Presence support has been added. This is accomplished by
allowing for presence hints in addition to device state
hints. A dialplan function called PRESENCE_STATE has been
added to allow for setting and reading presence. Presence
can be transmitted to Digium phones using custom XML
elements in a PIDF presence document.
Voicemail has new APIs that allow for moving, removing,
forwarding, and playing messages. Messages have had a new
unique message ID added to them so that the APIs will work
reliably. The state of a voicemail mailbox can be obtained
using an API that allows one to get a snapshot of the mailbox.
A voicemail Dialplan App called VoiceMailPlayMsg has been
added to be able to play back a specific message.
Configuration hooks have been added. Configuration hooks
allow for a piece of code to be executed when a specific
configuration file is loaded by a specific module. This is
useful for modules that are dependent on the configuration
of other modules.
chan_sip now has a public method that allows for a custom
SIP INFO request to be sent mid-dialog. Digium phones use
this in order to display progress bars when files are played.
Messaging support has been expanded a bit. The main
visible difference is the addition of an AMI action
MessageSend.
Finally, a ParkingLots manager action has been added in order
to get a list of parking lots.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@368435 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This resolves core findings from ASTERISK-19650 numbers 0-2, 6, 7, 9-11, 14-20,
22-24, 28, 30-32, 34-36, 42-56, 82-84, 87, 89-90, 93-102, 104, 105, 109-111,
and 115. Finding numbers 26, 33, and 29 were already resolved. Those skipped
were either extended/deprecated or in areas of code that shouldn't be
disturbed.
(Closes issue ASTERISK-19650)
........
Merged revisions 366167 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 366168 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@366169 65c4cc65-6c06-0410-ace0-fbb531ad65f3
As detailed in the advisory, AMI users without write authorization for SYSTEM class AMI
actions were able to run system commands by going through other AMI commands which did
not require that authorization. Specifically, GetVar and Status allowed users to do this
by setting their variable/s options to the SHELL or EVAL functions.
Also, within 1.8, 10, and trunk there was a similar flaw with the Originate action that
allowed users with originate permission to run MixMonitor and supply a shell command
in the Data argument. That flaw is fixed in those versions of this patch.
(closes issue ASTERISK-17465)
Reported By: David Woolley
Patches:
162_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
18_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
10_ami_readfunc_security_r2.diff uploaded by jrose (license 6182)
........
Merged revisions 363117 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........
Merged revisions 363141 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 363156 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@363159 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch addresses a number of modules in main that did not handle the
negative return value from function calls adequately, or were not sufficiently
clear that the conditions leading to improper handling of the return values
could not occur. This includes:
* asterisk.c: A negative return value from the read function would be used
directly as an index into a buffer. We now check for success of the read
function prior to using its result as an index.
* manager.c: Check for failures in mkstemp and lseek when handling the
temporary file created for processing data returned from a CLI command in
action_command. Also check that the result of an lseek is sanitized prior
to using it as the size of a memory map to allocate.
(issue ASTERISK-19655)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1863/
........
Merged revisions 362359 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 362360 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362361 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The current Security Events Framework API only supports IPv4 when it comes to
generating security events. This patch does the following:
* Changes the Security Events Framework API to support IPV6 and updates
the components that use this API.
* Eliminates an error message that was being generated since the current
implementation was treating an IPv6 socket address as if it was IPv4.
* Some copyright dates were updated on files touched by this patch.
(closes issue ASTERISK-19447)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
security_events_ipv6v3.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/1777/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362200 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Hangup now can take a regular expression as the Channel option. If you want
to hangup multiple channels, use /regex/ as the Channel option. Existing
behavior to hanging up a single channel is unchanged, but if you pass a regex,
the manager will send you a list of channels back that were hung up.
(closes issue ASTERISK-19575)
Reported by: Mark Murawski
Tested by: Mark Murawski
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@361038 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Everything still compiled after making these changes, so I assume these
whitespace-only changes didn't break anything (and shouldn't have).
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@360190 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fix AMI module reload deadlock regression from ASTERISK-18479 when it
tried to fix the race between calling an AMI action callback and
unregistering that action. Refixes ASTERISK-13784 broken by
ASTERISK-17785 change.
Locking the ao2 object guaranteed that there were no active callbacks that
mattered when ast_manager_unregister() was called. Unfortunately, this
causes the deadlock situation. The patch stops locking the ao2 object to
allow multiple threads to invoke the callback re-entrantly. There is no
way to guarantee a module unload will not crash because of an active
callback. The code attempts to minimize the chance with the registered
flag and the maximum 5 second delay before ast_manager_unregister()
returns.
