Commit Graph

3405 Commits

Author SHA1 Message Date
zuul
7e2dbcd771 Merge "pjsip_distributor.c: Consistently pick a serializer for messages." into 13 2016-06-09 18:48:04 -05:00
Joshua Colp
9d8a174092 Merge "res_hep_{pjsip|rtcp}: Decline module loads if res_hep had not loaded" into 13 2016-06-08 19:03:05 -05:00
Joshua Colp
f834852137 Merge "Fix #include poll.h and sys/cdefs.h" into 13 2016-06-08 16:18:34 -05:00
Matt Jordan
eabb398d71 res_hep_{pjsip|rtcp}: Decline module loads if res_hep had not loaded
A crash can occur in res_hep_pjsip or res_hep_rtcp if res_hep has not
loaded and does not have a configuration file. Previously when this
occurred, checks were put in to see if the configuration was loaded
successfully. While this is a good idea - and has been added to the
offending function in res_hep - the reality is res_hep_pjsip and
res_hep_rtcp have no business running if res_hep isn't also running.

As such, this patch also adds a function to res_hep that returns whether
or not it successfully loaded. Oddly enough, ast_module_check returns
"everything is peachy" even if a module declined its load - so it cannot
be solely relied on. res_hep_pjsip and res_hep_rtcp now also check this
function to see if they should continue to load; if it fails, they
decline their load as well.

ASTERISK-26096 #close

Change-Id: I007e535fcc2e51c2ca48534f48c5fc2ac38935ea
2016-06-08 12:26:29 -05:00
Timo Teräs
9c5a0b814b Fix #include poll.h and sys/cdefs.h
POSIX defines poll.h, sys/poll.h should not be used at is c-library
internal header which may or may not exist. Notable in musl it
generates warning of being incorrect. And add explict include of
sys/cdefs.h where needed.

Change-Id: I142930df53fe7585a06b854b6faddc5301e024be
2016-06-07 19:01:26 -05:00
Richard Mudgett
557333ea4c stasis: Add setting subscription congestion levels.
Stasis subscriptions and message routers create taskprocessors to process
the event messages.  API calls are needed to be able to set the congestion
levels of these taskprocessors for selected subscriptions and message
routers.

* Updated CDR, CEL, and manager's stasis subscription congestion levels
based upon stress testing.  Increased the congestion levels to reduce the
potential for bursty call setup/teardown activity from triggering the
taskprocessor overload alert.  CDRs in particular need an extra high
congestion level because they can take awhile to process the stasis
messages.

ASTERISK-26088
Reported by:  Richard Mudgett

Change-Id: Id0a716394b4eee746dd158acc63d703902450244
2016-06-07 18:57:36 -05:00
Richard Mudgett
110d772467 sorcery: Add setting object type congestion levels.
Sorcery creates taskprocessors for object types to process object observer
callbacks.  An API call is needed to be able to set the congestion levels
of these taskprocessors for selected object types.

* Updated PJSIP's contact and contact_status sorcery object type observer
default congestion levels based upon stress testing.  Increased the
congestion levels to reduce the potential for bursty register/unregister
and subscribe/unsubscribe activity from triggering the taskprocessor
overload alert.

ASTERISK-26088
Reported by:  Richard Mudgett

Change-Id: I4542e83b556f0714009bfeff89505c801f1218c6
2016-06-07 18:57:36 -05:00
Richard Mudgett
610eee2a36 taskprocessors: Implement high/low water mark alerts.
When taskprocessors get backed up, there is a good chance that we are
being overloaded and need to defer adding new work to the system.

* Implemented a high/low water alert mechanism for modules to check if the
system is being overloaded and take appropriate action.  When a
taskprocessor is created it has default congestion levels set.  A
taskprocessor can later have those congestion levels altered for specific
needs if stress testing shows that the taskprocessor is a symptom of
overloading or needs to handle bursty activity without triggering an
overload alert.

* Add CLI "core show taskprocessor" low/high water columns.

* Fixed __allocate_taskprocessor() to not use RAII_VAR().  RAII_VAR() was
never a good thing to use when creating a taskprocessor because of the
nature of how its references needed to be cleaned up on a partial
creation.

* Made res_pjsip's distributor check if the taskprocessor overload alert
is active before placing a message representing brand new work onto a
distributor serializer.

ASTERISK-26088
Reported by:  Richard Mudgett

Change-Id: I182f1be603529cd665958661c4c05ff9901825fa
2016-06-07 18:57:36 -05:00
Richard Mudgett
26e3492246 res_pjsip_session: Use distributor serializer for incoming calls.
We must continue using the serializer that the original INVITE came in on
for the dialog.  There may be retransmissions already enqueued in the
original serializer that can result in reentrancy and message sequencing
problems.

Outgoing call legs create the pjsip/outsess/<endpoint> serializers for
their dialogs.

