Commit Graph

4311 Commits

Author SHA1 Message Date
Ben Ford
26a38c4084 STIR/SHAKEN: Add Date header, dest->tn, and URL checking.
STIR/SHAKEN requires a Date header alongside the Identity header, so
that has been added. Still on the outgoing side, we were missing the
dest->tn section of the JSON payload, so that has been added as well.
Moving to the incoming side, URL checking has been added to the public
cert URL to ensure that it starts with http.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Idee5b1b5e45bc3b483b3070e46ce322dca5b3f1c
2021-05-26 12:33:06 -05:00
George Joseph
655ee680cd res_pjsip_outbound_authenticator_digest: Be tolerant of RFC8760 UASs
RFC7616 and RFC8760 allow more than one WWW-Authenticate or
Proxy-Authenticate header per realm, each with different digest
algorithms (including new ones like SHA-256 and SHA-512-256).
Thankfully however a UAS can NOT send back multiple Authenticate
headers for the same realm with the same digest algorithm.  The
UAS is also supposed to send the headers in order of preference
with the first one being the most preferred.  We're supposed to
send an Authorization header for the first one we encounter for a
realm that we can support.

The UAS can also send multiple realms, especially when it's a
proxy that has forked the request in which case the proxy will
aggregate all of the Authenticate headers and then send them all
back to the UAC.

It doesn't stop there though... Each realm can require a
different username from the others.  There's also nothing
preventing each digest algorithm from having a unique password
although I'm not sure if that adds any benefit.

So now... For each Authenticate header we encounter, we have to
determine if we support the digest algorithm and, if not, just
skip the header.  We then have to find an auth object that
matches the realm AND the digest algorithm or find a wildcard
object that matches the digest algorithm. If we find one, we add
it to the results vector and read the next Authenticate header.
If the next header is for the same realm AND we already added an
auth object for that realm, we skip the header. Otherwise we
repeat the process for the next header.

In the end, we'll have accumulated a list of credentials we can
pass to pjproject that it can use to add Authentication headers
to a request.

NOTE: Neither we nor pjproject can currently handle digest
algorithms other than MD5.  We don't even have a place for it in
the ast_sip_auth object. For this reason, we just skip processing
any Authenticate header that's not MD5.  When we support the
others, we'll move the check into the loop that searches the
objects.

Changes:

 * Added a new API ast_sip_retrieve_auths_vector() that takes in
   a vector of auth ids (usually supplied on a call to
   ast_sip_create_request_with_auth()) and populates another
   vector with the actual objects.

 * Refactored res_pjsip_outbound_authenticator_digest to handle
   multiple Authenticate headers and set the stage for handling
   additional digest algorithms.

 * Added a pjproject patch that allows them to ignore digest
   algorithms they don't support.  This patch has already been
   merged upstream.

 * Updated documentation for auth objects in the XML and
   in pjsip.conf.sample.

 * Although res_pjsip_authenticator_digest isn't affected
   by this change, some debugging and a testsuite AMI event
   was added to facilitate testing.

Discovered during OpenSIPit 2021.

ASTERISK-29397

Change-Id: I3aef5ce4fe1d27e48d61268520f284d15d650281
2021-05-20 14:21:02 -05:00
Naveen Albert
0ad3504ce0 AMI: Add AMI event to expose hook flash events
Although Asterisk can receive and propogate flash events, it currently
provides no mechanism for doing anything with them itself.

This AMI event allows flash events to be processed by Asterisk.
Additionally, AST_CONTROL_FLASH is included in a switch statement
in channel.c to avoid throwing a warning when we shouldn't.

ASTERISK-29380

Change-Id: Ie17ffe65086e0282c88542e38eed6a461ec79e81
2021-05-19 08:02:15 -05:00
Ben Ford
a84d34035a STIR/SHAKEN: Switch to base64 URL encoding.
STIR/SHAKEN encodes using base64 URL format. Currently, we just use
base64. New functions have been added that convert to and from base64
encoding.

The origid field should also be an UUID. This means there's no reason to
have it as an option in stir_shaken.conf, as we can simply generate one
when creating the Identity header.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Icf094a2a54e87db91d6b12244c9f5ba4fc2e0b8c
2021-05-11 15:36:22 -05:00
Ben Ford
5e6508b56f STIR/SHAKEN: Fix certificate type and storage.
During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.

