When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
* A "407 Proxy Authentication Required" response is sent instead of a
"401 Unauthorized" response
* The presence or absence of additional tags occurs at the end of "403
Forbidden" (such as "(Bad Auth)")
* A "401 Unauthorized" response is sent instead of "403 Forbidden" response
after a retransmission
* Retransmission are sent when a matching peer did not exist, but not when a
matching peer did exist.
This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.
This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.
(closes issue ASTERISK-21013)
Reported by: wdoekes
Tested by: wdoekes, kmoore
patches:
AST-2013-003-1.8 uploaded by kmoore, wdoekes (License 6273, 5674)
AST-2013-003-10 uploaded by kmoore, wdoekes (License 6273, 5674)
AST-2013-003-11 uploaded by kmoore, wdoekes (License 6273, 5674)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@384003 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r373424, several reentrancy problems in chan_sip were addressed. As a
result, the SIP channel driver is now properly locking the channel driver
private information in certain operations that it wasn't previously. This
exposed two latent problems either in register_verify or by functions called
by register_verify. This includes:
* Holding the private lock while calling sip_send_mwi_to_peer. This can create
a new sip_pvt via sip_alloc, which will obtain the channel container lock.
This is a locking inversion, as any channel related lock must be obtained
prior to obtaining the SIP channel technology private lock.
Note that this issue was already fixed in Asterisk 11.
* Holding the private lock while calling sip_poke_peer. In the same vein as
sip_send_mwi_to_peer, sip_poke_peer can create a new SIP private, causing
the same locking inversion.
Note that this locking inversion typically occured when CLI commands were run
while a SIP REGISTER request was being processed, as many CLI commands (such
as 'sip show channels', 'core show channels', etc.) have to obtain the channel
container lock.
(issue ASTERISK-21068)
Reported by: Nicolas Bouliane
(issue ASTERISK-20550)
Reported by: David Brillert
(issue ASTERISK-21314)
Reported by: Badalian Vyacheslav
(issue ASTERISK-21296)
Reported by: Gabriel Birke
........
Merged revisions 383863 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383878 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The CALLEDTON channel variable is set for incoming ISDN calls to the lower
7 bits of the Q.931 type-of-number/numbering-plan octet. The
CALLERID(dnid-num-plan) should have the same value.
(closes issue ASTERISK-21248)
Reported by: rmudgett
........
Merged revisions 383796 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383798 65c4cc65-6c06-0410-ace0-fbb531ad65f3
AMI, HTTP, and chan_sip all support TLS in some way, but none of them
support all the options that Asterisk's TLS core is capable of
interpreting. This prevents consumers of the TLS/SSL layer from setting
TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting
the client certificate when tlsverifyclient is set. Currently, there is
no consumer of main/tcptls.c in Asterisk that supports this feature and
so it can not be properly tested.
Review: https://reviewboard.asterisk.org/r/2370/
Reported-by: John Bigelow
Patch-by: Kinsey Moore
(closes issue AST-1093)
........
Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383166 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a session timer expires during a dialog that has re-negotiated to T.38
and Asterisk is the refresher, Asterisk will send a re-INVITE with an SDP
containing audio media only. This causes some hilarity with the poor fax
session under weigh.
This patch corrects that by sending T.38 parameters if we are in the middle of
a T.38 session.
(closes issue ASTERISK-21232)
Reported by: Nitesh Bansal
patches:
dont-send-audio-reinvite-for-sess-timer-in-t38-call.patch uploaded by nbansal (License 6418)
........
Merged revisions 383124 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383125 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In ASTERISK-17888, the AMI Registry event during SIP registrations was supposed
to include the Username field. Somehow, one of the events was missed. This
patch corrects that - the Username field should be included in all AMI Registry
events involving SIP registrations.
(issue ASTERISK-17888)
(closes issue ASTERISK-21201)
Reported by: Dmitriy Serov
patches:
chan_sip.c.diff uploaded by Dmitriy Serov (license 6479)
........
