Update for 16.6.0-rc2

We've found a connection re-use regression in pjproject 2.9
introduced by commit
"Close #1019: Support for multiple listeners."
https://trac.pjsip.org/repos/changeset/6002
https://trac.pjsip.org/repos/ticket/1019

Normally, multiple SSL requests should reuse the same connection
if one already exists to the remote server.  When a transport
error occurs, the next request should establish a new connection
and any following requests should use that same one.  With this
patch, when a transport error occurs, every new request creates
a new connection so you can wind up with thousands of open tcp
sockets, possibly exhausting file handles, and increasing memory
usage.

Reverting pjproject commit 6002 (and related 6021) restores the
expected behavior.

We also found a memory leak in SSL processing that was introduced by
commit
"Fixed #2204: Add OpenSSL remote certificate chain info"
https://trac.pjsip.org/repos/changeset/6014
https://trac.pjsip.org/repos/ticket/2204

Apparently the remote certificate chain is continually recreated
causing the leak.

Reverting pjproject commit 6014 (and related 6022) restores the
expected behavior.

Both of these issues have been acknowledged by Teluu.

ASTERISK-28521

Change-Id: I8ae7233c3ac4ec29a3b991f738e655dabcaba9f1

.lastclean

@@ -0,0 +1 @@
+40

.version

@@ -0,0 +1 @@
+16.6.0-rc2

asterisk-16.6.0-rc2-summary.html

@@ -0,0 +1,26 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-16.6.0-rc2</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-16.6.0-rc2</h3><h3 align="center">Date: 2019-09-25</h3><h3 align="center">&lt;asteriskteam@digium.com&gt;</h3><hr><h2 align="center">Table of Contents</h2><ol>
+<li><a href="#summary">Summary</a></li>
+<li><a href="#contributors">Contributors</a></li>
+<li><a href="#closed_issues">Closed Issues</a></li>
+<li><a href="#diffstat">Diffstat</a></li>
+</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-16.6.0-rc1.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
+<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
+<tr valign="top"><td width="33%">1 Kevin Harwell <kharwell@digium.com><br/>1 Guido Falsi <madpilot@FreeBSD.org><br/>1 George Joseph <gjoseph@digium.com><br/>1 Joshua Colp <jcolp@digium.com><br/></td><td width="33%"><td width="33%">1 Guido Falsi <madpilot@freebsd.org><br/>1 Joshua C. Colp <jcolp@digium.com><br/>1 Cyril Ramière <cyril.ramiere@ino.global><br/>1 Mark <mark@wrapped.cx><br/></td></tr>
+</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Bug</h3><h4>Category: Channels/chan_dahdi</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28536">ASTERISK-28536</a>: Asterisk release candidates fail to build on FreeBSD<br/>Reported by: Guido Falsi<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8931669b37d4edc9a27de42eb3529b13326bec78">[8931669b37]</a> Guido Falsi -- chan_dahdi: Fix build with clang/llvm</li>
+</ul><br><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28538">ASTERISK-28538</a>: chan_pjsip: Deadlock on fax detection<br/>Reported by: Joshua C. Colp<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=deb45228c817e6db71f75d7af65ffe1f91e3e9fb">[deb45228c8]</a> Joshua Colp -- chan_pjsip: Relock correct channel during "fax" redirect.</li>
+</ul><br><h4>Category: General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28523">ASTERISK-28523</a>: Asterisk 16.5.0 Memory leak<br/>Reported by: Cyril Ramière<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=6b072ab08cb067b5ecba32b94a541e2f827a2b78">[6b072ab08c]</a> Kevin Harwell -- res_sorcery_memory_cache: stale item update leak</li>
+</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28521">ASTERISK-28521</a>: pjsip: Memory Leak<br/>Reported by: Mark<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2b75c4fc514c3a6e2fcb5d89a47ea552764d5992">[2b75c4fc51]</a> George Joseph -- pjproject_bundled:  Revert pjproject 2.9 commits causing leaks</li>
+</ul><br><h4>Category: Resources/res_pjsip_outbound_registration</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28521">ASTERISK-28521</a>: pjsip: Memory Leak<br/>Reported by: Mark<ul>
+<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2b75c4fc514c3a6e2fcb5d89a47ea552764d5992">[2b75c4fc51]</a> George Joseph -- pjproject_bundled:  Revert pjproject 2.9 commits causing leaks</li>
+</ul><br><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>channels/chan_dahdi.c                                                                         |   10
+channels/chan_pjsip.c                                                                         |   38
+res/res_sorcery_memory_cache.c                                                                |    1
+third-party/pjproject/patches/0030-Revert-Misc-re-2147-Fixed-warnings-in-SSL-socket-red.patch |   60
+third-party/pjproject/patches/0031-Revert-Fixed-2204-Add-OpenSSL-remote-certificate-cha.patch |   84
+third-party/pjproject/patches/0032-Revert-Re-2147-misc-Fix-failed-pjsip-test-transport_.patch |   64
+third-party/pjproject/patches/0033-Revert-Close-1019-Support-for-multiple-listeners.patch     |  968 ++++++++++
+7 files changed, 1207 insertions(+), 18 deletions(-)</pre><br></html>

