When res_rtp_asterisk.c was altered to avoid attempting to apply
unprotect algorithms to non-audio RTP packets, the test used was
incorrect. This caused the audio packets to not be decrypted and
resulted in loud white noise on the other endpoint (or both endpoints
depending on the call legs involved). The test now properly checks the
version field in the RTP header to ensure that RTP and RTCP are
decrypted while other types of packets are not.
(closes issue ASTERISK-21323)
Reported by: andrea
Tested by: Kinsey Moore, andrea, John Bigelow
Patches:
whitenoise_fix.diff uploaded by Kinsey Moore
........
Merged revisions 384048 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@384049 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
* A "407 Proxy Authentication Required" response is sent instead of a
"401 Unauthorized" response
* The presence or absence of additional tags occurs at the end of "403
Forbidden" (such as "(Bad Auth)")
* A "401 Unauthorized" response is sent instead of "403 Forbidden" response
after a retransmission
* Retransmission are sent when a matching peer did not exist, but not when a
matching peer did exist.
This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.
This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.
(closes issue ASTERISK-21013)
Reported by: wdoekes
Tested by: wdoekes, kmoore
patches:
AST-2013-003-1.8 uploaded by kmoore, wdoekes (License 6273, 5674)
AST-2013-003-10 uploaded by kmoore, wdoekes (License 6273, 5674)
AST-2013-003-11 uploaded by kmoore, wdoekes (License 6273, 5674)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@384003 65c4cc65-6c06-0410-ace0-fbb531ad65f3
AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.
This issue was reported by Christoph Hebeisen of TELUS Security Labs
(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
AST-2013-002-10.diff uploaded by mmichelson (License 5049)
AST-2013-002-11.diff uploaded by mmichelson (License 5049)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383978 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The format attribute resource for H.264 video performs an unsafe read against a
media attribute when parsing the SDP. The value passed in with the format
attribute is not checked for its length when parsed into a fixed length buffer.
This patch resolves the vulnerability by only reading as many characters from
the SDP value as will fit into the buffer.
(closes issue ASTERISK-20901)
Reported by: Ulf Harnhammar
patches:
h264_overflow_security_patch.diff uploaded by jrose (License 6182)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383973 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r373424, several reentrancy problems in chan_sip were addressed. As a
result, the SIP channel driver is now properly locking the channel driver
private information in certain operations that it wasn't previously. This
exposed two latent problems either in register_verify or by functions called
by register_verify. This includes:
* Holding the private lock while calling sip_send_mwi_to_peer. This can create
a new sip_pvt via sip_alloc, which will obtain the channel container lock.
This is a locking inversion, as any channel related lock must be obtained
prior to obtaining the SIP channel technology private lock.
Note that this issue was already fixed in Asterisk 11.
* Holding the private lock while calling sip_poke_peer. In the same vein as
sip_send_mwi_to_peer, sip_poke_peer can create a new SIP private, causing
the same locking inversion.
Note that this locking inversion typically occured when CLI commands were run
while a SIP REGISTER request was being processed, as many CLI commands (such
as 'sip show channels', 'core show channels', etc.) have to obtain the channel
container lock.
(issue ASTERISK-21068)
Reported by: Nicolas Bouliane
(issue ASTERISK-20550)
Reported by: David Brillert
(issue ASTERISK-21314)
Reported by: Badalian Vyacheslav
(issue ASTERISK-21296)
Reported by: Gabriel Birke
........
Merged revisions 383863 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383878 65c4cc65-6c06-0410-ace0-fbb531ad65f3
r375757 attempted to resolve a race condition between multiple submissions of
CDRs while in batch mode from attempting to destroy the scheduled batch
submission by extending the batch CDR lock. Unfortunately, this causes a
deadlock between the pending CDR lock and the batch CDR lock. This patch
resolves the intent of r375757 by simply providing a new lock that protects
the scheduling of the batches. The original batch CDR lock is kept to protect
manipulation of the batch CDR settings, but has been placed such that it
is not held when the pending lock is held.
Thanks to Chase Venters for providing lock analysis on the issue.
(issue ASTERISK-21162)
Reported by: Chase Venters
........
Merged revisions 383839 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383840 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When an SLA trunk is ringing (inbound call on the trunk) Asterisk will
make outbound calls to the stations that have that trunk. If more than
one station answers the call at the same time, all channels other than
the first one to answer are left in a bad state. The channel gets
leaked, is not connected to anything, and there's no way to get rid of
it.
We now properly clean up these losing channels by hanging up on them.
Since they lost the race, as we process their answer, there is no
ringing trunk for them to answer.
........
