Update for 13.37.1

AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
If Asterisk sends out an INVITE and receives a challenge with a different nonce value each time, it will continuously send out INVITEs, even if the call is hung up. The endpoint must be configured for outbound authentication for this to occur. A limit has been set on outbound INVITEs so that, once reached, Asterisk will stop sending INVITEs and the transaction will terminate. ASTERISK-29013 Change-Id: I2d001ca745b00ca8aa12030f2240cd72363b46f7 (cherry picked from commit 01b7ac0d59)
2025-11-09 19:38:22 +00:00 · 2020-11-05 16:03:42 -05:00 · 2020-11-05 14:58:12 -06:00 · 2020-11-05 15:28:46 -05:00
11 changed files with 421 additions and 316 deletions
--- a/.version
+++ b/.version
@@ -1 +1 @@
-13.37.0
+13.37.1
--- a/48
+++ b/48
@@ -1,3 +1,51 @@
 2020-11-05 21:03 +0000  Asterisk Development Team <asteriskteam@digium.com>
 	* asterisk 13.37.1 Released.
 2020-11-02 10:29 +0000 [66737026ef]  Ben Ford <bford@digium.com>
 	* AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
 	  If Asterisk sends out an INVITE and receives a challenge with a
 	  different nonce value each time, it will continuously send out INVITEs,
 	  even if the call is hung up. The endpoint must be configured for
 	  outbound authentication for this to occur. A limit has been set on
 	  outbound INVITEs so that, once reached, Asterisk will stop sending
 	  INVITEs and the transaction will terminate.
 	  ASTERISK-29013
 	  Change-Id: I2d001ca745b00ca8aa12030f2240cd72363b46f7
 	  (cherry picked from commit 01b7ac0d590b0ad2e3e856d1a81fc87154ae68a0)
 2020-10-19 17:21 +0000 [1f169177ed]  Kevin Harwell <kharwell@digium.com>
 	* AST-2020-001 - res_pjsip: Return dialog locked and referenced
 	  pjproject returns the dialog locked and with a reference. However,
 	  in Asterisk the method that handles this decrements the reference
 	  and removes the lock prior to returning. This makes it possible,
 	  under some circumstances, for another thread to free said dialog
 	  before the thread that created it attempts to use it again. Of
 	  course when the thread that created it tries to use a freed dialog
 	  a crash can occur.
 	  This patch makes it so Asterisk now returns the newly created
 	  dialog both locked, and with an added reference. This allows the
 	  caller to de-reference, and unlock the dialog when it is safe to
 	  do so.
 	  In the case of a new SIP Invite the lock, and reference are now
 	  held for the entirety of the new invite handling process.
 	  Otherwise it's possible for the dialog, or its dependent objects,
 	  like the transaction, to disappear. For example if there is a TCP
 	  transport error.
 	  ASTERISK-29057 #close
 	  Change-Id: I5ef645a47829596f402cf383dc02c629c618969e
 	  (cherry picked from commit b87527b000af5e8e28bdc2657f11d4d4a6f07500)
 2020-10-19 18:10 +0000  Asterisk Development Team <asteriskteam@digium.com>
 	* asterisk 13.37.0 Released.
--- a/asterisk-13.37.0-summary.html
+++ b/asterisk-13.37.0-summary.html
@@ -1,63 +0,0 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-13.37.0</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-13.37.0</h3><h3 align="center">Date: 2020-10-19</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
 <li><a href="#summary">Summary</a></li>
 <li><a href="#contributors">Contributors</a></li>
 <li><a href="#closed_issues">Closed Issues</a></li>
 <li><a href="#commits">Other Changes</a></li>
 <li><a href="#diffstat">Diffstat</a></li>
 </ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-13.36.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
 <tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
 <tr valign="top"><td width="33%">3 Sean Bright <sean.bright@gmail.com><br/>3 Joshua C. Colp <jcolp@sangoma.com><br/>2 Asterisk Development Team <asteriskteam@digium.com><br/>2 George Joseph <gjoseph@digium.com><br/>2 Alexander Traud <pabstraud@compuserve.com><br/>1 Kfir Itzhak <mastertheknife@gmail.com><br/>1 Kevin Harwell <kharwell@digium.com><br/>1 Torrey Searle <tsearle@voxbone.com><br/>1 Patrick Verzele <patrick@verzele.be><br/>1 Nickolay Shmyrev <nshmyrev@alphacephei.com><br/>1 Tzafrir Cohen <tzafrir@debian.org><br/></td><td width="33%"><td width="33%">1 Dennis <dennis.buteyn@xorcom.com><br/>1 Nickolay V. Shmyrev <nshmyrev@alphacephei.com><br/>1 Ramarajan <pramarajan@sangoma.com><br/>1 Ove Aursand <oveaurs@gmail.com><br/>1 Thomas Johnson <tjohnson@microautomation.com><br/>1 Misha Vodsedalek <vmisha@seznam.cz><br/>1 Torrey Searle <tsearle@gmail.com><br/>1 Kfir Itzhak <mastertheknife@gmail.com><br/>1 Joshua C. Colp <jcolp@digium.com><br/>1 Karsten Wemheuer <kwe-digium@iptam.com><br/>1 Joseph Ades <josephades1@gmail.com><br/>1 Leandro Dardini <ldardini@gmail.com><br/></td></tr>
 </table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Applications/app_queue</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-25665">ASTERISK-25665</a>: Duplicate logging in queue log for EXITEMPTY events<br/>Reported by: Ove Aursand<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0064aa0107c377805293198e5214611f79778485">[0064aa0107]</a> Kfir Itzhak -- app_queue: Fix leave-empty not recording a call as abandoned</li>
 </ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29043">ASTERISK-29043</a>: app_queue: Leave empty sometimes not recorded as abandoned<br/>Reported by: Kfir Itzhak<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0064aa0107c377805293198e5214611f79778485">[0064aa0107]</a> Kfir Itzhak -- app_queue: Fix leave-empty not recording a call as abandoned</li>
 </ul><br><h4>Category: Applications/app_voicemail</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29029">ASTERISK-29029</a>: Voicemail "pollmailboxes"-option not working, bug in function handle_subscribe<br/>Reported by: Karsten Wemheuer<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=4cc8d29fd3dbf97c597a02cdb5815c925cc4f3e3">[4cc8d29fd3]</a> Sean Bright -- app_voicemail: Fix pollmailboxes</li>
 </ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-27273">ASTERISK-27273</a>: app_voicemail: When a voicemail is marked as "Urgent", it is not sent by email/processed by the mailcmd command<br/>Reported by: Leandro Dardini<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=273f819dfe29bf3decd4835a9f2989dffa3472fb">[273f819dfe]</a> Sean Bright -- app_voicemail: Process urgent messages with mailcmd</li>
 </ul><br><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28878">ASTERISK-28878</a>: chan_pjsip: PJSIP_MEDIA_OFFER Broken asterisk 16<br/>Reported by: Joseph Ades<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=bf139ff519670117735373c58c892f5b816429df">[bf139ff519]</a> Kevin Harwell -- chan_pjsip: disallow PJSIP_SEND_SESSION_REFRESH pre-answer execution</li>
