Added a TIME_UNIT enumeration, and a function that converts a
string to one of the enumerated values. Also, added functions
that create and initialize a timeval object using a specified
value, and unit type.
Change-Id: Ic31a1c3262a44f77a5ef78bfc85dcf69a8d47392
The 'core' console (ie: asterisk -c) does read logger.conf and does
use the dateformat= option.
Whereas 'remote' consoles (ie: asterisk -r -T) does not read logger.conf
and uses a hard coded dateformat option for printing received verbose messages:
main/logger.c: static char dateformat[256] = "%b %e %T"
This change will load logger.conf for each remote console session and
use the dateformat= option to set the per-line timestamp for verbose messages
Change-Id: I3ea10990dbd920e9f7ce8ff771bc65aa7f4ea8c1
ASTERISK-25358: #close
Reported-by: Igor Liferenko
Because they modify their argument they are not pure functions and
should not be marked as such, otherwise the compiler may optimize
them away.
ASTERISK-29306 #close
Change-Id: Ibec03a08522dd39e8a137ece9bc6a3059dfaad5f
Some sorcery objects actually contain dynamic content
that can change despite the underlying configuration
itself not changing. A good example of this is the
res_pjsip_endpoint_identifier_ip module which allows
specifying hostnames. While the configuration may not
change between reloads the DNS information of the
hostnames can.
This change adds the ability for a sorcery object to be
marked as having dynamic contents which is then taken
into account when reloading by the sorcery file based
config module. If there is an object with dynamic content
then a reload will be forced while if there are none
then the existing behavior of not reloading occurs.
ASTERISK-29321
Change-Id: I9342dc55be46cc00204533c266a68d972760a0b1
This partially reverts commit 3d1bf3c537,
specifically for app.h.
This works with both gcc 9.3.0 and 10.2.0 now, both for C and C++ (as
tested with external modules).
ASTERISK-29287
Change-Id: I5b9f02a9b290675682a1d13f1788fdda597c9fca
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
After some changes to streams and topologies, receiving fax through
local channels stopped working. This change adds a stream topology with
a stream of type IMAGE to the local channel pair and allows fax to be
received.
ASTERISK-29035 #close
Change-Id: Id103cc5c9295295d8e68d5628e76220f8f17e9fb
When a Transfer/REFER is executed, TRANSFERSTATUSPROTOCOL variable is
0 when no protocl specific error
SIP example of failure, 3xx-6xx for the SIP error code received
This allows applications to perform actions based on the failure
reason.
ASTERISK-29252 #close
Reported-by: Dan Cropp
Change-Id: Ia6a94784b4925628af122409cdd733c9f29abfc4
Rename check_manager_enabled() and check_webmanager_enabled() to begin
with ast_ so that the symbols are automatically exported by the
linker.
ASTERISK~29184
Change-Id: I85762b9a5d14500c15f6bad6507138c8858644c9
As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.
I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).
This commit just makes the cache directory configurable, but leaves
it at /tmp by default, to ensure backwards compatibility.
A future commit that only targets master could change the default
location to something more sensible such as /var/tmp/asterisk. At
that point, the cachedir could be created and cleaned up during
uninstall by the Makefile script.
ASTERISK-29143
Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d
* Added a ONESHOT type that never reschedules.
* Added "like" capability to "pjsip show scheduled_tasks" so you can do
the following:
CLI> pjsip show scheduled_tasks like outreg
PJSIP Scheduled Tasks:
Task Name Interval Times Run ...
============================================= ========= ========= ...
pjsip/outreg/testtrunk-reg-0-00000074 50.000 oneshot ...
pjsip/outreg/voipms-reg-0-00000073 110.000 oneshot ...
* Fixed incorrect display of "Next Start".
* Compacted the displays of times in the CLI.
* Added two new functions (ast_sip_sched_task_get_times2,
ast_sip_sched_task_get_times_by_name2) that retrieve the interval,
next start time, and next run time in addition to the times already
returned by ast_sip_sched_task_get_times().