Merged revisions 383835 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383836 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The CALLEDTON channel variable is set for incoming ISDN calls to the lower
7 bits of the Q.931 type-of-number/numbering-plan octet. The
CALLERID(dnid-num-plan) should have the same value.
(closes issue ASTERISK-21248)
Reported by: rmudgett
........
Merged revisions 383796 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383798 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A regression was accidentally introduced when allowing an optional ID to be used
when calling StopMixMonitor. When we are unable to stop MixMonitor on a
channel, -1 is being returned which triggers the hangup of the channel.
This patch restores the prior behavior by returning 0 whether we were successful
or not. It also allows the call from the manager to use the return code when
the action fails.
(closes issue ASTERISK-21294)
Reported by: daroz
Tested by: daroz
Patches:
asterisk-21294-stop_mixmonitor_hangingup.diff Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2404/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383631 65c4cc65-6c06-0410-ace0-fbb531ad65f3
AMI, HTTP, and chan_sip all support TLS in some way, but none of them
support all the options that Asterisk's TLS core is capable of
interpreting. This prevents consumers of the TLS/SSL layer from setting
TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting
the client certificate when tlsverifyclient is set. Currently, there is
no consumer of main/tcptls.c in Asterisk that supports this feature and
so it can not be properly tested.
Review: https://reviewboard.asterisk.org/r/2370/
Reported-by: John Bigelow
Patch-by: Kinsey Moore
(closes issue AST-1093)
........
Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383166 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a session timer expires during a dialog that has re-negotiated to T.38
and Asterisk is the refresher, Asterisk will send a re-INVITE with an SDP
containing audio media only. This causes some hilarity with the poor fax
session under weigh.
This patch corrects that by sending T.38 parameters if we are in the middle of
a T.38 session.
(closes issue ASTERISK-21232)
Reported by: Nitesh Bansal
patches:
dont-send-audio-reinvite-for-sess-timer-in-t38-call.patch uploaded by nbansal (License 6418)
........
Merged revisions 383124 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383125 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In certain situations, call files are not processed when using KQueue with
pbx_spool. Asterisk was sending an invalid timeout value when the spool
directory is empty, causing the call to kevent to error immediately. This
can create a tight loop, increasing the CPU load on the system.
(closes issue ASTERISK-21176)
Reported by: Carlton O'Riley
patches:
kqueue_osx.patch uploaded by coriley (License 6473)
........
Merged revisions 383120 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383121 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When retrieving the parking lots from a MySQL database table, the current order
is "filename, cat_metric desc, var_metric asc, category". If there are multiple
parking lots with the same cat_metric but different categories, everything is
being sorted on cat_metric first resulting in errors when loading the parking
lots.
This patch fixes the problem by sorting on the category field first, then the
cat_metric field.
(closes issue ASTERISK-21035)
Reported by: Alex Epshteyn
Patches:
asterisk-21035-orderby.diff Michael L. Young (license 5026)
........
Merged revisions 382942 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382943 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit updates some fields in the contributed realtime schema files to
handle IPv6 addresses.
(closes issue ASTERISK-21173)
Reported by: Torrey Searle
Patches:
realtime_sql.patch Torrey Searle (license 5334)
asterisk-21173-update-ip-fields.diff Michael L. Young (license 5026)
........
Merged revisions 382939 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382940 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In ASTERISK-17888, the AMI Registry event during SIP registrations was supposed
to include the Username field. Somehow, one of the events was missed. This
patch corrects that - the Username field should be included in all AMI Registry
events involving SIP registrations.
(issue ASTERISK-17888)
(closes issue ASTERISK-21201)
Reported by: Dmitriy Serov
patches:
chan_sip.c.diff uploaded by Dmitriy Serov (license 6479)
........
Merged revisions 382847 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382848 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this change, certain conditions for sending the message would
result in an address of '(null)' being used in the via header of the
SIP message because a NULl value of pvt->ourip was used when initially
generating the via header. This is fixed by adding a call to build_via
when the address is set before sending the message.
(closes issue ASTERISK-21148)
Reported by: Zhi Cheng
Patches:
700-sip_msg_send_via_fix.patch uploaded by Zhi Cheng (license 6475)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382739 65c4cc65-6c06-0410-ace0-fbb531ad65f3
r381835 fixed a bug in vm_mailbox_snapshot where combining INBOX and Old forgot
that Urgent also "counts" as new messages. This fixed the problem when any of
the three folders was specified and the combine option was used.
It missed the case where the folder isn't specified and we build a snapshot of
all folders. This patch corrects that.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382617 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Often, Asterisk may realize that a change in the source of an RTP stream is
about to occur and ask that the RTP engine reset it's lock on the current RTP
source. In certain scenarios, it may take awhile for the new remote system to
send RTP packets, while the old remote system may continue providing RTP during
that time period. This causes Asterisk to re-lock onto the old source, thereby
rejecting the new source when the old source stops sending RTP and the new
source begins.
