There were still a few places in the code that could overflow when "packing"
a json object with a value outside the base type integer's range. For instance:
unsigned int value = INT_MAX + 1
ast_json_pack("{s: i}", value);
would result in a negative number being "packed". In those situations this patch
alters those values to a ast_json_int_t, which widens the value up to a long or
long long.
ASTERISK-28480
Change-Id: Ied530780d83e6f1772adba0e28d8938ef30c49a1
Otherwise, OpenR2 threads go crazy and consume almost all CPU resources
Change-Id: I10a41f617613fe7399c5bdced5c64a2751173f28
Signed-off-by: Oron Peled <oron.peled@xorcom.com>
The chan_sip module performs a T.38 re-invite using a single media
stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional
media stream with no joint codec a crash will occur as the code
assumes that at least one joint codec will exist in this
scenario.
This change removes this assumption.
ASTERISK-28465
Change-Id: I8b02845b53344c6babe867a3f0a5231045c7ac87
Details:
- The memcpy() call copied part of "dahdi_conf" and not "dahdi_conf.mfcr2"
- As a result, the memcmp() in dahdi_r2_get_link() always fails
- This cause dahdi_r2_get_link() to create new link for every channel
(instead of a new link for every ~30 channels)
- With the fix, far less links are generated -- so we use far less threads
Change-Id: I7259dd6272f5e46e8a6c7f5bf3e8c2ec01b8c132
Signed-off-by: Oron Peled <oron.peled@xorcom.com>
Fixes a crash in chan_dahdi occurring on 32-bit systems. A previous
patch introduced a variable of type unassigned long long which is 64-bits.
Casting it as 'ast_json_int_t' along with JSON type 'I' makes it work
with 32-bit systems.
ASTERISK-28457
Change-Id: I9cef6b5f2d826fc5c93f2f6a1c997c4e3e6c93fe
Fixed format-truncation issues in chan_dahdi.c and
sig_analog.c. Since they're related to fields provided
by dahdi-tools we can't change the buffer sizes so we're just
checking the return from snprintf and printing an errior if we
overflow.
Change-Id: Idc1f3c1565b88a7d145332a0196074b5832864e5
We have seen some rare case of segmentation fault in hangup function
and we could notice that channel pointer was NULL. Debug log shows
that there is a 200 OK answer and SIP timeout at the same time. It
looks that while the SIP session was being destroyed due to timeout
call hangup due to answer event lead to race condition and channel
is being destroyed from two different places. The check ensures we
check it not to be NULL before freeing it.
ASTERISK-25371
Change-Id: I19f6566830640625e08f7b87bfe15758ad33a778
After some definitions have been moved to asterisk/mwi.h the files
channels/chan_dahdi.h channels/sig_pri.c are missing this new
include.
ASTERISK-28427 #close
Change-Id: Ia8cc595eeda653324643f40dcd9799d4c3f0ac91
The caller endpoint hears dead silence if a callee replies 180 (without SDP)
and the caller already received 183 (with SDP).
It happens because Asterisk sends 180 (WITH SDP) to the caller,
there are not incoming RTP packets from the callee
and Asterisk does not generate inband ringing,
so there are not any outgoing RTP packets to the caller.
This patch replaces 180 by 183 if SDP negotiation has completed,
as if the caller endpoint is configured with "inband_progress=yes".
In this case Asterisk will generate inband ringing untill Asterisk receive
incoming RTP packets from the callee.
ASTERISK-27994 #close
Change-Id: I7450b751083ec30d68d6abffe922215a15ae5a73
Various fixes for issues caught by gcc 9. Mostly snprintf
trying to copy to a buffer potentially too small.
ASTERISK-28412
Change-Id: I9e85a60f3c81d46df16cfdd1c329ce63432cf32e
There is enough MWI functionality to warrant it having its own 'c' and header
files. This patch moves all current core MWI data structures, and functions
into the following files:
main/mwi.h
main/mwi.c
Note, code was simply moved, and not modified. However, this patch is also in
preparation for core MWI changes, and additions to come.
Change-Id: I9dde8bfae1e7ec254fa63166e090f77e4d3097e0
When the dtmf_mode on an endpoint is configured as "auto_info"
Asterisk will produce an inband DTMF tone alongside an INFO
message when sending DTMF.