asterisk-16.6.0-rc2-summary.txt

@@ -0,0 +1,118 @@
+                                Release Summary
+
+                              asterisk-16.6.0-rc2
+
+                                Date: 2019-09-25
+
+                           <asteriskteam@digium.com>
+
+     ----------------------------------------------------------------------
+
+                               Table of Contents
+
+    1. Summary
+    2. Contributors
+    3. Closed Issues
+    4. Diffstat
+
+     ----------------------------------------------------------------------
+
+                                    Summary
+
+                                 [Back to Top]
+
+   This release is a point release of an existing major version. The changes
+   included were made to address problems that have been identified in this
+   release series, or are minor, backwards compatible new features or
+   improvements. Users should be able to safely upgrade to this version if
+   this release series is already in use. Users considering upgrading from a
+   previous version are strongly encouraged to review the UPGRADE.txt
+   document as well as the CHANGES document for information about upgrading
+   to this release series.
+
+   The data in this summary reflects changes that have been made since the
+   previous release, asterisk-16.6.0-rc1.
+
+     ----------------------------------------------------------------------
+
+                                  Contributors
+
+                                 [Back to Top]
+
+   This table lists the people who have submitted code, those that have
+   tested patches, as well as those that reported issues on the issue tracker
+   that were resolved in this release. For coders, the number is how many of
+   their patches (of any size) were committed into this release. For testers,
+   the number is the number of times their name was listed as assisting with
+   testing a patch. Finally, for reporters, the number is the number of
+   issues that they reported that were affected by commits that went into
+   this release.
+
+   Coders                   Testers                  Reporters                
+   1 Kevin Harwell                                   1 Guido Falsi            
+   1 Guido Falsi                                     1 Joshua C. Colp         
+   1 George Joseph                                   1 Cyril Ramière         
+   1 Joshua Colp                                     1 Mark                   
+
+     ----------------------------------------------------------------------
+
+                                 Closed Issues
+
+                                 [Back to Top]
+
+   This is a list of all issues from the issue tracker that were closed by
+   changes that went into this release.
+
+  Bug
+
+    Category: Channels/chan_dahdi
+
+   ASTERISK-28536: Asterisk release candidates fail to build on FreeBSD
+   Reported by: Guido Falsi
+     * [8931669b37] Guido Falsi -- chan_dahdi: Fix build with clang/llvm
+
+    Category: Channels/chan_pjsip
+
+   ASTERISK-28538: chan_pjsip: Deadlock on fax detection
+   Reported by: Joshua C. Colp
+     * [deb45228c8] Joshua Colp -- chan_pjsip: Relock correct channel during
+       "fax" redirect.
+
+    Category: General
+
+   ASTERISK-28523: Asterisk 16.5.0 Memory leak
+   Reported by: Cyril Ramière
+     * [6b072ab08c] Kevin Harwell -- res_sorcery_memory_cache: stale item
+       update leak
+
+    Category: Resources/res_pjsip
+
+   ASTERISK-28521: pjsip: Memory Leak
+   Reported by: Mark
+     * [2b75c4fc51] George Joseph -- pjproject_bundled: Revert pjproject 2.9
+       commits causing leaks
+
+    Category: Resources/res_pjsip_outbound_registration
+
+   ASTERISK-28521: pjsip: Memory Leak
+   Reported by: Mark
+     * [2b75c4fc51] George Joseph -- pjproject_bundled: Revert pjproject 2.9
+       commits causing leaks
+
+     ----------------------------------------------------------------------
+
+                                Diffstat Results
+
+                                 [Back to Top]
+
+   This is a summary of the changes to the source code that went into this
+   release that was generated using the diffstat utility.
+
+ channels/chan_dahdi.c                                                                         |   10
+ channels/chan_pjsip.c                                                                         |   38
+ res/res_sorcery_memory_cache.c                                                                |    1
+ third-party/pjproject/patches/0030-Revert-Misc-re-2147-Fixed-warnings-in-SSL-socket-red.patch |   60
+ third-party/pjproject/patches/0031-Revert-Fixed-2204-Add-OpenSSL-remote-certificate-cha.patch |   84
+ third-party/pjproject/patches/0032-Revert-Re-2147-misc-Fix-failed-pjsip-test-transport_.patch |   64
+ third-party/pjproject/patches/0033-Revert-Close-1019-Support-for-multiple-listeners.patch     |  968 ++++++++++
+ 7 files changed, 1207 insertions(+), 18 deletions(-)

