Change-Id I1cd33453c77c56c8e1394cd60a6f17bb61c1d957 Enable Session-Timers for
SIP over TCP (and TLS) also disables SIP retransmits in chan_sip for non-UDP
connections, allowing the TCP layer to handle the retransmits. Unfortunately,
this caused sessions to be terminated with a retransmit timeout becasue it
stopped at the point of the first retrans call.
This patch waits for the 64*T1 timer to expire instead.
ASTERISK-19968
Change-Id: I844f26801aada10bc94e9bebe6e151f0a8443204
(cherry picked from commit 98e42cc662)
Currently when receiving video over RTP we store only
a calculated samples on the frame. When starting the video
it can take some time for this calculation to actually yield
a value as it requires constant changing timestamps. As well
if a video frame passes over multiple RTP packets this calculation
will fail as the timestamp is the same as the previous RTP
packet and the number of samples calculated will be 0.
This change preserves the timestamp on the frame and allows
it to pass through the core. When sending the video this timestamp
is used instead of a new one being calculated.
ASTERISK-26367 #close
Change-Id: Iba8179fb5c14c9443aee4baf670d2185da3ecfbd
Asterisk defaults to timers=accept/refresher=uas. In that scenario, only in that
scenario, Sessions-Timers (RFC 4028) had no effect via TCP. This change enables
Session-Timers for SIP over TCP (and for SIP over TLS).
However with longer international calls via TCP, the SIP channel might break,
because all hops on the Internet route must stay online (have not a single power
outage, for example). Therefore with Session-Timers enabled (which are enabled
at default), you might see dropped calls. Consequently even with this change,
you might be better-off going for session-timers=refuse in your sip.conf.
ASTERISK-19968 #close
Change-Id: I1cd33453c77c56c8e1394cd60a6f17bb61c1d957
(cherry picked from commit 66c9dfb272)
When performing DNS resolution the failover code present in
res_pjsip currently assumes that a request will always have
at least one viable address. In practice this is not true.
A domain may be used that has no records.
The code now checks that at least one address exists on the
request which prevents looping.
ASTERISK-26364 #close
Change-Id: Ic0761b0264864acd85915c94d878a81624940f4c
The output of CLI "queue show" and AMI Queues action is truncated and
"failed to extend from 240 to 327" messages are generated if the queue
member and interface names are lengthy.
* Increase the string buffer size from 240 to 512 in order to accommodate
for more information fields added to the output since v1.8.
ASTERISK-26360 #close
Reported by: Richard Mudgett
Change-Id: Id99c03cf5362453b80491a4b3b0434cb67aa966d
Previously, the Contact was stored only on initial INVITE and on any
18X and 200. That meant that after re-INVITEs from *us* the Contact
could get updated, but after re-INVITEs from the *peer*, it did not.
This changeset fixes this inconsistency, properly allowing target
refreshes through re-INVITES (RFC3261, 12.2).
If your strictrtp setting allows it, this change allows you to switch
the source IP of a connected/calling device mid-call with a simple
re-INVITE from the new IP.
ASTERISK-26358 #close
Change-Id: Ibb8512054ab27c8c3d2514022568fde943bf2435
Map the sip.conf general section legacy_useroption_parsing to the
new pjsip.conf global ignore_uri_user_options.
ASTERISK-26316
Reported by: Kevin Harwell
Change-Id: I78108a31995db19d41f4e1a07b3324692c5363fc
This implements the chan_sip legacy_useroption_parsing option but with a
better name.
* Made the caller-id number and redirecting number strings obtained from
incoming SIP URI user fields always truncated at the first semicolon.
People don't care about anything after the semicolon showing up on their
displays even though the RFC allows the semicolon.
ASTERISK-26316 #close
Reported by: Kevin Harwell
Change-Id: Ib42b0e940dd34d84c7b14bc2e90d1ba392624f62
If you use the safe_asterisk script, it uses hardcoded defaults before
running configurable values from /etc/asterisk/startup.d. The hardcoded
default has TTY=9. Some containerized environments don't have such a
TTY, and safe_asterisk would stop.
