Furthermore, consistently use not 'No' but ':' for non-existent file
paths. Finally, use the same pattern for checking file paths:
a) = ":"
b) != "x:"
Change-Id: I0c80c76d2cc98b0e5c859131290f4e3141a1a544
OpenSSL is one of those packages that often have alternatives
with later versions. For instance, CentOS/EL 7 has an
openssl package at version 1.0.2 but there's an openssl11
package from the epel repository that has 1.1.1. This gets
installed to /usr/include/openssl11 and /usr/lib64/openssl11.
Unfortunately, the existing --with-ssl and --with-crypto
./configure options expect to point to a source tree and
don't work in this situation. Also unfortunately, the
checks in ./configure don't use pkg-config.
In order to make this work with the existing situation, you'd
have to run...
./configure --with-ssl=/usr/lib64/openssl11 \
--with-crypto=/usr/lib64/openssl11 \
CFLAGS=-I/usr/include/openssl11
BUT... those options don't get passed down to bundled pjproject
so when you run make, you have to include the CFLAGS again
which is a big pain.
Oh... To make matters worse, although you can specify
PJPROJECT_CONFIGURE_OPTS on the ./configure command line,
they don't get saved so if you do a make clean, which will
force a re-configure of bundled pjproject, those options
don't get used.
So...
* In configure.ac... Since pkg-config is installed by install_prereq
anyway, we now use it to check for the system openssl >= 1.1.0.
If that works, great. If not, we check for the openssl11
package. If that works, great. If not, we fall back to just
checking for any openssl. If pkg-config isn't installed for some
reason, or --with-ssl=<dir> or --with-crypto=<dir> were specified
on the ./configure command line, we fall back to the existing
logic that uses AST_EXT_LIB_CHECK().
* The whole OpenSSL check process has been moved up before
THIRD_PARTY_CONFIGURE(), which does the initial pjproject
bundled configure, is run. This way the results of the above
checks, which may result in new include or library directories,
is included.
* Although not strictly needed for openssl, We now save the value of
PJPROJECT_CONFIGURE_OPTS in the makeopts file so it can be used
again if a re-configure is triggered.
ASTERISK-29693
Change-Id: I341ab7603e6b156aa15a66f43675ac5029d5fbde
Discovered while looking at ASTERISK~29684. Usage was removed in change
I3c77c7b00b2ffa2e935632097fa057b9fdf480c0.
Change-Id: Iaf2f7a16ea5a7eee6375319347e4b40b8e7b10e3
IPv6 nameserver addresses are stored in different part of the
__res_state structure, so look there if we appear to have support for
it.
ASTERISK-28004 #close
Change-Id: I67067077d8a406ee996664518d9c8fbf11f6977d
From https://www.mail-archive.com/bug-autoconf@gnu.org/msg04408.html
> ... the long-obsolete AC_HEADER_STDC, previously used internally by
> AC_INCLUDES_DEFAULT, used AC_EGREP_HEADER. The AC_HEADER_STDC macro
> is now a no-op (and is not used at all within Autoconf anymore), so
> that change is likely what made the first use of AC_EGREP_HEADER the
> one inside the if condition, causing the observed results.
The implication is that the test does nothing anyway, and due to it
being a no-op from 2.70 onwards, results in the required not being set
to yes, resulting in ./configure to fail.
Change-Id: Ic1ff38d87f791fbf1f2a80512f81bb7110392460
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
On Gentoo it's possible to have multiple lua versions installed, all
with a path of /usr, so it's not possible to use the current --with-lua
option to determisticly pin to a specific version as is required by the
Gentoo PMS standards.
This environment variable allows to lock to specific versions,
unversioned check will be skipped if this variable is supplied.
Change-Id: I8c403eda05df25ee0193960262ce849c7d2fd088
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.
I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).
This commit just makes the cache directory configurable, but leaves
it at /tmp by default, to ensure backwards compatibility.
A future commit that only targets master could change the default
location to something more sensible such as /var/tmp/asterisk. At
that point, the cachedir could be created and cleaned up during
uninstall by the Makefile script.
ASTERISK-29143
Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d
Note to maintainers: Lua 5.4, Lua 5.3, and Lua 5.2 have not been tested
at runtime with pbx_lua. Until then, use the lowest available version
of Lua, if you enabled the module pbx_lua at all.
Change-Id: Ie5270448b11fcb4e2a53d899e4fe7fea793ce7e0
The configure.m4 script for pjproject contains some += syntax, which
is specific to bash, replacing it with string substitutions makes
the script compatible with traditional Bourne shells.
ASTERISK-28866 #close
Reported-by: Christoph Moench-Tegeder <cmt@FreeBSD.org>
Change-Id: I382a78160e028044598b7da83ec7e1ff42b91c05
The Python/C API is used only if the Test Framework was enabled in Asterisk
'make menuselect'. The Test Framework is available only if the Developer Mode
was enabled in Asterisk './configure --enable-dev-mode'. And that Python/C API
is used only if the PJProject was found and not disabled in Asterisk; the user
did not go for './configure --without-pjproject'.