channels/chan_dahdi.c

@@ -15165,10 +15165,12 @@ static void mfcr2_show_links_of(struct ast_cli_args *a, struct r2links *list_hea
 			int channo;
 			int prev_channo;
 			x++;
-			switch (mfcr2->r2master) {
-			case 0L: thread_status = "zero"; break;
-			case AST_PTHREADT_NULL: thread_status = "none"; break;
-			default: thread_status = "created"; break;
+			if (mfcr2->r2master == 0L) {
+				thread_status = "zero";
+			} else if (mfcr2->r2master == AST_PTHREADT_NULL) {
+				thread_status = "none";
+			} else {
+				thread_status = "created";
 			}
 			snprintf(index, sizeof(index), "%d", mfcr2->index);
 			snprintf(live_chans_str, sizeof(live_chans_str), "%d", mfcr2->live_chans);

channels/chan_pjsip.c

@@ -749,7 +749,8 @@ static int chan_pjsip_answer(struct ast_channel *ast)
 }
 
 /*! \brief Internal helper function called when CNG tone is detected */
-static struct ast_frame *chan_pjsip_cng_tone_detected(struct ast_sip_session *session, struct ast_frame *f)
+static struct ast_frame *chan_pjsip_cng_tone_detected(struct ast_channel *ast, struct ast_sip_session *session,
+	struct ast_frame *f)
 {
 	const char *target_context;
 	int exists;
@@ -765,11 +766,11 @@ static struct ast_frame *chan_pjsip_cng_tone_detected(struct ast_sip_session *se
 	}
 
 	/* If already executing in the fax extension don't do anything */
-	if (!strcmp(ast_channel_exten(session->channel), "fax")) {
+	if (!strcmp(ast_channel_exten(ast), "fax")) {
 		return f;
 	}
 
-	target_context = S_OR(ast_channel_macrocontext(session->channel), ast_channel_context(session->channel));
+	target_context = S_OR(ast_channel_macrocontext(ast), ast_channel_context(ast));
 
