An http request can be sent to get the existing Asterisk logs.
The command "curl -v -u user:pass -X GET 'http://localhost:8088
/ari/asterisk/logging'" can be run in the terminal to access the
newly implemented functionality.
* Retrieve all existing log channels
ASTERISK-25252
Change-Id: I7bb08b93e3b938c991f3f56cc5d188654768a808
An http request can be sent to create a log channel
in Asterisk.
The command "curl -v -u user:pass -X POST
'http://localhost:088/ari/asterisk/logging/mylog?
configuration=notice,warning'" can be run in the terminal
to access the newly implemented functionality for ARI.
* Ability to create log channels using ARI
ASTERISK-25252
Change-Id: I9a20e5c75716dfbb6b62fd3474faf55be20bd782
An http request can be sent to delete a log channel
in Asterisk.
The command "curl -v -u user:pass -X DELETE 'http://localhost:8088
/ari/asterisk/logging/mylog'" can be run in the terminal
to access the newly implemented functionally for ARI.
* Able to delete log channels using ARI
ASTERISK-25252
Change-Id: Id6eeb54ebcc511595f0418d586ff55914bc3aae6
The pjsip_rx_data structure has a pkt_info.packet field on it that is
the packet that was read from the transport. For datagram transports,
the packet read from the transport will correspond to the SIP message
that arrived. For streamed transports, however, it is possible to read
multiple SIP messages in one packet.
In a recent case, Asterisk crashed on a system where TCP was being used.
This is because at some point, a read from the TCP socket resulted in a
200 OK response as well as an incoming SUBSCRIBE request being stored in
rdata->pkt_info.packet. When the SUBSCRIBE was processed, the
combination 200 OK and SUBSCRIBE was saved in persistent storage. Later,
a restart of Asterisk resulted in the crash because the persistent
subscription recreation code ended up building the 200 OK response
instead of a SUBSCRIBE request, and we attempted to access
request-specific data.
The fix here is to use the pjsip_msg_print() function in order to
persist SUBSCRIBE requests. This way, rather than using the raw socket
data, we use the parsed SIP message that PJSIP has given us. If we
receive multiple SIP messages from a single read, we will be sure only
to save off the relevant SIP message. There also is a safeguard put in
place to make sure that if we do end up reconstructing a SIP response,
it will not cause a crash.
ASTERISK-25306 #close
Reported by Mark Michelson
Change-Id: I4bf16f7b76a2541d10b55de82bcd14c6e542afb2
The ast_sip_sanitize_xml function is used to sanitize
a string for placement into XML. This is done by examining
an input string and then appending values to an output
buffer. The function used by its implementation, strncat,
has specific behavior that was not taken into account.
If the size of the input string exceeded the available
output buffer size it was possible for the sanitization
function to write past the output buffer itself causing
a crash. The crash would either occur because it was
writing into memory it shouldn't be or because the resulting
string was not NULL terminated.
This change keeps count of how much remaining space is
available in the output buffer for text and only allows
strncat to use that amount.
Since this was exposed by the res_pjsip_pidf_digium_body_supplement
module attempting to send a large message the maximum allowed
message size has also been increased in it.
A unit test has also been added which confirms that the
ast_sip_sanitize_xml function is providing NULL terminated
output even when the input length exceeds the output
buffer size.
ASTERISK-25304 #close
Change-Id: I743dd9809d3e13d722df1b0509dfe34621398302
A change recently went in which enabled perfect forward secrecy for
DTLS in res_rtp_asterisk. This was accomplished two different ways
depending on the availability of a feature in OpenSSL. The fallback
method created a temporary instance of a key but did not free it.
This change fixes that.
ASTERISK-25265
Change-Id: Iadc031b67a91410bbefb17ffb4218d615d051396
Commit 39cc28f6ea attempted to fix a
test failure observed on 32 bit test agents by ensuring that a cast from
a 32 bit unsigned integer to a 64 bit unsigned integer was happening in
a predictable place. As it turns out, this did not cause test runs to
succeed.
