* Updated test_uuid.c to test the new API call.
* Made system use the new API call to eliminate "10's of lines" where
used.
* Fixed untested ast_strdup() return in stasis_subscribe() by eliminating
the need for it. struct stasis_subscription now contains the uniqueid[]
string.
* Fixed some issues in exchangecal_write_event():
Create uid with enough space for a UUID string to avoid a realloc.
Fix off by one error if the calendar event provided a UUID string.
There is no need to check for NULL before calling ast_free().
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@384302 65c4cc65-6c06-0410-ace0-fbb531ad65f3
While looking at the security vulnerability in ASTERISK-20967, Walter noticed
a file descriptor leak and some other issues in off nominal code paths. This
patch corrects them.
Note that this patch is not related to the vulnerability in ASTERISK-20967,
but the patch was placed on that issue.
(closes issue ASTERISK-20967)
Reported by: wdoekes
patches:
issueA20967_file_leak_and_unused_wkspace.patch uploaded by wdoekes (License 5674)
........
Merged revisions 384118 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 384119 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@384120 65c4cc65-6c06-0410-ace0-fbb531ad65f3
AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"
response.
This issue was reported by Christoph Hebeisen of TELUS Security Labs
(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
patches:
AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
AST-2013-002-10.diff uploaded by mmichelson (License 5049)
AST-2013-002-11.diff uploaded by mmichelson (License 5049)
........
Merged revisions 383978 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383980 65c4cc65-6c06-0410-ace0-fbb531ad65f3
r375757 attempted to resolve a race condition between multiple submissions of
CDRs while in batch mode from attempting to destroy the scheduled batch
submission by extending the batch CDR lock. Unfortunately, this causes a
deadlock between the pending CDR lock and the batch CDR lock. This patch
resolves the intent of r375757 by simply providing a new lock that protects
the scheduling of the batches. The original batch CDR lock is kept to protect
manipulation of the batch CDR settings, but has been placed such that it
is not held when the pending lock is held.
Thanks to Chase Venters for providing lock analysis on the issue.
(issue ASTERISK-21162)
Reported by: Chase Venters
........
Merged revisions 383839 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 383840 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383841 65c4cc65-6c06-0410-ace0-fbb531ad65f3
HangupRequest and SoftHangupRequest are now ast_channel_blob Stasis
messages, with the cause code as an optional field in the blob.
NewCallerid now simply watches for changes in the callerid information
in channel snapshots, and creates the AMI event appropriately.
Since the original NewCallerid event honored the channelvars setting
in manager.conf, the channel variables configured there had to become
a part of the channel snapshot. These are now a part of every snapshot
based event, making the configuration description "every time a
channel-oriented event is emitted" less of a lie.
There a a few other changes wrapped up in here as well.
* When ast_channel_topic() is given NULL for a channel, it returns
the ast_channel_topic_all() topic instead of NULL. This can clean
up a lot of NULL checking we're doing currently.
* The fields Cause and Cause-txt were removed from the base channel
information and put only on the Hangup events, since those fields
are meaningless outside of a Hangup event.
* Removed the pipe-delimiter processing of the channelvars field,
since that's been deprecated forever.
(closes issue ASTERISK-21096)
Review: https://reviewboard.asterisk.org/r/2405/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383726 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Core modules don't honor <depend> flags in MODULEINFO, which broke jansson
if specified --with-jansson to configure.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383633 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When I moved res_json.c to json.c, I left the MODULE_INFO stuff in there,
which was interesting if you ran module show. I also forgot to call what
was in module_load() from asterisk main().
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383611 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch started out simply as fixing the bouncing tests introduced
in r382685, but required some other changes to give it a decent
implementation.
To fix the bouncing tests, the UserEvent and Newexten AMI events
needed to be refactored to dispatch via Stasis. Dispatching directly
to AMI resulted in those events sometimes getting ahead of the
associated Newchannel events, which would understandably confuse anyone.
I found that instead of creating a zillion different message types and
structures associated with them, it would be preferable to define a
message type that has a channel snapshot and a blob of structured data
with a small bit of additional information. The JSON object model
provides a very nice way of representing structured data, so I went
with that.
* Move JSON support from res_json.c to main/json.c
* Made libjansson-dev a required dependency
* Added an ast_channel_blob message type, which has a channel
snapshot and JSON blob of data.
* Changed UserEvent and Newexten events so that they are dispatched
via ast_channel_blob messages on the channel's topic.
* Got rid of the ast_channel_varset message; used ast_channel_blob
instead.
* Extracted the manager functions converting Stasis channel events to
AMI events into manager_channel.c.