Change-Id: Ie718ca9fd30490b8a167bedf6b0b06d619dc52f3
The data can be freed if the old object '_data' is the same object as
new 'data'. Because at first the object is unreferenced which can lead
to destroying it.
This could happened in res_pjsip_pubsub when the publication is updated
which could lead to segfault in function publish_expire.
Change-Id: I0164f57c387243510bdbd2f8dcf33377b6c202da
This avoids the inclusion of the OpenSSL headers in the public header,
which avoids one external library dependency in res_pjsip_stir_shaken.
Change-Id: I6a07e2d81d2b5442e24e99b8cc733a99f881dcf4
pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference
and removes the lock prior to returning. This makes it possible,
under some circumstances, for another thread to free said dialog
before the thread that created it attempts to use it again. Of
course when the thread that created it tries to use a freed dialog
a crash can occur.
This patch makes it so Asterisk now returns the newly created
dialog both locked, and with an added reference. This allows the
caller to de-reference, and unlock the dialog when it is safe to
do so.
In the case of a new SIP Invite the lock, and reference are now
held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects,
like the transaction, to disappear. For example if there is a TCP
transport error.
ASTERISK-29057 #close
Change-Id: I5ef645a47829596f402cf383dc02c629c618969e
If Asterisk sends out an INVITE and receives a challenge with a
different nonce value each time, it will continuously send out INVITEs,
even if the call is hung up. The endpoint must be configured for
outbound authentication for this to occur. A limit has been set on
outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate.
ASTERISK-29013
Change-Id: I2d001ca745b00ca8aa12030f2240cd72363b46f7
Added debug logging categories that allow a user to output debug
information based on a specified category. This lets the user limit,
and filter debug output to data relevant to a particular context,
or topic. For instance the following categories are now available for
debug logging purposes:
dtls, dtls_packet, ice, rtcp, rtcp_packet, rtp, rtp_packet,
stun, stun_packet
These debug categories can be enable/disable via an Asterisk CLI command.
While this overrides, and outputs debug data, core system debugging is
not affected by this patch. Statements still output at their appropriate
debug level. As well backwards compatibility has been maintained with
past debug groups that could be enabled using the CLI (e.g. rtpdebug,
stundebug, etc.).
ASTERISK-29054 #close
Change-Id: I6e6cb247bb1f01dbf34750b2cd98e5b5b41a1849
(cherry picked from commit 56028426de)
With the addition of STIR/SHAKEN, the function ast_base64decode_string
was added for convenience since there is a lot of converting done during
the STIR/SHAKEN process. This function returned the decoded string for
you, but did not NULL terminate it, causing some issues (specifically
with MALLOC_DEBUG). Now, the returned string is NULL terminated, and the
documentation has been updated to reflect this.
Change-Id: Icdd7d05b323b0c47ff6ed43492937a03641bdcf5
Added a new configuration option for PJSIP endpoints - stir_shaken. If
set to yes, then STIR/SHAKEN support will be added to inbound and
outbound INVITEs. The default is no. Alembic has been updated to include
this option.
Previously the dialplan function was not trimming the whitespace from
the parameters it recieved. Now it does.
Also added a conditional that, when TEST_FRAMEWORK is enabled, the
timestamp in the identity header will be overlooked. This is just for
testing, since the testsuite will rely on a SIPp scenario with a preset
identity header to trigger the MISMATCH result.
Change-Id: I43d67f1489b8c1c5729ed3ca8d71e35ddf438df1
Integrated STIR/SHAKEN support with outgoing INVITEs. When an INVITE is
sent, the caller ID will be checked to see if there is a certificate
that corresponds to it. If so, that information will be retrieved and an
Identity header will be added to the SIP message. The format is:
header.payload.signature;info=<public_key_url>alg=ES256;ppt=shaken
Header, payload, and signature are all BASE64 encoded. The public key
URL is retrieved from the certificate. Currently the algorithm and ppt
are ES256 and shaken, respectively. This message is signed and can be
used for verification on the receiving end.
Two new configuration options have been added to the certificate object:
attestation and origid. The attestation is required and must be A, B, or
C. origid is the origination identifier.
A new utility function has been added as well that takes a string,
allocates space, BASE64 encodes it, then returns it, eliminating the
need to calculate the size yourself.
