Simply establishing a TCP connection and never sending anything to the
configured HTTP port in http.conf will tie up a HTTP connection. Since
there is a maximum number of open HTTP sessions allowed at a time you can
block legitimate connections.
A similar problem exists if a HTTP request is started but never finished.
* Added http.conf session_inactivity timer option to close HTTP
connections that aren't doing anything. Defaults to 30000 ms.
* Removed the undocumented manager.conf block-sockets option. It
interferes with TCP/TLS inactivity timeouts.
* AMI and SIP TLS connections now have better authentication timeout
protection. Though I didn't remove the bizzare TLS timeout polling code
from chan_sip.
* chan_sip can now handle SSL certificate renegotiations in the middle of
a session. It couldn't do that before because the socket was non-blocking
and the SSL calls were not restarted as documented by the OpenSSL
documentation.
* Fixed an off nominal leak of the ssl struct in
handle_tcptls_connection() if the FILE stream failed to open and the SSL
certificate negotiations failed.
The patch creates a custom FILE stream handler to give the created FILE
streams inactivity timeout and timeout after a specific moment in time
capability. This approach eliminates the need for code using the FILE
stream to be redesigned to deal with the timeouts.
This patch indirectly fixes most of ASTERISK-18345 by fixing the usage of
the SSL_read/SSL_write operations.
ASTERISK-23673 #close
Reported by: Richard Mudgett
........
Merged revisions 415841 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415854 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415896 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415907 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In app_queue, device state changes arrive in event messages and
update the queue member status value. That value is checked in
get_member_status() to decide that the caller should leave when
there are no available members. Although event messages can be
delayed by other activity, there is no adverse affect by lagged
status except in one specific case: there is only one available
member, it was just rung, and leavewhenempty is enabled set for
ringing members. This change adds a direct check of the device
state only under this condition where the caller may be dropped
incorrectly, resolving this issue without affecting performance
of app_queue normally.
AST-1248 #close
Review: https://reviewboard.asterisk.org/r/3595/
Reported by: Thomas Arimont
........
Merged revisions 415833 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415835 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415836 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415839 65c4cc65-6c06-0410-ace0-fbb531ad65f3
MixMonitor AMI commands StartMixMonitor and StopMixMonitor lacked class
authorization. StopMixMonitor now requires that the manager user either have
the call or system class authorization. StartMixMonitor is a slightly larger
issue since it can execute shell commands if the right arguments are passed
into it, and we consider this a permission escalation. A security release
will be issued for problem this shortly.
ASTERISK-23609 #close
Reported by: Corey Farrell
........
Merged revisions 415825 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415832 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415834 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A remotely exploitable crash vulnerability exists in the PJSIP channel driver's
pub/sub framework. If an attempt is made to unsubscribe when not currently
subscribed and the endpoint's "sub_min_expiry" is set to zero, Asterisk tries
to create an expiration timer with zero seconds, which is not allowed, so an
assertion raised.
The fix was to reject a subscription that is attempting to unsubscribe when not
being already subscribed. Asterisk now checks for this situation appropriately
and responds with a 400 instead of crashing.
AST-2014-005
ASTERISK-23489 #close
........
Merged revisions 415812 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415813 65c4cc65-6c06-0410-ace0-fbb531ad65f3
SIP transaction timeouts are handled in the PJSIP monitor thread. When
this happens on a subscription, and the subscription is destroyed, the
subscription destruction is dispatched synchronously to the threadpool.
The issue is that the PJSIP dialog is locked by the monitor thread,
and then the dispatched task attempts to lock the dialog. This leads
to a deadlock that causes SIP traffic to no longer be accepted on the
Asterisk server.
The fix here is to treat the monitor thread as if it were a threadpool
thread when it attempts to dispatch synchronous tasks. This way, the
dispatched task turns into a simple function call within the same thread,
and the locking issue is averted.
AST-2014-008
ASTERISK-23802 #close
........
Merged revisions 415794 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415795 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change makes res_pjsip_pubsub persist inbound subscriptions in sorcery. By default
this uses the local astdb but it can also be configured to store within an outside
database. When Asterisk is started these subscriptions are recreated if they have not
expired. Notifications are sent to the devices which have subscribed and they are none
the wiser that the system has restarted.