This patch prevents that by having a constant secondary, 'secret' probation
mode enabled when an RTP source has been chosen. RTP packets from other sources
are always considered, but never chosen unless the current RTP source stops
sending RTP.
Review: https://reviewboard.asterisk.org/r/2364
(closes issue AST-1124)
Reported by: John Bigelow
Tested by: John Bigelow
(closes issue AST-1125)
Reported by: John Bigelow
Tested by: John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382573 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
Correct app_page documentation
The 'A' and 'n' options for Page() mention that the announcement will
be played simultaneously. This is not necessarily the case.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382514 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Several new IEs were not given types (or names), causing the comparison
function to improperly succeed. This adds those.
(closes issue AST-1128)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382390 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This fix checks to make sure that if a confbridge record start command is issued
from the CLI it will always use the file name given on the CLI even if it
changes between start/stop records for a conference. Previously it had been
reusing the same file between start/stops even if a new filename was given.
(issue AST-1088)
Reported by: John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382385 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The original report had to do with a realtime peer behind NAT being pruned and
the peer's private address being used instead of its external address. Upon
debugging, it was discovered that this was being caused by the addition of
the auto_force_rport and auto_comedia settings.
This patch does the following:
* Adds a missing note to the CHANGES file indicating that the default global nat
setting is auto_force_rport
* Constify the 'req' parameter for check_via()
* Add calls to check_via() in a couple of places in order for the auto_*
settings to do their job in attempting to determine if NAT is involved
* Set the flags SIP_NAT_FORCE_RPORT and SIP_PAGE2_SYMMETRICRTP if the auto_*
settings are in use where it was needed
* Moves the copying of peer flags up in build_peer() to before they are used;
this fixes the realtime prune issue
* Update the contrib/realtime schemas to allow the nat column to handle the
different nat setting combinations we have
This patch received a review and "Ship It!" on the issue itself.
(closes issue ASTERISK-20904)
Reported by: JoshE
Tested by: JoshE, Michael L. Young
Patches:
asterisk-20904-nat-auto-and-rt-peersv2.diff Michael L. Young (license 5026)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382322 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If the end result of the ICE negotiation resulted in the path for media
changing it was possible for the strictrtp code to discard the RTP packets.
This change causes strictrtp to enter learning mode once again when the
ICE negotiation has completed successfully.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382296 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A deadlock can occur in chan_iax2 when it attempts to set the caller ID, as it
already holds the iax2 private lock and improperly fails to obtain the channel
lock before calling ast_set_callerid. By not safely obtaining the channel lock,
a locking inversion can take place, causing a deadlock.
This patch solves this by calling the required deadlock avoidance functions
that obtain the channel lock before setting the caller ID.
Thanks to Pavel for fixing my syntax errors and testing this patch out.
(closes issue ASTERISK-21128)
Reported by: Pavel Troller
Tested by: Pavel Troller
patches:
ASTERISK-21128-1.8.diff uploaded by mjordan (license 6283)
ASTERISK-21128-modified-1.8.diff uploaded by Pavel Troller (license 6302)
........
Merged revisions 382233 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382234 65c4cc65-6c06-0410-ace0-fbb531ad65f3
For some channel drivers, specifically those that have a varying rate in the
number of audio samples, the audio quality for a MeetMe conference can be
exceedingly poor. This is due to a unilateral application of the DENOISE
function in func_speex to channels joining the conference.
The denoiser function in the speex library is initialized with the number of
audio samples in each sample that will be provided to it. If the number of
audio samples changes, the denoiser has to be thrown away and re-initialized.
While this could be worked around by removing func_speex, that doesn't help
if you actually use the denoiser with other channels on the system.
This patches does the following:
* Checks for the presence of func_speex as opposed to codec_speex when
determining if the DENOISE function is present (which is where the function
is actually implemented)
* Adds an option to MeetMe 'n' that causes the denoiser to not be applied
to a channel when it joins. This keeps the current behavior the default, but
let's users disable the denoiser if it causes problems on their system.
Review: https://reviewboard.asterisk.org/r/2358
(closes issue AST-1062)
Reported by: Thomas Arimont
........
Merged revisions 382227 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382230 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When ConfBridge was refactored to better handle the concept of marked,
wait_marked, and normal users co-existing in a conference (thereby implementing
a state machine for the conference), the wait_marked users were put into their
own list of conference participants, separate from the active users. This list
is used for wait_marked users when they are waiting in a conference but no
marked user has joined; normal users may have joined at this point however.
