mirror of
https://github.com/asterisk/asterisk.git
synced 2026-02-13 19:50:44 +00:00
Compare commits
5 Commits
19.8
...
releases/1
| Author | SHA1 | Date | |
|---|---|---|---|
|
d33a05bc75 | ||
|
86da1af5ae | ||
|
f43849b65b | ||
|
|
6e5e2cd526 | ||
|
|
ebdf660a56 |
1
CHANGES.md
Symbolic link
1
CHANGES.md
Symbolic link
@@ -0,0 +1 @@
|
||||
ChangeLogs/ChangeLog-19.8.1.md
|
||||
99
ChangeLogs/ChangeLog-19.8.1.md
Normal file
99
ChangeLogs/ChangeLog-19.8.1.md
Normal file
@@ -0,0 +1,99 @@
|
||||
|
||||
Change Log for Release 19.8.1
|
||||
========================================
|
||||
|
||||
Links:
|
||||
----------------------------------------
|
||||
|
||||
- [Full ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-19.8.1.md)
|
||||
- [GitHub Diff](https://github.com/asterisk/asterisk/compare/19.8.0...19.8.1)
|
||||
- [Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-19.8.1.tar.gz)
|
||||
- [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)
|
||||
|
||||
Summary:
|
||||
----------------------------------------
|
||||
|
||||
- apply_patches: Use globbing instead of file/sort.
|
||||
- bundled_pjproject: Backport 2 SSL patches from upstream
|
||||
- bundled_pjproject: Backport security fixes from pjproject 2.13.1
|
||||
- apply_patches: Sort patch list before applying
|
||||
|
||||
User Notes:
|
||||
----------------------------------------
|
||||
|
||||
|
||||
Upgrade Notes:
|
||||
----------------------------------------
|
||||
|
||||
|
||||
Closed Issues:
|
||||
----------------------------------------
|
||||
|
||||
- #188: [improvement]: pjsip: Upgrade bundled version to pjproject 2.13.1 #187
|
||||
- #193: [bug]: third-party/apply-patches doesn't sort the patch file list before applying
|
||||
- #194: [bug]: Segfault/double-free in bundled pjproject using TLS transport
|
||||
|
||||
Commits By Author:
|
||||
----------------------------------------
|
||||
|
||||
- ### George Joseph (3):
|
||||
- apply_patches: Sort patch list before applying
|
||||
- bundled_pjproject: Backport security fixes from pjproject 2.13.1
|
||||
- bundled_pjproject: Backport 2 SSL patches from upstream
|
||||
|
||||
- ### Sean Bright (1):
|
||||
- apply_patches: Use globbing instead of file/sort.
|
||||
|
||||
|
||||
Detail:
|
||||
----------------------------------------
|
||||
|
||||
- ### apply_patches: Use globbing instead of file/sort.
|
||||
Author: Sean Bright
|
||||
Date: 2023-07-06
|
||||
|
||||
This accomplishes the same thing as a `find ... | sort` but with the
|
||||
added benefit of clarity and avoiding a call to a subshell.
|
||||
|
||||
Additionally drop the -s option from call to patch as it is not POSIX.
|
||||
|
||||
- ### bundled_pjproject: Backport 2 SSL patches from upstream
|
||||
Author: George Joseph
|
||||
Date: 2023-07-06
|
||||
|
||||
* Fix double free of ossock->ossl_ctx in case of errors
|
||||
https://github.com/pjsip/pjproject/commit/863629bc65d6
|
||||
|
||||
* free SSL context and reset context pointer when setting the cipher
|
||||
list fails
|
||||
https://github.com/pjsip/pjproject/commit/0fb32cd4c0b2
|
||||
|
||||
Resolves: #194
|
||||
|
||||
- ### bundled_pjproject: Backport security fixes from pjproject 2.13.1
|
||||
Author: George Joseph
|
||||
Date: 2023-07-05
|
||||
|
||||
Merge-pull-request-from-GHSA-9pfh-r8x4-w26w.patch
|
||||
Merge-pull-request-from-GHSA-cxwq-5g9x-x7fr.patch
|
||||
Locking-fix-so-that-SSL_shutdown-and-SSL_write-are-n.patch
|
||||
Don-t-call-SSL_shutdown-when-receiving-SSL_ERROR_SYS.patch
|
||||
|
||||
Resolves: #188
|
||||
|
||||
- ### apply_patches: Sort patch list before applying
|
||||
Author: George Joseph
|
||||
Date: 2023-07-06
|
||||
|
||||
The apply_patches script wasn't sorting the list of patches in
|
||||
the "patches" directory before applying them. This left the list
|
||||
in an indeterminate order. In most cases, the list is actually
|
||||
sorted but rarely, they can be out of order and cause dependent
|
||||
patches to fail to apply.
|
||||
|
||||
We now sort the list but the "sort" program wasn't in the
|
||||
configure scripts so we needed to add that and regenerate
|
||||
the scripts as well.
|
||||
|
||||
Resolves: #193
|
||||
|
||||
@@ -1,3 +1,6 @@
|
||||
===== WARNING, THIS FILE IS OBSOLETE AND WILL BE REMOVED IN A FUTURE VERSION =====
|
||||
See 'Upgrade Notes' in the CHANGES file
|
||||
|
||||
===========================================================
|
||||
===
|
||||
=== THIS FILE IS AUTOMATICALLY GENERATED DURING THE RELEASE
|
||||
|
||||
@@ -1,187 +0,0 @@
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><title>Release Summary - asterisk-19.8.0</title><h1 align="center"><a name="top">Release Summary</a></h1><h3 align="center">asterisk-19.8.0</h3><h3 align="center">Date: 2023-01-12</h3><h3 align="center"><asteriskteam@digium.com></h3><hr><h2 align="center">Table of Contents</h2><ol>
|
||||
<li><a href="#summary">Summary</a></li>
|
||||
<li><a href="#contributors">Contributors</a></li>
|
||||
<li><a href="#closed_issues">Closed Issues</a></li>
|
||||
<li><a href="#open_issues">Open Issues</a></li>
|
||||
<li><a href="#commits">Other Changes</a></li>
|
||||
<li><a href="#diffstat">Diffstat</a></li>
|
||||
</ol><hr><a name="summary"><h2 align="center">Summary</h2></a><center><a href="#top">[Back to Top]</a></center><p>This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p><p>The data in this summary reflects changes that have been made since the previous release, asterisk-19.7.0.</p><hr><a name="contributors"><h2 align="center">Contributors</h2></a><center><a href="#top">[Back to Top]</a></center><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.</p><table width="100%" border="0">
|
||||
<tr><th width="33%">Coders</th><th width="33%">Testers</th><th width="33%">Reporters</th></tr>
|
||||
<tr valign="top"><td width="33%">18 Naveen Albert <asterisk@phreaknet.org><br/>6 George Joseph <gjoseph@digium.com><br/>5 Philip Prindeville <philipp@redfish-solutions.com><br/>4 Asterisk Development Team <asteriskteam@digium.com><br/>4 Mike Bradeen <mbradeen@sangoma.com><br/>2 Maximilian Fridrich <m.fridrich@commend.com><br/>1 Birger Harzenetter (license 5870)<br/>1 Holger Hans Peter Freyther <holger@moiji-mobile.com><br/>1 Igor Goncharovsky <igor.goncharovsky@gmail.com><br/>1 Frederic LE FOLL <frederic.lefoll@c-s.fr><br/>1 Alexandre Fournier <afournier@wazo.io><br/>1 Jaco Kroon <jaco@uls.co.za><br/>1 Ben Ford <bford@digium.com><br/>1 Henning Westerholt <hw@gilawa.com><br/></td><td width="33%"><td width="33%">18 N A <asterisk@phreaknet.org><br/>4 Philip Prindeville <philipp@redfish-solutions.com><br/>3 George Joseph <gjoseph@digium.com><br/>2 Michael Bradeen <mbradeen@sangoma.com><br/>2 Maximilian Fridrich <m.fridrich@commend.com><br/>1 Igor Yeroshev <igor.yeroshev@kaspi.kz><br/>1 Alexandre Fournier <afournier@wazo.io><br/>1 Igor Goncharovsky <igor.goncharovsky@gmail.com><br/>1 Henning Westerholt <hw@gilawa.com><br/>1 Frederic LE FOLL <frederic.lefoll@c-s.fr><br/>1 shawty <shawty.d.ds@googlemail.com><br/>1 David Woolley <forums@david-woolley.me.uk><br/>1 nappsoft <infos@nappsoft.ch><br/>1 Joshua C. Colp <jcolp@digium.com><br/>1 Joeran Vinzens <vinzens@sipgate.de><br/>1 Benjamin Keith Ford <bford@digium.com><br/>1 Jesse Ross <jesseross92@gmail.com><br/></td></tr>
|
||||
</table><hr><a name="closed_issues"><h2 align="center">Closed Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p><h3>Security</h3><h4>Category: Addons/chan_ooh323</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30103">ASTERISK-30103</a>: chan_ooh323 Vulnerability in calling/called party IE<br/>Reported by: Michael Bradeen<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=42ecf402a3498caa571c5b9c04438fc3d21feee2">[42ecf402a3]</a> Mike Bradeen -- ooh323c: not checking for IE minimum length</li>
|
||||
</ul><br><h4>Category: Core/ManagerInterface</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30176">ASTERISK-30176</a>: manager: GetConfig can read files outside of Asterisk<br/>Reported by: shawty<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=764ca3347340b114938f3279f8e3afab121b261c">[764ca33473]</a> Mike Bradeen -- manager: prevent file access outside of config dir</li>
|
||||
</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30338">ASTERISK-30338</a>: pjproject: Backport security fixes from 2.13<br/>Reported by: Benjamin Keith Ford<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1c8f57e29814659645f5db7ecaa4a6e0d50f41bc">[1c8f57e298]</a> Ben Ford -- pjproject: 2.13 security fixes</li>
|
||||
</ul><br><h3>Improvement</h3><h4>Category: Core/Bridging</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30223">ASTERISK-30223</a>: features: add no-answer option to Bridge application<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=231f99b3977e66191003d75e488cd19a8bd78ed7">[231f99b397]</a> Naveen Albert -- features: Add no answer option to Bridge.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30158">ASTERISK-30158</a>: PJSIP: Add new 100rel option "peer_supported"<br/>Reported by: Maximilian Fridrich<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2efcb5890e57a30cf1e31cf9481d526e31a470e8">[2efcb5890e]</a> Maximilian Fridrich -- res_pjsip: Add 100rel option "peer_supported".</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_geolocation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30241">ASTERISK-30241</a>: res_pjsip_gelocation: Downgrade some NOTICE scope trace debugs to DEBUG level<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0a0b141278e1ad4d9caae3ec97c0f1f3e01aba4e">[0a0b141278]</a> Naveen Albert -- res_pjsip_geolocation: Change some notices to debugs.</li>
|
||||
</ul><br><h3>Bug</h3><h4>Category: Applications/app_saynumber</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30248">ASTERISK-30248</a>: ast_get_digit_str adds bogus initial delimiter if first character not to be spoken<br/>Reported by: David Woolley<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=57b1f5a7c3bc08a98ff424e97b235db7e238a6bb">[57b1f5a7c3]</a> Naveen Albert -- say: Don't prepend ampersand erroneously.</li>
|
||||
</ul><br><h4>Category: Applications/app_voicemail</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30248">ASTERISK-30248</a>: ast_get_digit_str adds bogus initial delimiter if first character not to be spoken<br/>Reported by: David Woolley<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=57b1f5a7c3bc08a98ff424e97b235db7e238a6bb">[57b1f5a7c3]</a> Naveen Albert -- say: Don't prepend ampersand erroneously.</li>
|
||||
</ul><br><h4>Category: Channels/chan_dahdi</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30274">ASTERISK-30274</a>: chan_dahdi: Unavailable channels are BUSY<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=3bae133afa54466671ec8a6d6c98833ac93534f4">[3bae133afa]</a> Naveen Albert -- chan_dahdi: Fix unavailable channels returning busy.</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30256">ASTERISK-30256</a>: chan_dahdi: Fix format truncation warnings<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=11d97dc5ca9ad8747af7740c7351f5299fbf4e2f">[11d97dc5ca]</a> Naveen Albert -- chan_dahdi: Resolve format truncation warning.</li>
|
||||
</ul><br><h4>Category: Channels/chan_local</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30239">ASTERISK-30239</a>: Prometheus plugin crashes Asterisk when using local channel<br/>Reported by: Joeran Vinzens<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=02be2a5f1a99359f57ea88a9f9525cb7f9613890">[02be2a5f1a]</a> Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges</li>
|
||||
</ul><br><h4>Category: Channels/chan_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30193">ASTERISK-30193</a>: chan_pjsip should return all codecs on a re-INVITE without SDP<br/>Reported by: Henning Westerholt<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=a6aebab79bb715ded840c4b47d9c611d62acd04b">[a6aebab79b]</a> Henning Westerholt -- res_pjsip: return all codecs on a re-INVITE without SDP</li>
|
||||
</ul><br><h4>Category: Core/AstDB</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30245">ASTERISK-30245</a>: db: ListItems is incorrect<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=aefb9fc2167fc36af90752313970714152641c24">[aefb9fc216]</a> Birger Harzenetter -- db: Fix incorrect DB tree count for AMI.</li>
|
||||
