When res_pjsip body generator modules were generating XML or XPIDF
response bodies, there was a chance that the generated body would be the
exact size of the supplied buffer. Adding the nul string terminator would
then write beyond the end of the buffer and potentially corrupt memory.
* Fix MALLOC_DEBUG high fence violations caused by adding a nul string
terminator on the end of a buffer for XML or XPIDF response bodies.
* Made calls to pj_xml_print() safer if the XML prolog is requested. Due
to a bug in pjproject, the return value could be -1 _or_
AST_PJSIP_XML_PROLOG_LEN if the supplied buffer is not large enough.
* Updated the doxygen comment of AST_PJSIP_XML_PROLOG_LEN to describe the
return value of pj_xml_print() when the supplied buffer is not large
enough.
ASTERISK-25168
Reported by: Carl Fortin
Change-Id: Id70e1d373a6a2b2bd9e678b5cbc5e55b308981de
When a caller calls a FAX number and then hangs up right after the call is
answered then the T.38 re-INVITE automatic reject timer may still be
running after the channel goes away.
* Added session NULL channel checks on the code paths that get executed by
t38_automatic_reject() to prevent a crash when the T.38 re-INVITE
automatic reject timer expires.
ASTERISK-25168
Reported by: Carl Fortin
Change-Id: I07b6cd23815aedce5044f8f32543779e2f7a2403
All send/receive processing for a SIP transaction needs to be done under
the same threadpool serializer to prevent reentrancy problems inside
pjproject and res_pjsip.
* Add threadpool API call to get the current serializer associated with
the worker thread.
* Pick a serializer from a pool of default serializers if the caller of
res_pjsip.c:ast_sip_push_task() does not provide one.
This is a simple way to ensure that all outgoing SIP request messages are
processed under a serializer. Otherwise, any place where a pushed task is
done that would result in an outgoing out-of-dialog request would need to
be modified to supply a serializer. Serializers from the default
serializer pool are picked in a round robin sequence for simplicity.
A side effect is that the default serializer pool will limit the growth of
the thread pool from random tasks. This is not necessarily a bad thing.
* Made pjsip_distributor.c save the thread's serializer name on the
outgoing request tdata struct so the response can be processed under the
same serializer.
This is a cherry-pick from master.
**** ASTERISK-25115 Change-Id: Iea71c16ce1132017b5791635e198b8c27973f40a
NOTE: session_inv_on_state_changed() is disassociating the dialog from the
session when the invite dialog becomes PJSIP_INV_STATE_DISCONNECTED.
Unfortunately this is a tad too soon because our BYE request transaction
has not completed yet.
ASTERISK-25183 #close
Reported by: Matt Jordan
Change-Id: I8bad0ae1daf18d75b8c9e55874244b7962df2d0a
This change makes it so that when accepting a WebSocket
connection the HTTP response is sent as one packet instead of
fragmented. Browsers don't like it when you send it fragmented.
ASTERISK-25103
Change-Id: I9b82c4ec2949b0bce692ad0bf6f7cea9709e7f69
This patch updates a variety of Makefiles in Asterisk's build system to
remove .gcda and .gcno files when 'make clean' is executed. These files
are generated when '--enable-coverage' is passed to the Asterisk
configure script.
Change-Id: Ib70b41eea2ee2908885bff02e80faf9f40c84602
When handle_invite_replaces() was called, and either ast_bridge_impart()
failed or there was no bridge (because the channel we're picking up was
still ringing), chan_sip would leak a channel.
Thanks Matt and Corey for checking the bridge path.
ASTERISK-25226 #close
Change-Id: Ie736bb182170a73eef5bcef0ab0376f645c260c8
When running valgrind on Asterisk, it complained about:
==32423== Source and destination overlap in memcpy(0x85a920, 0x85a920, 304)
==32423== at 0x4C2F71C: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/...)
==32423== by 0x55BA91: ast_rtp_engine_unload_format (rtp_engine.c:2292)
==32423== by 0x4EEFB7: ast_format_attr_unreg_interface (format.c:1437)
The code in question is a struct assignment, which may be performed by
memcpy as a compiler optimization. It is changed to only copy the struct
contents if source and destination are different.
ASTERISK-25219 #close
Change-Id: I6d3546c326b03378ca8e9b8cefd41c16e0088b9a
If DEBUG_FD_LEAKS was used and more file descriptors than the default of
1024 were available, some DEBUG_FD_LEAKS-patched functions would
overwrite memory past the fixed-size (1024) fdleaks buffer.
This change:
- adds bounds checks to __ast_fdleak_fopen and __ast_fdleak_pipe
- consistently uses ARRAY_LEN() instead of sizeof() or 1023 or 1024
- stores pointers to constants instead of copying the contents
- reorders the fdleaks struct for possibly tighter packing
- adds a tiny bit of documentation
ASTERISK-25212 #close
Change-Id: Iacb69e7701c0f0a113786bd946cea5b6335a85e5
This fixes so a failure to get a timer file descriptor does not cascade
to closing FD 0.