 </ul><br><h4>Category: PBX/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29046">ASTERISK-29046</a>: pbx: Deadlock when doing a reload, while simultaneously doing an ExtensionState on a pattern match hint that ends up adding an extension<br/>Reported by: Ramarajan<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e519d28fe05c37c1e59ef9386bc6fbf131f9c081">[e519d28fe0]</a> Joshua C. Colp -- pbx: Fix hints deadlock between reload and ExtensionState.</li>
 </ul><br><h4>Category: Resources/res_parking</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29042">ASTERISK-29042</a>: res_parking: Parker UUID is no longer copied<br/>Reported by: Misha Vodsedalek<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=dc6d3a746c2c1bdc458bc3249340686637624177">[dc6d3a746c]</a> Joshua C. Colp -- parking: Copy parker UUID as well.</li>
 </ul><br><h4>Category: Resources/res_pjsip_diversion</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29001">ASTERISK-29001</a>: chan_pjsip does not process or forward 181 responses<br/>Reported by: Torrey Searle<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=efb682c8f29dc856c9d20326adeefec72a2c16d9">[efb682c8f2]</a> Torrey Searle -- res_pjsip_diversion: handle 181</li>
 </ul><br><h4>Category: Resources/res_pjsip_session</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29033">ASTERISK-29033</a>: res_pjsip_session: Aggressively terminates session on failed re-INVITE<br/>Reported by: Joshua C. Colp<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=02dee3986a6baccea7f1fe6c97b42ecd736c5008">[02dee3986a]</a> Joshua C. Colp -- res_pjsip_session: Don't aggressively terminate on failed re-INVITE.</li>
 </ul><br><h4>Category: Resources/res_rtp_asterisk</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28974">ASTERISK-28974</a>: res_rtp_asterisk: T.140 messages have appended RTP string to each message block.<br/>Reported by: Thomas Johnson<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=179530558da026d6b18cbf42d59fe49c7600fd03">[179530558d]</a> Sean Bright -- bridge_channel: Ensure text messages are zero terminated</li>
 </ul><br><h4>Category: Resources/res_speech</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29040">ASTERISK-29040</a>: res_speech: Assertion on format<br/>Reported by: Nickolay V. Shmyrev<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=fd49b4b43c9befd225e916911fe00af02b75f359">[fd49b4b43c]</a> Nickolay Shmyrev -- res_speech: Bump reference on format object</li>
 </ul><br><h3>Improvement</h3><h4>Category: Applications/app_followme</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29010">ASTERISK-29010</a>: Allow disabling of FollowMe prompt<br/>Reported by: Dennis<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c1117777566161b27ab5ee97297ffd1ef72c1216">[c111777756]</a> Tzafrir Cohen -- followme: allow disabling callee prompt</li>
 </ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
 <tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7a5b1ab47a5da4cc6fe4d45121579094cebcc647">7a5b1ab47a</a></td><td>Asterisk Development Team</td><td>Update for 13.37.0-rc1</td></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8ccae31f5dceb4dc8c6f17f259450409f5a9e408">8ccae31f5d</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for 13.37.0</td></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d649ab4a30ee48fbe92616e2ced7a54e5f184102">d649ab4a30</a></td><td>Patrick Verzele</td><td>res_pjsip_session: Deferred re-INVITE without SDP send a=sendrecv instead of a=sendonly</td></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=bc615ee4c4911856ef5b43b1b1174e604fdbb446">bc615ee4c4</a></td><td>George Joseph</td><td>ast_coredumper: Fix issues with naming</td></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=384f2638b295e5e5624596381394c93d9bea2f06">384f2638b2</a></td><td>Alexander Traud</td><td>sip_nat_settings: Update script for latest Linux.</td></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8055807be2d695f9992d35562d7f92a8ef5f637f">8055807be2</a></td><td>Alexander Traud</td><td>samples: Fix keep_alive_interval default in pjsip.conf.</td></tr>
 <tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c7df06a07744216b165795e99f4efe2e65d9a3d2">c7df06a077</a></td><td>George Joseph</td><td>scope_trace: Updated macro stubs to match other branches</td></tr>
 </table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-13.36.0-summary.html          |   64 ---------
 asterisk-13.36.0-summary.txt           |  226 ---------------------------------
 b/.version                             |    2
 b/CHANGES                              |    9 +
 b/ChangeLog                            |  185 +++++++++++++++++++++++++--
 b/apps/app_followme.c                  |   90 ++++++++-----
 b/apps/app_queue.c                     |    1
 b/apps/app_voicemail.c                 |   30 +---
 b/asterisk-13.37.0-rc1-summary.html    |   66 +++++++++
 b/asterisk-13.37.0-rc1-summary.txt     |  224 ++++++++++++++++++++++++++++++++
 b/channels/pjsip/dialplan_functions.c  |    5
 b/configs/samples/followme.conf.sample |    8 +
 b/configs/samples/pjsip.conf.sample    |   10 -
 b/contrib/scripts/ast_coredumper       |    4
 b/contrib/scripts/sip_nat_settings     |   19 +-
 b/include/asterisk/frame.h             |    5
 b/include/asterisk/logger.h            |   81 ++++++++++-
 b/main/bridge_channel.c                |   37 +++++
 b/res/res_pjsip_diversion.c            |    6
 b/res/res_pjsip_session.c              |    5
 20 files changed, 694 insertions(+), 383 deletions(-)</pre><br></html>
--- a/asterisk-13.37.0-summary.txt
+++ b/asterisk-13.37.0-summary.txt
@@ -1,223 +0,0 @@
                                Release Summary
                                asterisk-13.37.0
                                Date: 2020-10-19
                           <asteriskteam@digium.com>
     ----------------------------------------------------------------------
                               Table of Contents
    1. Summary
    2. Contributors
    3. Closed Issues
    4. Other Changes
    5. Diffstat
     ----------------------------------------------------------------------
                                    Summary
                                 [Back to Top]
   This release is a point release of an existing major version. The changes
   included were made to address problems that have been identified in this
   release series, or are minor, backwards compatible new features or
   improvements. Users should be able to safely upgrade to this version if
   this release series is already in use. Users considering upgrading from a
   previous version are strongly encouraged to review the UPGRADE.txt
   document as well as the CHANGES document for information about upgrading
   to this release series.