Change-Id: I1f84d6a5839cb2ed152ef4255b380cfc2de662b4
Integrated STIR/SHAKEN support with incoming INVITES. Upon receiving an
INVITE, the Identity header is retrieved, parsing the message to verify
the signature. If any of the parsing fails,
AST_STIR_SHAKEN_VERIFY_NOT_PRESENT will be added to the channel for this
caller ID. If verification itself fails,
AST_STIR_SHAKEN_VERIFY_SIGNATURE_FAILED will be added. If anything in
the payload does not line up with the SIP signaling,
AST_STIR_SHAKEN_VERIFY_MISMATCH will be added. If all of the above steps
pass, then AST_STIR_SHAKEN_VERIFY_PASSED will be added, completing the
verification process.
A new config option has been added to the general section for
stir_shaken.conf. "signature_timeout" is the amount of time a signature
will be considered valid. If an INVITE is received and the amount of
time between when it was received and when it was signed is greater than
signature_timeout, verification will fail.
Some changes were also made to signing and verification. There was an
error where the whole JSON string was being signed rather than the
header combined with the payload. This has been changed to sign the
correct thing. Verification has been changed to do this as well, and the
unit tests have been updated to reflect these changes.
A couple of utility functions have also been added. One decodes a BASE64
string and returns the decoded string, doing all the length calculations
for you. The other retrieves a string value from a header in a rdata
object.
Change-Id: I855f857be3d1c63b64812ac35d9ce0534085b913
Adds the "STIR_SHAKEN" dialplan function and an API call to add a
STIR_SHAKEN verification result to a channel. This information will be
held in a datastore on the channel that can later be queried through the
"STIR_SHAKEN" dialplan funtion to get information on STIR_SHAKEN results
including identity, attestation, and verify_result. Here are some
examples:
STIR_SHAKEN(count)
STIR_SHAKEN(0, identity)
STIR_SHAKEN(1, attestation)
STIR_SHAKEN(2, verify_result)
Getting the count can be used to iterate through the results and pull
information by specifying the index and the field you want to retrieve.
Change-Id: Ice6d52a3a7d6e4607c9c35b28a1f7c25f5284a82
There are a lot of moving parts in this patch, but the focus of it is on
the verification of the signature using a public key located at the
public key URL provided in the JSON payload. First, we check the
database to see if we have already downloaded the key. If so, check to
see if it has expired. If it has, redownload from the URL. If we don't
have an entry in the database, just go ahead and download the public
key. The expiration is tested each time we download the file. After
that, read the public key from the file and use it to verify the
signature. All sanity checking is done when the payload is first
received, so the verification is complete once this point is reached.
The XML has also been added since a new config option was added to
general (curl_timeout). The maximum amount of time to wait for a
download can be configured through this option, with a low value by
default.
Change-Id: I3ba4c63880493bf8c7d17a9cfca1af0e934d1a1c
This change provides functions that take in a JSON payload, verify that
the contents contain all the mandatory fields and required values (if
any), and signs the payload with the private key. Four fields are added
to the payload: x5u, attest, iat, and origid. As of now, these are just
placeholder values that will be set to actual values once the logic is
implemented for what to do when an actual payload is received, but the
functions to add these values have all been implemented and are ready to
use. Upon successful signing and the addition of those four values, a
ast_stir_shaken_payload is returned, containing other useful information
such as the algorithm and signature.
Change-Id: I74fa41c0640ab2a64a1a80110155bd7062f13393
This commit sets up some of the initial framework for the module and
adds a way to read the private key from the specified file, which will
then be appended to the certificate object. This works fine for now, but
eventually some other structure will likely need to be used to store all
this information. Similarly, the caller_id_number is specified on the
certificate config object, but in the end we will want that information
to be tied to the certificate itself and read it from there.
A method has been added that will retrieve the private key associated
with the caller_id_number passed in. Tab completion for certificates and
stores has also been added.
