message.
And NT PH prims only reach L1 when they are sent to layer 2 id.
--> use upper_id to send PH primitives.
* Check for errors in PH_(DE)ACTIVATE | CONFIRM.
* Debug messages are improved.
* The lower_id is now not used for anything, except: Why is lower_id layer
deleted when it wasn't created? I removed this code since it looks very
wrong.
Patches:
patch04_l1activation.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2888
........
r375523 | rmudgett | 2012-10-30 17:29:15 -0500 (Tue, 30 Oct 2012) | 31 lines
chan_misdn: Fix loss of B channels if L1 is down.
If you make 2 calls out an NT PTMP port which is not connected to any
phone, the B channel associated with that call becomes unusable until
Asterisk is restarted.
The problem is the EVENT_SETUP is queued when L1 is not up in
misdn_lib_send_event(). If L1 cannot be activated the event won't be
dequeued. It gets even worse when the call is hung up. The queued
EVENT_SETUP will be overwritten by an EVENT_DISCONNECT. The reserved B
channel then will never be freed. If later someone connects a phone to
the port, L1 will eventually activate and the queued EVENT_DISCONNECT is
sent down the stack. However, it is ignored because it is the wrong call
state.
The real fix would be that activation and queueing for a new SETUP is done
by the NT stack. But since it doesn't, the workaround must be removed
because it doesn't always work.
Fix: The event is no longer queued but immediately sent to the stack. If
L1 cannot be activated, the L3 state machine that was started by the
EVENT_SETUP will do its work, i.e. a timeout will release the B channel
properly. The SETUP possibly cannot be sent the first time but is resent
by T303 in case L1 could be activated.
Patches:
patch05_bchan-loss.diff (license #6372) patch uploaded by Guenther Kelleter
Modified
JIRA ABE-2888
........
r375524 | rmudgett | 2012-10-30 18:26:05 -0500 (Tue, 30 Oct 2012) | 13 lines
chan_misdn: Remove some calls to exit().
Try proper cleanup when something goes wrong in misdn_lib_init().
Especially do not call exit()!
* Fix memory leak because stack_destroy() does not free the stack struct.
Patches:
patch06_cleanup-init.diff (license #6372) patch uploaded by Guenther Kelleter
Modified
JIRA ABE-2888
........
Merged revisions 375519-375524 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
........
Merged revisions 375625 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@375629 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r369436 | twilson | 2012-06-27 15:58:51 -0500 (Wed, 27 Jun 2012) | 17 lines
AST-2012-010: Clean up after a reinvite that never gets a final response
The basic problem is that if a re-INVITE is sent by Asterisk and it receives a
provisional response, but no final response, then the dialog is never torn
down. In addition to leaking memory, this also leaks file descriptors and will
eventually lead to Asterisk no longer being able to process calls.
This patch just keeps track of whether there is an outstanding re-INVITE, and if
there is goes ahead and cleans up everything as though there was no outstanding
reinvite.
Review: https://reviewboard.asterisk.org/r/2009/
(closes issue ASTERISK-19992)
Reported by: Steve Davies
Tested by: Steve Davies, Terry Wilson
........
r369557 | twilson | 2012-07-03 09:27:02 -0500 (Tue, 03 Jul 2012) | 11 lines
Better handle re-INVITEs with provisional but no final repsonses
A previous attempt at fixing this issue had negative side effects related
to attended transfers which this patch should resolve. Many thanks to
Steve Davies for all of the good suggestions and testing.
(closes issue ASTERISK-19992)
Reported by: Steve Davies
Tested by: Steve Davies, Terry Wilson
Review: https://reviewboard.asterisk.org/r/2009/
........
r369579 | twilson | 2012-07-03 11:58:16 -0500 (Tue, 03 Jul 2012) | 8 lines
More improvements to re-INVITEs timing out after a provisional response
There is no need to call check_pendings() on a final response to an INVITE
when destroying the scheduler entry as it will be done later during normal
processing.
(issue ASTERISK-19992)
........
r369626 | mjordan | 2012-07-05 12:01:52 -0500 (Thu, 05 Jul 2012) | 16 lines
Do not send a BYE when a provisional response arrives during a re-INVITE
Commits r369557 and r369579 were done to improve handling of re-INVITEs
when the UA that was supposed to receive the re-INVITE fails to respond.
A limitation of those patches occurred when a UA sent a provisional
response to the re-INVITE. This triggered a sending of a BYE in
check_pending. This patch tweaks the handling of the re-INVITE such that
a BYE is not sent in response to those messages.
