Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.
This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
* For SIP, the allocation now has an upper limit
* For HTTP, the allocation is now a heap allocation instead of a stack
allocation
* For XMPP (in res_jabber), the allocation has been eliminated since it was
unnecesary.
Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.
(issue ASTERISK-20658)
Reported by: wdoekes, Brandon Edwards
Tested by: mmichelson, wdoekes
patches:
ASTERISK-20658_res_jabber.c.patch uploaded by mmichelson (license 5049)
issueA20658_http_postvars_use_malloc2.patch uploaded by wdoekes (license 5674)
issueA20658_limit_sip_packet_size3.patch uploaded by wdoekes (license 5674)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@378269 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The SIP session timer mechanism contains a mandatory 'refresher' parameter
(included in the Session-Expires header) which is used in the session timer
offer/answer signaling within a SIP Invite dialog. It looks like asterisk is
interpreting the uac resp. uas role only as the initial role of client and
server (caller is uac, callee is uas). The standard rfc 4028 however assigns
the client role to the ((RE)-Invite) requester, the server role to the
((RE)-Invite) responder.
This patch has Asterisk track the actual refresher as "us" or "them" as opposed
to relying on just the configured "uas" or "uac" properties.
(closes issue AST-922)
Reported by: Thomas Airmont
Review: https://reviewboard.asterisk.org/r/2118/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@373652 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In r356604, SRTP handling was fixed to accomodate multiple crypto keys in an
SDP offer and the ability to re-create an SRTP session when the crypto keys
changed. In certain circumstances - most notably when a phone is put on
hold after having been bridged for a significant amount of time - the act
of re-creating the SRTP session causes problems for certain models of phones.
The patch committed in r356604 always re-created the SRTP session regardless
of whether or not the cryptographic keys changed. Since this is technically
not necessary, this patch modifies the behavior to only re-create the SRTP
session if Asterisk detects that the remote key has changed. This allows
models of phones that do not handle the SRTP session changing to continue
to work, while also providing the behavior needed for those phones that do
re-negotiate cryptographic keys.
In addition, in Asterisk 1.8 only, it was found that phones that offer
AES_CM_128_HMAC_SHA1_32 will end up with no audio if the phone is the
initiator of the call. The phone will send an INVITE request specifying
that AES_CM_128_HMAC_SHA1_32 be used for the cryptographic policy; Asterisk
will set its policy to that value. Unfortunately, when the call is Answered
and a 200 OK is sent back to the UA, the policy sent in the response's SDP
will be the hard coded value AES_CM_128_HMAC_SHA1_80. This potentially
results in Asterisk using the INVITE request's policy of
AES_CM_128_HMAC_SHA1_32, while the phone uses Asterisk's response of
AES_CM_128_HMAC_SHA1_80. Hilarity ensues as both endpoints think the other
is crazy.
This patch fixes that by caching the policy from the request and responding
with it. Note that this is not a problem in Asterisk 10 and later, as the
ability to configure the policy was added in that version.
(issue ASTERISK-20194)
Reported by: Nicolo Mazzon
Tested by: Nicolo Mazzon
Review: https://reviewboard.asterisk.org/r/2099
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@372709 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This is based on the review request posted by Walter Doekes
(referenced lower in the commit message)
The main fix here is to treat the IPorHost portion of the dial
string as a temporary outbound proxy. This ensures requests
get sent to the proper location.
Due to the age of the request, some parts were no longer relevant.
For instance, the request moved outbound proxy parsing code into
a single method. This is done in a previous commit, so it was not
necessary to do again.
Also, the review request fixed some errors with regards to request
routing for CANCEL and ACK requests. This has also been fixed in
more recent commits.
(closes issue ASTERISK-19677)
reported by Walter Doekes
Review https://reviewboard.asterisk.org/r/1859
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370769 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When Asterisk servers are set up back-to-back, and
direct media is to be used betweeen endpoints, it is
fairly common for the two Asterisk servers to send
direct media reinvites to each other simultaneously.
This results in 491s and ACKs being exchanged between
the servers. While the media eventually gets set up
properly, the problem is that there can be a noticeable
delay for the streams to stabilize.
This patch adds a new directmedia option called "outgoing".