</ul><br><h4>Category: Core/Dial</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30258">ASTERISK-30258</a>: Dialing API: Cancel a running async thread, does not always cancel all calls<br/>Reported by: Frederic LE FOLL<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=83498bec3522202b9f1b1195cd97194f99a92aeb">[83498bec35]</a> Frederic LE FOLL -- Dialing API: Cancel a running async thread, may not cancel all calls</li>
|
||||
</ul><br><h4>Category: Core/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30278">ASTERISK-30278</a>: tcptls: Abort occurs if SSL error is logged if MALLOC_DEBUG is enabled<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e553546eff7f7541e9ef61e2ccb9182acd46d455">[e553546eff]</a> Naveen Albert -- tcptls: Prevent crash when freeing OpenSSL errors.</li>
|
||||
</ul><br><h4>Category: Core/HTTP</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30278">ASTERISK-30278</a>: tcptls: Abort occurs if SSL error is logged if MALLOC_DEBUG is enabled<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=e553546eff7f7541e9ef61e2ccb9182acd46d455">[e553546eff]</a> Naveen Albert -- tcptls: Prevent crash when freeing OpenSSL errors.</li>
|
||||
</ul><br><h4>Category: Functions/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30220">ASTERISK-30220</a>: func_scramble: Fix segfault due to null pointer deref<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=086b1abf66b3d90f424e7301e4aaf15be2171832">[086b1abf66]</a> Naveen Albert -- func_scramble: Fix null pointer dereference.</li>
|
||||
</ul><br><h4>Category: Functions/func_logic</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30243">ASTERISK-30243</a>: func_logic: IF function complains if both branches are empty<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=9ba789d297501b89a33e3c1ee0cad159ebea0ecc">[9ba789d297]</a> Naveen Albert -- func_logic: Don't emit warning if both IF branches are empty.</li>
|
||||
</ul><br><h4>Category: Resources/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30239">ASTERISK-30239</a>: Prometheus plugin crashes Asterisk when using local channel<br/>Reported by: Joeran Vinzens<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=02be2a5f1a99359f57ea88a9f9525cb7f9613890">[02be2a5f1a]</a> Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30237">ASTERISK-30237</a>: res_prometheus: Crash when scraping bridges<br/>Reported by: Igor Yeroshev<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=02be2a5f1a99359f57ea88a9f9525cb7f9613890">[02be2a5f1a]</a> Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges</li>
|
||||
</ul><br><h4>Category: Resources/res_ari_channels</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30237">ASTERISK-30237</a>: res_prometheus: Crash when scraping bridges<br/>Reported by: Igor Yeroshev<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=02be2a5f1a99359f57ea88a9f9525cb7f9613890">[02be2a5f1a]</a> Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges</li>
|
||||
</ul><br><h4>Category: Resources/res_crypto</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30213">ASTERISK-30213</a>: Make crypto_load() reentrant and handle symlinks correctly<br/>Reported by: Philip Prindeville<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=23a4135fe7b1d7ba2e703798ea77382f093a93c3">[23a4135fe7]</a> Philip Prindeville -- res_crypto: handle unsafe private key files</li>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=44684fdd5167b140195f97fae72a786e3dfc881e">[44684fdd51]</a> Philip Prindeville -- res_crypto: don't modify fname in try_load_key()</li>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=109c2335ef9cc707c6708d5a93bbe05288344f50">[109c2335ef]</a> Philip Prindeville -- res_crypto: use ast_file_read_dirs() to iterate</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30235">ASTERISK-30235</a>: res_crypto and tests: Memory issues and and uninitialized variable error<br/>Reported by: George Joseph<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f09b9e667873d2940a1aa8c10ccd0e7cecddbf07">[f09b9e6678]</a> George Joseph -- res_crypto: Memory issues and uninitialized variable errors</li>
|
||||
</ul><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30226">ASTERISK-30226</a>: REGRESSION: res_crypto complains about the stir_shaken directory in /var/lib/asterisk/keys<br/>Reported by: George Joseph<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=70489083b16f9e20a75c49dec3dbe930c4041f65">[70489083b1]</a> Philip Prindeville -- res_crypto: don't complain about directories</li>
|
||||
</ul><br><h4>Category: Resources/res_geolocation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30234">ASTERISK-30234</a>: res_geolocation: ...may be used uninitialized error in geoloc_config.c<br/>Reported by: George Joseph<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c2a343b8c942d2dacb4f0372a50f9035df8219a8">[c2a343b8c9]</a> George Joseph -- res_geolocation: Fix issues exposed by compiling with -O2</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30369">ASTERISK-30369</a>: res_pjsip: Websockets from same IP shut down when they shouldn't be<br/>Reported by: Joshua C. Colp<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=7129752201428f87f62c9abdebdb8e06ee91b5f4">[7129752201]</a> George Joseph -- res_pjsip_transport_websocket: Add remote port to transport</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_exten_state</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30264">ASTERISK-30264</a>: res_pjsip: Subscription handlers do not get cleanly unregistered, causing crash<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8bea5052db9907a8887a0b7bedfa8c6579e890ad">[8bea5052db]</a> Naveen Albert -- res_pjsip_pubsub: Prevent removing subscriptions.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_mwi</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30264">ASTERISK-30264</a>: res_pjsip: Subscription handlers do not get cleanly unregistered, causing crash<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=8bea5052db9907a8887a0b7bedfa8c6579e890ad">[8bea5052db]</a> Naveen Albert -- res_pjsip_pubsub: Prevent removing subscriptions.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_outbound_registration</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30217">ASTERISK-30217</a>: Registration do not allow multiple proxies<br/>Reported by: Igor Goncharovsky<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=09af7e0acacec7df57ae00b7a40acf167ca7361a">[09af7e0aca]</a> Igor Goncharovsky -- res_pjsip_outbound_registration: Allow to use multiple proxies for registration</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_pubsub</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30244">ASTERISK-30244</a>: res_pjsip_pubsub: Occasional crash when TCP/TLS connection terminated and subscription persistence is removed<br/>Reported by: nappsoft<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=69c2459c3306d1164120ac75b08cb2c4b62c9b45">[69c2459c33]</a> George Joseph -- pjsip_transport_events: Fix possible use after free on transport</li>
|
||||
</ul><br><h4>Category: Tests/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30232">ASTERISK-30232</a>: Initialize stack-based ast_test_capture structures correctly<br/>Reported by: Philip Prindeville<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1d6e7c684320d1137884da8524b303e2abfb3c9f">[1d6e7c6843]</a> Philip Prindeville -- test: initialize capture structure before freeing</li>
|
||||
</ul><br><h4>Category: Tests/Portability</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30273">ASTERISK-30273</a>: test_mwi: compilation fails on 32-bit Debian<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=025dbcfd68f4c39c05f9ff7b0c2019516c72ee18">[025dbcfd68]</a> Naveen Albert -- tests: Fix compilation errors on 32-bit.</li>
|
||||
</ul><br><h4>Category: pjproject/pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-28689">ASTERISK-28689</a>: res_pjsip: Crash when locking group lock when sending stateful response<br/>Reported by: Jesse Ross<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=d7dae7b1fcc177d37e57a3013291a06fdae19eee">[d7dae7b1fc]</a> Mike Bradeen -- res_pjsip: prevent crash on websocket disconnect</li>
|
||||
</ul><br><h3>New Feature</h3><h4>Category: Applications/app_amd</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30179">ASTERISK-30179</a>: app_amd: Allow audio to be played while AMD is running<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=fd5683f74baacb7c279cf9202e961749d7c36055">[fd5683f74b]</a> Naveen Albert -- app_amd: Add option to play audio during AMD.</li>
|
||||
</ul><br><h4>Category: Applications/app_bridgewait</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30216">ASTERISK-30216</a>: app_bridgewait: Add option for BridgeWait to not answer<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=999b1627864c419c909d57743a61471ab1b241e2">[999b162786]</a> Naveen Albert -- app_bridgewait: Add option to not answer channel.</li>
|
||||
</ul><br><h4>Category: CDR/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30091">ASTERISK-30091</a>: cdr: Allow CDRs to ignore call state changes<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b397dc3ca31548204e7875f65f38988735091a74">[b397dc3ca3]</a> Naveen Albert -- cdr: Allow bridging and dial state changes to be ignored.</li>
|
||||
</ul><br><h4>Category: Functions/NewFeature</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-29432">ASTERISK-29432</a>: New function to allow access to any channel<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=5199a70c07cc4fe817a00f313f036de3ab201d5d">[5199a70c07]</a> Naveen Albert -- func_export: Add EXPORT function</li>
|
||||
</ul><br><h4>Category: Functions/func_strings</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30222">ASTERISK-30222</a>: func_strings: Add trim functions<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=0bf6d7af336e6a87a31ebe834869e2f7b643b98b">[0bf6d7af33]</a> Naveen Albert -- func_strings: Add trim functions.</li>
|
||||
</ul><br><h4>Category: Resources/General</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30254">ASTERISK-30254</a>: res_tonedetect: Add audible ringback detection to TONE_DETECT<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f9297117d977b4191e5321c9d8a06d979c379764">[f9297117d9]</a> Naveen Albert -- res_tonedetect: Add ringback support to TONE_DETECT.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30032">ASTERISK-30032</a>: Support of mediasec SIP headers and SDP attributes<br/>Reported by: Maximilian Fridrich<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=6170073800cb646c9c68753650252e48ca559eed">[6170073800]</a> Maximilian Fridrich -- res_pjsip: Add mediasec capabilities.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_logger</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30146">ASTERISK-30146</a>: res_pjsip_logger: Add method-based log filtering<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=05a7b4132ab3938efc93ca44cb0ede6ebfd6b1b4">[05a7b4132a]</a> Naveen Albert -- res_pjsip_logger: Add method-based logging option.</li>
|
||||
</ul><br><h4>Category: Resources/res_pjsip_notify</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30263">ASTERISK-30263</a>: res_pjsip_notify: Allow using pjsip_notify.conf from AMI<br/>Reported by: N A<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=a0dd8c27b5a39b3a286c86528017a003b7247d44">[a0dd8c27b5]</a> Naveen Albert -- res_pjsip_notify: Add option support for AMI.</li>
|
||||
</ul><br><hr><a name="open_issues"><h2 align="center">Open Issues</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.</p><h3>Bug</h3><h4>Category: Resources/res_geolocation</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30346">ASTERISK-30346</a>: Fix NULL dereferencing issue in Geolocation<br/>Reported by: Alexandre Fournier<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c900a7dc398f6ba28e3c7e8e40222c63566acdc7">[c900a7dc39]</a> Alexandre Fournier -- res_geoloc: fix NULL pointer dereference bug</li>
|
||||
</ul><br><h4>Category: Resources/res_stasis_snoop</h4><a href="https://issues.asterisk.org/jira/browse/ASTERISK-30252">ASTERISK-30252</a>: Unidirectional snoop on resampled channel causes garbled audio<br/>Reported by: Michael Bradeen<ul>
|
||||
<li><a href="https://code.asterisk.org/code/changelog/asterisk?cs=f61dbd566b29ca1893fe58b10edc888614c4a92f">[f61dbd566b]</a> Mike Bradeen -- audiohook: add directional awareness</li>
|
||||