(issue ASTERISK-19992)
Reported by: Steve Davies
Tested by: Steve Davies
patches:
(reinvite_tweak.diff license #5012 by Steve Davies)
........
r369652 | kmoore | 2012-07-05 14:01:52 -0500 (Thu, 05 Jul 2012) | 22 lines
AST-2012-011: Resolve heap corruption issue with voicemail
The heard and deleted arrays in the voicemail state structure were not
handled properly following the memory leak fix in r354890 and a fix for
an invalid free in r356797. This could result in accessing and writing
into freed memory. The allocation for these arrays has been reworked
to avoid the possibility of invalid frees, access of freed memory, and
crashes that were occurring as a result of this.
Locking around accesses and modifications of the voicemail state
structure members dh_arraysize, heard, and deleted has been added to
prevent simultaneous modification and access when IMAP storage is in
use. If IMAP storage is not in use, this locking is not compiled in.
Review: https://reviewboard.asterisk.org/r/1994/
(closes issue ASTERISK-19923)
Reported by: Dan Delaney
Tested by: Dan Delaney, Julian Yap
Patches:
vm_alloc_fix.diff uploaded by kmoore (license 6273)
........
r372628 | rmudgett | 2012-09-07 17:06:29 -0500 (Fri, 07 Sep 2012) | 5 lines
Remove annoying unconditional debug message from INC/DEC functions.
(closes issue AST-1001)
Reported by: Guenther Kelleter
........
Merged revisions 369436,369557,369579,369626,369652,372628 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@375568 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The SIP session timer mechanism contains a mandatory 'refresher' parameter
(included in the Session-Expires header) which is used in the session timer
offer/answer signaling within a SIP Invite dialog. It looks like asterisk is
interpreting the uac resp. uas role only as the initial role of client and
server (caller is uac, callee is uas). The standard rfc 4028 however assigns
the client role to the ((RE)-Invite) requester, the server role to the
((RE)-Invite) responder.
This patch has Asterisk track the actual refresher as "us" or "them" as opposed
to relying on just the configured "uas" or "uac" properties.
(closes issue AST-922)
Reported by: Thomas Airmont
Review: https://reviewboard.asterisk.org/r/2118/
........
Merged revisions 373652 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@375024 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r370563 | rmudgett | 2012-07-30 11:47:19 -0500 (Mon, 30 Jul 2012) | 2 lines
Release B channel allocation on error path in chan_misdn.
........
r374536 | rmudgett | 2012-10-05 13:20:01 -0500 (Fri, 05 Oct 2012) | 159 lines
Merged revisions 374515-374535 from
https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
................
r374515 | rmudgett | 2012-10-04 17:52:36 -0500 (Thu, 04 Oct 2012) | 10 lines
chan_misdn: Remove some deadcode
* Made setup_bc() static.
Patches:
patch1_unused-code.diff (license #6372) patch uploaded by Guenther Kelleter
Modified
JIRA ABE-2882
................
r374516 | rmudgett | 2012-10-04 18:01:01 -0500 (Thu, 04 Oct 2012) | 7 lines
chan_misdn: Remove unused bchan states
Patches:
patch2_unused-states.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374517 | rmudgett | 2012-10-04 18:17:51 -0500 (Thu, 04 Oct 2012) | 16 lines
chan_misdn: Remove unnecessary null pointer checks and checks for stack->nt
* cleanup_bc() is always called with valid bc (or it would've crashed
before).
* Value of stack->nt is known in advance at some places.
* Rename handle_event() to handle_event_te(), handle_frm() to
handle_frm_te().
Patches:
patch3_checks.diff (license #6372) patch uploaded by Guenther Kelleter
Modified
JIRA ABE-2882
................
r374518 | rmudgett | 2012-10-04 18:21:59 -0500 (Thu, 04 Oct 2012) | 7 lines
chan_misdn: Fix spelling in log messages
Patches:
patch4_spelling.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374519 | rmudgett | 2012-10-04 18:31:59 -0500 (Thu, 04 Oct 2012) | 15 lines
chan_misdn: Don't cleanup a bc twice.
In handle_frm_te() after calling misdn_lib_send_event(bc,
EVENT_RELEASE_COMPLETE) bc is emptied, cleaned and set not in use,
although misdn_lib_send_event() already did the same. This is bad. When
it's not in use we are not allowed to touch it.
* Moved log message in front of the resulting actions and fixed it to
match the case.