ASTERISK-28371
Change-Id: I1380b82f006e110a1b83fbb50c9873edd13a5d9a
The compiler complained about a couple of variables that weren't
initialized but were being used. Initializing them to NULL resolves the
warnings/errors.
ASTERISK-28362 #close
Change-Id: I6243afc5459b416edff6bbf571b0489f6b852e4b
The next usage of PJSIP_PARSE_URI will crash asterisk
${PJSIP_PARSE_URI(tel:+1234567890,host)}
or
${PJSIP_PARSE_URI(192.168.1.1:5060,host)}
The function pjsip_parse_uri successfully parses then, but returns
struct pjsip_other_uri *.
This patch restricts parsing only SIP/SIPS URIs.
Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e
Passing negative intervals to the scheduler rips a hole in the
space-time continuum.
ASTERISK-25792 #close
Reported by: Paul Sandys
Change-Id: Ie706f21cee05f76ffb6f7d89e9c867930ee7bcd7
chan_sip will always ignore 183 responses that do not contain SDP
however, chan_pjsip will currently always translate it into a
183 with SDP. This new flag allows chan_pjsip to have the same
behavior as chan_sip.
ASTERISK-28322 #close
Change-Id: If81cfaa17c11b6ac703e3d71696f259d86c6be4a
Add logical group at DAHDIChannel event
and create "dahdi_group" at CHANNEL function.
ASTERISK-28317
Change-Id: Ic1f834cd53982a9707a9748395ee746d6575086a
Currently, the pjsip show channelstats cli does not show channel's
stats after hits the invalid channel info. This makes hard to use
this cli. Changed to keep iterate after hits the invalid channel
info.
ASTERISK-28292
Change-Id: I3efdff1c9e1b1efd3c971fb82ae77aa133a6f43c
Replace usage of ao2_container_alloc with ao2_container_alloc_hash or
ao2_container_alloc_list.
ao2_container_alloc is now restricted to modules only and is being
removed from Asterisk 17.
Change-Id: I0907d78bc66efc775672df37c8faad00f2f6c088
New dialplan function PJSIP_PARSE_URI added to parse an URI and return
a specified part of the URI.
This is useful when need to get part of the URI instead of cutting it
using a CUT function.
For example to get 'user' part of Remote URI
${PJSIP_PARSE_URI(${CHANNEL(pjsip,remote_uri)},user)}
ASTERISK-28144 #close
Change-Id: I5d828fb87f6803b6c1152bb7b44835f027bb9d5a
This change adds the ability for subscriptions to indicate
which message types they are interested in accepting. By
doing so the filtering is done before being dispatched
to the subscriber, reducing the amount of work that has
to be done.
This is optional and if a subscriber does not add
message types they wish to accept and set the subscription
to selective filtering the previous behavior is preserved
and they receive all messages.
There is also the ability to explicitly force the reception
of all messages for cases such as AMI or ARI where a large
number of messages are expected that are then generically
converted into a different format.
ASTERISK-28103
Change-Id: I99bee23895baa0a117985d51683f7963b77aa190
When a call pickup is performed using and invite with replaces header
the ast_do_pickup method is attempted and a PICKUP stasis message is sent.
ASTERISK-28081 #close
Reported-by: Luit van Drongelen
Change-Id: Ieb1442027a3ce6ae55faca47bc095e53972f947a
This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.
The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.
The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.
The default value is 'yes' for both options.
Change-Id: I16af967815efd904597ec2f033337e4333d097cd
These macros have been documented as legacy for a long time but are
still used in new code because they exist. Remove all references to:
* ao2_container_alloc_options
* ao2_t_container_alloc_options
* ao2_t_container_alloc
These macro's are still available for use but only in modules. Only
ao2_container_alloc remains due to it's use in over 100 places.
Change-Id: I1a26258b5bf3deb081aaeed11a0baa175c933c7a
With tls and udp enabled asterisk generates a warning about sending
message via udp instead of tls.
sip notify command via cli works as expected and without warning.
asterisk has to set the connection information accordingly to connection
and not on presumption
ASTERISK-28057 #close
Change-Id: Ib43315aba1f2c14ba077b52d8c5b00be0006656e
As they're not actively used, they only grow stale. The moduleinfo field itself
is kept in Asterisk 13/15 for ABI compatibility.
