An admin can configure app_minivm with an externnotify program to be run
when a voicemail is received. The app_minivm application MinivmNotify
uses ast_safe_system() for this purpose which is vulnerable to command
injection since the Caller-ID name and number values given to externnotify
can come from an external untrusted source.
* Add ast_safe_execvp() function. This gives modules the ability to run
external commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new
function does not allow malicious input to break argument encoding. This
may be of particular concern where CALLERID(name) or CALLERID(num) may be
used as a parameter to a script run by ast_safe_system() which could
potentially allow arbitrary command execution.
* Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp()
instead of ast_safe_system() to avoid command injection.
* Document code injection potential from untrusted data sources for other
shell commands that are under user control.
ASTERISK-27103
Change-Id: I7552472247a84cde24e1358aaf64af160107aef1
Add ability to use tokens instead of passwords according to Google OAuth 2.0
protocol.
ASTERISK-27169
Reported by: Andrey Egorov
Tested by: Andrey Egorov
Change-Id: I07f7052a502457ab55010a4d3686653b60f4c8db
Setting this option will cause the Queue application to only announce
the caller's position if it has improved since the last time that we
announced it.
Change-Id: I173a124121422209485b043e2bf784f54242fce6
This change does a few things to improve packet loss and renegotiation:
1. On outgoing RTP streams we will now properly reflect out of order
packets and packet loss in the sequence number. This allows the
remote jitterbuffer to better reorder things.
2. Video updates can now be discarded for a period of time
after one has been sent to prevent flooding of clients.
3. For declined and removed streams we will now release any
media session resources associated with them. This was not
previously done and caused an issue where old state was being
used for a new stream.
4. RTP bundling was not actually removing bundled RTP instances
from the parent. This has been resolved by removing based on
the RTP instance itself and not the SSRC.
5. The code did not properly handle explicitly unbundling an
RTP instance from its parent. This now works as expected.
ASTERISK-27143
Change-Id: Ibd91362f0e4990b6129638e712bc8adf0899fd45
This patch creates a new configuration option called "webrtc". When enabled it
defaults and enables the following options that are needed in order for webrtc
to work in Asterisk:
rtcp-mux, use_avpf, ice_support, and use_received_transport=enabled
media_encryption=dtls
dtls_verify=fingerprint
dtls_setup=actpass
When "webrtc" is enabled, this patch also parses the "msid" media level
attribute from an SDP. It will also appropriately add it onto the outgoing
session when applicable.
Lastly, when "webrtc" is enabled h264 RTCP FIR feedback frames are now sent.
ASTERISK-27119 #close
Change-Id: I5ec02e07c5d5b9ad86a34fdf31bf2f9da9aac6fd
This adds support for parsing timelen values from config files. This
includes support for all flags which apply to PARSE_INT32. Support for
this parser is added to ACO via the OPT_TIMELEN_T option type.
Fixes an issue where extra characters provided to ast_app_parse_timelen
were ignored, they now cause an error.
Testing is included.
ASTERISK-27117 #close
Change-Id: I6b333feca7e3f83b4ef5bf2636fc0fd613742554
By default, when res_musiconhold reloads or unloads, it sends a HUP
signal to custom applications (and all descendants), waits 100ms,
then sends a TERM signal, waits 100ms, then finally sends a KILL
signal. An application which is interacting with an external
device and/or spawns children of its own may not be able to exit
cleanly in the default times, expecially if sent a KILL signal, or
if it's children are getting signals directly from
res_musiconhoild.
* To allow extra time, the 'kill_escalation_delay'
class option can be used to set the number of milliseconds
res_musiconhold waits before escalating kill signals, with the
default being the current 100ms.
* To control to whom the signals are sent, the "kill_method" class
option can be set to "process_group" (the default, existing
behavior), which sends signals to the application and its
descendants directly, or "process" which sends signals only to the
application itself.
Change-Id: Iff70a1a9405685a9021a68416830c0db5158603b
When connected_line_method is "invite", we're supposed to determine
if the client can support UPDATE and if it can, send UPDATE instead
of INVITE to avoid the SDP renegotiation. Not only was pjproject
not setting the PJSIP_INV_SUPPORT_UPDATE flag, we were testing
that invite_tsx wasn't NULL which isn't always the case.
