The ToHost parameter was not cleared when a peer's host value was
changed to dynamic. This causes invites to be sent to the original host.
ASTERISK-29011 #close
Change-Id: I9678d512741f71baca8f131a65b7523020b07d5c
chan_sip handle_response() function, for a 400 response to an INVITE,
calls handle_response_invite() and does not generate ACK.
handle_response_invite() does not recognize 400 response and has no
default response processing for unexpected responses, thus it does not
generate ACK either.
The ACK on response repetition comes from handle_response() mechanism
"We must re-send ACKs to re-transmitted final responses".
According to code history, 400 response specific processing was
introduced with commit
"channels/chan_sip: Add improved support for 4xx error codes"
This commit added support for :
- 400/414/493 in handle_response_subscribe() handle_response_register()
and handle_response().
- 414/493 only in handle_response_invite().
This fix adds 400 response support in handle_response_invite().
ASTERISK-28957
Change-Id: Ic71a087e5398dfc7273946b9ec6f9a36960218ad
It is possible to configure a TCP/TLS client without having a TCP/TLS
server. In that case, no error or warning was printed but the headers
Contact and Via in SIP REGISTER were "(null)".
ASTERISK-28798
Change-Id: I387ca5cb6a65f1eb675a29c5e41df8ec6c242ab2
If you're for some reason out of RTP ports, chan_sip would previously
responde to an INVITE with a 403, which will fail the call.
Now, it returns a 503, allowing the device/proxy to retry the call on a
different machine.
ASTERISK-28718
Change-Id: I968dcf6c1e30ecddcce397dcda36db727c83ca90
Fixes no-audio issues when the media source is changed and
strictrtp is enabled (default).
If the peer media source changes, the SDP session version also changes.
If it is lower than the one we had stored, chan_sip would ignore it.
This changeset keeps track of the remote media origin identifier,
comparing that as well. If it changes, the session version needn't be
higher for us to accept the SDP.
Common scenario where this would've caused problems: a separate media
gateway that informs the caller about premium rates before handing off
the call to the final destination.
(An alternative fix would be to set ignoresdpversion=yes on the peer.)
ASTERISK-28686
Change-Id: I88fdbc5aeb777b583e7738c084254c482a7776ee
lws2sws() does not stop trying to handle header continuation lines
even after all headers have been found. This is problematic if the
first character of a SIP message body is a space or tab character, so
we update to recognize the end of the message header.
ASTERISK-28693 #close
Reported by: Frank Matano
Change-Id: Idec8fa58545cd3fd898cbe0075d76c223f8d33df
chan_sip.c:3782 __sip_xmit: sip_xmit of 0x7f1478069230 (len 600) to
213.150.203.60:1492 returned -2: Interrupted system call
returned -2 implies this wasn't actually an OS error, so errno makes no
sense either. Internal error was already logged higher up, and -2
generally means that either there isn't a valid connection available, or
the pipe notification failed, and that is already correctly logged.
ASTERISK-28651 #close
Change-Id: I46eb82924beeff9dfd86fa6c7eb87d2651b950f2
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
The SIP transaction state was reset when emitting an UPDATE or a re-INVITE
related to a COLP, preventing RTP packets to be emitted.
ASTERISK-28647
Change-Id: Ie7a30fa7a97f711e7ba6cc17f221a0993d48bd8b
During capabilities selection (joint capabilities of us and peer,
configured capability for this peer, or general configured
capabilities), if sip_new() does not keep framing information,
then directmedia activation will fail for any framing different
from default framing.
ASTERISK-28637
Change-Id: I99257502788653c2816fc991cac7946453082466
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.
ASTERISK-28589 #close
Change-Id: I581c5ed1da60ca89f590bd70872de2b660de02df
When modifying an already defined variable in some channel drivers they
add a new variable with the same name to the list, but that value is
never used, only the first one found.
Introduce ast_variable_list_replace() and use it where appropriate.
ASTERISK-23756 #close
Patches:
setvar-multiplie.patch submitted by Michael Goryainov
Change-Id: Ie1897a96c82b8945e752733612ee963686f32839
The links in the deprecation notice were the shortened
variety but it makes better sense to show the unshortened
links as they're more descriptive.
I.E.
wiki.asterisk.org/wiki/display/AST/Migrating+from+chan_sip+to+res_pjsip
rather than
wiki.asterisk.org/wiki/x/tAHOAQ
Change-Id: If2da5d5243e2d4a6f193b15691d23e7e5a7c57a9
The chan_sip module performs a T.38 re-invite using a single media
stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional
media stream with no joint codec a crash will occur as the code
assumes that at least one joint codec will exist in this
scenario.
This change removes this assumption.
