This change fixes up DTLS support in res_rtp_asterisk so it can accept and provide
a SHA-256 fingerprint, so it occurs on RTCP, and so it occurs after ICE negotiation
completes. Configuration options to chan_sip have also been added to allow behavior
to be tweaked (such as forcing the AVP type media transports in SDP).
ASTERISK-22961 #close
Reported by: Jay Jideliov
Review: https://reviewboard.asterisk.org/r/3679/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@417677 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When using FEC, with span=3 and entries=4 Asterisk will attempt to repair
the packet with sequence number 5, as it will see that packet -4 is
missing. The result is Asterisk sending garbage packets that can kill a
fax.
This patch adds a check to see if the sequence number is valid before
checking if the packet is missing.
Review: https://reviewboard.asterisk.org/r/3657/
#ASTERISK-23908 #close
Reported by: Torrey Searle
patches:
udptl_fec.patch uploaded by Torrey Searle (License 5334)
........
Merged revisions 417318 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@417320 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Simply establishing a TCP connection and never sending anything to the
configured HTTP port in http.conf will tie up a HTTP connection. Since
there is a maximum number of open HTTP sessions allowed at a time you can
block legitimate connections.
A similar problem exists if a HTTP request is started but never finished.
* Added http.conf session_inactivity timer option to close HTTP
connections that aren't doing anything. Defaults to 30000 ms.
* Removed the undocumented manager.conf block-sockets option. It
interferes with TCP/TLS inactivity timeouts.
* AMI and SIP TLS connections now have better authentication timeout
protection. Though I didn't remove the bizzare TLS timeout polling code
from chan_sip.
* chan_sip can now handle SSL certificate renegotiations in the middle of
a session. It couldn't do that before because the socket was non-blocking
and the SSL calls were not restarted as documented by the OpenSSL
documentation.
* Fixed an off nominal leak of the ssl struct in
handle_tcptls_connection() if the FILE stream failed to open and the SSL
certificate negotiations failed.
The patch creates a custom FILE stream handler to give the created FILE
streams inactivity timeout and timeout after a specific moment in time
capability. This approach eliminates the need for code using the FILE
stream to be redesigned to deal with the timeouts.
This patch indirectly fixes most of ASTERISK-18345 by fixing the usage of
the SSL_read/SSL_write operations.
ASTERISK-23673 #close
Reported by: Richard Mudgett
........
Merged revisions 415841 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@415854 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The supplied hash function to a container must be idempotent given the
object's key value to figure out which container bucket the object belongs
in. Returning a random number or the current container count is not
idempotent. The "computed hash" value doesn't help find the object later
in those cases.
* Fixed the format_list container to actually be a list since that is how
the container is used. Conceptually, if more than 283 formats were added
to the format_list then odd things may have happened before the fix.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@415728 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The twisted logic determining if a config file should be reloaded was
mostly broken and disabled. The incorrect test that ASTERISK-23383 fixed
actually reenabled the broken logic. The incorrect test was causing the
timestamp to always be cleared which caused config files with includes to
always be reloaded.
* Made wildcard includes always cause a reload. Determining if a file was
deleted cannot be determined without restructuring the cache to determine
if any files are missing from the last files actually loaded. Also
without refactoring config_text_file_load(), the glob loop couldn't check
more than one file for changes anyway.
* Made remove the cache entry if the file no longer exists when trying to
get its timestamp or it is no longer a regular file. This fixes the
corner case where the file was loaded, then deleted, then the config
reloaded, then the file restored with the same timestamp, and then the
config reloaded again.
* Made remove the cache entry include list when actually loading the file.
This gets rid of any stale includes the file had from the last time the
file was loaded.
ASTERISK-23683 #close
Reported by: tootai
Review: https://reviewboard.asterisk.org/r/3575/
........
Merged revisions 415225 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@415229 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When invoking UpdateConfig AMI action with Action set to EmptyCat, Asterisk
will make all categories empty in the config but the one requested with a
Cat variable. This is due to a bug in ast_category_empty (main/config.c)
that makes an incorrect comparison for a category name.
This patch corrects the comparison such that only the requested category
is cleared.
Review: https://reviewboard.asterisk.org/r/3573/
ASTERISK-23803 #close
Reported by: zvision
patches:
manager.c.diff uploaded by zvision (License 5755)
........
Merged revisions 414880 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@414881 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Dynamic and pattern matching hints should not be checked for their last
known state until they are instantiated by subscribers.