</ul><br><hr><a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a list of all changes that went into this release that did not reference a JIRA issue.</p><table width="100%" border="1">
|
||||
<tr><th>Revision</th><th>Author</th><th>Summary</th></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=b40f0f6fcea8cef885316d296cff3b161167946c">b40f0f6fce</a></td><td>Asterisk Development Team</td><td>Update for 19.8.0-rc2</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=1eee96543b988fbb1352afd9705db2949e2d3325">1eee96543b</a></td><td>Asterisk Development Team</td><td>Update for 19.8.0-rc1</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=c4703f070a82bb2ec115e586fc18a832918d6ae2">c4703f070a</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for 19.8.0</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=54cafbc67f912cd5b7cfad2a100c793a1d644cc8">54cafbc67f</a></td><td>George Joseph</td><td>res_geolocation: Update wiki documentation</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=2209afddb943c797d172346fd6ac847fde22c919">2209afddb9</a></td><td>Asterisk Development Team</td><td>Update CHANGES and UPGRADE.txt for 19.7.0</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=95a25fddac87ea32643d99864d306d501487f063">95a25fddac</a></td><td>George Joseph</td><td>manager.h: Bump version to 8.0.2</td></tr>
|
||||
<tr><td><a href="https://code.asterisk.org/code/changelog/asterisk?cs=ef20afda63ced6080b9b3d1b7cfafd5ff4f7169a">ef20afda63</a></td><td>Jaco Kroon</td><td>manager: be more aggressive about purging http sessions.</td></tr>
|
||||
</table><hr><a name="diffstat"><h2 align="center">Diffstat Results</h2></a><center><a href="#top">[Back to Top]</a></center><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p><pre>asterisk-19.7.0-summary.html | 212 ---
|
||||
asterisk-19.7.0-summary.txt | 528 --------
|
||||
b/.version | 2
|
||||
b/CHANGES | 84 +
|
||||
b/ChangeLog | 631 +++++++++-
|
||||
b/UPGRADE.txt | 13
|
||||
b/addons/ooh323c/src/ooq931.c | 15
|
||||
b/apps/app_amd.c | 51
|
||||
b/apps/app_bridgewait.c | 9
|
||||
b/asterisk-19.8.0-rc2-summary.html | 11
|
||||
b/asterisk-19.8.0-rc2-summary.txt | 82 +
|
||||
b/channels/chan_dahdi.c | 9
|
||||
b/configs/samples/amd.conf.sample | 7
|
||||
b/configs/samples/asterisk.conf.sample | 11
|
||||
b/configs/samples/cdr.conf.sample | 11
|
||||
b/configs/samples/geolocation.conf.sample | 2
|
||||
b/configs/samples/pjsip.conf.sample | 7
|
||||
b/contrib/ast-db-manage/config/versions/417c0247fd7e_add_security_negotiation_and_security_.py | 49
|
||||
b/contrib/ast-db-manage/config/versions/539f68bede2c_add_peer_supported_to_100rel.py | 57
|
||||
b/contrib/ast-db-manage/config/versions/ccf795ee535f_all_codecs_on_empty_reinvite.py | 37
|
||||
b/contrib/realtime/mysql/mysql_config.sql | 24
|
||||
b/contrib/realtime/postgresql/postgresql_config.sql | 30
|
||||
b/funcs/func_export.c | 107 +
|
||||
b/funcs/func_logic.c | 3
|
||||
b/funcs/func_sayfiles.c | 9
|
||||
b/funcs/func_scramble.c | 1
|
||||
b/funcs/func_strings.c | 186 ++
|
||||
b/include/asterisk/audiohook.h | 9
|
||||
b/include/asterisk/cdr.h | 2
|
||||
b/include/asterisk/manager.h | 12
|
||||
b/include/asterisk/res_pjsip.h | 237 +++
|
||||
b/include/asterisk/res_pjsip_session.h | 2
|
||||
b/include/asterisk/test.h | 10
|
||||
b/main/audiohook.c | 22
|
||||
b/main/cdr.c | 86 +
|
||||
b/main/db.c | 4
|
||||
b/main/dial.c | 9
|
||||
b/main/features.c | 28
|
||||
b/main/manager.c | 61
|
||||
b/main/options.c | 1
|
||||
b/main/say.c | 6
|
||||
b/main/tcptls.c | 2
|
||||
b/main/test.c | 9
|
||||
b/res/prometheus/bridges.c | 12
|
||||
b/res/res_crypto.c | 75 -
|
||||
b/res/res_geolocation/geoloc_datastore.c | 4
|
||||
b/res/res_geolocation/wiki/AsteriskImplementation.md | 251 +++
|
||||
b/res/res_geolocation/wiki/GML.md | 38
|
||||
b/res/res_geolocation/wiki/Geolocation.md | 2
|
||||
b/res/res_geolocation/wiki/README.txt | 31
|
||||
b/res/res_geolocation/wiki/URI.md | 5
|
||||
b/res/res_pjsip.c | 47
|
||||
b/res/res_pjsip/config_global.c | 21
|
||||
b/res/res_pjsip/pjsip_config.xml | 55
|
||||
b/res/res_pjsip/pjsip_configuration.c | 44
|
||||
b/res/res_pjsip/pjsip_options.c | 5
|
||||
b/res/res_pjsip/pjsip_transport_events.c | 214 +++
|
||||
b/res/res_pjsip/security_agreements.c | 340 +++++
|
||||
b/res/res_pjsip_exten_state.c | 13
|
||||
b/res/res_pjsip_logger.c | 165 ++
|
||||
b/res/res_pjsip_mwi.c | 13
|
||||
b/res/res_pjsip_notify.c | 165 +-
|
||||
b/res/res_pjsip_outbound_authenticator_digest.c | 4
|
||||
b/res/res_pjsip_outbound_registration.c | 249 +++
|
||||
b/res/res_pjsip_pubsub.c | 25
|
||||
b/res/res_pjsip_rfc3329.c | 150 ++
|
||||
b/res/res_pjsip_sdp_rtp.c | 6
|
||||
b/res/res_pjsip_session.c | 74 -
|
||||
b/res/res_pjsip_transport_websocket.c | 1
|
||||
b/res/res_stasis_snoop.c | 22
|
||||
b/res/res_tonedetect.c | 25
|
||||
b/tests/test_crypto.c | 19
|
||||
b/tests/test_mwi.c | 4
|
||||
b/tests/test_stasis.c | 2
|
||||
b/tests/test_stasis_state.c | 8
|
||||
b/third-party/pjproject/patches/0200-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 306 ++++
|
||||
b/third-party/pjproject/patches/0201-potential-stack-buffer-overflow-when-parsing-message-as-a-STUN-client.patch | 24
|
||||
77 files changed, 4028 insertions(+), 1079 deletions(-)</pre><br></html>
|
||||
@@ -1,535 +0,0 @@
|
||||
Release Summary
|
||||
|
||||
asterisk-19.8.0
|
||||
|
||||
Date: 2023-01-12
|
||||
|
||||
<asteriskteam@digium.com>
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Table of Contents
|
||||
|
||||
1. Summary
|
||||
2. Contributors
|
||||
3. Closed Issues
|
||||
4. Open Issues
|
||||
5. Other Changes
|
||||
6. Diffstat
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Summary
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This release is a point release of an existing major version. The changes
|
||||
included were made to address problems that have been identified in this
|
||||
release series, or are minor, backwards compatible new features or
|
||||
improvements. Users should be able to safely upgrade to this version if
|
||||
this release series is already in use. Users considering upgrading from a
|
||||
previous version are strongly encouraged to review the UPGRADE.txt
|
||||
document as well as the CHANGES document for information about upgrading
|
||||
to this release series.
|
||||
|
||||
The data in this summary reflects changes that have been made since the
|
||||
previous release, asterisk-19.7.0.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Contributors
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This table lists the people who have submitted code, those that have
|
||||
tested patches, as well as those that reported issues on the issue tracker
|
||||
that were resolved in this release. For coders, the number is how many of
|
||||
their patches (of any size) were committed into this release. For testers,
|
||||
the number is the number of times their name was listed as assisting with
|
||||
testing a patch. Finally, for reporters, the number is the number of
|
||||
issues that they reported that were affected by commits that went into
|
||||
this release.
|
||||
|
||||
Coders Testers Reporters
|
||||
18 Naveen Albert 18 N A
|
||||
6 George Joseph 4 Philip Prindeville
|
||||
5 Philip Prindeville 3 George Joseph
|
||||
4 Asterisk Development Team 2 Michael Bradeen
|
||||
4 Mike Bradeen 2 Maximilian Fridrich
|
||||
2 Maximilian Fridrich 1 Igor Yeroshev
|
||||
1 Birger Harzenetter (license 5870) 1 Alexandre Fournier
|
||||
1 Holger Hans Peter Freyther 1 Igor Goncharovsky
|
||||
1 Igor Goncharovsky 1 Henning Westerholt
|
||||
1 Frederic LE FOLL 1 Frederic LE FOLL
|
||||
1 Alexandre Fournier 1 shawty
|
||||
1 Jaco Kroon 1 David Woolley
|
||||
1 Ben Ford 1 nappsoft
|
||||
1 Henning Westerholt 1 Joshua C. Colp
|
||||
1 Joeran Vinzens
|
||||
1 Benjamin Keith Ford
|
||||
1 Jesse Ross
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Closed Issues
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a list of all issues from the issue tracker that were closed by
|
||||
changes that went into this release.
|
||||
|
||||
Security
|
||||
|
||||
Category: Addons/chan_ooh323
|
||||
|
||||
ASTERISK-30103: chan_ooh323 Vulnerability in calling/called party IE
|
||||
Reported by: Michael Bradeen
|
||||
* [42ecf402a3] Mike Bradeen -- ooh323c: not checking for IE minimum
|
||||
length
|
||||
|
||||
Category: Core/ManagerInterface
|
||||
|
||||
ASTERISK-30176: manager: GetConfig can read files outside of Asterisk
|
||||
Reported by: shawty
|
||||
* [764ca33473] Mike Bradeen -- manager: prevent file access outside of
|
||||
config dir
|
||||
|
||||
Category: pjproject/pjsip
|
||||
|
||||
ASTERISK-30338: pjproject: Backport security fixes from 2.13
|
||||
Reported by: Benjamin Keith Ford
|
||||
* [1c8f57e298] Ben Ford -- pjproject: 2.13 security fixes
|
||||
|
||||
Improvement
|
||||
|
||||
Category: Core/Bridging
|
||||
|
||||
ASTERISK-30223: features: add no-answer option to Bridge application
|
||||
Reported by: N A
|
||||
* [231f99b397] Naveen Albert -- features: Add no answer option to
|
||||
Bridge.
|
||||
|
||||
Category: Resources/res_pjsip
|
||||
|
||||
ASTERISK-30158: PJSIP: Add new 100rel option "peer_supported"
|
||||
Reported by: Maximilian Fridrich
|
||||
* [2efcb5890e] Maximilian Fridrich -- res_pjsip: Add 100rel option
|
||||
"peer_supported".
|
||||
|
||||
Category: Resources/res_pjsip_geolocation
|
||||
|
||||
ASTERISK-30241: res_pjsip_gelocation: Downgrade some NOTICE scope trace
|
||||
debugs to DEBUG level
|
||||
Reported by: N A
|
||||
* [0a0b141278] Naveen Albert -- res_pjsip_geolocation: Change some
|
||||
notices to debugs.
|
||||
|
||||
Bug
|
||||
|
||||
Category: Applications/app_saynumber
|
||||
|
||||
ASTERISK-30248: ast_get_digit_str adds bogus initial delimiter if first
|
||||
character not to be spoken
|
||||
Reported by: David Woolley
|
||||
* [57b1f5a7c3] Naveen Albert -- say: Don't prepend ampersand
|
||||
erroneously.
|
||||
|
||||
Category: Applications/app_voicemail
|
||||
|
||||
ASTERISK-30248: ast_get_digit_str adds bogus initial delimiter if first
|
||||
character not to be spoken
|
||||
Reported by: David Woolley
|
||||
* [57b1f5a7c3] Naveen Albert -- say: Don't prepend ampersand
|
||||
erroneously.
|
||||
|
||||
Category: Channels/chan_dahdi
|
||||
|
||||
ASTERISK-30274: chan_dahdi: Unavailable channels are BUSY
|
||||
Reported by: N A
|
||||
* [3bae133afa] Naveen Albert -- chan_dahdi: Fix unavailable channels
|
||||
returning busy.
|
||||
ASTERISK-30256: chan_dahdi: Fix format truncation warnings
|
||||
Reported by: N A
|
||||
* [11d97dc5ca] Naveen Albert -- chan_dahdi: Resolve format truncation
|
||||
warning.
|
||||
|
||||
Category: Channels/chan_local
|
||||
|
||||
ASTERISK-30239: Prometheus plugin crashes Asterisk when using local
|
||||
channel
|
||||
Reported by: Joeran Vinzens
|
||||
* [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
|
||||
crash on invisible bridges
|
||||
|
||||
Category: Channels/chan_pjsip
|
||||
|
||||
ASTERISK-30193: chan_pjsip should return all codecs on a re-INVITE without
|
||||
SDP
|
||||
Reported by: Henning Westerholt
|
||||
* [a6aebab79b] Henning Westerholt -- res_pjsip: return all codecs on a
|
||||
re-INVITE without SDP
|
||||
|
||||
Category: Core/AstDB
|
||||
|
||||
ASTERISK-30245: db: ListItems is incorrect
|
||||
Reported by: N A
|
||||
* [aefb9fc216] Birger Harzenetter -- db: Fix incorrect DB tree count for
|
||||
AMI.
|
||||
|
||||
Category: Core/Dial
|
||||
|
||||
ASTERISK-30258: Dialing API: Cancel a running async thread, does not
|
||||
always cancel all calls
|
||||
Reported by: Frederic LE FOLL
|
||||
* [83498bec35] Frederic LE FOLL -- Dialing API: Cancel a running async
|
||||
thread, may not cancel all calls
|
||||
|
||||
Category: Core/General
|
||||
|
||||
ASTERISK-30278: tcptls: Abort occurs if SSL error is logged if
|
||||
MALLOC_DEBUG is enabled
|
||||
Reported by: N A
|
||||
* [e553546eff] Naveen Albert -- tcptls: Prevent crash when freeing
|
||||
OpenSSL errors.
|
||||
|
||||
Category: Core/HTTP
|
||||
|
||||
ASTERISK-30278: tcptls: Abort occurs if SSL error is logged if
|
||||
MALLOC_DEBUG is enabled
|
||||
Reported by: N A
|
||||
* [e553546eff] Naveen Albert -- tcptls: Prevent crash when freeing
|
||||
OpenSSL errors.
|
||||
|
||||
Category: Functions/General
|
||||
|
||||
ASTERISK-30220: func_scramble: Fix segfault due to null pointer deref
|
||||
Reported by: N A
|
||||
* [086b1abf66] Naveen Albert -- func_scramble: Fix null pointer
|
||||
dereference.