We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.

The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
2021-05-11 09:29:38 -05:00
Sean Bright
d2dcd15bd8 res_pjsip.c: OPTIONS processing can now optionally skip authentication
ASTERISK-27477 #close

Change-Id: I68f6715bba92a525149e35d142a49377a34a1193
2021-04-29 07:45:04 -05:00
Kevin Harwell
15de2f1727 time: Add timeval create and unit conversion functions
Added a TIME_UNIT enumeration, and a function that converts a
string to one of the enumerated values. Also, added functions
that create and initialize a timeval object using a specified
value, and unit type.

Change-Id: Ic31a1c3262a44f77a5ef78bfc85dcf69a8d47392
2021-03-31 09:31:06 -05:00
Mark Murawski
a0009c807e logger: Console sessions will now respect logger.conf dateformat= option
The 'core' console (ie: asterisk -c) does read logger.conf and does
use the dateformat= option.

Whereas 'remote' consoles (ie: asterisk -r -T) does not read logger.conf
and uses a hard coded dateformat option for printing received verbose messages:
  main/logger.c: static char dateformat[256] = "%b %e %T"

This change will load logger.conf for each remote console session and
use the dateformat= option to set the per-line timestamp for verbose messages

Change-Id: I3ea10990dbd920e9f7ce8ff771bc65aa7f4ea8c1
ASTERISK-25358: #close
Reported-by: Igor Liferenko
2021-03-22 11:18:01 -05:00
Kevin Harwell
263f906af4 manager: Increase the non breaking AMI version number
ASTERISK~29244 added three new AMI events, so bump the version number.

Change-Id: I0e77fa36d38fb27dec3481d4ef08131330da0632
2021-03-11 10:54:53 -06:00
Jaco Kroon
52707fba7f app.h: Fix -Werror=zero-length-bounds compile errors in dev mode.
Change-Id: I5c104dc1f8417ccd3d01faf86e84ccbf89bc3b31
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
2021-03-10 04:24:27 -06:00
Sean Bright
e4cd7a7d0b strings.h: ast_str_to_upper() and _to_lower() are not pure.
Because they modify their argument they are not pure functions and
should not be marked as such, otherwise the compiler may optimize
them away.

ASTERISK-29306 #close

Change-Id: Ibec03a08522dd39e8a137ece9bc6a3059dfaad5f
2021-03-10 04:18:36 -06:00
Joshua C. Colp
a9acbd19f3 sorcery: Add support for more intelligent reloading.
Some sorcery objects actually contain dynamic content
that can change despite the underlying configuration
itself not changing. A good example of this is the
res_pjsip_endpoint_identifier_ip module which allows
specifying hostnames. While the configuration may not
change between reloads the DNS information of the
hostnames can.

This change adds the ability for a sorcery object to be
marked as having dynamic contents which is then taken
into account when reloading by the sorcery file based
config module. If there is an object with dynamic content
then a reload will be forced while if there are none
then the existing behavior of not reloading occurs.

ASTERISK-29321

Change-Id: I9342dc55be46cc00204533c266a68d972760a0b1
2021-03-05 10:33:10 -06:00
Jaco Kroon
916d5d5e45 app.h: Restore C++ compatibility for macro AST_DECLARE_APP_ARGS
This partially reverts commit 3d1bf3c537,
specifically for app.h.

This works with both gcc 9.3.0 and 10.2.0 now, both for C and C++ (as
tested with external modules).

ASTERISK-29287

Change-Id: I5b9f02a9b290675682a1d13f1788fdda597c9fca
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
2021-02-23 13:39:36 -06:00
Sebastien Duthil
092628c982 app_mixmonitor: Add AMI events MixMonitorStart, -Stop and -Mute.
ASTERISK-29244

Change-Id: I1862d58264c2c8b5d8983272cb29734b184d67c5
2021-02-23 12:15:03 -06:00
Ben Ford
62e2dd484d core_unreal: Fix T.38 faxing when using local channels.
After some changes to streams and topologies, receiving fax through
local channels stopped working. This change adds a stream topology with
a stream of type IMAGE to the local channel pair and allows fax to be
received.