 	/*
 	 * We need to unlock the channel here because ast_exists_extension has the
@@ -778,25 +779,30 @@ static struct ast_frame *chan_pjsip_cng_tone_detected(struct ast_sip_session *se
 	 *
 	 * ast_async_goto() has its own restriction on not holding the channel lock.
 	 */
-	ast_channel_unlock(session->channel);
+	ast_channel_unlock(ast);
 	ast_frfree(f);
 	f = &ast_null_frame;
-	exists = ast_exists_extension(session->channel, target_context, "fax", 1,
-		S_COR(ast_channel_caller(session->channel)->id.number.valid,
-			ast_channel_caller(session->channel)->id.number.str, NULL));
+	exists = ast_exists_extension(ast, target_context, "fax", 1,
+		S_COR(ast_channel_caller(ast)->id.number.valid,
+			ast_channel_caller(ast)->id.number.str, NULL));
 	if (exists) {
 		ast_verb(2, "Redirecting '%s' to fax extension due to CNG detection\n",
-			ast_channel_name(session->channel));
-		pbx_builtin_setvar_helper(session->channel, "FAXEXTEN", ast_channel_exten(session->channel));
-		if (ast_async_goto(session->channel, target_context, "fax", 1)) {
+			ast_channel_name(ast));
+		pbx_builtin_setvar_helper(ast, "FAXEXTEN", ast_channel_exten(ast));
+		if (ast_async_goto(ast, target_context, "fax", 1)) {
 			ast_log(LOG_ERROR, "Failed to async goto '%s' into fax extension in '%s'\n",
-				ast_channel_name(session->channel), target_context);
+				ast_channel_name(ast), target_context);
 		}
 	} else {
 		ast_log(LOG_NOTICE, "FAX CNG detected on '%s' but no fax extension in '%s'\n",
-			ast_channel_name(session->channel), target_context);
+			ast_channel_name(ast), target_context);
 	}
-	ast_channel_lock(session->channel);
+
+	/* It's possible for a masquerade to have occurred when doing the ast_async_goto resulting in
+	 * the channel on the session having changed. Since we need to return with the original channel
+	 * locked we lock the channel that was passed in and not session->channel.
+	 */
+	ast_channel_lock(ast);
 
 	return f;
 }
@@ -895,7 +901,11 @@ static struct ast_frame *chan_pjsip_read_stream(struct ast_channel *ast)
 			if (f->subclass.integer == 'f') {
 				ast_debug(3, "Channel driver fax CNG detected on %s\n",
 					ast_channel_name(ast));
-				f = chan_pjsip_cng_tone_detected(session, f);
+				f = chan_pjsip_cng_tone_detected(ast, session, f);
+				/* When chan_pjsip_cng_tone_detected returns it is possible for the
+				 * channel pointed to by ast and by session->channel to differ due to a
+				 * masquerade. It's best not to touch things after this.
+				 */
 			} else {
 				ast_debug(3, "* Detected inband DTMF '%c' on '%s'\n", f->subclass.integer,
 					ast_channel_name(ast));

contrib/realtime/mysql/mysql_cdr.sql

@@ -0,0 +1,41 @@
+CREATE TABLE alembic_version (
+    version_num VARCHAR(32) NOT NULL, 
+    CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
+);
+
+-- Running upgrade  -> 210693f3123d
+
+CREATE TABLE cdr (
+    accountcode VARCHAR(20), 
+    src VARCHAR(80), 
+    dst VARCHAR(80), 
+    dcontext VARCHAR(80), 
+    clid VARCHAR(80), 
+    channel VARCHAR(80), 
+    dstchannel VARCHAR(80), 
+    lastapp VARCHAR(80), 
+    lastdata VARCHAR(80), 
+    start DATETIME, 
+    answer DATETIME, 
+    end DATETIME, 
+    duration INTEGER, 
+    billsec INTEGER, 
+    disposition VARCHAR(45), 
+    amaflags VARCHAR(45), 
+    userfield VARCHAR(256), 
+    uniqueid VARCHAR(150), 
+    linkedid VARCHAR(150), 
+    peeraccount VARCHAR(20), 
+    sequence INTEGER
+);
+
+INSERT INTO alembic_version (version_num) VALUES ('210693f3123d');
+
+-- Running upgrade 210693f3123d -> 54cde9847798
+
+ALTER TABLE cdr MODIFY accountcode VARCHAR(80) NULL;
+
+ALTER TABLE cdr MODIFY peeraccount VARCHAR(80) NULL;
+
+UPDATE alembic_version SET version_num='54cde9847798' WHERE alembic_version.version_num = '210693f3123d';
+