Merged revisions 382847 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382848 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this change, certain conditions for sending the message would
result in an address of '(null)' being used in the via header of the
SIP message because a NULl value of pvt->ourip was used when initially
generating the via header. This is fixed by adding a call to build_via
when the address is set before sending the message.
(closes issue ASTERISK-21148)
Reported by: Zhi Cheng
Patches:
700-sip_msg_send_via_fix.patch uploaded by Zhi Cheng (license 6475)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382739 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The original report had to do with a realtime peer behind NAT being pruned and
the peer's private address being used instead of its external address. Upon
debugging, it was discovered that this was being caused by the addition of
the auto_force_rport and auto_comedia settings.
This patch does the following:
* Adds a missing note to the CHANGES file indicating that the default global nat
setting is auto_force_rport
* Constify the 'req' parameter for check_via()
* Add calls to check_via() in a couple of places in order for the auto_*
settings to do their job in attempting to determine if NAT is involved
* Set the flags SIP_NAT_FORCE_RPORT and SIP_PAGE2_SYMMETRICRTP if the auto_*
settings are in use where it was needed
* Moves the copying of peer flags up in build_peer() to before they are used;
this fixes the realtime prune issue
* Update the contrib/realtime schemas to allow the nat column to handle the
different nat setting combinations we have
This patch received a review and "Ship It!" on the issue itself.
(closes issue ASTERISK-20904)
Reported by: JoshE
Tested by: JoshE, Michael L. Young
Patches:
asterisk-20904-nat-auto-and-rt-peersv2.diff Michael L. Young (license 5026)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382322 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A deadlock can occur in chan_iax2 when it attempts to set the caller ID, as it
already holds the iax2 private lock and improperly fails to obtain the channel
lock before calling ast_set_callerid. By not safely obtaining the channel lock,
a locking inversion can take place, causing a deadlock.
This patch solves this by calling the required deadlock avoidance functions
that obtain the channel lock before setting the caller ID.
Thanks to Pavel for fixing my syntax errors and testing this patch out.
(closes issue ASTERISK-21128)
Reported by: Pavel Troller
Tested by: Pavel Troller
patches:
ASTERISK-21128-1.8.diff uploaded by mjordan (license 6283)
ASTERISK-21128-modified-1.8.diff uploaded by Pavel Troller (license 6302)
........
Merged revisions 382233 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382234 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Somehow, chan_jingle has managed to operate for years without setting the
sin_family on its bindaddr socket. This patch properly sets the field during
initial module load to AF_INET.
Note that the patch on the issue was modified slightly to change the
initialization of the socket from allocation of a chan_jingle private to the
module initialization, as the bindaddr object (which is static) only needs to
have the address set once.
(closes issue ASTERISK-19341)
Reported by: andre valentin
patches:
0105-chan_jingle.patch uploaded by avalentin (License 6064)
........
Merged revisions 381975 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381976 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Previously, presencestate information was sent whenever the state was not
NOT_SET. When r381594 actually returned INVALID presence state in all the
places it was supposed to, it caused chan_sip to start adding presence
state information to NOTIFY requests that it previously would not have
added. chan_sip shouldn't be adding presence state information when the
provider is in an invalid state; users can't set the state to invalid and
an invalid state always implies that the provider is in an error condition.
(issue AST-1084)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381613 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Reference counting for the channel and its tech_pvt got messed up at
some point between 1.8 and 11. The result was that if a BYE for a dialog
that had been replaced (via an INVITE with Replaces) was received, Asterisk
would crash due to trying to access data on a channel that was no longer there.
The fix I introduced is to remove code that both unrefs the sip_pvt and sets
the channel's tech_pvt to NULL when an INVITE with Replaces is handled. This
way when a BYE is received, the tech_pvt will be non-NULL and so the BYE can
be processed and not cause a crash.
(closes issue ASTERISK-20929)
reported by Kristopher Lalletti
patches:
ASTERISK-20929.patch uploaded by Mark Michelson (License #5049)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381566 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Some bad copy/pasting resulted in using the audio crypto attribute for both
text and video RTP. Also the audio crypto isn't set until after these, so it
was really just bad all around.