With this set, an immediate direct media reinvite will only
be sent if the call direction is outgoing. For incoming
dialogs, an immediate direct media reinvite will not be sent,
but further "reactionary" direct media reinvites may be sent.
For those who are having some deja vu, that's because this
patch was originally committed to trunk since there is a
new configuration option added. After seeing a bug report
about audio being slow to set up on SIP calls, it became
apparent that this patch would be the best solution for
resolving the issue. The patch is unintrusive and will
have no effect unless the option is explicitly enabled.
(closes issue AST-896)
reported by Thomas Arimont
(closes issue ASTERISK-19857)
reported by Matt Jordan
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@370618 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A previous attempt at fixing this issue had negative side effects related
to attended transfers which this patch should resolve. Many thanks to
Steve Davies for all of the good suggestions and testing.
(closes issue ASTERISK-19992)
Reported by: Steve Davies
Tested by: Steve Davies, Terry Wilson
Review: https://reviewboard.asterisk.org/r/2009/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@369557 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The basic problem is that if a re-INVITE is sent by Asterisk and it receives a
provisional response, but no final response, then the dialog is never torn
down. In addition to leaking memory, this also leaks file descriptors and will
eventually lead to Asterisk no longer being able to process calls.
This patch just keeps track of whether there is an outstanding re-INVITE, and if
there is goes ahead and cleans up everything as though there was no outstanding
reinvite.
Review: https://reviewboard.asterisk.org/r/2009/
(closes issue ASTERISK-19992)
Reported by: Steve Davies
Tested by: Steve Davies, Terry Wilson
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@369436 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Match our local tag to whatever to-tag was sent in the initial INVITE.
Because the size of the to-tag may not fit in the buffer in the sip_pvt,
it has been changed to a string field.
(closes issue ASTERISK-19892)
reported by Walter Doekes
Review: https://reviewboard.asterisk.org/r/1977
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@369352 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Since we now have tools that scan through the source tree looking for files
with specific support levels, we need to ensure that every file that is
a component of a 'core' or 'extended' module (or the main Asterisk binary)
is explicitly marked with its support level. This patch adds support-level
indications to many more source files in tree, but avoids adding them to
third-party libraries that are included in the tree and to source files
that don't end up involved in Asterisk itself.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@369001 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Most of these were just saving returned values without using them and
in some cases the variable being saved to could be removed as well.
(issue ASTERISK-19672)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@368738 65c4cc65-6c06-0410-ace0-fbb531ad65f3
It appears that a patch did not apply properly when adding tests 12 and
13 and test 11 was duplicated. These tests have been reordered and
renumbered such that they make sense.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@366882 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch addresses a number of memory leaks in a variety of modules that were
found by a static analysis tool. A brief summary of the changes:
* app_minivm: free ast_str objects on off nominal paths
* app_page: free the ast_dial object if the requested channel technology
cannot be appended to the dialing structure
* app_queue: if a penalty rule failed to match any existing rule list
names, the created rule would not be inserted and its memory
would be leaked
* app_read: dispose of the created silence detector in the presence of
off nominal circumstances
* app_voicemail: dispose of an allocated unique ID field for MWI event
un-subscribe requests in off nominal paths; dispose of
configuration objects when using the secret.conf option
* chan_dahdi: dispose of the allocated frame produced by ast_dsp_process
* chan_iax2: properly unref peer in CLI command "iax2 unregister"
* chan_sip: dispose of the allocated frame produced by sip_rtp_read's
call of ast_dsp_process; free memory in parse unit tests
* func_dialgroup: properly deref ao2 object grhead in nominal path of
dialgroup_read
* func_odbc: free resultset in off nominal paths of odbc_read
* cli: free match_list in off nominal paths of CLI match completion
* config: free comment_buffer/list_buffer when configuration file load
is unchanged; free the same buffers any time they were
created and config files were processed
* data: free XML nodes in various places
* enum: free context buffer in off nominal paths
* features: free ast_call_feature in off nominal paths of applicationmap
config processing
* netsock2: users of ast_sockaddr_resolve pass in an ast_sockaddr struct
that is allocated by the method. Failures in
ast_sockaddr_resolve could result in the users of the method
not knowing whether or not the buffer was allocated. The
method will now not allocate the ast_sockaddr struct if it
will return failure.
