When a client connects to a server via SSL/TLS, the server commonly utilizes an
RSA key-pair. However, other such algorithms exist (i.e. DSA and ECDSA), and if
the server socket is configured with a certificate for either one of those, it
would lose its compatibility with RSA-only clients.
Now, the server socket can be configured with up to one RSA, ECDSA and DSA key
each. For example, if a client is not compatible with SHA-2 hashed certificates
like Nokia mobile phones, the server socket still can use RSA/SHA-1 for legacy
clients and ECDSA/SHA-2 for everyone else.
ASTERISK-24815 #close
Reported by: Alexander Traud
patches:
tls_rsa_ecc_dsa.patch uploaded by Alexander Traud (License 6520)
Change-Id: Iada5e00d326db5ef86e0af7069b4dfa1b979da9a
verification.
This way one X.509 certificate can be used for hosts that
can be reached under multiple DNS names or for multiple hosts.
Signed-off-by: Maciej Szmigiero <mail@maciej.szmigiero.name>
ASTERISK-25063 #close
Change-Id: I13302c80490a0b44c43f1b45376c9bd7b15a538f
The message channel is a special channel that doesn't actually process frames.
However, certain actions can cause frames to be placed in the channel's read
queue including the Hangup application which is called on the channel after
each message is processed. Since the channel will continually be reused for
many messages, it's necessary to flush these frames at some point.
ASTERISK-25083 #close
Reported by: Jonathan Rose
Change-Id: Idf18df73ccd8c220be38743335b5c79c2a4c0d0f
There are 3 ways that calls directly to standard allocator functions can
be dealt with:
1. Block their use, cause them to generate an error. This is the default.
2. Replace them with the Asterisk equivalent function calls.
3. Leave them alone.
This change allows one of these 3 options to be selected by any source.
The source just needs to define ASTMM_LIBC to ASTMM_BLOCK, ASTMM_REDIRECT,
or ASTMM_IGNORE to use option 1, 2 or 3 respectively. Normally ASTMM_BLOCK
is the correct option, so it is default when ASTMM_LIBC is not defined.
In some cases when building 3rd party code it is desirable to have it use
Asterisk functions, without changing the whole source - ASTMM_REDIRECT
accomplishes this. When using 3rd party libraries sometimes a static
inline function will make use of malloc or free. In these cases it may
be unsafe to replace the allocator in the header, as it's possible the
memory could be freed by the library using standard allocators. For
those cases ASTMM_IGNORE is needed.
Change-Id: I8afef4bc7f3b93914263ae27d3a5858b69663fc7
Previous versions of Asterisk processed command-line options before
processing asterisk.conf. This meant that if an option was set in
asterisk.conf, it could not be overridden with the equivelent command
line option. This change causes Asterisk to process the command-line
twice. First it processes options that are needed to load asterisk.conf,
then it processes the remaining options after the config is read.
This changes the function of -X slightly. Previously using -X without
disabling execincludes in asterisk.conf caused #exec to be usable in any
config. Now -X only enables #exec for the load of asterisk.conf, if it
is wanted in the rest of the system it must be enabled with execincludes
in asterisk.conf. Updated 'asterisk -h' and 'man asterisk' to reflect
the limited function of -X.
ASTERISK-25042 #close
Reported by: Corey Farrell
Change-Id: I1450d45c15b4467274b871914d893ed4f6564cd7
Currently you can 'apply' a wizard to an object type but the wizard
always goes at the end of the object type's wizard list. This patch
adds a new ast_sorcery_insert_wizard_mapping function that allows
you to insert a wizard anyplace in the list. I.E. You could
add a caching wizard to an object type and place it before all
wizards.
ast_sorcery_get_wizard_mapping_count and
ast_sorcery_get_wizard_mapping were added to allow examination
of the mapping list.
ast_sorcery_remove_mapping was added to remove a mapping by name.
As part of this patch, the object type's wizard list was converted
from an ao2_container to an AST_VECTOR_RW.
A new test was added to test_sorcery for this capability.
ASTERISK-25044 #close
Change-Id: I9d2469a9296b2698082c0989e25e6848dc403b57
The code which reads asterisk.conf supports processing the debug
option with ast_true, but ast_true returns -1. This causes debug
to still be off, convert to 1 so debug will be on as requested.