   The data in this summary reflects changes that have been made since the
   previous release, asterisk-13.36.0.
     ----------------------------------------------------------------------
                                  Contributors
                                 [Back to Top]
   This table lists the people who have submitted code, those that have
   tested patches, as well as those that reported issues on the issue tracker
   that were resolved in this release. For coders, the number is how many of
   their patches (of any size) were committed into this release. For testers,
   the number is the number of times their name was listed as assisting with
   testing a patch. Finally, for reporters, the number is the number of
   issues that they reported that were affected by commits that went into
   this release.
   Coders                      Testers               Reporters                
   3 Sean Bright                                     1 Dennis                 
   3 Joshua C. Colp                                  1 Nickolay V. Shmyrev    
   2 Asterisk Development Team                       1 Ramarajan              
   2 George Joseph                                   1 Ove Aursand            
   2 Alexander Traud                                 1 Thomas Johnson         
   1 Kfir Itzhak                                     1 Misha Vodsedalek       
   1 Kevin Harwell                                   1 Torrey Searle          
   1 Torrey Searle                                   1 Kfir Itzhak            
   1 Patrick Verzele                                 1 Joshua C. Colp         
   1 Nickolay Shmyrev                                1 Karsten Wemheuer       
   1 Tzafrir Cohen                                   1 Joseph Ades            
                                                     1 Leandro Dardini        
     ----------------------------------------------------------------------
                                 Closed Issues
                                 [Back to Top]
   This is a list of all issues from the issue tracker that were closed by
   changes that went into this release.
  Bug
    Category: Applications/app_queue
   ASTERISK-25665: Duplicate logging in queue log for EXITEMPTY events
   Reported by: Ove Aursand
     * [0064aa0107] Kfir Itzhak -- app_queue: Fix leave-empty not recording a
       call as abandoned
   ASTERISK-29043: app_queue: Leave empty sometimes not recorded as abandoned
   Reported by: Kfir Itzhak
     * [0064aa0107] Kfir Itzhak -- app_queue: Fix leave-empty not recording a
       call as abandoned
    Category: Applications/app_voicemail
   ASTERISK-29029: Voicemail "pollmailboxes"-option not working, bug in
   function handle_subscribe
   Reported by: Karsten Wemheuer
     * [4cc8d29fd3] Sean Bright -- app_voicemail: Fix pollmailboxes
   ASTERISK-27273: app_voicemail: When a voicemail is marked as "Urgent", it
   is not sent by email/processed by the mailcmd command
   Reported by: Leandro Dardini
     * [273f819dfe] Sean Bright -- app_voicemail: Process urgent messages
       with mailcmd
    Category: Channels/chan_pjsip
   ASTERISK-28878: chan_pjsip: PJSIP_MEDIA_OFFER Broken asterisk 16
   Reported by: Joseph Ades
     * [bf139ff519] Kevin Harwell -- chan_pjsip: disallow
       PJSIP_SEND_SESSION_REFRESH pre-answer execution
    Category: PBX/General
   ASTERISK-29046: pbx: Deadlock when doing a reload, while simultaneously
   doing an ExtensionState on a pattern match hint that ends up adding an
   extension
   Reported by: Ramarajan
     * [e519d28fe0] Joshua C. Colp -- pbx: Fix hints deadlock between reload
       and ExtensionState.
    Category: Resources/res_parking
   ASTERISK-29042: res_parking: Parker UUID is no longer copied
   Reported by: Misha Vodsedalek
     * [dc6d3a746c] Joshua C. Colp -- parking: Copy parker UUID as well.
    Category: Resources/res_pjsip_diversion
   ASTERISK-29001: chan_pjsip does not process or forward 181 responses
   Reported by: Torrey Searle
     * [efb682c8f2] Torrey Searle -- res_pjsip_diversion: handle 181
    Category: Resources/res_pjsip_session
   ASTERISK-29033: res_pjsip_session: Aggressively terminates session on
   failed re-INVITE
   Reported by: Joshua C. Colp
     * [02dee3986a] Joshua C. Colp -- res_pjsip_session: Don't aggressively
       terminate on failed re-INVITE.
    Category: Resources/res_rtp_asterisk
   ASTERISK-28974: res_rtp_asterisk: T.140 messages have appended RTP string
   to each message block.
   Reported by: Thomas Johnson
     * [179530558d] Sean Bright -- bridge_channel: Ensure text messages are
       zero terminated
    Category: Resources/res_speech
   ASTERISK-29040: res_speech: Assertion on format
   Reported by: Nickolay V. Shmyrev
     * [fd49b4b43c] Nickolay Shmyrev -- res_speech: Bump reference on format
       object
  Improvement
    Category: Applications/app_followme
   ASTERISK-29010: Allow disabling of FollowMe prompt
   Reported by: Dennis
     * [c111777756] Tzafrir Cohen -- followme: allow disabling callee prompt
     ----------------------------------------------------------------------
                      Commits Not Associated with an Issue
                                 [Back to Top]
   This is a list of all changes that went into this release that did not
   reference a JIRA issue.