Review: https://reviewboard.asterisk.org/r/3598/
........
Merged revisions 415766 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415767 65c4cc65-6c06-0410-ace0-fbb531ad65f3
From now on, make install will overwrite safe_asterisk with the
latest version. You need to move any local modifications to files
inside /etc/asterisk/startup.d, if you have any.
See also commits r394939 and r397938.
ASTERISK-21965 #close
Patches:
safe_asterisk.patch uploaded by jkister (License 6232, modified by me)
........
Merged revisions 415748 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415749 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The supplied hash function to a container must be idempotent given the
object's key value to figure out which container bucket the object belongs
in. Returning a random number or the current container count is not
idempotent. The "computed hash" value doesn't help find the object later
in those cases.
* Fixed the format_list container to actually be a list since that is how
the container is used. Conceptually, if more than 283 formats were added
to the format_list then odd things may have happened before the fix.
........
Merged revisions 415728 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415729 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415730 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Adds presence state value to output of core show
hints. Also reformats the output slightly so it
doesn't use as much space as it would otherwise.
Was:
1000@demo : SIP/1000 State:Unavailable Watchers 0
Now:
1000@demo : SIP/1000 State:Unavailable Presence:Idle Watchers 0
AFS-53 #close
Review: https://reviewboard.asterisk.org/r/3604/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415698 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Documentation for how to add custom headers/content to notifies created
with the PJSIPNotify manager action was a little sparse and it also
wasn't vetting application of Content-length headers like its chan_sip
equivalent was (so two Content-length headers could be applied... and
PJSIP determines the content length anyway, so it just opens people up
for error). This patch also flips the variable order so that the
variables are interpreted in the same order as they are put in the AMI
action.
Review: https://reviewboard.asterisk.org/r/3587/
........
Merged revisions 415658 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415659 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When using PJSIP_HEADER() to add custom headers to outgoing INVITE requests, certain
situations could result in the headers being duplicated. For instance, if the request
were retransmitted, or if the INVITE were re-sent with authentication credentials,
the custom headers would be re-added to the request.
The fix here is to, after adding the custom headers to the outbound INVITE, remove
the datastore that holds the custom headers to add. This way, there is no risk in
accidentally adding them if the session supplement is called into a second or third
time.
........
Merged revisions 415579 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415580 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch is a re-do of r414122.
When r414122 was merged, a major problem with it was uncovered. UNBRIDGE soft
hangup flags have a catastrophic effect on the pbx core if they leak out from
the bridge layer: the channel gets hung up. With the number of threads
involved in a blind transfer, and with the initial patch, it was likely that
this would occur. This caused a large number of test failures
This patch is nearly identical with the one proposed in r414122, save for the
following changes:
- We explicitly clear the UNBRIDGE flag when setting an after goto on a
channel in a bridge
- Defensively, if we encounter an UNBRIDGE flag in the pbx core, we handle it
https://reviewboard.asterisk.org/r/3585/
........
Merged revisions 415443 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415444 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If using the custom URI parsing code (not external uriparser lib) and there
was no query parameters the resulting pointer would be NULL and then an
attempt was made to subtract from it. The pointer is now set to a valid
value if there is no query parameter(s).
Also, in the 'ast_uri_make_host_with_port' function when setting the terminator
on the resulting string it was writing it one past the end of allocated memory.
It now writes the string terminator appropriately.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415358 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Currently, there are situations that can occur when using chan_pjsip
and certain dialplan applications (notably ChanSpy()) that can cause
the channel to get no audio with scrolling warnings about format
mismatches. This is caused by a failure to update translation paths on
a mid-call native format update since the raw formats have already
been updated by res_pjsip_sdp_rtp.c in set_caps(). Removing the
premature raw format updates allows the translation paths to be setup
correctly and the raw read and write formats with them.
AFS-63 #close
........
Merged revisions 415342 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415343 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Changed naming of included alias templates to avoid confusion between version names. For example, asterisk12 was for asterisk 1.2, so I changed it to asterisk_1dot2, so that later we can use asterisk_12 for Asterisk 12.
Added alias for "features reload" to the template for Asterisk 11 style syntax template, as features reload was removed in 12, but you can still do "module reload features"
Added alias for "pjsip reload" to the friendly template. It is shorter than "module reload res_pjsip.so" and if some are like me; I constantly forget that reloading chan_pjsip doesn't parse config. Remembering "pjsip reload" is just easier.
