Some endpoints do not like a stream being reused for a new
media stream. The frame/jitterbuffer can rely on underlying
attributes of the media stream in order to order the packets.
When a new stream takes its place without any notice the
buffer can get confused and the media ends up getting dropped.
This change uses the SSRC change to determine that a new source
is reusing an existing stream and then bridge_softmix renegotiates
each participant such that they see a new media stream. This
causes the frame/jitterbuffer to start fresh and work as expected.
ASTERISK-27277
Change-Id: I30ccbdba16ca073d7f31e0e59ab778c153afae07
When two channels were early bridged in a native_rtp bridge, the RTP description
on one side was not updated when the other side answered.
This patch forbids non-answered channels to enter a native_rtp bridge, and
triggers a bridge reconfiguration when an ANSWER frame is received.
ASTERISK-27257
Change-Id: If1aaee1b4ed9658a1aa91ab715ee0a6413b878df
The Websocket implementation will steal the underlying stream of
TCP/TLS sessions. This results in an error message being output
about a stream not being present when in reality this is actually
fine.
This change moves it to a debug message instead.
Change-Id: I66cc639080b4b4599beadb4faa7d313f2721d094
A new endpoint parameter "incoming_mwi_mailbox" allows Asterisk to
receive unsolicited MWI NOTIFY requests and make them available to
other modules via the stasis message bus.
res_pjsip_pubsub has a new handler "pubsub_on_rx_mwi_notify_request"
that parses a simple-message-summary body and, if
endpoint->incoming_mwi_account is set, calls ast_publish_mwi_state
with the voice-message counts from the message.
Change-Id: I08bae3d16e77af48fcccc2c936acce8fc0ef0f3c
If an error occurs during a bridge impart it's possible that
the "bridge_after" callback might try to run before
control_swap_channel_in_bridge has been signalled to continue.
Since control_swap_channel_in_bridge is holding the control lock
and the callback needs it, a deadlock will occur.
* control_swap_channel_in_bridge now only holds the control
lock while it's actually modifying the control structure and
releases it while the bridge impart is running.
* bridge_after_cb is now tolerant of impart failures.
Change-Id: Ifd239aa93955b3eb475521f61e284fcb0da2c3b3
In 2dee95cc (ASTERISK-27024) and 776ffd77 (ASTERISK-26879) there was
confusion about whether the transport_state->localnet ACL has ALLOW or
DENY semantics.
For the record: the localnet has DENY semantics, meaning that "not in
the list" means ALLOW, and the local nets are in the list.
Therefore, checks like this look wrong, but are right:
/* See if where we are sending this request is local or not, and if
not that we can get a Contact URI to modify */
if (ast_apply_ha(transport_state->localnet, &addr) != AST_SENSE_ALLOW) {
ast_debug(5, "Request is being sent to local address, "
"skipping NAT manipulation\n");
(In the list == localnet == DENY == skip NAT manipulation.)
And conversely, other checks that looked right, were wrong.
This change adds two macro's to reduce the confusion and uses those
instead:
ast_sip_transport_is_nonlocal(transport_state, addr)
ast_sip_transport_is_local(transport_state, addr)
ASTERISK-27248 #close
Change-Id: Ie7767519eb5a822c4848e531a53c0fd054fae934
An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received. The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.
* Add ast_safe_execvp() function. This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding. This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.
* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.
* Document code injection potential from untrusted data sources for other
shell commands that are under user control.
ASTERISK-27103
Change-Id: I7552472247a84cde24e1358aaf64af160107aef1
A video update frame is used to indicate that a channel
with video negotiated should provide a full frame so the
decoder decoding the stream is able to do so. In situations
where a queue is used to store frames it makes no sense
for the queue to contain multiple video update frames. One
is sufficient to have a full frame be sent.
ASTERISK-27222
Change-Id: Id3f40a6f51b740ae4704003a1800185c0c658ee7
* Add protection checks when mapping streams to the bridge. The channel
and bridge may be in the process of updating the stream mapping when a
media frame comes in so we may not be able to map the frame at the time.
* We need to map the streams to the bridge's stream numbers right before
they are written into the bridge. That way we don't have to keep
locking/unlocking the bridge and we won't have any synchronization
problems before the frames actually go into the bridge.
* Protect the deferred queue with the bridge_channel lock.
ASTERISK-27212
Change-Id: Id6860dd61b594b90c8395f6e2c0150219094c21a
* Fix deadlock in
bridge_softmix.c:softmix_bridge_stream_topology_changed() between
bridge_channel and channel locks.
* The new bridge technology topology change callbacks must be called with
the bridge locked. The callback references the bridge channel list, the
bridge technology could change, and the bridge stream mapping is updated.
ASTERISK-27212
Change-Id: Ide4360ab853607e738ad471721af3f561ddd83be
* ast_channel_request_stream_topology_change() must not be called with any
channel locks held.
* ast_channel_stream_topology_changed() must be called with only the
passed channel lock held.
