Most SSL/TLS error messages coming from pjproject now have either
the peer address:port or peer hostname, depending on what was
available at the time and code location where the error was
generated.
ASTERISK-28444
Reported by: Bernhard Schmidt
Change-Id: I41770e8a1ea5e96f6e16b236692c4269ce1ba91e
Fixed#2172: Avoid double reference counter decrements in
timer in the scenario of race condition between
pj_timer_heap_cancel() and pj_timer_heap_poll().
Change-Id: If000e9438c83ac5084b678eb811e902c035bd2d8
In ASTERISK-27095 an issue had been fixed because of which chan_pjsip was not
trying to send UPDATE messages when connected_line_method was set to invite.
However this only solved the issue for incoming INVITES. For outgoing INVITES
(important when transferring calls) the options variable needs to be updated
at a different place.
ASTERISK-28182 #close
Reported-by: nappsoft
Change-Id: I76cc06da4ca76ddd6dce814a8b97cc66b98aaf29
This change implements a few different generic things which were brought
on by Google Voice SIP.
1. The concept of flow transports have been introduced. These are
configurable transports in pjsip.conf which can be used to reference a
flow of signaling to a target. These have runtime configuration that can
be changed by the signaling itself (such as Service-Routes and
P-Preferred-Identity). When used these guarantee an individual connection
(in the case of TCP or TLS) even if multiple flow transports exist to the
same target.
2. Service-Routes (RFC 3608) support has been added to the outbound
registration module which when received will be stored on the flow
transport and used for requests referencing it.
3. P-Associated-URI / P-Preferred-Identity (RFC 3325) support has been
added to the outbound registration module. If a P-Associated-URI header
is received it will be used on requests as the P-Preferred-Identity.
4. Configurable outbound extension support has been added to the outbound
registration module. When set the extension will be placed in the
Supported header.
5. Header parameters can now be configured on an outbound registration
which will be placed in the Contact header.
6. Google specific OAuth / Bearer token authentication
(draft-ietf-sipcore-sip-authn-02) has been added to the outbound
registration module.
All functionality changes are controlled by pjsip.conf configuration
options and do not affect non-configured pjsip endpoints otherwise.
ASTERISK-27971 #close
Change-Id: Id214c2d1c550a41fcf564b7df8f3da7be565bd58
This patch is not in the upstream pjproject and does unsafe things with
the timer->_timer_id and timer->_grp_lock values in pj_timer_entry_reset()
outside of the timer heap lock. pj_timer_entry_reset() is also called for
timers that are not about to be rescheduled in a few places.
Change-Id: I4fe0b4bc648f7be5903cf4531b94fc87275713c1
This change brings in PJSIP 2.8, removes all the patches
that were merged upstream, and makes a minor change to
support a breaking change that was done.
ASTERISK-28059
Change-Id: I5097772b11b0f95c3c1f52df6400158666f0a189
The authors of PJProject undef s_addr because of some issue in Microsoft
Windows. However in Oracle Solaris, s_addr is not a structure member, but
defined to map to the real structure member.
Updates the patch from ASTERISK_20366
ASTERISK-27997
Change-Id: I8223026d4d54e2a46521085fcc94bfa6ebe35b11
The script configure from Teluu expects shared libraries (.so) in a subfolder
called 'lib', when --with-xyz=PATH is specified. However for OpenSSL, the
default location is the root of the source folder = PATH. Furthermore, Asterisk
supports both, 'lib' and root. For consistency and because Asterisk is using
(only) OpenSSL in PJProject, it is enhanced to support both locations, just
like Asterisk.
ASTERISK-27995
Change-Id: I8eb916a88b6b8c22e29bb40bee8faaca6c73406f
The tdata containing the response can be shared by both the dialog
object and the tsx object. In order to prevent the race condition
between the tsx retransmission and the dialog sending a response,
clone the tdata before modifying it for the dialog send response.
ASTERISK-27966 #close
Change-Id: Ic381004a3a212fe1d8eca0e707fe09dba4a6ab4e
Asterisk patched the pjproject source to avoid crashing when pjproject
sip_msg headers are encountered with NULL vptr's, but the patch also
output error messages for some valid headers which simply did not need
to be added to the message itself, such as hidden route headers.
pjproject has since applied a similar patch to their baseline to avoid
crashes, but their version also avoids the spurious error logging.
Lets use their patch instead.
