The search for a running asterisk when --running is used
has been greatly simplified and in the event it doesn't
work, you can now specify a pid to use on the command
line with --pid.
The search for asterisk modules when --tarball-coredumps
is used has been enhanced to have a better chance of finding
them and in the event it doesn't work, you can now specify
--libdir on the command line to indicate the library directory
where they were installed.
The DATEFORMAT variable was renamed to DATEOPTS and is now
passed to the 'date' utility rather than running DATEFORMAT
as a command.
The coredump and output files are now renamed with DATEOPTS.
This can be disabled by specifying --no-rename.
Several confusing and conflicting options were removed:
--append-coredumps
--conffile
--no-default-search
--tarball-uniqueid
The script was re-structured to make it easier for follow.
Change-Id: I674be64bdde3ef310b6a551d4911c3b600ffee59
In res_pjsip_sdp_rtp, the bind_rtp_to_media_address option and the
fallback use of the transport's bind address solve problems sending
media on systems that cannot send ipv4 packets on ipv6 sockets, and
certain other situations. This change extends both of these behaviors
to UDPTL sessions as well in res_pjsip_t38, to fix fax-specific
problems on these systems, introducing a new option
endpoint/t38_bind_udptl_to_media_address.
ASTERISK-29402
Change-Id: I87220c0e9cdd2fe9d156846cb906debe08c63557
The behavior of max_contacts and remove_existing are connected. If
remove_existing is enabled, the soonest expiring contacts are removed.
This may occur when there is an unavailable contact. Similarly,
when remove_existing is not enabled, registrations from good
endpoints are rejected in favor of retaining unavailable contacts.
This commit adds a new AOR option remove_unavailable, and the effect
of this setting will depend on remove_existing. If remove_existing
is set to no, we will still remove unavailable contacts when they
exceed max_contacts, if there are any. If remove_existing is set to
yes, we will prioritize the removal of unavailable contacts before
those that are expiring soonest.
ASTERISK-29525
Change-Id: Ia2711b08f2b4d1177411b1be23e970d7fdff5784
Adds the ability for users to log to custom log levels
by providing custom log level names in logger.conf. Also
adds a logger show levels CLI command.
ASTERISK-29529
Change-Id: If082703cf81a436ae5a565c75225fa8c0554b702
This allows the STUN server to change its IP address without having to
reload the res_rtp_asterisk module.
The refresh of the name resolution occurs first when the module is
loaded, then recurringly, slightly after the previous DNS answer TTL
expires.
ASTERISK-29508 #close
Change-Id: I7955a046293f913ba121bbd82153b04439e3465f
This changeset is intended to address compatibility issues encountered
when interfacing Asterisk to electromechanical telephone switches that
implement ANI-B, ANI-C, or ANI-D.
In particular the behaviours that this impacts include:
- FGC-CAMA did not work at all when using MF signaling. Modified the
switch case block to send calls to the correct part of the
signaling-handling state machine.
- For FGC-CAMA operation, the delay between called number ST and
second wink for ANI spill has been made configurable; previously
all calls were made to wait for one full second.
- After the ANI spill, previous behavior was to require a 'ST' tone
to advance the call. This has been changed to allow 'STP' 'ST2P'
or 'ST3P' as well, for compatibility with ANI-D.
- Store ANI2 (ANI INFO) digits in the CALLERID(ANI2) channel variable.
- For calls with an ANI failure, No. 1 Crossbar switches will send
forward a single-digit failure code, with no calling number digits
and no ST pulse to terminate the spill. I've made the ANI timeout
configurable so to reduce dead air time on calls with ANI fail.
- ANI info digits configurable. Modern digital switches will send 2
digits, but ANI-B sends only a single info digit. This caused the
ANI reported by Asterisk to be misaligned.
- Changed a confusing log message to be more informative.
ASTERISK-29518
Change-Id: Ib7e27d987aee4ed9bc3663c57ef413e21b404256
Allow mapping pjproject log messages to the Asterisk TRACE
log level. The defaults were also changes to log pjproject
levels 3,4 to DEBUG and 5,6 to TRACE. Previously 3,4,5,6
all went to DEBUG.