ASTERISK-25042
Reported by: Corey Farrell
Change-Id: I3c898b7d082d914b057e111b9357fde46bad9ed6
The DNS SRV sorting code currently has an issue when records with a priority
of zero exist with records of a non-zero priority. This occurs because the
sorting code considers zero to mean unset when in reality is a valid
value. If the current priority is zero it will get replaced with any remaining
record that has a priority of non-zero, until no records of those exist after
which the records of priority zero are handled.
This change makes it so that the priority of the first remaining record is
the current starting priority. There is also a small optimization to prevent
iterating records when the starting priority is already zero.
Change-Id: I103511f35b50428f770bd4db3ffef70fb6f82d35
Fix the alphabetic order added on ast_manager_register_struct. The order
for struct manager_action added is not working, this change fixes the
problem.
Change-Id: I149da0cd06c3c4445d7516cc303358e9f26f8b4b
A crash happens with this sequence of steps:
1) Party A is connected to party B.
2) Party B starts a DTMF attended transfer.
3) Party A hangs up while party B is dialing party C.
When party A hangs up the bridge that party A and party B are in is
dissolved and party B is kicked out of the bridge. When party B finishes
dialing party C he attempts to move to the new bridge with party C. Since
party B is no longer in a bridge the attempted move dereferences a NULL
bridge_channel pointer and crashes.
* Made the hold(), unhold(), ringing(), and the bridge_move() functions
tolerant of the channel not being in a bridge. The assertion that party B
is always in a bridge is not true if the bridged peer of party B hangs up
and dissolves the bridge. Being tolerant of not being in a bridge allows
the peer hangup stimulus to be processed by the FSM.
* Made the bridge_move() function return void since where the return value
for a failed move was checked generated a FSM coding ERROR message for a
normal off-nominal condition.
* Eliminated most uses of RAII_VAR in bridge_basic.c.
ASTERISK-25003 #close
Reported by: Artem Volodin
Change-Id: Ie2c1b14e5e647d4ea6de300bf56d69805d7bcada
ERR_remove_state was deprecated with OpenSSL 1.0.0 and was replaced by
ERR_remove_thread_state. ERR_load_SSL_strings and ERR_load_BIO_strings were
called by SSL_load_error_strings already and got removed. These changes allow
OpenSSL forks like BoringSSL to be used with Asterisk.
ASTERISK-25043 #close
Reported by: Alexander Traud
patches:
asterisk_with_BoringSSL.patch uploaded by Alexander Traud (License 6520)
Change-Id: If1c0871ece21a7e0763fafbd2fa023ae49d4d629
A recent change went into Asterisk which added reference counts to the
channels stored in a dial masquerade datastore. Unfortunately this
included a reference to the caller in a dialing operation. While all
of the dialed targets have the datastore removed from them upon dialing
completion this did not occur for the caller, causing it to have a
reference to itself that could go never go away (as it depended on
the destruction of the datastore which only happened when the channel
was destroyed). This resulted in the caller channel remaining on the
system despite it having hung up.
This change does the following to fix this issue:
1. The dial masquerade datastore is now removed from the caller upon
dialing completion, just like the dialed targets.
2. Upon destruction of the caller all the dialed targets are also
removed from the dial masquerade datastore (just in case).
3. The reference to the caller has been removed as it should not be
possible for the datastore to now be valid/useful after the lifetime
of the caller has ended.
ASTERISK-25025 #close
Change-Id: I1ef4ca5ca04980028604cc2af5d2992ac3431b3f
* Pass module to ast_cli_register and ast_cli_register_multiple.
* Add a module reference before executing any CLI callback, remove
the reference when complete.
ASTERISK-25049 #close
Reported by: Corey Farrell
Change-Id: I7aafc7c9f2b912918f28fe51d51e9e8a755750e3
ast_module_info->self is often needed to register items with the core. Many
modules have ad-hoc code to make this pointer available to auxiliary sources.
This change updates the module build process to make the needed information
available to all sources in a module.
ASTERISK-25056 #close
Reported by: Corey Farrell
Change-Id: I18c8cd58fbcb1b708425f6757becaeca9fa91815
Renamed AST_VECTOR_INSERT to AST_VECTOR_REPLACE because it really
does replace not insert. The few users of AST_VECTOR_INSERT were
refactored. Because these are macros, there should be no ABI
compatibility issues.
Added AST_VECTOR_INSERT_AT that actually inserts an element into the
vector at a specific index pushing existing elements to the right.