There are several AMI/CLI commands that affect conference users that were not
checking the wait_marked users list:
* CLI/AMI commands that mute/unmute a participant. In this case, wait_marked
users have to remain in their particular state and should not be affected -
however, the commands would return "Channel not found" as opposed to the
appropriate error condition.
* CLI/AMI commands that kick a participant. An admin should always be able to
kick a participant out of the conference.
This patch fixes both sets of commands, and cleans up the CLI commands slightly
by allowing them to complete a participant name (this was supposed to have been
added, but the function call was commented out and wasn't implemented).
Review: https://reviewboard.asterisk.org/r/2346/
(closes issue AST-1114)
Reported by: John Bigelow
Tested by: John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382068 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ConfBridge and Page require that there always be a default bridge and user
profile available. While properties of the default profiles can be overriden
in the configuration file, removing them can create situations where neither
application can function properly.
This patch ensures that if an administrator removes the profiles from the
confbridge.conf configuration file, the profiles are added upon load.
Documentation clarifying this has been added to the confbridge.conf.sample file.
Review: https://reviewboard.asterisk.org/r/2356/
(closes issue AST-1115)
Reported by: John Bigelow
Tested by: John Bigelow
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382066 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There were several problems using variadic argument macros in res_config_mysql.
* Improper use of va_end. Multiple calls to va_end were possible resulting in
an unbalanced matching of va_start/va_end.
* Calls to va_arg after a possible encounter of a SENTINEL value.
This patch corrects those errors.
(closes issue ASTERISK-19451)
Reported by: wdoekes
patches:
ASTERISK-19451-1.8--2.diff uploaded by wdoekes (License 5674)
........
Merged revisions 382021 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382022 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Somehow, chan_jingle has managed to operate for years without setting the
sin_family on its bindaddr socket. This patch properly sets the field during
initial module load to AF_INET.
Note that the patch on the issue was modified slightly to change the
initialization of the socket from allocation of a chan_jingle private to the
module initialization, as the bindaddr object (which is static) only needs to
have the address set once.
(closes issue ASTERISK-19341)
Reported by: andre valentin
patches:
0105-chan_jingle.patch uploaded by avalentin (License 6064)
........
Merged revisions 381975 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381976 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When converting AMI class authorizations to a string representation, the
method always appends the ALL class authorization. This is especially
important for events, as they should always communicate that class
authorization - even if the event itself does not specify ALL as a class
authorization for itself. (Events have always assumed that the ALL class
authorization is implied when they are raised)
Unfortunately, this did mean that specifying a user with restricted class
authorizations would show up in the 'manager show user' CLI command as
having the ALL class authorization.
Rather then modifying the existing string manipulation function, this patch
adds a function that will only return a string if the field being compared
explicitly matches class authorization field it is being compared against.
This prevents ALL from being returned unless it is actually specified for
the user.
(closes issue ASTERISK-20397)
Reported by: Johan Wilfer
........
Merged revisions 381939 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381943 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The ParkAndAnnounce application documentation for the optional return_context
parameter states the following:
return_context
The goto-style label to jump the call back into after timeout. Default
'priority+1'.
Unfortunately, the application was sending the channel back into the dialplan
at 'priority', which is the ParkAndAnnounce application call. This causes an
infinite loop of the channel constantly being parked, announced, timed out,
parked, announced, timed out... while fun, especially for those callers you
wish to drive to the end of madness, this was not the intent of the
application.
(closes issue ASTERISK-20113)
Reported by: serginuez
patches:
app_parkandannounce.diff uploaded by serginuez (License 6405)
........
Merged revisions 381916 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When IPv6 support was added to FastAGI, the intent was to have the ability to
check all addresses resolved for a host since we might receive an IPv4 address
and an IPv6 address. The problem with the current code, is that, since we are
doing O_NONBLOCK, we get EINPROGRESS when calling ast_connect() but are ignoring
this instead of handling it. We break out of the loop and continue on. When we
later call ast_poll(), it succeeds but we never check if we have a connection or
not on the socket level. We then attempt to send data to the host address that
we think is setup and it fails. We then check the errno and see that we have
"connection refused" and then return with agi failed.
This patch does the following:
* Handles EINPROGRESS by creating the function handle_connection()
- ast_poll() was moved into this function
- This function checks the results of the connection on the socket level after
calling ast_poll()
* Continues to the next address if the above fails to create a connection
* Once all addresses resolved are tried and we still are unable to establish a
connection, then we return that the FastAGI call failed
(closes issue ASTERISK-21065)
Reported by: Jeremy Kister
Tested by: Jeremy Kister, Michael L. Young
Patches:
asterisk-21065_poll_correctly_v4.diff Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2330/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381893 65c4cc65-6c06-0410-ace0-fbb531ad65f3
