When Asterisk detects a hangup and cannot send a BYE due to a pending
INVITE, it sets the pendingbye flag and waits for the final response to that
INVITE. When the response is received, it transmits the BYE. If, however,
that INVITE request is a pending re-INVITE, it needs to first send a CANCEL
request to terminate the pending re-INVITE. In that circumstance, Asterisk
was, in some scenarios, clearing the pendingbye flag after processing the
CANCEL request and not checking for a pending BYE when receiving the final
487 response to the INVITE.
This patch ensures that if the pendingbye flag is set, it is honored
regardless of the nature of the INVITE request currently in flight.
(closes issue ASTERISK-19365)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
Patches:
bugASTERISK-19365_2012_03_08.patch uploaded by mjordan (license 6283)
Review: https://reviewboard.asterisk.org/r/1807
........
Merged revisions 360086 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 360088 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@360089 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Echo()'s description states that it echoes audio, video, and DTMF except for #
while it actually echoes any frame that it receives other than DTMF #. This
was causing frame storms in the test suite in some circumstances where Echo()
was attached to both ends of a pair of local channels and control frames
were being periodically generated. Echo()'s behavior and description have
been modifed so that it only echoes media and non-# DTMF frames.
........
Merged revisions 360033 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 360034 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@360036 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fix AMI module reload deadlock regression from ASTERISK-18479 when it
tried to fix the race between calling an AMI action callback and
unregistering that action. Refixes ASTERISK-13784 broken by
ASTERISK-17785 change.
Locking the ao2 object guaranteed that there were no active callbacks that
mattered when ast_manager_unregister() was called. Unfortunately, this
causes the deadlock situation. The patch stops locking the ao2 object to
allow multiple threads to invoke the callback re-entrantly. There is no
way to guarantee a module unload will not crash because of an active
callback. The code attempts to minimize the chance with the registered
flag and the maximum 5 second delay before ast_manager_unregister()
returns.
The trunk version of the patch changes the API to fix the race condition
correctly to prevent the module code from unloading from memory while an
action callback is active.
* Don't hold the lock while calling the AMI action callback.
(closes issue ASTERISK-19487)
Reported by: Philippe Lindheimer
Review: https://reviewboard.asterisk.org/r/1818/
Review: https://reviewboard.asterisk.org/r/1820/
........
Merged revisions 359979 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359980 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359981 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Added missing error exits with cause in manager_mutestream().
* Cleaned up manager_mutestream() and func_mute_write().
* Some whitespace and comment cleanup.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359942 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Remove unnnecessary const from const char * const var declaration in the
ast_app_run_macro() and ast_app_run_sub() prototypes. The second const is
unnecessary.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359904 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There exists a remotely exploitable stack buffer overflow in HTTP digest
authentication handling in Asterisk. The particular method in question
is only utilized by HTTP AMI. When parsing the digest information, the
length of the string is not checked when it is copied into temporary buffers
allocated on the stack.
This patch fixes this behavior by parsing out pre-defined key/value pairs
and avoiding unnecessary copies to the stack.
(closes issue ASTERISK-19542)
Reported by: Russell Bryant
Tested by: Matt Jordan
........
Merged revisions 359706 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359707 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359708 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Added 'b' and 'B' options to Dial. These options will allow you to run
last-minute dialplan on the caller and callee channels while the Dial
application is executing, but before the call is started. For example you
can use the 'b' option to run dialplan on the callee channel to get the name
of the newly created channel right away.
Review: https://reviewboard.asterisk.org/r/1229/
(closes issue: ASTERISK-19548)
Reported by: Mark Murawski
Tested by: Mark Murawski, Stefan Schmidt
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359705 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Milliwatt is vulnerable to a remotely exploitable stack overrun when using
the 'o' option. This occurs due to the milliwatt_generate function not
accounting for AST_FRIENDLY_OFFSET when calculating the maximum number of
samples it can put in the output buffer.
This patch resolves this issue by taking into account AST_FRIENDLY_OFFSET
when determining the maximum number of samples allowed. Note that at no
point is remote code execution possible. The data that is written into the
buffer is the pre-defined Milliwatt data, and not custom data.