   +------------------------------------------------------------------------+
   | Revision   | Author               | Summary                            |
   |------------+----------------------+------------------------------------|
   | 7a5b1ab47a | Asterisk Development | Update for 13.37.0-rc1             |
   |            | Team                 |                                    |
   |------------+----------------------+------------------------------------|
   | 8ccae31f5d | Asterisk Development | Update CHANGES and UPGRADE.txt for |
   |            | Team                 | 13.37.0                            |
   |------------+----------------------+------------------------------------|
   |            |                      | res_pjsip_session: Deferred        |
   | d649ab4a30 | Patrick Verzele      | re-INVITE without SDP send         |
   |            |                      | a=sendrecv instead of a=sendonly   |
   |------------+----------------------+------------------------------------|
   | bc615ee4c4 | George Joseph        | ast_coredumper: Fix issues with    |
   |            |                      | naming                             |
   |------------+----------------------+------------------------------------|
   | 384f2638b2 | Alexander Traud      | sip_nat_settings: Update script    |
   |            |                      | for latest Linux.                  |
   |------------+----------------------+------------------------------------|
   | 8055807be2 | Alexander Traud      | samples: Fix keep_alive_interval   |
   |            |                      | default in pjsip.conf.             |
   |------------+----------------------+------------------------------------|
   | c7df06a077 | George Joseph        | scope_trace: Updated macro stubs   |
   |            |                      | to match other branches            |
   +------------------------------------------------------------------------+
     ----------------------------------------------------------------------
                                Diffstat Results
                                 [Back to Top]
   This is a summary of the changes to the source code that went into this
   release that was generated using the diffstat utility.
 asterisk-13.36.0-summary.html          |   64 ---------
 asterisk-13.36.0-summary.txt           |  226 ---------------------------------
 b/.version                             |    2
 b/CHANGES                              |    9 +
 b/ChangeLog                            |  185 +++++++++++++++++++++++++--
 b/apps/app_followme.c                  |   90 ++++++++-----
 b/apps/app_queue.c                     |    1
 b/apps/app_voicemail.c                 |   30 +---
 b/asterisk-13.37.0-rc1-summary.html    |   66 +++++++++
 b/asterisk-13.37.0-rc1-summary.txt     |  224 ++++++++++++++++++++++++++++++++
 b/channels/pjsip/dialplan_functions.c  |    5
 b/configs/samples/followme.conf.sample |    8 +
 b/configs/samples/pjsip.conf.sample    |   10 -
 b/contrib/scripts/ast_coredumper       |    4
 b/contrib/scripts/sip_nat_settings     |   19 +-
 b/include/asterisk/frame.h             |    5
 b/include/asterisk/logger.h            |   81 ++++++++++-
 b/main/bridge_channel.c                |   37 +++++
 b/res/res_pjsip_diversion.c            |    6
 b/res/res_pjsip_session.c              |    5
 20 files changed, 694 insertions(+), 383 deletions(-)
--- a/asterisk-13.37.1-summary.html
+++ b/asterisk-13.37.1-summary.html
@@ -0,0 +1,22 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-13.37.1</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-13.37.1</h3><h3 align="center">Date: 2020-11-05</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
 <li><a href="#summary">Summary</a></li>
 <li><a href="#contributors">Contributors</a></li>
 <li><a href="#closed_issues">Closed Issues</a></li>
 <li><a href="#diffstat">Diffstat</a></li>
 </ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p><p>Security Advisories:</p><ul>
 <li><a href="http://downloads.asterisk.org/pub/security/AST-2020-001,AST-2020-002.html">AST-2020-001,AST-2020-002</a></li>
 </ul><p>The data in this summary reflects changes that have been made since the previous release, asterisk-13.37.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
 <tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
 <tr valign="top"><td width="33%">1 Kevin Harwell <kharwell@digium.com><br/>1 Ben Ford <bford@digium.com><br/></td><td width="33%"><td width="33%">1 Sandro Gauci <sandro@enablesecurity.com><br/>1 Sebastian Damm <damm@sipgate.de><br/></td></tr>
 </table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29057">ASTERISK-29057</a>: pjsip: Crash on call rejection during high load<br/>Reported by: Sandro Gauci<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1f169177ed8ef5f5c00e54bf669b9e50d4b2463d">[1f169177ed]</a> Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog locked and referenced</li>
 </ul><br><h3>Bug</h3><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29013">ASTERISK-29013</a>: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies<br/>Reported by: Sebastian Damm<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=66737026ef757c682ac1232a73c35abee98ff1c9">[66737026ef]</a> Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.</li>
 </ul><br><h4>Category: Resources/res_pjsip_authenticator_digest</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29013">ASTERISK-29013</a>: res_pjsip: Asterisk doesn't stop sending invites (with auth) on 407 replies<br/>Reported by: Sebastian Damm<ul>
 <li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=66737026ef757c682ac1232a73c35abee98ff1c9">[66737026ef]</a> Ben Ford -- AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.</li>
 </ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>include/asterisk/res_pjsip.h         |   46 ++++++++++++
 include/asterisk/res_pjsip_session.h |    2
 res/res_pjsip.c                      |   51 +++++++++++--
 res/res_pjsip_pubsub.c               |   10 ++
 res/res_pjsip_session.c              |  128 +++++++++++++++++++++++++++++++++--
 5 files changed, 220 insertions(+), 17 deletions(-)</pre><br></html>
--- a/asterisk-13.37.1-summary.txt
+++ b/asterisk-13.37.1-summary.txt
@@ -0,0 +1,107 @@
                                Release Summary
                                asterisk-13.37.1
                                Date: 2020-11-05
                           <asteriskteam@digium.com>
     ----------------------------------------------------------------------
                               Table of Contents
    1. Summary
    2. Contributors
    3. Closed Issues
    4. Diffstat
     ----------------------------------------------------------------------
                                    Summary
                                 [Back to Top]
   This release has been made to address one or more security vulnerabilities
   that have been identified. A security advisory document has been published
   for each vulnerability that includes additional information. Users of
   versions of Asterisk that are affected are strongly encouraged to review
   the advisories and determine what action they should take to protect their
   systems from these issues.