ASTERISK-28465
Change-Id: I8b02845b53344c6babe867a3f0a5231045c7ac87
The MWI core recently got some new API calls that make tracking MWI state
lifetime more reliable. This patch updates those modules that subscribe to
specific MWI topics to use the new API. Specifically, these modules now
subscribe to both MWI topics and MWI state.
ASTERISK-28442
Change-Id: I32bef880b647246823dbccdf44a98d384fcabfbd
There is enough MWI functionality to warrant it having its own 'c' and header
files. This patch moves all current core MWI data structures, and functions
into the following files:
main/mwi.h
main/mwi.c
Note, code was simply moved, and not modified. However, this patch is also in
preparation for core MWI changes, and additions to come.
Change-Id: I9dde8bfae1e7ec254fa63166e090f77e4d3097e0
The compiler complained about a couple of variables that weren't
initialized but were being used. Initializing them to NULL resolves the
warnings/errors.
ASTERISK-28362 #close
Change-Id: I6243afc5459b416edff6bbf571b0489f6b852e4b
Passing negative intervals to the scheduler rips a hole in the
space-time continuum.
ASTERISK-25792 #close
Reported by: Paul Sandys
Change-Id: Ie706f21cee05f76ffb6f7d89e9c867930ee7bcd7
strtok() uses a static buffer, making it not thread safe.
Also add a #define to cause a compile failure if strtok is used.
Change-Id: Icce265153e1e65adafa8849334438ab6d190e541
Replace usage of ao2_container_alloc with ao2_container_alloc_hash or
ao2_container_alloc_list. Remove ao2_container_alloc macro.
Change-Id: I0907d78bc66efc775672df37c8faad00f2f6c088
This change adds the ability for subscriptions to indicate
which message types they are interested in accepting. By
doing so the filtering is done before being dispatched
to the subscriber, reducing the amount of work that has
to be done.
This is optional and if a subscriber does not add
message types they wish to accept and set the subscription
to selective filtering the previous behavior is preserved
and they receive all messages.
There is also the ability to explicitly force the reception
of all messages for cases such as AMI or ARI where a large
number of messages are expected that are then generically
converted into a different format.
ASTERISK-28103
Change-Id: I99bee23895baa0a117985d51683f7963b77aa190
When a call pickup is performed using and invite with replaces header
the ast_do_pickup method is attempted and a PICKUP stasis message is sent.
ASTERISK-28081 #close
Reported-by: Luit van Drongelen
Change-Id: Ieb1442027a3ce6ae55faca47bc095e53972f947a
This officially deprecates chan_sip in Asterisk 17+. A warning is
printed upon startup or module load to tell users that they should
consider migrating. chan_sip is still built by default but the default
modules.conf skips loading it at startup.
Very important to note we are not scheduling a time where chan_sip will
be removed. The goal of this change is to accurately inform end users
of the current state of chan_sip and encourage movement to the fully
supported chan_pjsip.
Change-Id: Icebd8848f63feab94ef882d36b2e99d73155af93
These macros have been documented as legacy for a long time but are
still used in new code because they exist. Remove all references to:
* ao2_container_alloc_options
* ao2_t_container_alloc_options
* ao2_t_container_alloc
These macro's are also removed. Only ao2_container_alloc remains due to
it's use in over 100 places.
Change-Id: I1a26258b5bf3deb081aaeed11a0baa175c933c7a
With tls and udp enabled asterisk generates a warning about sending
message via udp instead of tls.
sip notify command via cli works as expected and without warning.
asterisk has to set the connection information accordingly to connection
and not on presumption
ASTERISK-28057 #close
Change-Id: Ib43315aba1f2c14ba077b52d8c5b00be0006656e
Fixes random asterisk crash on start or reload with TLS phones.
ASTERISK-28034 #close
Reported-by: David Hajek
Change-Id: I2a859f97dc80c348e2fa56e918214ee29521c4ac
Also remove function peer_ipcmp_cb since it's not used (according to
rmudgett).
Prior to b2c4e8660a (ASTERISK_27457)
insecure=port was the defacto standard. That commit also prevented
insecure=port from being applied for sip/tcp or sip/tls.
Into consideration there are three sets of behaviour:
1. "previous" - before the above commit.
2. "current" - post above commit, pre this one.
3. "new" - post this commit.
The problem that the above commit tried to address was guests over TCP.
It succeeded in doing that but broke transport!=udp with host!=dynamic.
This commit attempts to restore sane behaviour with respect to
transport!=udp for host!=dynamic whilst still retaining the guest users
over tcp.
It should be noted that when looking for a peer, two passes are made, the
first pass doesn't have SIP_INSECURE_PORT set for the searched-for peer,
thus looking for full matches (IP + Port), the second pass sets
SIP_INSECURE_PORT, thus expecting matches on IP only where the matched
peer allows for that (in the author's opinion: UDP with insecure=port,
or any TCP based, non-dynamic host).