ASTERISK-29035 #close

Change-Id: Id103cc5c9295295d8e68d5628e76220f8f17e9fb
2021-02-16 18:11:37 -06:00
Dan Cropp
088816284a chan_pjsip, app_transfer: Add TRANSFERSTATUSPROTOCOL variable
When a Transfer/REFER is executed, TRANSFERSTATUSPROTOCOL variable is
0 when no protocl specific error
SIP example of failure, 3xx-6xx for the SIP error code received

This allows applications to perform actions based on the failure
reason.

ASTERISK-29252 #close
Reported-by: Dan Cropp

Change-Id: Ia6a94784b4925628af122409cdd733c9f29abfc4
2021-01-27 11:42:10 -06:00
Sean Bright
68d3d3af6f asterisk: Export additional manager functions
Rename check_manager_enabled() and check_webmanager_enabled() to begin
with ast_ so that the symbols are automatically exported by the
linker.

ASTERISK~29184

Change-Id: I85762b9a5d14500c15f6bad6507138c8858644c9
2021-01-06 09:11:31 -06:00
lvl
92fcd4edba Introduce astcachedir, to be used for temporary bucket files
As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.

I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).

This commit just makes the cache directory configurable, but leaves
it at /tmp by default, to ensure backwards compatibility.

A future commit that only targets master could change the default
location to something more sensible such as /var/tmp/asterisk. At
that point, the cachedir could be created and cleaned up during
uninstall by the Makefile script.

ASTERISK-29143

Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d
2020-12-09 13:06:04 -06:00
George Joseph
569fc28966 pjsip_scheduler.c: Add type ONESHOT and enhance cli show command
* Added a ONESHOT type that never reschedules.

* Added "like" capability to "pjsip show scheduled_tasks" so you can do
  the following:

  CLI> pjsip show scheduled_tasks like outreg
  PJSIP Scheduled Tasks:

  Task Name                                     Interval  Times Run ...
  ============================================= ========= ========= ...
  pjsip/outreg/testtrunk-reg-0-00000074            50.000   oneshot ...
  pjsip/outreg/voipms-reg-0-00000073              110.000   oneshot ...

* Fixed incorrect display of "Next Start".

* Compacted the displays of times in the CLI.

* Added two new functions (ast_sip_sched_task_get_times2,
  ast_sip_sched_task_get_times_by_name2) that retrieve the interval,
  next start time, and next run time in addition to the times already
  returned by ast_sip_sched_task_get_times().

Change-Id: Ie718ca9fd30490b8a167bedf6b0b06d619dc52f3
2020-11-09 16:39:08 -06:00
Alexei Gradinari
da0f2ea99e sched: AST_SCHED_REPLACE_UNREF can lead to use after free of data
The data can be freed if the old object '_data' is the same object as
new 'data'. Because at first the object is unreferenced which can lead
to destroying it.

This could happened in res_pjsip_pubsub when the publication is updated
which could lead to segfault in function publish_expire.

Change-Id: I0164f57c387243510bdbd2f8dcf33377b6c202da
2020-11-09 08:59:34 -06:00
Alexander Traud
be54c7e9ea res_stir_shaken: Include OpenSSL headers where used actually.
This avoids the inclusion of the OpenSSL headers in the public header,
which avoids one external library dependency in res_pjsip_stir_shaken.

Change-Id: I6a07e2d81d2b5442e24e99b8cc733a99f881dcf4
2020-11-09 08:03:21 -06:00
Kevin Harwell
6baa4b53be AST-2020-001 - res_pjsip: Return dialog locked and referenced
pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference
and removes the lock prior to returning. This makes it possible,
under some circumstances, for another thread to free said dialog
before the thread that created it attempts to use it again. Of
course when the thread that created it tries to use a freed dialog
a crash can occur.

This patch makes it so Asterisk now returns the newly created
dialog both locked, and with an added reference. This allows the
caller to de-reference, and unlock the dialog when it is safe to
do so.

In the case of a new SIP Invite the lock, and reference are now
held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects,
like the transaction, to disappear. For example if there is a TCP
transport error.

