This can be reproduced under certain curcomstences.
For example: call app.playback from lua with invalid data: app.playback({}).
pbx_lua.c will try to get data for this playback using lua_tostring function.
This function returs NULL for everything but strings and numbers.
Then, it calls term_color with NULL data.
term_color function can call(if we don't use vt100 compat term)
ast_copy_string with NULL inbuf which cause segfault. bt example:
ast_copy_string (size=8192, src=0x0, dst=0x7fe44b4be8b0)
at /usr/src/asterisk/asterisk-20.11.0/include/asterisk/strings.h:412
Resolves: https://github.com/asterisk/asterisk/issues/1363
(cherry picked from commit 9bfd4c2994)
If the BRIDGE_NOANSWER variable is set on a channel, it is not supposed
to answer when another channel bridges to it using Bridge(), and this is
checked when ast_bridge_call* is called. However, another path exists
(bridge_exec -> ast_bridge_add_channel) where this variable was not
checked and channels would be answered. We now check the variable there.
Resolves: #401Resolves: #1364
(cherry picked from commit 6bc336b0ca)
There was no check in __rtp_sendto that prevented Asterisk from sending
RTP before DTLS had finished negotiating. This patch adds logic to do
so.
Fixes: #1260
(cherry picked from commit b5146839e6)
It's reproducible with pbx_lua, not regular dialplan.
deadlock description:
1. asterisk locks a channel
2. calls function onedigit_goto
3. calls ast_goto_if_exists funciton
4. checks ast_exists_extension -> pbx_extension_helper
5. pbx_extension_helper calls pbx_find_extension
6. Then asterisk starts autoservice in a new thread
7. autoservice run tries to lock the channel again
Because our channel is locked already, autoservice can't lock.
Autoservice can't lock -> autoservice stop is waiting forever.
onedigit_goto waits for autoservice stop.
Resolves: https://github.com/asterisk/asterisk/issues/1335
(cherry picked from commit 15f93f8cfa)
Based on the firing order of the PJSIP call-backs on a redirect, it was possible for
the Diversion header to not be included in the outgoing 181 response to the UAC and
the INVITE to the UAS.
This change moves the Diversion header processing to an earlier PJSIP callback while also
preventing the corresponding update that can cause a duplicate 181 response when processing
the header at that time.
Resolves: #1349
(cherry picked from commit 9fa3bb031e)
With `sounds_search_custom_dir = yes`, we are supposed to search for sounds
in the `AST_DATA_DIR/sounds/custom` directory before searching the normal
directories. Unfortunately, a recent change
(https://github.com/asterisk/asterisk/pull/1172) had a typo resulting in
the "custom" directory not being searched. This change restores this
expected behavior.
Resolves: #1353
(cherry picked from commit 80fd650881)
Fixes: #1280
UserNote: Enabling the tracking of the
STREAM_BEGIN and the STREAM_END event
types in cel.conf will log media files and
music on hold played to each channel.
The STREAM_BEGIN event's extra field will
contain a JSON with the file details (path,
format and language), or the class name, in
case of music on hold is played. The DTMF
event's extra field will contain a JSON with
the digit and the duration in milliseconds.
(cherry picked from commit 0391c3f36e)
The fact that deleting an object from a map invalidates any iterator
that happens to currently point to that object was overlooked in the initial
implementation. Unfortunately, there's no way to detect that an iterator
has been invalidated so the result was an occasional SEGV triggered by modules
like app_chanspy that opens an iterator and can keep it open for a long period
of time. The new implementation doesn't keep the underlying C++ iterator
open across calls to ast_channel_iterator_next() and uses a read lock
on the map to ensure that, even for the few microseconds we use the
iterator, another thread can't delete a channel from under it. Even with
this change, the iterators are still WAY faster than the ao2_legacy
storage driver.
Full details about the new implementation are located in the comments for
iterator_next() in channelstorage_cpp_map_name_id.cc.
Resolves: #1309
(cherry picked from commit e50d0cf741)
UserNote: Options are now available in the menuselect "Resource Modules"
category that allow you to enable the AES_192, AES_256 and AES_GCM
cipher suites in res_srtp. Of course, libsrtp and OpenSSL must support
them but modern versions do. Previously, the only way to enable them was
to set the CFLAGS environment variable when running ./configure.
The default setting is to disable them preserving existing behavior.
(cherry picked from commit 706a7e45f0)
In the original implementation, both CANCEL and NO ANSWER states were
consolidated under the NO ANSWER disposition. This patch introduces a
separate CANCEL disposition, with an optional configuration switch to
enable this new disposition.
Resolves: #1323
UserNote: A new CDR option "canceldispositionenabled" has been added
that when set to true, the NO ANSWER disposition will be split into
two dispositions: CANCEL and NO ANSWER. The default value is 'no'
(cherry picked from commit 5549815df5)
Currently the CURL function only supports Basic Authentication,
the default auth method in libcurl. Add an option that also
allows enabling digest authentication.