On error, both res_timing_kqueue and res_timing_timerfd would call the
destructor before setting the file handle. The file handle had been
initialized to 0, causing FD 0 to be closed. This in turn, resulted in
floods of "CLI>" messages and an unusable terminal.
ASTERISK-19277 #close
Reported by: Barry Chern
For the 13 branch, this was already fixed. This patch only ensures that
we do not attempt to close a negative file descriptor.
Change-Id: I147d7e33726c6e5a2751928d56561494f5800350
When a frame is queued on a channel, any failure in
ast_channel_alert_write is logged along with errno.
This change improves the diagnostic message through
aligning the errno value with actual failure cases.
ASTERISK-25224
Reported by: Andrey Biglari
Change-Id: I1bf7b3337ad392789a9f02c650589cd065d20b5b
When a mapping does not exist between a sorcery.conf defined object and
a realtime mapping in extconf, currently, the user will receive a slew
of ERROR messages that don't really tell what is happening. Some ERROR
messages may even be misleading, as they occur after the sorcery API has
already given up on the attempt to load and create the sorcery object.
This patch adds a bit of debug and a useful WARNING message for when a
wizard's open callback fails for a particular object type. In the bad
configurations that resulted in this patch, this provided a 'root cause'
WARNING message that pointed in the right direction of the configuration
problem.
Change-Id: I1cc7344f2b015b8b9c85a7e6ebc8cb4753a8f80b
This prevents a leak of a sorcery object type when realtime sorcery
objects are retrieved by fields or when multiple objects are retrieved.
The extent of this leak is that sorcery object types would be leaked.
These are allocated whenever an object type is registered with sorcery,
meaning that on module shutdown, these objects would be leaked. This
could be problematic if many reloads were performed, but it is not as
severe as if every sorcery object retrieved from realtime were being
leaked.
ASTERISK-25165 #close
Reported by Corey Farrell
Change-Id: I625c3b50eee4576670b7eeb013c81ad043b4b4f8
Returns a 'failure' from the module load routine indicates to Asterisk
that it should abort loading completely. This is rarely - in fact,
really, never - a good option. Aborting load of Asterisk from a dynamic
module implies that the core, and the rest of the dynamic modules, don't
matter: we should abandon all processing.
res_corosync is really not that important.
This patch updates the module such that, if it fails to load, it
politely declines (emitting ERROR messages along the way), and allows
Asterisk to continue to function.
Note that this issue was keeping Asterisk unit tests from running on
certain build agents.
Change-Id: I252249e81fb9b1a68e0da873f54f47e21d648f0f
When 8297136f was merged for ASTERISK-25040, a regression was introduced
surrounding the case sensitivity of device names within hints.
Previously, device names - such as 'sip/foo' - were compared in a case
insensitive fashion. Thus, 'sip/foo' was equivalent to 'SIP/foo'. After
that patch, only the case sensitive name would match, i.e., 'SIP/foo'.
As a result, some dialplan hints stopped working.
This patch re-introduces case insensitive matching for device names in
hints.
ASTERISK-25040
ASTERISK-25202 #close
Change-Id: If5046a7d14097e1e3c12b63092b9584bb1e9cb4c
(cherry picked from commit 96bbcf495a)
A previous change made the contact only get rewritten if the dialog's
route set was not marked frozen. Unfortunately, while the intent of this
is correct, the dialog's route set actually gets marked as frozen
earlier than expected, especially for UAS dialogs.
Instead, the idea is that the contact needs to not be rewritten if there
is a pre-existing route set on the dialog. This is now accomplished by
checking the dialog's route set list instead of checking if the route
set is frozen.
Doing this causes some broken tests to begin passing again.
ASTERISK-25196
Reported by Mark Michelson
Change-Id: I525ab251fd40a52ede327a52a2810a56deb0529e
The client_state objects contain a serializer used to send the outbound
REGISTER messages. Once all those message transactions are complete then
the module can shutdown.
ASTERISK-24907 #close
Reported by: Kevin Harwell
Change-Id: Ibb2fe558f98190f2a06da830e0fadfa25516f547
res_pjsip_refer will attempt to add Referred-By or Replaces headers to
outbound INVITEs at times. If the INVITE gets challenged for
authentication, then we will resend the INVITE. Prior to this patch, the
Referred-By or Replaces header would be re-added to the outbound INVITE,
resulting in duplicated headers.
ASTERISK-25204 #close
Reported by Mark Michelson
Change-Id: I59fb5c08b4d253c0dba9ee3d3950b5025358222d
When performing some provider testing, the rewrite_contact option was
interfering with proper construction of a route set when sending an ACK
after receiving a 200 OK response to an INVITE.