|
||||
|
||||
Category: Functions/func_logic
|
||||
|
||||
ASTERISK-30243: func_logic: IF function complains if both branches are
|
||||
empty
|
||||
Reported by: N A
|
||||
* [9ba789d297] Naveen Albert -- func_logic: Don't emit warning if both
|
||||
IF branches are empty.
|
||||
|
||||
Category: Resources/General
|
||||
|
||||
ASTERISK-30239: Prometheus plugin crashes Asterisk when using local
|
||||
channel
|
||||
Reported by: Joeran Vinzens
|
||||
* [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
|
||||
crash on invisible bridges
|
||||
ASTERISK-30237: res_prometheus: Crash when scraping bridges
|
||||
Reported by: Igor Yeroshev
|
||||
* [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
|
||||
crash on invisible bridges
|
||||
|
||||
Category: Resources/res_ari_channels
|
||||
|
||||
ASTERISK-30237: res_prometheus: Crash when scraping bridges
|
||||
Reported by: Igor Yeroshev
|
||||
* [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
|
||||
crash on invisible bridges
|
||||
|
||||
Category: Resources/res_crypto
|
||||
|
||||
ASTERISK-30213: Make crypto_load() reentrant and handle symlinks correctly
|
||||
Reported by: Philip Prindeville
|
||||
* [23a4135fe7] Philip Prindeville -- res_crypto: handle unsafe private
|
||||
key files
|
||||
* [44684fdd51] Philip Prindeville -- res_crypto: don't modify fname in
|
||||
try_load_key()
|
||||
* [109c2335ef] Philip Prindeville -- res_crypto: use
|
||||
ast_file_read_dirs() to iterate
|
||||
ASTERISK-30235: res_crypto and tests: Memory issues and and uninitialized
|
||||
variable error
|
||||
Reported by: George Joseph
|
||||
* [f09b9e6678] George Joseph -- res_crypto: Memory issues and
|
||||
uninitialized variable errors
|
||||
ASTERISK-30226: REGRESSION: res_crypto complains about the stir_shaken
|
||||
directory in /var/lib/asterisk/keys
|
||||
Reported by: George Joseph
|
||||
* [70489083b1] Philip Prindeville -- res_crypto: don't complain about
|
||||
directories
|
||||
|
||||
Category: Resources/res_geolocation
|
||||
|
||||
ASTERISK-30234: res_geolocation: ...may be used uninitialized error in
|
||||
geoloc_config.c
|
||||
Reported by: George Joseph
|
||||
* [c2a343b8c9] George Joseph -- res_geolocation: Fix issues exposed by
|
||||
compiling with -O2
|
||||
|
||||
Category: Resources/res_pjsip
|
||||
|
||||
ASTERISK-30369: res_pjsip: Websockets from same IP shut down when they
|
||||
shouldn't be
|
||||
Reported by: Joshua C. Colp
|
||||
* [7129752201] George Joseph -- res_pjsip_transport_websocket: Add
|
||||
remote port to transport
|
||||
|
||||
Category: Resources/res_pjsip_exten_state
|
||||
|
||||
ASTERISK-30264: res_pjsip: Subscription handlers do not get cleanly
|
||||
unregistered, causing crash
|
||||
Reported by: N A
|
||||
* [8bea5052db] Naveen Albert -- res_pjsip_pubsub: Prevent removing
|
||||
subscriptions.
|
||||
|
||||
Category: Resources/res_pjsip_mwi
|
||||
|
||||
ASTERISK-30264: res_pjsip: Subscription handlers do not get cleanly
|
||||
unregistered, causing crash
|
||||
Reported by: N A
|
||||
* [8bea5052db] Naveen Albert -- res_pjsip_pubsub: Prevent removing
|
||||
subscriptions.
|
||||
|
||||
Category: Resources/res_pjsip_outbound_registration
|
||||
|
||||
ASTERISK-30217: Registration do not allow multiple proxies
|
||||
Reported by: Igor Goncharovsky
|
||||
* [09af7e0aca] Igor Goncharovsky -- res_pjsip_outbound_registration:
|
||||
Allow to use multiple proxies for registration
|
||||
|
||||
Category: Resources/res_pjsip_pubsub
|
||||
|
||||
ASTERISK-30244: res_pjsip_pubsub: Occasional crash when TCP/TLS connection
|
||||
terminated and subscription persistence is removed
|
||||
Reported by: nappsoft
|
||||
* [69c2459c33] George Joseph -- pjsip_transport_events: Fix possible use
|
||||
after free on transport
|
||||
|
||||
Category: Tests/General
|
||||
|
||||
ASTERISK-30232: Initialize stack-based ast_test_capture structures
|
||||
correctly
|
||||
Reported by: Philip Prindeville
|
||||
* [1d6e7c6843] Philip Prindeville -- test: initialize capture structure
|
||||
before freeing
|
||||
|
||||
Category: Tests/Portability
|
||||
|
||||
ASTERISK-30273: test_mwi: compilation fails on 32-bit Debian
|
||||
Reported by: N A
|
||||
* [025dbcfd68] Naveen Albert -- tests: Fix compilation errors on 32-bit.
|
||||
|
||||
Category: pjproject/pjsip
|
||||
|
||||
ASTERISK-28689: res_pjsip: Crash when locking group lock when sending
|
||||
stateful response
|
||||
Reported by: Jesse Ross
|
||||
* [d7dae7b1fc] Mike Bradeen -- res_pjsip: prevent crash on websocket
|
||||
disconnect
|
||||
|
||||
New Feature
|
||||
|
||||
Category: Applications/app_amd
|
||||
|
||||
ASTERISK-30179: app_amd: Allow audio to be played while AMD is running
|
||||
Reported by: N A
|
||||
* [fd5683f74b] Naveen Albert -- app_amd: Add option to play audio during
|
||||
AMD.
|
||||
|
||||
Category: Applications/app_bridgewait
|
||||
|
||||
ASTERISK-30216: app_bridgewait: Add option for BridgeWait to not answer
|
||||
Reported by: N A
|
||||
* [999b162786] Naveen Albert -- app_bridgewait: Add option to not answer
|
||||
channel.
|
||||
|
||||
Category: CDR/General
|
||||
|
||||
ASTERISK-30091: cdr: Allow CDRs to ignore call state changes
|
||||
Reported by: N A
|
||||
* [b397dc3ca3] Naveen Albert -- cdr: Allow bridging and dial state
|
||||
changes to be ignored.
|
||||
|
||||
Category: Functions/NewFeature
|
||||
|
||||
ASTERISK-29432: New function to allow access to any channel
|
||||
Reported by: N A
|
||||
* [5199a70c07] Naveen Albert -- func_export: Add EXPORT function
|
||||
|
||||
Category: Functions/func_strings
|
||||
|
||||
ASTERISK-30222: func_strings: Add trim functions
|
||||
Reported by: N A
|
||||
* [0bf6d7af33] Naveen Albert -- func_strings: Add trim functions.
|
||||
|
||||
Category: Resources/General
|
||||
|
||||
ASTERISK-30254: res_tonedetect: Add audible ringback detection to
|
||||
TONE_DETECT
|
||||
Reported by: N A
|
||||
* [f9297117d9] Naveen Albert -- res_tonedetect: Add ringback support to
|
||||
TONE_DETECT.
|
||||
|
||||
Category: Resources/res_pjsip
|
||||
|
||||
ASTERISK-30032: Support of mediasec SIP headers and SDP attributes
|
||||
Reported by: Maximilian Fridrich
|
||||
* [6170073800] Maximilian Fridrich -- res_pjsip: Add mediasec
|
||||
capabilities.
|
||||
|
||||
Category: Resources/res_pjsip_logger
|
||||
|
||||
ASTERISK-30146: res_pjsip_logger: Add method-based log filtering
|
||||
Reported by: N A
|
||||
* [05a7b4132a] Naveen Albert -- res_pjsip_logger: Add method-based
|
||||
logging option.
|
||||
|
||||
Category: Resources/res_pjsip_notify
|
||||
|
||||
ASTERISK-30263: res_pjsip_notify: Allow using pjsip_notify.conf from AMI
|
||||
Reported by: N A
|
||||
* [a0dd8c27b5] Naveen Albert -- res_pjsip_notify: Add option support for
|
||||
AMI.
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Open Issues
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a list of all open issues from the issue tracker that were
|
||||
referenced by changes that went into this release.
|
||||
|
||||
Bug
|
||||
|
||||
Category: Resources/res_geolocation
|
||||
|
||||
ASTERISK-30346: Fix NULL dereferencing issue in Geolocation
|
||||
Reported by: Alexandre Fournier
|
||||
* [c900a7dc39] Alexandre Fournier -- res_geoloc: fix NULL pointer
|
||||
dereference bug
|
||||
|
||||
Category: Resources/res_stasis_snoop
|
||||
|
||||
ASTERISK-30252: Unidirectional snoop on resampled channel causes garbled
|
||||
audio
|
||||
Reported by: Michael Bradeen
|
||||
* [f61dbd566b] Mike Bradeen -- audiohook: add directional awareness
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Commits Not Associated with an Issue
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a list of all changes that went into this release that did not
|
||||
reference a JIRA issue.
|
||||
|
||||
+------------------------------------------------------------------------+
|
||||
| Revision | Author | Summary |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| b40f0f6fce | Asterisk Development | Update for 19.8.0-rc2 |
|
||||
| | Team | |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 1eee96543b | Asterisk Development | Update for 19.8.0-rc1 |
|
||||
| | Team | |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| c4703f070a | Asterisk Development | Update CHANGES and UPGRADE.txt for |
|
||||
| | Team | 19.8.0 |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 54cafbc67f | George Joseph | res_geolocation: Update wiki |
|
||||
| | | documentation |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 2209afddb9 | Asterisk Development | Update CHANGES and UPGRADE.txt for |
|
||||
| | Team | 19.7.0 |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| 95a25fddac | George Joseph | manager.h: Bump version to 8.0.2 |
|
||||
|------------+----------------------+------------------------------------|
|
||||
| ef20afda63 | Jaco Kroon | manager: be more aggressive about |
|
||||
| | | purging http sessions. |
|
||||
+------------------------------------------------------------------------+
|
||||
|
||||
----------------------------------------------------------------------
|
||||
|
||||
Diffstat Results
|
||||
|
||||
[Back to Top]
|
||||
|
||||
This is a summary of the changes to the source code that went into this
|
||||
release that was generated using the diffstat utility.