Resolves: #1332
UserNote: The httpauth field in CURLOPT now allows the authentication
methods to be set.
(cherry picked from commit 3707712bb7)
DeveloperNote: The 32-bit ast_options has no room left to accomodate new
options and so has been converted to an ast_flags64 structure. All internal
references to ast_options have been updated to use the 64-bit flag
manipulation macros. External module references to the 32-bit ast_options
should continue to work on little-endian systems because the
least-significant bytes of a 64 bit integer will be in the same location as a
32-bit integer. Because that's not the case on big-endian systems, we've
swapped the bytes in the flags manupulation macros on big-endian systems
so external modules should still work however you are encouraged to test.
(cherry picked from commit 724e28e418)
This patch fixes an issue in the ODBC Realtime engine where Asterisk incorrectly
falls back to the next configured backend when the current one returns
SQL_NO_DATA (i.e., no record found).
This is a logical error and performance risk in multi-backend configurations.
Solution:
Introduced CONFIG_RT_NOT_FOUND ((void *)-1) as a special return marker.
ODBC Realtime backend now return CONFIG_RT_NOT_FOUND when no data is found.
Core engine stops iterating on this marker, avoiding unnecessary fallback.
Notes:
Other Realtime backends (PostgreSQL, LDAP, etc.) can be updated similarly.
This patch only covers ODBC.
Fixes: #1305
(cherry picked from commit df7fa2d1fd)
`ast_ari_channels_create` and `ast_ari_channels_dial` called the
`ast_channel_get_by_name` function with optional arguments. Since
8f1982c4d6, this function logs an error for empty channel names.
This commit adds checks for empty optional arguments that are used
to call `ast_channel_get_by_name` to prevent these error logs.
(cherry picked from commit 3f6e602392)
The already-deprecated "password" option for the AGENT function was
removed in commit d43b17a872 for
Asterisk 12, but the documentation for it wasn't removed then.
Resolves: #1321
(cherry picked from commit bd063c7732)
Under certain circumstances the context/extens/prio are set in the ast_async_goto, for example action Redirect.
In the situation that action Redirect is broken by pbx_extension_helper this info is changed.
This will cause the current dialplan location to be executed twice.
In other words, the Redirect action does not take effect.
Resolves: #1315
(cherry picked from commit 7c8e58b63e)
Currently, the ast_tls_cert script is hardcoded to produce certificates
with a validity of 365 days, which is not generally desirable for self-
signed certificates. Make this parameter configurable.
Resolves: #1307
(cherry picked from commit 9347ab76a7)
The CDR tenantid was being set in cdr_object_alloc from the channel->base
snapshot. Since this happens at channel creation before the dialplan is even
reached, calls to `CHANNEL(tenantid)=<something>` in the dialplan were being
ignored. Instead we now take tenantid from party_a when
cdr_object_create_public_records() is called which is after the call has
ended and all channel snapshots rebuilt. This is exactly how accountcode
and amaflags, which can also be set in tha dialplpan, are handled.
Resolves: #1259
(cherry picked from commit 84edf7d44b)
The max number of inputs supported by GitHub is 10 so
is_security and is_hotfix were factored into a single choice
entry.
(cherry picked from commit 956cab175f)
When using the "D" option to output interleaved audio, the file extension
must be ".raw". That info wasn't being properly rendered in the markdown
and HTML on the documentation site. The XML was updated to move the
note in the option section to a warning in the description.
Resolves: #1269
(cherry picked from commit 55fb2f4de4)
Previously, we were only using # (ST) as a terminator, and not handling
A (STP), B (ST2P), or C (ST3P), which erroneously led to it being
treated as part of the dialed number. Parse any of these as the start
digit.
Resolves: #1301
(cherry picked from commit 893fd81879)
In the WebSocket channel driver, the FLUSH_MEDIA command clears all frames from
the queue but does not reset the frame_queue_length counter.
As a result, the driver incorrectly thinks the queue is full after flushing,
which prevents new multimedia frames from being sent, especially after multiple
flush commands.
This fix sets frame_queue_length to 0 after flushing, ensuring the queue state
is consistent with its actual content.
Fixes: #1304
(cherry picked from commit b73a7c872b)
When the RTP media source changes, such as after a blind transfer, the new source introduces a discontinuous timestamp. According to RFC 3550, Section 5.1, an RTP stream's timestamp for a given SSRC must increment monotonically and linearly.
To comply with the standard and avoid a large timestamp jump on the existing SSRC, a new SSRC is generated for the new media stream.
This change resolves known interoperability issues with certain SBCs (like Sonus/Ribbon) that stop forwarding media when they detect such a timestamp violation. This code uses the existing implementation from chan_sip.
Resolves: #927
(cherry picked from commit 9bef59f44d)
* Created chan_websocket which can exchange media over both inbound and
outbound websockets which the driver will frame and time.
See http://s.asterisk.net/mow for more information.
* res_http_websocket: Made defines for max message size public and converted
a few nuisance verbose messages to debugs.
