XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
(closes issue ABE-2902)
Reported by: Guenther Kelleter
Tested by: Guenther Kelleter
Review: http://reviewboard.digium.internal/r/365/
........
Merged revision 378919 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
........
Merged revisions 378933 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378934 65c4cc65-6c06-0410-ace0-fbb531ad65f3
On a multihomed server when sending a NOTIFY message, we were not figuring out
which network should be used to contact the peer.
This patch fixes the problem by calling ast_sip_ouraddrfor() and then
build_via() so that our NOTIFY message contains the correct IP address.
Also, a debug message is being added to help follow the call-id changes that
occur. This was helpful for confirming that the IP address was set properly
since the call-id contains the IP address. It also will be helpful for
troubleshooting purposes when following a call in the debug logs.
(closes issue ASTERISK-20805)
Reported by: Bryan Hunt
Tested by: Bryan Hunt, Michael L. Young
Patches:
asterisk-20805-notify-ip-v2.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2255/
........
Merged revisions 378554 from http://svn.asterisk.org/svn/asterisk/branches/1.8
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378559 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.
This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.
(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
event-cachability-3.diff uploaded by jcolp (license 5000)
........
Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378320 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378321 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.
This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
* For SIP, the allocation now has an upper limit
* For HTTP, the allocation is now a heap allocation instead of a stack
allocation
* For XMPP (in res_jabber), the allocation has been eliminated since it was
unnecesary.
Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.
(issue ASTERISK-20658)
Reported by: wdoekes, Brandon Edwards
Tested by: mmichelson, wdoekes
patches:
ASTERISK-20658_res_jabber.c.patch uploaded by mmichelson (license 5049)
issueA20658_http_postvars_use_malloc2.patch uploaded by wdoekes (license 5674)
issueA20658_limit_sip_packet_size3.patch uploaded by wdoekes (license 5674)
........
Merged revisions 378269 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378286 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378287 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk now includes Min-SE in outbound INVITEs when the value is not
90 (the default) and session timers are not disabled. This has the
effect of Asterisk following RFC4028 more closely with regard to 422
responses and preventing situations in which Asterisk would be forced
to temporarily accept a call to tear it down based on a Session-Expires
below the locally configured Min-SE.
(issue SWP-5051)
Review: https://reviewboard.asterisk.org/r/2222/
Reported-by: Kinsey Moore
Patch-by: Kinsey Moore
........
Merged revisions 377946 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377947 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377948 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The issue comes from the fact that transfers may perform
a redirecting update on a channel. The issue is that lock
inversion between the channel and its tech_pvt occurs since
the channel lock is released during the transfer process.
The fix is to move when the redirecting update occurs to a
place where neither the tech_pvt or the channel is locked so
that the two can be locked in the proper order.
(closes issue ASTERISK-20708)
reported by Mark Michelson
patches:
ASTERISK-20708-3.patch uploaded by Mark Michelson (License #5049)
Tested by:
Tim Ringenbach at Asteria Solutions Group
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377910 65c4cc65-6c06-0410-ace0-fbb531ad65f3
During the TLS re-work in chan_sip some TLS specific code was moved
into a separate function. This function operates on a copy of the
incoming SIP request. This copy was never deinitialized causing a
memory leak for each request processed.
This function is now given a SIP request structure which it can use
to copy the incoming request into. This reduces the amount of memory
allocations done since the internal allocated components are reused
between packets and also ensures the SIP request structure is
deinitialized when the TLS connection is torn down.
(closes issue ASTERISK-20763)
Reported by: deti
........
Merged revisions 377257 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 377258 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377259 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The principal behind this patch is simple. During a transfer,
we manipulate channels that are owned by a separate thread than
the one we currently are running in, so it makes sense that we
need to grab a reference to the channels so that they cannot
disappear out from under us.
In the wild, crashes were sometimes seen when the transferring
party would hang up the call before the transfer target answered
the call. The most common place to see the crash occur was when
attempting to send a connected line update to the transferer
channel.
(closes issue ASTERISK-20226)
Reported by Jared Smith
Patches:
ASTERISK-20226.patch uploaded by Mark Michelson (License #5049)
Tested by: Jared Smith
........