ASTERISK-28046 #close
Change-Id: I8df66a7007f807840414bb348511a8c14c05a9fc
Also remove function peer_ipcmp_cb since it's not used (according to
rmudgett).
Prior to b2c4e8660a (ASTERISK_27457)
insecure=port was the defacto standard. That commit also prevented
insecure=port from being applied for sip/tcp or sip/tls.
Into consideration there are three sets of behaviour:
1. "previous" - before the above commit.
2. "current" - post above commit, pre this one.
3. "new" - post this commit.
The problem that the above commit tried to address was guests over TCP.
It succeeded in doing that but broke transport!=udp with host!=dynamic.
This commit attempts to restore sane behaviour with respect to
transport!=udp for host!=dynamic whilst still retaining the guest users
over tcp.
It should be noted that when looking for a peer, two passes are made, the
first pass doesn't have SIP_INSECURE_PORT set for the searched-for peer,
thus looking for full matches (IP + Port), the second pass sets
SIP_INSECURE_PORT, thus expecting matches on IP only where the matched
peer allows for that (in the author's opinion: UDP with insecure=port,
or any TCP based, non-dynamic host).
In previous behaviour there was special handling for transport=tcp|tls
whereby a peer would match during the first pass if the utilized
transport was TCP|TLS (and the peer allowed that specific transport).
This behaviour was wrong, or dubious at best. Consider two dynamic tcp
peers, both registering from the same IP (NAT), in this case either peer
could match for connections from an IP. It's also this behaviour that
prevented SIP guests over tcp.
The above referenced commit removed this behaviour, but kept applying
the SIP_INSECURE_PORT only to WS|WSS|UDP. Since WS and WSS is also TCP
based, the logic here should fall into the TCP category.
This patch updates things such that the previously non-explicit (TCP
behaviour) transport test gets performed explicitly (ie, matched peer
must allow for the used transport), as well as the indeterministic
source-port nature of the TCP protocol is taken into account. The new
match algorithm now looks like:
1. As per previous behaviour, IP address is matched first.
2. Explicit filter with respect to transport protocol, previous
behaviour was semi-implied in the test for TCP pure IP match - this now
made explicit.
3. During first pass (without SIP_INSECURE_PORT), always match on port.
4. If doing UDP, match if matched against peer also has
SIP_INSECURE_PORT, else don't match.
5. Match if not a dynamic host (for non-UDP protocols)
6. Don't match if this is WS|WSS, or we can't trust the Contact address
(presumably due to NAT)
7. Match (we have a valid Contact thus if the IP matches we have no
choice, this will likely only apply to non-NAT).
To logic-test this we need a few different scenarios. Towards this end,
I work with a set number of peers defined in sip.conf:
[peer1]
host=1.1.1.1
transport=tcp
[peer2]
host=1.1.1.1
transport=udp
[peer3]
host=1.1.1.1
port=5061
insecure=port
transport=udp
[peer4]
host=1.1.1.2
transport=udp,tcp
[peer5]
host=dynamic
transport=udp,tcp
Test cases for UDP:
1 - incoming UDP request from 1.1.1.1:
- previous:
- pass 1:
* peer1 or peer2 if from port 5060 (indeterminate, depends on peer
ordering)
* peer3 if from port 5061
* peer5 if registered from 1.1.1.1 and source port matches
- pass 2:
* peer3
- current: as per previous.
- new:
- pass 1:
* peer2 if from port 5060
* peer3 if from port 5061
* peer5 if registered from 1.1.1.1 and source port matches
- pass 2:
* peer3
2 - incoming UDP request from 1.1.1.2:
- previous:
- pass 1:
* peer5 if registered from 1.1.1.2 and port matches
* peer4 if source port is 5060
- pass 2:
* no match (guest)
- current: as previous.
- new as previous (with the variation that if peer5 didn't have udp as
allowed transport it would not match peer5 whereas previous
and current code could).
3 - incoming UDP request from anywhere else:
- previous:
- pass 1:
* peer5 if registered from that address and source port matches.