Patches:
patch5_bccleanup.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374520 | rmudgett | 2012-10-04 18:43:56 -0500 (Thu, 04 Oct 2012) | 12 lines
chan_misdn: Fix memory leaks, bc, chan not cleaned up etc., really bad stuff.
* Fix return codes of cb_events() for EVENT_SETUP to use caller's cleanup
mechanisms.
* Move cl_queue_chan() call after bearer check.
Patches:
patch6_leaks.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374521 | rmudgett | 2012-10-04 18:48:38 -0500 (Thu, 04 Oct 2012) | 11 lines
chan_misdn: We must initialize cause on sending a DISCONNECT.
We must initialize cause on sending a DISCONNECT, so it is later correctly
indicated to ast_channel in case the answer (RELEASE/RELEASE_COMPLETE)
does not include one.
Patches:
patch7_hangupcause.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374522 | rmudgett | 2012-10-04 19:03:56 -0500 (Thu, 04 Oct 2012) | 7 lines
chan_misdn: Remove unused code for upqueue
Patches:
patch8_unused-upqueue.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374523 | rmudgett | 2012-10-04 19:11:50 -0500 (Thu, 04 Oct 2012) | 7 lines
chan_misdn: Improve debugging (port number, messages fixed, dups removed)
Patches:
patch9_debug.diff (license #6372) patch uploaded by Guenther Kelleter
JIRA ABE-2882
................
r374533 | rmudgett | 2012-10-05 12:17:18 -0500 (Fri, 05 Oct 2012) | 8 lines
chan_misdn: Better debug: we can print_bc_info even if there's no ast leg.
Patches:
patch10_debug-bc-2.diff (license #6372) patch uploaded by Guenther Kelleter
Modified.
JIRA ABE-2882
................
r374534 | rmudgett | 2012-10-05 12:34:10 -0500 (Fri, 05 Oct 2012) | 16 lines
chan_misdn: setup_bc() is called too early for an incoming SETUP on TE.
This prevents the B channel from being setup for HDLC mode when requested
by the bearer capability and config option hdlc=yes. It violates
ETS300102 Ch.5.2.3.2: "The user, in any case, must not connect to the
channel until a CONNECT ACKNOWLEDGE message has been received."
* Call setup_bc() on receipt of CONNECT_ACKNOWLEGDE for PTMP, and on first
response to SETUP for PTP.
Patches:
abe-2881-2.diff (license #6372) patch uploaded by Guenther Kelleter
Modified.
JIRA ABE-2881
................
r374535 | rmudgett | 2012-10-05 12:41:05 -0500 (Fri, 05 Oct 2012) | 2 lines
chan_misdn: Remove some more deadcode.
................
........
Merged revisions 370563,374536 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@374540 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r366052 | mmichelson | 2012-05-10 11:10:18 -0500 (Thu, 10 May 2012) | 7 lines
Close the proper tcptls_session when session creation fails.
(issue AST-998)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
........
r367002 | mmichelson | 2012-05-18 11:53:47 -0500 (Fri, 18 May 2012) | 17 lines
Fix memory leak of SSL_CTX structures in TLS core.
SSL_CTX structures were allocated but never freed. This was a bigger
issue for clients than servers since new SSL_CTX structures could be
allocated for each connection. Servers, on the other hand, typically
set up a single SSL_CTX for their lifetime.
This is solved in two ways:
1. In __ssl_setup(), if a tcptls_cfg has an ssl_ctx on it, it is
freed so that a new one can take its place.
2. A companion to ast_ssl_setup() called ast_ssl_teardown() has
been added so that servers can properly free their SSL_CTXs.
(issue ASTERISK-19278)
........
r367416 | mmichelson | 2012-05-23 15:27:47 -0500 (Wed, 23 May 2012) | 5 lines
Only call SSL_CTX_free if DO_SSL is defined.
Thanks to Paul Belanger for pointing out this error.
........
r369731 | mmichelson | 2012-07-06 13:40:06 -0500 (Fri, 06 Jul 2012) | 19 lines
Remove a superfluous and dangerous freeing of an SSL_CTX.
The problem here is that multiple server sessions share
a SSL_CTX. When one session ended, the SSL_CTX would be
freed and set NULL, leaving the other sessions unable to
function.
The code being removed is superfluous because the SSL_CTX
structures for servers will be properly freed when ast_ssl_teardown
is called.