|
||||
|
||||
asterisk-19.7.0-summary.html | 212 ---
|
||||
asterisk-19.7.0-summary.txt | 528 --------
|
||||
b/.version | 2
|
||||
b/CHANGES | 84 +
|
||||
b/ChangeLog | 631 +++++++++-
|
||||
b/UPGRADE.txt | 13
|
||||
b/addons/ooh323c/src/ooq931.c | 15
|
||||
b/apps/app_amd.c | 51
|
||||
b/apps/app_bridgewait.c | 9
|
||||
b/asterisk-19.8.0-rc2-summary.html | 11
|
||||
b/asterisk-19.8.0-rc2-summary.txt | 82 +
|
||||
b/channels/chan_dahdi.c | 9
|
||||
b/configs/samples/amd.conf.sample | 7
|
||||
b/configs/samples/asterisk.conf.sample | 11
|
||||
b/configs/samples/cdr.conf.sample | 11
|
||||
b/configs/samples/geolocation.conf.sample | 2
|
||||
b/configs/samples/pjsip.conf.sample | 7
|
||||
b/contrib/ast-db-manage/config/versions/417c0247fd7e_add_security_negotiation_and_security_.py | 49
|
||||
b/contrib/ast-db-manage/config/versions/539f68bede2c_add_peer_supported_to_100rel.py | 57
|
||||
b/contrib/ast-db-manage/config/versions/ccf795ee535f_all_codecs_on_empty_reinvite.py | 37
|
||||
b/contrib/realtime/mysql/mysql_config.sql | 24
|
||||
b/contrib/realtime/postgresql/postgresql_config.sql | 30
|
||||
b/funcs/func_export.c | 107 +
|
||||
b/funcs/func_logic.c | 3
|
||||
b/funcs/func_sayfiles.c | 9
|
||||
b/funcs/func_scramble.c | 1
|
||||
b/funcs/func_strings.c | 186 ++
|
||||
b/include/asterisk/audiohook.h | 9
|
||||
b/include/asterisk/cdr.h | 2
|
||||
b/include/asterisk/manager.h | 12
|
||||
b/include/asterisk/res_pjsip.h | 237 +++
|
||||
b/include/asterisk/res_pjsip_session.h | 2
|
||||
b/include/asterisk/test.h | 10
|
||||
b/main/audiohook.c | 22
|
||||
b/main/cdr.c | 86 +
|
||||
b/main/db.c | 4
|
||||
b/main/dial.c | 9
|
||||
b/main/features.c | 28
|
||||
b/main/manager.c | 61
|
||||
b/main/options.c | 1
|
||||
b/main/say.c | 6
|
||||
b/main/tcptls.c | 2
|
||||
b/main/test.c | 9
|
||||
b/res/prometheus/bridges.c | 12
|
||||
b/res/res_crypto.c | 75 -
|
||||
b/res/res_geolocation/geoloc_datastore.c | 4
|
||||
b/res/res_geolocation/wiki/AsteriskImplementation.md | 251 +++
|
||||
b/res/res_geolocation/wiki/GML.md | 38
|
||||
b/res/res_geolocation/wiki/Geolocation.md | 2
|
||||
b/res/res_geolocation/wiki/README.txt | 31
|
||||
b/res/res_geolocation/wiki/URI.md | 5
|
||||
b/res/res_pjsip.c | 47
|
||||
b/res/res_pjsip/config_global.c | 21
|
||||
b/res/res_pjsip/pjsip_config.xml | 55
|
||||
b/res/res_pjsip/pjsip_configuration.c | 44
|
||||
b/res/res_pjsip/pjsip_options.c | 5
|
||||
b/res/res_pjsip/pjsip_transport_events.c | 214 +++
|
||||
b/res/res_pjsip/security_agreements.c | 340 +++++
|
||||
b/res/res_pjsip_exten_state.c | 13
|
||||
b/res/res_pjsip_logger.c | 165 ++
|
||||
b/res/res_pjsip_mwi.c | 13
|
||||
b/res/res_pjsip_notify.c | 165 +-
|
||||
b/res/res_pjsip_outbound_authenticator_digest.c | 4
|
||||
b/res/res_pjsip_outbound_registration.c | 249 +++
|
||||
b/res/res_pjsip_pubsub.c | 25
|
||||
b/res/res_pjsip_rfc3329.c | 150 ++
|
||||
b/res/res_pjsip_sdp_rtp.c | 6
|
||||
b/res/res_pjsip_session.c | 74 -
|
||||
b/res/res_pjsip_transport_websocket.c | 1
|
||||
b/res/res_stasis_snoop.c | 22
|
||||
b/res/res_tonedetect.c | 25
|
||||
b/tests/test_crypto.c | 19
|
||||
b/tests/test_mwi.c | 4
|
||||
b/tests/test_stasis.c | 2
|
||||
b/tests/test_stasis_state.c | 8
|
||||
b/third-party/pjproject/patches/0200-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 306 ++++
|
||||
b/third-party/pjproject/patches/0201-potential-stack-buffer-overflow-when-parsing-message-as-a-STUN-client.patch | 24
|
||||
77 files changed, 4028 insertions(+), 1079 deletions(-)
|
||||
29
contrib/realtime/mysql/mysql_queue_log.sql
Normal file
29
contrib/realtime/mysql/mysql_queue_log.sql
Normal file
@@ -0,0 +1,29 @@
|
||||
BEGIN;
|
||||
|
||||
CREATE TABLE alembic_version (
|
||||
version_num VARCHAR(32) NOT NULL,
|
||||
CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
|
||||
);
|
||||
|
||||
-- Running upgrade -> 4105ee839f58
|
||||
|
||||
CREATE TABLE queue_log (
|
||||
id BIGSERIAL NOT NULL,
|
||||
time TIMESTAMP WITHOUT TIME ZONE,
|
||||
callid VARCHAR(80),
|
||||
queuename VARCHAR(256),
|
||||
agent VARCHAR(80),
|
||||
event VARCHAR(32),
|
||||
data1 VARCHAR(100),
|
||||
data2 VARCHAR(100),
|
||||
data3 VARCHAR(100),
|
||||
data4 VARCHAR(100),
|
||||
data5 VARCHAR(100),
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE (id)
|
||||
);
|
||||
|
||||
INSERT INTO alembic_version (version_num) VALUES ('4105ee839f58');
|
||||
|
||||
COMMIT;
|
||||
|
||||
29
contrib/realtime/postgresql/postgresql_queue_log.sql
Normal file
29
contrib/realtime/postgresql/postgresql_queue_log.sql
Normal file
@@ -0,0 +1,29 @@
|
||||
BEGIN;
|
||||
|
||||
CREATE TABLE alembic_version (
|
||||
version_num VARCHAR(32) NOT NULL,
|
||||
CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
|
||||
);
|
||||
|
||||
-- Running upgrade -> 4105ee839f58
|
||||
|
||||
CREATE TABLE queue_log (
|
||||
id BIGSERIAL NOT NULL,
|
||||
time TIMESTAMP WITHOUT TIME ZONE,
|
||||
callid VARCHAR(80),
|
||||
queuename VARCHAR(256),
|
||||
agent VARCHAR(80),
|
||||
event VARCHAR(32),
|
||||
data1 VARCHAR(100),
|
||||
data2 VARCHAR(100),
|
||||
data3 VARCHAR(100),
|
||||
data4 VARCHAR(100),
|
||||
data5 VARCHAR(100),
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE (id)
|
||||
);
|
||||
|
||||
INSERT INTO alembic_version (version_num) VALUES ('4105ee839f58');
|
||||
|
||||
COMMIT;
|
||||
|
||||
@@ -19,14 +19,19 @@
|
||||
of a mutex to its initializer. */
|
||||
#undef CAN_COMPARE_MUTEX_TO_INIT_VALUE
|
||||
|
||||
/* Define to 1 if the `closedir' function returns void instead of int. */
|
||||
/* Define to 1 if the `closedir' function returns void instead of `int'. */
|
||||
#undef CLOSEDIR_VOID
|
||||
|
||||
/* Some configure tests will unexpectedly fail if configure is run by a
|
||||
non-root user. These may be able to be tested at runtime. */
|
||||
#undef CONFIGURE_RAN_AS_ROOT
|
||||
|
||||
/* Define to 1 if using 'alloca.c'. */
|
||||
/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP
|
||||
systems. This function is required for `alloca.c' support on those systems.
|
||||
*/
|
||||
#undef CRAY_STACKSEG_END
|
||||
|
||||
/* Define to 1 if using `alloca.c'. */
|
||||
#undef C_ALLOCA
|
||||
|
||||
/* Define to 1 if anonymous semaphores work. */
|
||||
@@ -38,10 +43,11 @@
|
||||
/* Define to 1 if you have the `acosl' function. */
|
||||
#undef HAVE_ACOSL
|
||||
|
||||
/* Define to 1 if you have 'alloca', as a function or macro. */
|
||||
/* Define to 1 if you have `alloca', as a function or macro. */
|
||||
#undef HAVE_ALLOCA
|
||||
|
||||
/* Define to 1 if <alloca.h> works. */
|
||||
/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix).
|
||||
*/
|
||||
#undef HAVE_ALLOCA_H
|
||||
|
||||
/* Define to 1 if you have the Advanced Linux Sound Architecture library. */
|
||||
@@ -499,12 +505,12 @@
|
||||
/* Define to 1 if you have the `memmove' function. */
|
||||
#undef HAVE_MEMMOVE
|
||||
|
||||
/* Define to 1 if you have the <memory.h> header file. */
|
||||
#undef HAVE_MEMORY_H
|
||||
|
||||
/* Define to 1 if you have the `memset' function. */
|
||||
#undef HAVE_MEMSET
|
||||
|
||||
/* Define to 1 if you have the <minix/config.h> header file. */
|
||||
#undef HAVE_MINIX_CONFIG_H
|
||||
|
||||
/* Define to 1 if you have the `mkdir' function. */
|
||||
#undef HAVE_MKDIR
|
||||
|
||||
@@ -1244,9 +1250,6 @@
|
||||
/* Define to 1 if you have the `vprintf' function. */
|
||||
#undef HAVE_VPRINTF
|
||||
|
||||
/* Define to 1 if you have the <wchar.h> header file. */
|
||||
#undef HAVE_WCHAR_H
|
||||
|
||||
/* Define to 1 if you have the <winsock2.h> header file. */
|
||||
#undef HAVE_WINSOCK2_H
|
||||
|
||||
@@ -1401,13 +1404,10 @@
|
||||
STACK_DIRECTION = 0 => direction of growth unknown */
|
||||
#undef STACK_DIRECTION
|
||||
|
||||
/* Define to 1 if all of the C90 standard headers exist (not just the ones
|
||||
required in a freestanding environment). This macro is provided for
|
||||
backward compatibility; new code need not use it. */
|
||||
/* Define to 1 if you have the ANSI C header files. */
|
||||
#undef STDC_HEADERS
|
||||
|
||||
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. This
|
||||
macro is obsolete. */
|
||||
/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
|
||||
#undef TIME_WITH_SYS_TIME
|
||||
|
||||
/* Define to 1 if your <sys/time.h> declares `struct tm'. */
|
||||
@@ -1420,93 +1420,32 @@
|
||||
#ifndef _ALL_SOURCE
|
||||
# undef _ALL_SOURCE
|
||||
#endif
|
||||
/* Enable general extensions on macOS. */
|
||||
#ifndef _DARWIN_C_SOURCE
|
||||
# undef _DARWIN_C_SOURCE
|
||||
#endif
|
||||
/* Enable general extensions on Solaris. */
|
||||
#ifndef __EXTENSIONS__
|
||||
# undef __EXTENSIONS__
|
||||
#endif
|
||||
/* Enable GNU extensions on systems that have them. */
|
||||
#ifndef _GNU_SOURCE
|
||||
# undef _GNU_SOURCE
|
||||
#endif
|
||||
/* Enable X/Open compliant socket functions that do not require linking
|
||||
with -lxnet on HP-UX 11.11. */
|
||||
#ifndef _HPUX_ALT_XOPEN_SOCKET_API
|
||||
# undef _HPUX_ALT_XOPEN_SOCKET_API
|
||||
#endif
|
||||
/* Identify the host operating system as Minix.
|
||||
This macro does not affect the system headers' behavior.
|
||||
A future release of Autoconf may stop defining this macro. */
|
||||
#ifndef _MINIX
|
||||
# undef _MINIX
|
||||
#endif
|
||||
/* Enable general extensions on NetBSD.
|
||||
Enable NetBSD compatibility extensions on Minix. */
|
||||
#ifndef _NETBSD_SOURCE
|
||||
# undef _NETBSD_SOURCE
|
||||
#endif
|
||||
/* Enable OpenBSD compatibility extensions on NetBSD.
|
||||
Oddly enough, this does nothing on OpenBSD. */
|
||||
#ifndef _OPENBSD_SOURCE
|
||||
# undef _OPENBSD_SOURCE
|
||||
#endif
|
||||
/* Define to 1 if needed for POSIX-compatible behavior. */
|
||||
#ifndef _POSIX_SOURCE
|
||||
# undef _POSIX_SOURCE
|
||||
#endif
|
||||
/* Define to 2 if needed for POSIX-compatible behavior. */
|
||||
#ifndef _POSIX_1_SOURCE
|
||||
# undef _POSIX_1_SOURCE
|
||||
#endif
|
||||
/* Enable POSIX-compatible threading on Solaris. */
|
||||
/* Enable threading extensions on Solaris. */
|
||||
#ifndef _POSIX_PTHREAD_SEMANTICS
|
||||
# undef _POSIX_PTHREAD_SEMANTICS
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC TS 18661-5:2014. */
|
||||
#ifndef __STDC_WANT_IEC_60559_ATTRIBS_EXT__
|
||||
# undef __STDC_WANT_IEC_60559_ATTRIBS_EXT__
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC TS 18661-1:2014. */
|
||||
#ifndef __STDC_WANT_IEC_60559_BFP_EXT__
|
||||
# undef __STDC_WANT_IEC_60559_BFP_EXT__
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC TS 18661-2:2015. */
|
||||
#ifndef __STDC_WANT_IEC_60559_DFP_EXT__
|
||||
# undef __STDC_WANT_IEC_60559_DFP_EXT__
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC TS 18661-4:2015. */
|
||||
#ifndef __STDC_WANT_IEC_60559_FUNCS_EXT__
|
||||
# undef __STDC_WANT_IEC_60559_FUNCS_EXT__
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC TS 18661-3:2015. */
|
||||
#ifndef __STDC_WANT_IEC_60559_TYPES_EXT__
|
||||
# undef __STDC_WANT_IEC_60559_TYPES_EXT__
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC TR 24731-2:2010. */
|
||||
#ifndef __STDC_WANT_LIB_EXT2__
|
||||
# undef __STDC_WANT_LIB_EXT2__
|
||||
#endif
|
||||
/* Enable extensions specified by ISO/IEC 24747:2009. */
|
||||
#ifndef __STDC_WANT_MATH_SPEC_FUNCS__
|
||||
# undef __STDC_WANT_MATH_SPEC_FUNCS__
|
||||
#endif
|
||||
/* Enable extensions on HP NonStop. */
|
||||
#ifndef _TANDEM_SOURCE
|
||||
# undef _TANDEM_SOURCE
|
||||
#endif
|
||||
/* Enable X/Open extensions. Define to 500 only if necessary
|
||||
to make mbstate_t available. */
|
||||
#ifndef _XOPEN_SOURCE
|
||||
# undef _XOPEN_SOURCE
|
||||
/* Enable general extensions on Solaris. */
|
||||
#ifndef __EXTENSIONS__
|
||||
# undef __EXTENSIONS__
|
||||
#endif
|
||||
|
||||
|
||||
/* Define to 1 if running on Darwin. */
|
||||
#undef _DARWIN_UNLIMITED_SELECT
|
||||
|
||||
/* Enable large inode numbers on Mac OS X 10.5. */
|
||||
#ifndef _DARWIN_USE_64_BIT_INODE
|
||||
# define _DARWIN_USE_64_BIT_INODE 1
|
||||
#endif
|
||||
|
||||
/* Number of bits in a file offset, on hosts where this is settable. */
|
||||
#undef _FILE_OFFSET_BITS
|
||||
|
||||
@@ -1524,6 +1463,16 @@
|
||||
/* Define for large files, on AIX-style hosts. */
|
||||
#undef _LARGE_FILES
|
||||
|
||||
/* Define to 1 if on MINIX. */
|
||||
#undef _MINIX
|
||||
|
||||
/* Define to 2 if the system does not provide POSIX.1 features except with
|
||||
this defined. */
|
||||
#undef _POSIX_1_SOURCE
|
||||
|
||||
/* Define to 1 if you need to in order for `stat' and other things to work. */
|
||||
#undef _POSIX_SOURCE
|
||||
|
||||
/* Define to empty if `const' does not conform to ANSI C. */
|
||||
#undef const
|
||||
|
||||
@@ -1545,7 +1494,7 @@
|
||||
/* Define to `long int' if <sys/types.h> does not define. */
|
||||
#undef off_t
|
||||
|
||||
/* Define as a signed integer type capable of holding a process identifier. */
|
||||
/* Define to `int' if <sys/types.h> does not define. */
|
||||
#undef pid_t
|
||||
|
||||
/* Define to `unsigned int' if <sys/types.h> does not define. */
|
||||
|
||||
@@ -4,13 +4,19 @@
|
||||
#define MENUSELECT_AUTOCONFIG_H
|
||||
|
||||
|
||||
/* Define to 1 if using 'alloca.c'. */
|
||||
/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP
|
||||
systems. This function is required for `alloca.c' support on those systems.
