A previous patch attempt to mitigate blocked threads on transport shutdown for
a given contact. It was thought that a second lock could be avoided by checking
the 'removing' flag on the transport monitor twice (once before and once after
the normal named aor locking). However as with usual threading issues if the
timing was right the original problem still occured.
This patch adds locking around the first 'removing' flag check and set, thus
nullifying the secondary check, so it was removed.
ASTERISK-28213
Change-Id: Iaa8e36e5311789549b76d8de42dfcea96013b2ed
When Asterisk is connected and used with a database the response
time of the database can cause problems in Asterisk if it is long.
Normally the only way to see this problem would be to retrieve a
backtrace from Asterisk and examine where things are blocked, or
examine the database to see if there is any indication of a
problem.
This change adds some basic query logging to make it easier to
investigate such a problem. When logging is enabled res_odbc will
now keep track of the number of queries executed, as well as the
query that has taken the longest time to execute. There is also
an option which will cause a WARNING message to be output if a
query takes longer than a configurable amount of time to execute.
This makes it easier and clearer for users that their database may
be experiencing a problem that could impact Asterisk.
ASTERISK-28277
Change-Id: I173cf4928b10754478a6a8c27dfa96ede0f058a6
At AstriCon, there was a strong desire for the ability to completely
bypass dialplan when using ARI. This is possible through the automatic
creation of a context and a couple of extensions whenever an application
is started.
For example, if you have an application named 'ari-example', a context
named 'stasis-ari-example' will be automatically created whenever this
application is started as long as one does not already exist. Two
extensions (a match-all extension for Stasis and a 'h' extension) are
created within this context. Any endpoint that registers to Asterisk
within this context will send all calls to the corresponding Stasis
application. When the application is destroyed, the context is removed.
ASTERISK-28104 #close
Change-Id: Ie35bd93075e05b05e3ae129a83c9426931b7ebac
Added ARI resource.
GET /ari/asterisk/ping : It returns "pong" message with timestamp
and asterisk id. It would be useful for simple heath check.
Change-Id: I8d24e1dcc96f60f73437c68d9463ed746f688b29
The context specified by 'regcontext' was not being created, so when Asterisk
attempted to later dynamically add an extension it would fail. This patch now
creates the context if a 'regcontext' is specified.
ASTERISK-28238
Change-Id: I0f36cf4ab0a93ff4b1cc5548d617ecfd45e09265
Testing revealed that the cache added no benefit but that it could
consume excessive memory.
Two new index related functions were created:
ast_sounds_get_index_for_file() and ast_media_index_update_for_file()
which restrict index updating to specific sound files.
The original ast_sounds_get_index() and ast_media_index_update()
calls are still available but since they no longer cache the results
internally, developers should re-use an index they may already have
instead of calling ast_sounds_get_index() repeatedly. If information
for only a single file is needed, ast_sounds_get_index_for_file()
should be called instead of ast_sounds_get_index().
The media_index directory scan code was elimininated in favor of
using the existing ast_file_read_dirs() function.
Since there's no more cache, ast_sounds_index_init now only
registers the sounds cli commands instead of generating the
initial index and subscribing to stasis format register/unregister
messages.
"sounds" is no longer a valid target for the "module reload"
command.
Both the sounds cli commands and the sounds ari resources were
refactored to only call ast_sounds_get_index() once per invocation
and to use ast_sounds_get_index_for_file() when a specific sound
file is requested.
Change-Id: I1cef327ba1b0648d85d218b70ce469ad07f4aa8d
Control frames (PING / PONG / CLOSE) can be received in the middle of a
fragmented message. In order to ensure they do not interfere with the
reassembly buffer, we exit early and do not return the payload to the
caller.
ASTERISK-28257 #close
Change-Id: Ia5367144fe08ac6141bba3309517a48ec7f013bc
When a reliable transport is shutdown it's possible for the pjsip registrar
resource shutdown handler to get called multiple times. If this happens and one
of the threads is taking "too long" (slow database call for instance) then the
others get blocked waiting to delete.
Since it only takes one to delete the contact then the other threads should be
able to continue on if one of the threads is currently "deleting". This patch
makes it so now when a thread enters the shutdown handler it checks to see if a
thread is currently already "deleting". If so, then the thread does not attempt
to get the lock, and instead continues on thus avoiding the blockage.
ASTERISK-28213 #close
Change-Id: I7563ca596312b1dff4f3ab41483e89fe2862328a
To avoid the stream name collide if there're more than one video track
in one client. If client has multi video tracks, the name of ast_stream
which represents each video track may be the same. Use the MSID:LABEL
here because it's identifiable.
ASTERISK-28196 #close
Reported-by: xiemchen
Change-Id: Ib62b2886e8d3a30e481d94616b0ceaeab68a870b
This ensures that Asterisk responds properly to frames received from a
client with opcode 8 (CLOSE) by echoing back the status code in its own
CLOSE frame.
Handling of the CLOSE opcode is moved up with the rest of the opcodes so
that unmasking gets applied. The payload is no longer returned to the
caller, but neither ARI nor the chan_sip nor pjsip made use of the
payload, which is a good thing since it was masked.
ASTERISK-28231 #close
Change-Id: Icb1b60205fc77ee970ddc91d1f545671781344cf
The transport management code that checks for idle connections keeps a
reference to PJSIP's transport for IDLE_TIMEOUT milliseconds (32000 by
default). Because of this, if the transport is closed before this
timeout, the idle checking code will keep the transport from actually
being shutdown until the timeout expires.
Rather than passing the AO2 object to the scheduler task, we just pass
its key and look it up when it is time to potentially close the idle
connection. The other transport management code handles cleaning up
everything else for us.
Additionally, because we use the address of the transport when
generating its name, we concatenate an incrementing ID to the end of the
name to guarantee uniqueness.
Related to ASTERISK~28231
Change-Id: I02ee9f4073b6abca9169d30c47aa69b5e8ae9afb
Previously both AMI and ARI used a default route on
their stasis message router to handle some of the
messages for publishing out their respective
connection. This caused messages to be given to
their subscription that could not be formatted
into AMI or JSON.
This change adds an API call to the stasis message
router which allows a default route to be set as well
as formatters that the default route is expecting.
