This function finds a weak proxy in an ao2_container and returns the
real object associated with it.
Change-Id: I9da822049747275f5961b5c0a7f14e87157d65d8
Copy the list of weakproxy callbacks to temporary memory so they can be
run without holding the weakproxy lock.
Change-Id: Ib167622a8a0f873fd73938f7611b2a5914308047
The only caller of cdr_object_fn_table.process_party_b() explicitly does
the check before calling.
Change-Id: Ib0c53cdf5048227842846e0df9d2c19117c45618
Since ASTERISK-26922, this issue affected only those chan_sip which were
* enabled for dual-stack (bindaddr=::), and
* enabled for TCP (tcpenable=yes) and/or TLS (tlsenable=yes), and
* tried to register and/or invite a IPv4-only service,
* via TCP and/or TLS.
Now, ast_tcptls_client_create does not re-bind to [::] anymore.
ASTERISK-27324 #close
Change-Id: I4b242837bdeb1ec7130dc82505c6180a946fd9b5
ast_strings_match uses sscanf and checks for non-zero return to verify a
token was parsed. This is incorrect as sscanf returns EOF (-1) for errors.
ASTERISK-27318 #close
Change-Id: Ifcece92605f58116eff24c5a0a3b0ee08b3c87b1
Some endpoints do not like a stream being reused for a new
media stream. The frame/jitterbuffer can rely on underlying
attributes of the media stream in order to order the packets.
When a new stream takes its place without any notice the
buffer can get confused and the media ends up getting dropped.
This change uses the SSRC change to determine that a new source
is reusing an existing stream and then bridge_softmix renegotiates
each participant such that they see a new media stream. This
causes the frame/jitterbuffer to start fresh and work as expected.
ASTERISK-27277
Change-Id: I30ccbdba16ca073d7f31e0e59ab778c153afae07
When a sip session is refreshed, the stream topology is looped
through, checking each stream for compatible formats. This would
cause a crash if the stream state was AST_STREAM_STATE_REMOVED,
since the formats would never be set for this stream, causing
a NULL value to be returned from ast_stream_get_formats. This
commit adds a check for streams with removed states.
Also removed a stray semicolon.
Change-Id: Ic86f8b65a4a26a60885b28b8b1a0b22e1b471d42
When two channels were early bridged in a native_rtp bridge, the RTP description
on one side was not updated when the other side answered.
This patch forbids non-answered channels to enter a native_rtp bridge, and
triggers a bridge reconfiguration when an ANSWER frame is received.
ASTERISK-27257
Change-Id: If1aaee1b4ed9658a1aa91ab715ee0a6413b878df
The Websocket implementation will steal the underlying stream of
TCP/TLS sessions. This results in an error message being output
about a stream not being present when in reality this is actually
fine.
This change moves it to a debug message instead.
Change-Id: I66cc639080b4b4599beadb4faa7d313f2721d094
A new endpoint parameter "incoming_mwi_mailbox" allows Asterisk to
receive unsolicited MWI NOTIFY requests and make them available to
other modules via the stasis message bus.
res_pjsip_pubsub has a new handler "pubsub_on_rx_mwi_notify_request"
that parses a simple-message-summary body and, if
endpoint->incoming_mwi_account is set, calls ast_publish_mwi_state
with the voice-message counts from the message.
Change-Id: I08bae3d16e77af48fcccc2c936acce8fc0ef0f3c
If an error occurs during a bridge impart it's possible that
the "bridge_after" callback might try to run before
control_swap_channel_in_bridge has been signalled to continue.
Since control_swap_channel_in_bridge is holding the control lock
and the callback needs it, a deadlock will occur.
* control_swap_channel_in_bridge now only holds the control
lock while it's actually modifying the control structure and
releases it while the bridge impart is running.
* bridge_after_cb is now tolerant of impart failures.
Change-Id: Ifd239aa93955b3eb475521f61e284fcb0da2c3b3
In 2dee95cc (ASTERISK-27024) and 776ffd77 (ASTERISK-26879) there was
confusion about whether the transport_state->localnet ACL has ALLOW or
DENY semantics.
For the record: the localnet has DENY semantics, meaning that "not in
the list" means ALLOW, and the local nets are in the list.
Therefore, checks like this look wrong, but are right:
/* See if where we are sending this request is local or not, and if
not that we can get a Contact URI to modify */
if (ast_apply_ha(transport_state->localnet, &addr) != AST_SENSE_ALLOW) {
ast_debug(5, "Request is being sent to local address, "
"skipping NAT manipulation\n");
(In the list == localnet == DENY == skip NAT manipulation.)
And conversely, other checks that looked right, were wrong.
