In chan_agent, a '*' is used by default to terminate a bridge with a caller.
This can lead to all sorts of problems if '*' is used by a feature in
features.conf, as the chan_agent disconnect '*' may be detected first.
This patch adds a documentation snippet to features.conf so that users who
attempt to use features with agents know of the potential conflict.
ASTERISK-20402 #close
Reported by: Matt Riddell
patches:
features.conf.diff uploaded by Matt Riddell (License 5023)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@427617 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r227276, a while loop was turned into a for loop. Unfortunately, a portion
of the while loop was left in the code such that, when a static gateway is
encountered in the list of MGCP gateways, the next gateway would be skipped.
At best, we would simply flip past a gateway; at worst, this could lead to a
crash.
ASTERISK-24500 #close
Reported by: Xavier Hienne
patches:
chan_mgcp.patch uploaded by Xavier Hienne (License 6657)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@427613 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When UCS2 character encoding is used, one symbol in national language can be
expanded to 4 bytes. The current buffer used for receiving message in
do_monitor_phone is 256 bytes, which is not large enough for incoming messages.
For example:
* AT+CMGR phone response prefix
'+CMGR: "REC UNREAD","+7**********",,"14/10/29,13:31:39+12"\r\n' - 60 bytes
* SMS body with UCS2 encoding (max) - 280 bytes
* AT+CMGR phone response suffix '\r\n\r\nOK\r\n' - 8 bytes
* Terminating null character - 1 byte
This results in a needed buffer size of 349 bytes. Hence, this patch opts for a
350 byte buffer.
ASTERISK-24468 #close
Reported by: Dmitriy Bubnov
patches:
chan_mobile-1_8.diff uploaded by Dmitriy Bubnov (License 6651)
chan_mobile-trunk.diff uploaded by Dmitry Bubnov (License 6651)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@427607 65c4cc65-6c06-0410-ace0-fbb531ad65f3
fn_wrapper only adds a reference to the format's module if the file
was able to be opened. If not this causes an unmatched
ast_module_unref in filestream_destructor. Move ast_module_ref to
get_stream.
ASTERISK-24492 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4149/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@427464 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a config file is read, an unescaped semicolon signals comments which are
stripped from the value before it's stored. Escaped semicolons are then
unescaped and become part of the value. Both of these behaviors are normal
and expected. When the config is serialized either by 'dialplan save' or
AMI/UpdateConfig however, the now unescaped semicolons are written as-is.
If you actually reload the file just saved, the unescaped semicolons are
now treated as start of comments.
Since true comments are stripped on read, any semicolons in
ast_variable.value must have been escaped originally. This patch
re-escapes semicolons in ast_variable.values before they're written to
file either by 'dialplan save' or config/ast_config_text_file_save which
is called by AMI/UpdateConfig. I also fixed a few pre-existing formatting
issues nearby in pbx_config.c
Tested-by: George Joseph
ASTERISK-20127 #close
Review: https://reviewboard.asterisk.org/r/4132/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@427328 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fix cleanup in __ast_play_and_record where others[x] may be leaked.
This was caught where prepend != NULL && outmsg != NULL, once
realfile[x] == NULL any further others[x] would be leaked. A cleanup
block was also added for prepend != NULL && outmsg == NULL.
11+: Fix leak of ast_writestream recording_fs in
app_voicemail:leave_voicemail.
ASTERISK-24476 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4138/
........
Merged revisions 427023 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@427024 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When r426594 was made, it did not take into account a unit test that verified
that the function properly populated the unsupported buffer. The function
would previously memset the buffer if it detected it had any contents; since
this function can now be called iteratively on successive headers, the unit
tests would now fail. This patch updates the unit tests to reset the buffer
themselves between successive calls, and updates the documentation of the
function to note that this is now required.
........
Merged revisions 426858 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@426860 65c4cc65-6c06-0410-ace0-fbb531ad65f3
set_member_value has a couple leaks to references in the variable q
found through testsuite tests/queues/set_penalty. Also remove the
REF_DEBUG_ONLY_QUEUES compiler declaration, this is no longer possible
with the updated REF_DEBUG code.
ASTERISK-24466 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4125/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@426805 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In update_messages_by_imapuser(), messages were appended to a finite
array which resulted in a crash when an IMAP mailbox contained more
than 256 entries. This memory is now dynamically increased as needed.
Observe that this patch adds a bunch of XXX's to questionable code. See
the review (url below) for more information.
ASTERISK-24190 #close
Reported by: Nick Adams
Tested by: Nick Adams
Review: https://reviewboard.asterisk.org/r/4126/
........
Merged revisions 426691 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@426692 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When frames are translated by a fax gateway they need to be freed. The
existing call to ast_frfree was unreachable. This change reorganizes
fax_gateway_framehook to ensure that ast_frfree is called when needed.
ASTERISK-24457 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4115/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@426527 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When Moises committed the fixes for WSS (which was a great patch), wdoekes had
a few style nits that were on the review that got missed. This patch resolves
what I *think* were all of the ones that were still on the review.
Thanks to both moy for the patch, and wdoekes for the reviews.
Review: https://reviewboard.asterisk.org/r/3248/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@426209 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In libsrtp 1.5.0, crypto_get_random is no longer resolved simply by including
srtp.h. Now, one must include crypto_kernel.h as well. As it turns out, this
header file has been provided by the library since 2006, so this is a
relatively benign change.
ASTERISK-24436 #close
Reported by: Patrick Laimbock
........
