The simple fix here is simply to NULL out username and password after we call
ast_free on them. Unfortunately, I noticed that we weren't checking for
allocation failures for username and password, and adding those checks made
things noisy and cumbersome.
So instead we partially rollback the recent LGTM patch, and move the alloca
calls into find_aor_name().
ASTERISK-28641 #close
Reported by: Ross Beer
Change-Id: Ic9d01624e717a020be0b0aee31f0814e7f1ffbe2
We're appropriately sizing the id_domain_alias buffer, but then copying the data
into the id_domain one. We were then using the uninitialized id_domain_alias
buffer we just allocated.
This is ASTERISK~28641 adjacent, but significant enough to warrant its own
patch.
Change-Id: I81c38724d18deab8c6573153e2b99dbb6e2f33d9
The SIP transaction state was reset when emitting an UPDATE or a re-INVITE
related to a COLP, preventing RTP packets to be emitted.
ASTERISK-28647
Change-Id: Ie7a30fa7a97f711e7ba6cc17f221a0993d48bd8b
During capabilities selection (joint capabilities of us and peer,
configured capability for this peer, or general configured
capabilities), if sip_new() does not keep framing information,
then directmedia activation will fail for any framing different
from default framing.
ASTERISK-28637
Change-Id: I99257502788653c2816fc991cac7946453082466
We need to copy the endpoint name before we call ao2_cleanup() on it,
otherwise we might try to access memory that has been reclaimed.
ASTERISK-28445 #close
Reported by: Bernhard Schmidt
Change-Id: I404b952608aa606e0babd3c4108346721fb726b3
The problem is essentially the same as in ASTERISK~28245. Besides
the direct media scenario we have an additional scenario where a
special client is involved. This device mutes audio by default in
transmit direction (no rtp frames) and activates audio only by a
foot switch. In this situation dtmf input (pin for conferences,
transfer features codes , etc) using SIP INFO mode is not
understood properly especially when SIP INFO messages are sent
quickly.
This patch ensures that SIP INFO frames are properly queued and
processed in the above scenario. The patch also corrects situations
where successive dtmf events are received quicker than the
signalled event duration (plus minimum gap/pause) allows, i.e. DTMF
events have to be buffered in the ast channel read queue and
emulation has to be processed asynchronously at slower speed.
Reported by: Thomas Arimont
patches:
trigger_dtmf_emulation.patch submitted by Thomas Arimont (license 5525)
Change-Id: I309bf61dd065c9978c8e48f5b9a936ab47de64c2
* Use ast_cli_completion_add() to improve performance when large number of
cached items are present.
* Only complete one URI for commands that only accept a single URI.
* Change command documentation to wrap at 80 characters to improve
readability.
Change-Id: Iedb0a2c3541e49561bc231dca2dcc0ebd8612902
if asterisk offer T38 SDP with none error correction scheme and
the endpoint respond with redundancy EC scheme, asterisk switch
to that mode. Since we configure the endpoint as none EC mode
we should not switch to any other mode except none.
following logic implemented in code.
1. If asterisk offer none, and anything except none in answer
will be ignored.
2. If asterisk offer fec, answer with fec, redundancy and none will
be accepted.
3. If asterisk offer redundancy, answer with redundancy and none
will be accepted.
ASTERISK-28621
Change-Id: I343c62253ea4c8b7ee17abbfb377a4d484a14b19
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.
ASTERISK-28589 #close
Change-Id: I581c5ed1da60ca89f590bd70872de2b660de02df
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Action: Originate
Channel: Local/1111
Application: Originate
Data: Local/2222,app,System,touch /tmp/owned
If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps.
ASTERISK-28580
Reported by: Eliel Sardañons
Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa
The original clone depth of 10 was causing the need to rebase
changes whose parent was older than the 10 commits. The clone
depth has been increased to 100.
Workspace cleanup was only happening for successful builds which
wasn't enough to keep the 8G workspace in-memory drives on the
docker slaves from filling up. Now the workspaces are cleaned up
after every build regardless of success/failure. If you need to
preserve builds temporarily, you can log into Jenkins/Manage
Jenkins/Configure System and change the CLEANUP_WS_* environment
variable for the job type you're troubleshooting to "FALSE".
Change-Id: I0d7366e87cea714e5dbc9488caf718802fce75ca
Fixes: error: ‘domain_name’ may be used uninitialized in this function
Found with gcc (Ubuntu 9.2.1-9ubuntu2) 9.2.1 20191008
Change-Id: I44413b49ea1205aa25538142161deb73883c79e8
ASTERISK_28143 attempted to fix an issue where calls with no audio would never
timeout. It did so by adding AST_FRAME_NULL as a frame type to process in its
calculations. Unfortunately these frames seem to show up at irregular time
intervals. This resulted in app_amd returning prematurely most of the time.