(closes issue ASTERISK-19541)
Reported by: Russell Bryant
Tested by: Matt Jordan
Patches:
milliwatt_stack_overrun.rev1.txt by Russell Bryant (license 6283)
Note that this patch was written by Russell, even though Matt uploaded it
........
Merged revisions 359645 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 359656 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359694 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359704 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch adds unit tests for main/jitterbuf.c. This includes checking for
the following:
* Nominal insertion and retrieval of frames
* Insertion and retrieval of frames where the frames are inserted out of
order with respect to the previous frame
* Insertion and retrieval of frames where some number of frames that would
occur in the expected sequence are instead dropped
* Insertion and retrieval of frames with an arrival time that does not occur
at the same rate as the surrounding frames
* Resynchronization of the jitter buffer when an inserted frame breaks the
resynchronization threshold
* Overfilling of the jitter buffer
For each of the tests, both JB_TYPE_VOICE and JB_TYPE_CONTROL permutations
exist.
Review: https://reviewboard.asterisk.org/r/1815
(issue: ASTERISK-18964)
Reported by: Kris Shaw
Tested by: Kris Shaw, Matt Jordan
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359406 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a change in time occurs, such that the timestamps associated with frames
being placed into an adaptive jitter buffer (implemented in jitterbuf.c)
are significantly different then the previously inserted frames, the jitter
buffer checks to see if it needs to be resynched to the new time frame. If
three consecutive packets break the threshold, the jitter buffer resynchs
itself to the new timestamps. This currently only occurs when history is
calculated, and hence only on JB_TYPE_VOICE frames.
JB_TYPE_CONTROL frames, on the other hand, are never passed to the history
calculations. Because of this, if the jump in time is greater then the
maximum allowed length of the jitter buffer, the JB_TYPE_CONTROL frames are
dropped and no resynchronization occurs. Alterntively, if the overfill
logic is not triggered, the JB_TYPE_CONTROL frame will be placed into the
buffer, but with a time reference that is not applicable. Subsequent
JB_TYPE_VOICE frames will quickly trigger the overflow logic until reads
from the jitter buffer reach the errant JB_TYPE_CONTROL frame.
This patch allows JB_TYPE_CONTROL frames to resynch the jitter buffer. As
JB_TYPE_CONTROL frames are unlikely to occur in multiples, it perform the
resynchronization on any JB_TYPE_CONTROL frame that breaks the resynch
threshold.
Note that this only impacts chan_iax2, as other consumers of the adaptive
jitter buffer use the abstract jitter buffer API, which does not use
JB_TYPE_CONTROL frames.
Review: https://reviewboard.asterisk.org/r/1814/
(closes issue ASTERISK-18964)
Reported by: Kris Shaw
Tested by: Kris Shaw, Matt Jordan
Patches:
jitterbuffer-2012-2-26.diff uploaded by Kris Shaw (license 5722)
........
Merged revisions 359356 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359358 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359359 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When connected line support was added, the wait_for_answer() variable
single changed its meaning slightly. Unfortunately, the places where
single was used did not necessarily get updated to reflect that change.
Also audio/video frames were sent to all forked calls when the endpoints
were never made compatible.
* Don't pass audio/video media frames when the channels have not been made
compatible.
* Added handling of AST_CONTROL_SRCCHANGE to app_dial.c.
* Fixed app_dial.c passing on AST_CONTROL_HOLD because that frame can also
pass a requested MOH class.
(closes issue ASTERISK-16901)
Reported by: Chris Gentle
(closes issue ASTERISK-17541)
Reported by: clint
Review: https://reviewboard.asterisk.org/r/1805/
........
Merged revisions 359344 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359355 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359357 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r357272, astobj2 was changed to automatically enable REF_DEBUG when the
TEST_FRAMEWORK flag was enabled. Unfortunately, some compilers (gcc 4.5.1
at least) will attempt to inline ao2_iterator_destroy in handle_astobj2_test.
