When Asterisk receives a 200 OK in response to an invite, that peer should have
sent an SDP at some point by then. If the channel has never received an SDP,
media won't have been set and the remote address won't be known. Endpoints in
general should not be doing this. This patch makes it so that Asterisk will
simply hang up a call if it sends a 200 OK at this point. So far this odd
behavior for endpoints has only been observed in tests which involved manually
created SIP transactions in SIPp.
(closes issue ASTERISK-22424)
Reported by: Jonathan Rose
Review: https://reviewboard.asterisk.org/r/2827/
........
Merged revisions 399939 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@399962 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The PRI and SS7 link control threads are not stopped correctly when the
chan_dahdi.so module is unloaded. The link control threads pri_dchannel()
and ss7_linkset() are not awakened from a poll() to cancel the thread.
* Added a SIGURG signal after requesting the thread cancel to break the
link control thread poll() immediately.
For SS7 it was slightly worse, the link poll() timeout would always be
whatever was the last libss7 scheduled event time used. If no libss7
scheduled event was pending, the thread could run more often than
necessary.
* Set nextms to 60 seconds for the ss7_linkset() poll() if there is no
other libss7 scheduled event.
........
Merged revisions 399818 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@399834 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1st Issue
When a realtime peer sends an un-REGISTER request, Asterisk
un-registers the peer but the database table record still has regseconds and
fullcontact for the peer. This results in calls attempting to be routed to the
peer which is no longer registered. The expected behavior is to get
busy/congested when attempting to call an un-registered peer through the
dialplan.
What was discovered is that we are clearing out the peer's registration in the
database in parse_register_contact() when calling expire_register() but then
upon returning from parse_register_contact(), update_peer() is run which stores
back in the database table regseconds and fullcontact.
2nd Issue
The reporter pointed out that the 200 ok being returned by Asterisk
after un-registering a peer contains a Contact header with ;expires= and the
Expires header is not set to 0. This is actually a regression.
Tests were created for this second issue (ASTERISK-22548). The tests have been
reviewed and a Ship It! was received on those tests.
This patch does the following:
* Do not ignore the Expires header value even when it is set to 0. The patch
sets the pvt->expiry earlier on in the function so that it is set properly and
used.
* If pvt->expiry is 0, do not call update_peer since that means the peer has
already been un-registered and there is no need to update the database record
again since nothing has changed.
(closes issue ASTERISK-22428)
Reported by: Ben Smithurst
Tested by: Ben Smithurst, Michael L. Young
Patches:
asterisk-22428-rt-peer-update-and-expires-header.diff
by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2869/
........
Merged revisions 399794 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@399795 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this patch, Asterisk would incorrectly use the previous endpoint
addresses in SDP in spite of providing its own port. T38 is never meant to
be done through directmedia and Asterisk should always be in the media path
for these streams.
(closes issue ASTERISK-17273)
Reported by: Kevin Stewart
(closes issue ASTERISK-18706)
Reported by: Jeremy Kister
Review: https://reviewboard.asterisk.org/r/2853/
........
Merged revisions 399456 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@399457 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a new IAX2 client registers, the astdb database is updated with the
value of minregexpire defined in iax.conf instead of using the expiry time
that is provided by the client. The provided expiry time of the client is
updated after inserting the astdb entry. As a consequence, restarting or
reloading asterisk creates clients whose registration may expire before
they reregister. The clients are therefore unavailable after minregexpire
seconds until they reregister.
* Move updating of the expiry time to before inserting into the astdb.
(closes issue ASTERISK-22504)
Reported by: Stefan Wachtler
Patches:
chan_iax2.c.patch (license #6533) patch uploaded by Stefan Wachtler
........
Merged revisions 399158 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@399159 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If we receive a 200 OK without SDP, we will now check to see if
the remote address has been established for that channel's RTP
session and if the to tag for that channel has changed from
the most recent to tag in a response less than 200.
If either a change has been made since the last to-tag was
received or the remote address is unset, then we will drop
the call.
(closes issue ASTERISK-22424)
Reported by: Jonathan Rose
Review: https://reviewboard.asterisk.org/r/2827/diff/#index_header
........