The trunk version of the patch changes the API to fix the race condition
correctly to prevent the module code from unloading from memory while an
action callback is active.
* Don't hold the lock while calling the AMI action callback.
(closes issue ASTERISK-19487)
Reported by: Philippe Lindheimer
Review: https://reviewboard.asterisk.org/r/1818/
Review: https://reviewboard.asterisk.org/r/1820/
........
Merged revisions 359979 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 359980 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359981 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The process_output function in manager.c attempted to call fclose and close immediately
afterwards. Since fclose implies close, this resulted in a potential double free on file
descriptors. This patch changes that behavior and also adds error checking to fclose and
close depending on which was deemed necessary. Also error messages. Thanks to Rosen
Iliev for pointing out the location of the problem.
(closes issue ASTERISK-18453)
Reported By: Jaco Kroon
Review: https://reviewboard.asterisk.org/r/1793/
........
Merged revisions 358214 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 358215 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358216 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change permits each verbose destination (consoles, logger) to have its
own concept of what the verbosity level is. The big feature here is that
the logger will now be able to capture a particular verbosity level without
condemning each console to need to suffer that level of verbosity.
Additionally, a stray 'core set verbose' will no longer change what will go
to the log.
Review: https://reviewboard.asterisk.org/r/1599/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@355413 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Removes references to tlsbindport from http.conf.sample and manager.conf.sample
* Properly bind to port specified in tlsbindaddr, using the default port if specified.
* On a reload, properly close socket if the service has been disabled.
A note has been added to UPGRADE.txt to indicate how ports must be set for TLS.
(closes issue ASTERISK-16959)
reported by Olaf Holthausen
(closes issue ASTERISK-19201)
reported by Chris Mylonas
(closes issue ASTERISK-19204)
reported by Chris Mylonas
Review: https://reviewboard.asterisk.org/r/1709
........
Merged revisions 353770 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 353820 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@353821 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Continue channel opaque-ification by wrapping all of the stringfields.
Eventually, we will restrict what can actually set these variables, but
the purpose for now is to hide the implementation and keep people from
adding code that directly accesses the channel structure. Semantic
changes will follow afterward.
Review: https://reviewboard.asterisk.org/r/1661/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@352348 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There are many benefits to making the ast_channel an opaque handle, from
increasing maintainability to presenting ways to kill masquerades. This patch
kicks things off by taking things a field at a time, renaming the field to
'__do_not_use_${fieldname}' and then writing setters/getters and converting the
existing code to using them. When all fields are done, we can move ast_channel
to a C file from channel.h and lop off the '__do_not_use_'.
This patch sets up main/channel_interal_api.c to be the only file that actually
accesses the ast_channel's fields directly. The intent would be for any API
functions in channel.c to use the accessor functions. No more monkeying around
with channel internals. We should use our own APIs.
The interesting changes in this patch are the addition of
channel_internal_api.c, the moving of the AST_DATA stuff from channel.c to
channel_internal_api.c (note: the AST_DATA stuff will have to be reworked to
use accessor functions when ast_channel is really opaque), and some re-working
of the way channel iterators/callbacks are handled so as to avoid creating fake
ast_channels on the stack to pass in matching data by directly accessing fields
(since "name" is a stringfield and the fake channel doesn't init the
stringfields, you can't use the ast_channel_name_set() function). I went with
ast_channel_name(chan) for a getter, and ast_channel_name_set(chan, name) for a
setter.
The majority of the grunt-work for this change was done by writing a semantic
patch using Coccinelle ( http://coccinelle.lip6.fr/ ).
Review: https://reviewboard.asterisk.org/r/1655/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@350223 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fixed race between calling an AMI action callback and unregistering that
action. Refixes ASTERISK-13784 broken by ASTERISK-17785 change.
* Fixed potential memory leak if an AMI action failed to get registered
because is already was registered. Part of the ao2 conversion.
* Fixed AMI ListCommands action not walking the actions list with a lock
held.
* Fix usage of ast_strdupa() and alloca() in loops. Excess stack usage.
* Fix AMI Originate action Variable header requiring a space after the
header colon. Reported by Yaroslav Panych on the asterisk-dev list.
* Increased the number of listed variables allowed per AMI Originate
action Variable header to 64.
* Fixed AMI GetConfigJSON action output format.
* Fixed usage of res contents outside of scope in append_channel_vars().