contrib/realtime/mysql/mysql_voicemail.sql

@@ -0,0 +1,35 @@
+CREATE TABLE alembic_version (
+    version_num VARCHAR(32) NOT NULL, 
+    CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
+);
+
+-- Running upgrade  -> a2e9769475e
+
+CREATE TABLE voicemail_messages (
+    dir VARCHAR(255) NOT NULL, 
+    msgnum INTEGER NOT NULL, 
+    context VARCHAR(80), 
+    macrocontext VARCHAR(80), 
+    callerid VARCHAR(80), 
+    origtime INTEGER, 
+    duration INTEGER, 
+    recording BLOB, 
+    flag VARCHAR(30), 
+    category VARCHAR(30), 
+    mailboxuser VARCHAR(30), 
+    mailboxcontext VARCHAR(30), 
+    msg_id VARCHAR(40)
+);
+
+ALTER TABLE voicemail_messages ADD CONSTRAINT voicemail_messages_dir_msgnum PRIMARY KEY (dir, msgnum);
+
+CREATE INDEX voicemail_messages_dir ON voicemail_messages (dir);
+
+INSERT INTO alembic_version (version_num) VALUES ('a2e9769475e');
+
+-- Running upgrade a2e9769475e -> 39428242f7f5
+
+ALTER TABLE voicemail_messages MODIFY recording BLOB(4294967295) NULL;
+
+UPDATE alembic_version SET version_num='39428242f7f5' WHERE alembic_version.version_num = 'a2e9769475e';
+

contrib/realtime/postgresql/postgresql_cdr.sql

@@ -0,0 +1,45 @@
+BEGIN;
+
+CREATE TABLE alembic_version (
+    version_num VARCHAR(32) NOT NULL, 
+    CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
+);
+
+-- Running upgrade  -> 210693f3123d
+
+CREATE TABLE cdr (
+    accountcode VARCHAR(20), 
+    src VARCHAR(80), 
+    dst VARCHAR(80), 
+    dcontext VARCHAR(80), 
+    clid VARCHAR(80), 
+    channel VARCHAR(80), 
+    dstchannel VARCHAR(80), 
+    lastapp VARCHAR(80), 
+    lastdata VARCHAR(80), 
+    start TIMESTAMP WITHOUT TIME ZONE, 
+    answer TIMESTAMP WITHOUT TIME ZONE, 
+    "end" TIMESTAMP WITHOUT TIME ZONE, 
+    duration INTEGER, 
+    billsec INTEGER, 
+    disposition VARCHAR(45), 
+    amaflags VARCHAR(45), 
+    userfield VARCHAR(256), 
+    uniqueid VARCHAR(150), 
+    linkedid VARCHAR(150), 
+    peeraccount VARCHAR(20), 
+    sequence INTEGER
+);
+
+INSERT INTO alembic_version (version_num) VALUES ('210693f3123d');
+
+-- Running upgrade 210693f3123d -> 54cde9847798
+
+ALTER TABLE cdr ALTER COLUMN accountcode TYPE VARCHAR(80);
+
+ALTER TABLE cdr ALTER COLUMN peeraccount TYPE VARCHAR(80);
+
+UPDATE alembic_version SET version_num='54cde9847798' WHERE alembic_version.version_num = '210693f3123d';
+
+COMMIT;
+