(issue ASTERISK-21096)
Review: https://reviewboard.asterisk.org/r/2381/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383579 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Because of the way that topics were handled when publishing, it was
possible to dispatch a message to a subscription after that
subscription had been unsubscribed such that the dispatched message
arrived at the callback after the callback had received its final
message. In callbacks that cleaned up user data, this would often cause
a segfault. This has been resolved by locking the topic during the
entirety of dispatch. To prevent long publishing and topic locking
times, forwarding subscriptions have been made to be standard
subscriptions instead of mailboxless subscriptions which were
dispatched at publishing time.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383422 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When using scoped locks, the unref of an AO2 object should happen after
the unlock occurs which requires usage of scoped refs.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383377 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Remove MWI's dependency on the event system by moving it to
Stasis-core. This also introduces forwarding topic pools in Stasis-core
which aggregate many dynamically allocated topics into a single primary
topic.
Review: https://reviewboard.asterisk.org/r/2368/
(closes issue ASTERISK-21097)
Patch-by: Kinsey Moore
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383284 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Often times, when subscribing to a topic, one wants to handle
different message types differently. While one could cascade if/else
statements through the subscription handler, it is much cleaner to
specify a different callback for each message type. The
stasis_message_router is here to help!
A stasis_message_router is constructed for a particular stasis_topic,
which is subscribes to. Call stasis_message_router_unsubscribe() to
cancel that subscription.
Once constructed, routes can be added using
stasis_message_router_add() (or stasis_message_router_set_default()
for any messages not handled by other routes). There may be only one
route per stasis_message_type. The route's callback is invoked just as
if it were a callback for a subscription; but it only gets called for
messages of the specified type.
(issue ASTERISK-20887)
Review: https://reviewboard.asterisk.org/r/2390/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383242 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Unsubscribing things in Asterisk seems to very commonly follow with
NULLing out the variable that was unsubscribed. This change makes that
a bit simpler.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383168 65c4cc65-6c06-0410-ace0-fbb531ad65f3
AMI, HTTP, and chan_sip all support TLS in some way, but none of them
support all the options that Asterisk's TLS core is capable of
interpreting. This prevents consumers of the TLS/SSL layer from setting
TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting
the client certificate when tlsverifyclient is set. Currently, there is
no consumer of main/tcptls.c in Asterisk that supports this feature and
so it can not be properly tested.
Review: https://reviewboard.asterisk.org/r/2370/
Reported-by: John Bigelow
Patch-by: Kinsey Moore
(closes issue AST-1093)
........
Merged revisions 383165 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 383166 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@383167 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The cache dump mechanism allows the developer to retreive multiple
items of a given type (or of all types) from the cache residing in a
stasis caching topic in addition to the existing single-item cache
retreival mechanism. This also adds to the caching unit tests to
ensure that the new cache dump mechanism is functioning properly.
Review: https://reviewboard.asterisk.org/r/2367/
(issue ASTERISK-21097)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@382705 65c4cc65-6c06-0410-ace0-fbb531ad65f3
For the initial use of this bus, I took some work kmoore did creating
channel snapshots. So rather than create AMI events directly in the
channel code, this patch generates Stasis events, which manager.c uses
to then publish the AMI event.
This message bus provides a generic publish/subscribe mechanism within
Asterisk. This message bus is:
- Loosely coupled; new message types can be added in seperate modules.
- Easy to use; publishing and subscribing are straightforward
operations.
In addition to basic publish/subscribe, the patch also provides
mechanisms for message forwarding, and for message caching.
(issue ASTERISK-20887)
(closes issue ASTERISK-20959)
Review: https://reviewboard.asterisk.org/r/2339/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@382685 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Often, Asterisk may realize that a change in the source of an RTP stream is
about to occur and ask that the RTP engine reset it's lock on the current RTP
source. In certain scenarios, it may take awhile for the new remote system to
send RTP packets, while the old remote system may continue providing RTP during
that time period. This causes Asterisk to re-lock onto the old source, thereby
rejecting the new source when the old source stops sending RTP and the new
source begins.
This patch prevents that by having a constant secondary, 'secret' probation
mode enabled when an RTP source has been chosen. RTP packets from other sources
are always considered, but never chosen unless the current RTP source stops
sending RTP.