|
||||
*/
|
||||
#undef CRAY_STACKSEG_END
|
||||
|
||||
/* Define to 1 if using `alloca.c'. */
|
||||
#undef C_ALLOCA
|
||||
|
||||
/* Define to 1 if you have 'alloca', as a function or macro. */
|
||||
/* Define to 1 if you have `alloca', as a function or macro. */
|
||||
#undef HAVE_ALLOCA
|
||||
|
||||
/* Define to 1 if <alloca.h> works. */
|
||||
/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix).
|
||||
*/
|
||||
#undef HAVE_ALLOCA_H
|
||||
|
||||
/* Define to 1 if you have the `asprintf' function. */
|
||||
@@ -31,6 +37,9 @@
|
||||
/* Define if your system has the LIBXML2 libraries. */
|
||||
#undef HAVE_LIBXML2
|
||||
|
||||
/* Define to 1 if you have the <memory.h> header file. */
|
||||
#undef HAVE_MEMORY_H
|
||||
|
||||
/* Define to 1 if you have the ncurses library. */
|
||||
#undef HAVE_NCURSES
|
||||
|
||||
@@ -43,9 +52,6 @@
|
||||
/* Define to 1 if you have the <stdint.h> header file. */
|
||||
#undef HAVE_STDINT_H
|
||||
|
||||
/* Define to 1 if you have the <stdio.h> header file. */
|
||||
#undef HAVE_STDIO_H
|
||||
|
||||
/* Define to 1 if you have the <stdlib.h> header file. */
|
||||
#undef HAVE_STDLIB_H
|
||||
|
||||
@@ -111,9 +117,7 @@
|
||||
STACK_DIRECTION = 0 => direction of growth unknown */
|
||||
#undef STACK_DIRECTION
|
||||
|
||||
/* Define to 1 if all of the C90 standard headers exist (not just the ones
|
||||
required in a freestanding environment). This macro is provided for
|
||||
backward compatibility; new code need not use it. */
|
||||
/* Define to 1 if you have the ANSI C header files. */
|
||||
#undef STDC_HEADERS
|
||||
|
||||
/* Define to `unsigned int' if <sys/types.h> does not define. */
|
||||
|
||||
3432
menuselect/configure
vendored
3432
menuselect/configure
vendored
File diff suppressed because it is too large
Load Diff
20
third-party/apply_patches
vendored
20
third-party/apply_patches
vendored
@@ -6,7 +6,6 @@ if [ "$1" = "-q" ] ; then
|
||||
fi
|
||||
|
||||
PATCH=${PATCH:-patch}
|
||||
FIND=${FIND:-find}
|
||||
|
||||
patchdir=${1:?You must supply a patches directory}
|
||||
sourcedir=${2?:You must supply a source directory}
|
||||
@@ -21,15 +20,18 @@ if [ ! -d "$sourcedir" ] ; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
patches=$(${FIND} "$patchdir" -name "*.patch")
|
||||
if [ x"$patches" = x"" ] ; then
|
||||
echo "No patches in $patchdir" >&2
|
||||
exit 0
|
||||
fi
|
||||
# Patterns used in filename expansion (globs) are sorted according to the
|
||||
# current locale, so there is no need to do it explicitly.
|
||||
for patchfile in "$patchdir"/*.patch ; do
|
||||
# A glob that doesn't match is not replaced, so we handle that here. We
|
||||
# should only fail this test if there are no patch files.
|
||||
[ -f "$patchfile" ] || {
|
||||
echo "No patches in $patchdir" >&2
|
||||
exit 0
|
||||
}
|
||||
|
||||
for patchfile in ${patches} ; do
|
||||
[ -z $quiet ] && echo "Applying patch $(basename $patchfile)"
|
||||
${PATCH} -d "$sourcedir" -p1 -s -i "$patchfile" || exit 1
|
||||
[ -z "$quiet" ] && echo "Applying patch $(basename "$patchfile")"
|
||||
${PATCH} -d "$sourcedir" -p1 -i "$patchfile" >/dev/null || exit 1
|
||||
done
|
||||
|
||||
exit 0
|
||||
|
||||
127
third-party/pjproject/patches/0250-Fix-double-free-of-ossock-ossl_ctx-in-case-of-errors.patch
vendored
Normal file
127
third-party/pjproject/patches/0250-Fix-double-free-of-ossock-ossl_ctx-in-case-of-errors.patch
vendored
Normal file
@@ -0,0 +1,127 @@
|
||||
From 863629bc65d68518d85cf94758725da3042c2445 Mon Sep 17 00:00:00 2001
|
||||
From: johado <papputten@gmail.com>
|
||||
Date: Mon, 18 Apr 2022 06:08:33 +0200
|
||||
Subject: [PATCH] Fix double free of ossock->ossl_ctx in case of errors (#3069)
|
||||
(#3070)
|
||||
|
||||
---
|
||||
pjlib/src/pj/ssl_sock_ossl.c | 5 +++++
|
||||
1 file changed, 5 insertions(+)
|
||||
|
||||
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
index ed441e3e2..180ef0fe6 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_ossl.c
|
||||
+++ b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
@@ -1167,20 +1167,21 @@ static pj_status_t init_ossl_ctx(pj_ssl_sock_t *ssock)
|
||||
PJ_PERROR(1,(ssock->pool->obj_name, status,
|
||||
"Error loading CA list file '%s'",
|
||||
cert->CA_file.ptr));
|
||||
}
|
||||
if (cert->CA_path.slen) {
|
||||
PJ_PERROR(1,(ssock->pool->obj_name, status,
|
||||
"Error loading CA path '%s'",
|
||||
cert->CA_path.ptr));
|
||||
}
|
||||
SSL_CTX_free(ctx);
|
||||
+ ossock->ossl_ctx = NULL;
|
||||
return status;
|
||||
} else {
|
||||
PJ_LOG(4,(ssock->pool->obj_name,
|
||||
"CA certificates loaded from '%s%s%s'",
|
||||
cert->CA_file.ptr,
|
||||
((cert->CA_file.slen && cert->CA_path.slen)?
|
||||
" + ":""),
|
||||
cert->CA_path.ptr));
|
||||
}
|
||||
}
|
||||
@@ -1197,20 +1198,21 @@ static pj_status_t init_ossl_ctx(pj_ssl_sock_t *ssock)
|
||||
|
||||
/* Load certificate chain from file into ctx */
|
||||
rc = SSL_CTX_use_certificate_chain_file(ctx, cert->cert_file.ptr);
|
||||
|
||||
if(rc != 1) {
|
||||
status = GET_SSL_STATUS(ssock);
|
||||
PJ_PERROR(1,(ssock->pool->obj_name, status,
|
||||
"Error loading certificate chain file '%s'",
|
||||
cert->cert_file.ptr));
|
||||
SSL_CTX_free(ctx);
|
||||
+ ossock->ossl_ctx = NULL;
|
||||
return status;
|
||||
} else {
|
||||
PJ_LOG(4,(ssock->pool->obj_name,
|
||||
"Certificate chain loaded from '%s'",
|
||||
cert->cert_file.ptr));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* Load private key if one is specified */
|
||||
@@ -1218,20 +1220,21 @@ static pj_status_t init_ossl_ctx(pj_ssl_sock_t *ssock)
|
||||
/* Adds the first private key found in file to ctx */
|
||||
rc = SSL_CTX_use_PrivateKey_file(ctx, cert->privkey_file.ptr,
|
||||
SSL_FILETYPE_PEM);
|
||||
|
||||
if(rc != 1) {
|
||||
status = GET_SSL_STATUS(ssock);
|
||||
PJ_PERROR(1,(ssock->pool->obj_name, status,
|
||||
"Error adding private key from '%s'",
|
||||
cert->privkey_file.ptr));
|
||||
SSL_CTX_free(ctx);
|
||||
+ ossock->ossl_ctx = NULL;
|
||||
return status;
|
||||
} else {
|
||||
PJ_LOG(4,(ssock->pool->obj_name,
|
||||
"Private key loaded from '%s'",
|
||||
cert->privkey_file.ptr));
|
||||
}
|
||||
|
||||
#if !defined(OPENSSL_NO_DH)
|
||||
if (ssock->is_server) {
|
||||
bio = BIO_new_file(cert->privkey_file.ptr, "r");
|
||||
@@ -1267,20 +1270,21 @@ static pj_status_t init_ossl_ctx(pj_ssl_sock_t *ssock)
|
||||
xcert = PEM_read_bio_X509(cbio, NULL, 0, NULL);
|
||||
if (xcert != NULL) {
|
||||
rc = SSL_CTX_use_certificate(ctx, xcert);
|
||||
if (rc != 1) {
|
||||
status = GET_SSL_STATUS(ssock);
|
||||
PJ_PERROR(1,(ssock->pool->obj_name, status,
|
||||
"Error loading chain certificate from buffer"));
|
||||
X509_free(xcert);
|
||||
BIO_free(cbio);
|
||||
SSL_CTX_free(ctx);
|
||||
+ ossock->ossl_ctx = NULL;
|
||||
return status;
|
||||
} else {
|
||||
PJ_LOG(4,(ssock->pool->obj_name,
|
||||
"Certificate chain loaded from buffer"));
|
||||
}
|
||||
X509_free(xcert);
|
||||
}
|
||||
BIO_free(cbio);
|
||||
}
|
||||
}
|
||||
@@ -1335,20 +1339,21 @@ static pj_status_t init_ossl_ctx(pj_ssl_sock_t *ssock)
|
||||
cert);
|
||||
if (pkey) {
|
||||
rc = SSL_CTX_use_PrivateKey(ctx, pkey);
|
||||
if (rc != 1) {
|
||||
status = GET_SSL_STATUS(ssock);
|
||||
PJ_PERROR(1,(ssock->pool->obj_name, status,
|
||||
"Error adding private key from buffer"));
|
||||
EVP_PKEY_free(pkey);
|
||||
BIO_free(kbio);
|
||||
SSL_CTX_free(ctx);
|
||||
+ ossock->ossl_ctx = NULL;
|
||||
return status;
|
||||
} else {
|
||||
PJ_LOG(4,(ssock->pool->obj_name,
|
||||
"Private key loaded from buffer"));
|
||||
}
|
||||
EVP_PKEY_free(pkey);
|
||||
} else {
|
||||
PJ_LOG(1,(ssock->pool->obj_name,
|
||||
"Error reading private key from buffer"));
|
||||
}
|
||||
--
|
||||
2.41.0
|
||||
|
||||
44
third-party/pjproject/patches/0251-free-SSL-context-and-reset-context-pointer-when-sett.patch
vendored
Normal file
44
third-party/pjproject/patches/0251-free-SSL-context-and-reset-context-pointer-when-sett.patch
vendored
Normal file
@@ -0,0 +1,44 @@
|
||||
From 0fb32cd4c0b2f83c1f98b9dd46da713d9a433a93 Mon Sep 17 00:00:00 2001
|
||||
From: Andreas Wehrmann <andreas-wehrmann@users.noreply.github.com>
|
||||
Date: Tue, 27 Sep 2022 10:09:03 +0200
|
||||
Subject: [PATCH] free SSL context and reset context pointer when setting the
|
||||
cipher list fails; this is a followup of issue #3069 (#3245)
|
||||
|
||||
---
|
||||
pjlib/src/pj/ssl_sock_ossl.c | 5 ++++-
|
||||
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
index c24472fec..554324305 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_ossl.c
|
||||
+++ b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
@@ -1214,22 +1214,25 @@ static pj_status_t init_ossl_ctx(pj_ssl_sock_t *ssock)
|
||||
PJ_LOG(1, (THIS_FILE, "Warning! Unable to set server session id "
|
||||
"context. Session reuse will not work."));
|
||||
}
|
||||
}
|
||||
|
||||
if (ssl_opt)
|
||||
SSL_CTX_set_options(ctx, ssl_opt);
|
||||
|
||||
/* Set cipher list */
|
||||
status = set_cipher_list(ssock);
|
||||
- if (status != PJ_SUCCESS)
|
||||
+ if (status != PJ_SUCCESS) {
|
||||
+ SSL_CTX_free(ctx);
|
||||
+ ossock->ossl_ctx = NULL;
|
||||
return status;
|
||||
+ }
|
||||
|
||||
/* Apply credentials */
|
||||
if (cert) {
|
||||
/* Load CA list if one is specified. */
|
||||
if (cert->CA_file.slen || cert->CA_path.slen) {
|
||||
|
||||
rc = SSL_CTX_load_verify_locations(
|
||||
ctx,
|
||||
cert->CA_file.slen == 0 ? NULL : cert->CA_file.ptr,
|
||||
cert->CA_path.slen == 0 ? NULL : cert->CA_path.ptr);
|
||||
--
|
||||
2.41.0
|
||||
|
||||
203
third-party/pjproject/patches/0300-Merge-pull-request-from-GHSA-9pfh-r8x4-w26w.patch
vendored
Normal file
203
third-party/pjproject/patches/0300-Merge-pull-request-from-GHSA-9pfh-r8x4-w26w.patch
vendored
Normal file
@@ -0,0 +1,203 @@
|
||||
From 3ba8f3c0188fa05bb62d8bc9176ca7c7db79f8c0 Mon Sep 17 00:00:00 2001
|
||||
From: Nanang Izzuddin <nanang@teluu.com>
|
||||
Date: Tue, 20 Dec 2022 11:39:12 +0700
|
||||
Subject: [PATCH 300/303] Merge pull request from GHSA-9pfh-r8x4-w26w
|
||||
|
||||
* Fix buffer overread in STUN message decoder
|
||||
|
||||
* Updates based on comments
|
||||
---
|
||||
pjnath/include/pjnath/stun_msg.h | 4 ++++
|
||||
pjnath/src/pjnath/stun_msg.c | 32 ++++++++++++++++++++------------
|
||||
2 files changed, 24 insertions(+), 12 deletions(-)
|
||||
|
||||
diff --git a/pjnath/include/pjnath/stun_msg.h b/pjnath/include/pjnath/stun_msg.h
|
||||
index 6b5fc0f21..e8f52db3c 100644
|
||||
--- a/pjnath/include/pjnath/stun_msg.h
|
||||
+++ b/pjnath/include/pjnath/stun_msg.h
|
||||
@@ -436,20 +436,21 @@ typedef enum pj_stun_status
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
|
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
Transaction ID
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
|
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
|
||||
\endverbatim
|
||||
*/
|
||||
+#pragma pack(1)
|
||||
typedef struct pj_stun_msg_hdr
|
||||
{
|
||||
/**
|
||||
* STUN message type, which the first two bits must be zeroes.