(closes issue ASTERISK-20074)
Reported by Trevor Helmsley
Patches:
ASTERISK-20074.diff uploaded by Mark Michelson (license #5049)
Testers:
Trevor Helmsley
........
r373061 | mjordan | 2012-09-14 14:07:20 -0500 (Fri, 14 Sep 2012) | 28 lines
Resolve memory leaks in TLS initialization and TLS client connections
This patch resolves two sources of memory leaks when using TLS in Asterisk:
1) It removes improper initialization (and multiple re-initializations) of
portions of the SSL library. Asterisk calls SSL_library_init and
SSL_load_error_strings during SSL initialization; collectively this
obviates the need for calling any of the following during initialization
or client connection handling:
* ERR_load_crypto_strings (handled by SSL_load_error_strings)
* OpenSSL_add_all_algorithms (synonym for SSL_library_init)
* SSLeay_add_ssl_algorithms (synonym for SSL_library_init)
2) Failure to completely clean up all memory allocated by Asterisk and by
the SSL library for TLS clients. This included not freeing the SSL_CTX
object in the SIP channel driver, as well as not clearing the error
stack when the TLS client exited.
Note that these memory leaks were found by Thomas Arimont, and this patch
was essentially written by him with some minor tweaks.
(closes issue AST-889)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
patches:
(bugAST-889.patch) by Thomas Arimont (license 5525)
Review: https://reviewboard.asterisk.org/r/2105
........
Merged revisions 366052,367002,367416,369731,373061 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@373088 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The AMI Originate action can allow a remote user to specify information that can
be used to execute shell commands on the system hosting Asterisk. This can
result in an unwanted escalation of permissions, as the Originate action, which
requires the "originate" class authorization, can be used to perform actions
that would typically require the "system" class authorization. Previous attempts
to prevent this permission escalation (AST-2011-006, AST-2012-004) have sought
to do so by inspecting the names of applications and functions passed in with
the Originate action and, if those applications/functions matched a predefined
set of values, rejecting the command if the user lacked the "system" class
authorization. As reported by IBM X-Force Research, the "ExternalIVR"
application is not listed in the predefined set of values. The solution for
this particular vulnerability is to include the "ExternalIVR" application in the
set of defined applications/functions that require "system" class authorization.
Unfortunately, the approach of inspecting fields in the Originate action against
known applications/functions has a significant flaw. The predefined set of
values can be bypassed by creative use of the Originate action or by certain
dialplan configurations, which is beyond the ability of Asterisk to analyze at
run-time. Attempting to work around these scenarios would result in severely
restricting the applications or functions and prevent their usage for legitimate
means. As such, any additional security vulnerabilities, where an
application/function that would normally require the "system" class
authorization can be executed by users with the "originate" class authorization,
will not be addressed. Instead, the README-SERIOUSLY.bestpractices.txt file has
been updated to reflect that the AMI Originate action can result in commands
requiring the "system" class authorization to be executed. Proper system
configuration can limit the impact of such scenarios.
(closes issue ASTERISK-20132)
Reported by: Zubair Ashraf of IBM X-Force Research
AST-2012-013: Resolve ACL rules being ignored during calls by some IAX2 peers
When an IAX2 call is made using the credentials of a peer defined in a dynamic
Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are
not applied to the call attempt. This allows for a remote attacker who is aware
of a peer's credentials to bypass the ACL rules set for that peer.
This patch ensures that the ACLs are applied for all peers, regardless of their
storage mechanism.
(closes issue ASTERISK-20186)
Reported by: Alan Frisch
Tested by: mjordan, Alan Frisch
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@372030 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This includes the following
* r369351 for AST-883
* r368807 for AST-884
* r356604, r356650, r364203 for AST-890
* r370618 for AST-896
* r370205, r370273, r370360 for AST-916
* r371469 for AST-932
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@371651 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This is based on the review request posted by Walter Doekes
(referenced lower in the commit message)
The main fix here is to treat the IPorHost portion of the dial
string as a temporary outbound proxy. This ensures requests
get sent to the proper location.
Due to the age of the request, some parts were no longer relevant.
For instance, the request moved outbound proxy parsing code into
a single method. This is done in a previous commit, so it was not
necessary to do again.
Also, the review request fixed some errors with regards to request
routing for CANCEL and ACK requests. This has also been fixed in
more recent commits.
(closes issue ASTERISK-19677)
reported by Walter Doekes
Review https://reviewboard.asterisk.org/r/1859
........
Merged revisions 370769 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@370843 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The patch for r368759 in Asterisk 1.8 relied upon the methods
analog_unlock_private/analog_lock_private. In earlier versions of 1.8,
including the Certified Asterisk 1.8.11 branch, those two methods were
unused, and hence were undefined out of the source. When the patch was made
for 1.8.11-cert5, those two functions were not re-defined back in. This caused
linking errors when sig_analog was loaded.