This allows both AMI and ARI to specify that their
default route only wants messages of their given
formatter. By doing so stasis can more intelligently
filter at publishing time so that they do not receive
messages which will not be turned into AMI or JSON.
ASTERISK-28244
Change-Id: I65272819a53ce99f869181d1d370da559a7d1703
When --enable-dev-mode is used, pjsip_tpmgr_receive_packet() will assert
if passed a payload length of 0, so treat empty frames as if we didn't
receive them.
Change-Id: I9c5fdccd89cc8d2f3ed7e3ee405ef0fc78178f48
The commit I2f97ebfa79969a36a97bb7b9afd5b6268cf1a07d removed sending out
the ContactStatus AMI event when a contact is updated.
Thist change broke things which rely on old behavior.
This patch adds a new PJSIP global configuration option
'send_contact_status_on_update_registration' to be able to preserve old
ContactStatus behavior.
By default new behavior, i.e. the ContactStatus event will not be sent when a
device refreshes its registration.
Change-Id: I706adf7584e7077eb6bde6d9799ca408bc82ce46
For video streams it was possible for the abs-send-time information
to be placed into RTP streams even if not negotiated. Depending on
the endpoint in use this could cause video to not flow.
We now only enable abs-send-time for negotiation if WebRTC is enabled.
ASTERISK-28230
Change-Id: I0eb682302f8da3a4ea3c42e839208d55f825ed0c
The remote side may start a new stream when renegotiating RTP.
Need to reset the DTMF last sequence number and the timestamp
of the last END packet on RTP renegotiation.
If the new time stamp is lower then the timestamp of the last DTMF END packet
the asterisk drops all DTMF frames as out of order.
This bug was caught using Cisco ip-phone SPA5XX and codec g722.
On SIP session update the SPA50X resets stream and a new timestamp is twice
smaller then the previous.
ASTERISK-28162 #close
Change-Id: Ic72b4497e74d801b27a635559c1cf29c16c95254
All of the fields that were removed were no longer referenced except for
'lastrxts' and 'rxseqno' which were only ever written to.
Change-Id: I5a5d31eb33e97663843698f58d0d97f22a76627c
The profile-iop octet (the 2nd) of profile-level-id can be zero
according to RFC 6184 Section 8.1. So we ignore its value when deciding
to include profile-level-id in the outgoing SDP.
ASTERISK-27959 #close
Reported by: David Kuehling
Change-Id: Id28cd916a3d7748058fe9609b585d07d9e243f73
The ARI DELETE /channels command takes a "reason" parameter
Previously, there were only five reasons implemented
This patch adds more reasons to choose from for more
complex setups
ASTERISK-28198 #close
Change-Id: I85996f1076c9946d65c778413f040a845a90fecc
* The bridging core no longer uses the stasis cache for bridge
snapshots. The latest bridge snapshot is now stored on the
ast_bridge structure itself.
* The following APIs are no longer available since the stasis cache
is no longer used:
ast_bridge_topic_cached()
ast_bridge_topic_all_cached()
* A topic pool is now used for individual bridge topics.
* The ast_bridge_cache() function was removed since there's no
longer a separate container of snapshots.
* A new function "ast_bridges()" was created to retrieve the
container of all bridges. Users formerly calling
ast_bridge_cache() can use the new function to iterate over
bridges and retrieve the latest snapshot directly from the
bridge.
* The ast_bridge_snapshot_get_latest() function was renamed to
ast_bridge_get_snapshot_by_uniqueid().
* A new function "ast_bridge_get_snapshot()" was created to retrieve
the bridge snapshot directly from the bridge structure.
* The ast_bridge_topic_all() function now returns a normal topic
not a cached one so you can't use stasis cache functions on it
either.
* The ast_bridge_snapshot_type() stasis message now has the
ast_bridge_snapshot_update structure as it's data. It contains
the last snapshot and the new one.
* cdr, cel, manager and ari have been updated to use the new
arrangement.
Change-Id: I7049b80efa88676ce5c4666f818fa18ad1985369
When a channel snapshot was created it used to be done
from scratch, copying all data (many strings). This incurs
a cost when doing so.
This change segments the channel snapshot into different
components which can be reused if unchanged from the
previous snapshot creation, reducing the cost. In normal
cases this results in some pointers being copied with
reference count being bumped, some integers being set,
and a string or two copied. The other benefit is that it
is now possible to determine if a channel snapshot update
is redundant and thus stop it before a message is published
to stasis.
The specific segments in the channel snapshot were split up
based on whether they are changed together, how often they
are changed, and their general grouping. In practice only
1 (or 0) of the segments actually get changed in normal
operation.
Invalidation is done by setting a flag on the channel when
the segment source is changed, forcing creation of a new
segment when the channel snapshot is created.
ASTERISK-28119
Change-Id: I5d7ef3df963a88ac47bc187d73c5225c315f8423
Channels no longer use the Stasis cache for channel snapshots. Instead
they are stored in a hash table in stasis_channels which reduces the
number of Stasis messages created and allows better storage.
As a result the following APIs are no longer available since the stasis
cache is no longer used:
ast_channel_topic_cached()
ast_channel_topic_all_cached()
The ast_channel_cache_all() and ast_channel_cache_by_name() functions
now return an ao2_container of ast_channel_snapshots rather than
a container of stasis_messages therefore you can't (and don't need
to) call stasis_cache functions on it.
The ast_channel_topic_all() function now returns a normal topic not
a cached one so you can't use stasis cache functions on it either.
The ast_channel_snapshot_type() stasis message now has the
ast_channel_snapshot_update structure as it's data. It contains the
last snapshot and the new one.
ast_channel_snapshot_get_latest() still returns the latest snapshot.
The latest snapshot is now stored on the channel itself to eliminate
cache hits when Stasis messages that have the snapshot as a payload
are created.
ASTERISK-28102
Change-Id: I9334febff60a82d7c39703e49059fa3a68825786
The marker bit set on the voice packet indicates the start
of a new stream and a new time stamp.
Need to reset the DTMF last sequence number and the timestamp
of the last END packet.
If the new time stamp is lower then the timestamp of the last DTMF END packet
the asterisk drops all DTMF frames as out of order.