Added AST_VECTOR_GET_CMP that can retrieve from the vector based
on a user-provided compare function.
Added AST_VECTOR_CALLBACK function that will execute a function
for each element in the vector. Similar to ao2_callback and
ao2_callback_data functions although the vector callback can take
a variable number of arguments. This should allow easy migration
to a vector where a container might be too heavy.
Added read/write locked vector and lock manipulation macros.
Added unit tests.
ASTERISK-25045 #close
Change-Id: I2e07ecc709d2f5f91bcab8904e5e9340609b00e0
This adds a test that will fail if any test failed to register. Also fail
if any test registration produced a warning about missing a leading or
trailing slash.
ASTERISK-25053 #close
Reported by: Corey Farrell
Change-Id: I93e50b8fcbcfa7f1f5b41b2c44a51685c09529c3
Format interfaces cannot be unregistered, so the modules that provide them
need to be held open except by shutdown.
ASTERISK-25054 #close
Reported by: Corey Farrell
Change-Id: Iadbd9675bf0d30b8fded5a739b163db3ea2db8f3
A few cases exist where headers of optional_api provders are included but
not needed. This causes unneeded calls to ast_optional_api_use.
* Don't include optional_api.h from sip_api.h.
* Move 'struct ast_channel_monitor' to channel.h.
* Don't include monitor.h from chan_sip.c, channel.c or features.c.
The move of struct ast_channel_monitor is needed since channel.c depends on
it. This has no effect on users of monitor.h since channel.h is included
from monitor.h.
ASTERISK-25051 #close
Reported by: Corey Farrell
Change-Id: I53ea65a9fc9693c89f8bcfd6120649bfcfbc3478
When using the force black background command-line option or configuration
option an invalid reset sequence is sent following a coloured output item
in the CLI, the result is that the colour is not 'turned off' and continues
until the next non-default coloured text output.
A reset sequence is already defined in term.c, but the ast_term_reset
function doesn't use it, instead building it's own invalid sequence and
returning that.
This patch changes that behaviour, removing the building of a reset sequence
and instead using the pre-built constant 'enddata' which is a suitable reset
sequence for this purpose.
ASTERISK-24896 #close
Reported by: Dan Tucny
Change-Id: I56323899123ae3264900389cae1f5b252aa3bf43
This ensures that refdebug is initialized before AO2_DEBUG if
both are enabled, since AO2_DEBUG allocates a container.
This change also makes AO2_DEBUG initialization critical, a
failure will abort Asterisk startup. This is needed since
the failure would be caused by reg_containers allocation
failure, and that would result in a segmentation fault by
ao2_container_register later in startup.
ASTERISK-25048 #close
Reported by: Corey Farrell
Change-Id: I9a243ea3fc5653b48b931ba6d61971cb2e530244
The PBX core maintains two hash tables for hints: a container of the
actual hints (hints), along with a container of devices that are watching that
hint (hintdevices). When a dialplan reload occurs, each hint in the hints
container is destroyed; this requires a lookup in the container of devices to
find the device => hint mapping object. In the current code, this performs an
ao2_callback, iterating over each of the device to hint objects in the
hintdevices container. For a large number of hints, this is extremely
expensive: dialplan reloads with 20000 hints could take several minutes
in just this phase.
This patch improves the performance of this step in the dialplan reloads
by caching which devices are watching a hint on the hint object itself.
Since we don't want to create a circular reference, we just cache the
name of the device. This allows us to perform a smarter ao2_callback on
the hintdevices container during hint removal, hashing on the name of the
device and returning an iterator to the matching names. The overall
performance improvement is rather large, taking this step down to a number of
seconds as opposed to minutes.
In addition, this patch also registers the hint containers in the PBX
core with the astobj2 library. This allows for reasonable debugging to
hash collisions in those containers.
ASTERISK-25040 #close
Reported by: Matt Jordan
Change-Id: Iedfc97a69d21070c50fca42275d7b3e714e59360
Scenario:
Alice calls Bob. Bob performs a blond transfer to Carol. Carol rejects
the incoming call (or some other immediate circumstance causes Carol not
to answer the call)
What occurs in this case is that when the bridge between Alice and Bob
breaks, Alice is told to masquerade into Bob's channel that had placed
the call to Carol. The actual masquerade goes down without a hitch.
