mirror of
https://github.com/asterisk/asterisk.git
synced 2026-01-14 05:44:03 +00:00
Compare commits
12 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
e56a90568d | ||
|
0adbc4f499 | ||
|
|
91be429a41 | ||
|
|
d3caebe072 | ||
|
|
fda68af0f6 | ||
|
|
a3838678f4 | ||
|
|
b9f026c7fd | ||
|
|
4857b7917a | ||
|
cabd2d6950 | ||
|
|
8ed1eeeaa6 | ||
|
01695f4507 | ||
|
|
c4d6abf01e |
12
CHANGES
12
CHANGES
@@ -12,6 +12,18 @@
|
||||
===
|
||||
==============================================================================
|
||||
|
||||
------------------------------------------------------------------------------
|
||||
--- Functionality changes from Asterisk 19.3.1 to Asterisk 19.3.2 ------------
|
||||
------------------------------------------------------------------------------
|
||||
|
||||
func_odbc
|
||||
------------------
|
||||
* A SQL_ESC_BACKSLASHES dialplan function has been added which
|
||||
escapes backslashes. Usage of this is dependent on whether the
|
||||
database in use can use backslashes to escape ticks or not. If
|
||||
it can, then usage of this prevents a broken SQL query depending
|
||||
on how the SQL query is constructed.
|
||||
|
||||
------------------------------------------------------------------------------
|
||||
--- Functionality changes from Asterisk 19.2.0 to Asterisk 19.3.0 ------------
|
||||
------------------------------------------------------------------------------
|
||||
|
||||
116
ChangeLog
116
ChangeLog
@@ -1,3 +1,119 @@
|
||||
2022-04-26 16:36 +0000 Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* asterisk 19.3.3 Released.
|
||||
|
||||
2022-04-21 10:26 +0000 [0adbc4f499] Ben Ford <bford@digium.com>
|
||||
|
||||
* res_pjsip_stir_shaken.c: Fix enabled when not configured.
|
||||
|
||||
There was an issue with the conditional where STIR/SHAKEN would be
|
||||
enabled even when not configured. It has been changed to ensure that if
|
||||
a profile does not exist and stir_shaken is not set in pjsip.conf, then
|
||||
the conditional will return from the function without performing
|
||||
STIR/SHAKEN operations.
|
||||
|
||||
ASTERISK-30024
|
||||
|
||||
Change-Id: I41286a3d35b033ccbfbe4129427a62cb793a86e6
|
||||
|
||||
2022-04-14 22:16 +0000 Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* asterisk 19.3.2 Released.
|
||||
|
||||
2022-04-14 16:38 +0000 [d3caebe072] Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* Doing a fresh summary
|
||||
|
||||
2022-04-14 16:28 +0000 [fda68af0f6] Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* Update for 19.3.2
|
||||
|
||||
2022-04-14 15:50 +0000 [a3838678f4] Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* Update CHANGES and UPGRADE.txt for 19.3.2
|
||||
2022-02-28 11:19 +0000 [b9f026c7fd] Ben Ford <bford@digium.com>
|
||||
|
||||
* AST-2022-002 - res_stir_shaken/curl: Add ACL checks for Identity header.
|
||||
|
||||
Adds a new configuration option, stir_shaken_profile, in pjsip.conf that
|
||||
can be specified on a per endpoint basis. This option will reference a
|
||||
stir_shaken_profile that can be configured in stir_shaken.conf. The type
|
||||
of this option must be 'profile'. The stir_shaken option can be
|
||||
specified on this object with the same values as before (attest, verify,
|
||||
on), but it cannot be off since having the profile itself implies wanting
|
||||
STIR/SHAKEN support. You can also specify an ACL from acl.conf (along
|
||||
with permit and deny lines in the object itself) that will be used to
|
||||
limit what interfaces Asterisk will attempt to retrieve information from
|
||||
when reading the Identity header.
|
||||
|
||||
ASTERISK-29476
|
||||
|
||||
Change-Id: I87fa61f78a9ea0cd42530691a30da3c781842406
|
||||
|
||||
2022-01-07 08:50 +0000 [4857b7917a] Ben Ford <bford@digium.com>
|
||||
|
||||
* AST-2022-001 - res_stir_shaken/curl: Limit file size and check start.
|
||||
|
||||
Put checks in place to limit how much we will actually download, as well
|
||||
as a check for the data we receive at the start to ensure it begins with
|
||||
what we would expect a certificate to begin with.
|
||||
|
||||
ASTERISK-29872
|
||||
|
||||
Change-Id: Ifd3c6b8bd52b8b6192a04166ccce4fc8a8000b46
|
||||
|
||||
2022-02-10 06:02 +0000 [cabd2d6950] Joshua C. Colp <jcolp@sangoma.com>
|
||||
|
||||
* func_odbc: Add SQL_ESC_BACKSLASHES dialplan function.
|
||||
|
||||
Some databases depending on their configuration using backslashes
|
||||
for escaping. When combined with the use of ' this can result in
|
||||
a broken func_odbc query.
|
||||
|
||||
This change adds a SQL_ESC_BACKSLASHES dialplan function which can
|
||||
be used to escape the backslashes.
|
||||
|
||||
This is done as a dialplan function instead of being always done
|
||||
as some databases do not require this, and always doing it would
|
||||
result in incorrect data being put into the database.
|
||||
|
||||
ASTERISK-29838
|
||||
|
||||
Change-Id: I152bf34899b96ddb09cca3e767254d8d78f0c83d
|
||||
|
||||
2022-03-29 22:26 +0000 Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* asterisk 19.3.1 Released.
|
||||
|
||||
2022-03-25 09:33 +0000 [01695f4507] George Joseph <gjoseph@digium.com>
|
||||
|
||||
* make_xml_documentation: Remove usage of get_sourceable_makeopts
|
||||
|
||||
get_sourceable_makeopts wasn't handling variables with embedded
|
||||
double quotes in them very well. One example was the DOWNLOAD
|
||||
variable when curl was being used instead of wget. Rather than
|
||||
trying to fix get_sourceable_makeopts, it's just been removed.
|
||||
|
||||
ASTERISK-29986
|
||||
Reported by: Stefan Ruijsenaars
|
||||
|
||||
Change-Id: Idf2a90902228c2558daa5be7a4f8327556099cd2
|
||||
|
||||
2022-03-25 14:00 +0000 [c4d6abf01e] George Joseph <gjoseph@digium.com>
|
||||
|
||||
* Makefile: Disable XML doc validation
|
||||
|
||||
make_xml_documentation was being called with the --validate
|
||||
flag set when it shouldn't have been. This was causing
|
||||
build failures if neither xmllint nor xmlstarlet were installed.
|
||||
The correct behavior is to simply print a message that either
|
||||
one of those tools should be installed for validation and
|
||||
continue with the build.
|
||||
|
||||
ASTERISK-29988
|
||||
|
||||
Change-Id: Idc6c44114e7dd3fadae183a4e22f4fdba0b8a645
|
||||
|
||||
2022-03-24 13:19 +0000 Asterisk Development Team <asteriskteam@digium.com>
|
||||
|
||||
* asterisk 19.3.0 Released.
|
||||
|
||||
9
Makefile
9
Makefile
@@ -101,6 +101,11 @@ export TAR
|
||||
export PATCH
|
||||
export SED
|
||||
export NM
|
||||
export FIND
|
||||
export BASENAME
|
||||
export DIRNAME
|
||||
export XMLLINT
|
||||
export XMLSTARLET
|
||||
|
||||
# makeopts is required unless the goal is just {dist{-}}clean
|
||||
ifeq ($(MAKECMDGOALS),clean)
|
||||
@@ -480,7 +485,7 @@ XML_core_en_US := $(shell build_tools/make_xml_documentation --command=print_dep
|
||||
# core-en_US.xml is the normal documentation created with asterisk builds.
|
||||
doc/core-en_US.xml: makeopts .lastclean $(XML_core_en_US)
|
||||
@build_tools/make_xml_documentation --command=create_xml --source-tree=. --mod-subdirs="$(DOC_MOD_SUBDIRS)" \
|
||||
--with-moduleinfo --validate --output-file=$@
|
||||
--with-moduleinfo --output-file=$@
|
||||
|
||||
# The full-en_US.xml target is only called by the wiki documentation generation process
|
||||
# and does special post-processing in preparation for uploading to the wiki.
|
||||
@@ -492,7 +497,7 @@ ifeq ($(PYTHON),:)
|
||||
@echo "--------------------------------------------------------------------------"
|
||||
else
|
||||
@build_tools/make_xml_documentation --command=create_xml --source-tree=. --mod-subdirs="$(DOC_MOD_SUBDIRS)" \
|
||||
--for-wiki --validate --output-file=$@ --core-output-file=./doc/core-en_US.xml
|
||||
--for-wiki --output-file=$@ --core-output-file=./doc/core-en_US.xml
|
||||
endif
|
||||
|
||||
validate-docs: doc/core-en_US.xml
|
||||
|
||||
@@ -1,147 +0,0 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-19.3.0</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-19.3.0</h3><h3 align="center">Date: 2022-03-24</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
|
||||
<li><a href="#summary">Summary</a></li>
|
||||
<li><a href="#contributors">Contributors</a></li>
|
||||
<li><a href="#closed_issues">Closed Issues</a></li>
|
||||
<li><a href="#commits">Other Changes</a></li>
|
||||
<li><a href="#diffstat">Diffstat</a></li>
|
||||
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-19.2.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
|
||||
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
|
||||
<tr valign="top"><td width="33%">13 Naveen Albert <asterisk@phreaknet.org><br/>5 George Joseph <gjoseph@digium.com><br/>4 Alexei Gradinari <alex2grad@gmail.com><br/>3 Kevin Harwell <kharwell@sangoma.com><br/>3 Sean Bright <sean.bright@gmail.com><br/>2 Asterisk Development Team <asteriskteam@digium.com><br/>1 Kfir Itzhak <mastertheknife@gmail.com><br/>1 Mike Bradeen <mbradeen@sangoma.com><br/>1 Joshua C. Colp <jcolp@sangoma.com><br/>1 Ben Ford <bford@digium.com><br/>1 Mark Petersen <bugs.digium.com@zombie.dk><br/>1 Boris P. Korzun <drtr0jan@yandex.ru><br/></td><td width="33%"><td width="33%">13 N A <mail@interlinked.x10host.com><br/>4 Alexei Gradinari <alex2grad@gmail.com><br/>3 Kevin Harwell <kharwell@digium.com><br/>1 George Joseph <gjoseph@digium.com><br/>1 Mark Petersen <asterisk.org@zombie.dk><br/>1 cagdas kopuz <cagdas.kopuz@netgsm.com.tr><br/>1 Boris P. Korzun <drtr0jan@yandex.ru><br/>1 Kfir Itzhak <mastertheknife@gmail.com><br/>1 Joshua C. Colp <jcolp@digium.com><br/>1 kwk <Konrad.Kleine@GONICUS.de><br/>1 Napadailo Yaroslav <experimental.rabbit.1986@gmail.com><br/></td></tr>
|
||||
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29945">ASTERISK-29945</a>: pjproject: Security fixes for things<br/>Reported by: Kevin Harwell<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b81db677c9541b0169843ea4056d28abbb3465b0">[b81db677c9]</a> Kevin Harwell -- AST-2022-006: pjproject - unconstrained malformed multipart SIP message</li>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f9cd83ff3574543b856cd05148b4c53af1893514">[f9cd83ff35]</a> Kevin Harwell -- AST-2022-005: pjproject - undefined behavior after freeing a dialog set</li>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ac8de6e31db9b4099d0e28238ebb5ee87e69a6ea">[ac8de6e31d]</a> Kevin Harwell -- AST-2022-004: pjproject - possible integer underflow on STUN message</li>
|
||||
</ul><br><h3>New Feature</h3><h4>Category: Channels/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29840">ASTERISK-29840</a>: func_channel: Add LASTCONTEXT and LASTEXTEN fields<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ff603d16c7f9b9d373f75224ffb5714ca2ee5943">[ff603d16c7]</a> Naveen Albert -- func_channel: Add lastcontext and lastexten.</li>
|
||||
</ul><br><h4>Category: Core/ManagerInterface/NewFeature</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29853">ASTERISK-29853</a>: ami: Allow events to be globally disabled<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8a947023869cba5581505322d7d05f8795494eb8">[8a94702386]</a> Naveen Albert -- ami: Allow events to be globally disabled.</li>
|
||||
</ul><br><h3>Bug</h3><h4>Category: Applications/app_queue</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29873">ASTERISK-29873</a>: [patch] Queue Realtime load<br/>Reported by: Alexei Gradinari<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5f22f586ffaf2af641ebe8e857edb46b61772704">[5f22f586ff]</a> Alexei Gradinari -- app_queue: load queues and members from Realtime when needed</li>
|
||||
</ul><br><h4>Category: Core/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29365">ASTERISK-29365</a>: taskprocessor: Can cause assert at shutdown<br/>Reported by: Joshua C. Colp<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5764414d105d8816fe3148af4f563f549f4c3116">[5764414d10]</a> Mike Bradeen -- taskprocessor.c: Prevent crash on graceful shutdown</li>
|
||||
</ul><br><h4>Category: Core/ManagerInterface</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-18416">ASTERISK-18416</a>: [patch] Realtime queue agents unavailable via AMI before a call event.<br/>Reported by: kwk<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5f22f586ffaf2af641ebe8e857edb46b61772704">[5f22f586ff]</a> Alexei Gradinari -- app_queue: load queues and members from Realtime when needed</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27597">ASTERISK-27597</a>: AMI Queuestatus not working (with realtime queue)<br/>Reported by: cagdas kopuz<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5f22f586ffaf2af641ebe8e857edb46b61772704">[5f22f586ff]</a> Alexei Gradinari -- app_queue: load queues and members from Realtime when needed</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29886">ASTERISK-29886</a>: Asterisk AMI sends not-valid XML<br/>Reported by: Napadailo Yaroslav<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b42dd930f4332a74b2031475d7e4806bb157db41">[b42dd930f4]</a> Sean Bright -- manager.c: Generate valid XML if attribute names have leading digits.</li>