ASTERISK-29057 #close

Change-Id: I5ef645a47829596f402cf383dc02c629c618969e
2020-11-05 11:52:28 -06:00
Ben Ford
82325ba58b AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
If Asterisk sends out and INVITE and receives a challenge with a
different nonce value each time, it will continually send out INVITEs,
even if the call is hung up. The endpoint must be configured for
outbound authentication in order for this to occur. A limit has been set
on outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate.

ASTERISK-29013

Change-Id: I2d001ca745b00ca8aa12030f2240cd72363b46f7
2020-11-05 10:42:29 -06:00
Kevin Harwell
6255e7976c Logging: Add debug logging categories
Added debug logging categories that allow a user to output debug
information based on a specified category. This lets the user limit,
and filter debug output to data relevant to a particular context,
or topic. For instance the following categories are now available for
debug logging purposes:

  dtls, dtls_packet, ice, rtcp, rtcp_packet, rtp, rtp_packet,
  stun, stun_packet

These debug categories can be enable/disable via an Asterisk CLI command.

While this overrides, and outputs debug data, core system debugging is
not affected by this patch. Statements still output at their appropriate
debug level. As well backwards compatibility has been maintained with
past debug groups that could be enabled using the CLI (e.g. rtpdebug,
stundebug, etc.).

ASTERISK-29054 #close

Change-Id: I6e6cb247bb1f01dbf34750b2cd98e5b5b41a1849
(cherry picked from commit 56028426de)
2020-10-12 10:50:26 -05:00
Sean Bright
5a0b19a4f3 pbx.c: On error, ast_add_extension2_lockopt should always free 'data'
In the event that the desired extension already exists,
ast_add_extension2_lockopt() will free the 'data' it is passed before
returning an error, so we should not be freeing it ourselves.

Additionally, there were two places where ast_add_extension2_lockopt()
could return an error without also freeing the 'data' pointer, so we
add that.

ASTERISK-29097 #close

Change-Id: I904707aae55169feda050a5ed7c6793b53fe6eae
2020-10-02 12:57:22 -05:00
George Joseph
4a049ad510 app_confbridge/bridge_softmix: Add ability to force estimated bitrate
app_confbridge now has the ability to set the estimated bitrate on an
SFU bridge.  To use it, set a bridge profile's remb_behavior to "force"
and set remb_estimated_bitrate to a rate in bits per second.  The
remb_estimated_bitrate parameter is ignored if remb_behavior is something
other than "force".

Change-Id: Idce6464ff014a37ea3b82944452e56cc4d75ab0a
2020-10-02 08:04:21 -05:00
George Joseph
99bd7d95de logger.h: Fix ast_trace to respect scope_level
ast_trace() was always emitting messages when it's level was set to -1
because it was ignoring scope_level.

Change-Id: I849c8f4f4613899c37f82be0202024e7d117e506
2020-09-22 09:54:34 -05:00
Torrey Searle
83140c9fed res_pjsip_diversion: implement support for History-Info
Implemention of History-Info capable of interworking with Diversion
Header following RFC7544

ASTERISK-29027 #close

Change-Id: I2296369582d4b295c5ea1e60bec391dd1d318fa6
2020-09-16 09:07:14 -05:00
Sean Bright
4964302984 format_cap: Perform codec lookups by pointer instead of name
ASTERISK-28416 #close

Change-Id: I069420875ebdbcaada52d92599a5f7de3cb2cdf4
2020-09-15 14:37:21 -05:00
George Joseph
ad4f2a8c99 debugging: Add enough to choke a mule
Added to:
 * bridges/bridge_softmix.c
 * channels/chan_pjsip.c
 * include/asterisk/res_pjsip_session.h
 * main/channel.c
 * res/res_pjsip_session.c

There NO functional changes in this commit.