* Fixed inconsistency of config file channelvars option. The values no
longer accumulate with every channelvars option in the config file. Only
the last value is kept to be consistent with the CLI "manager show
settings" command.
(closes issue ASTERISK-18479)
Reported by: Jaco Kroon
........
Merged revisions 340279 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 340281 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@340282 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/10
................
r340109 | mnicholson | 2011-10-10 09:15:41 -0500 (Mon, 10 Oct 2011) | 18 lines
Merged revisions 340108 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r340108 | mnicholson | 2011-10-10 09:14:48 -0500 (Mon, 10 Oct 2011) | 11 lines
Load the proper XML documentation when multiple modules document the same application.
This patch adds an optional "module" attribute to the XML documentation spec
that allows the documentation processor to match apps with identical names from
different modules to their documentation. This patch also fixes a number of
bugs with the documentation processor and should make it a little more
efficient. Support for multiple languages has also been properly implemented.
ASTERISK-18130
Review: https://reviewboard.asterisk.org/r/1485/
........
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@340110 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/10
................
r337974 | rmudgett | 2011-09-26 14:35:23 -0500 (Mon, 26 Sep 2011) | 37 lines
Merged revisions 337973 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r337973 | rmudgett | 2011-09-26 14:30:39 -0500 (Mon, 26 Sep 2011) | 30 lines
Fix deadlock when using dummy channels.
Dummy channels created by ast_dummy_channel_alloc() should be destoyed by
ast_channel_unref(). Using ast_channel_release() needlessly grabs the
channel container lock and can cause a deadlock as a result.
* Analyzed use of ast_dummy_channel_alloc() and made use
ast_channel_unref() when done with the dummy channel. (Primary reason for
the reported deadlock.)
* Made app_dial.c:dial_exec_full() not call ast_call() holding any channel
locks. Chan_local could not perform deadlock avoidance correctly.
(Potential deadlock exposed by this issue. Secondary reason for the
reported deadlock since the held lock was part of the deadlock chain.)
* Fixed some uses of ast_dummy_channel_alloc() not checking the returned
channel pointer for failure.
* Fixed some potential chan=NULL pointer usage in func_odbc.c. Protected
by testing the bogus_chan value.
* Fixed needlessly clearing a 1024 char auto array when setting the first
char to zero is enough in manager.c:action_getvar().
(closes issue ASTERISK-18613)
Reported by: Thomas Arimont
Patches:
jira_asterisk_18613_v1.8.patch (license #5621) patch uploaded by rmudgett
Tested by: Thomas Arimont
........
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@337975 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/10
................
r331316 | kmoore | 2011-08-10 08:48:41 -0500 (Wed, 10 Aug 2011) | 15 lines
Merged revisions 331315 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r331315 | kmoore | 2011-08-10 08:47:46 -0500 (Wed, 10 Aug 2011) | 8 lines
AMI action ModuleReload returns Error if Module: missing or empty
An empty string was not being checked for properly causing identification of
the module to be reloaded to fail and return an Error with message
"No such module."
(closes issue AST-616)
........
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@331317 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r327950 | kpfleming | 2011-07-12 17:53:53 -0500 (Tue, 12 Jul 2011) | 14 lines
Correct double-free situation in manager output processing.
The process_output() function calls ast_str_append() and xml_translate() on its
'out' parameter, which is a pointer to an ast_str buffer. If either of these
functions need to reallocate the ast_str so it will have more space, they will
free the existing buffer and allocate a new one, returning the address of the
new one. However, because process_output only receives a pointer to the ast_str,
not a pointer to its caller's variable holding the pointer, if the original
ast_str is freed, the caller will not know, and will continue to use it (and
later attempt to free it).
(reported by jkroon on #asterisk-dev)
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@327953 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds a new action, FilterAdd to the manager interface that allows control over event filters for the current session
(closes issue ASTERISK-16795)
Reported by: kobaz
Tested by: kobaz,loloski
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@326267 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.8
................
r323608 | seanbright | 2011-06-15 11:31:53 -0400 (Wed, 15 Jun 2011) | 39 lines
Merged revisions 323579 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r323579 | seanbright | 2011-06-15 11:22:50 -0400 (Wed, 15 Jun 2011) | 32 lines
Merged revisions 323559 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r323559 | seanbright | 2011-06-15 11:15:30 -0400 (Wed, 15 Jun 2011) | 25 lines
Resolve a segfault/bus error when we try to map memory that falls on a page
boundary.