contrib/realtime/postgresql/postgresql_voicemail.sql

@@ -0,0 +1,39 @@
+BEGIN;
+
+CREATE TABLE alembic_version (
+    version_num VARCHAR(32) NOT NULL, 
+    CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
+);
+
+-- Running upgrade  -> a2e9769475e
+
+CREATE TABLE voicemail_messages (
+    dir VARCHAR(255) NOT NULL, 
+    msgnum INTEGER NOT NULL, 
+    context VARCHAR(80), 
+    macrocontext VARCHAR(80), 
+    callerid VARCHAR(80), 
+    origtime INTEGER, 
+    duration INTEGER, 
+    recording BYTEA, 
+    flag VARCHAR(30), 
+    category VARCHAR(30), 
+    mailboxuser VARCHAR(30), 
+    mailboxcontext VARCHAR(30), 
+    msg_id VARCHAR(40)
+);
+
+ALTER TABLE voicemail_messages ADD CONSTRAINT voicemail_messages_dir_msgnum PRIMARY KEY (dir, msgnum);
+
+CREATE INDEX voicemail_messages_dir ON voicemail_messages (dir);
+
+INSERT INTO alembic_version (version_num) VALUES ('a2e9769475e');
+
+-- Running upgrade a2e9769475e -> 39428242f7f5
+
+ALTER TABLE voicemail_messages ALTER COLUMN recording TYPE BYTEA;
+
+UPDATE alembic_version SET version_num='39428242f7f5' WHERE alembic_version.version_num = 'a2e9769475e';
+
+COMMIT;
+

res/res_sorcery_memory_cache.c

@@ -1006,6 +1006,7 @@ static int stale_item_update(const void *data)
 			ast_sorcery_object_get_id(task_data->object));
 		sorcery_memory_cache_create(task_data->sorcery, task_data->cache,
 			object);
+		ao2_ref(object, -1);
 	}
 
 	ast_test_suite_event_notify("SORCERY_MEMORY_CACHE_REFRESHED", "Cache: %s\r\nType: %s\r\nName: %s\r\n",

third-party/pjproject/patches/0030-Revert-Misc-re-2147-Fixed-warnings-in-SSL-socket-red.patch

@@ -0,0 +1,60 @@
+From 8d0652d4a02c7b8da58b1b98421cfda57056184d Mon Sep 17 00:00:00 2001
+From: George Joseph <gjoseph@digium.com>
+Date: Tue, 24 Sep 2019 06:41:16 -0600
+Subject: [PATCH 30/33] Revert "Misc (re #2147): Fixed warnings in SSL socket:
+ redefinition of typedef 'pj_ssl_sock_t' and unused 'get_pem'."
+
+This reverts commit 688a9b0de685328f62b2df86304b44c21e4460ae.
+---
+ pjlib/src/pj/ssl_sock_imp_common.h | 4 ++--
+ pjlib/src/pj/ssl_sock_ossl.c       | 5 +----
+ 2 files changed, 3 insertions(+), 6 deletions(-)
+
+diff --git a/pjlib/src/pj/ssl_sock_imp_common.h b/pjlib/src/pj/ssl_sock_imp_common.h
+index 09f259ef7..4edbb3b82 100644
+--- a/pjlib/src/pj/ssl_sock_imp_common.h
++++ b/pjlib/src/pj/ssl_sock_imp_common.h
+@@ -93,7 +93,7 @@ typedef struct circ_buf_t {
+ /*
+  * Secure socket structure definition.
+  */
+-struct pj_ssl_sock_t
++typedef struct pj_ssl_sock_t
+ {
+     pj_pool_t		 *pool;
+     pj_ssl_sock_t	 *parent;
+@@ -139,7 +139,7 @@ struct pj_ssl_sock_t
+ 
+     circ_buf_t            circ_buf_output;
+     pj_lock_t            *circ_buf_output_mutex;
+-};
++} pj_ssl_sock_t;
+ 
+ 
+ /*
+diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
+index b4ac5c15f..debb105b1 100644
+--- a/pjlib/src/pj/ssl_sock_ossl.c
++++ b/pjlib/src/pj/ssl_sock_ossl.c
+@@ -37,6 +37,7 @@
+ #if defined(PJ_HAS_SSL_SOCK) && PJ_HAS_SSL_SOCK != 0 && \
+     (PJ_SSL_SOCK_IMP == PJ_SSL_SOCK_IMP_OPENSSL)
+ 
++#include "ssl_sock_imp_common.h"
+ #include "ssl_sock_imp_common.c"
+ 
+ #define THIS_FILE		"ssl_sock_ossl.c"
+@@ -1575,10 +1576,6 @@ static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
+ {
+     int i;
+ 
+-    /* For now, get_pem has to be PJ_TRUE */
+-    pj_assert(get_pem);
+-    PJ_UNUSED_ARG(get_pem);
+-
+     ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
+        				    			sk_X509_num(chain),
+        				    			sizeof(pj_str_t));
+-- 
+2.21.0
+

third-party/pjproject/patches/0031-Revert-Fixed-2204-Add-OpenSSL-remote-certificate-cha.patch