Merged revisions 398835 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@398836 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This fixes the things in chan_h323 that were missed or ignored in the
great channel opaquification and gets chan_h323 back into a compiling
state.
(closes issue ASTERISK-22365)
Reported by: Dmitry Melekhov
Patches:
chan_h323.patch uploaded by Dmitry Melekhov
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@398510 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix stray reference to idle_list in cleanup_thread_list(). This may be
the reason for the note in iax2_process_thread() about threads not being
removed from the task lists.
* Move cleanup_thread_list(&idle_list) to after the other lists are
cleaned up.
........
Merged revisions 398416 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@398417 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix bridgecallno deadlock avoidance. When doing deadlock avoidance, you
need to retest the status of values for each loop to see if you still need
the lock for bridgecallno.
* As a safety check, after acquiring the bridgecallno lock you should
check if iaxs[bridgecallno] is NULL just like the current callno checks.
* Move setting thread->iostate to IAX_IOSTATE_IDLE to after processing any
deferred frames to ensure that the iostate is IDLE when it is placed back
into the idle list. defer_full_frame() tries to ensure
iax2_process_thread() wakes up to process the frame.
........
Merged revisions 398379 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@398380 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fix the misdn debug output to remote consoles. chan_misdn uses
ast_console_puts() which doesn't know about verbose levels. Better to use
ast_verbose() instead. Without this patch the misdn debug messages are
appended to the verbose level which ever was set by the message sent to
the console before, i.e. any undefined level.
(closes issue AST-1218)
Reported by: Guenther Kelleter
Patches:
misdnlog.patch (license #6372) patch uploaded by Guenther Kelleter
........
Merged revisions 398235 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@398236 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Refactored cases where a combination of ast_verbose/options_verbose were
present. Also in general tried to eliminate, in as many places as possible,
where the options_verbose global variable was being used. Refactored the way
local and remote consoles handle verbose message logging in an attempt to
solve the various discrepancies that sometimes would show between the two.
(closes issue AST-1193)
Reported by: Guenther Kelleter
Review: https://reviewboard.asterisk.org/r/2798/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397948 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If the SIP channel driver processes an invalid SDP that defines media
descriptions before connection information, it may attempt to reference
the socket address information even though that information has not yet
been set. This will cause a crash.
This patch adds checks when handling the various media descriptions that
ensures the media descriptions are handled only if we have connection
information suitable for that media.
Thanks to Walter Doekes, OSSO B.V., for reporting, testing, and providing
the solution to this problem.
(closes issue ASTERISK-22007)
Reported by: wdoekes
Tested by: wdoekes
patches:
issueA22007_sdp_without_c_death.patch uploaded by wdoekes (License 5674)
........
Merged revisions 397756 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 397757 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397758 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A remote exploitable crash vulnerability exists in the SIP channel driver if an
ACK with SDP is received after the channel has been terminated. The handling
code incorrectly assumed that the channel would always be present.
This patch adds a check such that the SDP will only be parsed and applied if
Asterisk has a channel present that is associated with the dialog.
Note that the patch being applied was modified only slightly from the patch
provided by Walter Doekes of OSSO B.V.
(closes issue ASTERISK-21064)
Reported by: Colin Cuthbertson
Tested by: wdoekes, Colin Cutherbertson
patches:
issueA21064_fix.patch uploaded by wdoekes (License 5674)
........
Merged revisions 397710 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 397711 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397712 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Review https://reviewboard.asterisk.org/r/2580/ tried to fix the mismatch
in memory pools but had a math error determining the buffer size and
didn't address other similar memory pool mismatches.
* Effectively reverted the previous patch to go in the same direction as
trunk for the returned memory pool of ast_bt_get_symbols().
* Fixed memory leak in ast_bt_get_symbols() when BETTER_BACKTRACES is
defined.
* Fixed some formatting in ast_bt_get_symbols().
* Fixed sig_pri.c freeing memory allocated by libpri when MALLOC_DEBUG is
enabled.
* Fixed __dump_backtrace() freeing memory from ast_bt_get_symbols() when
MALLOC_DEBUG is enabled.