This bug was caught using Cisco ip-phone SPA50X and codec g722.
On SIP session update the SPA50X resets stream indicating it with market bit
and a new timestamp is twice smaller then the previous.
ASTERISK-28162 #close
Change-Id: If9c5742158fa836ad549713a9814d46a5d2b1620
Replace usage of ao2_container_alloc with ao2_container_alloc_hash or
ao2_container_alloc_list. Remove ao2_container_alloc macro.
Change-Id: I0907d78bc66efc775672df37c8faad00f2f6c088
This change adds the ability for subscriptions to indicate
which message types they are interested in accepting. By
doing so the filtering is done before being dispatched
to the subscriber, reducing the amount of work that has
to be done.
This is optional and if a subscriber does not add
message types they wish to accept and set the subscription
to selective filtering the previous behavior is preserved
and they receive all messages.
There is also the ability to explicitly force the reception
of all messages for cases such as AMI or ARI where a large
number of messages are expected that are then generically
converted into a different format.
ASTERISK-28103
Change-Id: I99bee23895baa0a117985d51683f7963b77aa190
The res_ari(POST /channels/create handler) deos not check the endpoint
parameter length. And it causes core
dump.
Fixed it to check the parameter length. Also fixed memory leak.
ASTERISK-28169
Change-Id: Ibf10a9eb8a2e3a9ee1e13fbe748b2ecf955c3993
PJSIP assumes that these header names are not allocated, does not clone
the name strings when reusing headers.
Block unload of res_pjsip_caller_id until shutdown to ensure static
memory stays valid. It was previously unsafe to unload while any
sessions are active.
Change-Id: I190854dea943d6e441cf03733f8a0da661aea27f
The presence of Record-Route in re-invites is optional, thus it is
important to make sure the dialog doesn't have a routset before
rewriting the contact header.
ASTERISK-28129 #close
Change-Id: Ic8ceb54ccfc93f7e315e476c514a2c777f2da7dc
When Asterisk's taskprocessors get overloaded we need to reduce the work
load. res_pjsip currently ignores new SIP requests and relies on SIP
retransmissions in the hope that the overload condition will clear soon
enough to handle the retransmitted SIP request.
This change adds the following code after ast_taskprocessor_alert_get()
has returned TRUE:
1- identifies transport type. If non-udp then send a 503 response
2- if transport type is udp/udp6 then ignore, as before.
Change-Id: I1c230b40d43a254ea0f226b7acf9ee480a5d3836
The use of a '|' in the "global/debug" synopsis documentation caused the
generated html table on the wiki to add an extra column that included the
text after the pipe.
This patch replaces the pipe with a comma.
ASTERISK-28150
Change-Id: I3d79a6ca6d733d9cb290e779438114884b98a719
The current round-robin method does not take the current taskprocessor
load into consideration when distributing requests. Using the least-size
method the request goes to the taskprocessor that is servicing the least
number of active tasks at the current time.
Longer running tasks with the round-robin method can delay processing
tasks.
* Change the algorithm from round-robin to least-size for picking the
PJSIP taskprocessor from the default serializer pool.
Change-Id: I7b8d8cc2c2490494f579374b6af0a4868e3a37cd
This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.
The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.
The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.
The default value is 'yes' for both options.
Change-Id: I16af967815efd904597ec2f033337e4333d097cd
The module 'res_pjsip_notify' inefficiently makes a lot of DB requests
on CLI completion on the endpoint.
For example if there are 10k endpoints the module makes 10k requests
of these 10k records.
Even if a part of the endpoint entered
the module makes the same 10k requests and then filtered them by itself.
This patch gathers endpoints container by prefix
and adds all gathered endpoints to completion at once.
ASTERISK-28137 #close
Change-Id: Ic20024912cc77bf4d3e476c4cd853293c52b254b
Add a new global flag to res_pjsip to allow the callerid to be used
as the username in the contact header. This allows chan_pjsip to have
the same behavour as chan_sip
ASTERISK-28087 #close
Change-Id: I9a720e058323f6862a91c62f8a8c1a4b5c087b95
This change implements a few different generic things which were brought
on by Google Voice SIP.
1. The concept of flow transports have been introduced. These are
configurable transports in pjsip.conf which can be used to reference a
flow of signaling to a target. These have runtime configuration that can
be changed by the signaling itself (such as Service-Routes and
P-Preferred-Identity). When used these guarantee an individual connection
(in the case of TCP or TLS) even if multiple flow transports exist to the
same target.
2. Service-Routes (RFC 3608) support has been added to the outbound
registration module which when received will be stored on the flow
transport and used for requests referencing it.
3. P-Associated-URI / P-Preferred-Identity (RFC 3325) support has been
added to the outbound registration module. If a P-Associated-URI header
is received it will be used on requests as the P-Preferred-Identity.
4. Configurable outbound extension support has been added to the outbound
registration module. When set the extension will be placed in the
Supported header.
5. Header parameters can now be configured on an outbound registration
which will be placed in the Contact header.
6. Google specific OAuth / Bearer token authentication
(draft-ietf-sipcore-sip-authn-02) has been added to the outbound
registration module.
All functionality changes are controlled by pjsip.conf configuration
options and do not affect non-configured pjsip endpoints otherwise.
ASTERISK-27971 #close
Change-Id: Id214c2d1c550a41fcf564b7df8f3da7be565bd58
These macros have been documented as legacy for a long time but are
still used in new code because they exist. Remove all references to:
* ao2_container_alloc_options
* ao2_t_container_alloc_options
* ao2_t_container_alloc
These macro's are also removed. Only ao2_container_alloc remains due to
it's use in over 100 places.
Change-Id: I1a26258b5bf3deb081aaeed11a0baa175c933c7a
Most were in comments. A couple were in warning messages.
Pointed out by Jonathan H on the Asterisk users mailing list.
Change-Id: I6286939dff5d0a27a2758140570106f1cb351855
* The dependency ensures that res_pjproject cannot be manually unloaded
before res_rtp_asterisk.
* The dependency allows startup loading errors to report that
res_rtp_asterisk depends upon res_pjproject.
Change-Id: Icf5e7581f4ddd6189929f6174c74dd951f887377
This patch sets the callerid_tag to empty string by default.
