XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
(closes issue ABE-2902)
Reported by: Guenther Kelleter
Tested by: Guenther Kelleter
Review: http://reviewboard.digium.internal/r/365/
........
Merged revision 378919 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
........
Merged revisions 378933 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378934 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378935 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Previously if an XMPP client reconnected any filters added by an external module were lost.
This issue exhibited itself with chan_motif not receiving and reacting to Jingle signaling.
(closes issue ASTERISK-20916)
Reported by: kuj
........
Merged revisions 378917 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378918 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This provides a JSON API by pulling in and wrapping the Jansson JSON
library[1]. The Asterisk API basically mirrors the Jansson
functionality, with a few minor tweaks.
* Some names have been asteriskified to protect the innocent.
* Jansson provides both reference-stealing and reference-borrowing
versions of several API's. The Asterisk API is exclusively
reference-stealing for operations that put elements into arrays and
objects.
* No support for doubles, since we usually don't need that.
* Coming along for the ride is the ast_test_validate macro, which made
the unit tests much easier to write.
[1]: http://www.digip.org/jansson/
(issue ASTERISK-20887)
(closes issue ASTERISK-20888)
Review: https://reviewboard.asterisk.org/r/2264/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378915 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix an unbalanced manager_bridge_event(unlink) call if
AST_SOFTHANGUP_UNBRIDGE is set in ast_channel_bridge().
* Make ast_channel_bridge() use common cleanup code when leaving the
bridge.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378889 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Squeezed some redundancy out of update_bridge_vars().
* Wrapped long line in __ast_change_name_nolink().
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378859 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* softmix_bridge_thread() was redundantly initializing an 8K buffer.
* Promoted a debug message to a warning in multiplexed_add_or_remove().
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378858 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The prior location is before the declaration of struct ast_str, which causes
compiler warnings.
(closes issue ASTERISK-20852)
Reported by: Pavel Troller
Patches:
strings.diff uploaded by Pavel Troller (license 6302)
........
Merged revisions 378747 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378748 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When ringinuse=no queue members can receive more than one call if these
calls happen at nearly the same time.
* Fix so a queue member does not receive more than one call from a queue.
NOTE: This fix does not prevent multiple calls to a member if the member
is in more than one queue.
* Did some refactoring to eliminate some code redundancy.
(issue ASTERISK-16115)
Reported by: nik600
Patches:
jira_asterisk_16115_single_q_v1.8.patch (license #5621) patch uploaded by rmudgett
Modified
* Revert the -r341580 and -r341599 changes adding the queues.conf
check_state_unknown option as it was added in an attempt to fix this
problem. The fix did not need to be optional. The fix should not have
tried to explicitly set the device state. Setting the device state by
something other than the device introduces a race condition. I also could
not see how the change would be effective other than delaying the
app_queue code long enough for the device state to propagate to app_queue.
........
Merged revisions 378663 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378683 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 378687 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378688 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Under some circumstances, libsrtp's srtp_create function deallocates memory that
it wasn't initially responsible for allocating. Because we weren't initially
aware of this behavior, this memory was still used in spite of being unallocated
during the course of the srtp_unprotect function. A while back I made a patch
which would set this value to NULL, but that exposed a possible condition where
we would then try to check a member of the struct which would cause a segfault.
In order to address these problems, ast_srtp_unprotect will now set an error value
when it ends without a valid SRTP session which will result in the caller of
srtp_unprotect observing this error and hanging up the relevant channel instead of
trying to keep using the invalid session address.
(closes issue ASTERISK-20499)
Reported by: Tootai
Review: https://reviewboard.asterisk.org/r/2228/diff/#index_header
........
Merged revisions 378591 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378592 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378593 65c4cc65-6c06-0410-ace0-fbb531ad65f3
On a fresh checkout of Asterisk 11, running make before ./configure
could cause the pjproject subdirectory to get in an odd state that
would prevent compilation. This patch by Tilghman prevents that from
occurring.
(closes issue ASTERISK-20681)
Reported by: Dinesh Ramjuttun
Tested by: danilo borges, Steve Lang
patches:
20121208__ccar_solved.diff.txt uploaded by Tilghman Lesher (license 5003)
........
Merged revisions 378582 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378585 65c4cc65-6c06-0410-ace0-fbb531ad65f3
On a multihomed server when sending a NOTIFY message, we were not figuring out
which network should be used to contact the peer.
This patch fixes the problem by calling ast_sip_ouraddrfor() and then
build_via() so that our NOTIFY message contains the correct IP address.
Also, a debug message is being added to help follow the call-id changes that
occur. This was helpful for confirming that the IP address was set properly
since the call-id contains the IP address. It also will be helpful for
troubleshooting purposes when following a call in the debug logs.
