Commit Graph

29365 Commits

Author SHA1 Message Date
hajekd
39b68a41f7 res/res_ari.c Fix: Memory leaks in ARI when using Content-Type: application/json
ASTERISK-27305
Reported by: David Hajek
Tested by: David Hajek

Change-Id: Ife3e289062e6cf7d0e7d342dbf79ed96feff441e
2017-10-08 21:05:56 +02:00
Alexander Traud
209916981a tcptls: Do not re-bind to wildcard on client creation.
Since ASTERISK-26922, this issue affected only those chan_sip which were
* enabled for dual-stack (bindaddr=::), and
* enabled for TCP (tcpenable=yes) and/or TLS (tlsenable=yes), and
* tried to register and/or invite a IPv4-only service,
* via TCP and/or TLS.
Now, ast_tcptls_client_create does not re-bind to [::] anymore.

ASTERISK-27324 #close

Change-Id: I4b242837bdeb1ec7130dc82505c6180a946fd9b5
2017-10-08 09:22:57 -05:00
Corey Farrell
f1163c0f6f res_pjsip: Fix leak of persistent endpoint references.
Do not manually call sip_endpoint_apply_handler from load_all_endpoints.
This is not necessary and causes memory leaks.

Additionally reinitialize persistent->aors when we reuse a persistent
object with a new endpoint.

ASTERISK-27306

Change-Id: I59bbfc8da8a14d5f4af8c5bb1e71f8592ae823eb
2017-10-06 15:54:11 -05:00
Jenkins2
d2a39f896d Merge "vector: multiple evaluation of elem in AST_VECTOR_ADD_SORTED." into 13 2017-10-06 15:09:23 -05:00
Jenkins2
3844179335 Merge "res_pjsip: Fix leak of fake_auth references." into 13 2017-10-06 14:46:11 -05:00
Corey Farrell
8bf4be1048 vector: multiple evaluation of elem in AST_VECTOR_ADD_SORTED.
Use temporary variable to prevent multiple evaluations of elem argument.
This resolves a memory leak in res_pjproject startup.

ASTERISK-27317 #close

Change-Id: Ib960d7f5576f9e1a3c478ecb48995582a574e06d
2017-10-06 13:39:04 -05:00
Jenkins2
7703ab0443 Merge "main/strings: Fix uninitialized value." into 13 2017-10-06 13:21:33 -05:00
Jenkins2
a6ead833ee Merge "res_pjsip_caller_id chan_sip: Comply to RFC 3323 values for privacy" into 13 2017-10-06 09:51:07 -05:00
Corey Farrell
5110600f1e res_pjsip: Fix leak of fake_auth references.
pjsip_distributor leaks references to fake_auth when the default realm
has not changed.

ASTERISK-27306

Change-Id: I3fcf103b3680ad2d1d4610dcd6738eeaebf4d202
2017-10-06 09:24:52 -05:00
Corey Farrell
462dd7c2de main/strings: Fix uninitialized value.
ast_strings_match uses sscanf and checks for non-zero return to verify a
token was parsed. This is incorrect as sscanf returns EOF (-1) for errors.

ASTERISK-27318 #close

Change-Id: Ifcece92605f58116eff24c5a0a3b0ee08b3c87b1
2017-10-05 20:28:28 -05:00
Jenkins2
646d97f626 Merge "app_queue.c: Fix announcements when announce-to-first-user not enabled." into 13 2017-10-04 14:32:26 -05:00
krells
29c442b587 res_calendar_icalendar: Filter out occurrences superceded by another VEVENT
When we are loading the calendars, we call libical's
icalcomponent_foreach_recurrence method for each VEVENT component that
we have in our calendar.

That method has no knowledge concerning the existence of the other
VEVENT components and will feed our callback with all ocurrences
matching the requested time span.

The occurrences generated by icalcomponent_foreach_recurrence while
expanding a recurring VEVENT's RRULE and RDATE properties can be
superceded by an other VEVENT sharing the same UID.

