When a channel is imparted to a bridge, the invocation of the function may
provide an ast_bridge_features struct. Upon passing this to ast_bridge_impart,
the caller must assume that ownership has passed to the function, as in all
paths the function destroys the struct prior to returning (as its purpose is
to configure the behavior of the channel while in the bridge). On one off
nominal path - where the channel already has a PBX thread - the struct was not
being destroyed.
This patch fixes that glitch.
ASTERISK-24437 #close
Reported by: Scott Griepentrog
........
Merged revisions 426431 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 426432 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@426433 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In res_phoneprov, unloading the module first destroys the http_routes
container, followed by the users. However, users may have a route in
the http_routes container; the validity of this container is not checked
in the users destructor. Hence, we hit an assert as the container has already
been set to NULL.
This patch does two things:
(1) It adds a sanity check in the user destructor (because why not)
(2) It switches the order of destruction, so that users are disposed of prior
to the HTTP routes they may hold a reference to.
Note that this crash was caught by the Test Suite (go go testing!)
........
Merged revisions 426174 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 426176 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@426179 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This fixes a Segmentation fault introduced in r419044 "media formats: re-architect
handling of media for performance improvements".
The problem is that codec_dahdi was using core_src_codec and core_dst_codec in the
ast_translator structure when these fields were never set. Now instead of trying to map
the new core codec descriptions to the way DAHDI defines different codecs, we will store
the DAHDI specific formats in 'struct translator' directly so we can refer to them without
mapping.
This also allows us to remove the "global_format_map" structure, since we can now query
the list of translators directly to make sure we do not ever register a DAHDI based
translator for a specific path more than once and eliminate the need to keep the list and
the map in sync.
ASTERISK-24435 #close
Reported by: Marian Koniuszko
Review: https://reviewboard.asterisk.org/r/4105/
........
Merged revisions 426097 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@426099 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fix the AMI Status action read and write translation path strings from
growing for each channel in the status event list by reseting the ast
string given to ast_translate_path_to_str() to fill in the given
translation path.
........
Merged revisions 426079 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@426080 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There are two aspects to the vulnerability:
(1) res_jabber/res_xmpp use SSLv3 only. This patch updates the module to use
TLSv1+. At this time, it does not refactor res_jabber/res_xmpp to use the
TCP/TLS core, which should be done as an improvement at a latter date.
(2) The TCP/TLS core, when tlsclientmethod/sslclientmethod is left unspecified,
will default to the OpenSSL SSLv23_method. This method allows for all
ecnryption methods, including SSLv2/SSLv3. A MITM can exploit this by
forcing a fallback to SSLv3, which leaves the server vulnerable to POODLE.
This patch adds WARNINGS if a user uses SSLv2/SSLv3 in their configuration,
and explicitly disables SSLv2/SSLv3 if using SSLv23_method.
For TLS clients, Asterisk will default to TLSv1+ and WARN if SSLv2 or SSLv3 is
explicitly chosen. For TLS servers, Asterisk will no longer support SSLv2 or
SSLv3.
Much thanks to abelbeck for reporting the vulnerability and providing a patch
for the res_jabber/res_xmpp modules.
Review: https://reviewboard.asterisk.org/r/4096/
ASTERISK-24425 #close
Reported by: abelbeck
Tested by: abelbeck, opsmonitor, gtjoseph
patches:
asterisk-1.8-jabber-tls.patch uploaded by abelbeck (License 5903)
asterisk-11-jabber-xmpp-tls.patch uploaded by abelbeck (License 5903)
AST-2014-011-1.8.diff uploaded by mjordan (License 6283)
AST-2014-011-11.diff uploaded by mjordan (License 6283)
........