ASTERISK-26088
Reported by:  Richard Mudgett

Change-Id: I24d7948749c582b8045d5389ba3f6588508adbbc
2016-06-07 13:16:19 -05:00
Richard Mudgett
16b08444da pjsip_distributor.c: Consistently pick a serializer for messages.
Incoming messages that are not part of a dialog or a recognized response
to one of our requests need to be sent to a consistent serializer.  Under
load we may be queueing retransmissions before we can process the original
message.  We don't need to throw these messages onto random serializers
and cause reentrancy and message sequencing problems.

* Created a pool of pjsip/distributor serializers that get picked by
hashing the call-id and remote tag strings of the received messages.

* Made ast_sip_destroy_distributor() destroy items in the reverse order of
creation.

ASTERISK-26088
Reported by:  Richard Mudgett

Change-Id: I2ce769389fc060d9f379977f559026fbcb632407
2016-06-07 13:16:19 -05:00
George Joseph
c27c232057 ari/resource_channels: Add 'formats' to channel create/originate
If you create a local channel and don't specify an originator channel
to take capabilities from, we automatically add all audio formats to
the new channel's capabilities. When we try to make the channel
compatible with another, the "best format" functions pick the best
format available, which in this case will be slin192.  While this is
great for preserving quality, it's the worst for performance and
overkill for the vast majority of applications.

In the absense of any other information, adding all formats is the
correct thing to do and it's not always possible to supply an
originator so a new parameter 'formats' has been added to the channel
create/originate functions. It's just a comma separated list of formats
to make availalble for the channel. Example: "ulaw,slin,slin16".
'formats' and 'originator' are mutually exclusive.

To facilitate determination of format names, the format name has been
added to "core show codecs".

ASTERISK-26070 #close

Change-Id: I091b23ecd41c1b4128d85028209772ee139f604b
2016-06-03 17:31:39 -05:00
Joshua Colp
e3c9ad6382 Merge "res_pjsip: add "via_addr", "via_port", "call_id" to contact" into 13 2016-05-31 07:41:43 -05:00
Alexei Gradinari
230686f4ec res_pjsip: add "via_addr", "via_port", "call_id" to contact
As res_pjsip_nat rewrites contact's address, only the last Via header
can contain the source address of registered endpoint.
Also Call-Id header may contain the source address of registered
endpoint.

Added "via_addr", "via_port", "call_id" to contact.
Added new fields ViaAddress, CallID to AMI event ContactStatus.

ASTERISK-26011

Change-Id: I36bcc0bf422b3e0623680152d80486aeafe4c576
2016-05-25 10:56:14 -04:00
zuul
373e68539b Merge "func_curl: Don't trim response text on non-ASCII characters" into 13 2016-05-23 09:27:29 -05:00
Ivan Poddubny
9ddaab789e func_curl: Don't trim response text on non-ASCII characters
The characters 0x80-0xFF were trimmed as well as 0x00-0x20 because of
a signed comparison.

ASTERISK-25669 #close
Reported by: Jesper
patches:
  strings.curl.trim.patch submitted by Jesper (License 5518)

Change-Id: Ia51e169f24e3252a7ebbaab3728630138ec6f60a
2016-05-21 08:53:43 -05:00
Richard Mudgett
9453d1187a parking.h: Update ast_parking_park_call() doxygen to reality.
ASTERISK-26029

Change-Id: I2db14d102a48d3224010e6d1c69e856373cc1260
2016-05-20 17:55:40 -05:00
Joshua Colp
4e4a991d90 Merge "res_pjsip: Endpoint IP Access Controls" into 13 2016-05-19 11:54:03 -05:00
Alexei Gradinari
524a302974 res_pjsip: Endpoint IP Access Controls
With the old SIP module we can use IP access controls per peer.
PJSIP module missing this feature.

This patch added next configuration Endpoint options:
    "acl" - list of IP ACL section names in acl.conf
    "deny" - List of IP addresses to deny access from
    "permit" - List of IP addresses to permit access from
    "contact_acl" - List of Contact ACL section names in acl.conf
    "contact_deny" - List of Contact header addresses to deny
    "contact_permit" - List of Contact header addresses to permit

This patch also better logging failed request:
    add custom message instead of "No matching endpoint found"
    add SIP method to logging

ASTERISK-25900

Change-Id: I456dea3909d929d413864fb347d28578415ebf02
2016-05-13 12:38:20 -04:00
Matt Jordan
89ae4466ea res_hep: Provide an option to pick the UUID type
At one point in time, it seemed like a good idea to use the Asterisk
channel name as the HEP correlation UUID. In particular, it felt like
this would be a useful identifier to tie PJSIP messages and RTCP
messages together, along with whatever other data we may eventually send
to Homer. This also had the benefit of keeping the correlation UUID
channel technology agnostic.