Merged revisions 376901 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376916 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
For 1.8, 10, 11 and trunk we are are improving the code readability.
For 11 and trunk, auto nat detection was added. The natdetected flag was being
set to 1 when the host address in the VIA header did not specifiy a port. This
patch fixes this by setting the port on the temporary sock address used to
SIP_STANDARD_PORT in order for the sock address comparison to work properly.
(closes issue ASTERISK-20724)
Reported by: Michael L. Young
Patches:
asterisk-20724-set-port-v2.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/2206/
........
Merged revisions 376834 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376835 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376836 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Websocket by default doesn't return an ast_str for the payload received. When
converting it to an ast_str on chan_sip the last character was being omitted,
because ast_str functions expects that the given length includes the trailing
0x00. payload_len only has the actual string length without counting the
trailing zero.
For most cases this passed unnoticed as most of SIP messages ends with \r\n.
(closes issue ASTERISK-20745)
Reported by: Iñaki Baz Castillo
Review: https://reviewboard.asterisk.org/r/2219/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376822 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk 11 follows RFC3265 that states that after every subscribe or resubscribe a notify should be sent.
Thus the console if filled continuously with the following after every subscribe;
== Extension Changed 8512[phones] new state IDLE for Notify User cisco1
In Asterisk 1.8 only changes would be sent. Thus only when a device state changed was anything emitted to the console.
fix:
Only print to console when device state isn't forced.
(closes issue ASTERISK-20706)
Reported by: alecdavis
Tested by: alecdavis
alecdavis (license 585)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376540 65c4cc65-6c06-0410-ace0-fbb531ad65f3
With ICE support enabled in chan_sip and a large number of interfaces on the system it was
possible for the produced SDP to be truncated due to some fixed size buffers. These buffers
have now been changed so they will dynamically grow as needed.
ICE support is now also enabled by default in res_rtp_asterisk to provide a smoother experience
for chan_motif users where it is required. To maintain the previous behavior in chan_sip it is
no longer enabled by default there.
(closes issue ASTERISK-20643)
Reported by: coopvr
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376130 65c4cc65-6c06-0410-ace0-fbb531ad65f3
While looking at some debug logs, I noticed that it was being reported that the
SDP origin line was unsupported or failed. Upon looking into this on my local
machine, I found that I too was getting this debug message yet everything seemed
to be getting processed properly. What was discovered is, that, the variable to
determine what is displayed in the debug message for the SDP line that was
processed, was not being set for the origin line when the result was successful.
This patch fixes this and was tested on local machine.
........
Merged revisions 375594 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 375601 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@375613 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A regression was introduced in chan_sip by changes to sip reload introduced by
r349097. That patch moved peer purging from the beginning of the reload to
after the general configuration was finished. This patch fixes that by undoing
the repositioning of the original peer purging code and using a similar
function after performing general configuration that purges only autocreated
peers that were created when persist mode isn't enabled.
(closes issue ASTERISK-20611)
Reported by: Alisher
Review: https://reviewboard.asterisk.org/r/2171/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@375575 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If a "sip reload" is issued for a SIP peer, then his
IP address will be cleared, thus resulting in forgetting the
public IP address. Asterisk will then attempt to route SIP
traffic to the private IP address.
The fix here is to make "sip reload" ignore realtime peers
when "host = dynamic" is spotted. Realtime peers can now only
have their IP address reset if they have gone from being not
dynamic to being dynamic.
(closes issue ASTERISK-18203)
reported by daren ferreira
(closes issue ASTERISK-20572)
reported by JoshE
Patches:
fix_nat_realtime.diff uploaded by JoshE (license #6075)
........
Merged revisions 375415 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 375417 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@375437 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This is used to solve an issue where a poll on a file
descriptor does not necessarily correspond to the readiness
of a FILE handle to be read.
This change makes it so that for TCP connections, we do a
recv() on the file descriptor instead.
Because TCP does not guarantee that an entire message or even
just one single message will arrive during a read, a loop has
been introduced to ensure that we only attempt to handle a
single message at a time. The tcptls_session_instance structure
has also had an overflow buffer added to it so that if more
than one TCP message arrives in one go, there is a place to
throw the excess.