Merged revisions 425987 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425991 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@426003 65c4cc65-6c06-0410-ace0-fbb531ad65f3
gcc on the ARM platform defaults 'char' to 'unsigned char' whereas Intel and
SPARC default to 'signed char'. This is only an issue in the rare cases where
negative values are assigned to a 'char' but this this patch insures
compatibility by detecting platforms that default to 'unsigned' and adding an
'-fsigned-char' flag to _ASTCFLAGS.
If compiling for ARM (native or cross-compile) be sure to run ./bootstrap.sh
and ./configure to regenerate the build files. You shouldn't have to do this
for Intel or SPARC.
Tested-by: George Joseph
Review: https://reviewboard.asterisk.org/r/4091/
........
Merged revisions 425964 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425965 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425966 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch for r425924 introduced a bug, wherein sending an INVITE request
with no SDP would cause Asterisk to not send an SDP Offer in the 200
OK. The current structure of res_pjsip_sdp_rtp is a bit hard to deal with
to fix this, as create_outgoing_sdp has no knowledge of whether or not it is
creating an SDP as a new Offer or an Answer. This is something of an oversight
in the callback definition, as the caller of it does have this information.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425945 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The usage of the local override_prefs variable in create_outgoing_sdp_stream
was previously to track an override format preference set by PJSIP_MEDIA_OFFER.
Now, however, that function simply sets the joint capabilities structure,
session->req_caps. During the media format rework, the override_prefs was
instead used to check if there were any formats in session->req_caps.
However, this usage isn't useful in create_outgoing_sdp_stream.
session->req_caps contains the negotiated formats for *all* streams, not just
the current one being created. Thus, so long as any stream of any type has
provided a format, override_prefs will be non-zero. Hence, its usage in
checking whether or not we should look at the formats on the endpoint or
the joint capabilities is generally useless.
There's only two things useful to check:
(1) Does the endpoint have a format for the media type?
(2) Did we negotiate a format for the media type?
If either of those is a 'no', then we must kill the media stream.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425924 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When an inbound SDP offer is received, Asterisk currently makes a few
incorrection assumptions:
(1) If the offer contains more than a single audio/video stream, Asterisk will
reject the entire stream with a 488. This is an overly strict response;
generally, Asterisk should accept the media streams that it can accept and
decline the others.
(2) If the offer contains a declined media stream, Asterisk will attempt to
process it anyway. This can result in attempting to match format
capabilities on a declined media stream, leading to a 488. Asterisk should
simply ignore declined media streams.
(3) Asterisk will currently attempt to handle offers with AVPF with
use_avpf=No/AVP with use_avpf=Yes. This mismatch results in invalid SDP
answers being sent in response. If there is a mismatch between the media
type being offered and the configuration, Asterisk must reject the offer
with a 488.
This patch does the following:
* Asterisk will accept SDP offers with at least one media stream that it can
use. Some WARNING messages have been dropped to NOTICEs as a result.
* Asterisk will not accept an offer with a media type that doesn't match its
configuration.
* Asterisk will ignore declined media streams properly.
#SIPit31
Review: https://reviewboard.asterisk.org/r/4063/
ASTERISK-24122 #close
Reported by: James Van Vleet
ASTERISK-24381 #close
Reported by: Matt Jordan
........
Merged revisions 425868 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425879 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425881 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change adds a module which is configurable using the keep_alive_interval setting in the
global section that will send a CRLF keep alive to all active connection-oriented transports at
the provided interval. This is useful because it can help keep connections open through NATs.
This functionality also exists within PJSIP but can not be controlled at runtime and requires
recompiling it.
Review: https://reviewboard.asterisk.org/r/4084/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425825 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a native RTP bridge that is remotely bridging its participants switches
to a softmix bridge, it may not properly re-INVITE the media for one or both
participants back to Asterisk. This is due to the current bridge_native_rtp
code only re-INVITEs if it believes the channel will survive the bridge
operation. Currently, that code is failing, as it expects the channels to
have a soft hangup flag set on it indicating that a redirect has occurred
or that the channel is going to leave the bridge. (The code did not take into
account a smart bridge operation).