* pbx: cleanup hash table traversals in off nominal paths; free
ignore pattern buffer if it already exists for the specified
context
* xmldoc: cleanup various nodes when we no longer need them
* main/editline: various cleanup of pointers not being freed before being
assigned to other memory, cleanup along off nominal paths
* menuselect/mxml: cleanup of value buffer for an attribute when that attribute
did not specify a value
* res_calendar*: responses are allocated via the various *_request method
returns and should not be allocated in the various
write_event methods; ensure attendee buffer is freed if no
data exists in the parsed node; ensure that calendar objects
are de-ref'd appropriately
* res_jabber: free buffer in off nominal path
* res_musiconhold: close the DIR* object in off nominal paths
* res_rtp_asterisk: if we run out of ports, close the rtp socket object and free
the rtp object
* res_srtp: if we fail to create the session in libsrtp, destroy the
temporary ast_srtp object
(issue ASTERISK-19665)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/1922
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@366880 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This resolves core findings from ASTERISK-19650 numbers 0-2, 6, 7, 9-11, 14-20,
22-24, 28, 30-32, 34-36, 42-56, 82-84, 87, 89-90, 93-102, 104, 105, 109-111,
and 115. Finding numbers 26, 33, and 29 were already resolved. Those skipped
were either extended/deprecated or in areas of code that shouldn't be
disturbed.
(Closes issue ASTERISK-19650)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@366167 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Most of the changes here are trivial NULL checks. There are a couple
optimizations to remove the need to check for NULL and outboundproxy parsing
in chan_sip.c was rewritten to avoid use of strtok. Additionally, a bug was
found and fixed with the parsing of outboundproxy when "outboundproxy=," was
set.
(Closes issue ASTERISK-19654)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@365398 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The SIP TCP/TLS worker threads were created joinable but noone could join
them if they died on their own.
* Fix the SIP TCP/TLS worker threads to not be created joinable.
* _sip_tcp_helper_thread() only needs one parameter since the pvt
parameter is only passed in as NULL and never used.
(closes issue ASTERISK-19203)
Reported by: Steve Davies
Review: https://reviewboard.asterisk.org/r/1714/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356677 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Currently, when using res_srtp, once the SRTP policy has been added to the
current session the policy is locked into place. Any attempt to replace an
existing policy, which would be needed if the remote endpoint negotiated a new
cryptographic key, is instead rejected in res_srtp. This happens in particular
in transfer scenarios, where the endpoint that Asterisk is communicating with
changes but uses the same RTP session.
This patch modifies res_srtp to allow remote and local policies to be reloaded
in the underlying SRTP library. From the perspective of users of the SRTP API,
the only change is that the adding of remote and local policies are now added
in a single method call, whereas they previously were added separately. This
was changed to account for the differences in handling remote and local
policies in libsrtp.
Review: https://reviewboard.asterisk.org/r/1741/
(closes issue ASTERISK-19253)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
Patches:
srtp_renew_keys_2012_02_22.diff uploaded by Matt Jordan (license 6283)
(with some small modifications for this check-in)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356604 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* fix: use %u instead of %d when dealing with CSeq numbers - to remove possibility of -ve numbers.
* fix: change all uses of seqno and friends (ocseq icseq) from 'int' or 'unsigned int' to uint32_t.
Summary of CSeq numbers.
An initial CSeq number must be less than 2^31
A CSeq number can increase in value up to 2^32-1
An incrementing CSeq number must not wrap around to 0.
Tested with Asterisk 1.8.8.2 with Grandstream phones.
alecdavis (license 585)
Tested by: alecdavis
Review: https://reviewboard.asterisk.org/r/1699/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@353320 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If a BLF subscription exists for long enough, using %d may print negative version numbers.
Unlikely, as 2^32 at 1 update per second is ~137 years, or half that before the versions number started going negative.
Tested with Asterisk 1.8.8.2 with Grandstream phones.
alecdavis (license 585)
Tested by: alecdavis
Review: https://reviewboard.asterisk.org/r/1694/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@352862 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix corner cases in get_calleridname() parsing and ensure that the
output buffer is nul terminated.
* Make get_calleridname() truncate the name it parses if the given buffer
is too small rather than abandoning the parse and not returning anything
for the name. Adjusted get_calleridname_test() unit test to handle the
truncation change.