ASTERISK-27212
Change-Id: I843de7956d9f1cc7cc02025aea3463d8fe19c691
When the iostream code went in it introduced a conditional that made it so the
hook event was not being raised even if a hook is present. This patch adds a
check to see if a hook is present in astman_append. If so then call into the
send_string function, which in turn raises the even for specified hook.
Also updated the ami hooks unit test, so the test could be automated.
ASTERISK-27200 #close
Change-Id: Iff37f02f9708195d8f23e68f959d6eab720e1e36
* netsock2.c: Test the addr->len member first as it may be the only member
initialized in the struct.
* stun.c:ast_stun_handle_packet(): The combinded[] local array could get
used uninitialized by ast_stun_request(). The uninitialized string gets
copied to another location and could overflow the destination memory
buffer.
These valgrind findings were found for ASTERISK_27150 but are not
necessarily a fix for the issue.
Change-Id: I55f8687ba4ffc0f69578fd850af006a56cbc9a57
This change fixes a few locking issues and some video misrouting.
1. When accessing the stream topology of a channel the channel lock
must be held to guarantee the topology remains valid.
2. When a channel was joined to a bridge the bridge specific
implementation for stream mapping was not invoked, causing video
to be misrouted for a brief period of time.
ASTERISK-27182
Change-Id: I5d2f779248b84d41c5bb3896bf22ba324b336b03
joint_cap needs to be released unconditionally as chan->tech->requester
does not steal the reference even on success.
ASTERISK-27180 #close
Change-Id: I647728992559bdb0a9c7357c20be1b36400d68b6
GCC 7 has added capability to produce warnings, this fixes most of those
warnings. The specific warnings are disabled in a few places:
* app_voicemail.c: truncation of paths more than 4096 chars in many places.
* chan_mgcp.c: callid truncated to 80 chars.
* cdr.c: two userfields are combined to cdr copy, fix would break ABI.
* tcptls.c: ignore use of deprecated method SSLv3_client_method().
ASTERISK-27156 #close
Change-Id: I65f280e7d3cfad279d16f41823a4d6fddcbc4c88
This change does a few things to improve packet loss and renegotiation:
1. On outgoing RTP streams we will now properly reflect out of order
packets and packet loss in the sequence number. This allows the
remote jitterbuffer to better reorder things.
2. Video updates can now be discarded for a period of time
after one has been sent to prevent flooding of clients.
3. For declined and removed streams we will now release any
media session resources associated with them. This was not
previously done and caused an issue where old state was being
used for a new stream.
4. RTP bundling was not actually removing bundled RTP instances
from the parent. This has been resolved by removing based on
the RTP instance itself and not the SSRC.
5. The code did not properly handle explicitly unbundling an
RTP instance from its parent. This now works as expected.
ASTERISK-27143
Change-Id: Ibd91362f0e4990b6129638e712bc8adf0899fd45
The seconds and minutes files have always existed in the base language
directory of the Core package. So say.c has always been calling the wrong
location (under digits/) for those two files and in the case of second and
minute they didn't exist in the Core packages at all.
The 1.6 sounds release moves the second and minute files into Core from
Extra for the languages that already had them. A future release will include
the second and minute files for languages that didn't already have them.
This patch just changes all the target locations for second, seconds,
minute, and minutes that were under the digits subdir to be under the root of
sounds instead. Which is where the sounds will be for some languages after 1.6
sounds and for all languages after a future release.
ASTERISK-25810 #close
Change-Id: I05d9d4bee6a7237030530a46e7eb3df15f13f702
Reported-by: Nicolas Riendeau
This change adds support for socket activation of certain SOCK_STREAM
listeners in Asterisk:
* AMI / AMI over TLS
* CLI
* HTTP / HTTPS
Example systemd units are provided. This support extends to any socket
which is initialized using ast_tcptls_server_start, so any unknown
modules using this function will support socket activation.
Asterisk continues to function as normal if socket activation is not
enabled or if systemd development headers are not available during
build.
ASTERISK-27063 #close
Change-Id: Id814ee6a892f4b80d018365c8ad8d89063474f4d
This adds support for parsing timelen values from config files. This
includes support for all flags which apply to PARSE_INT32. Support for
this parser is added to ACO via the OPT_TIMELEN_T option type.
Fixes an issue where extra characters provided to ast_app_parse_timelen
were ignored, they now cause an error.
Testing is included.
ASTERISK-27117 #close
Change-Id: I6b333feca7e3f83b4ef5bf2636fc0fd613742554
BUNDLE is a specification used in WebRTC to allow multiple
streams to use the same underlying transport. This reduces
the number of ICE and DTLS negotiations that has to occur
to 1 normally.
This change implements this by adding support for it to
the RTP SDP module in PJSIP. BUNDLE can be turned on using
the "bundle" option and on an offer we will offer to
bundle streams together. On an answer we will accept any
bundle groups provided. Once accepted each stream is bundled
to another RTP instance for transport.