|
||||
</ul><br><h4>Category: General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29923">ASTERISK-29923</a>: docs, LICENSE: pbx.digium.com no longer exists<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e16fce22510c9679d7655678c77acb04532a5206">[e16fce2251]</a> Naveen Albert -- configs, LICENSE: remove pbx.digium.com.</li>
|
||||
</ul><br><h4>Category: Resources/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29871">ASTERISK-29871</a>: res_prometheus: Failure to load causes FRACKs<br/>Reported by: Mark Petersen<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=97ac3c1385863828fa51dbe94fe74e307d2ecb26">[97ac3c1385]</a> Mark Petersen -- res_prometheus.c: missing module dependency</li>
|
||||
</ul><br><h4>Category: Resources/res_config_pgsql</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29924">ASTERISK-29924</a>: res_config_pgsql: omit "unsupported column type 'text'" error<br/>Reported by: Boris P. Korzun<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=00a7fa985e75df8cd139d50f42a86410b81f7ac2">[00a7fa985e]</a> Boris P. Korzun -- res_config_pgsql: Add text-type column check in require_pgsql()</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_pubsub</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29904">ASTERISK-29904</a>: RLS: Batched Notifications stop working<br/>Reported by: Alexei Gradinari<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=76f90bff7579db6b44a60df19491893cd34ab7ff">[76f90bff75]</a> Alexei Gradinari -- res_pjsip_pubsub: fix Batched Notifications stop working</li>
|
||||
</ul><br><h3>Improvement</h3><h4>Category: Applications/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29877">ASTERISK-29877</a>: app_mf: Allow reading a maximum number of digits<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ba2f780930326d70a298f17e2ead7eaff41912cf">[ba2f780930]</a> Naveen Albert -- app_mf: Add max digits option to ReceiveMF.</li>
|
||||
</ul><br><h4>Category: Applications/app_mp3</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29900">ASTERISK-29900</a>: app_mp3: Document and warn about https incompatibility<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b54060021f12c1de8442a6c67030a470244c768a">[b54060021f]</a> Naveen Albert -- app_mp3: Document and warn about HTTPS incompatibility.</li>
|
||||
</ul><br><h4>Category: Applications/app_queue</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29909">ASTERISK-29909</a>: app_queue: Add support for withdrawing a call<br/>Reported by: Kfir Itzhak<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5edbc54c5453056e9c1f93f441bc4e4c592729c1">[5edbc54c54]</a> Kfir Itzhak -- app_queue: Add QueueWithdrawCaller AMI action</li>
|
||||
</ul><br><h4>Category: Applications/app_voicemail</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29920">ASTERISK-29920</a>: app_voicemail: Warn if trying to manage nonexistent mailbox<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=19481fc1f028ddbd8707f52322bad8c2ebaa26b8">[19481fc1f0]</a> Naveen Albert -- app_voicemail: Emit warning if asking for nonexistent mailbox.</li>
|
||||
</ul><br><h4>Category: Core/Channels</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29897">ASTERISK-29897</a>: channels: Increase core debug levels for chatty debugs<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=51146db5fe67da1daddedd39d18e95dbe3b72e32">[51146db5fe]</a> Naveen Albert -- channel.c: Clean up debug level 1.</li>
|
||||
</ul><br><h4>Category: Core/Portability</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29353">ASTERISK-29353</a>: Qualify jansson 2.14 for asterisk<br/>Reported by: George Joseph<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=3d30f68fbccafbe18bed3d26f9b190f49f1fae0a">[3d30f68fbc]</a> Joshua C. Colp -- jansson: Update bundled to 2.14 version.</li>
|
||||
</ul><br><h4>Category: Documentation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29896">ASTERISK-29896</a>: xmldocs: Add since tag<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=eb77229b538be90e02af10aea6cb9088fcd75ef9">[eb77229b53]</a> Naveen Albert -- documentation: Add since tag to xmldocs DTD</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29898">ASTERISK-29898</a>: documentation: Add default attributes to documentation<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=57685c139bffefd9d01de4c3c30d7e546970bd38">[57685c139b]</a> Naveen Albert -- documentation: Adds missing default attributes.</li>
|
||||
</ul><br><h4>Category: Functions/func_curl</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29809">ASTERISK-29809</a>: curl, stir_shaken: refactor curl code<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4cb4a3ed01b1c31eb8f1c94c9a0cef63878f7eda">[4cb4a3ed01]</a> Naveen Albert -- res_stir_shaken: refactor utility function</li>
|
||||
</ul><br><h4>Category: Functions/func_db</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29925">ASTERISK-29925</a>: func_db: Warn about malformed key names<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=257590b4e2d16aba6e28d4a18c2e006e1bb4b4db">[257590b4e2]</a> Naveen Albert -- func_db: Add validity check for key names when writing.</li>
|
||||
</ul><br><h4>Category: General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29861">ASTERISK-29861</a>: asterisk.h: add macro for curl user agent<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d5c72f35fd8e5c2e81ae8eb723b3edd0d053fd0e">[d5c72f35fd]</a> Naveen Albert -- asterisk: Add macro for curl user agent.</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29866">ASTERISK-29866</a>: cli: add core dump information to core show settings<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e8f8d84ffdc1c78bae466f9f92605e3ac8ce837c">[e8f8d84ffd]</a> Naveen Albert -- cli: Add core dump info to core show settings.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_pubsub</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29906">ASTERISK-29906</a>: [patch] update RLS to reflect the changes to the lists<br/>Reported by: Alexei Gradinari<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=49928fee53dfc81c9ce881497369a4e6d06349c2">[49928fee53]</a> Alexei Gradinari -- res_pjsip_pubsub: update RLS to reflect the changes to the lists</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29891">ASTERISK-29891</a>: [patch] provide a display name for RLS subscriptions<br/>Reported by: Alexei Gradinari<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e85ee05e9d61010c58e9ec0e287bd445ad192acf">[e85ee05e9d]</a> Alexei Gradinari -- res_pjsip_pubsub: provide a display name for RLS subscriptions</li>
|
||||
</ul><br><h4>Category: Resources/res_stir_shaken</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29809">ASTERISK-29809</a>: curl, stir_shaken: refactor curl code<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4cb4a3ed01b1c31eb8f1c94c9a0cef63878f7eda">[4cb4a3ed01]</a> Naveen Albert -- res_stir_shaken: refactor utility function</li>
|
||||
</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
|
||||
<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0740db7608866ca19b7dd5cc38f4439cd1e9387f">0740db7608</a></td><td>Asterisk Development Team</td><td>Update for 19.3.0-rc1</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=96f98908f92d33d9dd2ab4f5c293b2777a5e6a6b">96f98908f9</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for 19.3.0</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0c07f94c005bf11bd767efb16776d0ddf9405f32">0c07f94c00</a></td><td>Ben Ford</td><td>AMI: Bump version for 19.3.0.</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1dc792a31241ac5928f3dfa296f9604fe2925bee">1dc792a312</a></td><td>George Joseph</td><td>xml.c, config,c: Add stylesheets and variable list string parsing</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d00108df721545170fcc4df8dbaff9e98526cb72">d00108df72</a></td><td>George Joseph</td><td>xmldoc: Fix issue with xmlstarlet validation</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=38df1c35eefa2b1f9ed602df721fef8c7ab58775">38df1c35ee</a></td><td>George Joseph</td><td>core: Config and XML tweaks needed for geolocation</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e29cd99975a20b4b33806079f332a36ddcd77d8d">e29cd99975</a></td><td>George Joseph</td><td>Makefile: Allow XML documentation to exist outside source files</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ca18e6847029791559be381ca1c24965d446ad95">ca18e68470</a></td><td>George Joseph</td><td>build: Refactor the earlier "basebranch" commit</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=67eb7c9e851339744a6021d9c2cc81e902fb768f">67eb7c9e85</a></td><td>Sean Bright</td><td>manager.c: Simplify AMI ModuleCheck handling</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=dfbb547f6adf27a54d37603365cd764377fdd20f">dfbb547f6a</a></td><td>Sean Bright</td><td>res_pjsip.c: Correct minor typos in 'realm' documentation.</td></tr>
|
||||
</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-19.2.0-summary.html | 445 -
|
||||
asterisk-19.2.0-summary.txt | 887 --
|
||||
b/.gitignore | 2
|
||||
b/.version | 2
|
||||
b/CHANGES | 56
|
||||
b/ChangeLog | 660 ++
|
||||
b/LICENSE | 3
|
||||
b/Makefile | 58
|
||||
b/UPGRADE.txt | 13
|
||||
b/apps/app_mf.c | 30
|
||||
b/apps/app_mp3.c | 6
|
||||
b/apps/app_queue.c | 196
|
||||
b/apps/app_reload.c | 5
|
||||
b/apps/app_voicemail.c | 12
|
||||
b/asterisk-19.3.0-rc1-summary.html | 149
|
||||
b/asterisk-19.3.0-rc1-summary.txt | 381 +
|
||||
b/build_tools/get_sourceable_makeopts | 54
|
||||
b/build_tools/make_version | 33
|
||||
b/build_tools/make_xml_documentation | 249
|
||||
b/build_tools/menuselect-deps.in | 1
|
||||
b/configs/samples/extensions.conf.sample | 9
|
||||
b/configs/samples/manager.conf.sample | 11
|
||||
b/configs/samples/pjsip.conf.sample | 18
|
||||
b/configs/samples/prometheus.conf.sample | 4
|
||||
b/configure | 136
|
||||
b/configure.ac | 6
|
||||
b/contrib/ast-db-manage/config/versions/8f72185e437f_res_pjsip_pubsub_add_resource_list_.py | 29
|
||||
b/contrib/realtime/mysql/mysql_config.sql | 6
|
||||
b/contrib/realtime/postgresql/postgresql_config.sql | 6
|
||||
b/doc/appdocsxml.dtd | 14
|
||||
b/funcs/func_channel.c | 10
|
||||
b/funcs/func_curl.c | 4
|
||||
b/funcs/func_db.c | 8
|
||||
b/include/asterisk.h | 2
|
||||
b/include/asterisk/channel.h | 2
|
||||
b/include/asterisk/config.h | 55
|
||||
b/include/asterisk/file.h | 17
|
||||
b/include/asterisk/manager.h | 2
|
||||
b/include/asterisk/res_pjsip_pubsub.h | 11
|
||||
b/include/asterisk/xml.h | 108
|
||||
b/main/asterisk.c | 39
|
||||
b/main/audiohook.c | 10
|
||||
b/main/cdr.c | 8
|
||||
b/main/channel.c | 4
|
||||
b/main/channel_internal_api.c | 18
|
||||
b/main/config.c | 76
|
||||
b/main/file.c | 20
|
||||
b/main/manager.c | 84
|
||||
b/main/taskprocessor.c | 67
|
||||
b/main/xml.c | 182
|
||||
b/makeopts.in | 2
|
||||
b/res/res_ari.c | 4
|
||||
b/res/res_config_pgsql.c | 4
|
||||
b/res/res_http_media_cache.c | 4
|
||||
b/res/res_pjsip.c | 3242 ----------
|
||||
b/res/res_pjsip/pjsip_config.xml | 2347 +++++++
|
||||
b/res/res_pjsip/pjsip_manager.xml | 901 ++
|
||||
b/res/res_pjsip_exten_state.c | 24
|
||||
b/res/res_pjsip_pubsub.c | 150
|
||||
b/res/res_prometheus.c | 4
|
||||
b/res/res_stir_shaken/curl.c | 43
|
||||
b/tests/CI/buildAsterisk.sh | 9
|
||||
b/tests/CI/installAsterisk.sh | 9
|
||||
b/tests/test_config.c | 83
|
||||
b/tests/test_res_prometheus.c | 4
|
||||
b/third-party/jansson/jansson-2.14.tar.bz2.md5 | 1
|
||||
b/third-party/pjproject/patches/0170-stun-integer-underflow.patch | 26
|
||||
b/third-party/pjproject/patches/0171-dialog-set-free.patch | 73
|
||||
third-party/jansson/jansson-2.12.tar.bz2.md5 | 1
|
||||
69 files changed, 6299 insertions(+), 4840 deletions(-)</pre><br></html>
|
||||
@@ -1,381 +0,0 @@
|
||||
Release Summary
|
||||
|
||||
asterisk-19.3.0
|
||||
|
||||
Date: 2022-03-24
|
||||
|
||||
<asteriskteam@digium.com>
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Summary
|
||||
2. Contributors
|
||||
3. Closed Issues
|
||||
4. Other Changes
|
||||
5. Diffstat
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Summary
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This release is a point release of an existing major version. The changes
|
||||
included were made to address problems that have been identified in this
|
||||
release series, or are minor, backwards compatible new features or
|
||||
improvements. Users should be able to safely upgrade to this version if
|
||||
this release series is already in use. Users considering upgrading from a
|
||||
previous version are strongly encouraged to review the UPGRADE.txt
|
||||
document as well as the CHANGES document for information about upgrading
|
||||
to this release series.