(closes issue AFS-56)
Reported by: John Hardin
Patch AFS-56-pbx.diff submitted by Matt Jordan (license 6283)
........
Merged revisions 414813 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@414859 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fixed early exit in sip_msg_send() not destroying the message iterator.
* Made ast_msg_var_iterator_next() and ast_msg_var_iterator_destroy()
tolerant of a NULL iter parameter in case ast_msg_var_iterator_init()
fails.
* Made ast_msg_var_iterator_destroy() clean up any current message data
ref.
* Made struct ast_msg_var_iterator, ast_msg_var_iterator_init(),
ast_msg_var_iterator_next(), ast_msg_var_unref_current(), and
ast_msg_var_iterator_destroy() use iter instead of i.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@413139 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Backport -r411687 and fix the fix because content_length is the length of
out plus the length of the file controlled by fd.
When a response has an out content length of 0, fwrite would be called to
write a buffer with no data in it. This resulted in the following classic
error message:
[Apr 3 11:49:17] ERROR[26421] http.c: fwrite() failed: Success
This patch makes it so that we only attempt to write the content of out if
the out string is non-zero.
........
Merged revisions 412922 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412923 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds the TCP_NODELAY option to accepted connections on the HTTP
server built into Asterisk. This option disables the Nagle algorithm
which controls queueing of outbound data and in some cases can cause
delays on receipt of response by the client due to how the Nagle
algorithm interacts with TCP delayed ACK. This option is already set on
all non-HTTP AMI connections and this change would cover standard HTTP
requests, manager HTTP connections, and ARI HTTP requests and
websockets in Asterisk 12+ along with any future use of the HTTP
server.
Review: https://reviewboard.asterisk.org/r/3466/
........
Merged revisions 412745 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412748 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch fixes two issues when building on SmartOS:
- channels/chan_oss.c: it makes sure soundcard.h is found
- main/Makefile: only use "-Wl,--version-script" when GNU LD is used as the Sun
Linker doesn't support that. Similar checks are already used elswhere in the
Makefile
Review: https://reviewboard.asterisk.org/r/3426
ASTERISK-23576 #close
Reported by: Sebastian Wiedenroth
patches:
fix-sunos.diff uploaded by Sebastian Wiedenroth (License 6597)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412468 65c4cc65-6c06-0410-ace0-fbb531ad65f3
autoservice acquires a local reference to the logger callid of each channel
in a loop. This local reference was not released, causing the callid of
every channel in autoservice to leak. This change moves the callid unref
inside the loop.
ASTERISK-23616 #close
Reported by: ibercom
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412305 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch does the following:
(1) It makes REF_DEBUG a meneselect item. Enabling REF_DEBUG now enables
REF_DEBUG globally throughout Asterisk.
(2) The ref debug log file is now created in the AST_LOG_DIR directory.
Every run will now blow away the previous run (as large ref files
sometimes caused issues). We now also no longer open/close the file
on each write, instead relying on fflush to make sure data gets written
to the file (in case the ao2 call being performed is about to cause a
crash)
(3) It goes with a comma delineated format for the ref debug file. This
makes parsing much easier. This also now includes the thread ID of the
thread that caused ref change.
(4) A new python script instead for refcounting has been added in the
contrib/scripts folder.
Review: https://reviewboard.asterisk.org/r/3377/
........
Merged revisions 412114 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@412115 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Add notice messages during execution that the -I command line option and
the astersik.conf internal_timing option are no longer needed. The
internal timing functionality is now always enabled if there is a timing
module loaded.
NOTE: Since the command line options and the asterisk.conf config file are
processed before the logging system is initialized, the messages are
output to stderr.
Change requested as a result of asterisk-dev list comments about the
commit for ASTERISK-22846 that removed the -I and internal_timing options.
Review: https://reviewboard.asterisk.org/r/3423/
........
Merged revisions 411964 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@411974 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The masquerade supertest frequently fails because either the local channel
chain doesn't completely optimize out or the DTMF handshake doesn't
completely get accross. Local channel optimization requires frames
flowing to trigger when optimization can happen. When optimization
happens the media frame that triggered the optimization is dropped.
Sending DTMF requires frames to flow in the other direction for timing
purposes while sending nothing. If internal timing is not enabled when
MOH is playing, Asterisk switches to received timing when an audio frame
is received. With optimization dropping media frames and MOH not sending
frames unless it receives frames, occasionaly there are no more frames
being passed and the test fails.