|
||||
*/
|
||||
pj_uint16_t type;
|
||||
|
||||
/**
|
||||
* The message length is the size, in bytes, of the message not
|
||||
* including the 20 byte STUN header.
|
||||
@@ -467,53 +468,56 @@ typedef struct pj_stun_msg_hdr
|
||||
* The transaction ID is a 96 bit identifier. STUN transactions are
|
||||
* identified by their unique 96-bit transaction ID. For request/
|
||||
* response transactions, the transaction ID is chosen by the STUN
|
||||
* client and MUST be unique for each new STUN transaction generated by
|
||||
* that STUN client. The transaction ID MUST be uniformly and randomly
|
||||
* distributed between 0 and 2**96 - 1.
|
||||
*/
|
||||
pj_uint8_t tsx_id[12];
|
||||
|
||||
} pj_stun_msg_hdr;
|
||||
+#pragma pack()
|
||||
|
||||
|
||||
/**
|
||||
* This structre describes STUN attribute header. Each attribute is
|
||||
* TLV encoded, with a 16 bit type, 16 bit length, and variable value.
|
||||
* Each STUN attribute ends on a 32 bit boundary:
|
||||
*
|
||||
* \verbatim
|
||||
|
||||
0 1 2 3
|
||||
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
| Type | Length |
|
||||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
||||
|
||||
\endverbatim
|
||||
*/
|
||||
+#pragma pack(1)
|
||||
typedef struct pj_stun_attr_hdr
|
||||
{
|
||||
/**
|
||||
* STUN attribute type.
|
||||
*/
|
||||
pj_uint16_t type;
|
||||
|
||||
/**
|
||||
* The Length refers to the length of the actual useful content of the
|
||||
* Value portion of the attribute, measured in bytes. The value
|
||||
* in the Length field refers to the length of the Value part of the
|
||||
* attribute prior to padding - i.e., the useful content.
|
||||
*/
|
||||
pj_uint16_t length;
|
||||
|
||||
} pj_stun_attr_hdr;
|
||||
+#pragma pack()
|
||||
|
||||
|
||||
/**
|
||||
* This structure describes STUN generic IP address attribute, used for
|
||||
* example to represent STUN MAPPED-ADDRESS attribute.
|
||||
*
|
||||
* The generic IP address attribute indicates the transport address.
|
||||
* It consists of an eight bit address family, and a sixteen bit port,
|
||||
* followed by a fixed length value representing the IP address. If the
|
||||
* address family is IPv4, the address is 32 bits, in network byte
|
||||
diff --git a/pjnath/src/pjnath/stun_msg.c b/pjnath/src/pjnath/stun_msg.c
|
||||
index bd83351e6..fd15230bc 100644
|
||||
--- a/pjnath/src/pjnath/stun_msg.c
|
||||
+++ b/pjnath/src/pjnath/stun_msg.c
|
||||
@@ -739,22 +739,22 @@ PJ_DEF(int) pj_stun_set_padding_char(int chr)
|
||||
int old_pad = padding_char;
|
||||
padding_char = chr;
|
||||
return old_pad;
|
||||
}
|
||||
|
||||
|
||||
//////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
|
||||
#define INIT_ATTR(a,t,l) (a)->hdr.type=(pj_uint16_t)(t), \
|
||||
- (a)->hdr.length=(pj_uint16_t)(l)
|
||||
-#define ATTR_HDR_LEN 4
|
||||
+ (a)->hdr.length=(pj_uint16_t)(l)
|
||||
+#define ATTR_HDR_LEN sizeof(pj_stun_attr_hdr)
|
||||
|
||||
static pj_uint16_t GETVAL16H(const pj_uint8_t *buf, unsigned pos)
|
||||
{
|
||||
return (pj_uint16_t) ((buf[pos + 0] << 8) | \
|
||||
(buf[pos + 1] << 0));
|
||||
}
|
||||
|
||||
/*unused PJ_INLINE(pj_uint16_t) GETVAL16N(const pj_uint8_t *buf, unsigned pos)
|
||||
{
|
||||
return pj_htons(GETVAL16H(buf,pos));
|
||||
@@ -2318,56 +2318,64 @@ PJ_DEF(pj_status_t) pj_stun_msg_decode(pj_pool_t *pool,
|
||||
PJ_ASSERT_RETURN(pool && pdu && pdu_len && p_msg, PJ_EINVAL);
|
||||
PJ_ASSERT_RETURN(sizeof(pj_stun_msg_hdr) == 20, PJ_EBUG);
|
||||
|
||||
if (p_parsed_len)
|
||||
*p_parsed_len = 0;
|
||||
if (p_response)
|
||||
*p_response = NULL;
|
||||
|
||||
/* Check if this is a STUN message, if necessary */
|
||||
if (options & PJ_STUN_CHECK_PACKET) {
|
||||
- status = pj_stun_msg_check(pdu, pdu_len, options);
|
||||
- if (status != PJ_SUCCESS)
|
||||
- return status;
|
||||
+ status = pj_stun_msg_check(pdu, pdu_len, options);
|
||||
+ if (status != PJ_SUCCESS)
|
||||
+ return status;
|
||||
+ } else {
|
||||
+ /* For safety, verify packet length at least */
|
||||
+ pj_uint32_t msg_len = GETVAL16H(pdu, 2) + 20;
|
||||
+ if (msg_len > pdu_len ||
|
||||
+ ((options & PJ_STUN_IS_DATAGRAM) && msg_len != pdu_len))
|
||||
+ {
|
||||
+ return PJNATH_EINSTUNMSGLEN;
|
||||
+ }
|
||||
}
|
||||
|
||||
/* Create the message, copy the header, and convert to host byte order */
|
||||
msg = PJ_POOL_ZALLOC_T(pool, pj_stun_msg);
|
||||
pj_memcpy(&msg->hdr, pdu, sizeof(pj_stun_msg_hdr));
|
||||
msg->hdr.type = pj_ntohs(msg->hdr.type);
|
||||
msg->hdr.length = pj_ntohs(msg->hdr.length);
|
||||
msg->hdr.magic = pj_ntohl(msg->hdr.magic);
|
||||
|
||||
pdu += sizeof(pj_stun_msg_hdr);
|
||||
/* pdu_len -= sizeof(pj_stun_msg_hdr); */
|
||||
pdu_len = msg->hdr.length;
|
||||
|
||||
/* No need to create response if this is not a request */
|
||||
if (!PJ_STUN_IS_REQUEST(msg->hdr.type))
|
||||
p_response = NULL;
|
||||
|
||||
/* Parse attributes */
|
||||
- while (pdu_len >= 4) {
|
||||
- unsigned attr_type, attr_val_len;
|
||||
- const struct attr_desc *adesc;
|
||||
+ while (pdu_len >= ATTR_HDR_LEN) {
|
||||
+ unsigned attr_type, attr_val_len;
|
||||
+ const struct attr_desc *adesc;
|
||||
|
||||
/* Get attribute type and length. If length is not aligned
|
||||
* to 4 bytes boundary, add padding.