- pass 2:
* peer5 if insecure=port is additionally set.
* no match (guest)
- current - as per previous
- new - as per previous
Test cases for TCP based transports:
4 - incoming TCP request from 1.1.1.1
- previous:
- pass 1 (indeterministic, depends on ordering of peers in memory):
* peer1; or
* peer5 if peer5 registered from 1.1.1.1 (irrespective of source port); or
* peer2 if the source port happens to be 5060; or
* peer3 if the source port happens to be 5061.
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer1 or peer2 if from source port 5060
* peer3 if from source port 5060
* peer5 if registered as 1.1.1.1 and source port matches
- pass 2:
* no match (guest)
- new:
- pass 1:
* peer 1 if from port 5060
* peer 5 if registered and source port matches
- pass 2:
* peer 1
5 - incoming TCP request from 1.1.1.2
- previous (indeterminate, depends on ordering):
- pass 1:
* peer4; or
* peer5 if peer5 registered from 1.1.1.2
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer4 if source port is 5060
* peer5 if peer5 registered as 1.1.1.2 and source port matches
- pass 2:
* no match (guest).
- new:
- pass 1:
* peer4 if source port is 5060
* peer5 if peer5 registered as 1.1.1.2 and source port matches
- pass 2:
* peer4
6 - incoming TCP request from anywhere else:
- previous:
- pass 1:
* peer5 if registered from that address
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer5 if registered from that address and port matches.
- pass 2:
* no match (guest)
- new: as per current.
It should be noted the test cases don't make explicit mention of TLS, WS
or WSS. WS and WSS previously followed UDP semantics, they will now
enforce source port matching. TLS follow TCP semantics.
The previous commit specifically tried to address test-case 6, but broke
test-cases 4 and 5 in the process.
ASTERISK-27881 #close
Change-Id: I61a9804e4feba9c7224c481f7a10bf7eb7c7f2a2
Otherwise console output
(get_refer_info): mutex 'peer' freed more times than we've locked!
(get_refer_info): Error releasing mutex: Operation not permitted
or
(get_refer_info): attempted unlock mutex 'peer' without owning it!
(__ast_read): 'peer' was locked here.
...dump_backtrace
(get_refer_info): Error releasing mutex: Operation not permitted
(__ast_read): mutex 'chan' freed more times than we've locked!
ASTERISK-28011 #close
Change-Id: I6e45f2764ba4f3273a943300f91ac9b461ac2893
If asterisk offer an endpoint with SRTP and that endpoint respond
with non srtp, in that case channel(rtp,secure,audio) reply wrong
status.
Why delete flag AST_SRTP_CRYPTO_OFFER_OK while check identical remote_key:
Currently this flag has being set redundantly. In either case identical
or different remote_key this flag has being set. So if we
don't set it while we receive identical remote_key or non SRTP SDP
response then we can take decision of srtp use by using that flag.
ASTERISK-27999
Change-Id: I29dc2843cf4e5ae2604301cb4ff258f1822dc2d7
The iax2 module is not handling timeout and EINTR case properly. Mainly when
there is an interupt to the kernel thread. In case of ast_io_wait recieves a
signal, or timeout it can be an error or return 0 which eventually escapes the
thread loop, so that it cant recieve any data. This then causes the modules
receive queue to build up on the kernel and stop any communications via iax in
asterisk.
The proposed patch is for the iax module, so that timeout and EINTR does not
exit the thread.
ASTERISK-27705
Reported-by: Kirsty Tyerman
Change-Id: Ib4c32562f69335869adc1783608e940c3535fbfb
chan_pjsip wasn't registering for "BEFORE_MEDIA" responses which meant
it was not updating HANGUPCAUSE for 4XX responses. If the remote end
sent a "180 Ringing", then a "486 Busy", the hangup cause was left at
"180 Normal Clearing".
* Removed chan_pjsip_incoming_response from the original session
supplement (which was handling only "AFTER MEDIA") and added it to a
new session supplement which accepts both "BEFORE_MEDIA" and
"AFTER_MEDIA".
* Also cleaned up some cleanup code in load module.
ASTERISK-27902
Change-Id: If9b860541887aca8ac2c9f2ed51ceb0550fb007a