If the callerid_tag is set to NULL then the tag does not
become part of a connected line update.
For example:
Alice's tag is "Alice".
Bob's tag is empty.
Charlie's tag is "Charlie".
Alice calls Bob and then does attended transfer to Charlie.
When Alice hangs up the CONNECTEDLINE(tag) is "Alice"
on the interception routine on the Charlie's channel, but should be empty.
Ths patch also fix memory leaks if there are more then one options
"callerid", "callerid_tag", "voicemail_extension" and "contact_user"
in the pjsip.conf endpoint definition.
Change-Id: I86ba455c4677ca8d516d9a04ce7fb4d24dd576e4
The return status when there was no change in statsd.conf was incorrect.
This resulted in the wrong status message on the CLI when reloading the
module.
* Fixed cleanup on initial load if initializing statsd failed.
Change-Id: Id24fae75f1a7ff584a444a5680e867d989792481
I think this module is so screwed up that it doesn't work anymore. Even
with these attempts to fix things it still won't gracefully shut down.
The module refs will not go to zero to allow unloading the module.
* Fix module ref counting dealing with the SMDI interface object. There
were several off-nominal paths that unbalanced the module ref count. Also
the destructor freed the ao2 object itself which is bad. Made the
smdi_read thread not hold its own ref to the SMDI interface object so when
all refs go away the destructor will stop the listener thread.
* Fixed the smdi_load() return code of 1 concerning the number of
listeners. The test was inverted.
Change-Id: Ic288db51b58e395d6a2fc3847f77176c16988784
This module is an optional dependency of a couple of other modules. If it
declines to load, it then forces other modules that can optionally use
this module to also decline.
* Made use the default configuration if the config file does not exist and
simplified some of the logic.
Change-Id: Ib93191f1fe28c0dd9ebe3d84c7762b32f83c4eb9
This module is an optional dependency of many modules. If it declines to
load it then forces other modules that can optionally use this module to
also decline.
* Made use default configuration if there is a config error or the config
file does not exist.
Change-Id: If1068a582ec54ab7fb437265cb5370a97a825737
CLI command 'pjsip show contacts' inefficiently make a lot of DB requests.
For example if there are 10k aors then asterisk requests these 10k records
of aor and then does 10k requests of contact - one request per aor.
Even if use 'like <pattern>' the asterisk requests all aor's and contact's
records and then filters them by itself.
This patch gathers contact's container by
- retrieving all dynamic contacts by regex (filtered by reg_server)
- retrieving all aors with permanent contacts
- finally filters container by regex
ASTERISK-28077 #close
Change-Id: Id0ad65d14952a02fb213273a90f3f680a8149618
Fixed an issue that resulted in "Allocation failed" each time an ARI
request was made to start playing MOH on a bridge.
In bridge_moh_create() we were attaching the after bridge callbacks to
chan which is the ;1 channel of the unreal channel pair. We should have
attached them to the ;2 channel which is pushed into the bridge by
ast_unreal_channel_push_to_bridge(). The callbacks are called when the
specific channel leaves the bridging system. Since the ;1 channel is
never put into a bridge the callbacks never get called. The callbacks
then never remove the moh_wrapper from the app_bridges_moh container. As
a result we cannot find the channel associated with the wrapper to start
MOH because it has hungup. This is the reason causing the reported issue.
* Rather than using after bridge callbacks to cleanup, we now have
moh_channel_thread() doing the cleanup when the channel hangs up.
* Fixed moh_channel_thread() accumulating control frames on the stasis
bridge MOH channel until MOH is stopped. Control frames are no longer
accumulated while MOH is playing.
* Fixed channel ref counting issue. stasis_app_bridge_moh_channel() may
or may not return a channel ref. As a result ast_ari_bridges_start_moh()
wouldn't know it may have a channel ref to release.
stasis_app_bridge_moh_channel() will now return a ref with the channel it
returns.
* Eliminated RAII_VAR in bridge_moh_create().
ASTERISK-26094 #close
Change-Id: Ibff479e167b3320c68aaabfada7e1d0ef7bd548c
When networks experience disruptions, there can be large gaps of time
between receiving packets. When strictrtp is enabled, this created
issues where a flood of packets could come in and be seen as an attack.
Another option - seqno - has been added to the strictrtp option that
ignores the time interval and goes strictly by sequence number for
validity.
Change-Id: I8a42b8d193673899c8fc22fe7f98ea87df89be71
On SQL error there is not diagnostic information about this error.
There is only
WARNING res_odbc.c: SQL Execute error -1!
The function ast_odbc_print_errors calls a SQLGetDiagField to get the number
of available diagnostic records, but the SQLGetDiagField returns 0.
However SQLGetDiagRec could return one diagnostic records in this case.
Looking at many example of getting diagnostics error information
I found out that the best way it's to use only SQLGetDiagRec
while it returns SQL_SUCCESS.
Also this patch adds calls of ast_odbc_print_errors on SQL_ERROR
to res_config_odbc.
ASTERISK-28065 #close
Change-Id: Iba5ae5470ac49ecd911dd084effbe9efac68ccc1
In order to do this and provide good feedback, a new macro was
created (AST_EXT_LIB_EXTRA_CHECK) which does the normal check and
path setups for the library then compiles, links and runs a supplied
code fragment to do the final determination. In this case, the
final code fragment compares UNBOUND_VERSION_MAJOR
and UNBOUND_VERSION_MINOR to determine if they're greater than or
equal to 1.5.
Since we require version 1.5, some code in res_resolver_unbound
was also simplified.
ASTERISK-28045
Reported by: Samuel Galarneau
Change-Id: Iee94ad543cd6f8b118df8c4c7afd9c4e2ca1fa72
This change raises a testsuite event to provide what port
Asterisk has actually allocated for RTP. This ensures that
testsuite tests can remove any assumption of ports and instead
use the actual port in use.
ASTERISK-28070
Change-Id: I91bd45782e84284e01c89acf4b2da352e14ae044
* Use "o*" format specifier for optional fields in ast_json_party_id.
* Stop using ast_json_deep_copy on immutable objects, it is now thread
safe to just use ast_json_ref.