* main/channel.c: Changed an obsolete nuisance error to a debug.
* ARI channels: Updated externalMedia to include chan_websocket as a supported
transport.
UserNote: A new channel driver "chan_websocket" is now available. It can
exchange media over both inbound and outbound websockets and will both frame
and re-time the media it receives.
See http://s.asterisk.net/mow for more information.
UserNote: The ARI channels/externalMedia API now includes support for the
WebSocket transport provided by chan_websocket.
(cherry picked from commit aa14410651)
Quote from an audio engineer NR9V:
There is a minor issue of a small amount of crossover distortion though as a result of `ast_slinear_saturated_multiply_float()` not rounding the float. This could result in some quiet but potentially audible distortion artifacts in lower volume parts of the signal. If you have for example a sign wave function with a max amplitude of just a few samples, all samples between -1 and 1 will be truncated to zero, resulting in the waveform no longer being a sine wave and in harmonic distortion.
Resolves: #1176
(cherry picked from commit e63d87a064)
Under certain circumstances the context/extens/prio are set in the ast_async_goto, for example action Redirect.
In the situation that action Redirect is broken by GotoIf this info is changed.
that will causes confusion in dialplan execution.
Resolves: #1273
(cherry picked from commit 678f721e4d)
This relates to #829
This doesn't sully solve the Ops issue, but it solves the specific crash
there. Further PRs to follow.
In the specific crash the generator was still under construction when
moh was being stopped, which then proceeded to close the stream whilst
it was still in use.
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
(cherry picked from commit 23d2d37b66)
In the highly-unlikely event that get_authorization_hdr() couldn't find an
Authorization header in a request, trying to get the digest algorithm
would cauase a SEGV. We now check that we have an auth header that matches
the realm before trying to get the algorithm from it.
Resolves: #GHSA-64qc-9x89-rx5j
UpgradeNote: The safe_asterisk script now checks that, if it was run by the
root user, the /etc/asterisk/startup.d directory and all the files it contains
are owned by root. If the checks fail, safe_asterisk will exit with an error
and Asterisk will not be started. Additionally, the default logging
destination is now stderr instead of tty "9" which probably won't exist
in modern systems.
Resolves: #GHSA-v9q8-9j8m-5xwp
DEBUG_FD_LEAKS replaces calls to "open" and "close" with functions that keep
track of file descriptors, even when those calls are actually callbacks
defined in structures like ast_channelstorage_instance->open and don't touch
file descriptors. This causes compilation failures. Those callbacks
have been renamed to "open_instance" and "close_instance" respectively.
Resolves: #1287
When the callback() API was invoked but no channel passed the test, callback
would return the last channel tested instead of NULL. It now correctly
returns NULL when no channel matches.
Resolves: #1288
This patch adjusts the read/write synchronization logic in audiohook_read_frame_both()
to better handle calls where participants use different codecs or sample sizes
(e.g., alaw vs G.722). The previous hard threshold of 2 * samples caused MixMonitor
recordings to break or stutter when frames were not aligned between both directions.
The new logic uses a more tolerant limit (1.5 * samples), which prevents audio tearing
without causing excessive buffer overruns. This fix specifically addresses issues
with MixMonitor when recording directly on a channel in a bridge using mixed codecs.
Reported-by: Michal Hajek <michal.hajek@daktela.com>
Resolves: #1276Resolves: #1279
The verification process will now load a full certificate chain retrieved
via the X5U URL instead of loading only the end user cert.
* Renamed crypto_load_cert_from_file() and crypto_load_cert_from_memory()
to crypto_load_cert_chain_from_file() and crypto_load_cert_chain_from_memory()
respectively.
* The two load functions now continue to load certs from the file or memory
PEMs and store them in a separate stack of untrusted certs specific to the
current verification context.
* crypto_is_cert_trusted() now uses the stack of untrusted certs that were
extracted from the PEM in addition to any untrusted certs that were passed
in from the configuration (and any CA certs passed in from the config of
course).
Resolves: #1272
UserNote: The STIR/SHAKEN verification process will now load a full
certificate chain retrieved via the X5U URL instead of loading only
the end user cert.
(cherry picked from commit ec2591c60b)
UserNote: A new STIR/SHAKEN verification option "ignore_sip_date_header" has
been added that when set to true, will cause the verification process to
not consider a missing or invalid SIP "Date" header to be a failure. This
will make the IAT the sole "truth" for Date in the verification process.
The option can be set in the "verification" and "profile" sections of
stir_shaken.conf.
Also fixed a bug in the port match logic.
Resolves: #1251Resolves: #1271
(cherry picked from commit 6e9c33caad)
Add a function that can be used to retrieve info
about a previous recording, such as its duration.
This is being added as a function to avoid possibly
trampling on dialplan variables, and could be extended
to provide other information in the future.
Resolves: #548
UserNote: The RECORDING_INFO function can now be used
to retrieve the duration of a recording.
(cherry picked from commit 47250b716c)