ASTERISK-29582
Change-Id: I859a37a8dec263ed68099709cfbd3e665324c72d
Meter types are not well supported,
lacking support in telegraf, datadog and the official statsd servers.
We deprecate meters and provide a compliant fallback for any existing usages.
A flag has been introduced to allow meters to fallback to counters.
ASTERISK-29513
Change-Id: I5fcb385983a1b88f03696ff30a26b55c546a1dd7
A new user option, answer_channel, adds the capability to
prevent answering the channel if it hasn't already been
answered yet.
ASTERISK-29440
Change-Id: I26642729d0345f178c7b8045506605c8402de54b
By default Asterisk reports the PJSIP version in a SOFTWARE attribute
of every STUN packet it sends. This may not be desired in a production
environment, and RFC5389 recommends making the use of the SOFTWARE
attribute a configurable option:
https://datatracker.ietf.org/doc/html/rfc5389#section-16.1.2
This patch adds a `stun_software_attribute` yes/no option to make it
possible to omit the SOFTWARE attribute from STUN packets.
ASTERISK-29434
Change-Id: Id3f2b1dd9584536ebb3a1d7e8395fd8b3e46860b
RFC7616 and RFC8760 allow more than one WWW-Authenticate or
Proxy-Authenticate header per realm, each with different digest
algorithms (including new ones like SHA-256 and SHA-512-256).
Thankfully however a UAS can NOT send back multiple Authenticate
headers for the same realm with the same digest algorithm. The
UAS is also supposed to send the headers in order of preference
with the first one being the most preferred. We're supposed to
send an Authorization header for the first one we encounter for a
realm that we can support.
The UAS can also send multiple realms, especially when it's a
proxy that has forked the request in which case the proxy will
aggregate all of the Authenticate headers and then send them all
back to the UAC.
It doesn't stop there though... Each realm can require a
different username from the others. There's also nothing
preventing each digest algorithm from having a unique password
although I'm not sure if that adds any benefit.
So now... For each Authenticate header we encounter, we have to
determine if we support the digest algorithm and, if not, just
skip the header. We then have to find an auth object that
matches the realm AND the digest algorithm or find a wildcard
object that matches the digest algorithm. If we find one, we add
it to the results vector and read the next Authenticate header.
If the next header is for the same realm AND we already added an
auth object for that realm, we skip the header. Otherwise we
repeat the process for the next header.
In the end, we'll have accumulated a list of credentials we can
pass to pjproject that it can use to add Authentication headers
to a request.
NOTE: Neither we nor pjproject can currently handle digest
algorithms other than MD5. We don't even have a place for it in
the ast_sip_auth object. For this reason, we just skip processing
any Authenticate header that's not MD5. When we support the
others, we'll move the check into the loop that searches the
objects.
Changes:
* Added a new API ast_sip_retrieve_auths_vector() that takes in
a vector of auth ids (usually supplied on a call to
ast_sip_create_request_with_auth()) and populates another
vector with the actual objects.
* Refactored res_pjsip_outbound_authenticator_digest to handle
multiple Authenticate headers and set the stage for handling
additional digest algorithms.
* Added a pjproject patch that allows them to ignore digest
algorithms they don't support. This patch has already been
merged upstream.
* Updated documentation for auth objects in the XML and
in pjsip.conf.sample.
* Although res_pjsip_authenticator_digest isn't affected
by this change, some debugging and a testsuite AMI event
was added to facilitate testing.
Discovered during OpenSIPit 2021.
ASTERISK-29397
Change-Id: I3aef5ce4fe1d27e48d61268520f284d15d650281
Although Asterisk can receive and propogate flash events, it currently
provides no mechanism for doing anything with them itself.
This AMI event allows flash events to be processed by Asterisk.
Additionally, AST_CONTROL_FLASH is included in a switch statement
in channel.c to avoid throwing a warning when we shouldn't.