* Fix get_in_brackets_test() unit test to check the results of
get_in_brackets() correctly.
* Fix parse_name_andor_addr() to not return the address of a local buffer.
This function is currently not used.
* Fix potential NULL pointer dereference in sip_sendtext().
* No need to memset(calleridname) in check_user_full() or tmp_name in
get_name_and_number() because get_calleridname() ensures that it is nul
terminated.
* Reply with an accurate response if get_msg_text() fails in
receive_message(). This is academic in v1.8 because get_msg_text() can
never fail.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@351618 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch resolves the issue where MWI subscriptions are orphaned
by subsequent SIP SUBSCRIBE messages. When a peer is removed, either
by pruning realtime SIP peers or by unloading / loading chan_sip, the
MWI subscriptions that were orphaned would still be on the event engine
list of valid subscriptions but have a pointer to a peer that no longer
was valid. When an MWI event would occur, this would cause a seg fault.
(closes issue ASTERISK-18663)
Reported by: Ross Beer
Tested by: Ross Beer, Matt Jordan
Patches:
blf_mwi_diff_12_06_11.txt uploaded by Matt Jordan (license 6283)
Review: https://reviewboard.asterisk.org/r/1610/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@347058 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The recent fix for ASTERISK-17288 to get RFC3578 SIP overlap support
working correctly removed a long standing ability to do overlap dialing
using DTMF in the early media phase of a call.
See ASTERISK-18702 it has a very good description of the issue.
I started with Pavel Troller's chan_sip.diff patch on issue
ASTERISK-18702.
* Added 'dtmf' enum value to sip.conf allowoverlap config option. The new
option value causes the Incomplte application to not send anything with
chan_sip so the caller can supply more digits via DTMF.
* Renames SIP_GET_DEST_PICKUP_EXTEN_FOUND to SIP_GET_DEST_EXTEN_MATCHMORE
since that is what it really means.
* Fixed get_destination() inconsistency with the pickup extension
matching.
* Fixed initialization of PAGE3 of global_flags in reload_config().
(closes issue ASTERISK-18702)
Reported by: Pavel Troller
Review: https://reviewboard.asterisk.org/r/1517/
Review: https://reviewboard.asterisk.org/r/1582/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@345273 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The issue mentioned in the bug report had been fixed recently by
twilson. The reporter included this documentation fix.
(closes issue ASTERISK-18572)
Reported by: Richard Miller
Patch by: Richard Miller (modified)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@345160 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Fix bug ASTERISK-16558 which dealt with the order of responses to incoming
streams defined by SDP.
Fix unreported bug where offering multiple same-type streams would cause
Asterisk to reply with an incorrect SDP response missing one or more streams
without a proper declination.
Fix bugs related to a single non-audio stream being offered with responses
requesting codecs that were not offered in the initial invite along with an
additional audio stream that was not in the initial invite.
Review: https://reviewboard.asterisk.org/r/1516/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@344385 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The domain matching code prior to 1.8 used to manually remove the port
from the host:port string when determining if an incoming request
matched the list of domains. When switching to the new parsing
functions, the documentation implied that the "domain" was being
returned by these functions, when instead it was returning the
"hostport" as defined by RFC 3261. This led to confusion and resulted
in 1.8+ rejecting an incoming request from x.x.x.x:xxxxx when
domain=x.x.x.x was set in sip.conf.
This patch renames the "domain" variables in the parsing functions to
"hostport" to more accurately describe what it is that they are
returning and also properly truncates the resulting hostport strings
when dealing with domain matching.
Review: https://reviewboard.asterisk.org/r/1574/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@344215 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The original REGISTERTRYING flag, in addition to being impossible to
check, also encroached on the space for the flag above it. This
patch moves the flags that were below REGISTERTRYING back to where
they were as though we had just removed the REGISTERTRYING option.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@343276 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This option is not only useless, but has been broken since inception since
the flag was never copied from the peer where it is set to the pvt where
it was checked. RFC 3261 specificially states that you should not send a
provisional response to a non-INVITE request, and if we did fix the code
so that it worked, it would cause the same kind of user enumeration
vulnerability that we've discussed with the nat= setting. This patch
removes registertrying option and any code that would have sent a 100
response to a register.