This commit adds several redundant debug messages that print the payload
lengths of websocket frames. The idea here is that this commit will not
cause tests to succeed for the faulty test agent, but we might deduce
where the fault lies more easily this way by observing at what point the
expected value (537) changes to some ungangly huge number.
If you are wondering why something like this is being committed to the
branch, keep in mind that in commit
39cc28f6ea I noted that the observed test
failures only happen when automated tests are run. Attempts to run the
tests by hand manually on the test agent result in the tests passing.
Change-Id: I14a65c19d8af40dadcdbd52348de3b0016e1ae8d
We have seen a rash of test failures on a 32-bit build agent. Commit
48698a5e21 solved an obvious problem where
we were not encoding a 64-bit value correctly over the wire. This
commit, however, did not solve the test failures.
In the failing tests, ARI is attempting to send a 537 byte text frame
over a websocket. When sending a frame this small, 16 bits are all that
is required in order to encode the payload length on the websocket
frame. However, ast_websocket_write() thinks that the payload length is
greater than 65535 and therefore writes out a 64 bit payload length.
Inspecting this payload length, the lower 32 bits are exactly what we
would expect it to be, 537 in hex. The upper 32 bits, are junk values
that are not expected to be there.
In the failure, we are passing the result of strlen() to a function that
expects a uint64_t parameter to be passed in. strlen() returns a size_t,
which on this 32-bit machine is 32 bits wide. Normally, passing a 32-bit
unsigned value to somewhere where a 64-bit unsigned value is expected
would cause no problems. In fact, in manual runs of failing tests, this
works just fine. However, ast_websocket_write() uses the Asterisk
optional API, which means that rather than a simple function call, there
are a series of macros that are used for its declaration and
implementation. These macros may be causing some sort of error to occur
when converting from a 32 bit quantity to a 64 bit quantity.
This commit changes the logic by making existing ast_websocket_write()
calls use ast_websocket_write_string() instead. Within
ast_websocket_write_string(), the 64-bit converted strlen is saved in a
local variable, and that variable is passed to ast_websocket_write()
instead.
Note that this commit message is full of speculation rather than
certainty. This is because the observed test failures, while always
present in automated test runs, never occur when tests are manually
attempted on the same test agent. The idea behind this commit is to fix
a theoretical issue by performing changes that should, at the least,
cause no harm. If it turns out that this change does not fix the failing
tests, then this commit should be reverted.
Change-Id: I4458dd87d785ca322b89c152b223a540a3d23e67
This will add ECDH support to Asterisk. It will
detect auto ECDH support in OpenSSL
(1.0.2b and above) during ./configure. If this is
available, it will use it,
otherwise it will fall back to prime256v1 (this
behavior is consistent with
other projects such as Apache and nginx).
This fixes WebRTC being broken in Firefox 38+ due
to Firefox now only supporting
ciphers with perfect forward secrecy.
ASTERISK-25265 #close
Change-Id: I8c13b33a2a79c0bde2e69e4ba6afa5ab9351465b
An http request can be sent to rotate a specified log channel.
If the channel does not exist, an error response will be
returned.
The command "curl -v -u user:pass -X PUT 'http://localhost:8088
/ari/asterisk/logging/logChannelName/rotate'" can be run in the
terminal to access this new functionality.
* Added the ability to rotate log files through ARI
ASTERISK-25252
Change-Id: Iaefa21cbbc1b29effb33004ee3d89c977e76ab01
Two testsuite tests crashed in the same place as a result of an INVITE
being CANCELed.
tests/channels/pjsip/resolver/srv/failover/in_dialog/transport_unspecified
tests/channels/pjsip/resolver/srv/failover/in_dialog/transport_tcp
The session pointer is no longer in the inv->mod_data[session_module.id]
location because the INVITE transaction has reached the terminated state.
ASTERISK-25297 #close
Reported by: Richard Mudgett
Change-Id: Idb75fdca0321f5447d5dac737a632a5f03614427
A test agent was continuously failing all ARI tests when run against
Asterisk 13. As it turns out, the reason for this is that on those test
runs, for some reason we decided to use the super extended 64 bit
payload length for websocket text frames instead of the extended 16 bit
payload length. For 64-bit payloads, the expected byte order over the
network is
7, 6, 5, 4, 3, 2, 1, 0
However, we were sending the payload as
3, 2, 1, 0, 7, 6, 5, 4
This meant that we were saying to expect an absolutely MASSIVE payload
to arrive. Since we did not follow through on this expected payload
size, the client would sit patiently waiting for the rest of the payload
to arrive until the test would time out.