In practice, it isn't as useful as hoped, for two reasons:
1) The first INVITE request received doesn't have a channel. As a
   result, there is always an 'odd message out', leading it to be
   potentially uncorrelated in Homer.
2) Other systems sending capture packets (Kamailio) use the SIP Call-ID.
   This causes RTCP information to be uncorrelated to the SIP message
   traffic seen by those capture nodes.

In order to support both (in case someone is trying to use res_hep_rtcp
with a non-PJSIP channel), this patch adds a new option, uuid_type, with
two valid values - 'call-id' and 'channel'. The uuid_type option is used
by a module to determine the preferred UUID type. When available, that
source of a correlation UUID is used; when not, the more readily available
source is used.

For res_hep_pjsip:
 - uuid_type = call-id: the module uses the SIP Call-ID header value
 - uuid_type = channel: the module uses the channel name if available,
                        falling back to SIP Call-ID if not
For res_hep_rtcp:
 - uuid_type = call-id: the module uses the SIP Call-ID header if the
                        channel type is PJSIP and we have a channel,
                        falling back to the Stasis event provided
                        channel name if not
 - uuid_type = channel: the module uses the channel name

ASTERISK-25352 #close

Change-Id: Ide67e59a52d9c806e3cc0a797ea1a4b88a00122c
2016-05-13 07:44:20 -05:00
George Joseph
2a7130b8b0 pjproject_bundled: Check for python-dev and TEST_FRAMEWORK
The pjsua and pjsystest apps are now built only if TEST_FRAMEWORK is set.
The python bindings are now built only if TEST_FRAMEWORK is set and a
python development package is installed.

libresample was also disabled.

ASTERISK-25993 #close
Reported-by: Joshua Colp

Change-Id: If4e91c503a02f113d5b71bc8b972081fa3ff6f03
2016-05-08 19:32:23 -06:00
Alexei Gradinari
7a14e669f0 res_pjsip/AMI: add contact.updated event
With the old SIP module AMI sends PeerStatus event on every
successfully REGISTER requests, ie, on start registration,
update registration and stop registration.

With PJSIP AMI sends ContactStatus only when status is changed.
Regarding registration:
on start registration - Created
on stop registration - Removed
but on update registration nothing

This patch added contact.updated event.

ASTERISK-25904

Change-Id: I8fad8aae9305481469c38d2146e1ba3a56d3108f
2016-05-03 17:35:27 -04:00
Alexei Gradinari
3cb8934de0 pjsip: Added "reg_server" to contacts.
If the Asterisk system name is set in asterisk.conf, it will be stored
into the "reg_server" field in the ps_contacts table to facilitate
multi-server setups.

ASTERISK-25931

Change-Id: Ia8f6bd2267809c78753b52bcf21835b9b59f4cb8
2016-05-02 09:59:08 -03:00
zuul
2ae097f144 Merge "res_pjsip_pubsub.h: Fix doxygen association." into 13 2016-04-28 22:43:32 -05:00
Richard Mudgett
b1b2019046 res_pjsip_pubsub.h: Fix doxygen association.
Change-Id: I110d3e3572598289fcd4215d966cf0c858f98632
2016-04-28 17:00:46 -05:00
George Joseph
38bed4515d res_pjsip: Add ability to identify by Authorization username
A feature of chan_sip that service providers relied upon was the ability to
identify by the Authorization username.  This is most often used when customers
have a PBX that needs to register rather than identify by IP address.  From my
own experiance, this is pretty common with small businesses who otherwise
don't need a static IP.

In this scenario, a register from the customer's PBX may succeed because From
will usually contain the PBXs account id but an INVITE will contain the caller
id.  With nothing recognizable in From, the service provider's Asterisk can
never match to an endpoint and the INVITE just stays unauthorized.

The fixes:

A new value "auth_username" has been added to endpoint/identify_by that
will use the username and digest fields in the Authorization header
instead of username and domain in the the From header to match an endpoint,
or the To header to match an aor.  This code as added to
res_pjsip_endpoint_identifier_user rather than creating a new module.

Although identify_by was always a comma-separated list, there was only
1 choice so order wasn't preserved.  So to keep the order, a vector was added
to the end of ast_sip_endpoint.  This is only used by res_pjsip_registrar
to find the aor.  The res_pjsip_endpoint_identifier_* modules are called in
globals/endpoint_identifier_order.

Along the way, the logic in res_pjsip_registrar was corrected to match
most-specific to least-specific as res_pjsip_endpoint_identifier_user does.

The order is:

username@domain
username@domain_alias
username

Auth by username does present 1 problem however, the first INVITE won't have
an Authorization header so the distributor, not finding a match on anything,
sends a securty_alert.  It still sends a 401 with a challenge so the next
INVITE will have the Authorization header and presumably succeed.  As a result
though, that first security alert is actually a false alarm.

To address this, a new feature has been added to pjsip_distributor that keeps
track of unidentified requests and only sends the security alert if a
configurable number of unidentified requests come from the same IP in a
configurable amout of time.  Those configuration options have been added to
the global config object.  This feature is only used when auth_username
is enabled.