Additional changes to ast_json_pack calls in the vicinity:
* Use "O" when an object needs to be bumped. This was previously
avoided as it was not thread safe.
* Use "o?" and "O?" to replace NULL with ast_json_null(). The
"?" is a new feature of ast_json_pack starting with Asterisk 16.
Change-Id: I8382d28d7d83ee0ce13334e51ae45dbc0bdaef48
ast_rtp_new free'd rtp upon failure, but rtp_engine.c would also call
the destroy callback. Remove call to ast_free from ast_rtp_new, leave
it to rtp_engine.c to initiate the full cleanup. Add error detection
for the ssrc_mapping vector initialization. In rtp_allocate_transport
set rtp->s = -1 in the failure path where we close that FD to ensure we
don't try closing it twice.
ASTERISK-27854 #close
Change-Id: Ie02aecbb46228ca804e24b19cec2bb6f7b94e451
'rtpchecksums' and 'rtcpinterval' are not being reset to their defaults
if they are not present in the updated configuration file.
Change-Id: I1162e40199314d46cf3225d5e1271c4c81176670
The HTTP request processing in res_http_websocket allocates additional
space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.
* No longer allocate memory from the stack in a loop to parse the header
values. NOTE: There is a slight API change when using the passed in
strings as is. We now require the passed in strings to no longer have
leading or trailing whitespace. This isn't a problem as the only callers
have already done this before passing the strings to the affected
function.
ASTERISK-28013 #close
Change-Id: Ia564825a8a95e085fd17e658cb777fe1afa8091a
This adds a module which registers a CLI command that can set the
REMB bitrate value for REMB as it enters or exits Asterisk. This
allows you to ignore what Asterisk or a client produces and is
useful for demonstrations.
This does not generate REMB frames, however, but just modifies
them as they flow to or from a channel.
Change-Id: Ib089427c46a4a36d645cecfe02406adb38c17bec
This change brings in PJSIP 2.8, removes all the patches
that were merged upstream, and makes a minor change to
support a breaking change that was done.
ASTERISK-28059
Change-Id: I5097772b11b0f95c3c1f52df6400158666f0a189
Given a scenario where a session refresh was done with a removed
stream we would always add a removed stream to the outgoing SDP
even if one did not already exist.
This change makes it so that a removed stream is only placed into
the SDP if one already exists.
ASTERISK-28047
Change-Id: Ibb97d21cdeb87a8acae0c720861b0ff255708442
Both pjsip_tx_data.tp_info.dst_name and pjsip_rx_data.pkt_info.src_name
store IPv6 addresses without enclosing brackets. This causes some log
output to be confusing because it is difficult to separate the IPv6
address from a port specification.
* Use pj_sockaddr_print() along with pjsip_tx_data.tp_info.dst_addr and
pjsip_rx_data.pkt_info.src_addr where possible for consistent IPv6
output.
* When a pj_sockaddr is not available, explicitly wrap IPv6 addresses
in brackets.
* When assigning pjsip_rx_data.pkt_info.src_name ourselves, make sure
to also set pjsip_rx_data.pkt_info.src_addr.
Change-Id: I5cfe997ced7883862a12b9c7d8551d76ae02fcf8
As they're not actively used, they only grow stale. The moduleinfo field itself
is kept in Asterisk 13/15 for ABI compatibility.
ASTERISK-28046 #close
Change-Id: I8df66a7007f807840414bb348511a8c14c05a9fc
The bundled version of pjproject has a patch for Solaris compatability
that changes the definition of various socket structures which we need
to account for when compiling against a non-bundled version.
ASTERISK-28049 #close
Change-Id: Ia1ea47c433fc2d915115193ee889a752373925f0
On MOH activation, moh_files_readframe() is called while the current
stream attached to the channel is NULL and it calls ast_moh_files_next()
immediately. However, it won't call ast_moh_files_next() again if sample
reading fails. The failure may occur because res_musiconhold retains the
last sample reading position in the channel data and MOH during the
previous hold/retrieve just reached EOF. Obviously, a bit of bad luck is
required here.
* Restructured moh_files_readframe() to try a second time to start MOH if
there was no stream setup and the saved position was at EOF. Also added
comments describing what is going on for each step.
ASTERISK-28029
Change-Id: I1508cf2c094f8feca22d6f76deaa9fdfa9944860
Currently, to convert from a pj_sockaddr to an ast_sockaddr, the address
needs to be rendered to a string and then parsed into the correct
structure. This also involves a call to getaddrinfo(3). The same is true
for the inverse operation.
Instead, because we know the internal structure of both ast_sockaddr and
pj_sockaddr, we can translate directly between the two without the
need for an intermediate string.
Change-Id: If0fc4bba9643f755604c6ffbb0d7cc46020bc761
The T.38 fax gateway state machine can cause the fax gateway
to be started more than once on a channel depending on the
responses of the remote endpoint. This would previously leak
the channel name, channel unique id, and underlying fax engine
state. This change instead makes it so that if the fax gateway
session is already present and not reserved the fax gateway
is not started again.
ASTERISK-27981
Change-Id: I552d95086860cb18f2522ee40ef47b13b6da2e0e
SIP responses over WebSockets when the client is using IPv6 have invalid
Via headers according to RFC 3261. The 'received' header parameter
should not be wrapped in brackets if it is an IPv6 address.
When src_name is populated by the built-in PJSIP transports, the code
uses pj_sockaddr_print() with 'flags' set to 0, meaning that the
brackets are not rendered around IPv6 addresses.
This may be related to ASTERISK~27101.
See also: https://github.com/onsip/SIP.js/pull/594
ASTERISK-28020 #close
Change-Id: I8ea9d289901b837512bee2ca2535e3dc14f04d77
This new option can be passed for ./configure or
./tests/CI/buildAsterisk.sh to prevent download/install of binary
modules.
Normally enabling the categories MENUSELECT_CODECS or MENUSELECT_RES
will result in binary modules being enabled even if the build target is
incompatible with those modules. This includes CI scripts which enable
categories before disabling specific modules.
If more binary modules are offered in the future this will help avoid
accidentally downloading them if unwanted or incompatible. Adding a
binary module will only require creating a new menuselect entry similar
to the existing ones, it will not be necessary to modify the CI scripts.