The custom configuration from /etc/asterisk/startup.d/* isn't read until
after it stopped, so changing TTY in a custom config did not help.
This changeset changes safe_asterisk to continue if the TTY setting was
untouched and /dev/tty9 and /dev/vc/9 aren't found.
Change-Id: I2c7cdba549b77f418a0af4cb1227e8e6fe4148fc
The code was incorrectly invoking the unidentified logic when
an endpoint had actually been identified, causing log messages
to be output.
ASTERISK-26349 #close
Change-Id: Id8104fc9e3d138d5e8b6f6977ecc08765fd17d4f
In some scenarios dialog_initialize_rtp can be called multiple times on
the same dialog. This can cause RTP instances to be leaked along with
multiple file descriptors for each instance.
This change makes it so the existing RTP instances are destroyed and
not overwritten, stopping the memory leak.
ASTERISK-26272 #close
patches:
ASTERISK-26272-13.patch submitted by Corey Farrell (license 5909)
Change-Id: Id529de1184c68f2f4d254ab41a1f458dafdb5f73
The endpoint identification PJSIP module is intended to identify which
endpoint an incoming request is from. If an endpoint is not identified,
then an artificial endpoint is used in its place when proceeding.
The problem is that the ACK request type is an exception to the rule.
The artificial endpoint is not used when processing an ACK. This results
in the possibility of having a NULL endpoint being used further on.
The reason ACK is an exception is an attempt not to spam security logs
with unidentified requests. Presumably, you've already logged the
unidentified request on the preceeding INVITE.
Up until Asterisk 13.10, retrieving a NULL endpoint in this fashion
didn't cause an issue. A new change in 13.10 added endpoint ACL checking
shortly after endpoint identification. Because we are accessing a NULL
endpoint, this ACL check resulted in a crash.
The fix here is to be sure to retrieve the artificial endpoint for all
request types. ACKs still do not generate unidentified request security
events.
ASTERISK-26264 #close
Reported by nappsoft
AST-2016-006
Change-Id: Ie0c795ae2d72273decb972dd74b6a1489fb6b703
* Eliminated RAII_VAR in get_outbound_endpoint().
* Simplify update_to() coding. However, this function can only be a NoOp
because the To string can only be a URI and not a name-address formatted
string.
* Simplify update_from() coding. Also fixed a code path modifying the
from string when the caller could still want to use the original string.
* Fixed msg_data_create() incompletely removing the "pjsip:" to then add
back the "sip:" string if needed. The code didn't handle the "pjsip:sip:"
case because it left the colon after pjsip in the string.
Change-Id: I68a09a665f6d4daa9eaa59069045ab69122e28db
Currently when you add global headers from the dialplan both
the header in the dialplan and the globally configured header
are added to the resulting SIP INVITE. This change makes it
so the headers in the dialplan take precedence and are the
only ones added.
Change-Id: I36f864298f38db3632ad503edc11267cb8ffb3ad
Confbridge announcements tend to block a channel while they are being
played. In some circumstances, this is warranted since you want that
particular channel not to hear the announcement (Example: "John Doe has
entered the conference"). For others it makes less sense.
This change first introduces methods for playing sounds asynchronously
into the conference. This is very similar to how synchronous sounds are
played, except the channel initiating the playback does not wait for the
sound to complete before moving on.
Asynchronous announcements are used for two circumstances:
* Sounds played for a user after they have left the bridge
* Sounds that play first to a single user and then the rest of the
conference (if the channel and conference use the same language)
ASTERISK-26289 #close
Reported by Mark Michelson
Change-Id: Ie486bb3de1646d50894489030326a423e594ab0a
The code was referencing the config section as 'globals'
instead of 'general'. This change swaps it over to 'general'.
Change-Id: I9dfe7788f41c4a6754c77e103880dc1a747de7fe
Prior to this patch, a stop issued by a delete of a Playback resource
(indicated by the control frame AST_CONTROL_STREAM_STOP) would only stop
the current media URI playing. Subsequent URIs specified by a playback
operation would then proceed on, even though we had just indicated to
the User that the Playback was finished *and* after they had just
'deleted' the resource. Whoops.