With this change, we use the htobe64() function instead of htonl() so
that a 64-bit byte-swap is performed instead of a 32 bit byte-swap.
Change-Id: Ibcd8552392845fbcdd017a8c8c1043b7fe35964a
This change adds support for the 'rtp_timeout' and 'rtp_timeout_hold'
endpoint options. These allow the channel to be hung up if RTP
is not received from the remote endpoint for a specified number of
seconds.
ASTERISK-25259 #close
Change-Id: I3f39daaa7da2596b5022737b77799d16204175b9
This adds an "rtp_keepalive" option for PJSIP endpoints. Similar to the
chan_sip option, this specifies an interval, in seconds, at which we
will send RTP comfort noise frames. This can be useful for keeping RTP
sessions alive as well as keeping NAT associations alive during lulls.
ASTERISK-25242 #close
Reported by Mark Michelson
Change-Id: I06660ba672c0a343814af4cec838e6025cafd54b
Misconfiguring sorcery.conf with a 'config' wizard with no extra data
will currently crash Asterisk on startup, as the wizard requires a comma
delineated list to parse. This patch updates res_sorcery_config to check
for the presence of the data before it starts manipulating it.
Change-Id: I4c97512e8258bc82abe190627a9206c28f5d3847
This patch adds support for push configuration of dynamic, i.e.,
sorcery, objects in Asterisk. It adds three new REST API calls to the
'asterisk' resource:
* GET /asterisk/{configClass}/{objectType}/{id}: retrieve the current
object given its ID. This returns back a list of ConfigTuples, which
define the fields and their present values that make up the object.
* PUT /asterisk/{configClass}/{objectType}/{id}: create or update an
object. A body may be passed with the request that contains fields to
populate in the object. The same format as what is retrieved using
the GET operation is used for the body, save that we specify that the
list of fields to update are contained in the "fields" attribute.
* DELETE /asterisk/{configClass}/{objectType}/{id}: remove a dynamic
object from its backing storage.
Note that the success/failure of these operations is somewhat
configuration dependent, i.e., you must be using a sorcery wizard that
supports the operation in question. If a sorcery wizard does not support
the create or delete mechanisms, then the REST API call will fail with a
403 forbidden.
ASTERISK-25238 #close
Change-Id: I28cd5c7bf6f67f8e9e437ff097f8fd171d30ff5c
setup_park_common_datastore() was assuming that a non-NULL string returned
for the ATTENDEDTRANSFER and BLINDTRANSFER channel variables are not empty
strings. Things got crashy as a result.
* Made setup_park_common_datastore() treat the channel variable values the
same whether they are NULL or empty for ATTENDEDTRANSFER and
BLINDTRANSFER.
ASTERISK-25254 #close
Reported by: Richard Mudgett
Change-Id: I9a9c174b33f354f35f82cc6b7cea8303adbaf9c2
Changed the unload mode to AST_FORCE_SOFT from AST_FORCE_FIRM,
which would unload a module even if it was in use.
* Changed unload mode to proper mode
ASTERISK-25173
Change-Id: If2402487b5bce05d9770f25f65f5c8e292ad5533
Having a debug message tell us that we attempted to look up an item but
failed is nice in circumstances when it isn't clear if the wizard was
queried correctly or not.
Change-Id: I2600c3bbea87f252196358f62e73f4c7da8632f7
This patch fixes some bad default value handling in the following
settings:
* The 'message_context' and 'accountcode' settings are not mandatory. As
such, we can allow their stringfield values to be empty.
* The 'media_encryption' setting applies a default value of 'none' to
the setting, which it then can't parse or understand. Since the value
is documented to be 'no', this will now apply that as the default
value.