This patch properly restores those two methods, such that the fix for AST-891
works correctly.
(issue AST-891)
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@369964 65c4cc65-6c06-0410-ace0-fbb531ad65f3
------------------------------------------------------------------------
r365395 | qwell | 2012-05-04 16:17:08 -0500 (Fri, 04 May 2012) | 7 lines
Add support for folders in MixMonitor 'm' option. Backport manager actions.
The manager actions are needed, so MixMonitor can be executed on existing
channels.
(issue DPMA-68)
------------------------------------------------------------------------
r364761 | qwell | 2012-05-01 12:25:14 -0500 (Tue, 01 May 2012) | 6 lines
Remove folder_dir from voicemail snapshots API.
It was both unused (except in tests, where it was fudged) and unnecessary.
(closes issue AST-842)
------------------------------------------------------------------------
r367161 | mmichelson | 2012-05-21 14:05:52 -0500 (Mon, 21 May 2012) | 21 lines
Add "send to voicemail" Digium phone functionality to Asterisk.
This change accommodates two methods by which calls can be directed to
a user's voicemail.
* Incoming calls can be redirected to any user's voicemail.
* Established calls can be blind transferred to any user's voicemail.
Digium phones indicate the desire to direct a call to voicemail by using
a Diversion header with a reason parameter of "send_to_vm".
This patch adds the "send_to_vm" reason as a valid redirecting reason. In
addition, chan_sip.c has been modified to update redirecting information
on the transferred channel by reading a Diversion header on a REFER request.
(closes issue AST-871)
Reported by Malcolm Davenport
Review: https://reviewboard.asterisk.org/r/1925
------------------------------------------------------------------------
r368790 | mjordan | 2012-06-12 08:44:36 -0500 (Tue, 12 Jun 2012) | 18 lines
Fix deadlock in SIP transfers that involve a REFER request
In r367163, "send to voicemail" functionality was added to the SIP channel
driver. This required updating the party redirecting information for the
channel based on the headers provided in the REFER request. When the
redirecting party information is updated on the channel, a call to
ast_indicate_data occurs. Because handle_request_refer still had the sip_pvt
locked, a deadlock could occur between the pbx_thread and the do_monitor thread
servicing the REFER request.
This patch preserves the proper locking order between the channel and the
sip_pvt by ensuring that the sip_pvt is unlocked prior to updating the party
redirecting information on the channel.
(closes issue AST-903)
Reported by: Matt Jordan
patches:
jira_ast_903_trunk.patch by rmudgett (license 5621)
------------------------------------------------------------------------
r368962 | qwell | 2012-06-14 13:38:48 -0500 (Thu, 14 Jun 2012) | 11 lines
Remove global symbol requirement from app_voicemail.
This uses the existing "function installation" stuff that already existed for
other functions, like getting message counts.
(closes issue AST-807)
(issue AST-901)
(issue AST-908)
Review: https://reviewboard.asterisk.org/r/1965/
------------------------------------------------------------------------
r368964 | qwell | 2012-06-14 14:03:24 -0500 (Thu, 14 Jun 2012) | 8 lines
These functions that were moved need to be static.
Also wrap test functions in a #ifdef.
(issue AST-807)
(issue AST-901)
(issue AST-908)
------------------------------------------------------------------------
r368998 | qwell | 2012-06-15 10:31:43 -0500 (Fri, 15 Jun 2012) | 6 lines
Remove some symbol exports that got missed in the removal of global symbols.
(issue AST-807)
(issue AST-901)
(issue AST-908)
------------------------------------------------------------------------
r369024 | qwell | 2012-06-15 11:29:40 -0500 (Fri, 15 Jun 2012) | 2 lines
Fix voicemail API tests by using the correct argument order for create/destroy.
------------------------------------------------------------------------
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@369839 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r367163, "send to voicemail" functionality was added to the SIP channel
driver. This required updating the party redirecting information for the
channel based on the headers provided in the REFER request. When the
redirecting party information is updated on the channel, a call to
ast_indicate_data occurs. Because handle_request_refer still had the sip_pvt
locked, a deadlock could occur between the pbx_thread and the do_monitor thread
servicing the REFER request.
This patch preserves the proper locking order between the channel and the
sip_pvt by ensuring that the sip_pvt is unlocked prior to updating the party
redirecting information on the channel.