ASTERISK-23654 #close
ASTERISK-23654 #comment Fixed by adding two new aliases and enhancements for context names.
Review: https://reviewboard.asterisk.org/r/3572/
........
Merged revisions 415301 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415302 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The twisted logic determining if a config file should be reloaded was
mostly broken and disabled. The incorrect test that ASTERISK-23383 fixed
actually reenabled the broken logic. The incorrect test was causing the
timestamp to always be cleared which caused config files with includes to
always be reloaded.
* Made wildcard includes always cause a reload. Determining if a file was
deleted cannot be determined without restructuring the cache to determine
if any files are missing from the last files actually loaded. Also
without refactoring config_text_file_load(), the glob loop couldn't check
more than one file for changes anyway.
* Made remove the cache entry if the file no longer exists when trying to
get its timestamp or it is no longer a regular file. This fixes the
corner case where the file was loaded, then deleted, then the config
reloaded, then the file restored with the same timestamp, and then the
config reloaded again.
* Made remove the cache entry include list when actually loading the file.
This gets rid of any stale includes the file had from the last time the
file was loaded.
ASTERISK-23683 #close
Reported by: tootai
Review: https://reviewboard.asterisk.org/r/3575/
........
Merged revisions 415225 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415229 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415230 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415231 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Added a websocket server client in Asterisk. Asterisk has a websocket server,
but not a client. The ability to have Asterisk be able to connect to a websocket
server can potentially be useful for future work (for instance this could allow
ARI to connect back to some external system, although more work would be needed
in order to incorporate that).
Also a couple of things to note - proxy connection support has not been
implemented and there is limited http response code handling (basically, it is
connect or not).
Also added an initial new URI handling mechanism to core. Internet type URI's
are parsed into a data structure that contains pointers to the various parts of
the URI.
(closes issue ASTERISK-23742)
Reported by: Kevin Harwell
Review: https://reviewboard.asterisk.org/r/3541/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415223 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this patch, users waiting to enter a ConfBridge were not considered
when muted via the CLI or via AMI. Instead, a confusing message would be
emitted stating that the channel did not exist.
This patch allows a user to be muted when waiting to enter a ConfBridge
conference. This is equivalent to start when muted, only toggled via the CLI
or AMI.
Review: https://reviewboard.asterisk.org/r/3582
#ASTERISK-23824 #close
patches:
rb3582.patch uploaded by tm1000 (License 6524)
........
Merged revisions 415206 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415207 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415208 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Cleans up the safe_asterisk script and adds the ASTSAFE_FOREGROUND
option that allows the debian asterisk init script to capture the
right pid.
* Drop the vim #modeline which wasn't used. Use test consistently
without the odd configure xno syntax. Double quote all paths.
General cleanup.
* Don't output message()s to the console but only to TTY if set.
* Allow TTY to be "no" as well as empty (debian compatibility with
debian/patches/safe_asterisk-config).
* Add option to export ASTSAFE_FOREGROUND=1 from the init script
that calls this to disable backgrounding. Debian uses a similar
method in debian/patches/safe_asterisk-nobg).
ASTERISK-23492 #close
Review: https://reviewboard.asterisk.org/r/3574/
........
Merged revisions 415132 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415171 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415172 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415173 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Conference names were not checked for maximum length, allowing unexpected
behaviour. This change adds checking to ensure the maximum length is not
exceeded. The maximum length is also changed from 32 to AST_MAX_EXTENSION.
ASTERISK-23035 #close
Reported by: Iñaki Cívico
Tested by: Iñaki Cívico
Patches:
confbridge-enforce_max-1.8.patch uploaded by coreyfarrell (license 5909)
confbridge-enforce_max-11up.patch uploaded by coreyfarrell (license 5909)
........
Merged revisions 415060 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415066 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415078 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415080 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The bridge_native_rtp module currently uses the bridge result of the first
channel that joins a bridge as the ultimate result. This means that if the
first channel has direct media enabled but the second does not a direct
media bridge will still occur.
This change makes it so that both sides are taken into account. If either
side forbids the bridge or responds with a local bridge result then
either a generic or local bridge occurs.