* The asterisk command line -I option and the asterisk.conf
internal_timing option are removed. Asterisk now always uses internal
timing when needed if any timing module is loaded. The issue
ASTERISK-14861 did this quite awhile ago in v1.4 but effectively is broken
if other internal timing modules besides DAHDI are used. The
ast_read_generator_actions() now only does received timing if it has no
choice for frame generators like MOH, silence, and playback streaming.
* Cleaned up some code dealing with frame generators in
ast_deactivate_generator(), generator_write_format_change(),
ast_activate_generator(), and ast_channel_stop_silence_generator().
ASTERISK-22846 #close
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3414/
........
Merged revisions 411715 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@411716 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ASTERISK-23391 caused a regression where the symbol 'defaultlanguage'
was used by app_voicemail but not exported by main/asterisk. This
change renames the variable to ast_defaultlanguage. The variable was
already renamed in Asterisk 12+.
(closes issue ASTERISK-23559)
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/3408/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@411633 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch works around a problem with the HTTP body
being dropped from the response to a specific client
and under specific circumstances:
a) Client request comes from node.js user agent
"Shred" via use of swagger-client library.
b) Asterisk and Client are *not* on the same
host or TCP/IP stack
In testing this problem, it has been determined that
the write of the HTTP body is lost, even if the data
is written using low level write function. The only
solution found is to instruct the TCP stack with the
shutdown function to flush the last write and finish
the transmission. See review for more details.
ASTERISK-23548 #close
(closes issue ASTERISK-23548)
Reported by: Sam Galarneau
Review: https://reviewboard.asterisk.org/r/3402/
........
Merged revisions 411462 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@411463 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Backport ast_register_cleanup from Asterisk 12.
* Use ast_register_cleanup for format_attr_shutdown.
ast_register_cleanup was originally commited in r390122 by dlee.
(closes issue ASTERISK-23103)
Reported by: JoshE
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@411310 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Callerid checksum-ing was being handled incorrectly here. When the checksum is
calculated to be 0x00, it will perform 0x100-0x00 which results in 0x100. This
value will then fail the otherwise correct callerid message.
This patch changes the logic to simply add the calculated checksum to the
transmitted 2's compliment checksum.
Review: https://reviewboard.asterisk.org/r/3356/
(closes issue ASTERISK-23488)
........
Merged revisions 410710 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@410717 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The syncing thread sleeps for a second before waiting to be
told to attempt to sync again. If a signal were sent during this
sleeping period, we would end up having to wait until the next
sync signal occurred in order to sync up the astdb.
This code rearrangement also ensures that any pending transactions
will be synced prior to Asterisk shutting down.
Patches: db_sync.patch by John Hardin (License #6512)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@410556 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Sending a HTTP request that is handled by Asterisk with a large number of
Cookie headers could overflow the stack.
Another vulnerability along similar lines is any HTTP request with a
ridiculous number of headers in the request could exhaust system memory.
(closes issue ASTERISK-23340)
Reported by: Lucas Molas, researcher at Programa STIC, Fundacion; and Dr. Manuel Sadosky, Buenos Aires, Argentina
........
Merged revisions 410380 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@410381 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The test of the result of the stat() call was inverted such that its
output was only used if the call failed. This inverts the test so that
the output of stat() is used correctly. This was causing full reloads
on unchanged files.
(closes issue ASTERISK-23383)
Reported by: David Woolley
........
Merged revisions 409916 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@409917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When nanosecond time resolution was added for identifying config file
changes, it didn't cover all of the myriad of ways that one might obtain
nanosecond time resolution off of struct stat.
Rather than complicate the #if even further figuring out one system from
the next, this patch directly tests for the three struct members I know
about today, and #ifdef's accordingly.
Review: https://reviewboard.asterisk.org/r/3273/
........
Merged revisions 409833 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@409834 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Upon failure of an INVITE transaction meant to initiate a remote native
bridge, rtp_engine.c would not clean up non-reference-counted bridge
instance pointers leaving a dangling pointer which was being used to
perform a local native bridge after the other channel had hung up. This
lead to dereferencing into freed memory and plenty of AO2 errors. This
change allows the remote native bridge loop to clean up properly when
the bridge fails.
(closes issue ASTERISK-23310)
Reported by: Jeremy Laine
........