Finally, default_realm was added to the globals object to replace the hard
coded "asterisk" used when an endpoint is not yet identified.

The testsuite tests all pass but new tests are forthcoming for this new
feature.

ASTERISK-25835 #close
Reported-by: Ross Beer

Change-Id: I30ba62d208e6f63439600916fcd1c08a365ed69d
2016-04-27 15:22:29 -06:00
Joshua Colp
e0e03cd2c8 Merge "res_pjsip: disable multi domain to improve realtime performace" into 13 2016-04-27 14:03:53 -05:00
Alexei Gradinari
df3639700a res_pjsip: disable multi domain to improve realtime performace
This patch added new global pjsip option 'disable_multi_domain'.
Disabling Multi Domain can improve Realtime performance by reducing
number of database requests.

ASTERISK-25930 #close

Change-Id: I2e7160f3aae68475d52742107949a799aa2c7dc7
2016-04-27 10:58:25 -05:00
Joshua Colp
e5c5fac8f1 Merge "res_pjsip: Add serialized scheduler (res_pjsip/pjsip_scheduler.c)" into 13 2016-04-27 10:12:31 -05:00
Joshua Colp
9d8f59aaf2 Merge changes from topic 'system_stress_patches' into 13
* changes:
  test_message.c: Wait longer in case dialplan also processes the test message.
  Manager: Short circuit AMI message processing.
  manager.c: Eliminate most RAII_VAR usage.
  manager_channels.c: Fix allocation failure crash.
2016-04-26 04:57:07 -05:00
Joshua Colp
4efc6b4315 Merge changes from topic 'system_stress_patches' into 13
* changes:
  Bridge system: Fix memory leaks and double frees on impart failure.
  bridge_softmix.c: Fix crash if channel fails to join mixing tech.
2016-04-26 04:56:36 -05:00
Richard Mudgett
ba63aa7c9e Manager: Short circuit AMI message processing.
Improve AMI message processing performance if there are no consumers
listening for the messages.  We now skip creating the AMI event message
text strings.

Change-Id: I7b22fc5ec4e500d00635c1a467aa8ea68a1bb2b3
2016-04-22 16:44:05 -05:00
Richard Mudgett
1e93f3d723 Bridge system: Fix memory leaks and double frees on impart failure.
You cannot reference the passed in features struct after calling
ast_bridge_impart().  Even if the call fails.

Change-Id: I902b88ba0d5d39520e670fb635078a367268ea21
2016-04-22 16:44:04 -05:00
Richard Mudgett
5e388d4188 bridge_softmix.c: Fix crash if channel fails to join mixing tech.
softmix_bridge_join() failed because of an allocation failure.  To address
this, the softmix bridge technology now checks if the channel failed to
join softmix successfully.  In addition, the bridge now begins the process
of kicking the channel out of the bridge so we don't have channels
partially in the bridge for very long.

* Fix the test_channel_feature_hooks.c unit tests.  The test channel must
have a valid codec to join the simple_bridge technology.  This patch makes
joining a bridge more strict by not allowing partially joined channels to
remain in the bridge.

Change-Id: I97e2ade6a2bcd1214f24fb839fda948825b61a2b
2016-04-22 16:44:04 -05:00
Richard Mudgett
9942d50aa5 bridge: Hold off more than one imparting channel at a time.
An earlier patch blocked the ast_bridge_impart() call until the channel
either entered the target bridge or it failed.  Unfortuantely, if the
target bridge is stasis and the imprted channel is not a stasis channel,
stasis bounces the channel out of the bridge to come back into the bridge
as a proper stasis channel.  When the channel is bounced out, that
released the block on ast_bridge_impart() to continue.  If the impart was
a result of a transfer, then it became a race to see if the swap channel
would get hung up before the imparted channel could come back into the
stasis bridge.  If the imparted channel won then everything is fine.  If
the swap channel gets hung up first then the transfer will fail because
the swap channel is leaving the bridge.

* Allow a chain of ast_bridge_impart()'s to happen before any are
unblocked to prevent the race condition described above.  When the channel
finally joins the bridge or completely fails to join the bridge then the
ast_bridge_impart() instances are unblocked.

ASTERISK-25947
Reported by: Richard Mudgett

ASTERISK-24649
Reported by: John Bigelow

ASTERISK-24782
Reported by: John Bigelow

Change-Id: I8fef369171f295f580024ab4971e95c799d0dde1
2016-04-20 15:45:38 -05:00
George Joseph
9740277713 res_pjsip: Add serialized scheduler (res_pjsip/pjsip_scheduler.c)
There are several places that do scheduled tasks or periodic housecleaning,
each with its own implementation:

* res_pjsip_keepalive has a thread that sends keepalives.
* pjsip_distributor has a thread that cleans up expired unidentified requests.
* res_pjsip_registrar_expire has a thread that cleans up expired contacts.
* res_pjsip_pubsub uses ast_sched directly and then calls ast_sip_push_task.
* res_pjsip_sdp_rtp also uses ast_sched to send keepalives.