In previous behaviour there was special handling for transport=tcp|tls
whereby a peer would match during the first pass if the utilized
transport was TCP|TLS (and the peer allowed that specific transport).
This behaviour was wrong, or dubious at best. Consider two dynamic tcp
peers, both registering from the same IP (NAT), in this case either peer
could match for connections from an IP. It's also this behaviour that
prevented SIP guests over tcp.
The above referenced commit removed this behaviour, but kept applying
the SIP_INSECURE_PORT only to WS|WSS|UDP. Since WS and WSS is also TCP
based, the logic here should fall into the TCP category.
This patch updates things such that the previously non-explicit (TCP
behaviour) transport test gets performed explicitly (ie, matched peer
must allow for the used transport), as well as the indeterministic
source-port nature of the TCP protocol is taken into account. The new
match algorithm now looks like:
1. As per previous behaviour, IP address is matched first.
2. Explicit filter with respect to transport protocol, previous
behaviour was semi-implied in the test for TCP pure IP match - this now
made explicit.
3. During first pass (without SIP_INSECURE_PORT), always match on port.
4. If doing UDP, match if matched against peer also has
SIP_INSECURE_PORT, else don't match.
5. Match if not a dynamic host (for non-UDP protocols)
6. Don't match if this is WS|WSS, or we can't trust the Contact address
(presumably due to NAT)
7. Match (we have a valid Contact thus if the IP matches we have no
choice, this will likely only apply to non-NAT).
To logic-test this we need a few different scenarios. Towards this end,
I work with a set number of peers defined in sip.conf:
[peer1]
host=1.1.1.1
transport=tcp
[peer2]
host=1.1.1.1
transport=udp
[peer3]
host=1.1.1.1
port=5061
insecure=port
transport=udp
[peer4]
host=1.1.1.2
transport=udp,tcp
[peer5]
host=dynamic
transport=udp,tcp
Test cases for UDP:
1 - incoming UDP request from 1.1.1.1:
- previous:
- pass 1:
* peer1 or peer2 if from port 5060 (indeterminate, depends on peer
ordering)
* peer3 if from port 5061
* peer5 if registered from 1.1.1.1 and source port matches
- pass 2:
* peer3
- current: as per previous.
- new:
- pass 1:
* peer2 if from port 5060
* peer3 if from port 5061
* peer5 if registered from 1.1.1.1 and source port matches
- pass 2:
* peer3
2 - incoming UDP request from 1.1.1.2:
- previous:
- pass 1:
* peer5 if registered from 1.1.1.2 and port matches
* peer4 if source port is 5060
- pass 2:
* no match (guest)
- current: as previous.
- new as previous (with the variation that if peer5 didn't have udp as
allowed transport it would not match peer5 whereas previous
and current code could).
3 - incoming UDP request from anywhere else:
- previous:
- pass 1:
* peer5 if registered from that address and source port matches.
- pass 2:
* peer5 if insecure=port is additionally set.
* no match (guest)
- current - as per previous
- new - as per previous
Test cases for TCP based transports:
4 - incoming TCP request from 1.1.1.1
- previous:
- pass 1 (indeterministic, depends on ordering of peers in memory):
* peer1; or
* peer5 if peer5 registered from 1.1.1.1 (irrespective of source port); or
* peer2 if the source port happens to be 5060; or
* peer3 if the source port happens to be 5061.
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer1 or peer2 if from source port 5060
* peer3 if from source port 5060
* peer5 if registered as 1.1.1.1 and source port matches
- pass 2:
* no match (guest)
- new:
- pass 1:
* peer 1 if from port 5060
* peer 5 if registered and source port matches
- pass 2:
* peer 1
5 - incoming TCP request from 1.1.1.2
- previous (indeterminate, depends on ordering):
- pass 1:
* peer4; or
* peer5 if peer5 registered from 1.1.1.2
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer4 if source port is 5060
* peer5 if peer5 registered as 1.1.1.2 and source port matches
- pass 2:
* no match (guest).
- new:
- pass 1:
* peer4 if source port is 5060
* peer5 if peer5 registered as 1.1.1.2 and source port matches
- pass 2:
* peer4
6 - incoming TCP request from anywhere else:
- previous:
- pass 1:
* peer5 if registered from that address
- pass 2: cannot happen since pass 1 will always find a peer.
- current:
- pass 1:
* peer5 if registered from that address and port matches.
- pass 2:
* no match (guest)
- new: as per current.
It should be noted the test cases don't make explicit mention of TLS, WS
or WSS. WS and WSS previously followed UDP semantics, they will now
enforce source port matching. TLS follow TCP semantics.