Furthermore, because version 2 of that Python/C API is required (currently) and
because some platforms do not offer a generic version 2, the script searches
for 2.7 explicitly as well.
To avoid version mismatch between the Python/C API and the Python environment,
the script searches for the latter in the same versions, in the same the order
as well. Because this Python/C API is just for (some) Asterisk contributors,
the script also goes for the Python 3 environment as a last resort for all
other Asterisk users. This allows 'make full' even on minimal installations of
Ubuntu 18.04 LTS and newer.
Because the Python/C API is Asterisk contributor specific, the Python packages
are removed from the script './contrib/scripts/install_prereq' as this script
is intended for Asterisk users. Asterisk contributors have to install much more
packages in any case, like:
sudo apt install autoconf automake git git-review python2.7-dev
ASTERISK-28824
ASTERISK-27717
Change-Id: Id46d357e18869f64dcc217b8fdba821b63eeb876
We (Gentoo distribution) reckon that in the case of multiple versions of
gmime installed we should prefer the newest one.
Change-Id: Idf7be613230232eb1d573d93c4a5a8297f4ecd2d
When building check_expr2 with ASLR PIE hardening enabled the linker
fails. This is resolved by adding the regular compiler flags when
building the object files from ast_expr2f.c and ast_expr2.c.
Note: The STANDALONE define is removed because it is already defined in
_ASTCFLAGS. YY_NO_INPUT is defined so that the compile survives
'--enable-dev-mode'.
Also, a Makefile variable "CROSS_COMPILING" is added so that the
build system doesn't try to run check_expr2 when cross-compiling,
because that will fail the build as will.
ASTERISK-28685 #close
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Change-Id: If435b7db9f9ad8266245bda51c81c220f9658915
When handling ICE negotiations, it's possible that there can be a delay
between STUN binding requests which in turn will cause a delay in ICE
completion, preventing media from flowing. It should be possible to send
media when there is at least one valid pair, preventing this scenario
from occurring.
A change was added to PJPROJECT that adds an optional callback
(on_valid_pair) that will be called when the first valid pair is found
during ICE negotiation. Asterisk uses this to start the DTLS handshake,
allowing media to flow. It will only be called once, either on the first
valid pair, or when ICE negotiation is complete.
ASTERISK-28716
Change-Id: Ia7b68c34f06d2a1d91c5ed51627b66fd0363d867
Instead of trying to use the defined MySQL client version from the
header use a configure check to determine whether the bool or my_bool
type should be used for defining a boolean.
ASTERISK-28604
Change-Id: Id2225b3785115de074c50c123ff1a68005b4a9c7
This change adds support for larger TLS certificates by allowing
OpenSSL to fragment the DTLS packets according to the configured
MTU. By default this is set to 1200.
This is accomplished by implementing our own BIO method that
supports MTU querying. The configured MTU is returned to OpenSSL
which fragments the packet accordingly. When a packet is to be
sent it is done directly out the RTP instance.
ASTERISK-28018
Change-Id: If2d5032019a28ffd48f43e9e93ed71dbdbf39c06
Asterisk assumes that dlopen() will always run the constructor of a
shared library and every dlclose() will run its destructor. But dlopen()
may be permanent, meaning the constructor will only be run once, as is
the case with musl libc.
With a permanent dlopen() the Asterisk module loader does not work
correctly, because it's expectations regarding when the constructors and
destructors are run are not met. In fact a segmentation fault will occur
when the first module is "re-opened" that has AST_MODFLAG_GLOBAL_SYMBOLS
set (the dlopen() does not call the constructor, resource_being_loaded
is not set to NULL, then strlen is called with NULL instead of a string,
see issue ASTERISK-28319).
This commit adds code to the loader that will manually run the
constructors/destructors of the (non-builtin) modules where needed. To
achieve this a new ao2 container (linked list) is started and filled
with objects that contain the names of the modules and the pointers to
their respective info structs.
This behavior can be activated when configuring Asterisk
(--enable-permanent-dlopen). By default this is disabled, of course.
ASTERISK-28319 #close
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Change-Id: I86693a0ecf25d5ba81c73773a03df4abc3426875
Bundled pjproject and jansson must be configured with the host and build
parameters provided to the configure script.
Autotools do not permit to check for the existence of local header files, so
the control of hrirs.h must not be done when cross-compiling.
ASTERISK-28250
Change-Id: If0a76e52a87d4ab82b7d4c72d27d8759ca931880
Some platforms provide an implementation of socket() and pipe2() that allow the
caller to specify that the resulting file descriptors should be non-blocking.
Using these allows us to potentially elide 3 calls into 1 by avoiding extraneous
calls to fcntl() to set the O_NONBLOCK flag afterwards.
In passing, change ast_alertpipe_init() to use pipe2() directly instead of the
wrapper if it is available.
Change-Id: I3ebe654fb549587537161506c6c950f4ab298bb0
We've had multiple opportunities where Richard Mudgett's
malloc_trim patch has been useful. Let's get it
pushed up to gerrit and merged.
Since malloc_trim is only available in libc, an entry is
added to configure.ac to create a definition for
HAVE_MALLOC_TRIM.