   Security Advisories:
     * AST-2020-001,AST-2020-002
   The data in this summary reflects changes that have been made since the
   previous release, asterisk-13.37.0.
     ----------------------------------------------------------------------
                                  Contributors
                                 [Back to Top]
   This table lists the people who have submitted code, those that have
   tested patches, as well as those that reported issues on the issue tracker
   that were resolved in this release. For coders, the number is how many of
   their patches (of any size) were committed into this release. For testers,
   the number is the number of times their name was listed as assisting with
   testing a patch. Finally, for reporters, the number is the number of
   issues that they reported that were affected by commits that went into
   this release.
   Coders                   Testers                  Reporters                
   1 Kevin Harwell                                   1 Sandro Gauci           
   1 Ben Ford                                        1 Sebastian Damm         
     ----------------------------------------------------------------------
                                 Closed Issues
                                 [Back to Top]
   This is a list of all issues from the issue tracker that were closed by
   changes that went into this release.
  Security
    Category: pjproject/pjsip
   ASTERISK-29057: pjsip: Crash on call rejection during high load
   Reported by: Sandro Gauci
     * [1f169177ed] Kevin Harwell -- AST-2020-001 - res_pjsip: Return dialog
       locked and referenced
  Bug
    Category: Resources/res_pjsip
   ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with
   auth) on 407 replies
   Reported by: Sebastian Damm
     * [66737026ef] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending
       INVITEs after challenge limit.
    Category: Resources/res_pjsip_authenticator_digest
   ASTERISK-29013: res_pjsip: Asterisk doesn't stop sending invites (with
   auth) on 407 replies
   Reported by: Sebastian Damm
     * [66737026ef] Ben Ford -- AST-2020-002 - res_pjsip: Stop sending
       INVITEs after challenge limit.
     ----------------------------------------------------------------------
                                Diffstat Results
                                 [Back to Top]
   This is a summary of the changes to the source code that went into this
   release that was generated using the diffstat utility.
 include/asterisk/res_pjsip.h         |   46 ++++++++++++
 include/asterisk/res_pjsip_session.h |    2
 res/res_pjsip.c                      |   51 +++++++++++--
 res/res_pjsip_pubsub.c               |   10 ++
 res/res_pjsip_session.c              |  128 +++++++++++++++++++++++++++++++++--
 5 files changed, 220 insertions(+), 17 deletions(-)
--- a/include/asterisk/res_pjsip.h
+++ b/include/asterisk/res_pjsip.h
@@ -75,6 +75,9 @@ struct pjsip_tpselector;
 /*! \brief Maximum number of ciphers supported for a TLS transport */
 #define SIP_TLS_MAX_CIPHERS 64
 /*! Maximum number of challenges before assuming that we are in a loop */
 #define MAX_RX_CHALLENGES	10
 /*!
 * \brief Structure for SIP transport information
 */
@@ -1953,12 +1956,55 @@ pjsip_dialog *ast_sip_create_dialog_uac(const struct ast_sip_endpoint *endpoint,
 /*!
 * \brief General purpose method for creating a UAS dialog with an endpoint
 *
 * \deprecated This function is unsafe (due to the returned object not being locked nor
 *             having its reference incremented) and should no longer be used. Instead
 *             use ast_sip_create_dialog_uas_locked so a properly locked and referenced
 *             object is returned.
 *
 * \param endpoint A pointer to the endpoint
 * \param rdata The request that is starting the dialog
 * \param[out] status On failure, the reason for failure in creating the dialog
 */
 pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pj_status_t *status);
 /*!
 * \brief General purpose method for creating a UAS dialog with an endpoint
 *
 * This function creates and returns a locked, and referenced counted pjsip
 * dialog object. The caller is thus responsible for freeing the allocated
 * memory, decrementing the reference, and releasing the lock when done with
 * the returned object.
 *
 * \note The safest way to unlock the object, and decrement its reference is by
 *       calling pjsip_dlg_dec_lock. Alternatively, pjsip_dlg_dec_session can be
 *       used to decrement the reference only.
 *
 * The dialog is returned locked and with a reference in order to ensure that the
 * dialog object, and any of its associated objects (e.g. transaction) are not
 * untimely destroyed. For instance, that could happen when a transport error
 * occurs.
 *
 * As long as the caller maintains a reference to the dialog there should be no
 * worry that it might unknowningly be destroyed. However, once the caller unlocks
 * the dialog there is a danger that some of the dialog's internal objects could
 * be lost and/or compromised. For example, when the aforementioned transport error
 * occurs the dialog's associated transaction gets destroyed (see pjsip_dlg_on_tsx_state
 * in sip_dialog.c, and mod_inv_on_tsx_state in sip_inv.c).
 *
 * In this case and before using the dialog again the caller should re-lock the
 * dialog, check to make sure the dialog is still established, and the transaction
 * still exists and has not been destroyed.
 *
 * \param endpoint A pointer to the endpoint
 * \param rdata The request that is starting the dialog
 * \param[out] status On failure, the reason for failure in creating the dialog
 *
 * \retval A locked, and reference counted pjsip_dialog object.
 * \retval NULL on failure
 */
 pjsip_dialog *ast_sip_create_dialog_uas_locked(const struct ast_sip_endpoint *endpoint,
 	pjsip_rx_data *rdata, pj_status_t *status);
 /*!