Review: https://reviewboard.asterisk.org/r/2364
(closes issue AST-1124)
Reported by: John Bigelow
Tested by: John Bigelow
(closes issue AST-1125)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 382573 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@382589 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If ast_threadpool_set_size with a size equal to the current size, a
reference to a set_size_data structure would be leaked.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@382555 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Ownership of the listener reference is not transferred because the
listener is reffed when placed into the taskprocessor. Ensure that the
listener is dereffed properly.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@382489 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When converting AMI class authorizations to a string representation, the
method always appends the ALL class authorization. This is especially
important for events, as they should always communicate that class
authorization - even if the event itself does not specify ALL as a class
authorization for itself. (Events have always assumed that the ALL class
authorization is implied when they are raised)
Unfortunately, this did mean that specifying a user with restricted class
authorizations would show up in the 'manager show user' CLI command as
having the ALL class authorization.
Rather then modifying the existing string manipulation function, this patch
adds a function that will only return a string if the field being compared
explicitly matches class authorization field it is being compared against.
This prevents ALL from being returned unless it is actually specified for
the user.
(closes issue ASTERISK-20397)
Reported by: Johan Wilfer
........
Merged revisions 381939 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 381943 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381949 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The incorrect callid was being written to the "data1" field in queue_log table
for transfer events. The callid of the queue was being written instead of the
transfer target's callid. This now gets the correct "transfer to" number and
places that in the "data1" field of the queue_log table when a transfer event
is triggered.
(closes issue ASTERISK-19960)
Reported by: vladimir shmagin
........
Merged revisions 381770 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 381791 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381792 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a module's configuration is not loadable, we still load the module but it
is not in a running state. When trying to troubleshoot, let's say, why
chan_motif is ignoring inbound XMPP traffic, there is no way to indicate that a
loaded module is not currently running.
(closes issue ASTERISK-21108)
Reported by: Rusty Newton
Tested by: Michael L. Young
Patches:
asterisk-21108_add_status-v2.diff Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2331/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381749 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch fixes a crash in Asterisk that could be caused by using the
PresenceState AMI action while providing an invalid provider. This patch
also adds some additional warnings when a user attempts to provide the
PresenceState action with invalid data, and removes some NOTICE statements
that were still lurking in the code from testing.
(closes issue AST-1084)
Reported by: John Bigelow
Tested by: John Bigelow
........
Merged revisions 381594 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381595 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch does two things:
1. It disables (temporarily) strict XML documentation checking for module
configurations. We should re-enable it before making any release from
trunk.
2. Pass the module flag AST_MODULE through sorcery. This means several of the
API calls are now macros and will do this automatically for you. The config
framework needs the module that objects are registering to so it can
properly construct the documentation. (This was already a required field,
but sorcery was getting by without it)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381567 65c4cc65-6c06-0410-ace0-fbb531ad65f3
While autoservice is running and servicing a channel the callid is being stored
and removed in the thread's local storage for each iteration of the thread loop.
If debug was set to a sufficient level the log file would be spammed with callid
thread local storage debug messages.
Added a new function that checks to see if the callid to be stored is different
than what is already contained (if anything). If it is different then
store/replace and log, otherwise just leave as is. Also made it so all logging
of debug messages pertaining to the callid thread storage outputs only when
TEST_FRAMEWORK is defined.
(issue ASTERISK-21014)
(closes issue ASTERISK-21014)
Report by: Rusty Newton
Review: https://reviewboard.asterisk.org/r/2324/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381557 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch allows a module to define its configuration in XML in source, such
that it can be parsed by the XML documentation engine. Documentation is
generated in a two-pass approach:
1. The documentation is first generated from the XML pulled from the source
2. The documentation is then enhanced by the registration of configuration
options that use the configuration framework
This patch include configuration documentation for the following modules:
* chan_motif
* res_xmpp
* app_confbridge
* app_skel
* udptl
Two new CLI commands have been added:
* config show help - show configuration help by module, category, and item
* xmldoc dump - dump the in-memory representation of the XML documentation to
a new XML file.
Review: https://reviewboard.asterisk.org/r/2278
Review: https://reviewboard.asterisk.org/r/2058
patches:
on review 2058 uploaded by twilson
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381527 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The core module related to coloring terminal output was old and needed
some love. The main thing here was an attempt to get rid of the
obscene number of stack-local buffers that were allocated for no other
reason than to colorize some output. Instead, this uses a simple trick
to allocate several buffers within threadlocal storage, then
automatically rotates between them, so that you can make multiple calls
to the colorization routine within one function and not need to
allocate multiple buffers.
Review: https://reviewboard.asterisk.org/r/2241/
Patches:
bug.patch uploaded by Tilghman Lesher
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@381448 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Richard Mudgett
Kinsey Moore
Matthew Jordan
Joshua Colp
David M. Lee
Jason Parker
Tzafrir Cohen
Kevin Harwell
Michael L. Young