ASTERISK-29380
Change-Id: Ie17ffe65086e0282c88542e38eed6a461ec79e81
STIR/SHAKEN encodes using base64 URL format. Currently, we just use
base64. New functions have been added that convert to and from base64
encoding.
The origid field should also be an UUID. This means there's no reason to
have it as an option in stir_shaken.conf, as we can simply generate one
when creating the Identity header.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Icf094a2a54e87db91d6b12244c9f5ba4fc2e0b8c
During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.
We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.
The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
Added support for a basic AEAP configuration read from aeap.conf.
Also added 2 CLI commands for showing individual configurations as
well as all of them: aeap show server <id> and aeap show servers.
Only one configuration option is required at the moment, and that one is
server_url. It must be a websocket URL. The other option, codecs, is
optional and will be used over the codecs specified on the endpoint if
provided.
https://wiki.asterisk.org/wiki/pages/viewpage.action?pageId=45482453
Change-Id: I567ac5148c92b98d29d2ad83421b416b75ffdaa3
Added .log extension to the sample logs in logger.conf.sample so that
they will be able to be opened in the browser when attached to JIRA
tickets. Because of this, asterisk.logrotate has also been updated to
look for .log extensions instead of no extension for log files such as
full and messages.
Change-Id: I5de743c03f08047d6c6cc80cac5019ae0c4c200f
Also removed the sample documentation, and some oddly-placed
documentation about the timeout argument to the Queue() application
itself. There is a large section on the timeout behavior below.
ASTERISK-26614 #close
Change-Id: I8f84e8304b50305b7c4cba2d9787a5d77c3a6217
minargs enables enforcing of minimum count of arguments to pass to
func_odbc, so if you're unconditionally using ARG1 through ARG4 then
this should be set to 4. func_odbc will generate an error in this case,
so for example
[FOO]
minargs = 4
and ODBC_FOO(a,b,c) in dialplan will now error out instead of using a
potentially leaked ARG4 from Gosub().
ARGC is needed if you're using optional argument, to verify whether or
not an argument has been passed, else it's possible to use a leaked ARGn
from Gosub (app_stack). So now you can safely do
${IF($[${ARGC}>3]?${ARGV}:default value)} kind of thing.
Change-Id: I6ca0b137d90b03f6aa9c496991f6cbf1518f6c24
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
If there's no secret specified for an iax2 peer and there's no secret
specified in the dial string, Asterisk will crash if the auth method
requested by the peer is MD5 or plaintext. You also couldn't specify
a default auth method in the [general] section of iax.conf so if you
don't have static peers defined and just use the dial string, Asterisk
will still crash even if you have a secret specified in the dial string.
* Added logic to iax2_call() and authenticate_reply() to print
a warning and hanhup the call if encryption is requested and
there's no secret or auth method. This prevents the crash.
* Added the ability to specify a default "auth" in the [general]
section of iax.conf.
ASTERISK-29624
Reported by: N A
Change-Id: I5928e16137581f7d383fcc7fa04ad96c919e6254
As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.
I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).
This commit just makes the cache directory configurable, and changes
the default location from /tmp to /var/cache/asterisk.
ASTERISK-29143
Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d
Currently any response from res_curl where we get an answer from the
web server, regardless of what the response is (404, 403 etc.) Asterisk
currently treats it as a success. This patch allows you to set which
codes should be considered as a failure by Asterisk. If say we set
failurecodes=404,403 then when using curl in realtime if a server gives
a 404 error Asterisk will try to failover to the next option set in
extconfig.conf
ASTERISK-28825
Reported by: Dovid Bender
Code by: Gobinda Paul
Change-Id: I94443e508343e0a3e535e51ea6e0562767639987
This changes the outgoing offer call preference
default option to match the behavior of previous
versions of Asterisk.
The additional advanced codec negotiation options
have also been removed from the sample configuration
and marked as reserved for future functionality in
XML documentation.
The codec preference options have also been fixed to
enforce local codec configuration.