There are also places where we should be doing scheduled work but aren't.
A good example are the places we have sorcery observers to start registration
or qualify.  These don't work when changes are made to a backend database
without a pjsip reload.  We need to check periodically.

As a first step to solving these issues, a new ast_sip_sched facility has
been created.

ast_sip_sched wraps ast_sched but only uses ast_sched as a scheduled queue.
When a task is ready to run, ast_sip_task_pusk is called for it. This ensures
that the task is executed in a PJLIB registered thread and doesn't hold up the
ast_sched thread so it can immediately continue processing the queue.  The
serializer used by ast_sip_sched is one of your choosing or a random one from
the res_pjsip pool if you don't choose one.

Another feature is the ability to automatically clean up the task_data when the
task expires (if ever).  If it's an ao2 object, it will be dereferenced, if
it's a malloc'd object it will be freed.  This is selectable when the task is
scheduled.  Even if you choose to not auto dereference an ao2 task data object,
the scheduler itself maintains a reference to it while the task is under it's
control.  This prevents the data from disappearing out from under the task.

There are two scheduling models.

AST_SIP_SCHED_TASK_PERIODIC specifies that the invocations of the task occur at
the specific interval.  That is, every "interval" milliseconds, regardless of
how long the task takes.  If the task takes longer than the interval, it will
be scheduled at the next available multiple of interval.  For exmaple: If the
task has an interval of 60 secs and the task takes 70 secs (it better not),
the next invocation will happen at 120 seconds.

AST_SIP_SCHED_TASK_DELAY specifies that the next invocation of the task should
start "interval" milliseconds after the current invocation has finished.

Also, the same ast_sched facility for fixed or variable intervals exists.  The
task's return code in conjunction with the AST_SIP_SCHED_TASK_FIXED or
AST_SIP_SCHED_TASK_VARIABLE flags controls the next invocation start time.

One res_pjsip.h housekeeping change was made.  The pjsip header files were
added to the top.  There have been a few cases lately where I've needed
res_pjsip.h just for ast_sip calls and had compiles fail spectacularly because
I didn't add the pjsip header files to my source even though I never referenced
any pjsip calls.

Finally, a few new convenience APIs were added to astobj2 to make things a
little easier in the scheduler.  ao2_ref_and_lock() calls ao2_ref() and
ao2_lock() in one go.  ao2_unlock_and_unref() does the reverse. A few macros
were also copied from res_phoneprov because I got tired of having to duplicate
the same hash, sort and compare functions over and over again. The
AO2_STRING_FIELD_(HASH|SORT|CMP)_FN macros will insert functions suitable for
aor_container_alloc into your source.

This facility can be used immediately for the situations where we already have
a thread that wakes up periodically or do some scheduled work.  For the
registration and qualify issues, additional sorcery and schema changes would
need to be made so that we can easily detect changed objects on a periodic
basis without having to pull the entire database back to check.  I'm thinking
of a last-updated timestamp on the rows but more on this later.

Change-Id: I7af6ad2b2d896ea68e478aa1ae201d6dd016ba1c
2016-04-14 13:07:40 -06:00
George Joseph
fe7e48db03 res_pjsip contact: Lock expiration/addition of contacts
Contact expiration can occur in several places:  res_pjsip_registrar,
res_pjsip_registrar_expire, and automatically when anyone calls
ast_sip_location_retrieve_aor_contact.  At the same time, res_pjsip_registrar
may also be attempting to renew or add a contact.  Since none of this was locked
it was possible for one thread to be renewing a contact and another thread to
expire it immediately because it was working off of stale data.  This was the
casue of intermittent registration/inbound/nominal/multiple_contacts test
failures.

Now, the new named lock functionality is used to lock the aor during contact
expire and add operations and res_pjsip_registrar_expire now checks the
expiration with the lock held before deleting the contact.

ASTERISK-25885 #close
Reported-by: Josh Colp

Change-Id: I83d413c46a47796f3ab052ca3b349f21cca47059
2016-04-11 13:00:14 -05:00
George Joseph
772ff3048f lock: Add named lock capability
Locking some objects like sorcery objects can be tricky because the underlying
ao2 object may not be the same for all callers.  For instance, two threads that
call ast_sorcery_retrieve_by_id on the same aor name might actually get 2
different ao2 objects if the underlying wizard had to rehydrate the aor from a
database. Locking one ao2 object doesn't have any effect on the other even if
those objects had locks in the first place.

Named locks allow access control by keyspace and key strings.  Now an "aor"
named "1000" can be locked and any other thread attempting to lock "aor" "1000"
will wait regardless of whether the underlying ao2 object is the same or not.
Mutex and rwlocks are supported.

This capability will initially be used to lock an aor when multiple threads may
be attempting to prune expired contacts from it.