(closes ASTERISK-20905)
Reported by: Kristopher Lalletti
patches:
rtp_crypto_video_text.diff uploaded by Jonathan Rose (license 6182)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381553 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When sip_ref_peer and sip_unref_peer were exported to be usable in
channels/sip/security_events.c, modifications to those functions when
building under REF_DEBUG were not taken into account. This change
moves the necessary defines into sip.h to make them accessible to
other parts of chan_sip that need them.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381282 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When I added my extensive suite of session timer unit tests, apparently one of
them was failing and I never noticed. If neither Min-SE nor Session-Expires is
set in the header, it was responding with a Session-Expires of the global
maxmimum instead of the configured max for the endpoint.
(issue ASTERISK-20787)
........
Merged revisions 380973 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380974 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Patch ensures that d->activeline and l->activesub are moved over to the
new device and line so that on callend the appropriate subs can be found
to complete hangup before device resets.
(closes issue ASTERISK-16610)
Reported by: wedhorn
Tested by: snuffy, myself
Patches:
skinny-reloadactive01.diff uploaded by wedhorn (license 5019)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380942 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Make skinny reset vmexten '\0' on reload to ensure that
it is set to '\0' if the appropriate item is removed/commented in
skinny.conf. part of ASTERISK-21037
Reported by: snuffy
Tested by: snuffy, myself
Patches:
part of immed_dial_fix.diff uploaded by snuffy (license 5024)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380926 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Previously, Asterisk only processed session timer information if both the
'Supported: timer' and 'Session-Expires' headers were present. However, the
Session-Expires header is optional. If we were to receive a request with a
Min-SE greater than our configured session-expires, we would respond with a
'Session-Expires' header that was too small.
This patch cleans the situation up a bit, always processing timer information
if the 'Supported: timer' header is present.
(closes issue ASTERISK-20787)
Reported by: Mark Michelson
Review: https://reviewboard.asterisk.org/r/2299/
........
Merged revisions 380696 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380698 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A user in #asterisk ran into a problem where a configuration error prevented
the chan_sip module from being loaded. Upon fixing their configuratione error,
they could no longer load the chan_sip module. This was because the
configuration checking happened after the SIP provider was registered with the
Asterisk core, and subsequent attempts to load the SIP module failed as the
provider was already registered.
Since we want to detect any failure in registering chan_sip as early as
possible (as that could be emblematic of a deeper mismatch between module
and Asterisk core), this patch does not change the registration location, but
does ensure that if a module load is declined, we unregister the module as
the SIP api provider.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380480 65c4cc65-6c06-0410-ace0-fbb531ad65f3
RFC5347 section 2.5.2 states the following:
...
The attribute "T38MaxBitRate" was once incorrectly registered with
IANA as "T38maxBitRate" (lower-case "m"). In accordance with T.38
examples and common implementation practice, the form "T38MaxBitRate"
SHOULD be generated by implementations conforming to this package.
In general, it is RECOMMENDED that implementations of this package
accept lowercase, uppercase, and mixed upper/lowercase encodings of
all the T.38 attributes.
...
Asterisk currently does not perform case insensitive matching on the T.38
attributes. This causes the T38MaxBitRate attribute to be negotiated at
2400 baud instead of 14400 (or whatever value you actually wanted).
This patch makes it so that when we compare T.38 attributes, we do so in a case
insensitive fashion.
Note that while the issue reporter did not directly write the patch, they
contributed to it (and would have provided one themselves if the license had
gone through a tad faster), and hence get attribution for it.
Review: https://reviewboard.asterisk.org/r/2298/
(closes issue ASTERISK-20897)
Reported by: Eric Hill
Tested by: Eric Hill
patches:
-- uploaded by Eric Hill
........
Merged revisions 380458 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380465 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Multiple channels logging in as the same agent can result in dead channels
waiting for a condition signal that will never come because another
channel thread stole it. A symptom is chan_sip repeatedly generating
warning messages about rescheduling autodestruction of dialogs with an
agent channel owner.