ASTERISK-29109
Change-Id: Iad19347bd5f3d89900c15ecddfebf5e20950a1c2
app_confbridge now has the ability to set the estimated bitrate on an
SFU bridge. To use it, set a bridge profile's remb_behavior to "force"
and set remb_estimated_bitrate to a rate in bits per second. The
remb_estimated_bitrate parameter is ignored if remb_behavior is something
other than "force".
Change-Id: Idce6464ff014a37ea3b82944452e56cc4d75ab0a
Since ASTERISK_27978 the default is not off but 90 seconds. That change
happened because ASTERISK_27347 disabled the keep-alives in the bundled
PJProject and Asterisk should behave the same as before.
Change-Id: Ie63dc558ade6a5a2b969c30a4bd492d63730dc46
Added a new log formatter called "plain" that always prints
file, function and line number if available (even for verbose
messages) and never prints color control characters. It also
doesn't apply any special formatting for verbose messages.
Most suitable for file output but can be used for other channels
as well.
You use it in logger.conf like so:
debug => [plain]debug
console => [plain]error,warning,debug,notice,pjsip_history
messages => [plain]warning,error,verbose
Change-Id: I4fdfe4089f66ce2f9cb29f3005522090dbb5243d
This change renames the codec preference endpoint options.
incoming_offer_codec_prefs becomes codec_prefs_incoming_offer
to keep the options together when showing an endpoint.
Change-Id: I6202965b4723777f22a83afcbbafcdafb1d11c8d
Added a new configuration option for PJSIP endpoints - stir_shaken. If
set to yes, then STIR/SHAKEN support will be added to inbound and
outbound INVITEs. The default is no. Alembic has been updated to include
this option.
Previously the dialplan function was not trimming the whitespace from
the parameters it recieved. Now it does.
Also added a conditional that, when TEST_FRAMEWORK is enabled, the
timestamp in the identity header will be overlooked. This is just for
testing, since the testsuite will rely on a SIPp scenario with a preset
identity header to trigger the MISMATCH result.
Change-Id: I43d67f1489b8c1c5729ed3ca8d71e35ddf438df1
If your queues.conf had _no_ [general] section, they would default to
'yes'. Now, they always default to 'no'.
(Actually, commit ed615afb7e already
partially fixed it for shared_lastcall.)
ASTERISK-28951
Change-Id: Ic39d8a0202906bc454194368bbfbae62990fe5f6
This commit adds the endpoint options required to control
Advanced Codec Negotiation.
incoming_offer_codec_prefs
outgoing_offer_codec_prefs
incoming_answer_codec_prefs
outgoing_answer_codec_prefs
The documentation may need tweaking and some additional edits
added, especially for the "answer" prefs. That'll be handled
when things finalize.
This commit is safe to merge as it doens't alter any existing
functionality nor does it alter the previous codec negotiation
work which may now be obsolete.
Change-Id: I920ba925d7dd36430dfd2ebd9d82d23f123d0e11
Currently when the pjsip making an outgoing request, it keep adding the
rport parameter in a request message as a default.
This causes unexpected rport handle at the other end.
Added option for disable this behaviour in the pjsip.conf.
This is a system option, but working as a gloabl option.
ASTERISK-28959
Change-Id: I9596675e52a742774738b5aad5d1fec32f477abc
Integrated STIR/SHAKEN support with outgoing INVITEs. When an INVITE is
sent, the caller ID will be checked to see if there is a certificate
that corresponds to it. If so, that information will be retrieved and an
Identity header will be added to the SIP message. The format is:
header.payload.signature;info=<public_key_url>alg=ES256;ppt=shaken
Header, payload, and signature are all BASE64 encoded. The public key
URL is retrieved from the certificate. Currently the algorithm and ppt
are ES256 and shaken, respectively. This message is signed and can be
used for verification on the receiving end.
Two new configuration options have been added to the certificate object:
attestation and origid. The attestation is required and must be A, B, or
C. origid is the origination identifier.
A new utility function has been added as well that takes a string,
allocates space, BASE64 encodes it, then returns it, eliminating the
need to calculate the size yourself.
Change-Id: I1f84d6a5839cb2ed152ef4255b380cfc2de662b4