The previous commit specifically tried to address test-case 6, but broke
test-cases 4 and 5 in the process.
ASTERISK-27881 #close
Change-Id: I61a9804e4feba9c7224c481f7a10bf7eb7c7f2a2
This function originally was used in chan_sip to enable some simplifying
assumptions and eventually was copy and pasted into res_pjsip_logger and
res_hep. Since it's replicated in three places, it's probably best to
move it into the public netsock2 API for these modules to use.
Change-Id: Id52e23be885601c51d70259f62de1a5e59d38d04
This fixes build warnings found by GCC 8. In some cases format
truncation is intentional so the warning is just suppressed.
ASTERISK-27824 #close
Change-Id: I724f146cbddba8b86619d4c4a9931ee877995c84
There is a problem when an INVITE-with-Replaces transfer targets a channel
in a ConfBridge. The transfer will unconditionally swap out the
ConfBridge channel. Unfortunately, the ConfBridge state will not be aware
of this change. Unexpected behavior will happen as a result since
ConfBridge channels currently can only be replaced by a masquerade and not
normal bridge channel moves.
* We just need to pretend that the channel isn't in a bridge (like other
transfer methods already do) so the transfer channel will masquerade into
the ConfBridge channel.
Change-Id: I209beb0e748fa4f4b92a576f36afa8f495ba4c82
Given the below call scenario:
A -> Ast1 -> B
C <- Ast2 <- B
1) A calls B through Ast1
2) B calls C through Ast2
3) B transfers A to C
When party B transfers A to C, B sends a REFER to Ast1 causing Ast1 to
send an INVITE with replaces to Ast2. Ast2 then leaks a channel ref of
the channel between Ast1 and Ast2.
Channel ref leaks are easily seen in the CLI "core show channels" output.
The leaked channels appear in the output but you can do nothing with them
and they never go away unless you restart Asterisk.
* Properly account for the channel refs when imparting a channel into a
bridge when handling an INVITE with replaces in handle_invite_replaces().
The ast_bridge_impart() function steals a channel ref but the code didn't
account for how many refs were held by the code at the time and which ref
was stolen.
* Eliminated RAII_VAR in handle_invite_replaces().
ASTERISK-27740
Change-Id: I7edbed774314b55acf0067b2762bfe984ecaa9a4
* acl (named_acl.c)
* cdr
* cel
* ccss
* dnsmgr
* dsp
* enum
* extconfig (config.c)
* features
* http
* indications
* logger
* manager
* plc
* sounds
* udptl
These modules are now loaded at appropriate time by the module loader.
Unlike loadable modules these use AST_MODULE_LOAD_FAILURE on error so
the module loader will abort startup on failure of these modules.
Some of these modules are still initialized or shutdown from outside the
module loader. logger.c is initialized very early and shutdown very
late, manager.c is initialized by the module loader but is shutdown by
the Asterisk core (too much uses it without holding references).
Change-Id: I371a9a45064f20026c492623ea8062d02a1ab97f
Checking option_debug directly is incorrect as it ignores file/module
specific debug settings. This system-wide change replaces nearly all
direct checks for option_debug with the DEBUG_ATLEAST macro.
Change-Id: Ic342d4799a945dbc40ac085ac142681094a4ebf0
The "ptime" SDP parameter received in a SIP response was not honoured.
Moreover, in the abscence of this "ptime" parameter, locally configured
framing was lost during response processing.
This patch systematically stores the framing information in the
ast_rtp_codecs structure, taking it from the response or from the
configuration as appropriate.
ASTERISK-27674
Change-Id: I828a6a98d27a45a8afd07236a2bd0aa3cbd3fb2c
When constructing a dialog-info+xml NOTIFY message a ringing channel
is found if the state is ringing and further information is placed into
the message. Due to the migration to the Stasis message bus this did
not always work as expected.
This change raises a second ringing event in such a way to guarantee
that the event is received by chan_sip and another lookup is done to
find the ringing channel.
ASTERISK-24488
Change-Id: I547a458fc59721c918cb48be060cbfc3c88bcf9c
Check if initreq data string exists before using it when processing a
CANCEL request.
ASTERISK-27666
Change-Id: Id1d0f0fa4ec94e81b332b2973d93e5a14bb4cc97
* Declare 'requires' and 'enhances' text fields on module info structure.
* Rename 'nonoptreq' to 'optional_modules'.
* Update doxygen comments.
Still need to investigate dependencies among modules I cannot compile.
Change-Id: I3ad9547a0a6442409ff4e352a6d897bef2cc04bf
Per RFC 5245, the foundation specified with an ICE candidate can be up
to 32 characters but we are only allowing for 31.
ASTERISK-27498 #close
Reported by: Michele Prà
Change-Id: I05ce7a5952721a76a2b4c90366168022558dc7cf