Review: https://reviewboard.asterisk.org/r/1562/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@343220 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fix potential deadlocks in SIP and IAX blind transfer to parking.
* Fix SIP, IAX, DAHDI analog, and MGCP channel drivers to respect the
parkext_exclusive option with transfers (Park(,,,,,exclusive_lot)
parameter). Created ast_park_call_exten() and ast_masq_park_call_exten()
to maintian API compatibility.
* Made masq_park_call() handle a failed ast_channel_masquerade() setup.
* Reduced excessive struct parkeduser.peername[] size.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@341254 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Fixed deadlock potential calling dialog_unlink_all() in
__sip_autodestruct(). Found by helgrind.
* Fixed deadlock potential in handle_request_invite() after calling
sip_new(). Found by helgrind.
* The sip_new() function now returns with the created channel already
locked.
* Removed the dead code that starts a PBX in in sip_new(). No sip_new()
callers caused that code to be executed and it was a bad thing to do
anyway.
* Removed unused parameters and return value from dialog_unlink_all().
* Made dialog_unlink_all() and __sip_autodestruct() safely obtain the
owner and private channel locks without a deadlock avoidance loop.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@340284 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If you use the auth= parameter and do a "sip reload" while there is an
ongoing call. The peer->auth data points to free'd memory.
The patch does several things:
1) Puts the authentication list into an ao2 object for reference counting
to fix the reported crash during a SIP reload.
2) Converts the authentication list from open coding to AST list macros.
3) Adds display of the global authentication list in "sip show settings".
(closes issue ASTERISK-17939)
Reported by: wdoekes
Patches:
jira_asterisk_17939_v1.8.patch (license #5621) patch uploaded by rmudgett
Review: https://reviewboard.asterisk.org/r/1303/
JIRA SWP-3526
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@326291 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Moved the sip uri parse variable initalization to parse_uri_full in reqresp_parser.c. This will ensure that any use of parse uri will have null output variables if the parse fails.
(closes issue #19346)
Reported by: kobaz
Tested by: kobaz,JonathanRose
Review: [full review board URL with trailing slash]
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@321155 65c4cc65-6c06-0410-ace0-fbb531ad65f3
With the new option engaged, Asterisk should interpret user fields with useroptions
contained within the userfield of the uri by stripping them out of the original message
whenever a semicolon is encountered in the userfield string.
(closes issue #18344)
Reported by: danimal
Tested by: jrose
Review: https://reviewboard.asterisk.org/r/1223/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@319938 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r315893 | mnicholson | 2011-04-27 14:03:05 -0500 (Wed, 27 Apr 2011) | 21 lines
Merged revisions 315891 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r315891 | mnicholson | 2011-04-27 13:57:56 -0500 (Wed, 27 Apr 2011) | 14 lines
Fix our compliance with RFC 3261 section 18.2.2.
This change optimizes the free_via() function and removes some redundant null
checking. It also fixes compliance with RFC 3261 section 18.2.2 by always using
the port specified in the Via header for routing responses (even when maddr is
not set). Also the htons() function is now used when setting the port.
Additional documentation comments have been added in various places to make the
logic in the code clearer.
(closes issue #18951)
Reported by: jmls
Patches:
issue18951_set_proper_port_from_via.patch uploaded by wdoekes (license 717) (modified)
........
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@315894 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r314620 | mnicholson | 2011-04-21 13:22:19 -0500 (Thu, 21 Apr 2011) | 20 lines
Merged revisions 314607 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r314607 | mnicholson | 2011-04-21 13:19:21 -0500 (Thu, 21 Apr 2011) | 14 lines
Added limits to the number of unauthenticated sessions TCP based protocols are allowed to have open simultaneously. Also added timeouts for unauthenticated sessions where it made sense to do so.
Unrelated, the manager interface now properly checks if the user has the "system" privilege before executing shell commands via the Originate action.
AST-2011-005
AST-2011-006
(closes issue #18787)
Reported by: kobaz
(related to issue #18996)
Reported by: tzafrir
........
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@314628 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This function isn't used anywhere yet, but we definitely don't want
to keep the same value for buf between calls to the function.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@311558 65c4cc65-6c06-0410-ace0-fbb531ad65f3