However, a channel fixup callback that attempts to publish dial events
over Stasis has a crash. The reason for this crash is that the datastore
on Bob's channel that placed the outbound call to Carol only had a bare
pointer to Carol's channel. Since Carol rejected the incoming call,
Carol's channel has been hung up and freed, meaning accessing her
channel results in a crash.
The fix here is simple. The dial fixup code has been altered to hold
references to the involved channels and to drop those references when
freeing data.
ASTERISK-25025 #close
Reported by Chet Stevens
Change-Id: I54eedda207b8ec7a69263353b43abe5746aea197
This patch has two main purposes:
1) Improve warning messages when ACLs are configured improperly.
2) Prevent misconfigured ACLs from allowing potentially unwanted
traffic.
To acomplish point (2) in most cases, whatever configuration object that
the ACL belonged to was not allowed to load.
The one exception is res_pjsip_acl. In that case, ACLs are their own
configuration object. Furthermore, the module loading code has no
indication that a ACL configuration had a failure. So the tactic taken
here is to create an ACL that just blocks everything.
ASTERISK-24969
Reported by Corey Farrell
Change-Id: I2ebcb6959cefad03cea4d81401be946203fcacae
The patch in 0b6410c4f8 did correctly fix a memory leak of the DTLS
structures in the RTP engine. However, when a 'core reload' is issued, a
double free of the memory pointed to by the char *'s in the DTLS
configuration struct can occur, as ast_rtp_dtls_cfg_free does not set
the pointers to NULL when they are freed.
This patch sets those pointers to NULL, preventing a second call to
ast_rtp_dtls_cfg_free from corrupting memory.
ASTERISK-25022
Change-Id: I820471e6070a37e3c26f760118c86770e12f6115
This function allows code to run ao2_ref against the real
object associated with a weakproxy. It is useful when
all of the following conditions are true:
* You have a pointer to weakproxy.
* You do not have or need a pointer to the real object.
* You need to ensure the real object exists and is not
destroyed during a process.
In this case it's wasteful to store a pointer to the real
object just for the sake of releasing it later.
Change-Id: I38a319b83314de75be74207a8771aab269bcca46
This switches files used to generate other sources to use the new
ASTERISK_REGISTER_FILE macro.
ASTERISK-25026 #close
Reported by: Corey Farrell
Change-Id: Ieb2537b83421cad07c8955e5f90c405ccf079740
ao2 ref leak in res_rtp_asterisk.c when a DTLS policy is created.
The resources are linked into a table, but the original alloc refs
are never released. ast_strdup leak in rtp_engine.c. If
ast_rtp_dtls_cfg_copy() is called twice on the same destination struct,
a pointer to an alloc'd string is overwritten before the string is free'd.
ASTERISK-25022
Reported by: one47
Change-Id: I62a8ceb8679709f6c3769136dc6aa9a68202ff9b
* The REF_DEBUG compiler flag no longer has any effect on code that uses
Astobj2. It is used to determine if reference debugging is enabled by
default. Reference debugging can be enabled or disabled in asterisk.conf.
* Caller information is provided in logger errors for ao2 bad magic numbers.
* Optimizes AO2 by merging internal functions with the public counterpart.
This was possible now that we no longer require a dual ABI.
ASTERISK-24974 #close
Reported by: Corey Farrell
Change-Id: Icf3552721fe999365ba8a8cf00a965aa6b897cc1
clang can warn about a so called tautological-compare, when it finds
comparisons which are logically always true, and are therefor deemed
unnecessary.
Exanple:
unsigned int x = 4;
if (x > 0) // x is always going to be bigger than 0
Enum Case:
Each enumeration is its own type. Enums are an integer type but they
do not have to be *signed*. C leaves it up to the compiler as an
implementation option what to consider the integer type of a particu-
lar enumeration is. Gcc treats an enum without negative values as
an int while clang treats this enum as an unsigned int.
rmudgett & mmichelson: cast the enum to (unsigned int) in assert.
The cast does have an effect. For gcc, which seems to treat all enums
as int, the cast to unsigned int will eliminate the possibility of
negative values being allowed. For clang, which seems to treat enums
without any negative members as unsigned int, the cast will have no
effect. If for some reason in the future a negative value is ever
added to the enum the assert will still catch the negative value.
ASTERISK-24917
Change-Id: I0557ae0154a0b7de68883848a609309cdf0aee6a