Merged revisions 409521 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@409524 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When two RTP channels are in a remote bridge, the remote bridging loop in
rtp_engine will periodically check to see if the two channels can still be
bridged. One of the many things it checks is whether or not the codecs have
changed on the channel. If the codec has changed, it will break out of the
loop to re-determine which type of bridge is appropriate.
In order to perform this check, the ast_rtp_glue virtual table's get_codec
callback is called for each channel. The callback implementations assume
that the channel tech private is valid when called; as such, there has
always been some code in place to check whether or not the channel pvt is
NULL before calling. However, this check is insufficient.
The channels are unlocked during the remote bridging loop. It is possible
for a channel to get masqueraded between the check for the pvt being NULL and
the actual call to get_codec. When this occurs, the callback is called with a
ZOMBIE channel, which now has a NULL pvt. Crash.
While this has always been possible in Asterisk 1.8, it is much more likely to
occur in Asterisk 11 and later versions due to the timing changes that occur
when getting the codec from a channel. Note that this is much more likely to be
reproduced on slow, boggy hardware running Asterisk 11 - but fairly rarely
otherwise.
Also Note: This crash was also caught by the various SIP blind transfer tests,
in addition to the bug report Alec filed.
Review: https://reviewboard.asterisk.org/r/3247/
(closes issue ASTERISK-21737)
Reported by: Alec Davis
Tested by: Alec Davis
........
Merged revisions 409001 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@409002 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk didn't support the dynamic payload change in rtp mapping in the 200
OK response.
Scenario:
Asterisk sends the INVITE proposing alaw and telephone-event, it proposes
rtpmap:101 for telephone-event. Peer responds with 2xx, it answers with
alaw and telephone-event also, but it proposes a different rtpmap number
(rtpmap:103) for telephone-event.
Expected Behaviour:
Asterisk should honour the rtpmapping in the response and send DTMF packets
using 103 as payload type for DTMF.
Actual Behaviour: Asterisk sends DTMF packets using payload type 101.
With this patch asterisk now supports changes that can occur in the rtp mapping
in the response.
(closes issue ASTERISK-23279)
Reported by: NITESH BANSAL
Review: https://reviewboard.asterisk.org/r/3225/
Patches:
dynamic_payload_change.patch uploaded by nbansal (license 6418)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@408729 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Updated the code to check to see if MOH is playing on the transferor and if
so then start it on the channel that replaces it during a masquerade.
Example scenario of the problem:
Alice calls Bob and then Bob begins the attended transfer process into a queue.
Upon going on hold Alice hears music and so does Bob once he is in the queue.
Bob then transfers Alice into the queue and then music for Alice stops even
though she should be hearing it since has now replaced Bob in the queue.
The problem that was occurring is that once the channel was masqueraded the app
(queues, confbridge, etc...) had no way of knowing that the channel had just
been swapped out thus it did not start music for the present channel.
Credit to Olle Johansson for pointing me in the right direction on this issue.
(closes issue ASTERISK-19499)
Reported by: Timo Teräs
Review: https://reviewboard.asterisk.org/r/3226/
........
Merged revisions 408642 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@408643 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Repeatedly modifying config files and reloading too fast sometimes fails
to reload the configuration because the cached modification timestamp has
one second resolution.
* Added file size and nanosecond resolution fields to the cached config
file modification timestamp information. Now if the file size changes or
the file system supports nanosecond resolution the modified file has a
better chance of being detected for reload.
* Added a missing unlock in an off-nominal code path.
(closes issue AST-1303)
Review: https://reviewboard.asterisk.org/r/3235/
........
Merged revisions 408387 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@408388 65c4cc65-6c06-0410-ace0-fbb531ad65f3
It is highly unlikely, but - at least in Asterisk 12 - theoretically possible
to load Asterisk with no dialplan whatsoever. If that occurs, and some other
module (that is not a pbx module) attempts to merge its contexts into the
dialplan, the existing merge routine will crash. This is because it is not
insane, and rightly believes that you provided some sort of dialplan,
somewhere.
This patch will gracefully merge the contexts in such a case. Note that this
is highly unlikely to occur in 1.8/11, as features will most likely provide
some dialplan via parking. However, in Asterisk 12, parking is now provided
by res_parking, and hence may create its dialplan later.
(closes issue ASTERISK-23297)
Reported by: CJ Oster
Review: https://reviewboard.asterisk.org/r/3222
........
Merged revisions 408200 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@408201 65c4cc65-6c06-0410-ace0-fbb531ad65f3