Change-Id: I6b1bd1c75a2e48f05b8b8a45b7a7a2d00a079166
The realtime text timer pops regularly and sends text frames even if
the buffer is empty. This causes a lot of unecessary debug logging.
* Made red_write() test if we need to send a frame before calling
ast_rtp_write()
ASTERISK-28002
Reported by: Emmanuel BUU
Tested by: Emmanuel BUU
Change-Id: Icf81310c3b8080b615a42060afc02ab41f9523dd
When a Contact is updated the only material change that qualify
support cares about is the underlying configuration for the AOR.
In this case we will update things with the new AOR information but
otherwise the callback to indicate the Contact has changed can be
ignored.
This is because it is only when a Contact is added or deleted that
material changes occur within the qualify support. An update can't
change the URI since it would result in a new Contact so it can be
ignored.
Change-Id: I2f97ebfa79969a36a97bb7b9afd5b6268cf1a07d
We were still getting crashes after the first fix. Somehow we receive a
non-2xx final response before we get a 200 final response. With the
failure response we had already cleaned up and destroyed some data
structures. When the unexpected 200 response comes in we crash.
* Add protection code to prevent processing another final T.38 reINVITE
response.
ASTERISK-27944
Change-Id: I8b5baba8d07fe4d63f0d7d05d3eb9a3d27d40a74
The allow_unqualified_fetch option for the sorcery realtime backend
blocked actually fetching all rows when the option is set to warn.
* Made issue a warning and actually do the request when
allow_unqualified_fetch=warn is set.
Change-Id: I74456c80a03a62dce66fc3dc3cb0cf2351ac4312
Compiling without SRTP support installed resulted in some unused variable
warnings. These warnings also showed that the srtp variable was obtained
and passed around some functions but not really used even when a system
has SRTP installed.
Change-Id: I6daad34be3e89b19adef6e2fbe738018975155fc
If in the initial sdp the caller doesn't include the line
a=rtcp-mux
Then asterisk shoud not include rtcp-mux in the response regardless
of rtcp-mux being enabled on the endpoint
ASTERISK-28007 #close
Change-Id: I58e9b9f40a139afc0da5de41906cc608fb62adc7
sip_options_get_endpoint_state_compositor_state leaked a reference to
the first available endpoint state compositor that was found.
Change-Id: Idb6be19f7219b6eed1dfb19c1e740dd40cb3fdc7
This change adds the "party" parameter to the Remote-Party-ID header
which indicates which party the header information is applicable
to. In Asterisk this is determined on whether we are the calling
or called party. This is added to improve interoperability with some
implementations.
ASTERISK-28006
Change-Id: I1eec3e377ffff8633b5c1dd59a05e9533122cfca
When a conference contained a mixture of audio/video and audio-only
users, a NOTICE message would pop up stating there are no joint
capabilities between streams. This happens because streams can never be
removed, but they can be in a REMOVED state. If we have the scenario
where user A joins with audio/video, user B joins with audio-only, and
user C joins with audio/video, then user A leaves, the message would
be triggered. That removed stream is still in the SDP, but Asterisk
would pass it through, causing it to be seen as a ulaw stream. A check
has been added for removed streams, setting their status to REMOVED when
handling negotiated SDPs.
Also addressed an issue where user A joins, then user B joins but does
not receive video until much later. Full frames were not being sent,
causing some PLI from the browser. Because the video was flowing in one
direction, the browser sets the SSRC to 1, but Asterisk was dropping the
PLI because of that. Added a check to see if the SSRC is 1 or not, which
sends full frames and allows video to flow between user A and user B.
This should only happen when dealing with PSFB or FUR, and in the case
of PSFB, only for PLI.
ASTERISK-27398
Change-Id: I26e7c6f101bc119549eeca406b5bcd25ad8ebc5e
The authors of PJProject undef s_addr because of some issue in Microsoft
Windows. However in Oracle Solaris, s_addr is not a structure member, but
defined to map to the real structure member.
Updates the patch from ASTERISK_20366
ASTERISK-27997
Change-Id: I8223026d4d54e2a46521085fcc94bfa6ebe35b11
* Don't include pjlib.h twice in res_pjsip.h
* Consistently use #include <> form for pjproject includes.
(pjsip.h and pjlib.h)
Change-Id: I3f7b42044840de64edf7e9d7695cb60c45990dc7
If asterisk offer an endpoint with SRTP and that endpoint respond
with non srtp, in that case channel(rtp,secure,audio) reply wrong
status.
Why delete flag AST_SRTP_CRYPTO_OFFER_OK while check identical remote_key:
Currently this flag has being set redundantly. In either case identical
or different remote_key this flag has being set. So if we
don't set it while we receive identical remote_key or non SRTP SDP
response then we can take decision of srtp use by using that flag.
ASTERISK-27999
Change-Id: I29dc2843cf4e5ae2604301cb4ff258f1822dc2d7
This change removes a sorcery lookup for retrieving all
contacts at the end of the registration process by keeping
track of the contacts that are added/updated/deleted.
This ensures at the end of the process the container of
contacts we have is the current state.
Pool usage has also been reduced by allocating one for
usage throughout the handling of a REGISTER and resetting
it to a clean state. This ensures that in most cases
we allocate once and just reuse it.
ASTERISK-28001
Change-Id: I1a78b2d46f9a2045dbbff1a3fd6dba84b612b3cb
This patch adds regular expression support to make the identify section's
match_header option more useful when attempting to match complex headers
like the 'To' or 'From' headers. The 'From' header has variable
components such as the tag parameter that you cannot predict. To specify
a regular expression put slashes around the regular expression in place of
the header value.
[identify-alice]
type=identify
endpoint=alice
match_header=From: /<sip:alice@127\\.0\\.0\\.1>/
* Added regex support to match_header so you could match a 'To' header
among other complex headers.
Fixed reported crashes when trying to match special headers like 'Contact'.
The identify section's match_header method used code that assumed you were
matching a generic header. Any other type of header could cause a crash
if the header structure variant did not match the generic header enough.
* Made use code that will work for any header type instead of code
specific to generic headers.
Other fixes while in the area:
* Made check all headers of the requested name.