Change-Id: If258c0b7f92b02d07243ce70e535821a1ea7fb45
2016-04-08 12:50:58 -06:00
Richard Mudgett
2ef8a954b3 pbx: Update doxygen for extension state watchers.
Change-Id: Id1403b12136de62a272c01bb355aef65fd2c2d1e
2016-04-07 16:16:22 -05:00
Joshua Colp
2b84290386 Merge "stringfields: Refactor to allow fields to be added to the end of structures" into 13 2016-04-05 10:10:52 -05:00
Joshua Colp
bb7214180c Merge "res_rtp_asterisk: Use separate SRTP session for RTCP with DTLS" into 13 2016-04-05 05:37:09 -05:00
George Joseph
f6f4cf459f stringfields: Refactor to allow fields to be added to the end of structures
String fields are great, except that you can't add new ones without breaking
ABI compatibility because it shifts down everything else in the structure.
The only alternative is to add your own char * field to the end of the
structure and manage the memory yourself which isn't ideal, especially since
you then can't use the OPT_STRINGFIELD_T type.

Background:

The reason string fields had to be declared inside the
AST_DECLARE_STRING_FIELDS block was to facilitate iteration over all declared
fields for initialization, compare and copy.  Since AST_DECLARE_STRING_FIELDS
declared the pool, then the fields, then the manager, you could use the offsets
of the pool and manager and iterate over the sequential addresses in between to
access the fields. The actual pool, field allocation and field set operations
don't actually care where the field is.  It's just iteration over the fields
that was the problem.

Solution: Extended String Fields

An extended string field is one that is declared outside the
AST_DECLARE_STRING_FIELDS block but still (anywhere) inside the parent
structure.  Other than using AST_STRING_FIELD_EXTENDED instead of
AST_STRING_FIELD, it looks the same as other string fields.  It's storage comes
from the pool and it participates in string field compare and copy operations
peformed on the parent structure. It's also a valid target for the
OPT_STRINGFIELD_T aco option type.

Implementation:

To keep track of the extended fields and make sure that ABI isn't broken, the
existing embedded_pool pointer in the manager structure was repurposed to be a
pointer to a separate header structure that contains the embedded_pool pointer
plus a vector of fields.  The length of the manager structure didn't change and
the embedded_pool pointer isn't used in the macros, only the stringfields C
code.  A side benefit of this is that changing the header structure in the
future won't break ABI.

ast_string_fields_init initializes the normal string fields and appends them to
the vector, and subsequent calls to ast_string_field_init_extended initialize
and append the extended fields. Cleanup, ast_string_fields_cmp, and
ast_string_fields_copy can now work on the vector instead of sequentially
traversing the addresses between the pool and manager.

The total size of a structure using string fields didn't change, whether using
extended fields or not, nor have the offsets of any structure members, either
inside the original block or outside.  Adding an extended field to the end of a
structure is the same as adding a char *.

Details:

The stringfield C code was pulled out from utils.c and into stringfields.c.
It just made sense.

Additional work was done in ast_string_field_init and
ast_calloc_with_stringfields to handle the allocation of the new header
structure and the vector, and the associated cleanup.  In the process some
additional NULL pointer checking was added.

A lot of work was done in stringfields.h since the logic for compare and copy
is there.  Documentation was added as well as somne additional NULL checking.

The ability to call ast_calloc_with_stringfields with a number of structures
greater than 1 never really worked.  Well, the calloc worked but there was no
way to access the additional structures or clean them up.  It was agreed that
there was no use case for requesting more than 1 structure so an ast_assert
was added to prevent it and the iteration code removed.

Testing:

The stringfield unit tests were updated to test both normal and extended
fields.  Tests for ast_string_field_ptr_set_by_fields and
ast_calloc_with_stringfields were also added.

As an ABI test, 13 was compiled from git and the res_pjsip_* modules, except
res_pjsip itself, saved off.  The patch was then added and a full compile and
install was performed.  Then the older res_pjsip_* moduled were copied over the
installed versions so res_pjsip was new and the rest were old.  No issues.

contact->aor, which is a char * at the end of contact, was then changed to an
extended string field and a recompile and reinstall was performed, again
leaving stock versions of the the res_pjsip_* modules.  Again, no issues with
the res_pjsip_* modules using the old stringfield implementation and with
contact->aor as a char *, and res_pjsip itself using the new stringfield
implementation and contact->aor being an extended string field.

Finally, several existing string fields were converted to extended string
fields to test OPT_STRINGFIELD_T.  Again, no issues.

Change-Id: I235db338c5b178f5a13b7946afbaa5d4a0f91d61
2016-04-04 18:07:18 -06:00
Joshua Colp
072bf78ba3 Merge "res_pjsip_mwi: Add voicemail extension and mwi_subscribe_replaces_unsolicited" into 13 2016-04-04 14:16:02 -05:00
Richard Mudgett
ecf4102d02 res_stasis: Add control ref to playback and recording structs.
The stasis_app_playback and stasis_app_recording structs need to have a
struct stasis_app_control ref.  Other threads can get a reference to the
playback and recording structs from their respective global container.
These other threads can then use the control pointer they contain after
the control struct has gone.