* Moved __dump_backtrace() because of compile issues with the utils
directory.
(closes issue ASTERISK-22221)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2778/
........
Merged revisions 397525 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397528 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If a From header on an outbound out-of-call SIP MESSAGE were
malformed, the result could crash Asterisk.
In addition, if a From header on an incoming out-of-call SIP
MESSAGE request were malformed, the message was happily accepted
rather than being rejected up front. The incoming message path
would not result in a crash, but the behavior was bad nonetheless.
(closes issue ASTERISK-22185)
reported by Zhang Lei
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397254 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In 1.8, r384779 introduced a regression by retrieving an old dialog and keeping
the old recv address since recv was already set. This has caused a problem when
a proxy is involved since responses to incoming requests from the proxy server,
after an outbound call is established, are never sent to the correct recv
address.
In 11, r382322 introduced this regression.
The fix is to revert that change and always store the recv address on incoming
requests.
Thank you Walter Doekes for helping to point out this error and Mark Michelson
for your input/review of the fix.
(closes issue ASTERISK-22071)
Reported by: Alex Zarubin
Tested by: Alex Zarubin, Karsten Wemheuer
Patches:
asterisk-22071-store-recvd-address.diff by Michael L. Young (license 5026)
........
Merged revisions 397204 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@397205 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If a peer is used in a register line and TLS is defined as the transport, the
registration fails since the transport on the dialog is never set properly
resulting in UDP being used instead of TLS.
This patch sets the dialog's transport based on the transport that was defined
in the register line. If the register line does not specify a transport, the
parsing function for the register line always defaults back to UDP.
(closes issue ASTERISK-21964)
Reported by: Doug Bailey
Tested by: Doug Bailey
Patches:
asterisk-21964-set-reg-dialog-transport.diff
by Michael L. Young (license 5026)
........
Merged revisions 396240 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@396248 65c4cc65-6c06-0410-ace0-fbb531ad65f3
from mixing different variants or general MFC-R2 settings within the same E1 line.
Most users do not have a problem with this since MFC-R2 lines are usually fractional E1s, or
the whole E1 has the same country variant and R2 settings.
In Venezuela however is common to have inbound MFC-R2 and outbound DTMF-R2 within the same E1.
This fix now properly parses the chan_dahdi.conf file to generate a new openr2 context every
time a new channel => section is found and the configuration was changed.
(closes issue ASTERISK-21117)
Reported by: Rafael Angulo
Related Elastix issue: http://bugs.elastix.org/view.php?id=1612
........
Merged revisions 394106 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@394173 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch fixes the following memory leaks:
* http.c: The structure containing the addresses to bind to was not being
deallocated when no longer used
* named_acl.c: The global configuration information was not disposed of
* config_options.c: An invalid read was occurring for certain option types.
* res_calendar.c: The loaded calendars on module unload were not being
properly disposed of.
* chan_motif.c: The format capabilities needed to be disposed of on module
unload. In addition, this now specifies the default options for the
maxpayloads and maxicecandidates in such a way that it doesn't cause the
invalid read in config_options.c to occur.
(issue ASTERISK-21906)
Reported by: John Hardin
patches:
http.patch uploaded by jhardin (license 6512)
named_acl.patch uploaded by jhardin (license 6512)
config_options.patch uploaded by jhardin (license 6512)
res_calendar.patch uploaded by jhardin (license 6512)
chan_motif.patch uploaded by jhardin (license 6512)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@392810 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1). When touching the bridgecallno, we need to lock it.
2). stop_stuff() which calls iax2_destroy_helper()
Assumes the lock on the pvt is already held, when iax2_destroy_helper() is called.
Thus we need to lock the bridgecallno pvt before we call stop_stuff(iaxs[fr->callno]->bridgecallno);
3). When evaluating the state of 'callno->transferring' of the current leg,
we can't change it to READY unless the bridgecallno is locked.
Why, if we are interrupted by the other call leg before 'transferring = TRANSFER_RELEASED',
the interrupt will find that it is READY and that the bridgecallno is also READY so Releases the legs.