* Updated chan_pjsip/update_connected_line_information to drop the
requirement that invite_tsx isn't NULL.
* Submitted patch to pjproject sip_inv.c that sets the
PJSIP_INV_SUPPORT_UPDATE flag correctly.
* Updated pjsip.conf.sample to clarify what happens when "invite"
is specified.
ASTERISK-27095
Change-Id: Ic2381b3567b8052c616d96fbe79564c530e81560
The stream topology (list of streams and order) is now stored with the
configured PJSIP endpoints and used during the negotiation process.
Media negotiation state information has been changed to be stored
in a separate object. Two of these objects exist at any one time
on a session. The active media state information is what was previously
negotiated and the pending media state information is what the
media state will become if negotiation succeeds. Streams and other
state information is stored in this object using the index (or
position) of each individual stream for easy lookup.
The ability for a media type handler to specify a callback for
writing has been added as well as the ability to add file
descriptors with a callback which is invoked when data is available
to be read on them. This allows media logic to live outside of
the chan_pjsip module.
Direct media has been changed so that only the first audio and
video stream are directly connected. In the future once the RTP
engine glue API has been updated to know about streams each individual
stream can be directly connected as appropriate.
Media negotiation itself will currently answer all the provided streams
on an offer within configured limits and on an offer will use the
topology created as a result of the disallow/allow codec lines.
If a stream has been removed or declined we will now mark it as such
within the resulting SDP.
Applications can now also request that the stream topology change.
If we are told to do so we will limit any provided formats to the ones
configured on the endpoint and send a re-invite with the new topology.
Two new configuration options have also been added to PJSIP endpoints:
max_audio_streams: determines the maximum number of audio streams to
offer/accept from an endpoint. Defaults to 1.
max_video_streams: determines the maximum number of video streams to
offer/accept from an endpoint. Defaults to 1.
ASTERISK-27076
Change-Id: I8afd8dd2eb538806a39b887af0abd046266e14c7
A new global option "imap_poll_logout" was added to specify whether need to
disconnect from the IMAP server after polling of mailboxes.
ASTERISK-27068 #close
Closing IMAP connection after loading mailbox from voicemail.conf
ASTERISK-24052 #close
Change-Id: Ib7558ba04516240a32b65f42e9be64372a0ae12a
This option was added to control whether to notify dialog-info state
'early' or 'confirmed' on Ringing when already INUSE.
The value "yes" is useful for some SIP phones (Cisco SPA)
to be able to indicate and pick up ringing devices.
ASTERISK-26919 #close
Change-Id: Ie050bc30023543c7dfb4365c5be3ce58c738c711
Additional variable to work alongside QUEUE_MAX_PENALTY and QUEUE_MIN_PENALTY,
including an extra parameter in queuerules.conf. This value causes lower
Agent penalty values to "raise up" so that they can join higher penalty agents
and be treated equally after a period of time.
ASTERISK-26995 #close
Change-Id: If1c6421a983667a5ac4c359f6dac25b212b4c459
This option was added to turn off notifying the progress details
on Blind Transfer. If this option is not set then the chan_pjsip
will send NOTIFY "200 OK" immediately after "202 Accepted".
Some SIP phones like Mitel/Aastra or Snom keep the line busy until
receive "200 OK".
ASTERISK-26333 #close
Change-Id: Id606fbff2e02e967c02138457badc399144720f2
This change adds the required logic to allow the SIP
Call-ID to be placed into the HEP RTCP traffic if the
chan_sip module is used. In cases where the option is
enabled but the channel is not either SIP or PJSIP then
the code will fallback to the channel name as done
previously.
Based on the change on Nir's branch at:
team/nirs/hep-chan-sip-support
ASTERISK-26427
Change-Id: I09ffa5f6e2fdfd99ee999650ba4e0a7aad6dc40d
All log messages go to a queue serviced by a single thread
which does all the IO. This setting controls how big that
queue can get (and therefore how much memory is allocated)
before new messages are discarded. The default is 1000.
Should something go bezerk and log tons of messages in a tight
loop, this will prevent memory escalation.