Change-Id: Ic4bc1416fab5d6afe15a8e2d32f7ddd4e023295f
In the event that the desired extension already exists,
ast_add_extension2_lockopt() will free the 'data' it is passed before
returning an error, so we should not be freeing it ourselves.
Additionally, there were two places where ast_add_extension2_lockopt()
could return an error without also freeing the 'data' pointer, so we
add that.
ASTERISK-29097 #close
Change-Id: I904707aae55169feda050a5ed7c6793b53fe6eae
app_confbridge now has the ability to set the estimated bitrate on an
SFU bridge. To use it, set a bridge profile's remb_behavior to "force"
and set remb_estimated_bitrate to a rate in bits per second. The
remb_estimated_bitrate parameter is ignored if remb_behavior is something
other than "force".
Change-Id: Idce6464ff014a37ea3b82944452e56cc4d75ab0a
ast_trace() was always emitting messages when it's level was set to -1
because it was ignoring scope_level.
Change-Id: I849c8f4f4613899c37f82be0202024e7d117e506
Implemention of History-Info capable of interworking with Diversion
Header following RFC7544
ASTERISK-29027 #close
Change-Id: I2296369582d4b295c5ea1e60bec391dd1d318fa6
Added to:
* bridges/bridge_softmix.c
* channels/chan_pjsip.c
* include/asterisk/res_pjsip_session.h
* main/channel.c
* res/res_pjsip_session.c
There NO functional changes in this commit.
Change-Id: I06af034d1ff3ea1feb56596fd7bd6d7939dfdcc3
When both Asterisk and a UA send re-invites at the same time, both
send 491 "Transaction in progress" responses to each other and back
off a specified amount of time before retrying. When Asterisk
prepares to send its re-invite, it sets up the session's pending
media state with the new topology it wants, then sends the
re-invite. Unfortunately, when it received the re-invite from the
UA, it partially processed the media in the re-invite and reset
the pending media state before sending the 491 losing the state it
set in its own re-invite.
Asterisk also was not tracking re-invites received while an existing
re-invite was queued resulting in sending stale SDP with missing
or duplicated streams, or no re-invite at all because we erroneously
determined that a re-invite wasn't needed.
There was also an issue in bridge_softmix where we were using a stream
from the wrong topology to determine if a stream was added. This also
caused us to erroneously determine that a re-invite wasn't needed.
Regardless of how the delayed re-invite was triggered, we need to
reconcile the topology that was active at the time the delayed
request was queued, the pending topology of the queued request,
and the topology currently active on the session. To do this we
need a topology resolver AND we need to make stream named unique
so we can accurately tell what a stream has been added or removed
and if we can re-use a slot in the topology.
Summary of changes:
* bridge_softmix:
* We no longer reset the stream name to "removed" in
remove_all_original_streams(). That was causing multiple streams
to have the same name and wrecked the checks for duplicate streams.
* softmix_bridge_stream_sources_update() was checking the old_stream
to see if it had the softmix prefix and not considering the stream
as "new" if it did. If the stream in that slot has something in it
because another re-invite happened, then that slot in old might
have a softmix stream but the same stream in new might actually
be a new one. Now we check the new_stream's name instead of
the old_stream's.
* stream:
* Instead of using plain media type name ("audio", "video", etc) as
the default stream name, we now append the stream position to it
to make it unique. We need to do this so we can distinguish multiple
streams of the same type from each other.
* When we set a stream's state to REMOVED, we no longer reset its
name to "removed" or destroy its metadata. Again, we need to
do this so we can distinguish multiple streams of the same
type from each other.
* res_pjsip_session:
* Added resolve_refresh_media_states() that takes in 3 media states
and creates an up-to-date pending media state that includes the changes
that might have happened while a delayed session refresh was in the
delayed queue.
* Added is_media_state_valid() that checks the consistency of
a media state and returns a true/false value. A valid state has:
* The same number of stream entries as media session entries.
Some media session entries can be NULL however.
* No duplicate streams.
* A valid stream for each non-NULL media session.
* A stream that matches each media session's stream_num
and media type.
* Updated handle_incoming_sdp() to set the stream name to include the
stream position number in the name to make it unique.