|
||||
|
||||
The data in this summary reflects changes that have been made since the
|
||||
previous release, asterisk-19.2.0.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Contributors
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This table lists the people who have submitted code, those that have
|
||||
tested patches, as well as those that reported issues on the issue tracker
|
||||
that were resolved in this release. For coders, the number is how many of
|
||||
their patches (of any size) were committed into this release. For testers,
|
||||
the number is the number of times their name was listed as assisting with
|
||||
testing a patch. Finally, for reporters, the number is the number of
|
||||
issues that they reported that were affected by commits that went into
|
||||
this release.
|
||||
|
||||
Coders Testers Reporters
|
||||
13 Naveen Albert 13 N A
|
||||
5 George Joseph 4 Alexei Gradinari
|
||||
4 Alexei Gradinari 3 Kevin Harwell
|
||||
3 Kevin Harwell 1 George Joseph
|
||||
3 Sean Bright 1 Mark Petersen
|
||||
2 Asterisk Development Team 1 cagdas kopuz
|
||||
1 Kfir Itzhak 1 Boris P. Korzun
|
||||
1 Mike Bradeen 1 Kfir Itzhak
|
||||
1 Joshua C. Colp 1 Joshua C. Colp
|
||||
1 Ben Ford 1 kwk
|
||||
1 Mark Petersen 1 Napadailo Yaroslav
|
||||
1 Boris P. Korzun
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Closed Issues
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a list of all issues from the issue tracker that were closed by
|
||||
changes that went into this release.
|
||||
|
||||
Security
|
||||
|
||||
Category: pjproject/pjsip
|
||||
|
||||
ASTERISK-29945: pjproject: Security fixes for things
|
||||
Reported by: Kevin Harwell
|
||||
* [b81db677c9] Kevin Harwell -- AST-2022-006: pjproject - unconstrained
|
||||
malformed multipart SIP message
|
||||
* [f9cd83ff35] Kevin Harwell -- AST-2022-005: pjproject - undefined
|
||||
behavior after freeing a dialog set
|
||||
* [ac8de6e31d] Kevin Harwell -- AST-2022-004: pjproject - possible
|
||||
integer underflow on STUN message
|
||||
|
||||
New Feature
|
||||
|
||||
Category: Channels/General
|
||||
|
||||
ASTERISK-29840: func_channel: Add LASTCONTEXT and LASTEXTEN fields
|
||||
Reported by: N A
|
||||
* [ff603d16c7] Naveen Albert -- func_channel: Add lastcontext and
|
||||
lastexten.
|
||||
|
||||
Category: Core/ManagerInterface/NewFeature
|
||||
|
||||
ASTERISK-29853: ami: Allow events to be globally disabled
|
||||
Reported by: N A
|
||||
* [8a94702386] Naveen Albert -- ami: Allow events to be globally
|
||||
disabled.
|
||||
|
||||
Bug
|
||||
|
||||
Category: Applications/app_queue
|
||||
|
||||
ASTERISK-29873: [patch] Queue Realtime load
|
||||
Reported by: Alexei Gradinari
|
||||
* [5f22f586ff] Alexei Gradinari -- app_queue: load queues and members
|
||||
from Realtime when needed
|
||||
|
||||
Category: Core/General
|
||||
|
||||
ASTERISK-29365: taskprocessor: Can cause assert at shutdown
|
||||
Reported by: Joshua C. Colp
|
||||
* [5764414d10] Mike Bradeen -- taskprocessor.c: Prevent crash on
|
||||
graceful shutdown
|
||||
|
||||
Category: Core/ManagerInterface
|
||||
|
||||
ASTERISK-18416: [patch] Realtime queue agents unavailable via AMI before a
|
||||
call event.
|
||||
Reported by: kwk
|
||||
* [5f22f586ff] Alexei Gradinari -- app_queue: load queues and members
|
||||
from Realtime when needed
|
||||
ASTERISK-27597: AMI Queuestatus not working (with realtime queue)
|
||||
Reported by: cagdas kopuz
|
||||
* [5f22f586ff] Alexei Gradinari -- app_queue: load queues and members
|
||||
from Realtime when needed
|
||||
ASTERISK-29886: Asterisk AMI sends not-valid XML
|
||||
Reported by: Napadailo Yaroslav
|
||||
* [b42dd930f4] Sean Bright -- manager.c: Generate valid XML if attribute
|
||||
names have leading digits.
|
||||
|
||||
Category: General
|
||||
|
||||
ASTERISK-29923: docs, LICENSE: pbx.digium.com no longer exists
|
||||
Reported by: N A
|
||||
* [e16fce2251] Naveen Albert -- configs, LICENSE: remove pbx.digium.com.
|
||||
|
||||
Category: Resources/General
|
||||
|
||||
ASTERISK-29871: res_prometheus: Failure to load causes FRACKs
|
||||
Reported by: Mark Petersen
|
||||
* [97ac3c1385] Mark Petersen -- res_prometheus.c: missing module
|
||||
dependency
|
||||
|
||||
Category: Resources/res_config_pgsql
|
||||
|
||||
ASTERISK-29924: res_config_pgsql: omit "unsupported column type 'text'"
|
||||
error
|
||||
Reported by: Boris P. Korzun
|
||||
* [00a7fa985e] Boris P. Korzun -- res_config_pgsql: Add text-type column
|
||||
check in require_pgsql()
|
||||
|
||||
Category: Resources/res_pjsip_pubsub
|
||||
|
||||
ASTERISK-29904: RLS: Batched Notifications stop working
|
||||
Reported by: Alexei Gradinari
|
||||
* [76f90bff75] Alexei Gradinari -- res_pjsip_pubsub: fix Batched
|
||||
Notifications stop working
|
||||
|
||||
Improvement
|
||||
|
||||
Category: Applications/General
|
||||
|
||||
ASTERISK-29877: app_mf: Allow reading a maximum number of digits
|
||||
Reported by: N A
|
||||
* [ba2f780930] Naveen Albert -- app_mf: Add max digits option to
|
||||
ReceiveMF.
|
||||
|
||||
Category: Applications/app_mp3
|
||||
|
||||
ASTERISK-29900: app_mp3: Document and warn about https incompatibility
|
||||
Reported by: N A
|
||||
* [b54060021f] Naveen Albert -- app_mp3: Document and warn about HTTPS
|
||||
incompatibility.
|
||||
|
||||
Category: Applications/app_queue
|
||||
|
||||
ASTERISK-29909: app_queue: Add support for withdrawing a call
|
||||
Reported by: Kfir Itzhak
|
||||
* [5edbc54c54] Kfir Itzhak -- app_queue: Add QueueWithdrawCaller AMI
|
||||
action
|
||||
|
||||
Category: Applications/app_voicemail
|
||||
|
||||
ASTERISK-29920: app_voicemail: Warn if trying to manage nonexistent
|
||||
mailbox
|
||||
Reported by: N A
|
||||
* [19481fc1f0] Naveen Albert -- app_voicemail: Emit warning if asking
|
||||
for nonexistent mailbox.
|
||||
|
||||
Category: Core/Channels
|
||||
|
||||
ASTERISK-29897: channels: Increase core debug levels for chatty debugs
|
||||
Reported by: N A
|
||||
* [51146db5fe] Naveen Albert -- channel.c: Clean up debug level 1.
|
||||
|
||||
Category: Core/Portability
|
||||
|
||||
ASTERISK-29353: Qualify jansson 2.14 for asterisk
|
||||
Reported by: George Joseph
|
||||
* [3d30f68fbc] Joshua C. Colp -- jansson: Update bundled to 2.14
|
||||
version.
|
||||
|
||||
Category: Documentation
|
||||
|
||||
ASTERISK-29896: xmldocs: Add since tag
|
||||
Reported by: N A
|
||||
* [eb77229b53] Naveen Albert -- documentation: Add since tag to xmldocs
|
||||
DTD
|
||||
ASTERISK-29898: documentation: Add default attributes to documentation
|
||||
Reported by: N A
|
||||
* [57685c139b] Naveen Albert -- documentation: Adds missing default
|
||||
attributes.
|
||||
|
||||
Category: Functions/func_curl
|
||||
|
||||
ASTERISK-29809: curl, stir_shaken: refactor curl code
|
||||
Reported by: N A
|
||||
* [4cb4a3ed01] Naveen Albert -- res_stir_shaken: refactor utility
|
||||
function
|
||||
|
||||
Category: Functions/func_db
|
||||
|
||||
ASTERISK-29925: func_db: Warn about malformed key names
|
||||
Reported by: N A
|
||||
* [257590b4e2] Naveen Albert -- func_db: Add validity check for key
|
||||
names when writing.
|
||||
|
||||
Category: General
|
||||
|
||||
ASTERISK-29861: asterisk.h: add macro for curl user agent
|
||||
Reported by: N A
|
||||
* [d5c72f35fd] Naveen Albert -- asterisk: Add macro for curl user agent.
|
||||
ASTERISK-29866: cli: add core dump information to core show settings
|
||||
Reported by: N A
|
||||
* [e8f8d84ffd] Naveen Albert -- cli: Add core dump info to core show
|
||||
settings.
|
||||
|
||||
Category: Resources/res_pjsip_pubsub
|
||||
|
||||
ASTERISK-29906: [patch] update RLS to reflect the changes to the lists
|
||||
Reported by: Alexei Gradinari
|
||||
* [49928fee53] Alexei Gradinari -- res_pjsip_pubsub: update RLS to
|
||||
reflect the changes to the lists
|
||||
ASTERISK-29891: [patch] provide a display name for RLS subscriptions
|
||||
Reported by: Alexei Gradinari
|
||||
* [e85ee05e9d] Alexei Gradinari -- res_pjsip_pubsub: provide a display
|
||||
name for RLS subscriptions
|
||||
|
||||
Category: Resources/res_stir_shaken
|
||||
|
||||
ASTERISK-29809: curl, stir_shaken: refactor curl code
|
||||
Reported by: N A
|
||||
* [4cb4a3ed01] Naveen Albert -- res_stir_shaken: refactor utility
|
||||
function
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Commits Not Associated with an Issue
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a list of all changes that went into this release that did not
|
||||
reference a JIRA issue.
|
||||
|
||||
+------------------------------------------------------------------------+
|
||||
| Revision | Author | Summary |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 0740db7608 | Asterisk Development | Update for 19.3.0-rc1 |
|
||||
| | Team | |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 96f98908f9 | Asterisk Development | Update CHANGES and UPGRADE.txt for |
|
||||
| | Team | 19.3.0 |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 0c07f94c00 | Ben Ford | AMI: Bump version for 19.3.0. |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 1dc792a312 | George Joseph | xml.c, config,c: Add stylesheets |
|
||||
| | | and variable list string parsing |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| d00108df72 | George Joseph | xmldoc: Fix issue with xmlstarlet |
|
||||
| | | validation |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 38df1c35ee | George Joseph | core: Config and XML tweaks needed |
|
||||
| | | for geolocation |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| e29cd99975 | George Joseph | Makefile: Allow XML documentation |
|
||||
| | | to exist outside source files |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| ca18e68470 | George Joseph | build: Refactor the earlier |
|
||||
| | | "basebranch" commit |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 67eb7c9e85 | Sean Bright | manager.c: Simplify AMI |
|
||||
| | | ModuleCheck handling |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| dfbb547f6a | Sean Bright | res_pjsip.c: Correct minor typos |
|
||||
| | | in 'realm' documentation. |
|
||||
+------------------------------------------------------------------------+
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Diffstat Results
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a summary of the changes to the source code that went into this
|
||||
release that was generated using the diffstat utility.