I use an external iterator (in libical terminology) to avoid messing
with the internal ones from the calling function, and search for
VEVENTS which could supersede the current occurrence.

The event which can invalidate this occurence needs to have:

- the same UID as our recurrent component (comp)
- a RECURRENCE-ID property, which represents the start time of this
  occurrence

If one component is found, just clean and return.

ASTERISK-27296 #close
Reported by: Benoît Dereck-Tricot

Change-Id: I8587ae3eaa765af7cb21eda3b6bf84e8a1c87af8
2017-10-04 10:49:18 -04:00
Torrey Searle
6c30f4a2d1 contrib/thirdparty/sip_to_pjsip: add additional flag mappings
add mappings for udptl redundancy, rtptimeout, and debug flags

Change-Id: Ie73cf5c83c05dee01eb9624ede76c1a30225d73a
2017-10-04 09:26:17 -04:00
Jenkins2
5a8f85ae98 Merge "heap.c: No need to calloc heap pointer array." into 13 2017-10-03 20:25:05 -05:00
Daniel Tryba
6dfe5b29b6 res_pjsip_caller_id chan_sip: Comply to RFC 3323 values for privacy
Currently privacy requests are only granted if the Privacy header
value is exactly "id" (defined in RFC 3325). It ignores any other
possible value (or a combination there of). This patch reverses the
logic from testing for "id" to grant privacy, to testing for "none" and
granting privacy for any other value. "none" must not be used in
combination with any other value (RFC 3323 section 4.2).

ASTERISK-27284 #close

Change-Id: If438a21f31a962da32d7a33ff33bdeb1e776fe56
2017-10-03 22:05:33 +02:00
Jenkins2
9d4a7b528c Merge "logger: Bring back ability to turn debug on by source file" into 13 2017-10-03 09:55:06 -05:00
Richard Mudgett
0945f10d3b app_queue.c: Fix announcements when announce-to-first-user not enabled.
The previous patch for ASTERISK-27216 made it so you wouldn't get any
position or periodic announcements unless you had announce-to-first-user
enabled.  The announce-to-first-user feature was added by ASTERISK_21782
as a result of the patch which introduced the redundant announcements that
ASTERISK-27216 removes.

* By noting that the makeannouncement variable is used to suppresses the
first user announcement, we set its initial value to the
announce-to-first-user enable setting.

ASTERISK-27216

Change-Id: Ieaeb7dbea8ae7073086b775fbafe0625b000b10a
2017-09-28 18:47:01 -05:00
Richard Mudgett
a433bb38b5 heap.c: No need to calloc heap pointer array.
Change-Id: I5ae2f316229f336eb90d99c7af7ed07a33097e68
2017-09-28 15:47:55 -05:00
Jenkins2
b6d5e9223c Merge "pjsip_message_filter: Fix regression causing bad contact address" into 13 2017-09-28 13:13:06 -05:00
George Joseph
47620ea862 logger: Bring back ability to turn debug on by source file
Somewhere along the way we lost the ability to debug individual
source files.  For modules, this wasn't a big deal but all the
source files in ./main are in the one "core" module so debugging
individual core capabilities was almost impossible.

* Added a test to DEBUG_ATLEAST that also checks __FILE__ instead
of just module name.  Any source file will work even if it's in
a module subdirectory.

Change-Id: Icc0af41837f3b1679dec7af21fa32cd1f7469f6e
2017-09-28 12:18:05 -05:00
Joshua Colp
f4daa91dcb Merge "pjproject: Patch to correct STUN FINGERPRINT usage" into 13 2017-09-28 07:50:47 -05:00
George Joseph
d70d7b2f5d pjsip_message_filter: Fix regression causing bad contact address
The "res_pjsip:  Filter out non SIP(S) requests" commit moved the
filtering of messages to pjproject's PJSIP_MOD_PRIORITY_TRANSPORT_LAYER
in order to filter out incoming bad uri schemes as early as possible.
Since the change affected outgoing messages as well and the TRANSPORT
layer is the last to be run on outgoing messages, we were overwriting
the setting of external_signaling_address (which is set earlier by
res_pjsip_nat) with an internal address.