* Made only login_exec() (the app AgentLogin) clear the agent_pvt->chan
pointer to prevent multiple channels from logging in as the same agent.
agent_read(), agent_call(), and agent_set_base_channel() no longer
disconnect the agent channel from the agent_pvt. This also eliminates the
need to keep checking for agent_pvt->chan being NULL.
* Made agent_hangup() not wake up the AgentLogin agent thread until it is
done.
* Made agent_request() not able to get the agent until he has logged in
and any wrapup time has expired.
* Made agent_request() use ast_hangup() instead of agent_hangup() to
correctly dispose of a channel.
* Removed agent_set_base_channel(). Nobody calls it and it is a bad thing
in general.
* Made only agent_devicestate() determine the current device state of an
agent. Note: Agent group device states have never been supported.
Review: https://reviewboard.asterisk.org/r/2260/
........
Merged revisions 380364 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380384 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The original fix (r380043) for getting Asterisk to respond with the correct
tag overlooked some corner cases, and the fact that the same code is in 1.8.
This patch moves the building of the crypto line out of
sdp_crypto_process(). Instead, it merely copies the accepted tag. The call to
sdp_crypto_offer() will build the crypto line in all cases now, using a tag of
"1" in the case of sending offers.
(closes issue ASTERISK-20849)
Reported by: José Luis Millán
Review: https://reviewboard.asterisk.org/r/2295/
........
Merged revisions 380347 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380350 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r369028, chan_sip's processing of media streams in an SDP was modified to
better handle multiple offered media streams. Part of that change modified
how streams were declined. Previously, declined media streams were not
handled in an RFC compliant manner; now, we set the port number to 0 in the
media stream definition and proceed on with the next media stream.
Unfortunately, the formatting of the declined media stream forgot to append a
'\r\n' to the end of the media stream. This is normally added to the accepted
media streams later on in the processing of the SDP. Since the declined media
stream uses a different buffer than the accepted media streams (and is a
malloc'd buffer as opposed to a struct ast_str), it's easier to just slap the
'\r\n' on the declined media stream buffer rather than attempt to append it
later on.
So, that's what we do. And now some devices (and probably some providers) will
be a bit happier (but probably not terribly happy, since we just rejected
something they offered).
Review: https://reviewboard.asterisk.org/r/2297/
(closes issue ASTERISK-20908)
Reported by: Dennis DeDonatis
Tested by: Dennis DeDonatis
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380331 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When Asterisk responds with an SDP ANSWER for SRTP, it had the code to
correctly fill in the crypto data, which was overwritten by a call to
sdp_crypto_offer. Corrected the situation by changing sdp_crypto_offer
to not replacing crypto data if it already exists.
(closes issue ASTERISK-20849)
Reported by: José Luis Millán
Tested by: Iñaki Baz Castillo
Patches:
fix_sdp_crypto_tags.diff uploaded by Pedro Kiefer (license 6407)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380043 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Generate a warning message if sound files do not exist when trying to
play the user count to the conference. Use the new helper routine
sound_file_exists() for consistency.
* Put the new user into autoservice when playing user counts to the
conference.
* Check the return value of ast_bridge_impart().
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379808 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Skinny device call logging (ie missed, place and received calls) has issues
because the incorrect sequence of callstates is/can be sent to the device.
This patch removes some extra callstate updates driven by forces external
to skinny and ensures the needed intermediary callstate messages are sent.
(closes issue ASTERISK-20964)
Reported by: wedhorn
Tested by: snuffy, myself
Patches:
ast11-skinny-calllog01.diff uploaded by wedhorn (license 5019)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379677 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Record-Route parsing copied the header into a char[256] array, which can
be a problem if the header is longer than that. This patch parses the
header in place, without the copy, avoiding the issue.
In addition to the original patch, I added a unit test for the new
get_in_brackets_const function.
(closes issue ASTERISK-20837)
Reported by: Corey Farrell
Patches:
chan_sip-build_route-optimized-rev1.patch uploaded by Corey Farrell (license 5909)
(with minor changes by dlee)
........