|
||||
|
||||
asterisk-19.2.0-summary.html | 445 -
|
||||
asterisk-19.2.0-summary.txt | 887 --
|
||||
b/.gitignore | 2
|
||||
b/.version | 2
|
||||
b/CHANGES | 56
|
||||
b/ChangeLog | 660 ++
|
||||
b/LICENSE | 3
|
||||
b/Makefile | 58
|
||||
b/UPGRADE.txt | 13
|
||||
b/apps/app_mf.c | 30
|
||||
b/apps/app_mp3.c | 6
|
||||
b/apps/app_queue.c | 196
|
||||
b/apps/app_reload.c | 5
|
||||
b/apps/app_voicemail.c | 12
|
||||
b/asterisk-19.3.0-rc1-summary.html | 149
|
||||
b/asterisk-19.3.0-rc1-summary.txt | 381 +
|
||||
b/build_tools/get_sourceable_makeopts | 54
|
||||
b/build_tools/make_version | 33
|
||||
b/build_tools/make_xml_documentation | 249
|
||||
b/build_tools/menuselect-deps.in | 1
|
||||
b/configs/samples/extensions.conf.sample | 9
|
||||
b/configs/samples/manager.conf.sample | 11
|
||||
b/configs/samples/pjsip.conf.sample | 18
|
||||
b/configs/samples/prometheus.conf.sample | 4
|
||||
b/configure | 136
|
||||
b/configure.ac | 6
|
||||
b/contrib/ast-db-manage/config/versions/8f72185e437f_res_pjsip_pubsub_add_resource_list_.py | 29
|
||||
b/contrib/realtime/mysql/mysql_config.sql | 6
|
||||
b/contrib/realtime/postgresql/postgresql_config.sql | 6
|
||||
b/doc/appdocsxml.dtd | 14
|
||||
b/funcs/func_channel.c | 10
|
||||
b/funcs/func_curl.c | 4
|
||||
b/funcs/func_db.c | 8
|
||||
b/include/asterisk.h | 2
|
||||
b/include/asterisk/channel.h | 2
|
||||
b/include/asterisk/config.h | 55
|
||||
b/include/asterisk/file.h | 17
|
||||
b/include/asterisk/manager.h | 2
|
||||
b/include/asterisk/res_pjsip_pubsub.h | 11
|
||||
b/include/asterisk/xml.h | 108
|
||||
b/main/asterisk.c | 39
|
||||
b/main/audiohook.c | 10
|
||||
b/main/cdr.c | 8
|
||||
b/main/channel.c | 4
|
||||
b/main/channel_internal_api.c | 18
|
||||
b/main/config.c | 76
|
||||
b/main/file.c | 20
|
||||
b/main/manager.c | 84
|
||||
b/main/taskprocessor.c | 67
|
||||
b/main/xml.c | 182
|
||||
b/makeopts.in | 2
|
||||
b/res/res_ari.c | 4
|
||||
b/res/res_config_pgsql.c | 4
|
||||
b/res/res_http_media_cache.c | 4
|
||||
b/res/res_pjsip.c | 3242 ----------
|
||||
b/res/res_pjsip/pjsip_config.xml | 2347 +++++++
|
||||
b/res/res_pjsip/pjsip_manager.xml | 901 ++
|
||||
b/res/res_pjsip_exten_state.c | 24
|
||||
b/res/res_pjsip_pubsub.c | 150
|
||||
b/res/res_prometheus.c | 4
|
||||
b/res/res_stir_shaken/curl.c | 43
|
||||
b/tests/CI/buildAsterisk.sh | 9
|
||||
b/tests/CI/installAsterisk.sh | 9
|
||||
b/tests/test_config.c | 83
|
||||
b/tests/test_res_prometheus.c | 4
|
||||
b/third-party/jansson/jansson-2.14.tar.bz2.md5 | 1
|
||||
b/third-party/pjproject/patches/0170-stun-integer-underflow.patch | 26
|
||||
b/third-party/pjproject/patches/0171-dialog-set-free.patch | 73
|
||||
third-party/jansson/jansson-2.12.tar.bz2.md5 | 1
|
||||
69 files changed, 6299 insertions(+), 4840 deletions(-)
|
||||
11
asterisk-19.3.3-summary.html
Normal file
11
asterisk-19.3.3-summary.html
Normal file
@@ -0,0 +1,11 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-19.3.3</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-19.3.3</h3><h3 align="center">Date: 2022-04-26</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
|
||||
<li><a href="#summary">Summary</a></li>
|
||||
<li><a href="#contributors">Contributors</a></li>
|
||||
<li><a href="#closed_issues">Closed Issues</a></li>
|
||||
<li><a href="#diffstat">Diffstat</a></li>
|
||||
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-19.3.2.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
|
||||
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
|
||||
<tr valign="top"><td width="33%">1 Ben Ford <bford@digium.com><br/></td><td width="33%"><td width="33%">1 Claude Diderich <claude.diderich@yahoo.com><br/></td></tr>
|
||||
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Resources/res_stir_shaken</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30024">ASTERISK-30024</a>: Failed to sign STIR/SHAKEN payload with functionality not enabled<br/>Reported by: Claude Diderich<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0adbc4f499248aed746e2074504fd535c791e168">[0adbc4f499]</a> Ben Ford -- res_pjsip_stir_shaken.c: Fix enabled when not configured.</li>
|
||||
</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>0 files changed</pre><br></html>
|
||||
82
asterisk-19.3.3-summary.txt
Normal file
82
asterisk-19.3.3-summary.txt
Normal file
@@ -0,0 +1,82 @@
|
||||
Release Summary
|
||||
|
||||
asterisk-19.3.3
|
||||
|
||||
Date: 2022-04-26
|
||||
|
||||
<asteriskteam@digium.com>
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Summary
|
||||
2. Contributors
|
||||
3. Closed Issues
|
||||
4. Diffstat
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Summary
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This release is a point release of an existing major version. The changes
|
||||
included were made to address problems that have been identified in this
|
||||
release series, or are minor, backwards compatible new features or
|
||||
improvements. Users should be able to safely upgrade to this version if
|
||||
this release series is already in use. Users considering upgrading from a
|
||||
previous version are strongly encouraged to review the UPGRADE.txt
|
||||
document as well as the CHANGES document for information about upgrading
|
||||
to this release series.
|
||||
|
||||
The data in this summary reflects changes that have been made since the
|
||||
previous release, asterisk-19.3.2.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Contributors
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This table lists the people who have submitted code, those that have
|
||||
tested patches, as well as those that reported issues on the issue tracker
|
||||
that were resolved in this release. For coders, the number is how many of
|
||||
their patches (of any size) were committed into this release. For testers,
|
||||
the number is the number of times their name was listed as assisting with
|
||||
testing a patch. Finally, for reporters, the number is the number of
|
||||
issues that they reported that were affected by commits that went into
|
||||
this release.
|
||||
|
||||
Coders Testers Reporters
|
||||
1 Ben Ford 1 Claude Diderich
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Closed Issues
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a list of all issues from the issue tracker that were closed by
|
||||
changes that went into this release.
|
||||
|
||||
Bug
|
||||
|
||||
Category: Resources/res_stir_shaken
|
||||
|
||||
ASTERISK-30024: Failed to sign STIR/SHAKEN payload with functionality not
|
||||
enabled
|
||||
Reported by: Claude Diderich
|
||||
* [0adbc4f499] Ben Ford -- res_pjsip_stir_shaken.c: Fix enabled when not
|
||||
configured.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Diffstat Results
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a summary of the changes to the source code that went into this
|
||||
release that was generated using the diffstat utility.
|
||||
|
||||
0 files changed
|
||||
@@ -1,54 +0,0 @@
|
||||
#!/bin/sh
|
||||
PROGNAME="${0##*/}"
|
||||
|
||||
if [ "$1" = "-h" ] || [ "$1" = "--help" ] ; then
|
||||
cat <<-EOF
|
||||
Usage: ${PROGNAME}: [ <input_file> ] [ <output_file> ]
|
||||
|
||||
This script takes an Asterisk makeopts file, or any file containing
|
||||
"make" style variable assignments, and converts it into a format
|
||||
that can be directly 'sourced' by shell scripts.
|
||||
|
||||
* Any spaces around the equals sign are removed.
|
||||
* The variable value is quoted.
|
||||
* The "make" "or" command is evaluated.
|
||||
|
||||
Both input and output files are optional and will default to
|
||||
stdin and stdout respectively.
|
||||
|
||||
NOTE: This script relies on NO external commands and only POSIX
|
||||
constructs. It should be runnable by any shell.
|
||||
EOF
|
||||
exit 1
|
||||
fi
|
||||
|
||||
input_file="/dev/stdin"
|
||||
if [ "$1" != "" ] ; then
|
||||
input_file="$1"
|
||||
fi
|
||||
|
||||
output_file="/dev/stdout"
|
||||
if [ "$2" != "" ] ; then
|
||||
output_file="$2"
|
||||
fi
|
||||
|
||||
# orfunc is a code fragment to be added to the outp[ut file.
|
||||
# We don't WANT the variables evaluated.
|
||||
# shellcheck disable=SC2016
|
||||
orfunc='or (){ before="${1%,*}" ; after="${1#*,}" ; if [ "$before" = "" ] ; then echo "${after}" ; else echo "${before}" ; fi ; }'
|
||||
echo "${orfunc}" >"${output_file}"
|
||||
|
||||
while read -r LINE ; do
|
||||
var="${LINE%%=*}"
|
||||
if [ "${var}" != "" ] ; then
|
||||
val="${LINE#*=}"
|
||||
if [ "${val}" != "${var}" ] ; then
|
||||
if [ "${val%% *}" = "" ] ; then
|
||||
echo "${var% *}=\"${val#* }\""
|
||||
else
|
||||
echo "${var% *}=\"${val}\""
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
done <"${input_file}" >>"${output_file}"
|
||||
|
||||
@@ -1,10 +1,7 @@
|
||||
#!/bin/sh
|
||||
# The GREP, SED, FIND, etc variables are all set at run time from
|
||||
# makeopts.
|
||||
# shellcheck disable=SC2154
|
||||
|
||||
PROGNAME="${0##*/}"
|
||||
PROGDIR="${0%/*}"
|
||||
|
||||
# Fail on errors
|
||||
set -e
|
||||
@@ -111,36 +108,25 @@ if [ ! -d "${source_tree}" ] ; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -f "${source_tree}/Makefile" ] ; then
|
||||
echo "There's no 'Makefile' in '${source_tree}'."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -f "${source_tree}/makeopts" ] ; then
|
||||
echo "There's no 'makeopts' in '${source_tree}'. Maybe you need to run ./configure?"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# This will get the paths to the utilities we need, all
|
||||
# of which will be in makeopts. We need to convert the
|
||||
# format so it's sourceable.
|
||||
tmpname="/tmp/ast_makeopts.$$.env"
|
||||
trap 'rm "$tmpname" >/dev/null 2>&1' INT QUIT TERM EXIT
|
||||
"${PROGDIR}/get_sourceable_makeopts" "${source_tree}/makeopts" >"${tmpname}"
|
||||
# The file to be sourced is generated at run time and can't be checked.
|
||||
# shellcheck disable=SC1090
|
||||
. "${tmpname}"
|
||||
rm "${tmpname}" > /dev/null 2>&1 || :
|
||||
trap - INT QUIT TERM EXIT
|
||||
|
||||
# Make sure we have everything we need.
|
||||
for c in GREP FIND AWK DIRNAME BASENAME SED CAT ; do
|
||||
bin=$(eval "echo \${${c}}")
|
||||
if [ "${bin}" = "" ] ; then
|
||||
echo "The '${c}' utility was not found."
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
# This script is normally run from the top-level Makefile which
|
||||
# will set the tools variables to actual paths, or ':' if
|
||||
# the tool isn't found. If this script is run from the
|
||||
# command line for testing purposes however, we'll need to
|
||||
# set some sane defaults.
|
||||
if [ "${GREP}" = "" ] ; then GREP="grep" ; fi
|
||||
if [ "${FIND}" = "" ] ; then FIND="find" ; fi
|
||||
if [ "${AWK}" = "" ] ; then AWK="awk" ; fi
|
||||
if [ "${DIRNAME}" = "" ] ; then DIRNAME="dirname" ; fi
|
||||
if [ "${BASENAME}" = "" ] ; then BASENAME="basename" ; fi
|
||||
if [ "${SED}" = "" ] ; then SED="sed" ; fi
|
||||
if [ "${CAT}" = "" ] ; then CAT="cat" ; fi
|
||||
if [ "${XMLLINT}" = "" ] ; then XMLLINT="xmllint" ; fi
|
||||
if [ "${XMLSTARLET}" = "" ] ; then XMLSTARLET="xmlstarlet" ; fi
|
||||
|
||||
if [ "${for_wiki}" -eq "1" ] || [ "${validate}" -eq "1" ]; then
|
||||
if [ "${XMLLINT}${XMLSTARLET}" = "::" ] ; then
|
||||
|
||||
@@ -36,6 +36,10 @@
|
||||
; to use the dialplan function SQL_ESC() to escape the data prior to its
|
||||
; inclusion in the SQL statement.
|
||||
;
|
||||
; If you have data which may potentially contain backslashes, you may wish to
|
||||
; use the dialplan function SQL_ESC_BACKSLASHES() to escape the backslashes.
|
||||
; Note that not all databases may require escaping of the backslashes.
|
||||
;
|
||||
;
|
||||
; The following options are available in this configuration file:
|
||||
;
|
||||
|
||||
@@ -349,6 +349,7 @@
|
||||
; STIR/SHAKEN support.
|
||||
;
|
||||
;stir_shaken=no
|
||||
;stir_shaken_profile=my_profile
|
||||
|
||||
;[6001]
|
||||
;type=auth
|
||||
@@ -930,6 +931,9 @@
|
||||
; happens to the call if verification fails; it's up to
|
||||
; you to determine what to do with the results.
|
||||
; (default: no)
|
||||
;stir_shaken_profile =
|
||||
; If a profile is specified (defined in stir_shaken.conf),
|
||||
; this endpoint will follow the rules defined there.
|
||||
;allow_unauthenticated_options =
|
||||
; By default, chan_pjsip will challenge an incoming
|
||||
; OPTIONS request for authentication credentials just
|
||||
|
||||
@@ -83,3 +83,21 @@
|
||||
;
|
||||
; Must have an attestation of A, B, or C
|
||||
;attestation=C
|
||||
;
|
||||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
||||
;
|
||||
; Profiles can be defined here which can be referenced by channel drivers.