When the limit is reached, a WARNING is logged to that effect
and messages are discarded until the queue is empty again. At
that time another WARNING will be logged with the count of
discarded messages. There's no "low water mark" for this queue
because the logger thread empties the entire queue and processes it
in 1 batch before going back and waiting on the queue again.
Implementing a low water mark would mean additional locking as
the thread processes each message and it's not worth it.
A "test" was added to test_logger.c but since the outcome is
non-deterministic, it's really just a cli command, not a unit
test.
Change-Id: Ib4520c95e1ca5325dbf584c7989ce391649836d1
Added the stun_blacklist option to rtp.conf. Some multihomed servers have
IP interfaces that cannot reach the STUN server specified by stunaddr.
Blacklist those interface subnets from trying to send a STUN packet to
find the external IP address. Attempting to send the STUN packet
needlessly delays processing incoming and outgoing SIP INVITEs because we
will wait for a response that can never come until we give up on the
response. Multiple subnets may be listed.
ASTERISK-26890 #close
Change-Id: I3ff4f729e787f00c3e6e670fe6435acce38be342
This include was accidentally removed in changeset
Ia79aea64de89531362e993e34230c2044a70aa93. My bad.
Change-Id: I1d716c7f9590b4e97909fb8bca1f2ed9bd0e4082
This change adds database tables for the PUBLISH support so it
can be configured using realtime. A minor fix to the
res_pjsip_publish_asterisk module was done so that it read the
sorcery configuration from the correct section. Finally the
sample configuration files have been updated.
ASTERISK-26928
Change-Id: I81991ae5c75af98d247f7eacd1c0b0a763675952
Two new parameters have been added to the pjsip config wizard.
* Setting 'sends_line_with_registrations' to true will cause the wizard
to skip the creation of an identify object to match incoming request
to the endpoint and instead add the line and endpoint parameters to
the outbound registration object.
* Setting 'outbound_proxy' is a shortcut for adding individual
endpoint/outbound_proxy, aor/outbound_proxy and
registration/outbound_proxy parameters.
Change-Id: I678e5f80765734c056620528a6d40d82736ceeb0
(cherry picked from commit a827892ff7)
(cherry picked from commit 27344675be)
Dynamic payload types were statically defined in Asterisk. This unfortunately
limited the number of dynamic payloads that could be registered. With this patch
dynamic payload type numbers are now assigned dynamically and per RTP instance.
However, in order to limit any issues where some clients expect the old
statically defined value this patch makes it so the value Asterisk used to pre-
designate is used for the dynamic assignment if available.
An option, "rtp_use_dynamic", has also been added (can be set in asterisk.conf)
that turns the new dynamic behavior on or off. When off it reverts back to using
statically defined payload values. This option defaults to "yes" in Asterisk 15.
ASTERISK-26515 #close
patches:
ASTERISK-26515.diff submitted by jcolp (license 5000
Change-Id: I7653465c5ebeaf968f1a1cc8f3f4f5c4321da7fc
Support for RFC3578 overlap dialling (i.e. 484 Response to partially matched
destinations) as currently provided by chan_sip is missing from res_pjsip.
This patch adds a new endpoint attribute (allow_overlap) [defaults to yes]
which when set to yes enables 484 responses to partial destination
matches rather than the current 404.
ASTERISK-26864
Change-Id: Iea444da3ee7c7d4f1fde1d01d138a3d7b0fe40f6
A new transport parameter 'symmetric_transport' has been added.
When a request from a dynamic contact comes in on a transport with
this option set to 'yes', the transport name will be saved and used
for subsequent outgoing requests like OPTIONS, NOTIFY and INVITE.
It's saved as a contact uri parameter named 'x-ast-txp' and will
display with the contact uri in CLI, AMI, and ARI output. On the
outgoing request, if a transport wasn't explicitly set on the
endpoint AND the request URI is not a hostname, the saved transport
will be used and the 'x-ast-txp' parameter stripped from the
outgoing packet.
* config_transport was modified to accept and store the new parameter.
* config_transport/transport_apply was updated to store the transport
name in the pjsip_transport->info field using the pjsip_transport->pool
on UDP transports.
* A 'multihomed_on_rx_message' function was added to
pjsip_message_ip_updater that, for incoming requests, retrieves the
transport name from pjsip_transport->info and retrieves the transport.