(closes issue ASTERISK-20805)
Reported by: Bryan Hunt
Tested by: Bryan Hunt, Michael L. Young
Patches:
asterisk-20805-notify-ip-v2.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2255/
........
Merged revisions 378554 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378559 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378565 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the "h" extension is present within the context of the queue, all calls
are being reported COMPLETECALLER even when the agent is hanging up the call.
This patch checks to see if the agent hung-up or not instead of only relying on
checking if the queue (caller) channel hung-up or not. It would appear that
having the h extension in the mix, the pbx goes to the h extension,
"hanging-up" the queue channel and triggering the reporting of COMPLETECALLER.
(closes issue ASTERISK-20743)
Reported by: call
Tested by: call, Michael L. Young
Patches:
asterisk-20743-q-cmplt-caller.diff
uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2256/
........
Merged revisions 378514 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378515 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378516 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This is an interesting feature that allows additional strings to be used to
search the Directory, primarily intended to be used with nicknames, but could
be used with affiliations and the like. Because the name field is used in
more than one place (such as email notifications), it is important that these
additional strings not be placed in the name field, but be specified
separately.
Review: https://reviewboard.asterisk.org/r/2244/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378414 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Similar to r378287, res_xmpp was marshaling data read from an external source
onto the stack. For a sufficiently large message, this could cause a stack
overflow. This patch modifies res_xmpp in a similar fashion to res_jabber by
removing the stack allocation, as it was unnecessary.
(issue ASTERISK-20658)
Reported by: wdoekes
........
Merged revisions 378409 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378410 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When parsing arguments, application entry points should not attempt to
directly modify the parameters to the function. This patch properly duplicates
the passed in parameters before attempting to parse them.
(issue ASTERISK-20658)
Reported by: wdoekes
patches:
issueA20658_sanitize_app_mysql.patch uploaded by wdoekes (license 5674)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378384 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When reading configuration data from an Asterisk .conf file or when pulling
data from an Asterisk RealTime backend, Asterisk was copying the data on the
stack for manipulation. Unfortunately, it is possible to read configuration
data or realtime data from some data source that provides a large blob of
characters. This could potentially cause a crash via a stack overflow.
This patch prevents large sets of data from being read from an ARA backend or
from an Asterisk conf file.
(issue ASTERISK-20658)
Reported by: wdoekes
Tested by: wdoekes, mmichelson
patches:
* issueA20658_dont_process_overlong_config_lines.patch uploaded by wdoekes (license 5674)
* issueA20658_func_realtime_limit.patch uploaded by wdoekes (license 5674)
........
Merged revisions 378375 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378376 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378377 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The AMI redirect action can fail to redirect two channels that are bridged
together. There is a race between the AMI thread redirecting the two
channels and the bridge thread noticing that a channel is hungup from the
redirects.
* Made the bridge wait for both channels to be redirected before exiting.
* Made the AMI redirect check that all required headers are present before
proceeding with the redirection.
* Made the AMI redirect require that any supplied ExtraChannel exist
before proceeding. Previously the code fell back to a single channel
redirect operation.
(closes issue ASTERISK-18975)
Reported by: Ben Klang
(closes issue ASTERISK-19948)
Reported by: Brent Dalgleish
Patches:
jira_asterisk_19948_v11.patch (license #5621) patch uploaded by rmudgett
Tested by: rmudgett, Thomas Sevestre, Deepak Lohani, Kayode
Review: https://reviewboard.asterisk.org/r/2243/
........
Merged revisions 378356 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378358 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378374 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
event-cachability-3.diff uploaded by jcolp (license 5000)
........
Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378320 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 378321 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378322 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.
This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
* For SIP, the allocation now has an upper limit
* For HTTP, the allocation is now a heap allocation instead of a stack
allocation
* For XMPP (in res_jabber), the allocation has been eliminated since it was
unnecesary.
Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.
(issue ASTERISK-20658)
Reported by: wdoekes, Brandon Edwards
Tested by: mmichelson, wdoekes
patches:
ASTERISK-20658_res_jabber.c.patch uploaded by mmichelson (license 5049)
issueA20658_http_postvars_use_malloc2.patch uploaded by wdoekes (license 5674)
issueA20658_limit_sip_packet_size3.patch uploaded by wdoekes (license 5674)
........
Merged revisions 378269 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378286 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 378287 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378288 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In ASTERISK-20726 UUID was added to Asterisk. This commit is to add the dependancies to the install script
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378259 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix local_alloc() unexpected limitation of exten and context length from
a combined length of 80 characters to a normal 80 characters each.
* Made local_alloc() and local_devicestate() parse the same way.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378081 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* awesome_locking() does not need to thrash the pvt lock as much.
* local_setoption() does not need to check for NULL pvt on cleanup since
it will never be NULL.
* Made ref the pvt before locking for consistency.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378072 65c4cc65-6c06-0410-ace0-fbb531ad65f3