@@ -0,0 +1,84 @@
+From 616a13933f33a6d74f84d85b5bfb858279a09e2d Mon Sep 17 00:00:00 2001
+From: George Joseph <gjoseph@digium.com>
+Date: Tue, 24 Sep 2019 06:42:04 -0600
+Subject: [PATCH 31/33] Revert "Fixed #2204: Add OpenSSL remote certificate
+ chain info"
+
+This reverts commit f71d60c866c4572a7c8398fe982416771fc6a7f5.
+---
+ pjlib/src/pj/ssl_sock_ossl.c | 45 ------------------------------------
+ 1 file changed, 45 deletions(-)
+
+diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
+index debb105b1..109c5c1e2 100644
+--- a/pjlib/src/pj/ssl_sock_ossl.c
++++ b/pjlib/src/pj/ssl_sock_ossl.c
+@@ -1566,41 +1566,6 @@ static void get_cert_info(pj_pool_t *pool, pj_ssl_cert_info *ci, X509 *x,
+     }	 
+ }
+ 
+-/* Update remote certificates chain info. This function should be
+- * called after handshake or renegotiation successfully completed.
+- */
+-static void ssl_update_remote_cert_chain_info(pj_pool_t *pool,
+-					      pj_ssl_cert_info *ci,
+-					      STACK_OF(X509) *chain,
+-					      pj_bool_t get_pem)
+-{
+-    int i;
+-
+-    ci->raw_chain.cert_raw = (pj_str_t *)pj_pool_calloc(pool,
+-       				    			sk_X509_num(chain),
+-       				    			sizeof(pj_str_t));
+-    ci->raw_chain.cnt = sk_X509_num(chain);
+-
+-    for (i = 0; i < sk_X509_num(chain); i++) {
+-        BIO *bio;
+-        BUF_MEM *ptr;
+-	X509 *x = sk_X509_value(chain, i);
+-
+-        bio = BIO_new(BIO_s_mem());
+-        
+-        if (!PEM_write_bio_X509(bio, x)) {
+-            PJ_LOG(3, (THIS_FILE, "Error retrieving raw certificate info"));
+-            ci->raw_chain.cert_raw[i].ptr  = NULL;
+-            ci->raw_chain.cert_raw[i].slen = 0;
+-        } else {
+-            BIO_write(bio, "\0", 1);
+-            BIO_get_mem_ptr(bio, &ptr);
+-            pj_strdup2(pool, &ci->raw_chain.cert_raw[i], ptr->data );
+-        }
+-        
+-        BIO_free(bio);
+-    }
+-}
+ 
+ /* Update local & remote certificates info. This function should be
+  * called after handshake or renegotiation successfully completed.
+@@ -1609,7 +1574,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
+ {
+     ossl_sock_t *ossock = (ossl_sock_t *)ssock;
+     X509 *x;
+-    STACK_OF(X509) *chain;
+ 
+     pj_assert(ssock->ssl_state == SSL_STATE_ESTABLISHED);
+ 
+@@ -1631,15 +1595,6 @@ static void ssl_update_certs_info(pj_ssl_sock_t *ssock)
+     } else {
+ 	pj_bzero(&ssock->remote_cert_info, sizeof(pj_ssl_cert_info));
+     }
+-
+-    chain = SSL_get_peer_cert_chain(ossock->ossl_ssl);
+-    if (chain) {
+-       ssl_update_remote_cert_chain_info(ssock->pool,
+-       					 &ssock->remote_cert_info,
+-       					 chain, PJ_TRUE);
+-    } else {
+-       ssock->remote_cert_info.raw_chain.cnt = 0;
+-    }
+ }
+ 
+ 
+-- 
+2.21.0
+

third-party/pjproject/patches/0032-Revert-Re-2147-misc-Fix-failed-pjsip-test-transport_.patch