ASTERISK-23541 #close
Reported by: Justin E
Review: https://reviewboard.asterisk.org/r/3577/
........
Merged revisions 414975 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414976 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch adds a new channel function TALK_DETECT that, when set on a
channel, causes events indicating the start/stop of talking on a channel to be
emitted to both AMI and ARI clients.
The function allows setting both the silence threshold (the length of silence
after which we decide no one is talking) as well as the talking threshold (the
amount of energy that counts as talking). Parameters can be updated on a channel
after talk detection has been enabled, and talk detection can be removed at
any time.
The events raised by the function use a nomenclature similar to existing AMI/ARI
events.
For AMI: ChannelTalkingStart/ChannelTalkingStop
For ARI: ChannelTalkingStarted/ChannelTalkingFinished
Review: https://reviewboard.asterisk.org/r/3563/
#ASTERISK-23786 #close
Reported by: Matt Jordan
........
Merged revisions 414934 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414935 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch addresses some aesthetic issues in Asterisk. These are all just
minor tweaks to improve the look of the CLI when used in a variety of
settings. Specifically:
* A number of chatty verbose messages were removed or demoted to DEBUG
messages. Verbose messages with a verbosity level of 5 or higher were -
if kept as verbose messages - demoted to level 4. Several messages
that were emitted at verbose level 3 were demoted to 4, as announcement
of dialplan applications being executed occur at level 3 (and so the
effects of those applications should generally be less).
* Some verbose messages that only appear when their respective 'debug'
options are enabled were bumped up to always be displayed.
* Prefix/timestamping of verbose messages were moved to the verboser
handlers. This was done to prevent duplication of prefixes when the
timestamp option (-T) is used with the CLI.
* Verbose magic is removed from messages before being emitted to
non-verboser handlers. This prevents the magic in multi-line verbose
messages (such as SIP debug traces or the output of DumpChan) from
being written to files.
* _Slightly_ better support for the "light background" option (-W) was
added. This includes using ast_term_quit in the output of XML
documentation help, as well as changing the "Asterisk Ready" prompt to
bright green on the default background (which stands a better chance of
being displayed properly than bright white).
Review: https://reviewboard.asterisk.org/r/3547/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414798 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When generating SQL files via the repotools alembic_creator.py script, a
configuration object is used programatically with SQLAlechemy, as opposed to
a configuration file. This patch ignores failures to interpret a config file,
as ... there isn't one in this case.
........
Merged revisions 414763 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414764 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Simply enabling PJSIP to negotiage a video codec (e.g., h264) would leak
video RTP ports if the codec were not negotiated by an incoming call.
* Made add_sdp_streams() associate the handler with the media stream if
the handler handled the media stream. Otherwise, when the
ast_sip_session_media object was destroyed it didn't know how to clean up
the RTP resources.
* Fixed sdp_requires_deferral() associating the handler with the media
stream when deciding if the SDP processing needs to be deferred for T.38.
Like the leaked video RTP ports, the T.38 handler needs to clean up
allocated resources from deciding if SDP processing needs to be deffered.
* Cleaned up some dead code in handle_incoming_sdp() and
sdp_requires_deferral().
ASTERISK-23721 #close
Reported by: cervajs
Review: https://reviewboard.asterisk.org/r/3571/
........
Merged revisions 414749 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414750 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Improvements to the agent pool functionality.
* AgentRequest no longer hangs up the caller if the agent fails to connect
with the caller. It now continues in the dialplan.
* AgentRequest returns AGENT_STATUS set to NOT_CONNECTED if the agent
failed to connect with the call. Most likely because the agent did not
acknowledge the call in time or got disconnected.
* The agent alerting play file configured by the agent.conf custom_beep
option can now be disabled by setting the option to an empty string. The
agent is effectively alerted to a call presence when MOH stops.
* Fixed bridge reference leak when the agent connects with a caller.
ASTERISK-23499 #close
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3551/
........
Merged revisions 414747 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414748 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Kinsey Moore
Richard Mudgett
Rusty Newton
Jonathan Rose
Scott Griepentrog
Kevin Harwell
Mark Michelson
Joshua Colp
Walter Doekes
Alexandr Anikin
Corey Farrell
Matthew Jordan
George Joseph