If transport->symmetric_transport is set, an 'x-ast-txp' uri parameter
containing the transport name is added to the incoming Contact header.
* An 'ast_sip_get_transport_name' function was added to res_pjsip.
It takes an ast_sip_endpoint and a pjsip_sip_uri and returns a
transport name if endpoint->transport is set or if there's an
'x-ast-txp' parameter on the uri and the uri host is an ipv4 or
ipv6 address. Otherwise it returns NULL.
* An 'ast_sip_dlg_set_transport' function was added to res_pjsip
which takes an ast_sip_endpoint, a pjsip_dialog, and an optional
pjsip_tpselector. It calls ast_sip_get_transport_name() and if
a non-NULL is returned, sets the selector and sets the transport
on the dialog. If a selector was passed in, it's updated.
* res_pjsip/ast_sip_create_dialog_uac and ast_sip_create_dialog_uas
were modified to call ast_sip_dlg_set_transport() instead of their
original logic.
* res_pjsip/create_out_of_dialog_request was modified to call
ast_sip_get_transport_name() and pjsip_tx_data_set_transport()
instead of its original logic.
* Existing transport logic was removed from endpt_send_request
since that can only be called after a create_out_of_dialog_request.
* res_pjsip/ast_sip_create_rdata was converted to a wrapper around
a new 'ast_sip_create_rdata_with_contact' function which allows
a contact_uri to be specified in addition to the existing
parameters. (See below)
* res_pjsip_pubsub/internal_pjsip_evsub_send_request was eliminated
since all it did was transport selection and that is now done in
ast_sip_create_dialog_uac and ast_sip_create_dialog_uas.
* 'contact_uri' was added to subscription_persistence. This was
necessary because although the parsed rdata contact header has the
x-ast-txp parameter added (if appropriate),
subscription_persistence_update stores the raw packet which
doesn't have it. subscription_persistence_recreate was then
updated to call ast_sip_create_rdata_with_contact with the
persisted contact_uri so the recreated subscription has the
correct transport info to send the NOTIFYs.
* res_pjsip_session/internal_pjsip_inv_send_msg was eliminated since
all it did was transport selection and that is now done in
ast_sip_create_dialog_uac.
* pjsip_message_ip_updater/multihomed_on_tx_message was updated
to remove all traces of the x-ast-txp parameter from the
outgoing headers.
NOTE: This change does NOT modify the behavior of permanent
contacts specified on an aor. To do so would require that the
permanent contact's contact uri be updated with the x-ast-txp
parameter and the aor sorcery object updated. If we need to
persue this, we need to think about cloning permanent contacts into
the same store as the dynamic ones on an aor load so they can be
updated without disturbing the originally configured value.
You CAN add the x-ast-txp parameter to a permanent contact's uri
but it would be much simpler to just set endpoint->transport.
Change-Id: I4ee1f51473da32ca54b877cd158523efcef9655f
This patch updates the documenation in hep.conf.sample to better specify
how the various HEP modules interact.
ASTERISK-26717 #close
Change-Id: I337fb742a89e3ec5edc7fc7a7a0295218d841124
* apps/app_voicemail.c fromstring field added to mailbox which will
override the global fromstring if set.
ASTERISK-24562 #close
Change-Id: I5e90e3a1ec2b2d5340b49a0db825e4bbb158b2fe
This change updates the documentation for the outbound_proxy option
to ensure it is consistently stated that a full SIP URI must be
provided for the option.
The res_pjsip_outbound_registration module has also been changed so
that the provided outbound_proxy value is checked to ensure it is a
URI and if not an error is output stating so.
ASTERISK-26782
Change-Id: I6c239a32274846fd44e65b44ad9bf6373479b593
Using the same auth section for inbound and outbound authentication is not
recommended. There is a difference in meaning for an empty realm setting
between inbound and outbound authentication uses.
An empty inbound auth realm represents the global section's default_realm
value when the authentication object is used to challenge an incoming
request. An empty outgoing auth realm is treated as a don't care wildcard
when the authentication object is used to respond to an incoming
authentication challenge.
ASTERISK-26799
Change-Id: Id3952f7cfa1b6683b9954f2c5d2352d2f11059ce