Merged revisions 379392 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379393 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The chan_misdn channel driver will send a channel with an invalid destination
to the 'i' extension itself if said extension can be reached. It forgot,
however, to set the INVALID_EXTEN channel variable when it bounces the channel
to this extension. Dialplan writers everywhere moaned at yet another
inconsistency.
This is yet another example of why duplicating logic in multiple places results
in bugs that stick around in Jira for just under three years.
Yes: ASTERISK-15456 was created on January 18th, 2010. Patch committed on
January 15th, 2013. Ouch.
(closes issue ASTERISK-15456)
Reported by: Thomas Omerzu
patches:
chan_misdn_invalid.patch2 uploaded by Thomas Omerzu (license 5927)
........
Merged revisions 379145 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379146 65c4cc65-6c06-0410-ace0-fbb531ad65f3
XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
(closes issue ABE-2902)
Reported by: Guenther Kelleter
Tested by: Guenther Kelleter
Review: http://reviewboard.digium.internal/r/365/
........
Merged revision 378919 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
........
Merged revisions 378933 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378934 65c4cc65-6c06-0410-ace0-fbb531ad65f3
On a multihomed server when sending a NOTIFY message, we were not figuring out
which network should be used to contact the peer.
This patch fixes the problem by calling ast_sip_ouraddrfor() and then
build_via() so that our NOTIFY message contains the correct IP address.
Also, a debug message is being added to help follow the call-id changes that
occur. This was helpful for confirming that the IP address was set properly
since the call-id contains the IP address. It also will be helpful for
troubleshooting purposes when following a call in the debug logs.
(closes issue ASTERISK-20805)
Reported by: Bryan Hunt
Tested by: Bryan Hunt, Michael L. Young
Patches:
asterisk-20805-notify-ip-v2.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2255/
........
Merged revisions 378554 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378559 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Made agent_cont_sleep() and agent_ack_sleep() stop waiting if the wrapup
time expires. agent_cont_sleep() had tried but returned the wrong value
to stop waiting.
* Made agent_ack_sleep() take a struct agent_pvt pointer instead of a void
pointer for better type safety.
........
Merged revisions 378486 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378487 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix off-nominal path resource cleanup in agent_request().
* Create agent_pvt_destroy() to eliminate inlined versions in many places.
* Pull invariant code out of loop in add_agent().
* Remove redundant module user references in login_exec().
* Remove unused struct agent_pvt logincallerid[] member.
* Remove some redundant code in agent_request().
........
Merged revisions 378456 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378457 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
event-cachability-3.diff uploaded by jcolp (license 5000)
........
Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378320 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378321 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.
This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
* For SIP, the allocation now has an upper limit
* For HTTP, the allocation is now a heap allocation instead of a stack
allocation
* For XMPP (in res_jabber), the allocation has been eliminated since it was
unnecesary.
Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.
(issue ASTERISK-20658)
Reported by: wdoekes, Brandon Edwards
Tested by: mmichelson, wdoekes
patches:
ASTERISK-20658_res_jabber.c.patch uploaded by mmichelson (license 5049)
issueA20658_http_postvars_use_malloc2.patch uploaded by wdoekes (license 5674)
issueA20658_limit_sip_packet_size3.patch uploaded by wdoekes (license 5674)
........
Merged revisions 378269 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378286 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378287 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fixup the vmexten so if globally set in general section will be honored by
chan_skinny. Also get rid of the 'global_' part of variable name to match
regexten.
(closes issue ASTERISK-20790)
Reported by: snuffy
Tested by: snuffy, myself
Patches:
skinny-vm.diff uploaded by snuffy (license 5024)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378010 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Review the syntax of the 'skinny debug' command to show more than
just 'show' for options to 'skinny debug' command.
(closes issue ASTERISK-20789)
Reported by: snuffy
Tested by: snuffy, myself
Patches:
skinny-debug.diff uploaded by snuffy (license 5024)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377985 65c4cc65-6c06-0410-ace0-fbb531ad65f3