* Removed AST_FRAME_NULL from the calculations
* Added a check to see how much time has actually passed since app_amd began
ASTERISK-28608
Change-Id: I642a21b02d389b17e40ccd5357754b034c3daa42
Upon a short PRI disconnection, libpri may maintain Q.921 layer 'up' and
may thus not send PRI_EVENT_DCHAN_DOWN / PRI_EVENT_DCHAN_UP events.
If pri_event_alarm() clears DCHAN_UP status bit upon alarm detection
and no Q.921 reconnection sequence occurs, chan_dahdi will keep
seeing span status "Down" at the end of alarm.
This patch modifies pri_event_alarm() in order to keep DCHAN_UP bit
unchanged. libpri will send a PRI_EVENT_DCHAN_DOWN event if it detects
a disconnection of Q.921 layer and this will clear DCHAN_UP if required.
ASTERISK-28615
Change-Id: Ibe27df4971fd4c82cc6850020bce4a8b2692c996
The current code sets alert levels starting from index 1.
Need to set on whole pool starting from index 0.
Change-Id: I5decbb43160954fb9a512f04302637fc666b6f5d
OpenSSL can not tolerate if the packet sent out does not
match the length that it provided to the sender. This change
lies and says that each time the full packet was sent. If
a problem does occur then a retransmission will occur as
appropriate.
ASTERISK-28576
Change-Id: Id42455b15c9dc4eb987c8c023ece6fbf3c22a449
If the last line of a file does not have a terminating EOL sequence, we
potentially add garbage to the value returned from the FILE() function.
There is no overflow potential here as we are reading from a buffer of a
known size, we are just reading too much of it.
ASTERISK-26481 #close
Change-Id: I50dd4fcf416fb3c83150040a1a79a59d9eb1ae01
MOH continues to play to a channel if that channel was on hold prior to
entering a softmix bridge. MOH will not stop even if the original "holder"
attempts an unhold.
For the most part a softmix bridge ignores holds, so a participating channel
shouldn't join while on hold. This patch checks to see if the channel joining
the softmix bridge is currently on hold. If so then it indicates an unhold.
ASTERISK-28618
Change-Id: I66ccd4efc80f5b4c3dd68186b379eb442916392b
This patch fixes several issues reported by the lgtm code analysis tool:
https://lgtm.com/projects/g/asterisk/asterisk
Not all reported issues were addressed in this patch. This patch mostly fixes
confirmed reported errors, potential problematic code points, and a few other
"low hanging" warnings or recommendations found in core supported modules.
These include, but are not limited to the following:
* innapropriate stack allocation in loops
* buffer overflows
* variable declaration "hiding" another variable declaration
* comparisons results that are always the same
* ambiguously signed bit-field members
* missing header guards
Change-Id: Id4a881686605d26c94ab5409bc70fcc21efacc25
When user wants to send json data, the default Content-Type header
is incorect (application/x-www-form-urlencoded). This patch allows
to set any custom headers so the Content-Type header can be
overriden. User can set multiple headers by multiple calls of
curlopt(). This approach is not consistent with other parameters,
but is more readable in dialplan than one call with multiple
headers.
ASTERISK-28613
Change-Id: I4dd68c3f4e25362ef941d73a3861f58348dcfbf9
resource_events:stasis_app_message_handler() was locking the session,
then attempting to determine if the app had debug enabled which
locked the app_registry container. res_stasis:__stasis_app_register
was locking the app_registry container then calling app_update
which caused app_handler (which locks the session) to run.
The result was a deadlock.
* Updated resource_events:stasis_app_message_handler() to determine
if debug was set (which locks the app_registry) before obtaining the
session lock.
* Updated res_stasis:__stasis_app_register to release the app_registry
container lock before calling app_update (which locks the sesison).
ASTERISK-28423
Reported by Ross Beer
Change-Id: I58c69d08cb372852a63933608e4d6c3e456247b4
There exists a scenario where a thread can hold a lock on the
channels container while trying to lock a bridge. At the same
time another thread can hold the lock for said bridge while
attempting to retrieve a channel. This causes a deadlock.
This change fixes this scenario by retrieving a channel snapshot
instead of a channel, as information present in the snapshot
is all that is needed.
ASTERISK-28616
Change-Id: I68ceb1d62c7378addcd286e21be08a660a7cecf2