For the res_rtp_asterisk changes the ability to bundle
an RTP instance to another based on the SSRC received
from the remote side has been added. For outgoing traffic
if an RTP instance is bundled to another we will use the
other RTP instance for any transport related things. For
incoming traffic received from the transport instance we
look up the correct instance based on the SSRC and use it
for any non-transport related data.
ASTERISK-27118
Change-Id: I96c0920b9f9aca7382256484765a239017973c11
This adds a parameter to ast_waitfordigit_full which can be used to only
stop waiting when certain expected digits are received. Any unexpected
DTMF digits are simply ignored.
This also creates a new dialplan application WaitDigit.
ASTERISK-27129 #close
Change-Id: Id233935ea3d13e71c75a0861834c5936c3700ef9
This change fixes a few things uncovered during SFU testing.
1. Unreal channels incorrectly forwarded video frames when
no video stream was present on them. This caused a crash when
they were read as the core requires a stream to exist for the
underlying media type. The Unreal channel will now ensure a
stream exists for the media type before forwarding the frame
and if no stream exists then the frame is dropped.
2. Mapping of frames during bridging from the stream number of
the underlying channel to the stream number of the bridge was
done in the wrong location. This resulted in the frame getting
dropped. This mapping now occurs on reading of the frame from
the channel.
3. Bridging was using the wrong ast_read function resulting in
it living in a non-multistream world.
4. In bridge_softmix when adding new streams to existing channels
the wrong stream topology was copied resulting in no streams
being added.
Change-Id: Ib7445722c3219951d6740802a0feddf2908c18c8
Setting maxfiles (maximum number of open files) has no practical
effect on a remote asterisk (rasterisk, rasterisk -x).
It has an ill effect of printing an extra message, which
may be annoying in case of -x.
ASTERISK-27105 #close
Change-Id: Iaf9eb344e4b4b517df91b736b27ec55f6a6921a2
Messages like "fwrite() failed: Connection reset by peer" are no
help whatsoever, especially since they can be caused simply by a
client disconnecting.
* Make those WARNINGs DEBUGs.
* Check the return from ast_iostream_printf of headers.
Change-Id: I17bd5f3621514152a7b2b263c801324c5e96568b
This API was not actively maintained, was not added to new modules
(such as res_pjsip), and there exist better alternatives to acquire the
same information, such as the ARI.
Change-Id: I4b2185a83aeb74798b4ad43ff8f89f971096aa83
Clear channel flag AST_FLAG_END_DTMF_ONLY in ast_waitfordigit_full when
ast_read returns NULL.
ASTERISK-27100 #close
Change-Id: Id3039e9a4e74e0cb359f636c9fd0c9740ebf7d9d
The stream topology (list of streams and order) is now stored with the
configured PJSIP endpoints and used during the negotiation process.
Media negotiation state information has been changed to be stored
in a separate object. Two of these objects exist at any one time
on a session. The active media state information is what was previously
negotiated and the pending media state information is what the
media state will become if negotiation succeeds. Streams and other
state information is stored in this object using the index (or
position) of each individual stream for easy lookup.
The ability for a media type handler to specify a callback for
writing has been added as well as the ability to add file
descriptors with a callback which is invoked when data is available
to be read on them. This allows media logic to live outside of
the chan_pjsip module.
Direct media has been changed so that only the first audio and
video stream are directly connected. In the future once the RTP
engine glue API has been updated to know about streams each individual
stream can be directly connected as appropriate.
Media negotiation itself will currently answer all the provided streams
on an offer within configured limits and on an offer will use the
topology created as a result of the disallow/allow codec lines.
If a stream has been removed or declined we will now mark it as such
within the resulting SDP.
Applications can now also request that the stream topology change.
If we are told to do so we will limit any provided formats to the ones
configured on the endpoint and send a re-invite with the new topology.
Two new configuration options have also been added to PJSIP endpoints:
max_audio_streams: determines the maximum number of audio streams to
offer/accept from an endpoint. Defaults to 1.
max_video_streams: determines the maximum number of video streams to
offer/accept from an endpoint. Defaults to 1.
ASTERISK-27076
Change-Id: I8afd8dd2eb538806a39b887af0abd046266e14c7
In an earlier version of Asterisk a local channel [un]lock all functions were
added in order to keep a crash from occurring when a channel hung up too early
during an attended transfer. Unfortunately, when a transfer failure occurs and
depending on the timing, the local channels sometime do not get properly
unlocked and deref'ed after being locked and ref'ed. This happens because the
underlying local channel structure gets NULLed out before unlocking.
This patch reworks those [un]lock functions and makes sure the values that get
locked and ref'ed later get unlocked and deref'ed.
ASTERISK-27074 #close
Change-Id: Ice96653e29bd9d6674ed5f95feb6b448ab148b09
If an attended transfer failed it was possible for some of the channels
involved to get "stuck" because Asterisk was not hanging up the transfer target.
This patch ensures Asterisk hangs up the transfer target when an attended
transfer failure occurs.
ASTERISK-27075 #close
Change-Id: I98a6ecd92d3461ab98c36f0d9451d23adaf3e5f9