* Add control ref to stasis_app_playback and stasis_app_recording structs.

With the refs added, the control command queue can now have a circular
control reference which will cause the control struct to never get
released if the control's command queue is not flushed when the channel
leaves the Stasis application.  Also the command queue needs better
protection from adding commands if the control->is_done flag is set.

* Flush the control command queue on exit.

ASTERISK-25882 #close

Change-Id: I3cf1fb59cbe6f50f20d9e35a2c07ac07d7f4320d
2016-03-30 16:23:40 -05:00
George Joseph
d8f0bc3572 res_pjsip_mwi: Add voicemail extension and mwi_subscribe_replaces_unsolicited
res_pjsip_mwi was missing the chan_sip "vmexten" functionality which adds
the Message-Account header to the MWI NOTIFY.  Also, specifying mailboxes
on endpoints for unsolicited mwi and on aors for subscriptions required
that the admin know in advance which the client wanted.  If you specified
mailboxes on the endpoint, subscriptions were rejected even if you also
specified mailboxes on the aor.

Voicemail extension:
* Added a global default_voicemail_extension which defaults to "".
* Added voicemail_extension to both endpoint and aor.
* Added ast_sip_subscription_get_dialog for support.
* Added ast_sip_subscription_get_sip_uri for support.

When an unsolicited NOTIFY is constructed, the From header is parsed, the
voicemail extension from the endpoint is substituted for the user, and the
result placed in the Message-Account field in the body.

When a subscribed NOTIFY is constructed, the subscription dialog local uri
is parsed, the voicemail_extension from the aor (looked up from the
subscription resource name) is substituted for the user, and the result
placed in the Message-Account field in the body.

If no voicemail extension was defined, the Message-Account field is not added
to the NOTIFY body.

mwi_subscribe_replaces_unsolicited:
* Added mwi_subscribe_replaces_unsolicited to endpoint.

The previous behavior was to reject a subscribe if a previous internal
subscription for unsolicited MWI was found for the mailbox.  That remains the
default.  However, if there are mailboxes also set on the aor and the client
subscribes and mwi_subscribe_replaces_unsolicited is set, the existing internal
subscription is removed and replaced with the external subscription.  This
allows an admin to configure mailboxes on both the endpoint and aor and allows
the client to select which to use.

ASTERISK-25865 #close
Reported-by: Ross Beer

Change-Id: Ic15a9415091760539c7134a5ba3dc4a6a1217cea
2016-03-30 12:17:29 -06:00
zuul
e595f02f83 Merge "res_rtp_asterisk: Fix packet stats on bridged connection" into 13 2016-03-29 14:28:36 -05:00
Jacek Konieczny
0cfab30b28 res_rtp_asterisk: Use separate SRTP session for RTCP with DTLS
Asterisk uses separate UDP ports for RTP and RTCP traffic and RFC 5764
explicitly states:

  There MUST be a separate DTLS-SRTP session for each distinct pair of
  source and destination ports used by a media session

This means RTP keying material cannot be used for DTLS RTCP, which was
the reason why RTCP encryption would fail.

ASTERISK-25642

Change-Id: I7e8779d8b63e371088081bb113131361b2847e3a
2016-03-29 09:29:45 -05:00
George Joseph
1bce690ccb res_rtp_asterisk: Fix packet stats on bridged connection
rxcount, txcount, rxoctetcount and txoctetcount weren't being calculated
for bridged streams because the calulations were being done after the
bridged short-circuit.  Actually, rxoctetcount wasn't ever being calculated.

Moved the calculations so they occur for all valid received packets and
all transmitted packets.  Also added rxoctetcount and txoctetcount to
ast_rtp_instance_stat.

Change-Id: I08fb06011a82d38c3b4068867a615068fbe59cbb
2016-03-28 11:23:08 -06:00
George Joseph
5aa5c49413 sorcery/res_pjsip: Refactor for realtime performance
There were a number of places in the res_pjsip stack that were getting
all endpoints or all aors, and then filtering them locally.

A good example is pjsip_options which, on startup, retrieves all
endpoints, then the aors for those endpoints, then tests the aors to see
if the qualify_frequency is > 0.  One issue was that it never did
anything with the endpoints other than retrieve the aors so we probably
could have skipped a step and just retrieved all aors. But nevermind.

This worked reasonably well with local config files but with a realtime
backend and thousands of objects, this was a nightmare.  The issue
really boiled down to the fact that while realtime supports predicates
that are passed to the database engine, the non-realtime sorcery
backends didn't.

They do now.