This patch also renames a few things to be more reflective of the underlying
types.
Review: https://reviewboard.asterisk.org/r/3997/
ASTERISK-24327 #close
........
Merged revisions 425760 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425761 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425762 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Tasks that were marked for pending deletion in the scheduler would be moved to
the cache for later reuse, but after being recycled the deleted mark wouldn't
be removed resulting in fresh tasks being deleted without reason... and
immediately moved back into the cache where they could be reused again. This
could cause horrendous things to happen in just about anything that used a
scheduler.
ASTERISK-24321 #close
Reported by: Steve Pitts
Review: https://reviewboard.asterisk.org/r/4071/
........
Merged revisions 425503 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425504 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425505 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Masquerades into and out of channels that are involved in a dial operation
don't create the expected dial end event. The missing dial end event goes
against the model for things like CDRs and generating Dial end manager
actions and such.
There are four cases:
1) A channel masquerades into the caller channel. The case happens when
performing a blonde transfer using the channel driver's protocol.
2) A channel masquerades into a callee channel. The case happens when
performing a directed call pickup.
3) The caller channel masquerades out of dial. The case happens when
using the Bridge application on the caller channel.
4) A callee channel masquerades out of dial. The case happens when using
the Bridge application on a peer channel.
As it turned out, all four cases need to be handled instead of just the
first one.
ASTERISK-24237
Reported by: Richard Mudgett
ASTERISK-24394 #close
Reported by: Richard Mudgett
Review: https://reviewboard.asterisk.org/r/4066/
........
Merged revisions 425430 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425455 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425456 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch provides the capability to manipulate templates and categories
with non-unique names via AMI.
Summary of changes:
GetConfig and GetConfigJSON: Added "Filter" parameter: A comma separated list
of name_regex=value_regex expressions which will cause only categories whose
variables match all expressions to be considered. The special variable name
TEMPLATES can be used to control whether templates are included. Passing
'include' as the value will include templates along with normal categories.
Passing 'restrict' as the value will restrict the operation to ONLY templates.
Not specifying a TEMPLATES expression results in the current default behavior
which is to not include templates.
UpdateConfig: NewCat now includes options for allowing duplicate category
names, indicating if the category should be created as a template, and
specifying templates the category should inherit from. The rest of the
actions now accept a filter string as defined above. If there are non-unique
category names, you can now update specific ones based on variable values.
To facilitate the new capabilities in manager, corresponding changes had to be
made to config, most notably the addition of filter criteria to many of the
APIs. In some cases it was easy to change the references to use the new
prototype but others would have required touching too many files for this
patch so a wrapper with the original prototype was created. Macros couldn't
be used in this case because it would break binary compatibility with modules
such as res_digium_phone that are linked to real symbols.
Tested-by: George Joseph
Review: https://reviewboard.asterisk.org/r/4033/
........
Merged revisions 425383 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425384 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425385 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a smart bridge operation occurs and a bridge transitions from one
technology to another the old technology is provided the channels formerly
in it and told that they are leaving. Unfortunately the bridge provided
along with them is incomplete. The bridge, despite there being channels in it,
contains none. This forces technology implementations to have additional
logic when channels are leaving or to store their own duplicated
state.
This change makes the bridge more complete so it contains the expected
channels. Now that the bridge is complete special logic within
bridge_native_rtp is no longer needed and has been removed.
Review: https://reviewboard.asterisk.org/r/4057/
........
Merged revisions 425242 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425243 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425244 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If res_phoneprov failed to fully load (due to not being configured), the
providers container will be NULL. If a module attempts to register a phone
provisioning provider, it should check for the presence of the container.
If there is no providers container, it should return an error.
This patch makes the ast_phoneprov_provider_register function do that...
otherwise this would be a silly commit message.
........
Merged revisions 425220 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 425221 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@425222 65c4cc65-6c06-0410-ace0-fbb531ad65f3