* Added some more sanity checks to the configured identify matching
options when applying the configuration.
ASTERISK-27548
Change-Id: I27dfd4ff5e2259b906640e3c330681b76b4ed1f1
The alembic for the PJSIP subscription persistence table has the
"prune_on_boot" field as a boolean. While in Asterisk we are
tolerant of many different definitions of true and false in the
database we only accept "yes" and "no". This change makes the
field treated as a yes/no instead of an integer, thus storing
"yes" and "no" instead of "1" and "0".
Change-Id: Ic8b9211b36babefe78f70def6828a135a6ae7ab6
OpenSSL is an optional external library and should stay optional even when
Developer Mode is configured.
ASTERISK-27990
Change-Id: Ia68a4cd5474b26d45e0f43b04032ad598022853b
When realtime text packets are to be sent, the text is accumulated in a
buffer and sent regularly by a timer. It can happen that commands such as
a backspace, CR, or LF get merged with regular text. This breaks some
UAs.
The proposed change:
* We test if the current packet contains a command. If so we send the
buffer immediately.
* We test if the buffer contained a command. If so we send the buffer
immediately.
* We accumulate the text (or the command) in the buffer.
ASTERISK-27970
Change-Id: Ifbe993311410fa855cb8aa4a12084db75f413462
If a SIP MESSAGE is triggered for an endpoint that is currently not registered
- and therefore has no valid contact associated - an error message was logged.
Since this is a valid request in a valid use cases this is now changed to a
warning, as discussed with Matt Fredrickson on the asterisk-dev mailing list.
Change-Id: I55eb62d2712818a58c7532119dec288bd98cf0c0
A change recently went in which disabled the built-in PJSIP
keepalive. This defaulted to 90 seconds and kept TCP/TLS
connections alive. Disabling this functionality has resulted
in a behavior change of not doing keepalives by default resulting
in TCP/TLS connections dropping for some people.
This change makes our default keepalive interval 90 seconds
to match the previous behavior and preserve it.
ASTERISK-27978
Change-Id: Ibd9a45f3cbe5d9bb6d2161268696645ff781b1d6
* Use the replacement function ast_sip_push_task_wait_servant() instead of
the deprecated ast_sip_push_task_synchronous().
Change-Id: I145b550ba7054640c7faa3b644e63137f505c612
Support has been added for receiving a NACK request and handling it.
Now, Asterisk can detect when a NACK request should be sent and knows
how to construct one based on the packets we've received from the remote
end. A buffer has been added that will store out of order packets until
we receive the packet we are expecting. Then, these packets are handled
like normal and frames are queued to the core like normal. Asterisk
knows which packets to request in the NACK request using a vector
which stores the sequence numbers of the packets we are currently missing.
If a missing packet is received, cycle through the buffer until we reach
another packet we have not received yet. If the buffer reaches a certain
size, send a NACK request. If the buffer reaches its max size, queue all
frames to the core and wipe the buffer and vector.
According to RFC3711, the NACK request must be sent out in a compound
packet. All compound packets must start with a sender or receiver
report, so some work was done to refactor the current sender / receiver
code to allow it to be used without having to also include sdes
information and automatically send the report.
Also added additional functionality to ast_data_buffer, along with some
testing.
For more information, refer to the wiki page:
https://wiki.asterisk.org/wiki/display/AST/WebRTC+User+Experience+Improvements
ASTERISK-27810 #close
Change-Id: Idab644b08a1593659c92cda64132ccc203fe991d
A problem I've seen countless times is a global or system section
for PJSIP not getting applied. This is inevitably the result of
the "type=" line missing. This change alleviates that problem.
The ability to specify an explicit section name has been
added to res_sorcery_config. If the configured section
name matches this and there are no unknown things configured
the section is taken as being for the given type.
Both the PJSIP "global" and "system" types now support this
so you can just name your section "global" or "system" and it
will be matched and used, even without a "type=" line.
ASTERISK-27972
Change-Id: Ie22723663c1ddd24f869af8c9b4c1b59e2476893
I have removed the STATIC_BUILD option immediately as it has not
been maintained in many years and is non-functional.
ASTERISK-27965
Change-Id: I64783d017b86dba9ee3c7bcfb97e59889a3f76d7
SRTP SDES key lifetime support was added in ASTERISK_17899.
In that addition, the minimum key lifetime to be accepted was
set at the 10 hours @ 20ms/packet = 1800000 packets.
The firmware in the obi1xx ATA uses a hardcoded lifetime of
2^20 packets.
Lower the limit to 2^20 to support a wider field of clients.
ASTERISK-27967 #close
Change-Id: I81a0703c595a0c9101dfdf02300149a3cc39bf94
Previously, the msid "label" attribute was used to correlate
participant info but because streams could be reused, the msid
wasn't being updated correctly when someone left the bridge and
another joined.
Now, instead of looking for the msid attribute on a channel's streams,
app_confbridge sets an "SDP:LABEL" attribute on the stream which
res_pjsip_sdp_rtp looks for. If it finds it, it adds a "label"
attribute to the current sdp.
Change-Id: I6cbaa87fb59a2e0688d956e72d2d09e4ac20d5a5
Keep track if ICE candidates were in the SDP offer & only put them
in the corresponding SDP answer if the offer condaind ICE candidates
ASTERISK-27957 #close
Change-Id: Idf2597ee48e9a287e07aa4030bfa705430a13a92
This commit adds a new function to res_parking.
This function, PARK_GET_CHANNEL allows the retrieval
of the channel name of the channel occupying the parking slot.
ASTERISK-22825 #close
Change-Id: Idba6ae55b8a53f734238cb3d995cedb95c0e7b74
When setting/appending the media id's to the bundle group attribute a '-1' was
being passed to the 'ast_str_set/append' function for the 'max_len' parameter.
This essentially capped the length of the string to what it was originally
allocated with. In this case 64 bytes.
This patch makes it so a '0' is passed as in for the 'max_len', which means
"no maximum length".
ASTERISK-27955 #close
Change-Id: Iec565df6600401d54a502854a53d19bb4cc34876
The function pubsub_on_rx_publish_request incorrectly uses
of AST_SCHED_REPLACE_UNREF.
The AST_SCHED_REPLACE_UNREF should unref old '_data'.