Huge thanks goes out to Walter Doekes for doing extensive review
on this change and finding edge cases where code could fail.
(closes issue ASTERISK-20212)
reported by Phil Ciccone
Review: https://reviewboard.asterisk.org/r/2123
........
Merged revisions 374905 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 374906 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@374914 65c4cc65-6c06-0410-ace0-fbb531ad65f3
During testing, it was discovered that having chan_sip
export global symbols was problematic.
The biggest problem was that load order was affected.
Trying to use realtime could be problematic since in
all likelihood the necessary realtime driver(s) would
not be loaded before chan_sip.
In addition, it was found that it was impossible to
use the Digium Phone Module for Asterisk since it
must be loaded before chan_sip since it must hook
into chan_sip's configuration parsing.
The solution is to use a virtual table in the same
manner that other modules in Asterisk do, like
app_voicemail.
(closes issue ASTERISK-20545)
Reported by: kmoore
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@374842 65c4cc65-6c06-0410-ace0-fbb531ad65f3
There was a missing decrement to the reference count for the current ICE
candidate when local candidates are being added to an outbound SDP. This
patch corrects that.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@374085 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The SIP session timer mechanism contains a mandatory 'refresher' parameter
(included in the Session-Expires header) which is used in the session timer
offer/answer signaling within a SIP Invite dialog. It looks like asterisk is
interpreting the uac resp. uas role only as the initial role of client and
server (caller is uac, callee is uas). The standard rfc 4028 however assigns
the client role to the ((RE)-Invite) requester, the server role to the
((RE)-Invite) responder.
This patch has Asterisk track the actual refresher as "us" or "them" as opposed
to relying on just the configured "uas" or "uac" properties.
(closes issue AST-922)
Reported by: Thomas Airmont
Review: https://reviewboard.asterisk.org/r/2118/
........
Merged revisions 373652 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 373665 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373690 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk v1.8 and later was not as vulnerable to this issue.
* Made find_call() lock each private as it processes the found dialogs.
(Primary cause of ABE-2876)
* Made the other functions that traverse the dialogs container lock each
private as it examines them.
* Fix race condition in sip_call() if the thread that sent the INVITE is
held up long enough for a response to be processed. The p->initid for the
INVITE retransmission could be added after it was canceled by the response
processing.
* Made __sip_destroy() clean up resource pointers after freeing. This is
primarily defensive in case someone has a stale private pointer.
* Removed redundant memset() in reqprep(). The call to init_req() already
does the memset() and is the first reference to req in reqprep().
* Removed useless set of req.method in transmit_invite(). The calls to
initreqprep() and reqprep() have to do this because they memset() the req.
JIRA ABE-2876
..........
Merged -r373423 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
........
Merged revisions 373424 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 373466 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373469 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If conditions were right it was possible for both the PBX core and chan_sip to deadlock by both having a lock that the other
wants. In the case of the PBX core it had the contexts lock and wanted a SIP dialog lock, while in the case of chan_sip it
had the SIP dialog lock and wanted the contexts lock.
This fix unlocks the SIP dialog before getting the extension state so that the other thread will not block on trying to lock
it. Once the extension state is retrieved the SIP dialog is locked again and life carries on.
As the SIP dialog is reference counted it is not possible for it to go away after unlocking.
(closes issue ASTERISK-20437)
Reported by: jhutchins
........
Merged revisions 373438 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 373440 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373454 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The H.264 format attribute module compares two format attribute structures to determine if they are
compatible or not. In some instances it was possible for this check to determine that both structures
were incompatible when they actually should be considered compatible. This check has now been made even
more permissive by assuming that if no attribute information is available the two structures are compatible.
If both structures contain attribute information a base level comparison of the H.264 IDC value is done to
see if they are compatible or not.
The above issue uncovered a secondary issue in chan_sip where the SDP being produced would be incorrect if
the formats were considered incompatible. This has now been fixed by checking that all information required
to produce the SDP is available instead of assuming it is.
