Due to use in res_rtp_asterisk there is a need to be able to apply an
ACL without logging any invalid/denies. It's probably sensible to at
least validate the ACL once directly after load and report invalid ACLs.
Change-Id: I256169229d945ca7c1bbf228fc492d91df345843
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
add missing argument "rtt" and "status" to the documentation
The change to the dtd file allow an enumlist to contain one or many
configOptionToEnum or enum.
This is different from the previous patch I submitted when you could have a
configOptionToEnum or (a configOptionToEnum followed by one or manu enums) or
(one or many enums)
ASTERISK-28626
Change-Id: Ia71743ee7ec813f40297b0ddefeee7909db63b6d
This reverts commit 7e3015d779.
Reason for revert: Regression in XML validation.
validity error : Content model of enumlist is not determinist:
(configOptionToEnum | (configOptionToEnum , enum+) | enum+)
As we are preparing to do releases and this is not critical
I am reverting this for now until resolved.
Change-Id: I30c2295f9d7f0a0475674ee77071a7ebabf5b83f
RFC3261 Section 10 "Registrations", specifically paragraph
"10.2.4: Refreshing Bindings", states that a user agent compares
each contact address (in a 200 REGISTER response) to see if it
created the contact. If the Asterisk endpoint has the
rewrite_contact option set however, the contact host and port sent
back in the 200 response will be the rewritten one and not the
one sent by the user agent. This prevents the user agent from
matching its own contact. Some user agents get very upset when
this happens and will not consider the registration successful.
While this is rare, it is acceptable behavior especially if more
than 1 user agent is allowed to register to a single endpoint/aor.
This commit updates res_pjsip_nat (where rewrite_contact is
implemented) to store the original incoming Contact header in
a new "x-ast-orig-host" URI parameter before rewriting it, and to
restore the original host and port to the Contact headers in the
outgoing response.
This is only done if the request is a REGISTER and rewrite_contact
is enabled.
pjsip_message_filter was also updated to ensure that if a request
comes in with any existing x-ast-* URI parameters, we remove them
so they don't conflict. Asterisk will never send a request
with those headers in it but someone might just decide to add them
to a request they craft and send to Asterisk.
NOTE: If a device changes its contact address and registers again,
it's a NEW registration. If the device didn't unregister the
original registration then all existing behavior based
on aor/remove_existing and aor/max_contacts apply.
ASTERISK-28502
Reported-by: Ross Beer
Change-Id: Idc263ad2d2d7bd8faa047e5804d96a5fe1cd282e
The simple fix here is simply to NULL out username and password after we call
ast_free on them. Unfortunately, I noticed that we weren't checking for
allocation failures for username and password, and adding those checks made
things noisy and cumbersome.
So instead we partially rollback the recent LGTM patch, and move the alloca
calls into find_aor_name().
ASTERISK-28641 #close
Reported by: Ross Beer
Change-Id: Ic9d01624e717a020be0b0aee31f0814e7f1ffbe2
We're appropriately sizing the id_domain_alias buffer, but then copying the data
into the id_domain one. We were then using the uninitialized id_domain_alias
buffer we just allocated.
This is ASTERISK~28641 adjacent, but significant enough to warrant its own
patch.
Change-Id: I81c38724d18deab8c6573153e2b99dbb6e2f33d9
During capabilities selection (joint capabilities of us and peer,
configured capability for this peer, or general configured
capabilities), if sip_new() does not keep framing information,
then directmedia activation will fail for any framing different
from default framing.
ASTERISK-28637
Change-Id: I99257502788653c2816fc991cac7946453082466
We need to copy the endpoint name before we call ao2_cleanup() on it,
otherwise we might try to access memory that has been reclaimed.
ASTERISK-28445 #close
Reported by: Bernhard Schmidt
Change-Id: I404b952608aa606e0babd3c4108346721fb726b3
The problem is essentially the same as in ASTERISK~28245. Besides
the direct media scenario we have an additional scenario where a
special client is involved. This device mutes audio by default in
transmit direction (no rtp frames) and activates audio only by a
foot switch. In this situation dtmf input (pin for conferences,
transfer features codes , etc) using SIP INFO mode is not
understood properly especially when SIP INFO messages are sent
quickly.