* pjsip_message_filter now registers itself as a pjproject module
twice.  Once in the TSX layer for the outgoing messages (as it was
originally), then a second time in the TRANSPORT layer for the
incoming messages to catch the invalid uri schemes.

ASTERISK-27295
Reported by: Sean Bright

Change-Id: I2c90190c43370f8a9d1c4693a19fd65840689c8c
2017-09-26 11:46:31 -05:00
Richard Mudgett
221d8a5c24 res_rtp_asterisk.c: Fix bridge_p2p_rtp_write() reentrancy potential.
The bridge_p2p_rtp_write() has potential reentrancy problems.

* Accessing the bridged RTP members must be done with the instance1 lock
held.  The DTMF and asymmetric codec checks must be split to be done with
the correct RTP instance struct locked.  i.e., They must be done when
working on the appropriate side of the point to point bridge.

* Forcing the RTP mark bit was referencing the wrong side of the point to
point bridge.  The set mark bit is used everywhere else to set the mark
bit when sending not receiving.

The patches for ASTERISK_26745 and ASTERISK_27158 did not take into
account that not everything carried by RTP uses a codec.  The telephony
DTMF events are not exchanged with a codec.  As a result when
RFC2833/RFC4733 sent digits you would crash if "core set debug 1" is
enabled, the DTMF digits would always get passed to the core even though
the local native RTP bridge is active, and the DTMF digits would go out
using the wrong SSRC id.

* Add protection for non-format payload types like DTMF when updating the
lastrxformat and lasttxformat.  Also protect against non-format payload
types when checking for asymmetric codecs.

ASTERISK-27292

Change-Id: I6344ab7de21e26f84503c4d1fca1a41579364186
2017-09-26 11:12:44 -05:00
Jenkins2
a40978f865 Merge "channel.c: Fix invalid reference in conditionaled out code." into 13 2017-09-26 06:34:33 -05:00
Jenkins2
df17e01274 Merge "app_queue: Only do announcement logic between ringing cycles" into 13 2017-09-26 06:22:14 -05:00
Sean Bright
f3b1b64d21 pjproject: Patch to correct STUN FINGERPRINT usage
Change-Id: I0e453253dff1388b0186b36c754457c1d0d12db6
2017-09-25 14:09:33 -04:00
Joshua Colp
7977daa0cc Merge "build: A few gcc 7 error fixes" into 13 2017-09-25 12:29:14 -05:00
Richard Mudgett
8d2c3effc2 channel.c: Fix invalid reference in conditionaled out code.
ASTERISK-27289

Change-Id: I7a415948116493050614d9f4fa91ffbe0c21ec4c
2017-09-25 11:22:34 -05:00
George Joseph
690f7f7c76 build: A few gcc 7 error fixes
Change-Id: I7b5300fbf1af7d88d47129db13ad6dbdc9b553ec
2017-09-25 06:25:06 -06:00
Sean Bright
f39af4d36d res_pjsip: Use ast_sip_is_content_type() where appropriate
Change-Id: If3ab0d73d79ac4623308bd48508af2bfd554937d
2017-09-22 11:04:31 -04:00
Jenkins2
9576ae0e7e Merge "res_config_pgsql: Fix removed support to previous for versions PostgreSQL 9.1" into 13 2017-09-22 05:31:51 -05:00
Jenkins2
fef8b6efec Merge "res_srtp: lower log level of auth failures" into 13 2017-09-21 11:35:06 -05:00
Rodrigo Ramírez Norambuena
c98e980fff res_config_pgsql: Fix removed support to previous for versions PostgreSQL 9.1
In PostgreSQL 9.1 the backslash are string literals and not the escape
of characters.