The realtime engines have a scheme for doing simple comparisons. They
take in an ast_variable (or list) for matching, and the name of each
variable can contain an operator.  For instance, a name of
"qualify_frequency >" and a value of "0" would create a SQL predicate
that looks like "where qualify_frequency > '0'".  If there's no operator
after the name, the engines add an '=' so a simple name of
"qualify_frequency" and a value of "10" would return exact matches.

The non-realtime backends decide whether to include an object in a
result set by calling ast_sorcery_changeset_create on every object in
the internal container.  However, ast_sorcery_changeset_create only does
exact string matches though so a name of "qualify_frequency >" and a
value of "0" returns nothing because the literal "qualify_frequency >"
doesn't match any name in the objset set.

So, the real task was to create a generic string matcher that can take a
left value, operator and a right value and perform the match. To that
end, strings.c has a new ast_strings_match(left, operator, right)
function.  Left and right are the strings to operate on and the operator
can be a string containing any of the following: = (or NULL or ""), !=,
>, >=, <, <=, like or regex.  If the operator is like or regex, the
right string should be a %-pattern or a regex expression.  If both left
and right can be converted to float, then a numeric comparison is
performed, otherwise a string comparison is performed.

To use this new function on ast_variables, 2 new functions were added to
config.c.  One that compares 2 ast_variables, and one that compares 2
ast_variable lists.  The former is useful when you want to compare 2
ast_variables that happen to be in a list but don't want to traverse the
list.  The latter will traverse the right list and return true if all
the variables in it match the left list.

Now, the backends' fields_cmp functions call ast_variable_lists_match
instead of ast_sorcery_changeset_create and they can now process the
same syntax as the realtime engines.  The realtime backend just passes
the variable list unaltered to the engine.  The only gotcha is that
there's no common realtime engine support for regex so that's been noted
in the api docs for ast_sorcery_retrieve_by_fields.

Only one more change to sorcery was done...  A new config flag
"allow_unqualified_fetch" was added to reg_sorcery_realtime.
"no": ignore fetches if no predicate fields were supplied.
"error": same as no but emit an error. (good for testing)
"yes": allow (the default);
"warn": allow but emit a warning. (good for testing)

Now on to res_pjsip...

pjsip_options was modified to retrieve aors with qualify_frequency > 0
rather than all endpoints then all aors.  Not only was this a big
improvement in realtime retrieval but even for config files there's an
improvement because we're not going through endpoints anymore.

res_pjsip_mwi was modified to retieve only endpoints with something in
the mailboxes field instead of all endpoints then testing mailboxes.

res_pjsip_registrar_expire was completely refactored.  It was retrieving
all contacts then setting up scheduler entries to check for expiration.
Now, it's a single thread (like keepalive) that periodically retrieves
only contacts whose expiration time is < now and deletes them.  A new
contact_expiration_check_interval was added to global with a default of
30 seconds.

Ross Beer reports that with this patch, his Asterisk startup time dropped
from around an hour to under 30 seconds.

There are still objects that can't be filtered at the database like
identifies, transports, and registrations.  These are not going to be
anywhere near as numerous as endpoints, aors, auths, contacts however.

Back to allow_unqualified_fetch.  If this is set to yes and you have a
very large number of objects in the database, the pjsip CLI commands
will attempt to retrive ALL of them if not qualified with a LIKE.
Worse, if you type "pjsip show endpoint <tab>" guess what's going to
happen? :)  Having a cache helps but all the objects will have to be
retrieved at least once to fill the cache.  Setting
allow_unqualified_fetch=no prevents the mass retrieve and should be used
on endpoints, auths, aors, and contacts.  It should NOT be used for
identifies, registrations and transports since these MUST be
retrieved in bulk.

Example sorcery.conf:

[res_pjsip]
endpoint=config,pjsip.conf,criteria=type=endpoint
endpoint=realtime,ps_endpoints,allow_unqualified_fetch=error

ASTERISK-25826 #close
Reported-by: Ross Beer
Tested-by: Ross Beer

Change-Id: Id2691e447db90892890036e663aaf907b2dc1c67
2016-03-25 19:19:39 -06:00
zuul
8271a06dde Merge "Restrict CLI/AMI commands on shutdown." into 13 2016-03-24 19:55:50 -05:00
Mark Michelson
59c8e189fd Restrict CLI/AMI commands on shutdown.
During stress testing, we have frequently seen crashes occur because a
CLI or AMI command attempts to access information that is in the process
of being destroyed.

When addressing how to fix this issue, we initially considered fixing
individual crashes we observed. However, the changes required to fix
those problems would introduce considerable overhead to the nominal
case. This is not reasonable in order to prevent a crash from occurring
while Asterisk is already shutting down.

Instead, this change makes it so AMI and CLI commands cannot be executed
if Asterisk is being shut down. For AMI, this is absolute. For CLI,
though, certain commands can be registered so that they may be run
during Asterisk shutdown.

ASTERISK-25825 #close

Change-Id: I8887e215ac352fadf7f4c1e082da9089b1421990
2016-03-24 09:29:07 -05:00