Change-Id: I06af034d1ff3ea1feb56596fd7bd6d7939dfdcc3
2020-09-11 10:41:15 -06:00
George Joseph
d4f3b17dd3 res_pjsip_session: Handle multi-stream re-invites better
When both Asterisk and a UA send re-invites at the same time, both
send 491 "Transaction in progress" responses to each other and back
off a specified amount of time before retrying. When Asterisk
prepares to send its re-invite, it sets up the session's pending
media state with the new topology it wants, then sends the
re-invite.  Unfortunately, when it received the re-invite from the
UA, it partially processed the media in the re-invite and reset
the pending media state before sending the 491 losing the state it
set in its own re-invite.

Asterisk also was not tracking re-invites received while an existing
re-invite was queued resulting in sending stale SDP with missing
or duplicated streams, or no re-invite at all because we erroneously
determined that a re-invite wasn't needed.

There was also an issue in bridge_softmix where we were using a stream
from the wrong topology to determine if a stream was added.  This also
caused us to erroneously determine that a re-invite wasn't needed.

Regardless of how the delayed re-invite was triggered, we need to
reconcile the topology that was active at the time the delayed
request was queued, the pending topology of the queued request,
and the topology currently active on the session.  To do this we
need a topology resolver AND we need to make stream named unique
so we can accurately tell what a stream has been added or removed
and if we can re-use a slot in the topology.

Summary of changes:

 * bridge_softmix:
   * We no longer reset the stream name to "removed" in
     remove_all_original_streams().  That was causing  multiple streams
     to have the same name and wrecked the checks for duplicate streams.

   * softmix_bridge_stream_sources_update() was checking the old_stream
     to see if it had the softmix prefix and not considering the stream
     as "new" if it did.  If the stream in that slot has something in it
     because another re-invite happened, then that slot in old might
     have a softmix stream but the same stream in new might actually
     be a new one.  Now we check the new_stream's name instead of
     the old_stream's.

 * stream:
   * Instead of using plain media type name ("audio", "video", etc) as
     the default stream name, we now append the stream position to it
     to make it unique.  We need to do this so we can distinguish multiple
     streams of the same type from each other.

   * When we set a stream's state to REMOVED, we no longer reset its
     name to "removed" or destroy its metadata.  Again, we need to
     do this so we can distinguish multiple streams of the same
     type from each other.

 * res_pjsip_session:
   * Added resolve_refresh_media_states() that takes in 3 media states
     and creates an up-to-date pending media state that includes the changes
     that might have happened while a delayed session refresh was in the
     delayed queue.

   * Added is_media_state_valid() that checks the consistency of
     a media state and returns a true/false value. A valid state has:
     * The same number of stream entries as media session entries.
         Some media session entries can be NULL however.
     * No duplicate streams.
     * A valid stream for each non-NULL media session.
     * A stream that matches each media session's stream_num
       and media type.

   * Updated handle_incoming_sdp() to set the stream name to include the
     stream position number in the name to make it unique.

   * Updated the ast_sip_session_delayed_request structure to include both
     the pending and active media states and updated the associated delay
     functions to process them.

   * Updated sip_session_refresh() to accept both the pending and active
     media states that were in effect when the request was originally queued
     and to pass them on should the request need to be delayed again.

   * Updated sip_session_refresh() to call resolve_refresh_media_states()
     and substitute its results for the pending state passed in.

   * Updated sip_session_refresh() with additional debugging.

   * Updated session_reinvite_on_rx_request() to simply return PJ_FALSE
     to pjproject if a transaction is in progress.  This stops us from
     creating a partial pending media state that would be invalid later on.

   * Updated reschedule_reinvite() to clone both the current pending and
     active media states and pass them to delay_request() so the resolver
     can tell what the original intention of the re-invite was.

   * Added a large unit test for the resolver.

ASTERISK-29014

Change-Id: Id3440972943c611a15f652c6c569fa0e4536bfcb
2020-09-11 10:41:15 -06:00
Ben Ford
7eaae4e7b6 Bridging: Use a ref to bridge_channel's channel to prevent crash.
There's a race condition with bridging where a bridge can be torn down
causing the bridge_channel's ast_channel to become NULL when it's still
needed. This particular case happened with attended transfers, but the
crash occurred when trying to publish a stasis message. Now, the
bridge_channel is locked, a ref to the ast_channel is obtained, and that
ref is passed down the chain.