Because of this, there may be a double unref
of variable 'publication' when ast_sched_del is unsuccessful
that leads to use after free of the 'publication' in publish_expire.
ASTERISK-27956 #close
Change-Id: Ie0f0cfc7e036953d890b188656010b325a5cdc82
A new option 'suppress_q850_reason_headers' has been added to the
endpoint object. Some devices can't accept multiple Reason headers and
get confused when both 'SIP' and 'Q.850' Reason headers are received.
This option allows the 'Q.850' Reason header to be suppressed.
The default value is 'no'.
ASTERISK-27949
Reported-by: Ross Beer
Change-Id: I54cf37a827d77de2079256bb3de7e90fa5e1deb1
When negotiating an incoming T.38 stream the code incorrectly
returned failure instead of a decline for the stream when a
problem occurred or the configuration didn't allow it. This
resulted in SDP offers being rejected with a 488 response
in all cases, even when another valid stream was present.
This change makes it so the stream is now declined. If no
streams are accepted a 488 response is sent while if at least
one stream is accepted all the declined streams are, well,
declined.
ASTERISK-27763
Change-Id: I88bcf793788c412a9839d111a5c736bf6867807c
We were blindly responding with AST_T38_REFUSED when ANY T.38 control
frame came accross the bridge. This causes T.38 Gateway to get confused
and the T.38 session to get in a strange state.
* Made the T.38 framehook only respond to request frames and ignore
response frames.
ASTERISK-27657
ASTERISK-27080
Change-Id: I5fb5967c7d1efb30a7ff375f82887ca82a55b05b
Using the keep_alive_interval option can result in a deadlock between the
pjproject transport manager group lock and the monitored transports ao2
container lock. The pjproject transport manager group lock has to be
superior in the locking order to the monitored transports ao2 container
lock because of pjproject callbacks called when already holding the group
lock. The lock inversion happens when Asterisk attempts to send a keep
alive packet over the reliable transports.
* Made keepalive_transport_thread() iterate over the monitored transports
container rather than use the ao2_callback() method. This avoids holding
the container lock when sending the keep alive packet.
ASTERISK-26686
Change-Id: I5d5392a52e698bbe41a93f7d8e92bf0e61fe3951
The Websocket transport uses the built-in HTTP server. As a result
the TLS configuration is done in http.conf and not in pjsip.conf.
This change adds a warning if this is configured in pjsip.conf and
also clarifies in the sample configuration file.
Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9
If we initiated a T.38 reINVITE, we would crash if we received any other
1xx response message except 100 if it were followed by a 200 response.
* Made ignore any 1xx response so we do not close out the T.38 negotiation
too early. For good measure we'll now accept any 2xx response as
acceptance of the reINVITE T.38 offer.
ASTERISK-27944
Change-Id: I0ca88aae708d091db7335af73f41035a212adff4
Incoming publications need to ensure that the module remains
loaded for the lifetime of them. This is now done by holding
a reference to the module while the publication exists. This
mirrors that of inbound subscriptions.
ASTERISK-27783
Change-Id: Ia98c95a15e11af25728d5fb3e56e12cda0cfc7c0
In addition to text/* content types, incoming_in_dialog_request now
accepts application/* content types.
Also fixed a length issue when copying the body text. It was one
character short.
ASTERISK-27942
Change-Id: I4e54d8cc6158dc47eb8fdd6ba0108c6fd53f2818
pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response. We handle this correctly. There have
been reported cases where the To tag is the same but we still need to
follow the media. The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime. The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.
So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.
The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.
Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer
* Fix several instances where we were bumping a ref in the parameter and
then unrefing the object if it failed. The way the AST_VECTOR_APPEND()
and AST_VECTOR_REPLACE() macros are implemented means if it fails the new
value was never evaluated.
Change-Id: I2847872a455b11ea7e5b7ce697c0a455a1d0ac9a
There can be one and only one thread handling a channel's media at a time.
Otherwise, we don't know which thread is going to handle the media frames.
ASTERISK-27625
Change-Id: I4d6a2fe7386ea447ee199003bf8ad681cb30454e
ConfBridge can now send events to participants via in-dialog MESSAGEs.
All current Confbridge events are supported, such as ConfbridgeJoin,
ConfbridgeLeave, etc. In addition to those events, a new event
ConfbridgeWelcome has been added that will send a list of all
current participants to a new participant.
For all but the ConfbridgeWelcome event, the JSON message contains
information about the bridge, such as its id and name, and information
about the channel that triggered the event such as channel name,
callerid info, mute status, and the MSID labels for their audio and
video tracks. You can use the labels to correlate callerid and mute
status to specific video elements in a webrtc client.
To control this behavior, the following options have been added to
confbridge.conf:
bridge_profile/enable_events: This must be enabled on any bridge where
events are desired.
user_profile/send_events: This must be set for a user profile to send
events. Different user profiles connected to the same bridge can have
different settings. This allows admins to get events but not normal
users for instance.
user_profile/echo_events: In some cases, you might not want the user
triggering the event to get the event sent back to them. To prevent it,
set this to false.
A change was also made to res_pjsip_sdp_rtp to save the generated msid
to the stream so it can be re-used. This allows participant A's video
stream to appear as the same label to all other participants.
Change-Id: I26420aa9f101f0b2387dc9e2fd10733197f1318e
Previously, Asterisk used its script ./configure, to test whether OpenSSL was
built with no-srtp (or was simply too old). However, the header file
<openssl/opensslconf.h> is the preferred way to detect the local configuration
of OpenSSL.
As a positive side-effect the script ./configure does not interleave the
detection of the Open Settlement Protocol Toolkit (OSPTK) with the detection of
individual features of OpenSSL anymore.
Change-Id: I3c77c7b00b2ffa2e935632097fa057b9fdf480c0
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
ASTERISK-27818
Change-Id: Icb275a54ff8e2df6c671a6d9bda37b5d732b3b32
Furthermore, allow OpenSSL configured with no-dh. Additionally, this change
allows auto-negotiation of the elliptic curve/group for servers, not only with
OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519
(since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect.
ASTERISK-27910
Change-Id: I5b0dd47c5194ee17f830f869d629d7ef212cf537