* Updated the ast_sip_session_delayed_request structure to include both
the pending and active media states and updated the associated delay
functions to process them.
* Updated sip_session_refresh() to accept both the pending and active
media states that were in effect when the request was originally queued
and to pass them on should the request need to be delayed again.
* Updated sip_session_refresh() to call resolve_refresh_media_states()
and substitute its results for the pending state passed in.
* Updated sip_session_refresh() with additional debugging.
* Updated session_reinvite_on_rx_request() to simply return PJ_FALSE
to pjproject if a transaction is in progress. This stops us from
creating a partial pending media state that would be invalid later on.
* Updated reschedule_reinvite() to clone both the current pending and
active media states and pass them to delay_request() so the resolver
can tell what the original intention of the re-invite was.
* Added a large unit test for the resolver.
ASTERISK-29014
Change-Id: Id3440972943c611a15f652c6c569fa0e4536bfcb
There's a race condition with bridging where a bridge can be torn down
causing the bridge_channel's ast_channel to become NULL when it's still
needed. This particular case happened with attended transfers, but the
crash occurred when trying to publish a stasis message. Now, the
bridge_channel is locked, a ref to the ast_channel is obtained, and that
ref is passed down the chain.
Change-Id: Ic48715c0c041615d17d286790ae3e8c61bb28814
T.140 data in RTP is not zero terminated, so when we are queuing a text
frame on a bridge we need to ensure that we are passing a zero
terminated string.
ASTERISK-28974 #close
Change-Id: Ic10057387ce30b2094613ea67e3ae8c5c431dda3
The SCOPE_ENTER and SCOPE_EXIT* macros now print debug messages
at the same level as the scope level. This allows the same
messages to be printed to the debug log when AST_DEVMODE
isn't enabled.
Also added a few variants of the SCOPE_EXIT macros that will
also call ast_log instead of ast_debug to make it easier to
use scope tracing and still print error messages.
Change-Id: I7fe55f7ec28069919a0fc0b11a82235ce904cc21
* Added ast_stream_to_stra and ast_stream_topology_to_stra() macros
which are shortcuts for
ast_str_tmp(256, ast_stream_to_str(stream, &STR_TMP))
* Added the stream position to the string representation of the
stream.
* Fixed some formatting in ast_stream_to_str().
Change-Id: Idaf4cb0affa46d4dce58a73a111f35435331cc4b
The assumed behavior of realloc() - that it was effectively a free() if
its second argument was 0 - is Linux specific behavior and is not
guaranteed by either POSIX or the C specification.
Instead, if we want to resize a vector to 0, do it explicitly.
Change-Id: Ife31d4b510ebab41cb5477fdc7ea4e3138ca8b4f
There are various places in Asterisk - specifically in regards to
database integration - where having some kind of UTF-8 validation would
be beneficial. This patch adds:
* Functions to validate that a given string contains only valid UTF-8
sequences.
* A function to copy a string (similar to ast_copy_string) stopping when
an invalid UTF-8 sequence is encountered.
* A UTF-8 validator that allows for progressive validation.
All of this is based on the excellent UTF-8 decoder by Björn Höhrmann.
More information is available here:
https://bjoern.hoehrmann.de/utf-8/decoder/dfa/
The API was written in such a way that should allow us to replace the
implementation later should we determine that we need something more
comprehensive.
Change-Id: I3555d787a79e7c780a7800cd26e0b5056368abf9
* ast_frame_subclass2str() and ast_frame_type2str() now return
a pointer to the buffer that was passed in instead of void.
This makes it easier to use these functions inline in
printf-style debugging statements.
* Added many missing control frame entries in
ast_frame_subclass2str.
Change-Id: Ifd0d6578e758cd644c96d17a5383ff2128c572fc
Tracing through synchronous tasks was a little troublesome because
the new thread's stack counter reset to 0. This change allows
a synchronous task to set its trace level to be the same as the
thread that pushed the task. For now, the task's level has to be
passed in the task's data structure but a future enhancement to the
taskprocessor subsystem could automatically set the trace level
of the servant to be that of the caller.