(closes issue ASTERISK-21409)
Reported by: alecdavis
Tested by: alecdavis
alecdavis (license 585)
Review https://reviewboard.asterisk.org/r/2594/
........
Merged revisions 391062 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@391063 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The prior code committed, r385473, failed to take into consideration that not
all outgoing calls will be to a peer. My fault.
This patch does the following:
* Check if there is a related peer involved. If there is, check and set NAT
settings according to the peer's settings.
* Fix a problem with realtime peers. If the global setting has auto_force_rport
set and we issued a "sip reload" while a peer is still registered, the peer's
flags for NAT are reset to off. When this happens, we were always setting the
contact address of the peer to that of the full contact info that we had.
(closes issue ASTERISK-21374)
Reported by: jmls
Tested by: Michael L. Young
Patches:
asterisk-21374-fix-crash-and-rt-peers.diff by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2524/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@388601 65c4cc65-6c06-0410-ace0-fbb531ad65f3
RFC6665 4.2.2: ... after a failed State NOTIFY transaction remove the subscription
The problem is that the State Notify requests rely on the 200OK reponse for pacing control
and to not confuse the notify susbsystem.
The issue is, the pendinginvite isn't cleared if a response isn't received,
thus further notify's are never sent.
The solution, follow RFC 6665 4.2.2's 'SHOULD' and remove the subscription after failure.
(closes issue ASTERISK-21677)
Reported by: Dan Martens
Tested by: Dan Martens, David Brillert, alecdavis
alecdavis (license 585)
Review https://reviewboard.asterisk.org/r/2475/
........
Merged revisions 387875 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@387880 65c4cc65-6c06-0410-ace0-fbb531ad65f3
RFC 4028 Section 10
if the side not performing refreshes does not receive a
session refresh request before the session expiration, it SHOULD send
a BYE to terminate the session, slightly before the session
expiration. The minimum of 32 seconds and one third of the session
interval is RECOMMENDED.
Prior to this asterisk would refresh at 1/2 the Session-Expires interval,
or if the remote device was the refresher, asterisk would timeout at interval end.
Now, when not refresher, timeout as per RFC noted above.
(closes issue ASTERISK-21742)
Reported by: alecdavis
Tested by: alecdavis
alecdavis (license 585)
Review https://reviewboard.asterisk.org/r/2488/
........
Merged revisions 387344 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@387345 65c4cc65-6c06-0410-ace0-fbb531ad65f3
RFC 4028 Section 7.2
"UACs MUST be prepared to receive a Session-Expires header field in a
response, even if none were present in the request."
What changed
After ASTERISK-20787, inbound calls to asterisk with no Session-Expires in the INVITE are now are offered
a Session-Expires (1800 asterisk default) in the response, with asterisk as the refresher.
Symptom:
After 900 seconds (asterisk default refresher period 1800), asterisk RE-INVITEs the device, the device
may respond with a much lower Session-Expires (180 in our case) value that it is now using.
Asterisk ignores this response, as it's deemed both an INBOUND CALL, and a RE-INVITE.
After 180 seconds the device times out and sends BYE (hangs up), asterisk is still working with the
refresher period of 1800 as it ignored the 'Session Expires: 180' in the previous 200OK response.
Fix:
handle_response_invite() when 200OK, remove check for outbound and reinvite.
(closes issue ASTERISK-21664)
Reported by: alecdavis
Tested by: alecdavis
alecdavis (license 585)
Review https://reviewboard.asterisk.org/r/2463/
........
Merged revisions 387312 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@387319 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When you have lots of SIP peers (according to the issue reporter, around 3500),
the 'sip show peers' CLI command or AMI action can crash due to a poorly placed
string duplication that occurs on the stack. This patch refactors the command
to not allocate the string on the stack, and handles the formatting of a single
peer in a separate function call.
(closes issue ASTERISK-21466)
Reported by: Guillaume Knispel
patches:
fix_sip_show_peers_stack_overflow_asterisk_11.3.0-v2.patch uploaded by gknispel (License 6492)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@387134 65c4cc65-6c06-0410-ace0-fbb531ad65f3