This by itself is not a problem; unfortunately, the compiler believes that
there is a code path wherein an object allocated on the stack will be
free'd. As warnings are treated as errors, this prevents compilation of
astobj2.
This patch works around that by adding the noinline attribue to
ao2_iterator_destroy, but only if the TEST_FRAMEWORK flag is enabled.
Preventing inlining is only needed for the test method defined in astobj2,
which is also only enabled if TEST_FRAMEWORK is enabled.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359306 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch updates the NUMLOGLEVELS define in logger.h to 32, to match the fact
that logger.c implements 32 log levels (because of the custom log level stuff).
asterisk.c uses this define to size an array of levels per remote console.
This array is modified in ast_console_toggle_loglevel(), which is called by the
"logger set level" CLI command. While the documentation for the CLI command
doesn't make it terribly obvious, you can use this CLI command to toggle a
custom log level on a remote console, as well. However, doing so led to an
invalid array index in asterisk.c.
This array is read from any time a log message is written to a console. So,
all custom log level messages resulted in a bogus read if a remote console
was connected.
........
Merged revisions 359259 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359260 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359261 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Added new chan_dahdi.conf colp_send option parameter to block connected
line updates per span.
(closes issue ASTERISK-17025)
Reported by: Michael Smith
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358997 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The set_format() function was more subtle in how it modified the
struct ast_channel readtrans/writetrans values.
* Fixed ast_activate_generator() conversion correctly.
(closes issue ASTERISK-19434)
Reported by: Birger Harzenetter
Tested by: rmudgett
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358861 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change restores functionality that was present in 1.4, when AEL macros
were implemented with the Macro dialplan application. Macros are fraught with
functionality issues, because they consume a large portion of the underlying
application stack. This limits the ability of AEL users to call many layers
of subroutines, an issue which Gosub does not have (originally tested to
100,000 levels deep). Therefore, starting in 1.6.0, AEL macros were
implemented with Gosub.
However, there were some implicit behaviors of Macro, which were not replicated
at the same time as with the transition to Gosub, one of which is documented in
the related issue. In particular, the "h" extension is designed to execute not
in the Macro context, but in the topmost calling context. Due to legacy issues
with a misapplied bugfix many years ago, when a macro exited in 1.4, it looks
in all calling contexts, bubbling up from the deepest level until it finds an
"h" extension.
Since AEL hides the complexity of the underlying dialplan logic from the AEL
programmer, it's reasonable to assume that this behavior should not change in
the transition from Asterisk 1.4 LTS to Asterisk 1.8 LTS, lest we break
working AEL configurations in the transition to Asterisk 1.8 LTS. This fix
is the result, which implements a search for the "h" extension in all calling
Gosub contexts.
Fixes ASTERISK-19336
Patch: 20120308__ael_bugfix_for_trunk__2.diff (License #5003) by Tilghman Lesher
(with slight modifications for 1.8)
Tested by: Johan Wilfer
Review: https://reviewboard.asterisk.org/r/1776/
........
Merged revisions 358810 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 358811 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358812 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Added ability to use multiple lines on phone, so for one device in configuration multiple lines can be defined, it allows to have multiple calls on one phone, callwaiting and switching between calls.
* Added ability for translation on-screen menu to multiple languages. Tested on Russian languages. Supported encodings: ISO 8859-1, ISO 8859-2, ISO 8859-4, ISO 8859-5, ISO 2022-JP. Language controlled by 'language' and on-screen menu of phone
* Other described in CHANGES file
Testing done by issue tracker users: ibercom, scsiborg, idarwin, TeknoJuce, c0rnoTa.
Tested on production system by Jonn Taylor (jonnt) using phone models: Nortel i2004, 1120E and 1140E.
(closes issue ASTERISK-16890)
Review: https://reviewboard.asterisk.org/r/1243/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358766 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Jonathan Rose
Tzafrir Cohen
Matthew Jordan
Kinsey Moore
Sean Bright
Richard Mudgett
Mark Michelson
Alec L Davis
Mark Murawki
Paul Belanger
Russell Bryant
Terry Wilson
Tilghman Lesher
Igor Goncharovskiy