ASTERISK-27961 #close
Change-Id: I2ddbd82c8da10e0dcc9807a48089d1f3c2d6e389
Turn off the periodic sending of CRLNCRLN. Default is on (90 seconds),
which conflicts with the global section's keep_alive_interval option in
pjsip.conf.
patches:
pjsip_keep_not_alive.patch submitted by Alexander Traud (License 6520)
ASTERISK-27347
Change-Id: I6a197f56e1830d3b7e5ec70f17025840a290b057
pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response. We handle this correctly. There have
been reported cases where the To tag is the same but we still need to
follow the media. The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime. The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.
So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.
The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.
Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer
There have been cases that when the transaction timer callback is called
the tsx is already destroyed. This causes a crash. We now check the
tsx state and return if the tsx is already destroyed.
Change-Id: If93acd5e48d9ca5bb553f2405d5afc836842fe1c
Added a new pj_timer_entry_reset function that resets a timer_entry
for re-use.
Changed direct settings of timer_entry fields to use
pj_timer_entry_init and pj_timer_entry_reset.
Fixed issues where timers were being rescheduled incorrectly.
Change-Id: I5b624bfbc5c1429117484b9b24567293002148e6
There have been some crashes in the past where something attempts
to use a pj_atomic after it's already been destroyed. This patch
tries to prevent it by making sure that pj_atomic_destroy sets
its mutex to NULL when it's done. The pj_mutex functions already check
for a NULL mutex and just return PJ_EINVAL.
Teluu also added some checks to the win32 implementation as well.
Change-Id: Id25f70b79fdedf44ead6e6e1763a4417d3b3f825
This replaces AST_INLINE_API allocators in utils.h with real functions
implemented in astmm.c. Associated macro's are also moved from utils.h
to astmm.h.
Remove menuselect conflicts between MALLOC_DEBUG and DEBUG_CHAOS as they
can now be combined.
This has multiple benefits:
* Simplifies asterisk/utils.h by removing inline functions and use of
the logger.
* Removal of these inline functions decreases size of Asterisk and
module binaries by 1% or more.
* Puts memory management functions together with and without
MALLOC_DEBUG enabled, simplifying management of the code.
* Enables DEBUG_CHAOS for ASTMM_REDIRECT and bundled pjproject.
Change-Id: If9df4377f74bdbb627461b27a473123e05525887
This allows asterisk to be compiled with MALLOC_DEBUG to load modules
built without MALLOC_DEBUG. Now pre-compiled third-party modules will
still work regardless of MALLOC_DEBUG being enabled or not.
Change-Id: Ic07ad80b2c2df894db984cf27b16a69383ce0e10
pjproject's fmtp retrieval function failed to catch invalid fmtp attributes.
Because of this Asterisk would crash if given an SDP with an invalid fmtp
attribute.
When retrieving the format this patch now makes sure the fmtp attribute is
available. If not available it now returns an error status.
ASTERISK-27583 #close
Change-Id: I5cebe000ce2d846cae3af33b6d72c416e51caf2f
pjproject's media format parsing algorithm failed to catch invalid values.
Because of this Asterisk would crash if given an SDP with a invalid media
format description.
When parsing the media format description this patch now properly parses the
value and returns an error status if it can't successfully parse/convert the
value.
ASTERISK-27582 #close
Change-Id: I883b3a4ef85b6972397f7b56bf46c5779c55fdd6
We still need to figure out how a bad header is getting into the
outgoing message but this patch to pjproject prevents attempting
to print that header and causing a crash.
For several users, this crash happens when sending 183 progress
messages.
ASTERISK-26832
Reported by: Ross Beer, Jan Rozhon
Change-Id: Ie5c5a921c890c843587763e7f33f987dfe66bd16
When an older GCC version is called with a too new warning option, GCC exited
with an error and Asterisk was not built. Therefore, the configure script tests
the installed compiler whether it supports that warning option. If not, Asterisk
does not pass it to the installed compiler. However, some compilers (like clang)
do not exit (error) but give just a warning in such a case. Because the compiler
did not exit, Asterisk passed the unknown-warning option.
ASTERISK-27560
Change-Id: Ia9d148e689c173df4e91699113605dab2de36038
When we fail over to a new target we create a new transaction
and it becomes the current INVITE transaction. This does not
prevent the previous transaction from raising state changes
and causing the session to be prematurely disconnected if a
transport error occurs immediately.
This change backports a fix from PJSIP that eliminates the
incorrect state change and reduces when they would be raised
in the first place.
ASTERISK-27408
Change-Id: Id22d087591782eee31311753d11e7eca4b95ef34
The definition in config_site.h and the argument to the
configure script are not necessary to disable WebRTC
support. The correct argument, --disable-libwebrtc, is
already passed.
ASTERISK-26980
Change-Id: I27da2c894f87914956a72710222e17462d8a44bc
If a 183 with sdp response is receive without a To tag the sdp is not
negotiated. According to RFC 3261 section 12.1.2 while a To tag is required,
the client needs to still be able to handle the missing tag case for
backwards compatibility.