(closes issue ASTERISK-20464)
Reported by: Leif Madsen
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373413 65c4cc65-6c06-0410-ace0-fbb531ad65f3
As mentioned on the review for this, WebRTC has moved towards choosing
DTLS-SRTP as the mechanism for key exchange for SRTP. This commit adds
support for this but makes it available for normal SIP clients as well.
Testing has been done to ensure that this introduces no regressions with
existing behavior and also that it functions as expected.
Review: https://reviewboard.asterisk.org/r/2113/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373229 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When the patch to handle arbitrary SDP stream arrangements went into
Asterisk, it also included an ability to transparently decline unknown
stream types. The scanf calls used were not checked properly causing
this part of the functionality to be broken.
(closes issue ASTERISK-20203)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373211 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch resolves two sources of memory leaks when using TLS in Asterisk:
1) It removes improper initialization (and multiple re-initializations) of
portions of the SSL library. Asterisk calls SSL_library_init and
SSL_load_error_strings during SSL initialization; collectively this
obviates the need for calling any of the following during initialization
or client connection handling:
* ERR_load_crypto_strings (handled by SSL_load_error_strings)
* OpenSSL_add_all_algorithms (synonym for SSL_library_init)
* SSLeay_add_ssl_algorithms (synonym for SSL_library_init)
2) Failure to completely clean up all memory allocated by Asterisk and by
the SSL library for TLS clients. This included not freeing the SSL_CTX
object in the SIP channel driver, as well as not clearing the error
stack when the TLS client exited.
Note that these memory leaks were found by Thomas Arimont, and this patch
was essentially written by him with some minor tweaks.
(closes issue AST-889)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
patches:
(bugAST-889.patch) by Thomas Arimont (license 5525)
Review: https://reviewboard.asterisk.org/r/2105
........
Merged revisions 373061 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 373062 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@373079 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to 1.8, it was not necessary for an explicit "type" to be set for an
asterisk LDAP realtime peer. Now the routine find_peer actually checks the
type field during registration and fails to find the peer if it is not set.
The attached patches make the realtime type equal whatever type is being
searched for if the type is 0 upon return from routine build_peer.
(closes issue ASTERISK-17222)
Reported by: John Covert
Patch by: David Vossel
Tested by: Darren Sessions
Review: https://reviewboard.asterisk.org/r/2095/
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@372500 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The problem had to do with logic used when checking for what the oldest ringing channel
was. The problem was that if no channel was found, then no notification would be sent.
For custom device states, there is no associated channel, so no notification would get
sent. This fixes the issue by still sending the notification even if no associated
channel can be found for a ringing device state change.
(closes issue ASTERISK-20297)
Reported by Noah Engelberth
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@372137 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Under certain conditions, a SIP transaction involving directmedia wouldn't
trigger a re-invite because the SDP answer was included in an ACK instead
of in a message that we would have triggered the invite with. This patch
just queues a source change control frame if the dialog is using
directmedia when we find sdp for an ACK.
(closes issue AST-913)
Reported by: Thomas Arimont
........
Merged revisions 371337 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 371338 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@371355 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The helper function, get_address_family_filter, in chan_sip for dns resolution
by address family was not recognizing the websockets transport and resulting in
a null pointer being sent to functions in netsock2, in an attempt to determine
if we are bound to ANY address ([::]) or not.
This patch fixes this issue by handling the transport types SIP_TRANSPORT_WS and
SIP_TRANSPORT_WSS which results in a sock address being set properly for use in
determining the address family.
(closes issue ASTERISK-20221)
Reported by: Sven Beisiegel
Tested by: Sven Beisiegel, James Mortensen
Patches:
asterisk-20221-ws-family-filter.diff uploaded by Michael L. Young (license 5026)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@371295 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This adds HANGUPCAUSE information to called channels so that hangup
handlers can, in conjunction with predial dialplan execution, access
the hangupcause information when the dialed channel hangs up on a
one-to-one basis instead of a many-to-one basis as with HANGUPCAUSE
usage on the caller channel.
Review: https://reviewboard.asterisk.org/r/2069/
(closes issue ASTERISK-20198)
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@371258 65c4cc65-6c06-0410-ace0-fbb531ad65f3