In previous issue ASTERISK_26057 was fixed the use of escape LIKE but the
support for old version of Postgresql than 9.1 was dropped. The sentence
before make was "ESCAPE '\'" but in version before than 9.1  need it to be
as follow "ESCAPE '\\'".

ASTERISK-27283

Change-Id: I96d9ee1ed7693ab17503cb36a9cd72847165f949
2017-09-21 11:25:39 -05:00
Joshua Colp
2f8e7be0d1 Merge "chan_sip: Expose read-only access to the full SIP INVITE Request-URI" into 13 2017-09-21 11:16:24 -05:00
StefanEng86
0adf6f3bd9 app_queue: Only do announcement logic between ringing cycles
This patch reverts the change by patch 2263 from old reviewboard.
Note that reverting that 2263-patch still preserves the behaviour that
the commit log of the 2263-patch claimed to add. The reason for this is:

The function wait_for_answer is only called from try_calling which
in turn is only called from the main for loop in queue_exec, and
earlier in that loop we already check the things that's removed by
this patch. There's no need to check those things twice each loop
iteration, and I think the proper place to check it is before each
ringing cycle. By checking it in wait_for_answer, you allow the issue
explained in the jira - that the head caller hears announcements while
the agents' sip phones are actively ringing.

Reported-by: Stefan Engström
Tested-by: Stefan Engström
ASTERISK-27216 #close

Change-Id: Ic4290dc75256f9743900c6762ee1bb915f672db0
2017-09-21 07:04:55 -03:00
Jean Aunis
da40976987 bridge : Fix one-way direct-media when early bridging with native_rtp
When two channels were early bridged in a native_rtp bridge, the RTP description
on one side was not updated when the other side answered.
This patch forbids non-answered channels to enter a native_rtp bridge, and
triggers a bridge reconfiguration when an ANSWER frame is received.

ASTERISK-27257

Change-Id: If1aaee1b4ed9658a1aa91ab715ee0a6413b878df
2017-09-20 10:19:07 -05:00
Jenkins2
4bde3d8634 Merge "res_pjsip_pubsub: Check for Content-Type header in rx_notify_request" into 13 2017-09-20 07:59:36 -05:00
George Joseph
828a0611bc res_pjsip_pubsub: Check for Content-Type header in rx_notify_request
pubsub_on_rx_notify_request wasn't checking for a null
Content-Type header before checking that it was
application/simple-message-summary.

ASTERISK-27279
Reported by: Ross Beer

Change-Id: Iec2a6c4d2e74af37ff779ecc9fd35644c5c4ea52
2017-09-19 12:49:06 -06:00
Jenkins2
2f11ea59db Merge "AST-2017-008: Improve RTP and RTCP packet processing." into 13 2017-09-19 10:37:10 -05:00
David J. Pryke
94f616e5e2 chan_sip: Expose read-only access to the full SIP INVITE Request-URI
Provide a way to get the contents of the the Request URI from the initial SIP
INVITE in dial plan function call. (In this case "${CHANNEL(ruri)}")

ASTERISK-27278
Reported by: David J. Pryke
Tested by: David J. Pryke

Change-Id: I1dd4d6988eed1b6c98a9701e0e833a15ef0dac3e
2017-09-19 10:34:01 -04:00
Joshua Colp
839c35adab Merge "res_calendar: On reload, update all configuration" into 13 2017-09-19 07:32:56 -05:00
Jenkins2
1a35e2b8c1 Merge "cdr_mysql.c: Apply cdrzone to start and answer" into 13 2017-09-19 06:25:59 -05:00
Alexander Traud
cfc0ca1fb5 tcptls: Fixed a white space error.
ASTERISK-26606

Change-Id: I81a7268ef7ba012d4d80d44c70b6276d48e397fa
2017-09-18 17:27:24 +02:00
Alexander Traud
99a08eb7ab res_srtp: lower log level of auth failures
Previously, sRTP authentication failures were reported on log level WARNING.
When such failures happen, each RT(C)P packet is affected, spamming the log.
Now, those failures are reported at log level VERBOSE 2. Furthermore, the
amount is further reduced (previously all two seconds, now all three seconds).
Additionally, the new log entry informs whether media (RTP) or statistics (RTCP)
are affected.