Change-Id: Ic48715c0c041615d17d286790ae3e8c61bb28814
2020-09-09 18:18:08 -05:00
Kevin Harwell
ec03909831 conversions: Add string to signed integer conversion functions
Change-Id: Id603b0b03b78eb84c7fca030a08b343c0d5973f9
2020-09-02 06:22:25 -05:00
Sean Bright
5ec7099312 bridge_channel: Ensure text messages are zero terminated
T.140 data in RTP is not zero terminated, so when we are queuing a text
frame on a bridge we need to ensure that we are passing a zero
terminated string.

ASTERISK-28974 #close

Change-Id: Ic10057387ce30b2094613ea67e3ae8c5c431dda3
2020-08-25 10:26:56 -05:00
George Joseph
c4c72d55a2 scope_trace: Added debug messages and added additional macros
The SCOPE_ENTER and SCOPE_EXIT* macros now print debug messages
at the same level as the scope level.  This allows the same
messages to be printed to the debug log when AST_DEVMODE
isn't enabled.

Also added a few variants of the SCOPE_EXIT macros that will
also call ast_log instead of ast_debug to make it easier to
use scope tracing and still print error messages.

Change-Id: I7fe55f7ec28069919a0fc0b11a82235ce904cc21
2020-08-25 09:21:27 -05:00
George Joseph
d26ab7f8f9 stream.c: Added 2 more debugging utils and added pos to stream string
* Added ast_stream_to_stra and ast_stream_topology_to_stra() macros
   which are shortcuts for
      ast_str_tmp(256, ast_stream_to_str(stream, &STR_TMP))

 * Added the stream position to the string representation of the
   stream.

 * Fixed some formatting in ast_stream_to_str().

Change-Id: Idaf4cb0affa46d4dce58a73a111f35435331cc4b
2020-08-20 07:46:11 -06:00
George Joseph
6faf76308d ACN: Changes specific to the core
Allow passing a topology from the called channel back to the
calling channel.

 * Added a new function ast_queue_answer() that accepts a stream
   topology and queues an ANSWER CONTROL frame with it as the
   data.  This allows the called channel to indicate its resolved
   topology.

 * Added a new virtual function to the channel tech structure
   answer_with_stream_topology() that allows the calling channel
   to receive the called channel's topology.  Added
   ast_raw_answer_with_stream_topology() that invokes that virtual
   function.

 * Modified app_dial.c and features.c to grab the topology from the
   ANSWER frame queued by the answering channel and send it to
   the calling channel with ast_raw_answer_with_stream_topology().

 * Modified frame.c to automatically cleanup the reference
   to the topology on ANSWER frames.

Added a few debugging messages to stream.c.

Change-Id: I0115d2ed68d6bae0f87e85abcf16c771bdaf992c
2020-08-18 05:26:24 -05:00
Sean Bright
da8a617dc9 vector.h: Fix implementation of AST_VECTOR_COMPACT() for empty vectors
The assumed behavior of realloc() - that it was effectively a free() if
its second argument was 0 - is Linux specific behavior and is not
guaranteed by either POSIX or the C specification.

Instead, if we want to resize a vector to 0, do it explicitly.

Change-Id: Ife31d4b510ebab41cb5477fdc7ea4e3138ca8b4f
2020-08-10 07:10:30 -05:00
Ben Ford
769a9611e7 utils.c: NULL terminate ast_base64decode_string.
With the addition of STIR/SHAKEN, the function ast_base64decode_string
was added for convenience since there is a lot of converting done during
the STIR/SHAKEN process. This function returned the decoded string for
you, but did not NULL terminate it, causing some issues (specifically
with MALLOC_DEBUG). Now, the returned string is NULL terminated, and the
documentation has been updated to reflect this.

Change-Id: Icdd7d05b323b0c47ff6ed43492937a03641bdcf5
2020-08-06 12:19:29 -05:00
George Joseph
802aa97fa0 ACN: Configuration renaming for pjsip endpoint
This change renames the codec preference endpoint options.
incoming_offer_codec_prefs becomes codec_prefs_incoming_offer
to keep the options together when showing an endpoint.