|
||||
;[my_profile]
|
||||
;
|
||||
; type must be "profile"
|
||||
;type=profile
|
||||
;
|
||||
; Set stir_shaken to 'attest', 'verify', or 'on', which is the default
|
||||
;stir_shaken=on
|
||||
;
|
||||
; You can specify an ACL that will be used strictly for the Identity header when downloading public certificates
|
||||
;acllist=myacllist
|
||||
;
|
||||
; You can also do permit / deny lines if you want (also supports IPv6)
|
||||
;permit=0.0.0.0/0.0.0.0
|
||||
;deny=127.0.0.1
|
||||
|
||||
@@ -96,6 +96,19 @@
|
||||
<para>Example: SELECT foo FROM bar WHERE baz='${SQL_ESC(${ARG1})}'</para>
|
||||
</description>
|
||||
</function>
|
||||
<function name="SQL_ESC_BACKSLASHES" language="en_US">
|
||||
<synopsis>
|
||||
Escapes backslashes for use in SQL statements.
|
||||
</synopsis>
|
||||
<syntax>
|
||||
<parameter name="string" required="true" />
|
||||
</syntax>
|
||||
<description>
|
||||
<para>Used in SQL templates to escape data which may contain backslashes
|
||||
<literal>\</literal> which are otherwise used to escape data.</para>
|
||||
<para>Example: SELECT foo FROM bar WHERE baz='${SQL_ESC(${SQL_ESC_BACKSLASHES(${ARG1})})}'</para>
|
||||
</description>
|
||||
</function>
|
||||
***/
|
||||
|
||||
static char *config = "func_odbc.conf";
|
||||
@@ -1102,13 +1115,13 @@ end_acf_read:
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int acf_escape(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len)
|
||||
static int acf_escape(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len, char character)
|
||||
{
|
||||
char *out = buf;
|
||||
|
||||
for (; *data && out - buf < len; data++) {
|
||||
if (*data == '\'') {
|
||||
*out = '\'';
|
||||
if (*data == character) {
|
||||
*out = character;
|
||||
out++;
|
||||
}
|
||||
*out++ = *data;
|
||||
@@ -1118,9 +1131,25 @@ static int acf_escape(struct ast_channel *chan, const char *cmd, char *data, cha
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int acf_escape_ticks(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len)
|
||||
{
|
||||
return acf_escape(chan, cmd, data, buf, len, '\'');
|
||||
}
|
||||
|
||||
static struct ast_custom_function escape_function = {
|
||||
.name = "SQL_ESC",
|
||||
.read = acf_escape,
|
||||
.read = acf_escape_ticks,
|
||||
.write = NULL,
|
||||
};
|
||||
|
||||
static int acf_escape_backslashes(struct ast_channel *chan, const char *cmd, char *data, char *buf, size_t len)
|
||||
{
|
||||
return acf_escape(chan, cmd, data, buf, len, '\\');
|
||||
}
|
||||
|
||||
static struct ast_custom_function escape_backslashes_function = {
|
||||
.name = "SQL_ESC_BACKSLASHES",
|
||||
.read = acf_escape_backslashes,
|
||||
.write = NULL,
|
||||
};
|
||||
|
||||
@@ -1858,6 +1887,7 @@ static int load_module(void)
|
||||
|
||||
ast_config_destroy(cfg);
|
||||
res |= ast_custom_function_register(&escape_function);
|
||||
res |= ast_custom_function_register(&escape_backslashes_function);
|
||||
ast_cli_register_multiple(cli_func_odbc, ARRAY_LEN(cli_func_odbc));
|
||||
|
||||
AST_RWLIST_UNLOCK(&queries);
|
||||
@@ -1877,6 +1907,7 @@ static int unload_module(void)
|
||||
}
|
||||
|
||||
res |= ast_custom_function_unregister(&escape_function);
|
||||
res |= ast_custom_function_unregister(&escape_backslashes_function);
|
||||
res |= ast_custom_function_unregister(&fetch_function);
|
||||
res |= ast_unregister_application(app_odbcfinish);
|
||||
ast_cli_unregister_multiple(cli_func_odbc, ARRAY_LEN(cli_func_odbc));
|
||||
|
||||
@@ -878,6 +878,8 @@ struct ast_sip_endpoint {
|
||||
AST_STRING_FIELD(accountcode);
|
||||
/*! If set, we'll push incoming MWI NOTIFYs to stasis using this mailbox */
|
||||
AST_STRING_FIELD(incoming_mwi_mailbox);
|
||||
/*! STIR/SHAKEN profile to use */
|
||||
AST_STRING_FIELD(stir_shaken_profile);
|
||||
);
|
||||
/*! Configuration for extensions */
|
||||
struct ast_sip_endpoint_extensions extensions;
|
||||
|
||||
@@ -38,6 +38,8 @@ enum ast_stir_shaken_verify_failure_reason {
|
||||
|
||||
struct ast_stir_shaken_payload;
|
||||
|
||||
struct ast_acl_list;
|
||||
|
||||
struct ast_json;
|
||||
|
||||
/*!
|
||||
@@ -65,6 +67,38 @@ char *ast_stir_shaken_payload_get_public_cert_url(const struct ast_stir_shaken_p
|
||||
*/
|
||||
unsigned int ast_stir_shaken_get_signature_timeout(void);
|
||||
|
||||
/*!
|
||||
* \brief Retrieve a stir_shaken_profile by id
|
||||
*
|
||||
* \note The profile will need to be unref'd when not needed anymore
|
||||
*
|
||||
* \param id The id of the stir_shaken_profile to get
|
||||
*
|
||||
* \retval stir_shaken_profile on success
|
||||
* \retval NULL on failure
|
||||
*/
|
||||
struct stir_shaken_profile *ast_stir_shaken_get_profile(const char *id);
|
||||
|
||||
/*!
|
||||
* \brief Check if a stir_shaken_profile supports attestation
|
||||
*
|
||||
* \param profile The stir_shaken_profile to test
|
||||
*
|
||||
* \retval 0 if not supported
|
||||
* \retval 1 if supported
|
||||
*/
|
||||
unsigned int ast_stir_shaken_profile_supports_attestation(const struct stir_shaken_profile *profile);
|
||||
|
||||
/*!
|
||||
* \brief Check if a stir_shaken_profile supports verification
|
||||
*
|
||||
* \param profile The stir_shaken_profile to test
|
||||
*
|
||||
* \retval 0 if not supported
|
||||
* \retval 1 if supported
|
||||
*/
|
||||
unsigned int ast_stir_shaken_profile_supports_verification(const struct stir_shaken_profile *profile);
|
||||
|
||||
/*!
|
||||
* \brief Add a STIR/SHAKEN verification result to a channel
|
||||
*
|
||||
@@ -112,6 +146,26 @@ struct ast_stir_shaken_payload *ast_stir_shaken_verify(const char *header, const
|
||||
struct ast_stir_shaken_payload *ast_stir_shaken_verify2(const char *header, const char *payload, const char *signature,
|
||||
const char *algorithm, const char *public_cert_url, int *failure_code);
|
||||
|
||||
/*!
|
||||
* \brief Same as ast_stir_shaken_verify2, but passes in a stir_shaken_profile with additional configuration
|
||||
*
|
||||
* \note failure_code will be written to in this function
|
||||
*
|
||||
* \param header The payload header
|
||||
* \param payload The payload section
|
||||
* \param signature The payload signature
|
||||
* \param algorithm The signature algorithm
|
||||
* \param public_cert_url The public key URL
|
||||
* \param failure_code Additional failure information
|
||||
* \param profile The stir_shaken_profile
|
||||
*
|
||||
* \retval ast_stir_shaken_payload on success
|
||||
* \retval NULL on failure
|
||||
*/
|
||||
struct ast_stir_shaken_payload *ast_stir_shaken_verify_with_profile(const char *header, const char *payload,
|
||||
const char *signature, const char *algorithm, const char *public_cert_url, int *failure,
|
||||
const struct stir_shaken_profile *profile);
|
||||
|
||||
/*!
|
||||
* \brief Retrieve the stir/shaken sorcery context
|
||||
*
|
||||
|
||||
@@ -1424,6 +1424,13 @@
|
||||
INVITEs, an Identity header will be added.</para>
|
||||
</description>
|
||||
</configOption>
|
||||
<configOption name="stir_shaken_profile" default="">
|
||||
<synopsis>STIR/SHAKEN profile containing additional configuration options</synopsis>
|
||||
<description><para>
|
||||
A STIR/SHAKEN profile that is defined in stir_shaken.conf. Contains
|
||||
several options and rules used for STIR/SHAKEN.</para>
|
||||
</description>
|
||||
</configOption>
|
||||
<configOption name="allow_unauthenticated_options" default="no">
|
||||
<synopsis>Skip authentication when receiving OPTIONS requests</synopsis>
|
||||
<description><para>
|
||||
|
||||
@@ -2192,6 +2192,7 @@ int ast_res_pjsip_initialize_configuration(void)
|
||||
"prefer: pending, operation: intersect, keep: all",
|
||||
codec_prefs_handler, outgoing_answer_codec_prefs_to_str, NULL, 0, 0);
|
||||
ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "stir_shaken", "off", stir_shaken_handler, stir_shaken_to_str, NULL, 0, 0);
|
||||
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "stir_shaken_profile", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, stir_shaken_profile));
|
||||
ast_sorcery_object_field_register(sip_sorcery, "endpoint", "allow_unauthenticated_options", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, allow_unauthenticated_options));
|
||||
|
||||
if (ast_sip_initialize_sorcery_transport()) {
|
||||
|
||||
@@ -217,13 +217,21 @@ static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_r
|
||||
int mismatch = 0;
|
||||
struct ast_stir_shaken_payload *ss_payload;
|
||||
int failure_code = 0;
|
||||
RAII_VAR(struct stir_shaken_profile *, profile, NULL, ao2_cleanup);
|
||||
|
||||
/* Check if this is a reinvite. If it is, we don't need to do anything */
|
||||
if (rdata->msg_info.to->tag.slen) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
if ((session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_VERIFY) == 0) {
|
||||
profile = ast_stir_shaken_get_profile(session->endpoint->stir_shaken_profile);
|
||||
/* Profile should be checked first as it takes priority over anything else.
|
||||
* If there is a profile and it doesn't have verification enabled, do nothing.
|
||||
* If there is no profile and the stir_shaken option is either not set or does
|
||||
* not support verification, do nothing.
|
||||
*/
|
||||
if ((profile && !ast_stir_shaken_profile_supports_verification(profile))
|
||||
|| (!profile && (session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_VERIFY) == 0)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -309,7 +317,8 @@ static int stir_shaken_incoming_request(struct ast_sip_session *session, pjsip_r
|
||||
|
||||
attestation = get_attestation_from_payload(payload);
|
||||
|
||||
ss_payload = ast_stir_shaken_verify2(header, payload, signature, algorithm, public_cert_url, &failure_code);
|
||||
ss_payload = ast_stir_shaken_verify_with_profile(header, payload, signature, algorithm, public_cert_url, &failure_code, profile);
|
||||
|
||||
if (!ss_payload) {
|
||||
|
||||
if (failure_code == AST_STIR_SHAKEN_VERIFY_FAILED_TO_GET_CERT) {
|
||||
@@ -471,7 +480,16 @@ static void add_date_header(const struct ast_sip_session *session, pjsip_tx_data
|
||||
|
||||
static void stir_shaken_outgoing_request(struct ast_sip_session *session, pjsip_tx_data *tdata)
|
||||
{
|
||||
if ((session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_ATTEST) == 0) {
|
||||
RAII_VAR(struct stir_shaken_profile *, profile, NULL, ao2_cleanup);
|
||||
|
||||
profile = ast_stir_shaken_get_profile(session->endpoint->stir_shaken_profile);
|
||||
/* Profile should be checked first as it takes priority over anything else.
|
||||
* If there is a profile and it doesn't have attestation enabled, do nothing.
|
||||
* If there is no profile and the stir_shaken option is either not set or does
|
||||
* not support attestation, do nothing.
|
||||
*/
|
||||
if ((profile && !ast_stir_shaken_profile_supports_attestation(profile))
|
||||
|| (!profile && (session->endpoint->stir_shaken & AST_SIP_STIR_SHAKEN_ATTEST) == 0)) {
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -38,6 +38,7 @@
|
||||
#include "asterisk/global_datastores.h"
|
||||
#include "asterisk/app.h"
|
||||
#include "asterisk/test.h"
|
||||
#include "asterisk/acl.h"
|
||||
|
||||
#include "asterisk/res_stir_shaken.h"
|
||||
#include "res_stir_shaken/stir_shaken.h"
|
||||
@@ -45,6 +46,7 @@
|
||||
#include "res_stir_shaken/store.h"
|
||||
#include "res_stir_shaken/certificate.h"
|
||||
#include "res_stir_shaken/curl.h"
|
||||
#include "res_stir_shaken/profile.h"
|
||||
|
||||
/*** DOCUMENTATION
|
||||
<configInfo name="res_stir_shaken" language="en_US">
|
||||
@@ -108,6 +110,29 @@
|
||||
<synopsis>The caller ID number to match on.</synopsis>
|
||||
</configOption>
|
||||
</configObject>
|
||||
<configObject name="profile">
|
||||
<synopsis>STIR/SHAKEN profile configuration options</synopsis>
|
||||
<configOption name="type">
|
||||
<synopsis>Must be of type 'profile'.</synopsis>
|
||||
</configOption>
|
||||
<configOption name="stir_shaken" default="on">
|
||||
<synopsis>STIR/SHAKEN configuration settings</synopsis>
|
||||
<description><para>
|
||||
Attest, verify, or do both STIR/SHAKEN operations. On incoming
|
||||
INVITEs, the Identity header will be checked for validity. On
|
||||
outgoing INVITEs, an Identity header will be added.</para>
|
||||
</description>
|
||||
</configOption>
|
||||
<configOption name="acllist" default="">
|
||||
<synopsis>An existing ACL from acl.conf to use</synopsis>
|
||||
</configOption>
|
||||
<configOption name="permit" default="">
|
||||
<synopsis>An IP or subnet to permit</synopsis>
|
||||
</configOption>
|
||||
<configOption name="deny" default="">
|
||||
<synopsis>An IP or subnet to deny</synopsis>
|
||||
</configOption>
|
||||
</configObject>
|
||||
</configFile>
|
||||
</configInfo>
|
||||
<function name="STIR_SHAKEN" language="en_US">
|
||||
@@ -205,6 +230,33 @@ unsigned int ast_stir_shaken_get_signature_timeout(void)
|
||||
return ast_stir_shaken_signature_timeout(stir_shaken_general_get());
|
||||
}
|
||||
|
||||
struct stir_shaken_profile *ast_stir_shaken_get_profile(const char *id)
|
||||
{
|
||||
if (ast_strlen_zero(id)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return ast_stir_shaken_get_profile_by_name(id);
|
||||
}
|
||||
|
||||
unsigned int ast_stir_shaken_profile_supports_attestation(const struct stir_shaken_profile *profile)
|
||||
{
|
||||
if (!profile) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
return (profile->stir_shaken & STIR_SHAKEN_ATTEST);
|
||||
}
|
||||
|
||||
unsigned int ast_stir_shaken_profile_supports_verification(const struct stir_shaken_profile *profile)
|
||||
{
|
||||
if (!profile) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
return (profile->stir_shaken & STIR_SHAKEN_VERIFY);
|
||||
}
|
||||
|
||||
/*!