(closes issue AST-903)
Reported by: Matt Jordan
patches:
jira_ast_903_trunk.patch by rmudgett (license 5621)
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@368790 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Made schedule_delivery() set the received frame f->data.ptr to NULL if
the datalen is zero.
* Fix queue_signalling() memcpy() size error.
* Made queue_signalling() not use C++ keyword variable names.
(closes issue ASTERISK-19597)
Reported by: mgrobecker
Patches:
jira_asterisk_19597_v1.8.patch (license #5621) patch uploaded by rmudgett
Tested by: rmudgett, Michael L. Youngi
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@367847 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a skinny session is unregistered, the corresponding device pointer is set
to NULL in the channel private data. If the client was not in the on-hook state
at the time the connection was closed, the device pointer can later be
dereferened if a message or channel event attempts to use a line's pointer to
said device.
The patches prevent this from occurring by checking the line's pointer in
message handlers and channel callbacks that can fire after an unregistration
attempt.
(closes issue ASTERISK-19905)
Reported by: Christoph Hebeisen
Tested by: mjordan, Damien Wedhorn
Patches:
AST-2012-008-1.8.diff uploaded by mjordan (license 6283)
AST-2012-008-10.diff uploaded by mjordan (licesen 6283)
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@367846 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change accommodates two methods by which calls can be directed to
a user's voicemail.
* Incoming calls can be redirected to any user's voicemail.
* Established calls can be blind transferred to any user's voicemail.
Digium phones indicate the desire to direct a call to voicemail by using
a Diversion header with a reason parameter of "send_to_vm".
This patch adds the "send_to_vm" reason as a valid redirecting reason. In
addition, chan_sip.c has been modified to update redirecting information
on the transferred channel by reading a Diversion header on a REFER request.
(closes issue AST-871)
Reported by Malcolm Davenport
Review: https://reviewboard.asterisk.org/r/1925
git-svn-id: https://origsvn.digium.com/svn/asterisk/certified/branches/1.8.11@367161 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r363102 | mjordan | 2012-04-23 08:37:55 -0500 (Mon, 23 Apr 2012) | 16 lines
AST-2012-005: Fix remotely exploitable heap overflow in keypad button handling
When handling a keypad button message event, the received digit is placed into
a fixed length buffer that acts as a queue. When a new message event is
received, the length of that buffer is not checked before placing the new digit
on the end of the queue. The situation exists where sufficient keypad button
message events would occur that would cause the buffer to be overrun. This
patch explicitly checks that there is sufficient room in the buffer before
appending a new digit.
(closes issue ASTERISK-19592)
Reported by: Russell Bryant
........
Merged revisions 363100 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
r363106 | mjordan | 2012-04-23 09:05:02 -0500 (Mon, 23 Apr 2012) | 17 lines
AST-2012-006: Fix crash in UPDATE handling when no channel owner exists
If Asterisk receives a SIP UPDATE request after a call has been terminated and
the channel has been destroyed but before the SIP dialog has been destroyed, a
condition exists where a connected line update would be attempted on a
non-existing channel. This would cause Asterisk to crash. The patch resolves
this by first ensuring that the SIP dialog has an owning channel before
attempting a connected line update. If an UPDATE request is received and no
channel is associated with the dialog, a 481 response is sent.
(closes issue ASTERISK-19770)
Reported by: Thomas Arimont
Tested by: Matt Jordan
Patches:
ASTERISK-19278-2012-04-16.diff uploaded by Matt Jordan (license 6283)
........
r363141 | jrose | 2012-04-23 09:33:16 -0500 (Mon, 23 Apr 2012) | 20 lines
AST-2012-004: Fix an error that allows AMI users to run shell commands sans authorization.
As detailed in the advisory, AMI users without write authorization for SYSTEM class AMI
actions were able to run system commands by going through other AMI commands which did
not require that authorization. Specifically, GetVar and Status allowed users to do this
by setting their variable/s options to the SHELL or EVAL functions.
Also, within 1.8, 10, and trunk there was a similar flaw with the Originate action that
allowed users with originate permission to run MixMonitor and supply a shell command
in the Data argument. That flaw is fixed in those versions of this patch.
(closes issue ASTERISK-17465)
Reported By: David Woolley
Patches:
162_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
18_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
10_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
........
Merged revisions 363117 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363102,363106,363141 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8-digiumphones@363161 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This merges fixes for the following issues into the 1.8-digiumphones branch:
* ASTERISK-19355 - Call transfer with consultation frequently fails in cross-
linked Asterisk scenario (directmedia & sendrpid active)
* ASTERISK 19365 - Remote SIP Call legs are frequently not released in a
cross-linked Asterisk scenario (directmedia & sendrpid)
* ASTERISK-19183 - Sporadically missing connectedline event to caller channel
in directed pickup app
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8-digiumphones@362042 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The SIP TCP/TLS worker threads were created joinable but noone could join
them if they died on their own.