Change-Id: Ib9be7f97a7a5b9bc7aee868edf5acf38774cff83
The crash fix for ASTERISK-25183 backported some code from master to try
to make sure that a BYE response is processed by the same serializer used
by the BYE request. The identified race condition causing that backport
was the BYE request code had not finished processing after sending the BYE
before the BYE response came in for processing under a different thread.
Unfortunately, there is still a race condition. Now the race condition is
between destroying the call session's serializer in
ast_taskprocessor_unreference() and using ast_taskprocessor_get() to get a
reference to the serializer for a BYE response. Even worse, the new race
condition is a design limitation of the taskprocessor implementation that
didn't matter in versions before v12. Back then, taskprocessors were only
destroyed when a module unloaded. Now res_pjsip can destroy them when a
call ends.
However, as noted on the ASTERISK-25183 commit,
session_inv_on_state_changed() is disassociating the dialog from the
session when the invite dialog state becomes PJSIP_INV_STATE_DISCONNECTED.
This is a tad too soon because our BYE request transaction has not
completed yet.
* Split session_end() that is called by session_inv_on_state_changed() to
hold off session destruction until the BYE transaction timeout occurs or a
failed initial INVITE transaction timeout occurs in
session_inv_on_tsx_state_changed().
ASTERISK-25201 #close
Reported by: Matt Jordan
Change-Id: Iaf8dc8485fd8392a2a3ee4ad3b7f7f04a0dcc961
An http request can be sent to reload an Asterisk module. If the
module can not be reloaded or is not already loaded, an error
response will be returned.
The command "curl -v -u user:pass -X PUT 'http://localhost:8088
/ari/asterisk/modules/{moduleName}'" (or something similar, based
on configuration) can be run in the terminal to access this new
functionality.
For more information, see:
https://wiki.asterisk.org/wiki.display/~bford/Asterisk+ARI+Resource
* Added new ARI functionality
* Asterisk modules can be reloaded through http requests
ASTERISK-25173
Change-Id: I289188bcae182b2083bdbd9ebfffd50b62f58ae1
An http request can be sent to unload an Asterisk module. If the
module can not be unloaded or is already unloaded, an error response
will be returned.
The command "curl -v -u user:pass -X DELETE 'http://localhost:8088
/ari/asterisk/modules/{moduleName}'" (or something similar, depending
on configuration) can be run in the terminal to access this new
functionality.
For more information, see:
https://wiki.asterisk.org/wiki.display/~bford/Asterisk+ARI+Resource
* Added new ARI functionality
* Asterisk modules can be unloaded through http requests
ASTERISK-25173
Change-Id: I535a95f5676deb02651522761ecbdc0b00b5ac57
An http request can be sent to load an Asterisk module. If the
module can not be loaded or is loaded already, an error response
will be returned.
The command curl -v -u user:pass -X POST 'http://localhost:8088/ari
/asterisk/modules/{moduleName}'" (or something similar, depending on
configuration) can be run in the terminal to access this new
functionality.
For more information, see:
https://wiki.asterisk.org/wiki.display/~bford/Asterisk+ARI+Resource
* Added new ARI functionality
* Asterisk modules can be loaded through http requests
ASTERISK-25173
Change-Id: I9e05d5b8c5c666ecfef341504f9edc1aa84fda33
An http request can be sent to retrieve information on a single
module, including the resource name, description, use count, status,
and support level.
The command "curl -v -u user:pass -X GET 'http://localhost:8088/ari
/asterisk/modules/{moduleName}'" (or something similar, depending on
configuration) can be run in the terminal to access this new
functionality.
For more information, see:
https://wiki.asterisk.org/wiki.display/~bford/Asterisk+ARI+Resource
* Added new ARI functionality
* Information on a single module can now be retrieved
ASTERISK-25173
Change-Id: Ibce5a94e70ecdf4e90329cf0ba66c33a62d37463
Again, tests now need to not end with a newline. This patch makes it so
the tests can register again, unit tests will actually pass, and we can
stop wasting time trying to figure out why builds are failing when they
really aren't failing.
Change-Id: Ide519fbeba89f413c733446c5ff7b224fc4ce840