@@ -0,0 +1,64 @@
+From 17cd744e19cd332a219a512770fa6e18453044ba Mon Sep 17 00:00:00 2001
+From: George Joseph <gjoseph@digium.com>
+Date: Tue, 24 Sep 2019 06:45:25 -0600
+Subject: [PATCH 32/33] Revert "Re #2147 (misc): Fix failed pjsip-test
+ (transport_loop_test) caused by r6002."
+
+This reverts commit 342148f5bcf3a6b0029ce834b8567c2cd691b15b.
+---
+ pjsip/src/pjsip/sip_transport.c      | 12 +++++-------
+ pjsip/src/pjsip/sip_transport_loop.c |  2 +-
+ pjsip/src/test/transport_loop_test.c |  1 -
+ 3 files changed, 6 insertions(+), 9 deletions(-)
+
+diff --git a/pjsip/src/pjsip/sip_transport.c b/pjsip/src/pjsip/sip_transport.c
+index 65ac823d4..d63823a98 100644
+--- a/pjsip/src/pjsip/sip_transport.c
++++ b/pjsip/src/pjsip/sip_transport.c
+@@ -1222,13 +1222,11 @@ PJ_DEF(pj_status_t) pjsip_transport_register( pjsip_tpmgr *mgr,
+ 
+     pj_lock_release(mgr->lock);
+ 
+-    TRACE_((THIS_FILE, "Transport %s registered: type=%s, remote=%s:%d",
+-	    tp->obj_name,
+-	    pjsip_transport_get_type_name(tp->key.type),
+-	    pj_sockaddr_has_addr(&tp->key.rem_addr)?
+-				addr_string(&tp->key.rem_addr):"",
+-	    pj_sockaddr_has_addr(&tp->key.rem_addr)?
+-				pj_sockaddr_get_port(&tp->key.rem_addr):0));
++    TRACE_((THIS_FILE,"Transport %s registered: type=%s, remote=%s:%d",
++		       tp->obj_name,
++		       pjsip_transport_get_type_name(tp->key.type),
++		       addr_string(&tp->key.rem_addr),
++		       pj_sockaddr_get_port(&tp->key.rem_addr)));
+ 
+     return PJ_SUCCESS;
+ }
+diff --git a/pjsip/src/pjsip/sip_transport_loop.c b/pjsip/src/pjsip/sip_transport_loop.c
+index 37e20e69b..24e1a5f69 100644
+--- a/pjsip/src/pjsip/sip_transport_loop.c
++++ b/pjsip/src/pjsip/sip_transport_loop.c
+@@ -376,7 +376,7 @@ PJ_DEF(pj_status_t) pjsip_loop_start( pjsip_endpoint *endpt,
+     if (status != PJ_SUCCESS)
+ 	goto on_error;
+     loop->base.key.type = PJSIP_TRANSPORT_LOOP_DGRAM;
+-    //loop->base.key.rem_addr.addr.sa_family = pj_AF_INET();
++    loop->base.key.rem_addr.addr.sa_family = pj_AF_INET();
+     loop->base.type_name = "LOOP-DGRAM";
+     loop->base.info = "LOOP-DGRAM";
+     loop->base.flag = PJSIP_TRANSPORT_DATAGRAM;
+diff --git a/pjsip/src/test/transport_loop_test.c b/pjsip/src/test/transport_loop_test.c
+index 5f2f03904..efa2ea116 100644
+--- a/pjsip/src/test/transport_loop_test.c
++++ b/pjsip/src/test/transport_loop_test.c
+@@ -36,7 +36,6 @@ static int datagram_loop_test()
+ 
+     PJ_LOG(3,(THIS_FILE, "testing datagram loop transport"));
+ 
+-    pj_sockaddr_in_init(&addr, NULL, 0);
+     /* Test acquire transport. */
+     status = pjsip_endpt_acquire_transport( endpt, PJSIP_TRANSPORT_LOOP_DGRAM,
+ 					    &addr, sizeof(addr), NULL, &loop);
+-- 
+2.21.0
+