Merged revisions 426140 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@426141 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There are two aspects to the vulnerability:
(1) res_jabber/res_xmpp use SSLv3 only. This patch updates the module to use
TLSv1+. At this time, it does not refactor res_jabber/res_xmpp to use the
TCP/TLS core, which should be done as an improvement at a latter date.
(2) The TCP/TLS core, when tlsclientmethod/sslclientmethod is left unspecified,
will default to the OpenSSL SSLv23_method. This method allows for all
encryption methods, including SSLv2/SSLv3. A MITM can exploit this by
forcing a fallback to SSLv3, which leaves the server vulnerable to POODLE.
This patch adds WARNINGS if a user uses SSLv2/SSLv3 in their configuration,
and explicitly disables SSLv2/SSLv3 if using SSLv23_method.
For TLS clients, Asterisk will default to TLSv1+ and WARN if SSLv2 or SSLv3 is
explicitly chosen. For TLS servers, Asterisk will no longer support SSLv2 or
SSLv3.
Much thanks to abelbeck for reporting the vulnerability and providing a patch
for the res_jabber/res_xmpp modules.
Review: https://reviewboard.asterisk.org/r/4096/
ASTERISK-24425 #close
Reported by: abelbeck
Tested by: abelbeck, opsmonitor, gtjoseph
patches:
asterisk-1.8-jabber-tls.patch uploaded by abelbeck (License 5903)
asterisk-11-jabber-xmpp-tls.patch uploaded by abelbeck (License 5903)
AST-2014-011-1.8.diff uploaded by mjordan (License 6283)
AST-2014-011-11.diff uploaded by mjordan (License 6283)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425986 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The outboundproxy setting is currently ignored when sending OPTIONS requests
as a result of the qualify setting. This means that if an Asterisk server is
unable to send the packet directly to a peer, it is unable to qualify any
non-inbound registered peer (e.g. a peer SIP Trunk).
This patch grabs the outboundproxy information for a peer when a qualify
attempt is being constructed and, if it finds the information, uses it
when sending the OPTIONS request.
Review: https://reviewboard.asterisk.org/r/3948
ASTERISK-24063 #close
Reported by: Damian Ivereigh
patches:
outboundproxy-dai.patch uploaded by Damian Ivereigh (License 6632)
........
Merged revisions 425818 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425819 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In the case where the ICE negotiation had not yet started current state would
get wiped when it shouldn't.
This also removes channel binding as in practice this does not work well with
other implementations.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425644 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fax gateway session objects can be re-used, causing the
same gateway session to be added to faxregistry.container
more than once. This change causes fax_session_new to
remove the reserved session from the container before
it's id is changed, ensuring it's possible for the
session to be freed.
ASTERISK-24392 #close
Reported by: Corey Farrell
Review: https://reviewboard.asterisk.org/r/4049/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425457 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The main Makefile has a target test called 'badshell' that tests if
DESTDIR does not happen to have an an-expanded tilde (~). This might
be the case if you run: make install DESTDIR=~/somewhere/
That test also disallowed valid tildes in directory names. The test is
now changed to only trigger on a tilde at the start of the path.
ASTERISK-13797 #close
Reported by: Tzafrir Cohen
Review: https://reviewboard.asterisk.org/r/4064/
........
Merged revisions 425291 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425292 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If a device re-INVITEs at the same time as the dialog is hung up, and
if then the ACK to the re-INVITE never reaches Asterisk, chan_sip would
fail to destroy the dialog after a while. This resulted in (most
prominently) file handle leaks.
(Patch reindented by me.)
ASTERISK-20784 #close
ASTERISK-15879 #close
Reported by: Torrey Searle, Nitesh Bansal
Patches:
reinvite_ack_timeout.patch uploaded by Torrey Searle (License #5334)
patch_asterisk_20784.txt uploaded by Nitesh Bansal (License #6418)
Reviewboard: https://reviewboard.asterisk.org/r/4052/
(testcase can be found at r4051)
........
Merged revisions 425068 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425069 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When starting ice if there is not at least one remote ice candidate with an RTP
component asterisk will crash. This is due to an assertion in pjnath as it
expects at least one candidate with an RTP component. Added a check to make
sure at least one candidate contains an RTP component and at least one candidate
has an RTCP component.
ASTERISK-24383 #close
Review: https://reviewboard.asterisk.org/r/4039/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@425029 65c4cc65-6c06-0410-ace0-fbb531ad65f3
On systems with lots of RAM (e.g. 24GB) /proc/sys/fs/file-max divided
by two can exceed the per-process file limit of 2^20. This patch
ensures the value is capped.
(Patch cleaned up by me.)
ASTERISK-24011 #close
Reported by: Michael Myles
Patches:
safe_asterisk-ulimit.diff uploaded by Michael Myles (License #6626)
........
Merged revisions 424875 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@424878 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The underlying library, pjnath, that res_rtp_asterisk uses for ICE
support does not have support for ICE-TCP. As candidates are
passed through directly to it this can cause error messages to occur
when it receives something unexpected (such as a TCP candidate).
This change merely ignores all non-UDP candidates so they never
reach pjnath.
ASTERISK-24326 #close
Reported by: Joshua Colp
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@424852 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If SendMessage encounters an error (such as incorrect input provided to the
action), it will currently return -1. Actions should only return -1 if the
connection to the AMI client should be closed. In this case, SendMessage
causing the client to disconnect is inappropriate.
This patch causes the action to return 0, which simply causes the action to
fail.
Review: https://reviewboard.asterisk.org/r/4024
ASTERISK-24354 #close
Reported by: Peter Katzmann
patches:
sendMessage.patch uploaded by Peter Katzmann (License 5968)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@424690 65c4cc65-6c06-0410-ace0-fbb531ad65f3