This patch corrects it by bailing out of the sequence of URIs to play if
one of them is terminated with an AST_CONTROL_STREAM_STOP indication.
ASTERISK-26341 #close
Change-Id: I2da9ec43545ba46cdfffe287c7e4907eae7fca42
The DPMA and g729a, silk, siren7 and siren14 codecs hosted at
http://downloads.digium.com/pub/telephony/ are now listed in the
"External" sections of the "Resource Modules" and "Codec Translators"
pages in menuselect. Any that are selected will automatically be
downloaded and installed when "make install" is run. Their LICENSE and
README (if avaialble) files will be installed to
ASTVARLIBDIR/documentation/thirdparty/<product_name>.
Example use with codecs:
The codecs/codecs.xml file is a menuselect style xml file that lists
the codecs to be included. Their support levels are 'external', which
triggers the download and install, and defaultenabled is no. Also
because codec_g729a is actually in a directory named codec_g729 on the
download server, the newly added 'member_data' element is used to
override the default of the directory name being the package name. You
can use the 'directory_name' attribute to keep default base URL
(http://downloads.digium.com/pub/telephony/) but use the new directory,
or you use the 'remote_url' attribute to specify a full URL to the
download directory. In this case, you must still follow the same
subdirectory naming conventions as that used for the packages located
at 'http://downloads.digium.com/pub/telephony'.
A new configure option '--with-externals-cache' was added and like
'--with-sounds-cache' it allows the installer to cache tarballs so
they're not downloaded every time.
To assist with the download and install process, each external package
now has a manifest.xml file that, among other things, contains a package
version and checksums for each file in the tarball. The manifest is
saved to both the cache directory and ASTMODDIR and together with the
manifest.xml on the downloads site, tells the install scripts whether
a download and/or update is needed.
bash and xmlstarlet are required for downloader operation. If they're
not installed, the external items in menuselect will be unavailable.
Change-Id: Id3dcf1289ffd3cb0bbd7dfab3cafbb87be60323a
On heavy loaded system the TCP/TLS incoming calls could be
disconnected by pjproject while these calls are being
processed by asterisk which could use the session's memory pools.
If the session in the disconnected state then the session memory
pools were already freed, so we get segfault.
This patch adds a lifetime control on an INVITE session to pjproject.
The lifetime of the session is manipulated by calling
pjsip_inv_add_ref/pjsip_inv_dec_ref.
This patch uses these functions to inform pjproject that the
session is in use.
This patch adds check if the session state is not disconnected
and also checks if the memory pool is not NULL.
This patch also places tasks 'session_end' and 'session_end_completion'
into session's serializer to avoid race condition.
ASTERISK-26291 #close
Change-Id: I4d28b1fb3b91f0492a911d110049d670fdc3c8d7
Certain SNOM phones send so-called "optional crypto" in their SDP body.
Regular SRTP setup looks like this:
m=audio 64620 RTP/SAVP 8 0 9 99 3 18 4 101
a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:...
SNOM-style "optional crypto" looks like this:
m=audio 61438 RTP/AVP 8 0 9 99 3 18 4 101
a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:...
A crypto line is supplied, but the m-line does not have SAVP.
When res_srtp.so is *not* loaded, then chan_sip.so treats the optional
crypto as regular RTP, but when res_srtp.so *is* loaded, it refuses the
incoming call with the following message:
WARNING: process_sdp: Failed to receive SDP offer/answer with
required SRTP crypto attributes for audio
For platforms that want to start providing SRTP this presents a
compatibility problem.
This changeset lets chan_sip handle the SDP as if no crypto-line was
supplied: i.e. accept the call as regular RTP, just like it did before
res_srtp was loaded.
Now you'll get this informative warning instead:
WARNING: Ignoring crypto attribute in SDP because RTP transport is
insecure
ASTERISK-23989 #close
Reported by: Olle Johansson
Change-Id: I91a15ae05a0296e398d6b65f53bb11afde1d80e2