Change-Id: Ia38308c550149d9d6eae4ca414a649957de9700c
We previously allowed resample and g711 codecs to be built when
TEST_FRAMEWORK was enabled. This could cause errors if the testsuite
was run without this option enabled. Switch the build system to allow
those codecs to be built when --enable-dev-mode is used. This removes a
chance for strange testsuite errors from use of an inadequate pjsua
binary.
Change-Id: Iee8a3613cdb711fa7e7d217c5a775a575907ae22
In order to do this and provide good feedback, a new macro was
created (AST_EXT_LIB_EXTRA_CHECK) which does the normal check and
path setups for the library then compiles, links and runs a supplied
code fragment to do the final determination. In this case, the
final code fragment compares UNBOUND_VERSION_MAJOR
and UNBOUND_VERSION_MINOR to determine if they're greater than or
equal to 1.5.
Since we require version 1.5, some code in res_resolver_unbound
was also simplified.
ASTERISK-28045
Reported by: Samuel Galarneau
Change-Id: Iee94ad543cd6f8b118df8c4c7afd9c4e2ca1fa72
Use json_vsprintf from versions which contain fix for va_copy leak.
Apply fixes from jansson master:
* va_copy leak fix.
* Avoid potential invalid memory read in json_pack.
* Rename variable that shadowed another.
Change-Id: I7522e462d2a52f53010ffa1e7d705c666ec35539
When writing an RTCP report to json the code attempts to pack the "ssrc" and
"source_ssrc" unsigned integer values as a signed int value type. This of course
means if the ssrc's unsigned value is greater than that which can fit into a
signed integer value it gets converted to a negative number. Subsequently, the
negative value goes out in the json report.
This patch now packs the value as a json_int_t, which is the widest integer type
available on a given system. This should make it so the value no longer
overflows.
Note, this was caught by two failing tests hep/rtcp-receiver/ and
hep/rtcp-sender.
Change-Id: I2af275286ee5e795b79f0c3d450d9e4b28e958b0
This change brings in PJSIP 2.8, removes all the patches
that were merged upstream, and makes a minor change to
support a breaking change that was done.
ASTERISK-28059
Change-Id: I5097772b11b0f95c3c1f52df6400158666f0a189
This new option can be passed for ./configure or
./tests/CI/buildAsterisk.sh to prevent download/install of binary
modules.
Normally enabling the categories MENUSELECT_CODECS or MENUSELECT_RES
will result in binary modules being enabled even if the build target is
incompatible with those modules. This includes CI scripts which enable
categories before disabling specific modules.
If more binary modules are offered in the future this will help avoid
accidentally downloading them if unwanted or incompatible. Adding a
binary module will only require creating a new menuselect entry similar
to the existing ones, it will not be necessary to modify the CI scripts.
Change-Id: I6b1bd1c75a2e48f05b8b8a45b7a7a2d00a079166
In Solaris, the header <jansson.h> is in /usr/include/jansson. To find
Jansson even in such a subdirectory, the tool pkg-config is queried via
AST_PKG_CONFIG_CHECK. For those platforms, which do not list Jansson via
pkg-config, the previous check remains and is executed thereafter.
Because the check for the NetBSD Editline library uses the tool pkg-config
the code of PKG_PROG_PKG_CONFIG must be used. Because that check happens
earlier than Jansson, it must be placed in front of that.
ASTERISK-27991
Change-Id: I69ea0f379f87a50049654b2487c76ee1c04fa53a
Previously, Asterisk did not tell its bundled PJProject about this configure
parameter. Therefore, PJProject used the platform provided OpenSSL always.
ASTERISK-27880
Change-Id: Iea545aec854dd0e2c061c69bb118a76ce56c5dc6
When `--without-libcurl` is used PBX_CURL is never set. Set default
value 0 so the proper value is passed to menuselect.
Change-Id: I03e2842a00899cbca2dbde52bb1f6636d54bae1e
pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response. We handle this correctly. There have
been reported cases where the To tag is the same but we still need to
follow the media. The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime. The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.
So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.
The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.
Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer
Previously, Asterisk used its script ./configure, to test whether OpenSSL was
built with no-srtp (or was simply too old). However, the header file
<openssl/opensslconf.h> is the preferred way to detect the local configuration
of OpenSSL.
As a positive side-effect the script ./configure does not interleave the
detection of the Open Settlement Protocol Toolkit (OSPTK) with the detection of
individual features of OpenSSL anymore.
Change-Id: I3c77c7b00b2ffa2e935632097fa057b9fdf480c0
Furthermore, allow OpenSSL configured with no-dh. Additionally, this change
allows auto-negotiation of the elliptic curve/group for servers, not only with
OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519
(since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect.
ASTERISK-27910
Change-Id: I5b0dd47c5194ee17f830f869d629d7ef212cf537
This fixes build warnings found by GCC 8. In some cases format
truncation is intentional so the warning is just suppressed.
ASTERISK-27824 #close
Change-Id: I724f146cbddba8b86619d4c4a9931ee877995c84