* Fix the SIP TCP/TLS worker threads to not be created joinable.
* _sip_tcp_helper_thread() only needs one parameter since the pvt
parameter is only passed in as NULL and never used.
(closes issue ASTERISK-19203)
Reported by: Steve Davies
Review: https://reviewboard.asterisk.org/r/1714/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356677 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Currently, when using res_srtp, once the SRTP policy has been added to the
current session the policy is locked into place. Any attempt to replace an
existing policy, which would be needed if the remote endpoint negotiated a new
cryptographic key, is instead rejected in res_srtp. This happens in particular
in transfer scenarios, where the endpoint that Asterisk is communicating with
changes but uses the same RTP session.
This patch modifies res_srtp to allow remote and local policies to be reloaded
in the underlying SRTP library. From the perspective of users of the SRTP API,
the only change is that the adding of remote and local policies are now added
in a single method call, whereas they previously were added separately. This
was changed to account for the differences in handling remote and local
policies in libsrtp.
Review: https://reviewboard.asterisk.org/r/1741/
(closes issue ASTERISK-19253)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
Patches:
srtp_renew_keys_2012_02_22.diff uploaded by Matt Jordan (license 6283)
(with some small modifications for this check-in)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356604 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Custom parking extensions may not be coded such that the first and only
extension priority is the Park application. These custom parking
extensions will not be recognized as parking extensions. When a call is
blind transferred to an extension that is not recognized as a parking
extension, the normal blind transfer code causes the transferred channel
to start executing dialplan. Calls that get parked in this manner do not
know the original channel name that parked the call so the original parker
could never be called back if the parked call is not retrieved before the
timeout time. The parking space is also announced to the call being
parked as a side effect of not knowing the original parking channel.
* Fix handling of BLINDTRANSFER channel variable for call parking.
* Fixed SIP blind transfer using the wrong dialplan context variable to
check for the parking extension.
(closes issue ASTERISK-19322)
Reported by: aragon
Tested by: rmudgett, jparker
Review: https://reviewboard.asterisk.org/r/1730/
JIRA AST-766
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356521 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When we send an ACK for a 2xx response to an INVITE, we are supposed
to use the learned route set. However, when we receive a non-2xx final
response to an INVITE, we are supposed to send the ACK to the same place
we initially sent the INVITE.
We had been doing this up until the changes went in that would build a route
set from provisional responses. That introduced a regression where we would
use the learned route set under all circumstances.
With this change, we now will set the destination of our ACK based on the
invitestate. If it is INV_COMPLETED then that means that we have received
a non-2xx final response (INV_TERMINATED indicates a 2xx response was received).
If it is INV_CANCELLED, then that means the call is being canceled, which
means that we should be ACKing a 487 response.
The other change introduced here is setting the invitestate to INV_CONFIRMED
when we send an ACK *after* the reqprep instead of before. This way, we can
tell in reqprep more easily what the invitestate is prior to sending the ACK.
(closes issue ASTERISK-19389)
reported by Karsten Wemheuer
patches:
ASTERISK-19389v2.patch uploaded by Mark Michelson (license #5049)
(with some slight modifications prior to commit)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356475 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The "sip show peers" command uses a fix sized array to sort the current peers
in the peers ao2_container. The size of the array is based on the current
number of peers in the container. However, once the size of the array is
determined, the number of peers in the container can change, as the peers
container is not locked. This could cause a buffer overrun when populating
the array, if peers were added to the container after the array was created.
Additionally, a memory leak of the allocated array would occur if a user
caused the _show_peers method to return CLI_SHOWUSAGE.
We now create a snapshot of the current peers using an ao2_callback with the
OBJ_MULTIPLE flag. This size of the array is set to the number of peers
that the iterator will iterate over; hence, if peers are added or removed
from the peers container it will not affect the execution of the "sip show
peers" command.
Review: https://reviewboard.asterisk.org/r/1738/
(closes issue ASTERISK-19231)
(closes issue ASTERISK-19361)
Reported by: Thomas Arimont, Jamuel Starkey
Tested by: Thomas Arimont, Jamuel Starkey
Patches: sip_show_peers_2012_02_16.diff uploaded by mjordan (license 6283)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356214 65c4cc65-6c06-0410-ace0-fbb531ad65f3
'p->outgoing' in chan_dahdi and sig_analog wern't kept in sync, particulary FXS ast_hangup didn't clear the 'outgoing' flag.
sig_pri and sig_ss7 were keeping 'outgoing' flag insync.