|
||||
* \brief Convert an ast_stir_shaken_verification_result to string representation
|
||||
*
|
||||
@@ -554,7 +606,7 @@ static int stir_shaken_verify_signature(const char *msg, const char *signature,
|
||||
* \retval NULL on failure
|
||||
* \retval full path filename on success
|
||||
*/
|
||||
static char *run_curl(const char *public_cert_url, const char *path)
|
||||
static char *run_curl(const char *public_cert_url, const char *path, const struct ast_acl_list *acl)
|
||||
{
|
||||
struct curl_cb_data *data;
|
||||
char *filename;
|
||||
@@ -565,7 +617,7 @@ static char *run_curl(const char *public_cert_url, const char *path)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
filename = curl_public_key(public_cert_url, path, data);
|
||||
filename = curl_public_key(public_cert_url, path, data, acl);
|
||||
if (!filename) {
|
||||
ast_log(LOG_ERROR, "Could not retrieve public key for '%s'\n", public_cert_url);
|
||||
curl_cb_data_free(data);
|
||||
@@ -591,7 +643,7 @@ static char *run_curl(const char *public_cert_url, const char *path)
|
||||
* \retval NULL on failure
|
||||
* \retval full path filename on success
|
||||
*/
|
||||
static char *curl_and_check_expiration(const char *public_cert_url, const char *path, int *curl)
|
||||
static char *curl_and_check_expiration(const char *public_cert_url, const char *path, int *curl, const struct ast_acl_list *acl)
|
||||
{
|
||||
char *filename;
|
||||
|
||||
@@ -600,7 +652,7 @@ static char *curl_and_check_expiration(const char *public_cert_url, const char *
|
||||
return NULL;
|
||||
}
|
||||
|
||||
filename = run_curl(public_cert_url, path);
|
||||
filename = run_curl(public_cert_url, path, acl);
|
||||
if (!filename) {
|
||||
return NULL;
|
||||
}
|
||||
@@ -662,7 +714,8 @@ static int stir_shaken_verify_check_empty_strings(const char *header, const char
|
||||
* \retval 0 on success
|
||||
* \retval 1 on failure
|
||||
*/
|
||||
static int stir_shaken_verify_setup_file_paths(const char *public_cert_url, char **file_path, char **dir_path, int *curl)
|
||||
static int stir_shaken_verify_setup_file_paths(const char *public_cert_url, char **file_path, char **dir_path, int *curl,
|
||||
const struct ast_acl_list *acl)
|
||||
{
|
||||
*file_path = get_path_to_public_key(public_cert_url);
|
||||
if (ast_asprintf(dir_path, "%s/keys/%s", ast_config_AST_DATA_DIR, STIR_SHAKEN_DIR_NAME) < 0) {
|
||||
@@ -680,7 +733,7 @@ static int stir_shaken_verify_setup_file_paths(const char *public_cert_url, char
|
||||
ast_free(*file_path);
|
||||
|
||||
/* Download to the default path */
|
||||
*file_path = run_curl(public_cert_url, *dir_path);
|
||||
*file_path = run_curl(public_cert_url, *dir_path, acl);
|
||||
if (!(*file_path)) {
|
||||
return 1;
|
||||
}
|
||||
@@ -704,7 +757,7 @@ static int stir_shaken_verify_setup_file_paths(const char *public_cert_url, char
|
||||
* \retval 1 on failure
|
||||
*/
|
||||
static int stir_shaken_verify_validate_cert(const char *public_cert_url, char **file_path, char *dir_path, int *curl,
|
||||
EVP_PKEY **public_key)
|
||||
EVP_PKEY **public_key, const struct ast_acl_list *acl)
|
||||
{
|
||||
if (public_key_is_expired(public_cert_url)) {
|
||||
|
||||
@@ -714,7 +767,7 @@ static int stir_shaken_verify_validate_cert(const char *public_cert_url, char **
|
||||
|
||||
/* If this fails, then there's nothing we can do */
|
||||
ast_free(*file_path);
|
||||
*file_path = curl_and_check_expiration(public_cert_url, dir_path, curl);
|
||||
*file_path = curl_and_check_expiration(public_cert_url, dir_path, curl, acl);
|
||||
if (!(*file_path)) {
|
||||
return 1;
|
||||
}
|
||||
@@ -730,7 +783,7 @@ static int stir_shaken_verify_validate_cert(const char *public_cert_url, char **
|
||||
remove_public_key_from_astdb(public_cert_url);
|
||||
|
||||
ast_free(*file_path);
|
||||
*file_path = curl_and_check_expiration(public_cert_url, dir_path, curl);
|
||||
*file_path = curl_and_check_expiration(public_cert_url, dir_path, curl, acl);
|
||||
if (!(*file_path)) {
|
||||
return 1;
|
||||
}
|
||||
@@ -756,6 +809,12 @@ struct ast_stir_shaken_payload *ast_stir_shaken_verify(const char *header, const
|
||||
|
||||
struct ast_stir_shaken_payload *ast_stir_shaken_verify2(const char *header, const char *payload, const char *signature,
|
||||
const char *algorithm, const char *public_cert_url, int *failure_code)
|
||||
{
|
||||
return ast_stir_shaken_verify_with_profile(header, payload, signature, algorithm, public_cert_url, failure_code, NULL);
|
||||
}
|
||||
|
||||
struct ast_stir_shaken_payload *ast_stir_shaken_verify_with_profile(const char *header, const char *payload, const char *signature,
|
||||
const char *algorithm, const char *public_cert_url, int *failure_code, const struct stir_shaken_profile *profile)
|
||||
{
|
||||
struct ast_stir_shaken_payload *ret_payload;
|
||||
EVP_PKEY *public_key;
|
||||
@@ -764,11 +823,14 @@ struct ast_stir_shaken_payload *ast_stir_shaken_verify2(const char *header, cons
|
||||
RAII_VAR(char *, dir_path, NULL, ast_free);
|
||||
RAII_VAR(char *, combined_str, NULL, ast_free);
|
||||
size_t combined_size;
|
||||
const struct ast_acl_list *acl;
|
||||
|
||||
if (stir_shaken_verify_check_empty_strings(header, payload, signature, algorithm, public_cert_url)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
acl = profile ? (const struct ast_acl_list *)profile->acl : NULL;
|
||||
|
||||
/* Check to see if we have already downloaded this public cert. The reason we
|
||||
* store the file path is because:
|
||||
*
|
||||
@@ -779,12 +841,12 @@ struct ast_stir_shaken_payload *ast_stir_shaken_verify2(const char *header, cons
|
||||
* {configurable) directories, we already have the storage mechanism in place.
|
||||
* The only thing that would be left to do is pull from the configuration.
|
||||
*/
|
||||
if (stir_shaken_verify_setup_file_paths(public_cert_url, &file_path, &dir_path, &curl)) {
|
||||
if (stir_shaken_verify_setup_file_paths(public_cert_url, &file_path, &dir_path, &curl, acl)) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* Check to see if the cert we downloaded (or already had) is expired */
|
||||
if (stir_shaken_verify_validate_cert(public_cert_url, &file_path, dir_path, &curl, &public_key)) {
|
||||
if (stir_shaken_verify_validate_cert(public_cert_url, &file_path, dir_path, &curl, &public_key, acl)) {
|
||||
*failure_code = AST_STIR_SHAKEN_VERIFY_FAILED_TO_GET_CERT;
|
||||
return NULL;
|
||||
}
|
||||
@@ -1677,6 +1739,7 @@ static int unload_module(void)
|
||||
{
|
||||
int res = 0;
|
||||
|
||||
stir_shaken_profile_unload();
|
||||
stir_shaken_certificate_unload();
|
||||
stir_shaken_store_unload();
|
||||
stir_shaken_general_unload();
|
||||
@@ -1716,6 +1779,11 @@ static int load_module(void)
|
||||
return AST_MODULE_LOAD_DECLINE;
|
||||
}
|
||||
|
||||
if (stir_shaken_profile_load()) {
|
||||
unload_module();
|
||||
return AST_MODULE_LOAD_DECLINE;
|
||||
}
|
||||
|
||||
ast_sorcery_load(ast_stir_shaken_sorcery());
|
||||
|
||||
res |= ast_custom_function_register(&stir_shaken_function);
|
||||
|
||||
@@ -21,9 +21,12 @@
|
||||
#include "asterisk/utils.h"
|
||||
#include "asterisk/logger.h"
|
||||
#include "asterisk/file.h"
|
||||
#include "asterisk/acl.h"
|
||||
|
||||
#include "curl.h"
|
||||
#include "general.h"
|
||||
#include "stir_shaken.h"
|
||||
#include "profile.h"
|
||||
|
||||
#include <curl/curl.h>
|
||||
#include <sys/stat.h>
|
||||
@@ -31,12 +34,32 @@
|
||||
/* Used to check CURL headers */
|
||||
#define MAX_HEADER_LENGTH 1023
|
||||
|
||||
/* Used to limit download size */
|
||||
#define MAX_DOWNLOAD_SIZE 8192
|
||||
|
||||
/* Used to limit how many bytes we get from CURL per write */
|
||||
#define MAX_BUF_SIZE_PER_WRITE 1024
|
||||
|
||||
/* Certificates should begin with this */
|
||||
#define BEGIN_CERTIFICATE_STR "-----BEGIN CERTIFICATE-----"
|
||||
|
||||
/* CURL callback data to avoid storing useless info in AstDB */
|
||||
struct curl_cb_data {
|
||||
char *cache_control;
|
||||
char *expires;
|
||||
};
|
||||
|
||||
struct curl_cb_write_buf {
|
||||
char buf[MAX_DOWNLOAD_SIZE + 1];
|
||||
size_t size;
|
||||
const char *url;
|
||||
};
|
||||
|
||||
struct curl_cb_open_socket {
|
||||
const struct ast_acl_list *acl;
|
||||
curl_socket_t *sockfd;
|
||||
};
|
||||
|
||||
struct curl_cb_data *curl_cb_data_create(void)
|
||||
{
|
||||
struct curl_cb_data *data;
|
||||
@@ -58,6 +81,18 @@ void curl_cb_data_free(struct curl_cb_data *data)
|
||||
ast_free(data);
|
||||
}
|
||||
|
||||
static void curl_cb_open_socket_free(struct curl_cb_open_socket *data)
|
||||
{
|
||||
if (!data) {
|
||||
return;
|
||||
}
|
||||
|
||||
close(*data->sockfd);
|
||||
|
||||
/* We don't need to free the ACL since we just use a reference */
|
||||
ast_free(data);
|
||||
}
|
||||
|
||||
char *curl_cb_data_get_cache_control(const struct curl_cb_data *data)
|
||||
{
|
||||
if (!data) {
|
||||
@@ -149,94 +184,168 @@ static CURL *get_curl_instance(struct curl_cb_data *data)
|
||||
return curl;
|
||||
}
|
||||
|
||||
char *curl_public_key(const char *public_cert_url, const char *path, struct curl_cb_data *data)
|
||||
/*!