This change adds two macro's to reduce the confusion and uses those
instead:
ast_sip_transport_is_nonlocal(transport_state, addr)
ast_sip_transport_is_local(transport_state, addr)
ASTERISK-27248 #close
Change-Id: Ie7767519eb5a822c4848e531a53c0fd054fae934
An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received. The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.
* Add ast_safe_execvp() function. This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding. This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.
* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.
* Document code injection potential from untrusted data sources for other
shell commands that are under user control.
ASTERISK-27103
Change-Id: I7552472247a84cde24e1358aaf64af160107aef1
A video update frame is used to indicate that a channel
with video negotiated should provide a full frame so the
decoder decoding the stream is able to do so. In situations
where a queue is used to store frames it makes no sense
for the queue to contain multiple video update frames. One
is sufficient to have a full frame be sent.
ASTERISK-27222
Change-Id: Id3f40a6f51b740ae4704003a1800185c0c658ee7
* Add protection checks when mapping streams to the bridge. The channel
and bridge may be in the process of updating the stream mapping when a
media frame comes in so we may not be able to map the frame at the time.
* We need to map the streams to the bridge's stream numbers right before
they are written into the bridge. That way we don't have to keep
locking/unlocking the bridge and we won't have any synchronization
problems before the frames actually go into the bridge.
* Protect the deferred queue with the bridge_channel lock.
ASTERISK-27212
Change-Id: Id6860dd61b594b90c8395f6e2c0150219094c21a
* Fix deadlock in
bridge_softmix.c:softmix_bridge_stream_topology_changed() between
bridge_channel and channel locks.
* The new bridge technology topology change callbacks must be called with
the bridge locked. The callback references the bridge channel list, the
bridge technology could change, and the bridge stream mapping is updated.
ASTERISK-27212
Change-Id: Ide4360ab853607e738ad471721af3f561ddd83be
* ast_channel_request_stream_topology_change() must not be called with any
channel locks held.
* ast_channel_stream_topology_changed() must be called with only the
passed channel lock held.
ASTERISK-27212
Change-Id: I843de7956d9f1cc7cc02025aea3463d8fe19c691
When the iostream code went in it introduced a conditional that made it so the
hook event was not being raised even if a hook is present. This patch adds a
check to see if a hook is present in astman_append. If so then call into the
send_string function, which in turn raises the even for specified hook.
Also updated the ami hooks unit test, so the test could be automated.
ASTERISK-27200 #close
Change-Id: Iff37f02f9708195d8f23e68f959d6eab720e1e36
* netsock2.c: Test the addr->len member first as it may be the only member
initialized in the struct.
* stun.c:ast_stun_handle_packet(): The combinded[] local array could get
used uninitialized by ast_stun_request(). The uninitialized string gets
copied to another location and could overflow the destination memory
buffer.
These valgrind findings were found for ASTERISK_27150 but are not
necessarily a fix for the issue.
Change-Id: I55f8687ba4ffc0f69578fd850af006a56cbc9a57
This change fixes a few locking issues and some video misrouting.
1. When accessing the stream topology of a channel the channel lock
must be held to guarantee the topology remains valid.
2. When a channel was joined to a bridge the bridge specific
implementation for stream mapping was not invoked, causing video
to be misrouted for a brief period of time.
ASTERISK-27182
Change-Id: I5d2f779248b84d41c5bb3896bf22ba324b336b03
joint_cap needs to be released unconditionally as chan->tech->requester
does not steal the reference even on success.
ASTERISK-27180 #close
Change-Id: I647728992559bdb0a9c7357c20be1b36400d68b6
GCC 7 has added capability to produce warnings, this fixes most of those
warnings. The specific warnings are disabled in a few places:
* app_voicemail.c: truncation of paths more than 4096 chars in many places.
* chan_mgcp.c: callid truncated to 80 chars.
* cdr.c: two userfields are combined to cdr copy, fix would break ABI.
* tcptls.c: ignore use of deprecated method SSLv3_client_method().
ASTERISK-27156 #close
Change-Id: I65f280e7d3cfad279d16f41823a4d6fddcbc4c88
This change does a few things to improve packet loss and renegotiation:
1. On outgoing RTP streams we will now properly reflect out of order
packets and packet loss in the sequence number. This allows the
remote jitterbuffer to better reorder things.
2. Video updates can now be discarded for a period of time
after one has been sent to prevent flooding of clients.
3. For declined and removed streams we will now release any
media session resources associated with them. This was not
previously done and caused an issue where old state was being
used for a new stream.
4. RTP bundling was not actually removing bundled RTP instances
from the parent. This has been resolved by removing based on
the RTP instance itself and not the SSRC.
5. The code did not properly handle explicitly unbundling an
RTP instance from its parent. This now works as expected.
ASTERISK-27143
Change-Id: Ibd91362f0e4990b6129638e712bc8adf0899fd45