 * \brief General purpose method for creating an rdata structure using specific information
 * \since 13.15.0
--- a/include/asterisk/res_pjsip_session.h
+++ b/include/asterisk/res_pjsip_session.h
@@ -171,6 +171,8 @@ struct ast_sip_session {
 	pjsip_uri *request_uri;
 	/*! Joint capabilities */
 	struct ast_format_cap *joint_caps;
 	/*! Number of challenges received during outgoing requests to determine if we are in a loop */
 	unsigned int authentication_challenge_count:4;
 };
 typedef int (*ast_sip_session_request_creation_cb)(struct ast_sip_session *session, pjsip_tx_data *tdata);
--- a/res/res_pjsip.c
+++ b/res/res_pjsip.c
@@ -3459,7 +3459,11 @@ static int uas_use_sips_contact(pjsip_rx_data *rdata)
 	return 0;
 }
-pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pj_status_t *status)
+typedef pj_status_t (*create_dlg_uac)(pjsip_user_agent *ua, pjsip_rx_data *rdata,
 	const pj_str_t *contact, pjsip_dialog **p_dlg);
 static pjsip_dialog *create_dialog_uas(const struct ast_sip_endpoint *endpoint,
 	pjsip_rx_data *rdata, pj_status_t *status, create_dlg_uac create_fun)
 {
 	pjsip_dialog *dlg;
 	pj_str_t contact;
@@ -3494,11 +3498,7 @@ pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint,
 			(type != PJSIP_TRANSPORT_UDP && type != PJSIP_TRANSPORT_UDP6) ? ";transport=" : "",
 			(type != PJSIP_TRANSPORT_UDP && type != PJSIP_TRANSPORT_UDP6) ? pjsip_transport_get_type_name(type) : "");
-#ifdef HAVE_PJSIP_DLG_CREATE_UAS_AND_INC_LOCK
+	*status = create_fun(pjsip_ua_instance(), rdata, &contact, &dlg);
 	*status = pjsip_dlg_create_uas_and_inc_lock(pjsip_ua_instance(), rdata, &contact, &dlg);
 #else
 	*status = pjsip_dlg_create_uas(pjsip_ua_instance(), rdata, &contact, &dlg);
 #endif
 	if (*status != PJ_SUCCESS) {
 		char err[PJ_ERR_MSG_SIZE];
@@ -3511,13 +3511,48 @@ pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint,
 	dlg->sess_count++;
 	pjsip_dlg_set_transport(dlg, &selector);
 	dlg->sess_count--;
 #ifdef HAVE_PJSIP_DLG_CREATE_UAS_AND_INC_LOCK
 	pjsip_dlg_dec_lock(dlg);
 #endif
 	return dlg;
 }
 pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pj_status_t *status)
 {
 #ifdef HAVE_PJSIP_DLG_CREATE_UAS_AND_INC_LOCK
 	pjsip_dialog *dlg;
 	dlg = create_dialog_uas(endpoint, rdata, status, pjsip_dlg_create_uas_and_inc_lock);
 	if (dlg) {
 		pjsip_dlg_dec_lock(dlg);
 	}
 	return dlg;
 #else
 	return create_dialog_uas(endpoint, rdata, status, pjsip_dlg_create_uas);
 #endif
 }
 pjsip_dialog *ast_sip_create_dialog_uas_locked(const struct ast_sip_endpoint *endpoint,
 	pjsip_rx_data *rdata, pj_status_t *status)
 {
 #ifdef HAVE_PJSIP_DLG_CREATE_UAS_AND_INC_LOCK
 	return create_dialog_uas(endpoint, rdata, status, pjsip_dlg_create_uas_and_inc_lock);
 #else
 	/*
 	 * This is put here in order to be compatible with older versions of pjproject.
 	 * Best we can do in this case is immediately lock after getting the dialog.
 	 * However, that does leave a "gap" between creating and locking.
 	 */
 	pjsip_dialog *dlg;
 	dlg = create_dialog_uas(endpoint, rdata, status, pjsip_dlg_create_uas);
 	if (dlg) {
 		pjsip_dlg_inc_lock(dlg);
 	}
 	return dlg;
 #endif
 }
 int ast_sip_create_rdata_with_contact(pjsip_rx_data *rdata, char *packet, const char *src_name, int src_port,
 	char *transport_type, const char *local_name, int local_port, const char *contact)
 {
@@ -3829,8 +3864,6 @@ static pj_bool_t does_method_match(const pj_str_t *message_method, const char *s
 	return pj_stristr(&method, message_method) ? PJ_TRUE : PJ_FALSE;
 }
 /*! Maximum number of challenges before assuming that we are in a loop */
 #define MAX_RX_CHALLENGES	10
 #define TIMER_INACTIVE		0
 #define TIMEOUT_TIMER2		5
--- a/res/res_pjsip_pubsub.c
+++ b/res/res_pjsip_pubsub.c
@@ -1500,7 +1500,7 @@ static struct sip_subscription_tree *create_subscription_tree(const struct ast_s
 	}
 	sub_tree->role = AST_SIP_NOTIFIER;
-	dlg = ast_sip_create_dialog_uas(endpoint, rdata, dlg_status);
+	dlg = ast_sip_create_dialog_uas_locked(endpoint, rdata, dlg_status);
 	if (!dlg) {
 		if (*dlg_status != PJ_EEXISTS) {
 			ast_log(LOG_WARNING, "Unable to create dialog for SIP subscription\n");
@@ -1521,8 +1521,16 @@ static struct sip_subscription_tree *create_subscription_tree(const struct ast_s
 	}
 	pjsip_evsub_create_uas(dlg, &pubsub_cb, rdata, 0, &sub_tree->evsub);
 	subscription_setup_dialog(sub_tree, dlg);
 	/*
 	 * The evsub and subscription setup both add dialog refs, so the dialog ref that
 	 * was added when the dialog was created (see ast_sip_create_dialog_uas_lock) can
 	 * now be removed. The lock should no longer be needed so can be removed too.