This patch ensures that SIP INFO frames are properly queued and
processed in the above scenario. The patch also corrects situations
where successive dtmf events are received quicker than the
signalled event duration (plus minimum gap/pause) allows, i.e. DTMF
events have to be buffered in the ast channel read queue and
emulation has to be processed asynchronously at slower speed.
Reported by: Thomas Arimont
patches:
trigger_dtmf_emulation.patch submitted by Thomas Arimont (license 5525)
Change-Id: I309bf61dd065c9978c8e48f5b9a936ab47de64c2
* Use ast_cli_completion_add() to improve performance when large number of
cached items are present.
* Only complete one URI for commands that only accept a single URI.
* Change command documentation to wrap at 80 characters to improve
readability.
Change-Id: Iedb0a2c3541e49561bc231dca2dcc0ebd8612902
if asterisk offer T38 SDP with none error correction scheme and
the endpoint respond with redundancy EC scheme, asterisk switch
to that mode. Since we configure the endpoint as none EC mode
we should not switch to any other mode except none.
following logic implemented in code.
1. If asterisk offer none, and anything except none in answer
will be ignored.
2. If asterisk offer fec, answer with fec, redundancy and none will
be accepted.
3. If asterisk offer redundancy, answer with redundancy and none
will be accepted.
ASTERISK-28621
Change-Id: I343c62253ea4c8b7ee17abbfb377a4d484a14b19
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.
ASTERISK-28589 #close
Change-Id: I581c5ed1da60ca89f590bd70872de2b660de02df
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Action: Originate
Channel: Local/1111
Application: Originate
Data: Local/2222,app,System,touch /tmp/owned
If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps.
ASTERISK-28580
Reported by: Eliel Sardañons
Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa
The original clone depth of 10 was causing the need to rebase
changes whose parent was older than the 10 commits. The clone
depth has been increased to 100.
Workspace cleanup was only happening for successful builds which
wasn't enough to keep the 8G workspace in-memory drives on the
docker slaves from filling up. Now the workspaces are cleaned up
after every build regardless of success/failure. If you need to
preserve builds temporarily, you can log into Jenkins/Manage
Jenkins/Configure System and change the CLEANUP_WS_* environment
variable for the job type you're troubleshooting to "FALSE".
Change-Id: I0d7366e87cea714e5dbc9488caf718802fce75ca
Fixes: error: ‘domain_name’ may be used uninitialized in this function
Found with gcc (Ubuntu 9.2.1-9ubuntu2) 9.2.1 20191008
Change-Id: I44413b49ea1205aa25538142161deb73883c79e8
ASTERISK_28143 attempted to fix an issue where calls with no audio would never
timeout. It did so by adding AST_FRAME_NULL as a frame type to process in its
calculations. Unfortunately these frames seem to show up at irregular time
intervals. This resulted in app_amd returning prematurely most of the time.
* Removed AST_FRAME_NULL from the calculations
* Added a check to see how much time has actually passed since app_amd began
ASTERISK-28608
Change-Id: I642a21b02d389b17e40ccd5357754b034c3daa42
Upon a short PRI disconnection, libpri may maintain Q.921 layer 'up' and
may thus not send PRI_EVENT_DCHAN_DOWN / PRI_EVENT_DCHAN_UP events.
If pri_event_alarm() clears DCHAN_UP status bit upon alarm detection
and no Q.921 reconnection sequence occurs, chan_dahdi will keep
seeing span status "Down" at the end of alarm.
This patch modifies pri_event_alarm() in order to keep DCHAN_UP bit
unchanged. libpri will send a PRI_EVENT_DCHAN_DOWN event if it detects
a disconnection of Q.921 layer and this will clear DCHAN_UP if required.
ASTERISK-28615
Change-Id: Ibe27df4971fd4c82cc6850020bce4a8b2692c996