Now provides a callback for all the low level sig_XXX modules.
(issue ASTERISK-19316)
alecdavis (license 585)
Reported by: Jeremy Pepper
Tested by: alecdavis
Review: https://reviewboard.asterisk.org/r/1747/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@355850 65c4cc65-6c06-0410-ace0-fbb531ad65f3
IAX2 uses the trunkfreq variable to determine how often to send trunk packets, but
this value is in milliseconds while ast_timer_set_rate() expects the rate argument
to be ticks per second. So we divide 1000 by trunkfreq and pass that in instead.
With a default of 20ms, this change makes IAX2 send trunk packets every 20ms
instead of every 50ms.
Tracked down by myself and Bob Wienholt.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@355746 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This fixes two main issues:
1. Asterisk would send a CANCEL to the route created by the provisional response
instead of using the same destination it did in the initial INVITE.
2. If a new route set arrives in a 200 OK than was in the 1XX response (perfectly
possible if our outbound INVITE gets forked), then the route set in the 200 OK
needs to overwrite the route set in the 1XX response.
(closes issue ASTERISK-19358)
Reported by: Karsten Wemheuer
Tested by: Karsten Wemheuer
patches:
ASTERISK-19358.patch uploaded by Mark Michelson (license 5049)
ASTERISK-19358.patch uploaded by Stefan Schmidt (license 6034)
Review: https://reviewboard.asterisk.org/r/1749
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@355732 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Back in r646, TRUNK_CALL_START was added and defined as 0x4000. That same value
was also hard-coded in one part of the IAX2 code instead of using the #define.
TRUNK_CALL_START has changed over the years (for dealing with LOW_MEMORY), but
the hard-coded usage was never updated to match. This patch fixes that.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@355448 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This was causing identification that should have been
made private to be public.
(closes issue AST-814)
reported by Patrick Anderson
Patches:
chan_sip.c.diff uploaded by Patrick Anderson (license 5430)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@355268 65c4cc65-6c06-0410-ace0-fbb531ad65f3
send_apathetic_reply takes the incoming frame's source call number as the
destination call number for the outgoing frame. If the incoming frame was a
full frame, then the high order bit of the source call number is set and will be
interpreted as a retransmit when sent back out as the destination call number.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@355182 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In ASTERISK-18924, SIP INFO DTMF handlingw as changed to account for both
lowercase alphatbetic DTMF events, as well as uppercase alphabetic DTMF
events. When this occurred, the comparison of the character buffer containing
the event code was changed such that the buffer was first compared again '0'
and '9' to determine if it was numeric. Unfortunately, since the first
character in the buffer will typically be '1' in the case of non-numeric
event codes (10-16), this caused those codes to be converted to a DTMF event
of '1'. This patch fixes that, and cleans up handling of both
application/dtmf-relay and application/dtmf content types.
Review: https://reviewboard.asterisk.org/r/1722/
(closes issue ASTERISK-19290)
Reported by: Ira Emus
Tested by: mjordan
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@354542 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1. Set lastms to 0 when clearing instead of ""
2. Don't set ipaddr or port to the string "(null)" when they are empty
3. Add missing required fields, set default for lastms to 0, and modify
the length of the ipaddr field to 45 in the Postgresql realtime.sql
file.
(closes issue ASTERISK-19172)
Review: https://reviewboard.asterisk.org/r/1703/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@354348 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Bad locking order was added to chan_agent to prevent segfaults from having no locking
in a patch by irroot. This patch addresses the bad locking order by releasing locks before
getting the right locking order to stop deadlocks from occuring when doing multiple
interactions with agents.
(closes issue ASTERISK-19285)
Reported by: Alex Villacis Lasso
Review: https://reviewboard.asterisk.org/r/1708/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@353999 65c4cc65-6c06-0410-ace0-fbb531ad65f3
After R340970 Asterisk was still polling the RTCP file descriptor after RTCP is
shut down and removed. If the descriptor happened to have data ready when the
removal occured then Asterisk would go into an infinite loop trying to read
data that it can never actually access. This change disables the audio RTCP
file descriptor for the duration of the T.38 transaction.
(closes issue ASTERISK-18951)
Reported-by: Kristijan Vrban
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@353915 65c4cc65-6c06-0410-ace0-fbb531ad65f3