 	 */
 	pjsip_dlg_dec_lock(dlg);
 #ifdef HAVE_PJSIP_EVSUB_GRP_LOCK
 	pjsip_evsub_add_ref(sub_tree->evsub);
 #endif
--- a/res/res_pjsip_session.c
+++ b/res/res_pjsip_session.c
@@ -1210,7 +1210,6 @@ static pjsip_module session_reinvite_module = {
 	.on_rx_request = session_reinvite_on_rx_request,
 };
 void ast_sip_session_send_request_with_cb(struct ast_sip_session *session, pjsip_tx_data *tdata,
 		ast_sip_session_response_cb on_response)
 {
@@ -1508,12 +1507,17 @@ struct ast_sip_session *ast_sip_session_alloc(struct ast_sip_endpoint *endpoint,
 		ao2_ref(session, -1);
 		return NULL;
 	}
 	/* Track the number of challenges received on outbound requests */
 	session->authentication_challenge_count = 0;
 	AST_LIST_TRAVERSE(&session->supplements, iter, next) {
 		if (iter->session_begin) {
 			iter->session_begin(session);
 		}
 	}
 	/* Avoid unnecessary ref manipulation to return a session */
 	ret_session = session;
 	session = NULL;
@@ -1680,6 +1684,11 @@ static pj_bool_t outbound_invite_auth(pjsip_rx_data *rdata)
 	session = inv->mod_data[session_module.id];
 	if (++session->authentication_challenge_count > MAX_RX_CHALLENGES) {
 		ast_debug(3, "Initial INVITE reached maximum number of auth attempts.\n");
 		return PJ_FALSE;
 	}
 	if (ast_sip_create_request_with_auth(&session->endpoint->outbound_auths, rdata, tsx,
 		&tdata)) {
 		return PJ_FALSE;
@@ -2086,6 +2095,75 @@ static enum sip_get_destination_result get_destination(struct ast_sip_session *s
 	return SIP_GET_DEST_EXTEN_NOT_FOUND;
 }
 /*
 * /internal
 * /brief Process initial answer for an incoming invite
 *
 * This function should only be called during the setup, and handling of a
 * new incoming invite. Most, if not all of the time, this will be called
 * when an error occurs and we need to respond as such.
 *
 * When a SIP session termination code is given for the answer it's assumed
 * this call then will be the final bit of processing before ending session
 * setup. As such, we've been holding a lock, and a reference on the invite
 * session's dialog. So before returning this function removes that reference,
 * and unlocks the dialog.
 *
 * \param inv_session The session on which to answer
 * \param rdata The original request
 * \param answer_code The answer's numeric code
 * \param terminate_code The termination code if the answer fails
 * \param notify Whether or not to call on_state_changed
 *
 * \retval 0 if invite successfully answered, -1 if an error occurred
 */
 static int new_invite_initial_answer(pjsip_inv_session *inv_session, pjsip_rx_data *rdata,
 	int answer_code, int terminate_code, pj_bool_t notify)
 {
 	pjsip_tx_data *tdata = NULL;
 	int res = 0;
 	if (inv_session->state != PJSIP_INV_STATE_DISCONNECTED) {
 		if (pjsip_inv_initial_answer(
 				inv_session, rdata, answer_code, NULL, NULL, &tdata) != PJ_SUCCESS) {
 			pjsip_inv_terminate(inv_session, terminate_code ? terminate_code : answer_code, notify);
 			res = -1;
 		} else {
 			pjsip_inv_send_msg(inv_session, tdata);
 		}
 	}
 	if (answer_code >= 300) {
 		/*
 		 * A session is ending. The dialog has a reference that needs to be
 		 * removed and holds a lock that needs to be unlocked before returning.
 		 */
 		pjsip_dlg_dec_lock(inv_session->dlg);
 	}
 	return res;
 }
 /*
 * /internal
 * /brief Create and initialize a pjsip invite session
 * pjsip_inv_session adds, and maintains a reference to the dialog upon a successful
 * invite session creation until the session is destroyed. However, we'll wait to
 * remove the reference that was added for the dialog when it gets created since we're
 * not ready to unlock the dialog in this function.
 *
 * So, if this function successfully returns that means it returns with its newly
 * created, and associated dialog locked and with two references (i.e. dialog's
 * reference count should be 2).
 *
 * \param endpoint A pointer to the endpoint
 * \param rdata The request that is starting the dialog
 *
 * \retval A pjsip invite session object
 * \retval NULL on error
 */
 static pjsip_inv_session *pre_session_setup(pjsip_rx_data *rdata, const struct ast_sip_endpoint *endpoint)
 {
 	pjsip_tx_data *tdata;
@@ -2104,15 +2182,28 @@ static pjsip_inv_session *pre_session_setup(pjsip_rx_data *rdata, const struct a
 		}
 		return NULL;
 	}
-	dlg = ast_sip_create_dialog_uas(endpoint, rdata, &dlg_status);
+
 	dlg = ast_sip_create_dialog_uas_locked(endpoint, rdata, &dlg_status);
 	if (!dlg) {
 		if (dlg_status != PJ_EEXISTS) {
 			pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
 		}
 		return NULL;
 	}
 	/*
 	 * The returned dialog holds a lock and has a reference added. Any paths where the
 	 * dialog invite session is not returned must unlock the dialog and remove its reference.
 	 */
 	if (pjsip_inv_create_uas(dlg, rdata, NULL, options, &inv_session) != PJ_SUCCESS) {
 		pjsip_endpt_respond_stateless(ast_sip_get_pjsip_endpoint(), rdata, 500, NULL, NULL, NULL);
 		/*
 		 * The acquired dialog holds a lock, and a reference. Since the dialog is not
 		 * going to be returned here it must first be unlocked and de-referenced. This
 		 * must be done prior to calling dialog termination.