The fix for ASTERISK-15359 was incorrect in that it added 1 to the length of the
mmap'd region. The problem with this is that reading/writing to that extra byte
outside of the bounds of the underlying fd causes a bus error.
The real issue is that we are working with both a FILE * and the raw fd
underneath it and not synchronizing between them. The code that was removed in
ASTERISK-15359 was correct, but we weren't flushing the FILE * before mapping
the fd.
Looking at the manager code in 1.4 reveals that the FILE * in 'struct
mansession' is never used except to create a temporary file that we immediately
fdopen. This means we just need to write a 0 byte to the fd and everything will
just work. The other branches require a call to fflush() which, while not a
guaranteed fix, should reduce the likelihood of a crash.
This all makes sense in my head.
(closes issue ASTERISK-16460)
Reported by: Ravelomanantsoa Hoby (hoby)
Patches:
issue17747_1.4_svn_markII.patch uploaded by Sean Bright (license #5060)
........
................
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@323609 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r320823 | rmudgett | 2011-05-25 12:06:38 -0500 (Wed, 25 May 2011) | 18 lines
The AMI Newstate event contains different information between v1.4 and v1.8.
The addition of connected line support in v1.8 changes the behavior of the
channel caller ID somewhat. The channel caller ID value no longer time
shares with the connected line ID on outgoing call legs. The timing of
some AMI events/responses output the connected line ID as caller ID.
These party ID's are now separate.
* The ConnectedLineNum and ConnectedLineName headers were added to many
AMI events/responses if the CallerIDNum/CallerIDName headers were also
present.
(closes issue #18252)
Reported by: gje
Tested by: rmudgett
Review: https://reviewboard.asterisk.org/r/1227/
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@320825 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r320650 | rmudgett | 2011-05-23 12:53:44 -0500 (Mon, 23 May 2011) | 16 lines
Add ConnectedLineNum/Name headers to output of AMI action Status.
* Add ConnectedLineNum and ConnectedLineName headers to the output of the
AMI action Status. This makes it easier to find out who the channel is
connected to without having to lookup BridgedChannel or when they are
connected to an application (e.g.: VoiceMail) which has no bridged
channel.
* Bridged channels with no CallerID had "" instead of "<unknown>" output,
that might be a bug as "<unknown>" was what older versions used.
(closes issue #18158)
Reported by: gareth
Patches:
svn-292308.diff uploaded by gareth (license 208)
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@320651 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.8
........
r316917 | seanbright | 2011-05-04 22:23:28 -0400 (Wed, 04 May 2011) | 5 lines
Make sure that tcptls_session is properly initialized.
(issue #18598)
Reported by: ksn
........
r316918 | seanbright | 2011-05-04 22:25:20 -0400 (Wed, 04 May 2011) | 5 lines
Look at the correct buffer for our digest info instead of an empty one.
(issue #18598)
Reported by: ksn
........
r316919 | seanbright | 2011-05-04 22:30:45 -0400 (Wed, 04 May 2011) | 10 lines
Use the correct HTTP method when generating our digest, otherwise we always fail.
When calculating the 'A2' portion of our digest for verification, we need the
HTTP method that is currently in use. Unfortunately our mapping function was
incorrect, resulting in invalid hashes being generated and, in turn, failures
in authentication.
(closes issue #18598)
Reported by: ksn
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@316920 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.8
................
r314628 | mnicholson | 2011-04-21 13:24:05 -0500 (Thu, 21 Apr 2011) | 27 lines
Merged revisions 314620 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r314620 | mnicholson | 2011-04-21 13:22:19 -0500 (Thu, 21 Apr 2011) | 20 lines
Merged revisions 314607 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r314607 | mnicholson | 2011-04-21 13:19:21 -0500 (Thu, 21 Apr 2011) | 14 lines
Added limits to the number of unauthenticated sessions TCP based protocols are allowed to have open simultaneously. Also added timeouts for unauthenticated sessions where it made sense to do so.
Unrelated, the manager interface now properly checks if the user has the "system" privilege before executing shell commands via the Originate action.
AST-2011-005
AST-2011-006
(closes issue #18787)
Reported by: kobaz
(related to issue #18996)
Reported by: tzafrir
........
................
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@314666 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Richard Mudgett
Mark Michelson
Kinsey Moore
Jason Parker
Jonathan Rose
Matthew Jordan
Michael L. Young
Mark Murawki
Terry Wilson
Tilghman Lesher
Walter Doekes
Matthew Nicholson
Olle Johansson
Leif Madsen
Kevin P. Fleming
Sean Bright
Russell Bryant