Change-Id: I6202965b4723777f22a83afcbbafcdafb1d11c8d
2020-08-06 10:50:26 -05:00
Sean Bright
d9ae902f52 utf8.c: Add UTF-8 validation and utility functions
There are various places in Asterisk - specifically in regards to
database integration - where having some kind of UTF-8 validation would
be beneficial. This patch adds:

* Functions to validate that a given string contains only valid UTF-8
  sequences.

* A function to copy a string (similar to ast_copy_string) stopping when
  an invalid UTF-8 sequence is encountered.

* A UTF-8 validator that allows for progressive validation.

All of this is based on the excellent UTF-8 decoder by Björn Höhrmann.
More information is available here:

    https://bjoern.hoehrmann.de/utf-8/decoder/dfa/

The API was written in such a way that should allow us to replace the
implementation later should we determine that we need something more
comprehensive.

Change-Id: I3555d787a79e7c780a7800cd26e0b5056368abf9
2020-07-28 09:45:17 -05:00
Sean Bright
9022f35f09 vector.h: Add AST_VECTOR_SORT()
Allows a vector to be sorted in-place, rather than only during
insertion.

Change-Id: I22cba9ddf556a7e44dacc53c4431bd81dd2fa780
2020-07-24 11:29:35 -05:00
Ben Ford
5fbed5af24 res_stir_shaken: Add stir_shaken option and general improvements.
Added a new configuration option for PJSIP endpoints - stir_shaken. If
set to yes, then STIR/SHAKEN support will be added to inbound and
outbound INVITEs. The default is no. Alembic has been updated to include
this option.

Previously the dialplan function was not trimming the whitespace from
the parameters it recieved. Now it does.

Also added a conditional that, when TEST_FRAMEWORK is enabled, the
timestamp in the identity header will be overlooked. This is just for
testing, since the testsuite will rely on a SIPp scenario with a preset
identity header to trigger the MISMATCH result.

Change-Id: I43d67f1489b8c1c5729ed3ca8d71e35ddf438df1
2020-07-10 09:57:09 -05:00
George Joseph
9bd1d686a1 ACN: Add tracing to existing code
Prior to making any modifications to the pjsip infrastructure
for ACN, I've added the tracing functions to the existing code.
This should make the final commit easier to review, but we can also
now run a "before and after" trace.

No functional changes were made with this commit.

Change-Id: Ia83a1a2687ccb96f2bc8a2a3928a5214c4be775c
2020-07-08 09:24:42 -05:00
George Joseph
2d22e34206 ACN: res_pjsip endpoint options
This commit adds the endpoint options required to control
Advanced Codec Negotiation.

incoming_offer_codec_prefs
outgoing_offer_codec_prefs
incoming_answer_codec_prefs
outgoing_answer_codec_prefs

The documentation may need tweaking and some additional edits
added, especially for the "answer" prefs.  That'll be handled
when things finalize.

This commit is safe to merge as it doens't alter any existing
functionality nor does it alter the previous codec negotiation
work which may now be obsolete.

Change-Id: I920ba925d7dd36430dfd2ebd9d82d23f123d0e11
2020-07-08 09:03:58 -05:00
George Joseph
d093e44b1e frame.c: Make debugging easier
* ast_frame_subclass2str() and ast_frame_type2str() now return
   a pointer to the buffer that was passed in instead of void.
   This makes it easier to use these functions inline in
   printf-style debugging statements.

 * Added many missing control frame entries in
   ast_frame_subclass2str.

Change-Id: Ifd0d6578e758cd644c96d17a5383ff2128c572fc
2020-07-07 15:01:17 -05:00
George Joseph
955b7b4fdb Scope Trace: Make it easier to trace through synchronous tasks
Tracing through synchronous tasks was a little troublesome because
the new thread's stack counter reset to 0.  This change allows
a synchronous task to set its trace level to be the same as the
thread that pushed the task.  For now, the task's level has to be
passed in the task's data structure but a future enhancement to the
taskprocessor subsystem could automatically set the trace level
of the servant to be that of the caller.

This doesn't really make sense for async tasks because you never
know when they're going to run anyway.

Change-Id: Ib8049c0b815063a45d8c7b0cb4e30b7b87b1d825
2020-07-07 14:07:57 -05:00
Kevin Harwell
cfed0ea033 manager - Add Content-Type parameter to the SendText action
This patch allows a user of AMI to now specify the type of message
content contained within by setting the 'Content-Type' parameter.