The initial INVITE was sent to address sip:foo. The 200 OK had a Contact
header with URI sip:bar. In addition, the 200 OK had Record-Route
headers for sip:baz and sip:foo, in that order. Since the Record-Route
headers had the lr parameter, the result should have been:
* Set R-URI of the ACK to sip:bar.
* Add Route headers for sip:foo and sip:baz, in that order.
However, the rewrite_contact option resulted in our rewriting the
Contact header on the 200 OK to sip:foo. The result was:
* R-URI remained sip:foo.
* We added Route headers for sip:foo and sip:baz, in that order.
The result was that sip:bar was not indicated in the ACK at all, so the
far end never received our ACK. The call eventually dropped.
The intention of rewrite_contact is to rewrite the most immediate
destination of our SIP request to be the same address on which we
received a request or response. In the case of processing a SIP response
with Record-Route headers, this means that instead of rewriting the
Contact header, we should instead rewrite the bottom-most Record-Route
header. In the case of processing a SIP request with Record-Route
headers, this means we rewrite the top-most Record-route header.
Like when we rewrite the Contact header, we also ensure to update
the dialog's route set if it exists.
ASTERISK-25196 #close
Reported by Mark Michelson
Change-Id: I9702157c3603a2d0bd8a8215ac27564d366b666f
A module trying to unload needs to wait for all serializers it creates and
uses to complete processing before unloading.
ASTERISK-24907
Reported by: Kevin Harwell
Change-Id: I8c80b90f2f82754e8dbb02ddf3c9121e5e966059
* handle_client_state_destruction() must always be passed a ref to
client_state because it will always unref client_state.
handle_registration_response() was not passing a client_state ref.
* Made the final un-REGISTER message get sent normally using the pjproject
register control structure in handle_client_state_destruction(). The
previous code attempted to short circuit the response handling for the
module to unload. That doesn't work for a couple reasons. One,
pjsip_regc_send() may call the registered callback before it returns and
unbalance the client_state ref count. Two, the registered callback
handles any authentication for the un-REGISTER message.
* Made the distinction between internal registration state and external
registration status with sip_outbound_registration_status_str(). This is
necessary to avoid altering documented AMI messages with internal
changes.
* Removed references to client_state->client outside of the serializer
thread. When handle_client_state_destruction() destroys the pjproject
register control structure that memory is freed and cannot be referenced
anymore. These accesses were to provide information for debug and
off-nominal warning messages.
* In sip_outbound_registration_timer_cb() you should not access entry->id
after unrefing client_state because the passed in entry is normally
pointing to the timer entry in the client_state object.
ASTERISK-24907
Reported by: Kevin Harwell
Change-Id: Ia7b446d8644b6b4550ef5bea49527671de65183f
The sorcery pjsip 'registration' config object needs to be destroyed on
module unload. Otherwise, a reload of res_pjsip could try to use
callbacks for a previously unloaded instance of the module provided by
ast_sorcery_object_register() or one of the variants. Also, if
res_pjsip_outbound_registration were subsequently reloaded, the sorcery
config field objects would be registered in sorcery twice.
ASTERISK-24907
Reported by: Kevin Harwell
Change-Id: I304fad13dece2604af48353f6c6d9d5c7b064697
Due to the way that channels can now be moved around inside of
Asterisk it is possible for the outgoing flag of a channel to get
cleared before it has been answered. This results in the bridge
not receiving notification that the outgoing leg has been answered.
This most easily exhibits itself with DTMF based blond transfers.
Since the answer of the outgoing leg is ignored the other party
continues to receive both a locally generated ringing and the
media stream of the outgoing leg upon its answer. This results
in no media being heard.
This change removes the ignore of the answer and allows it
to pass through.
ASTERISK-25171 #close
Change-Id: I82aedcec4f89f34a2e5472086dfc9a6c775bca8e
Find and unlink the specified sorcery object type to complement
ast_sorcery_object_register(). Without this function you cannot
completely unload individual modules that use sorcery for configuration.
ASTERISK-24907
Reported by: Kevin Harwell
Change-Id: I1c04634fe9a90921bf676725c7d6bb2aeaab1c88
It is best if the loading code creates and initializes the module's
infrastructure before letting the system know of its existence. The
unloading code needs to reverse the actions of the loading code and in the
reverse order.
ASTERISK-24907
Reported by: Kevin Harwell
Change-Id: I5d151383e9787b5b60aa5e1627b10f040acdded4
Added checks when a unit test is registered to see that the summary and
description strings do not end with a new-line '\n' for consistency.
The check generates a warning message and will cause the
/main/test/registrations unit test to fail.
* Updated struct ast_test_info member doxygen comments.
Change-Id: I295909b6bc013ed9b6882e85c05287082497534d
Analyzing the code shows that the unit test summary and description
strings should not end with a new-line character. Where these strings are
used in the code a new-line is provided for output.
Change-Id: I129284f5e7ca93d82532334076da4c462d3d9fba