|
||||
* \brief Write callback passed to libcurl
|
||||
*
|
||||
* \note If this function returns anything other than the size of the data
|
||||
* libcurl expected us to process, the request will cancel. That's why we return
|
||||
* 0 on error, otherwise the amount of data we were given
|
||||
*
|
||||
* \param curl_data The data from libcurl
|
||||
* \param size Always 1 according to libcurl
|
||||
* \param actual_size The actual size of the data
|
||||
* \param our_data The data we passed to libcurl
|
||||
*
|
||||
* \retval The size of the data we processed
|
||||
* \retval 0 if there was an error
|
||||
*/
|
||||
static size_t curl_write_cb(void *curl_data, size_t size, size_t actual_size, void *our_data)
|
||||
{
|
||||
/* Just in case size is NOT always 1 or if it's changed in the future, let's go ahead
|
||||
* and do the math for the actual size */
|
||||
size_t real_size = size * actual_size;
|
||||
struct curl_cb_write_buf *buf = our_data;
|
||||
size_t new_size = buf->size + real_size;
|
||||
|
||||
if (new_size > MAX_DOWNLOAD_SIZE) {
|
||||
ast_log(LOG_WARNING, "Attempted to retrieve certificate from %s failed "
|
||||
"because it's size exceeds the maximum %d bytes\n", buf->url, MAX_DOWNLOAD_SIZE);
|
||||
return 0;
|
||||
}
|
||||
|
||||
memcpy(&(buf->buf[buf->size]), curl_data, real_size);
|
||||
buf->size += real_size;
|
||||
buf->buf[buf->size] = 0;
|
||||
|
||||
return real_size;
|
||||
}
|
||||
|
||||
static curl_socket_t stir_shaken_curl_open_socket_callback(void *our_data, curlsocktype purpose, struct curl_sockaddr *address)
|
||||
{
|
||||
struct curl_cb_open_socket *data = our_data;
|
||||
|
||||
if (!ast_acl_list_is_empty((struct ast_acl_list *)data->acl)) {
|
||||
struct ast_sockaddr ast_address = { {0,} };
|
||||
|
||||
ast_sockaddr_copy_sockaddr(&ast_address, &address->addr, address->addrlen);
|
||||
|
||||
if (ast_apply_acl((struct ast_acl_list *)data->acl, &ast_address, NULL) != AST_SENSE_ALLOW) {
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
}
|
||||
|
||||
*data->sockfd = socket(address->family, address->socktype, address->protocol);
|
||||
|
||||
return *data->sockfd;
|
||||
}
|
||||
|
||||
char *curl_public_key(const char *public_cert_url, const char *path, struct curl_cb_data *data, const struct ast_acl_list *acl)
|
||||
{
|
||||
FILE *public_key_file;
|
||||
RAII_VAR(char *, tmp_filename, NULL, ast_free);
|
||||
const char *template_name = "certXXXXXX";
|
||||
char *filename;
|
||||
char *serial;
|
||||
int fd;
|
||||
long http_code;
|
||||
CURL *curl;
|
||||
char curl_errbuf[CURL_ERROR_SIZE + 1];
|
||||
struct curl_cb_write_buf *buf;
|
||||
struct curl_cb_open_socket *open_socket_data;
|
||||
curl_socket_t sockfd;
|
||||
|
||||
curl_errbuf[CURL_ERROR_SIZE] = '\0';
|
||||
|
||||
/* For now, it's fine to pass in path as is - it shouldn't end with a '/'. However,
|
||||
* if we decide to change how certificates are stored in the future (configurable paths),
|
||||
* then we will need to check to see if path ends with '/', copy everything up to the '/',
|
||||
* and use this new variable for ast_create_temp_file as well as for ast_asprintf below.
|
||||
*/
|
||||
fd = ast_file_fdtemp(path, &tmp_filename, template_name);
|
||||
if (fd == -1) {
|
||||
ast_log(LOG_ERROR, "Failed to get temporary file descriptor for CURL\n");
|
||||
buf = ast_calloc(1, sizeof(*buf));
|
||||
if (!buf) {
|
||||
ast_log(LOG_ERROR, "Failed to allocate memory for CURL write buffer for %s\n", public_cert_url);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
public_key_file = fdopen(fd, "wb");
|
||||
if (!public_key_file) {
|
||||
ast_log(LOG_ERROR, "Failed to open file '%s' to write public key from '%s': %s (%d)\n",
|
||||
tmp_filename, public_cert_url, strerror(errno), errno);
|
||||
close(fd);
|
||||
remove(tmp_filename);
|
||||
open_socket_data = ast_calloc(1, sizeof(*open_socket_data));
|
||||
if (!open_socket_data) {
|
||||
ast_log(LOG_ERROR, "Failed to allocate memory for open socket callback\n");
|
||||
return NULL;
|
||||
}
|
||||
open_socket_data->acl = acl;
|
||||
open_socket_data->sockfd = &sockfd;
|
||||
|
||||
buf->url = public_cert_url;
|
||||
curl_errbuf[CURL_ERROR_SIZE] = '\0';
|
||||
|
||||
curl = get_curl_instance(data);
|
||||
if (!curl) {
|
||||
ast_log(LOG_ERROR, "Failed to set up CURL instance for '%s'\n", public_cert_url);
|
||||
fclose(public_key_file);
|
||||
remove(tmp_filename);
|
||||
ast_free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
curl_easy_setopt(curl, CURLOPT_URL, public_cert_url);
|
||||
curl_easy_setopt(curl, CURLOPT_WRITEDATA, public_key_file);
|
||||
curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, curl_write_cb);
|
||||
curl_easy_setopt(curl, CURLOPT_WRITEDATA, buf);
|
||||
curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, curl_errbuf);
|
||||
curl_easy_setopt(curl, CURLOPT_BUFFERSIZE, MAX_BUF_SIZE_PER_WRITE);
|
||||
curl_easy_setopt(curl, CURLOPT_OPENSOCKETFUNCTION, stir_shaken_curl_open_socket_callback);
|
||||
curl_easy_setopt(curl, CURLOPT_OPENSOCKETDATA, open_socket_data);
|
||||
|
||||
if (curl_easy_perform(curl)) {
|
||||
ast_log(LOG_ERROR, "%s\n", curl_errbuf);
|
||||
curl_easy_cleanup(curl);
|
||||
fclose(public_key_file);
|
||||
remove(tmp_filename);
|
||||
ast_free(buf);
|
||||
curl_cb_open_socket_free(open_socket_data);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
curl_cb_open_socket_free(open_socket_data);
|
||||
|
||||
curl_easy_getinfo(curl, CURLINFO_RESPONSE_CODE, &http_code);
|
||||
|
||||
curl_easy_cleanup(curl);
|
||||
fclose(public_key_file);
|
||||
|
||||
if (http_code / 100 != 2) {
|
||||
ast_log(LOG_ERROR, "Failed to retrieve URL '%s': code %ld\n", public_cert_url, http_code);
|
||||
remove(tmp_filename);
|
||||
ast_free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
serial = stir_shaken_get_serial_number_x509(tmp_filename);
|
||||
if (!ast_begins_with(buf->buf, BEGIN_CERTIFICATE_STR)) {
|
||||
ast_log(LOG_WARNING, "Certificate from %s does not begin with what we expect\n", public_cert_url);
|
||||
ast_free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
serial = stir_shaken_get_serial_number_x509(buf->buf, buf->size);
|
||||
if (!serial) {
|
||||
ast_log(LOG_ERROR, "Failed to get serial from cert %s\n", tmp_filename);
|
||||
remove(tmp_filename);
|
||||
ast_log(LOG_ERROR, "Failed to get serial from CURL buffer from %s\n", public_cert_url);
|
||||
ast_free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (ast_asprintf(&filename, "%s/%s.pem", path, serial) < 0) {
|
||||
ast_log(LOG_ERROR, "Failed to allocate memory for new filename for temporary "
|
||||
"file %s after CURL\n", tmp_filename);
|
||||
ast_log(LOG_ERROR, "Failed to allocate memory for filename after CURL from %s\n", public_cert_url);
|
||||
ast_free(serial);
|
||||
remove(tmp_filename);
|
||||
ast_free(buf);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ast_free(serial);
|
||||
|
||||
if (rename(tmp_filename, filename)) {
|
||||
ast_log(LOG_ERROR, "Failed to rename temporary file %s to %s after CURL\n", tmp_filename, filename);
|
||||
public_key_file = fopen(filename, "w");
|
||||
if (!public_key_file) {
|
||||
ast_log(LOG_ERROR, "Failed to open file '%s' to write public key from '%s': %s (%d)\n",
|
||||
filename, public_cert_url, strerror(errno), errno);
|
||||
ast_free(buf);
|
||||
ast_free(filename);
|
||||
remove(tmp_filename);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (fputs(buf->buf, public_key_file) == EOF) {
|
||||
ast_log(LOG_ERROR, "Failed to write string to file from URL %s\n", public_cert_url);
|
||||
fclose(public_key_file);
|
||||
ast_free(buf);
|
||||
ast_free(filename);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
fclose(public_key_file);
|
||||
ast_free(buf);
|
||||
|
||||
return filename;
|
||||
}
|
||||
|
||||
@@ -18,6 +18,8 @@
|
||||
#ifndef _STIR_SHAKEN_CURL_H
|
||||
#define _STIR_SHAKEN_CURL_H
|
||||
|
||||
struct ast_acl_list;
|
||||
|
||||
/* Forward declaration for CURL callback data */
|
||||
struct curl_cb_data;
|
||||
|
||||
@@ -66,10 +68,11 @@ char *curl_cb_data_get_expires(const struct curl_cb_data *data);
|
||||
* \param public_cert_url The public cert URL
|
||||
* \param path The path to download the file to
|
||||
* \param data The curl_cb_data
|
||||
* \param acl The ACL to use for cURL (if not NULL)
|
||||
*
|
||||
* \retval NULL on failure
|
||||
* \retval full path filename on success
|
||||
*/
|
||||
char *curl_public_key(const char *public_cert_url, const char *path, struct curl_cb_data *data);
|
||||
char *curl_public_key(const char *public_cert_url, const char *path, struct curl_cb_data *data, const struct ast_acl_list *acl);
|
||||
|
||||
#endif /* _STIR_SHAKEN_CURL_H */
|
||||
|
||||
241
res/res_stir_shaken/profile.c
Normal file
241
res/res_stir_shaken/profile.c
Normal file
@@ -0,0 +1,241 @@
|
||||
/*
|
||||
* Asterisk -- An open source telephony toolkit.
|
||||
*
|
||||
* Copyright (C) 2022, Sangoma Technologies Corporation
|
||||
*
|
||||
* Ben Ford <bford@sangoma.com>
|
||||
*
|
||||
* See http://www.asterisk.org for more information about
|
||||
* the Asterisk project. Please do not directly contact
|
||||
* any of the maintainers of this project for assistance;
|
||||
* the project provides a web site, mailing lists and IRC
|
||||
* channels for your use.
|
||||
*
|
||||
* This program is free software, distributed under the terms of
|
||||
* the GNU General Public License Version 2. See the LICENSE file
|
||||
* at the top of the source tree.