 		 */
 		pjsip_dlg_dec_lock(dlg);
 		pjsip_dlg_terminate(dlg);
 		return NULL;
 	}
@@ -2121,12 +2212,13 @@ static pjsip_inv_session *pre_session_setup(pjsip_rx_data *rdata, const struct a
 	inv_session->sdp_neg_flags = PJMEDIA_SDP_NEG_ALLOW_MEDIA_CHANGE;
 #endif
 	if (pjsip_dlg_add_usage(dlg, &session_module, NULL) != PJ_SUCCESS) {
-		if (pjsip_inv_initial_answer(inv_session, rdata, 500, NULL, NULL, &tdata) != PJ_SUCCESS) {
+		/* Dialog's lock and a reference are removed in new_invite_initial_answer */
-			pjsip_inv_terminate(inv_session, 500, PJ_FALSE);
+		new_invite_initial_answer(inv_session, rdata, 500, 500, PJ_FALSE);
-		}
+		/* Remove 2nd reference added at inv_session creation */
-		pjsip_inv_send_msg(inv_session, tdata);
+		pjsip_dlg_dec_session(inv_session->dlg, &session_module);
 		return NULL;
 	}
 	return inv_session;
 }
@@ -2328,7 +2420,6 @@ static void handle_new_invite_request(pjsip_rx_data *rdata)
 {
 	RAII_VAR(struct ast_sip_endpoint *, endpoint,
 			ast_pjsip_rdata_get_endpoint(rdata), ao2_cleanup);
 	pjsip_tx_data *tdata = NULL;
 	pjsip_inv_session *inv_session = NULL;
 	struct ast_sip_session *session;
 	struct new_invite invite;
@@ -2341,27 +2432,48 @@ static void handle_new_invite_request(pjsip_rx_data *rdata)
 		return;
 	}
 	/*
 	 * Upon a successful pre_session_setup the associated dialog is returned locked
 	 * and with an added reference. Well actually two references. One added when the
 	 * dialog itself was created, and another added when the pjsip invite session was
 	 * created and the dialog was added to it.
 	 *
 	 * In order to ensure the dialog's, and any of its internal attributes, lifetimes
 	 * we'll hold the lock and maintain the reference throughout the entire new invite
 	 * handling process. See ast_sip_create_dialog_uas_locked for more details but,
 	 * basically we do this to make sure a transport failure does not destroy the dialog
 	 * and/or transaction out from underneath us between pjsip calls. Alternatively, we
 	 * could probably release the lock if we needed to, but then we'd have to re-lock and
 	 * check the dialog and transaction prior to every pjsip call.
 	 *
 	 * That means any off nominal/failure paths in this function must remove the associated
 	 * dialog reference added at dialog creation, and remove the lock. As well the
 	 * referenced pjsip invite session must be "cleaned up", which should also then
 	 * remove its reference to the dialog at that time.
 	 *
 	 * Nominally we'll unlock the dialog, and release the reference when all new invite
 	 * process handling has successfully completed.
 	 */
 #ifdef HAVE_PJSIP_INV_SESSION_REF
 	if (pjsip_inv_add_ref(inv_session) != PJ_SUCCESS) {
 		ast_log(LOG_ERROR, "Can't increase the session reference counter\n");
-		if (inv_session->state != PJSIP_INV_STATE_DISCONNECTED) {
+		/* Dialog's lock and a reference are removed in new_invite_initial_answer */
-			if (pjsip_inv_initial_answer(inv_session, rdata, 500, NULL, NULL, &tdata) == PJ_SUCCESS) {
+		if (!new_invite_initial_answer(inv_session, rdata, 500, 500, PJ_FALSE)) {
-				pjsip_inv_terminate(inv_session, 500, PJ_FALSE);
+			/* Terminate the session if it wasn't done in the answer */
-			} else {
+			pjsip_inv_terminate(inv_session, 500, PJ_FALSE);
 				pjsip_inv_send_msg(inv_session, tdata);
 			}
 		}
 		return;
 	}
 #endif
 	session = ast_sip_session_alloc(endpoint, NULL, inv_session, rdata);
 	if (!session) {
-		if (pjsip_inv_initial_answer(inv_session, rdata, 500, NULL, NULL, &tdata) == PJ_SUCCESS) {
+		/* Dialog's lock and reference are removed in new_invite_initial_answer */
 		if (!new_invite_initial_answer(inv_session, rdata, 500, 500, PJ_FALSE)) {
 			/* Terminate the session if it wasn't done in the answer */
 			pjsip_inv_terminate(inv_session, 500, PJ_FALSE);
 		} else {
 			pjsip_inv_send_msg(inv_session, tdata);
 		}
 #ifdef HAVE_PJSIP_INV_SESSION_REF
 		pjsip_inv_dec_ref(inv_session);
 #endif
@@ -2379,6 +2491,17 @@ static void handle_new_invite_request(pjsip_rx_data *rdata)
 	invite.rdata = rdata;
 	new_invite(&invite);
 	/*
 	 * The dialog lock and reference added at dialog creation time must be
 	 * maintained throughout the new invite process. Since we're pretty much
 	 * done at this point with things it's safe to go ahead and remove the lock
 	 * and the reference here. See ast_sip_create_dialog_uas_locked for more info.
 	 *
 	 * Note, any future functionality added that does work using the dialog must
 	 * be done before this.
 	 */
 	pjsip_dlg_dec_lock(inv_session->dlg);
 	ao2_ref(session, -1);
 }
@@ -2882,6 +3005,7 @@ static void session_inv_on_tsx_state_changed(pjsip_inv_session *inv, pjsip_trans
 						ast_debug(1, "reINVITE received final response code %d\n",
 							tsx->status_code);
 						if ((tsx->status_code == 401 || tsx->status_code == 407)
 							&& ++session->authentication_challenge_count < MAX_RX_CHALLENGES
 							&& !ast_sip_create_request_with_auth(
 								&session->endpoint->outbound_auths,
 								e->body.tsx_state.src.rdata, tsx, &tdata)) {
@@ -2976,6 +3100,7 @@ static void session_inv_on_tsx_state_changed(pjsip_inv_session *inv, pjsip_trans
 						(int) pj_strlen(&tsx->method.name), pj_strbuf(&tsx->method.name),
 						tsx->status_code);
 					if ((tsx->status_code == 401 || tsx->status_code == 407)
 						&& ++session->authentication_challenge_count < MAX_RX_CHALLENGES
 						&& !ast_sip_create_request_with_auth(
 							&session->endpoint->outbound_auths,
 							e->body.tsx_state.src.rdata, tsx, &tdata)) {