I assume this was missed when initially converting to XML
documentation and we've been kicking the can down the road since.
(cherry picked from commit 9e1a60727e)
Currently, each module that uses libcurl duplicates the standard
Asterisk curl user agent.
This adds a global macro for the Asterisk user agent used for
curl requests to eliminate this duplication.
ASTERISK-29861 #close
Change-Id: I9fc37935980384b4daf96ae54fa3c9adb962ed2d
Currently any response from res_curl where we get an answer from the
web server, regardless of what the response is (404, 403 etc.) Asterisk
currently treats it as a success. This patch allows you to set which
codes should be considered as a failure by Asterisk. If say we set
failurecodes=404,403 then when using curl in realtime if a server gives
a 404 error Asterisk will try to failover to the next option set in
extconfig.conf
ASTERISK-28825
Reported by: Dovid Bender
Code by: Gobinda Paul
Change-Id: I94443e508343e0a3e535e51ea6e0562767639987
Because we use shared thread-local cURL instances, we need to ensure
that the state of the cURL instance is correct before each invocation.
In the case of custom headers, we were not resetting cURL's internal
HTTP header pointer which could result in a crash if subsequent
requests do not configure custom headers.
ASTERISK-29085 #close
Change-Id: I8b4ab34038156dfba613030a45f10e932d2e992d
We allow for 'maxredirs' to be set, but this value is ignored when
followlocation is not enabled which, by default, it is not.
ASTERISK-17491 #close
Reported by: candrews
Change-Id: I96a4ab0142f2fb7d2e96ff976f6cf7b2982c761a
When user wants to send json data, the default Content-Type header
is incorect (application/x-www-form-urlencoded). This patch allows
to set any custom headers so the Content-Type header can be
overriden. User can set multiple headers by multiple calls of
curlopt(). This approach is not consistent with other parameters,
but is more readable in dialplan than one call with multiple
headers.
ASTERISK-28613
Change-Id: I4dd68c3f4e25362ef941d73a3861f58348dcfbf9
This removes references that are no longer needed due to automatic
references created by module dependencies.
In addition this removes most calls to ast_module_check as they were
checking modules which are listed as dependencies.
Change-Id: I332a6e8383d4c72c8e89d988a184ab8320c4872e
ASTERISK_REGISTER_FILE no longer has any purpose so this commit removes
all traces of it.
Previously exported symbols removed:
* __ast_register_file
* __ast_unregister_file
* ast_complete_source_filename
This also removes the mtx_prof static variable that was declared when
MTX_PROFILE was enabled. This variable was only used in lock.c so it
is now initialized in that file only.
ASTERISK-26480 #close
Change-Id: I1074af07d71f9e159c48ef36631aa432c86f9966
If AST_TEST_DEFINE is not conditional to TEST_FRAMEWORK it produces dead
code. This places all existing unit tests into a conditional block if
they weren't already.
ASTERISK-26211 #close
Change-Id: I8ef83ee11cbc991b07b7a37ecb41433e8c734686
This patch adds a write option to the CURL dialplan function, allowing it to
CURL files and store them locally. The value 'written' to the CURL URL
specifies the location on disk to store the file. As an example:
same => n,Set(CURL(http://1.1.1.1/foo.wav)=/tmp/foo.wav)
Would retrieve the file foo.wav from the remote server and store it in the
/tmp directory.
Due to the potentially dangerous nature of this function call, APIs are
forbidden from using the write functionality unless live_dangerously is set
to True in asterisk.conf.
ASTERISK-25652 #close
Change-Id: I44f4ad823d7d20f04ceaad3698c5c7f653c41b0d
Git does not support the ability to replace a token with a version
string during check-in. While it does have support for replacing a
token on clone, this is somewhat sub-optimal: the token is replaced
with the object hash, which is not particularly easy for human
consumption. What's more, in practice, the source file version was often
not terribly useful. Generally, when triaging bugs, the overall version
of Asterisk is far more useful than an individual SVN version of a file. As a
result, this patch removes Asterisk's support for showing source file
versions.
Specifically, it does the following:
* Rename ASTERISK_FILE_VERSION macro to ASTERISK_REGISTER_FILE, and
remove passing the version in with the macro. Other facilities
than 'core show file version' make use of the file names, such as
setting a debug level only on a specific file. As such, the act of
registering source files with the Asterisk core still has use. The
macro rename now reflects the new macro purpose.
* main/asterisk:
- Refactor the file_version structure to reflect that it no longer
tracks a version field.
- Remove the "core show file version" CLI command. Without the file
version, it is no longer useful.
- Remove the ast_file_version_find function. The file version is no
longer tracked.
- Rename ast_register_file_version/ast_unregister_file_version to
ast_register_file/ast_unregister_file, respectively.
* main/manager: Remove value from the Version key of the ModuleCheck
Action. The actual key itself has not been removed, as doing so would
absolutely constitute a backwards incompatible change. However, since
the file version is no longer tracked, there is no need to attempt to
include it in the Version key.
* UPGRADE: Add notes for:
- Modification to the ModuleCheck AMI Action
- Removal of the "core show file version" CLI command
Change-Id: I6cf0ff280e1668bf4957dc21f32a5ff43444a40e
This fixes autological comparison warnings in the following:
* chan_skinny: letohl may return a signed or unsigned value, depending on the
macro chosen
* func_curl: Provide a specific cast to CURLoption to prevent mismatch
* cel: Fix enum comparisons where the enum can never be negative
* enum: Fix comparison of return result of dn_expand, which returns a signed
int value
* event: Fix enum comparisons where the enum can never be negative
* indications: tone_data.freq1 and freq2 are unsigned, and hence can never be
negative
* presencestate: Use the actual enum value for INVALID state
* security_events: Fix enum comparisons where the enum can never be negative
* udptl: Don't bother to check if the return value from encode_length is less
than 0, as it returns an unsigned int
* translate: Since the parameters are unsigned int, don't bother checking
to see if they are negative. The cast to unsigned int would already blow
past the matrix bounds.