|
||||
*/
|
||||
|
||||
#include "asterisk.h"
|
||||
|
||||
#include "asterisk/cli.h"
|
||||
#include "asterisk/sorcery.h"
|
||||
|
||||
#include "stir_shaken.h"
|
||||
#include "profile.h"
|
||||
#include "asterisk/res_stir_shaken.h"
|
||||
|
||||
#define CONFIG_TYPE "profile"
|
||||
|
||||
static void stir_shaken_profile_destructor(void *obj)
|
||||
{
|
||||
struct stir_shaken_profile *cfg = obj;
|
||||
|
||||
ast_free_acl_list(cfg->acl);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
static void *stir_shaken_profile_alloc(const char *name)
|
||||
{
|
||||
struct stir_shaken_profile *cfg;
|
||||
|
||||
cfg = ast_sorcery_generic_alloc(sizeof(*cfg), stir_shaken_profile_destructor);
|
||||
if (!cfg) {
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return cfg;
|
||||
}
|
||||
|
||||
static struct stir_shaken_profile *stir_shaken_profile_get(const char *id)
|
||||
{
|
||||
return ast_sorcery_retrieve_by_id(ast_stir_shaken_sorcery(), CONFIG_TYPE, id);
|
||||
}
|
||||
|
||||
static struct ao2_container *stir_shaken_profile_get_all(void)
|
||||
{
|
||||
return ast_sorcery_retrieve_by_fields(ast_stir_shaken_sorcery(), CONFIG_TYPE,
|
||||
AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL);
|
||||
}
|
||||
|
||||
struct stir_shaken_profile *ast_stir_shaken_get_profile_by_name(const char *name)
|
||||
{
|
||||
return ast_sorcery_retrieve_by_id(ast_stir_shaken_sorcery(), CONFIG_TYPE, name);
|
||||
}
|
||||
|
||||
static int stir_shaken_profile_apply(const struct ast_sorcery *sorcery, void *obj)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int stir_shaken_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
|
||||
{
|
||||
struct stir_shaken_profile *cfg = obj;
|
||||
|
||||
if (!strcasecmp("attest", var->value)) {
|
||||
cfg->stir_shaken = STIR_SHAKEN_ATTEST;
|
||||
} else if (!strcasecmp("verify", var->value)) {
|
||||
cfg->stir_shaken = STIR_SHAKEN_VERIFY;
|
||||
} else if (!strcasecmp("on", var->value)) {
|
||||
cfg->stir_shaken = STIR_SHAKEN_ON;
|
||||
} else {
|
||||
ast_log(LOG_WARNING, "'%s' is not a valid value for option "
|
||||
"'stir_shaken' for %s %s\n",
|
||||
var->value, CONFIG_TYPE, ast_sorcery_object_get_id(cfg));
|
||||
return -1;
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static const char *stir_shaken_map[] = {
|
||||
[STIR_SHAKEN_ATTEST] = "attest",
|
||||
[STIR_SHAKEN_VERIFY] = "verify",
|
||||
[STIR_SHAKEN_ON] = "on",
|
||||
};
|
||||
|
||||
static int stir_shaken_to_str(const void *obj, const intptr_t *args, char **buf)
|
||||
{
|
||||
const struct stir_shaken_profile *cfg = obj;
|
||||
if (ARRAY_IN_BOUNDS(cfg->stir_shaken, stir_shaken_map)) {
|
||||
*buf = ast_strdup(stir_shaken_map[cfg->stir_shaken]);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int stir_shaken_acl_handler(const struct aco_option *opt, struct ast_variable *var, void *obj)
|
||||
{
|
||||
struct stir_shaken_profile *cfg = obj;
|
||||
int error = 0;
|
||||
int ignore;
|
||||
|
||||
if (ast_strlen_zero(var->value)) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
ast_append_acl(var->name, var->value, &cfg->acl, &error, &ignore);
|
||||
|
||||
return error;
|
||||
}
|
||||
|
||||
static int acl_to_str(const void *obj, const intptr_t *args, char **buf)
|
||||
{
|
||||
const struct stir_shaken_profile *cfg = obj;
|
||||
struct ast_acl_list *acl_list;
|
||||
struct ast_acl *first_acl;
|
||||
|
||||
if (cfg && !ast_acl_list_is_empty(acl_list=cfg->acl)) {
|
||||
AST_LIST_LOCK(acl_list);
|
||||
first_acl = AST_LIST_FIRST(acl_list);
|
||||
if (ast_strlen_zero(first_acl->name)) {
|
||||
*buf = "deny/permit";
|
||||
} else {
|
||||
*buf = first_acl->name;
|
||||
}
|
||||
AST_LIST_UNLOCK(acl_list);
|
||||
}
|
||||
|
||||
*buf = ast_strdup(*buf);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static char *stir_shaken_profile_show(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
|
||||
{
|
||||
struct stir_shaken_profile *cfg;
|
||||
|
||||
switch(cmd) {
|
||||
case CLI_INIT:
|
||||
e->command = "stir_shaken show profile";
|
||||
e->usage =
|
||||
"Usage: stir_shaken show profile <id>\n"
|
||||
" Show the stir/shaken profile settings for a given id\n";
|
||||
return NULL;
|
||||
case CLI_GENERATE:
|
||||
if (a->pos == 3) {
|
||||
return stir_shaken_tab_complete_name(a->word, stir_shaken_profile_get_all());
|
||||
} else {
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
if (a->argc != 4) {
|
||||
return CLI_SHOWUSAGE;
|
||||
}
|
||||
|
||||
cfg = stir_shaken_profile_get(a->argv[3]);
|
||||
stir_shaken_cli_show(cfg, a, 0);
|
||||
ast_acl_output(a->fd, cfg->acl, NULL);
|
||||
ao2_cleanup(cfg);
|
||||
|
||||
return CLI_SUCCESS;
|
||||
}
|
||||
|
||||
static char *stir_shaken_profile_show_all(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
|
||||
{
|
||||
struct ao2_container *container;
|
||||
|
||||
switch(cmd) {
|
||||
case CLI_INIT:
|
||||
e->command = "stir_shaken show profiles";
|
||||
e->usage =
|
||||
"Usage: stir_shaken show profiles\n"
|
||||
" Show all profiles for stir/shaken\n";
|
||||
return NULL;
|
||||
case CLI_GENERATE:
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (a->argc != 3) {
|
||||
return CLI_SHOWUSAGE;
|
||||
}
|
||||
|
||||
container = stir_shaken_profile_get_all();
|
||||
if (!container || ao2_container_count(container) == 0) {
|
||||
ast_cli(a->fd, "No stir/shaken ACLs found\n");
|
||||
ao2_cleanup(container);
|
||||
return CLI_SUCCESS;
|
||||
}
|
||||
|
||||
ao2_callback(container, OBJ_NODATA, stir_shaken_cli_show, a);
|
||||
ao2_ref(container, -1);
|
||||
|
||||
return CLI_SUCCESS;
|
||||
}
|
||||
|
||||
static struct ast_cli_entry stir_shaken_profile_cli[] = {
|
||||
AST_CLI_DEFINE(stir_shaken_profile_show, "Show stir/shaken profile by id"),
|
||||
AST_CLI_DEFINE(stir_shaken_profile_show_all, "Show all stir/shaken profiles"),
|
||||
};
|
||||
|
||||
int stir_shaken_profile_unload(void)
|
||||
{
|
||||
ast_cli_unregister_multiple(stir_shaken_profile_cli,
|
||||
ARRAY_LEN(stir_shaken_profile_cli));
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int stir_shaken_profile_load(void)
|
||||
{
|
||||
struct ast_sorcery *sorcery = ast_stir_shaken_sorcery();
|
||||
|
||||
ast_sorcery_apply_default(sorcery, CONFIG_TYPE, "config", "stir_shaken.conf,criteria=type=profile");
|
||||
|
||||
if (ast_sorcery_object_register(sorcery, CONFIG_TYPE, stir_shaken_profile_alloc,
|
||||
NULL, stir_shaken_profile_apply)) {
|
||||
ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
|
||||
return -1;
|
||||
}
|
||||
|
||||
ast_sorcery_object_field_register(sorcery, CONFIG_TYPE, "type", "", OPT_NOOP_T, 0, 0);
|
||||
ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "stir_shaken", "on", stir_shaken_handler, stir_shaken_to_str, NULL, 0, 0);
|
||||
ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "deny", "", stir_shaken_acl_handler, NULL, NULL, 0, 0);
|
||||
ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "permit", "", stir_shaken_acl_handler, NULL, NULL, 0, 0);
|
||||
ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "acllist", "", stir_shaken_acl_handler, acl_to_str, NULL, 0, 0);
|
||||
|
||||
ast_cli_register_multiple(stir_shaken_profile_cli,
|
||||
ARRAY_LEN(stir_shaken_profile_cli));
|
||||
|
||||
return 0;
|
||||
}
|
||||
39
res/res_stir_shaken/profile.h
Normal file
39
res/res_stir_shaken/profile.h
Normal file
@@ -0,0 +1,39 @@
|
||||
/*
|
||||
* Asterisk -- An open source telephony toolkit.
|
||||
*
|
||||
* Copyright (C) 2022, Sangoma Technologies Corporation
|
||||
*
|
||||
* Ben Ford <bford@sangoma.com>
|
||||
*
|
||||
* See http://www.asterisk.org for more information about
|
||||
* the Asterisk project. Please do not directly contact
|
||||
* any of the maintainers of this project for assistance;
|
||||
* the project provides a web site, mailing lists and IRC
|
||||
* channels for your use.
|
||||
*
|
||||
* This program is free software, distributed under the terms of
|
||||
* the GNU General Public License Version 2. See the LICENSE file
|
||||
* at the top of the source tree.
|
||||
*/
|
||||
#ifndef _STIR_SHAKEN_PROFILE_H
|
||||
#define _STIR_SHAKEN_PROFILE_H
|
||||
|
||||
#include "profile_private.h"
|
||||
|
||||
struct stir_shaken_profile *ast_stir_shaken_get_profile_by_name(const char *name);
|
||||
|
||||
/*!
|
||||
* \brief Load time initialization for the stir/shaken 'profile' object
|
||||
*
|
||||
* \retval 0 on success, -1 on error
|
||||
*/
|
||||
int stir_shaken_profile_load(void);
|
||||
|
||||
/*!
|
||||
* \brief Unload time cleanup for the stir/shaken 'profile'
|
||||
*
|
||||
* \retval 0 on success, -1 on error
|
||||
*/
|
||||
int stir_shaken_profile_unload(void);
|
||||
|
||||
#endif /* _STIR_SHAKEN_PROFILE_H */
|
||||
40
res/res_stir_shaken/profile_private.h
Normal file
40
res/res_stir_shaken/profile_private.h
Normal file
@@ -0,0 +1,40 @@
|
||||
/*
|
||||
* Asterisk -- An open source telephony toolkit.
|
||||
*
|
||||
* Copyright (C) 2022, Sangoma Technologies Corporation
|
||||
*
|
||||
* Ben Ford <bford@sangoma.com>
|
||||
*
|
||||
* See http://www.asterisk.org for more information about
|
||||
* the Asterisk project. Please do not directly contact
|
||||
* any of the maintainers of this project for assistance;
|
||||
* the project provides a web site, mailing lists and IRC
|
||||
* channels for your use.
|
||||
*
|
||||
* This program is free software, distributed under the terms of
|
||||
* the GNU General Public License Version 2. See the LICENSE file
|
||||
* at the top of the source tree.
|
||||
*/
|
||||
#ifndef _STIR_SHAKEN_PROFILE_PRIVATE_H
|
||||
#define _STIR_SHAKEN_PROFILE_PRIVATE_H
|
||||
|
||||
#include "asterisk/sorcery.h"
|
||||
|
||||
#include "asterisk/acl.h"
|
||||
|
||||
enum stir_shaken_profile_behavior {
|
||||
/*! Only do STIR/SHAKEN attestation */
|
||||
STIR_SHAKEN_ATTEST = 1,
|
||||
/*! Only do STIR/SHAKEN verification */
|
||||
STIR_SHAKEN_VERIFY = 2,
|
||||
/*! Do STIR/SHAKEN attestation and verification */
|
||||
STIR_SHAKEN_ON = 3,
|
||||
};
|
||||
|
||||
struct stir_shaken_profile {
|
||||
SORCERY_OBJECT(details);
|
||||
unsigned int stir_shaken;
|
||||
struct ast_acl_list *acl;
|
||||
};
|
||||
|
||||
#endif /* _STIR_SHAKEN_PROFILE_PRIVATE_H */
|
||||
@@ -137,41 +137,35 @@ EVP_PKEY *stir_shaken_read_key(const char *path, int priv)
|
||||
return key;
|
||||
}
|
||||
|
||||
char *stir_shaken_get_serial_number_x509(const char *path)
|
||||
char *stir_shaken_get_serial_number_x509(const char *buf, size_t buf_size)
|
||||
{
|
||||
FILE *fp;
|
||||
BIO *certBIO;
|
||||
X509 *cert;
|
||||
ASN1_INTEGER *serial;
|
||||
BIGNUM *bignum;
|
||||
char *serial_hex;
|
||||
char *ret;
|
||||
|
||||
fp = fopen(path, "r");
|
||||
if (!fp) {
|
||||
ast_log(LOG_ERROR, "Failed to open file %s\n", path);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
cert = PEM_read_X509(fp, NULL, NULL, NULL);
|
||||
certBIO = BIO_new(BIO_s_mem());
|
||||
BIO_write(certBIO, buf, buf_size);
|
||||
cert = PEM_read_bio_X509(certBIO, NULL, NULL, NULL);
|
||||
BIO_free(certBIO);
|
||||
if (!cert) {
|
||||
ast_log(LOG_ERROR, "Failed to read X.509 cert from file %s\n", path);
|
||||
fclose(fp);
|
||||
ast_log(LOG_ERROR, "Failed to read X.509 cert from buffer\n");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
serial = X509_get_serialNumber(cert);
|
||||
if (!serial) {
|
||||
ast_log(LOG_ERROR, "Failed to get serial number from certificate %s\n", path);
|
||||
ast_log(LOG_ERROR, "Failed to get serial number from certificate\n");
|
||||
X509_free(cert);
|
||||
fclose(fp);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
bignum = ASN1_INTEGER_to_BN(serial, NULL);
|
||||
if (bignum == NULL) {
|
||||
ast_log(LOG_ERROR, "Failed to convert serial to bignum for certificate %s\n", path);
|
||||
ast_log(LOG_ERROR, "Failed to convert serial to bignum for certificate\n");
|
||||
X509_free(cert);
|
||||
fclose(fp);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@@ -181,18 +175,17 @@ char *stir_shaken_get_serial_number_x509(const char *path)
|
||||
*/
|
||||
serial_hex = BN_bn2hex(bignum);
|
||||
X509_free(cert);
|
||||
fclose(fp);
|
||||
BN_free(bignum);
|
||||
|
||||
if (!serial_hex) {
|
||||
ast_log(LOG_ERROR, "Failed to convert bignum to hex for certificate %s\n", path);
|
||||
ast_log(LOG_ERROR, "Failed to convert bignum to hex for certificate\n");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
ret = ast_strdup(serial_hex);
|
||||
OPENSSL_free(serial_hex);
|
||||
if (!ret) {
|
||||
ast_log(LOG_ERROR, "Failed to dup serial from openssl for certificate %s\n", path);
|
||||
ast_log(LOG_ERROR, "Failed to dup serial from openssl for certificate\n");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
|
||||
@@ -53,15 +53,16 @@ char *stir_shaken_tab_complete_name(const char *word, struct ao2_container *cont
|
||||
EVP_PKEY *stir_shaken_read_key(const char *path, int priv);
|
||||
|
||||
/*!
|
||||
* \brief Gets the serial number in hex form from the X509 certificate at path
|
||||
* \brief Gets the serial number in hex form from the buffer (for X509)
|
||||
*
|
||||
* \note The returned string will need to be freed by the caller
|
||||
*
|
||||
* \param path The full path of the X509 certificate
|
||||
* \param buf The BASE64 encoded buffer
|
||||
* \param buf_size The size of the data in buf
|
||||
*
|
||||
* \retval NULL on failure
|
||||
* \retval serial number on success
|
||||
*/
|
||||
char *stir_shaken_get_serial_number_x509(const char *path);
|
||||
char *stir_shaken_get_serial_number_x509(const char *buf, size_t buf_size);
|
||||
|
||||
#endif /* _STIR_SHAKEN_H */
|
||||
|
||||
Reference in New Issue
Block a user