Note, the AMI version has been bumped for this change.

ASTERISK-28945 #close

Change-Id: Ibb5315702532c6b954e1498beddc8855fabdf4bb
2020-07-06 05:27:43 -05:00
George Joseph
8d1064eaaf Streams: Add features for Advanced Codec Negotiation
The Streams API becomes the home for the core ACN capabilities.
These include...

 * Parsing and formatting of codec negotation preferences.
 * Resolving pending streams and topologies with those configured
   using configured preferences.
 * Utility functions for creating string representations of
   streams, topologies, and negotiation preferences.

For codec negotiation preferences:
 * Added ast_stream_codec_prefs_parse() which takes a string
   representation of codec negotiation preferences, which
   may come from a pjsip endpoint for example, and populates
   a ast_stream_codec_negotiation_prefs structure.
 * Added ast_stream_codec_prefs_to_str() which does the reverse.
 * Added many functions to parse individual parameter name
   and value strings to their respectrive enum values, and the
   reverse.

For streams:
 * Added ast_stream_create_resolved() which takes a "live" stream
   and resolves it with a configured stream and the negotiation
   preferences to create a new stream.
 * Added ast_stream_to_str() which create a string representation
   of a stream suitable for debug or display purposes.

For topology:
 * Added ast_stream_topology_create_resolved() which takes a "live"
   topology and resolves it, stream by stream, with a configured
   topology stream and the negotiation preferences to create a new
   topology.
 * Added ast_stream_topology_to_str() which create a string
   representation of a topology suitable for debug or display
   purposes.
 * Renamed ast_format_caps_from_topology() to
   ast_stream_topology_get_formats() to be more consistent with
   the existing ast_stream_get_formats().

Additional changes:
 * A new function ast_format_cap_append_names() appends the results
   to the ast_str buffer instead of replacing buffer contents.

Change-Id: I2df77dedd0c72c52deb6e329effe057a8e06cd56
2020-07-01 09:27:14 -05:00
George Joseph
7440fd0397 Scope Trace: Add some new tracing macros and an ast_str helper
Created new SCOPE_ functions that don't depend on RAII_VAR.  Besides
generating less code, the use of the explicit SCOPE_EXIT macros
capture the line number where the scope exited.  The RAII_VAR
versions can't do that.

 * SCOPE_ENTER(level, ...): Like SCOPE_TRACE but doesn't use
   RAII_VAR and therefore needs needs one of...

 * SCOPE_EXIT(...): Decrements the trace stack counter and optionally
   prints a message.

 * SCOPE_EXIT_EXPR(__expr, ...): Decrements the trace stack counter,
   optionally prints a message, then executes the expression.
   SCOPE_EXIT_EXPR(break, "My while got broken\n");

 * SCOPE_EXIT_RTN(, ...): Decrements the trace stack counter,
   optionally prints a message, then returns without a value.
   SCOPE_EXIT_RTN("Bye\n");

 * SCOPE_EXIT_RTN_VALUE(__return_value, ...): Decrements the trace
   stack counter, optionally prints a message, then returns the value
   specified.
   SCOPE_EXIT_RTN_VALUE(rc, "Returning with RC: %d\n", rc);

Create an ast_str helper ast_str_tmp() that allocates a temporary
ast_str that can be passed to a function that needs it, then frees
it.  This makes using the above macros easier.  Example:

   SCOPE_ENTER(1, Format Caps 1: %s  Format Caps 2: %s\n",
       ast_str_tmp(32, ast_format_cap_get_names(cap1, &STR_TMP),
       ast_str_tmp(32, ast_format_cap_get_names(cap2, &STR_TMP));

The calls to ast_str_tmp create an ast_str of the specified initial
length which can be referenced as STR_TMP.  It then calls the
expression, which must return a char *, ast_strdupa's it, frees
STR_TMP, then returns the ast_strdupa'd string.  That string is
freed when the function returns.

Change-Id: I44059b20d55a889aa91440d2f8a590865998be51
2020-06-30 09:22:32 -05:00