ASTERISK-16898 #close

Change-Id: I6c98d46b711f56e08655abeb01c951ab8e8d7fa0
2017-09-18 17:00:31 +02:00
alex
f1eb36ea51 cdr_mysql.c: Apply cdrzone to start and answer
Change-Id: I7de0a5adc89824a5f2b696fc22c80fc22dff36b0
2017-09-18 07:03:00 -05:00
Richard Mudgett
6d4b801c83 AST-2017-008: Improve RTP and RTCP packet processing.
Validate RTCP packets before processing them.

* Validate that the received packet is of a minimum length and apply the
RFC3550 RTCP packet validation checks.

* Fixed potentially reading garbage beyond the received RTCP record data.

* Fixed rtp->themssrc only being set once when the remote could change
the SSRC.  We would effectively stop handling the RTCP statistic records.

* Fixed rtp->themssrc to not treat a zero value as special by adding
rtp->themssrc_valid to indicate if rtp->themssrc is available.

ASTERISK-27274

Make strict RTP learning more flexible.

Direct media can cause strict RTP to attempt to learn a remote address
again before it has had a chance to learn the remote address the first
time.  Because of the rapid relearn requests, strict RTP could latch onto
the first remote address and fail to latch onto the direct media remote
address.  As a result, you have one way audio until the call is placed on
and off hold.

The new algorithm learns remote addresses for a set time (1.5 seconds)
before locking the remote address.  In addition, we must see a configured
number of remote packets from the same address in a row before switching.

* Fixed strict RTP learning from always accepting the first new address
packet as the new stream.

* Fixed strict RTP to initialize the expected sequence number with the
last received sequence number instead of the last transmitted sequence
number.

* Fixed the predicted next sequence number calculation in
rtp_learning_rtp_seq_update() to handle overflow.

ASTERISK-27252

Change-Id: Ia2d3aa6e0f22906c25971e74f10027d96525f31c
2017-09-15 15:46:30 -05:00
Jenkins2
b6e1b13de4 Merge "res_pjsip: Filter out non SIP(S) requests" into 13 2017-09-15 15:24:50 -05:00
Sean Bright
5075cc8eed res_calendar: On reload, update all configuration
This changes the behavior of res_calendar to drop all existing calendars
and re-create them whenever a reload is done. The Calendar API provides
no way for configuration information to be pushed down to calendar
'techs' so updated settings would not take affect until a module
unload/load was done or Asterisk was restarted.

Asterisk 15+ already has a configuration option 'fetch_again_at_reload'
that performs a similar function.

Also fix a tiny memory leak in res_calendar_caldav while we're at it.

ASTERISK-25524 #close
Reported by: Jesper

Change-Id: Ib0f8057642e9d471960f1a79fd42e5a3ce587d3b
2017-09-15 14:45:57 -05:00
Jenkins2
14109355f3 Merge "res_calendar: Various fixes" into 13 2017-09-15 08:10:22 -05:00
George Joseph
63900374fa res_pjsip: Filter out non SIP(S) requests
Incoming requests with non sip(s) URIs in the Request, To, From
or Contact URIs are now rejected with
PJSIP_SC_UNSUPPORTED_URI_SCHEME (416).  This is performed in
pjsip_message_filter (formerly pjsip_message_ip_updater) and is
done at pjproject's "TRANSPORT" layer before a request can even
reach the distributor.

URIs read by res_pjsip_outbound_publish from pjsip.conf are now
also checked for both length and sip(s) scheme.  Those URIs read
by outbound registration and aor were already being checked for
scheme but their error messages needed to be updated to include
scheme failure as well as length failure.

Change-Id: Ibb2f9f1d2dc7549da562af4cbd9156c44ffdd460
2017-09-14 13:08:38 -06:00