This doesn't really make sense for async tasks because you never
know when they're going to run anyway.
Change-Id: Ib8049c0b815063a45d8c7b0cb4e30b7b87b1d825
This patch allows a user of AMI to now specify the type of message
content contained within by setting the 'Content-Type' parameter.
Note, the AMI version has been bumped for this change.
ASTERISK-28945 #close
Change-Id: Ibb5315702532c6b954e1498beddc8855fabdf4bb
Created new SCOPE_ functions that don't depend on RAII_VAR. Besides
generating less code, the use of the explicit SCOPE_EXIT macros
capture the line number where the scope exited. The RAII_VAR
versions can't do that.
* SCOPE_ENTER(level, ...): Like SCOPE_TRACE but doesn't use
RAII_VAR and therefore needs needs one of...
* SCOPE_EXIT(...): Decrements the trace stack counter and optionally
prints a message.
* SCOPE_EXIT_EXPR(__expr, ...): Decrements the trace stack counter,
optionally prints a message, then executes the expression.
SCOPE_EXIT_EXPR(break, "My while got broken\n");
* SCOPE_EXIT_RTN(, ...): Decrements the trace stack counter,
optionally prints a message, then returns without a value.
SCOPE_EXIT_RTN("Bye\n");
* SCOPE_EXIT_RTN_VALUE(__return_value, ...): Decrements the trace
stack counter, optionally prints a message, then returns the value
specified.
SCOPE_EXIT_RTN_VALUE(rc, "Returning with RC: %d\n", rc);
Create an ast_str helper ast_str_tmp() that allocates a temporary
ast_str that can be passed to a function that needs it, then frees
it. This makes using the above macros easier. Example:
SCOPE_ENTER(1, Format Caps 1: %s Format Caps 2: %s\n",
ast_str_tmp(32, ast_format_cap_get_names(cap1, &STR_TMP),
ast_str_tmp(32, ast_format_cap_get_names(cap2, &STR_TMP));
The calls to ast_str_tmp create an ast_str of the specified initial
length which can be referenced as STR_TMP. It then calls the
expression, which must return a char *, ast_strdupa's it, frees
STR_TMP, then returns the ast_strdupa'd string. That string is
freed when the function returns.
Change-Id: I44059b20d55a889aa91440d2f8a590865998be51
This patch makes the usual necessary changes when upgrading to a new
version pjproject. For instance, version number bump, patches removed
from third-party, new *.md5 file added, etc..
This patch also includes a change to the Asterisk pjproject Makefile to
explicitly create the 'source/pjsip-apps/lib' directory. This directory
is no longer there by default so needs to be added so the Asterisk
malloc debug can be built.
This patch also includes some minor changes to Asterisk that were a result
of the upgrade. Specifically, there was a backward incompatibility change
made in 2.10 that modified the "expires header" variable field from a
signed to an unsigned value. This potentially effects comparison. Namely,
those check for a value less than zero. This patch modified a few locations
in the Asterisk code that may have been affected.
Lastly, this patch adds a new macro PJSIP_MINVERSION that can be used to
check a minimum version of pjproject at compile time.
ASTERISK-28899 #close
Change-Id: Iec8821c6cbbc08c369d0e3cd2f14e691b41d0c81
When requesting a Local channel the requested stream topology
or a converted stream topology will now be placed onto the
resulting channels.
Frames written in on streams will now also preserve the stream
identifier as they are queued on the opposite channel.
Finally when a stream topology change is requested it is
immediately accepted and reflected on both channels. Each
channel also receives a queued frame to indicate that the
topology has changed.
ASTERISK-28938
Change-Id: I4e9d94da5230d4bd046dc755651493fce1d87186
This patch fixes a few compile warnings/errors that now occur when using gcc
10+.
Also, the Makefile.rules check to turn off partial inlining in gcc versions
greater or equal to 8.2.1 had a bug where it only it only checked against
versions with at least 3 numbers (ex: 8.2.1 vs 10). This patch now ensures
any version above the specified version is correctly compared.
Change-Id: I54718496eb0c3ce5bd6d427cd279a29e8d2825f9