* res_pjsip_exten_state: Use a temporary value to cache the return of
ast_hint_presence_state
* res_stasis_playback: Fix enum comparisons where the enum can never be
negative
* res_stasis_recording: Add an enum value for the case where the recording
operation is in error; fix enum comparisons
* resource_bridges: Use enum value as opposed to -1
* resource_channels: Use enum value as opposed to -1
Review: https://reviewboard.asterisk.org/r/4533
ASTERISK-24917
Reported by: dkdegroot
patches:
rb4533.patch submitted by dkdegroot (License 6600)
........
Merged revisions 434469 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 434470 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@434471 65c4cc65-6c06-0410-ace0-fbb531ad65f3
........
r431297 | mmichelson | 2015-01-28 11:05:26 -0600 (Wed, 28 Jan 2015) | 17 lines
Mitigate possible HTTP injection attacks using CURL() function in Asterisk.
CVE-2014-8150 disclosed a vulnerability in libcURL where HTTP request injection
can be performed given properly-crafted URLs.
Since Asterisk makes use of libcURL, and it is possible that users of Asterisk may
get cURL URLs from user input or remote sources, we have made a patch to Asterisk
to prevent such HTTP injection attacks from originating from Asterisk.
ASTERISK-24676 #close
Reported by Matt Jordan
Review: https://reviewboard.asterisk.org/r/4364
AST-2015-002
........
r431298 | mmichelson | 2015-01-28 11:12:49 -0600 (Wed, 28 Jan 2015) | 3 lines
Fix compilation error from previous patch.
........
Merged revisions 431297-431298 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 431299 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 431301 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@431302 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the channel datastore associated with the usage of CURLOPT on a specific
channel is freed, the underlying structure holding the list of options is not
disposed of. This patch properly frees the structure in the datastore .destroy
callback.
ASTERISK-24672 #close
Reported by: Kristian Hogh
patches:
func_curl-memory-leak.diff uploaded by Kristian Hogh (License 6639)
........
Merged revisions 430487 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 430488 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@430489 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This gets rid of most old libc free/malloc/realloc and replaces them
with ast_free and friends. When compiling with MALLOC_DEBUG you'll
notice it when you're mistakenly using one of the libc variants. For
the legacy cases you can define WRAP_LIBC_MALLOC before including
asterisk.h.
Even better would be if the errors were also enabled when compiling
without MALLOC_DEBUG, but that's a slightly more invasive header
file change.
Those compiling addons/format_mp3 will need to rerun
./contrib/scripts/get_mp3_source.sh.
ASTERISK-24348 #related
Review: https://reviewboard.asterisk.org/r/4015/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@423978 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If the global_curl_info data structure could not be allocated, the
datastore associated with the operation would be free'd, but the function
would not return. This would later dereference the datastore, almost
certainly causing Asterisk to crash. With this patch, if the data
structure is not allocated the method will return an error code, and
not attempt any further operation.
........
Merged revisions 361753 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 361754 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@361755 65c4cc65-6c06-0410-ace0-fbb531ad65f3
For each component, the set of valid BNF expansions defines exactly
which characters may appear unescaped. All other characters MUST be
escaped.
This patch modifies ast_uri_encode() to encode strings in line with this recommendation. This patch also adds an ast_escape_quoted() function which escapes '"' and '\' characters in quoted strings in accordance with section 25.1 of RFC 3261. The ast_uri_encode() function has also been modified to take an ast_flags struct describing the set of rules it should use when escaping characters to allow for it to escape SIP URIs in addition to HTTP URIs and other types of URIs or variations of those two URI types in the future.
The ast_uri_decode() function has also been modified to accept an ast_flags struct describing the set of rules to use when decoding to enable decoding '+' as ' ' in legacy http URLs.
The unit tests for these functions have also been updated.
ABE-2705
Review: https://reviewboard.asterisk.org/r/1081/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@303509 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This branch adds additional methods to dialplan functions, whereby the result
buffers are now dynamic buffers, which can be expanded to the size of any
result. No longer are variable substitutions limited to 4095 bytes of data.
In addition, the common case of needing buffers much smaller than that will
enable substitution to only take up the amount of memory actually needed.
The existing variable substitution routines are still available, but users
of those API calls should transition to using the dynamic-buffer APIs.
Reviewboard: http://reviewboard.digium.com/r/174/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191140 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r146799 | tilghman | 2008-10-06 15:52:04 -0500 (Mon, 06 Oct 2008) | 8 lines
Dialplan functions should not actually return 0, unless they have modified the
workspace. To signal an error (and no change to the workspace), -1 should be
returned instead.
(closes issue #13340)
Reported by: kryptolus
Patches:
20080827__bug13340__2.diff.txt uploaded by Corydon76 (license 14)
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@146802 65c4cc65-6c06-0410-ace0-fbb531ad65f3
passed directly into the HASH() function. Requested via the -users list, and
committed at Astricon in the Code Zone.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@144199 65c4cc65-6c06-0410-ace0-fbb531ad65f3
detecting warnings when we redefine a structure each time it is used, even
though the structure is identical.
Reported by: mvanbaak, via #asterisk-dev
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@141507 65c4cc65-6c06-0410-ace0-fbb531ad65f3