This patch, accepted by and applied to pjproject, makes it so if an incoming
180/183 with SDP comes in without a To tag it gets appropriately handled.
ASTERISK-27442 #close
Change-Id: Ic9d6b01e05e8f4874eebbd7adfe05d932025d203
The default return code for pjsip_find_msg was PJ_SUCCESS so if
a Content-Length header wasn't found at all, pjsip_find_msg was
returning PJ_SUCCESS instead of PJSIP_EMISSINGHDR.
Also added the volatile keyword to a few variables that are used
both inside and outside the PJ_TRY/PJ_CATCH block.
Partial fix for ASTERISK_27408
Change-Id: If82ba9de921e3d57df9c68cf96ee45ccc1491f7a
Update from 2.7 to 2.7.1 for bundled pjproject. Changed version
and removed patch files included in the update.
Change-Id: I55cea8e734b318c2df9daf86aa0802c559ec8357
If a transport is created with the same transport type, source
IP address, and source port as one that already exists the old
transport is moved into a linked list called "tp_list".
If this old transport is later shutdown it will not be destroyed
as the process checks whether the transport is valid or not. This
check does not look at the "tp_list" when making the determination
causing the transport to not be destroyed.
This change updates the logic to query not just the main storage
method for transports but also the "tp_list".
Upstream issue https://trac.pjsip.org/repos/ticket/2061
ASTERISK-27411
Change-Id: Ic5c2bb60226df0ef1c8851359ed8d4cd64469429
Parsing the numeric header fields like cseq, ttl, port, etc. all
had the potential to overflow, either causing unintended values to
be captured or, if the values were subsequently converted back to
strings, a buffer overrun. To address this, new "strto" functions
have been created that do range checking and those functions are
used wherever possible in the parser.
* Created pjlib/include/limits.h and pjlib/include/compat/limits.h
to either include the system limits.h or define common numeric
limits if there is no system limits.h.
* Created strto*_validate functions in sip_parser that take bounds
and on failure call the on_str_parse_error function which prints
an error message and calls PJ_THROW.
* Updated sip_parser to validate the numeric fields.
* Fixed an issue in sip_transport that prevented error messages
from being properly displayed.
* Added "volatile" to some variables referenced in PJ_CATCH blocks
as the optimizer was sometimes optimizing them away.
* Fixed length calculation in sip_transaction/create_tsx_key_2543
to account for signed ints being 11 characters, not 9.
ASTERISK-27319
Reported by: Youngsung Kim at LINE Corporation
Change-Id: I48de2e4ccf196990906304e8d7061f4ffdd772ff
OpenSSL has 2 levels or error processing. It's possible for the
top layer to return SSL_ERROR_SYSCALL but the lower layer return
no error, in which case processing should continue. Only the top
layer was being examined though so connections were being torn
down when they didn't need to be. This patch adds the examination
of the lower level codes, and if they return no errors, allows
processing to continue.
ASTERISK-27001
Reported-by: Ian Gilmour
patches:
pjproject-2.6.patch submitted by Ian Gilmour (license 6889)
Updated-by: George Joseph and Sauw Ming (Teluu)
Merged to upstream pjproject on 7/27/2017 (commit 5631)
Change-Id: I23844ca0c68ef1ee550f14d46f6dae57d33b7bd2
The maximum packet size for PJSIP has been increased to handle the
multiple streams being added for WebRTC.
Change-Id: I9ea1e8d02668c544acadcb1c6200e1cc1bd588b3
When connected_line_method is "invite", we're supposed to determine
if the client can support UPDATE and if it can, send UPDATE instead
of INVITE to avoid the SDP renegotiation. Not only was pjproject
not setting the PJSIP_INV_SUPPORT_UPDATE flag, we were testing
that invite_tsx wasn't NULL which isn't always the case.
* Updated chan_pjsip/update_connected_line_information to drop the
requirement that invite_tsx isn't NULL.
* Submitted patch to pjproject sip_inv.c that sets the
PJSIP_INV_SUPPORT_UPDATE flag correctly.
* Updated pjsip.conf.sample to clarify what happens when "invite"
is specified.
ASTERISK-27095
Change-Id: Ic2381b3567b8052c616d96fbe79564c530e81560
When the Asterisk channel driver res_pjsip offers SIP-over-TLS, sometimes, not
reproducible, Asterisk crashed in pj_ssl_sock_get_info() because a NULL pointer
was read. This change avoids this crash.
ASTERISK-26927 #close
Change-Id: I24a6011b44d1426d159742ff4421cf806a52938b