|
||||
*/
|
||||
attr_type = GETVAL16H(pdu, 0);
|
||||
attr_val_len = GETVAL16H(pdu, 2);
|
||||
attr_val_len = (attr_val_len + 3) & (~3);
|
||||
|
||||
- /* Check length */
|
||||
- if (pdu_len < attr_val_len) {
|
||||
- pj_str_t err_msg;
|
||||
- char err_msg_buf[80];
|
||||
+ /* Check length */
|
||||
+ if (pdu_len < attr_val_len + ATTR_HDR_LEN) {
|
||||
+ pj_str_t err_msg;
|
||||
+ char err_msg_buf[80];
|
||||
|
||||
err_msg.ptr = err_msg_buf;
|
||||
err_msg.slen = pj_ansi_snprintf(err_msg_buf, sizeof(err_msg_buf),
|
||||
"Attribute %s has invalid length",
|
||||
pj_stun_get_attr_name(attr_type));
|
||||
|
||||
PJ_LOG(4,(THIS_FILE, "Error decoding message: %.*s",
|
||||
(int)err_msg.slen, err_msg.ptr));
|
||||
|
||||
if (p_response) {
|
||||
--
|
||||
2.41.0
|
||||
|
||||
81
third-party/pjproject/patches/0301-Merge-pull-request-from-GHSA-cxwq-5g9x-x7fr.patch
vendored
Normal file
81
third-party/pjproject/patches/0301-Merge-pull-request-from-GHSA-cxwq-5g9x-x7fr.patch
vendored
Normal file
@@ -0,0 +1,81 @@
|
||||
From 02d2273f085943b7d8daf7814d9b316216cae26b Mon Sep 17 00:00:00 2001
|
||||
From: sauwming <ming@teluu.com>
|
||||
Date: Fri, 23 Dec 2022 15:05:28 +0800
|
||||
Subject: [PATCH 301/303] Merge pull request from GHSA-cxwq-5g9x-x7fr
|
||||
|
||||
* Fixed heap buffer overflow when parsing STUN errcode attribute
|
||||
|
||||
* Also fixed uint parsing
|
||||
---
|
||||
pjnath/src/pjnath/stun_msg.c | 11 ++++++-----
|
||||
1 file changed, 6 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/pjnath/src/pjnath/stun_msg.c b/pjnath/src/pjnath/stun_msg.c
|
||||
index fd15230bc..d3aaae5bf 100644
|
||||
--- a/pjnath/src/pjnath/stun_msg.c
|
||||
+++ b/pjnath/src/pjnath/stun_msg.c
|
||||
@@ -1432,26 +1432,26 @@ static pj_status_t decode_uint_attr(pj_pool_t *pool,
|
||||
void **p_attr)
|
||||
{
|
||||
pj_stun_uint_attr *attr;
|
||||
|
||||
PJ_UNUSED_ARG(msghdr);
|
||||
|
||||
/* Create the attribute */
|
||||
attr = PJ_POOL_ZALLOC_T(pool, pj_stun_uint_attr);
|
||||
GETATTRHDR(buf, &attr->hdr);
|
||||
|
||||
- attr->value = GETVAL32H(buf, 4);
|
||||
-
|
||||
/* Check that the attribute length is valid */
|
||||
if (attr->hdr.length != 4)
|
||||
return PJNATH_ESTUNINATTRLEN;
|
||||
|
||||
+ attr->value = GETVAL32H(buf, 4);
|
||||
+
|
||||
/* Done */
|
||||
*p_attr = attr;
|
||||
|
||||
return PJ_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
static pj_status_t encode_uint_attr(const void *a, pj_uint8_t *buf,
|
||||
unsigned len,
|
||||
const pj_stun_msg_hdr *msghdr,
|
||||
@@ -1751,28 +1751,29 @@ static pj_status_t decode_errcode_attr(pj_pool_t *pool,
|
||||
{
|
||||
pj_stun_errcode_attr *attr;
|
||||
pj_str_t value;
|
||||
|
||||
PJ_UNUSED_ARG(msghdr);
|
||||
|
||||
/* Create the attribute */
|
||||
attr = PJ_POOL_ZALLOC_T(pool, pj_stun_errcode_attr);
|
||||
GETATTRHDR(buf, &attr->hdr);
|
||||
|
||||
+ /* Check that the attribute length is valid */
|
||||
+ if (attr->hdr.length < 4)
|
||||
+ return PJNATH_ESTUNINATTRLEN;
|
||||
+
|
||||
attr->err_code = buf[6] * 100 + buf[7];
|
||||
|
||||
/* Get pointer to the string in the message */
|
||||
value.ptr = ((char*)buf + ATTR_HDR_LEN + 4);
|
||||
value.slen = attr->hdr.length - 4;
|
||||
- /* Make sure the length is never negative */
|
||||
- if (value.slen < 0)
|
||||
- value.slen = 0;
|
||||
|
||||
/* Copy the string to the attribute */
|
||||
pj_strdup(pool, &attr->reason, &value);
|
||||
|
||||
/* Done */
|
||||
*p_attr = attr;
|
||||
|
||||
return PJ_SUCCESS;
|
||||
}
|
||||
|
||||
--
|
||||
2.41.0
|
||||
|
||||
166
third-party/pjproject/patches/0302-Locking-fix-so-that-SSL_shutdown-and-SSL_write-are-n.patch
vendored
Normal file
166
third-party/pjproject/patches/0302-Locking-fix-so-that-SSL_shutdown-and-SSL_write-are-n.patch
vendored
Normal file
@@ -0,0 +1,166 @@
|
||||
From 0a3af5f1a0f64fd30f35338b8328391283d88ecb Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Fredrickson <mfredrickson@fluentstream.com>
|
||||
Date: Tue, 30 May 2023 04:33:05 -0500
|
||||
Subject: [PATCH 302/303] Locking fix so that SSL_shutdown and SSL_write are
|
||||
not called at same time (#3583)
|
||||
|
||||
---
|
||||
pjlib/src/pj/ssl_sock_ossl.c | 82 ++++++++++++++++++++++--------------
|
||||
1 file changed, 51 insertions(+), 31 deletions(-)
|
||||
|
||||
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
index ed441e3e2..5c8e67b76 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_ossl.c
|
||||
+++ b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
@@ -1627,44 +1627,58 @@ static void ssl_destroy(pj_ssl_sock_t *ssock)
|
||||
/* Potentially shutdown OpenSSL library if this is the last
|
||||
* context exists.
|
||||
*/
|
||||
shutdown_openssl();
|
||||
}
|
||||
|
||||
|
||||
/* Reset SSL socket state */
|
||||
static void ssl_reset_sock_state(pj_ssl_sock_t *ssock)
|
||||
{
|
||||
+ int post_unlock_flush_circ_buf = 0;
|
||||
+
|
||||
ossl_sock_t *ossock = (ossl_sock_t *)ssock;
|
||||
|
||||
+ /* Must lock around SSL calls, particularly SSL_shutdown
|
||||
+ * as it can modify the write BIOs and destructively
|
||||
+ * interfere with any ssl_write() calls in progress
|
||||
+ * above in a multithreaded environment */
|
||||
+ pj_lock_acquire(ssock->write_mutex);
|
||||
+
|
||||
/* Detach from SSL instance */
|
||||
if (ossock->ossl_ssl) {
|
||||
SSL_set_ex_data(ossock->ossl_ssl, sslsock_idx, NULL);
|
||||
}
|
||||
|
||||
/**
|
||||
* Avoid calling SSL_shutdown() if handshake wasn't completed.
|
||||
* OpenSSL 1.0.2f complains if SSL_shutdown() is called during an
|
||||
* SSL handshake, while previous versions always return 0.
|
||||
*/
|
||||
if (ossock->ossl_ssl && SSL_in_init(ossock->ossl_ssl) == 0) {
|
||||
- int ret = SSL_shutdown(ossock->ossl_ssl);
|
||||
- if (ret == 0) {
|
||||
- /* Flush data to send close notify. */
|
||||
- flush_circ_buf_output(ssock, &ssock->shutdown_op_key, 0, 0);
|
||||
- }
|
||||
+ int ret = SSL_shutdown(ossock->ossl_ssl);
|
||||
+ if (ret == 0) {
|
||||
+ /* SSL_shutdown will potentially trigger a bunch of
|
||||
+ * data to dump to the socket */
|
||||
+ post_unlock_flush_circ_buf = 1;
|
||||
+ }
|
||||
}
|
||||
|
||||
- pj_lock_acquire(ssock->write_mutex);
|
||||
ssock->ssl_state = SSL_STATE_NULL;
|
||||
+
|
||||
pj_lock_release(ssock->write_mutex);
|
||||
|
||||
+ if (post_unlock_flush_circ_buf) {
|
||||
+ /* Flush data to send close notify. */
|
||||
+ flush_circ_buf_output(ssock, &ssock->shutdown_op_key, 0, 0);
|
||||
+ }
|
||||
+
|
||||
ssl_close_sockets(ssock);
|
||||
|
||||
/* Upon error, OpenSSL may leave any error description in the thread
|
||||
* error queue, which sometime may cause next call to SSL API returning
|
||||
* false error alarm, e.g: in Linux, SSL_CTX_use_certificate_chain_file()
|
||||
* returning false error after a handshake error (in different SSL_CTX!).
|
||||
* For now, just clear thread error queue here.
|
||||
*/
|
||||
ERR_clear_error();
|
||||
}
|
||||
@@ -2330,52 +2344,58 @@ static pj_status_t ssl_read(pj_ssl_sock_t *ssock, void *data, int *size)
|
||||
{
|
||||
ossl_sock_t *ossock = (ossl_sock_t *)ssock;
|
||||
int size_ = *size;
|
||||
int len = size_;
|
||||
|
||||
/* SSL_read() may write some data to write buffer when re-negotiation
|
||||
* is on progress, so let's protect it with write mutex.
|
||||
*/
|
||||
pj_lock_acquire(ssock->write_mutex);
|
||||
*size = size_ = SSL_read(ossock->ossl_ssl, data, size_);
|
||||
- pj_lock_release(ssock->write_mutex);
|
||||
|
||||
if (size_ <= 0) {
|
||||
pj_status_t status;
|
||||
int err = SSL_get_error(ossock->ossl_ssl, size_);
|
||||
|
||||
- /* SSL might just return SSL_ERROR_WANT_READ in
|
||||
- * re-negotiation.
|
||||
- */
|
||||
- if (err != SSL_ERROR_NONE && err != SSL_ERROR_WANT_READ) {
|
||||
- if (err == SSL_ERROR_SYSCALL && size_ == -1 &&
|
||||
- ERR_peek_error() == 0 && errno == 0)
|
||||
- {
|
||||
- status = STATUS_FROM_SSL_ERR2("Read", ssock, size_,
|
||||
- err, len);
|
||||
- PJ_LOG(4,("SSL", "SSL_read() = -1, with "
|
||||
- "SSL_ERROR_SYSCALL, no SSL error, "
|
||||
- "and errno = 0 - skip BIO error"));
|
||||
- /* Ignore these errors */
|
||||
- } else {
|
||||
- /* Reset SSL socket state, then return PJ_FALSE */
|
||||
- status = STATUS_FROM_SSL_ERR2("Read", ssock, size_,
|
||||
- err, len);
|
||||
- ssl_reset_sock_state(ssock);
|
||||
- return status;
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- /* Need renegotiation */
|
||||
- return PJ_EEOF;
|
||||
+ /* SSL might just return SSL_ERROR_WANT_READ in
|
||||
+ * re-negotiation.
|
||||
+ */
|
||||
+ if (err != SSL_ERROR_NONE && err != SSL_ERROR_WANT_READ) {
|
||||
+ if (err == SSL_ERROR_SYSCALL && size_ == -1 &&
|
||||
+ ERR_peek_error() == 0 && errno == 0)
|
||||
+ {
|
||||
+ status = STATUS_FROM_SSL_ERR2("Read", ssock, size_,
|
||||
+ err, len);
|
||||
+ PJ_LOG(4,("SSL", "SSL_read() = -1, with "
|
||||
+ "SSL_ERROR_SYSCALL, no SSL error, "
|
||||
+ "and errno = 0 - skip BIO error"));
|
||||
+ /* Ignore these errors */
|
||||
+ } else {
|
||||
+ /* Reset SSL socket state, then return PJ_FALSE */
|
||||
+ status = STATUS_FROM_SSL_ERR2("Read", ssock, size_,
|
||||
+ err, len);
|
||||
+ pj_lock_release(ssock->write_mutex);
|
||||
+ /* Unfortunately we can't hold the lock here to reset all the state.
|
||||
+ * We probably should though.
|
||||
+ */
|
||||
+ ssl_reset_sock_state(ssock);
|
||||
+ return status;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ pj_lock_release(ssock->write_mutex);
|
||||
+ /* Need renegotiation */
|
||||
+ return PJ_EEOF;
|
||||
}
|
||||
|
||||
+ pj_lock_release(ssock->write_mutex);
|
||||
+
|
||||
return PJ_SUCCESS;
|
||||
}
|
||||
|
||||
|
||||
/* Write plain data to SSL and flush write BIO. */
|
||||
static pj_status_t ssl_write(pj_ssl_sock_t *ssock, const void *data,
|
||||
pj_ssize_t size, int *nwritten)
|
||||
{
|
||||
ossl_sock_t *ossock = (ossl_sock_t *)ssock;
|
||||
pj_status_t status = PJ_SUCCESS;
|
||||
--
|
||||
2.41.0
|
||||
|
||||
123
third-party/pjproject/patches/0303-Don-t-call-SSL_shutdown-when-receiving-SSL_ERROR_SYS.patch
vendored
Normal file
123
third-party/pjproject/patches/0303-Don-t-call-SSL_shutdown-when-receiving-SSL_ERROR_SYS.patch
vendored
Normal file
@@ -0,0 +1,123 @@
|
||||
From 0f7267f220be79e21cf9f96efa01929285e9aa55 Mon Sep 17 00:00:00 2001
|
||||
From: Riza Sulistyo <trengginas@users.noreply.github.com>
|
||||
Date: Wed, 5 Jul 2023 10:38:21 +0700
|
||||
Subject: [PATCH 303/303] Don't call SSL_shutdown() when receiving
|
||||
SSL_ERROR_SYSCALL or SSL_ERROR_SSL (#3577)
|
||||
|
||||
---
|
||||
pjlib/src/pj/ssl_sock_imp_common.c | 1 +
|
||||
pjlib/src/pj/ssl_sock_imp_common.h | 13 +++++++------
|
||||
pjlib/src/pj/ssl_sock_ossl.c | 17 ++++++++++++-----
|
||||
3 files changed, 20 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/pjlib/src/pj/ssl_sock_imp_common.c b/pjlib/src/pj/ssl_sock_imp_common.c
|
||||
index ae2f1136e..c825676c3 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_imp_common.c
|
||||
+++ b/pjlib/src/pj/ssl_sock_imp_common.c
|
||||
@@ -237,20 +237,21 @@ static void ssl_close_sockets(pj_ssl_sock_t *ssock)
|
||||
#endif
|
||||
|
||||
/* When handshake completed:
|
||||
* - notify application
|
||||
* - if handshake failed, reset SSL state
|
||||
* - return PJ_FALSE when SSL socket instance is destroyed by application.
|
||||
*/
|
||||
static pj_bool_t on_handshake_complete(pj_ssl_sock_t *ssock,
|
||||
pj_status_t status)
|
||||
{
|
||||
+ ssock->handshake_status = status;
|
||||
/* Cancel handshake timer */
|
||||
if (ssock->timer.id == TIMER_HANDSHAKE_TIMEOUT) {
|
||||
pj_timer_heap_cancel(ssock->param.timer_heap, &ssock->timer);
|
||||
ssock->timer.id = TIMER_NONE;
|
||||
}
|
||||
|
||||
/* Update certificates info on successful handshake */
|
||||
if (status == PJ_SUCCESS)
|
||||
ssl_update_certs_info(ssock);
|
||||
|
||||
diff --git a/pjlib/src/pj/ssl_sock_imp_common.h b/pjlib/src/pj/ssl_sock_imp_common.h
|
||||
index cba28dbd3..8a63faa90 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_imp_common.h
|
||||
+++ b/pjlib/src/pj/ssl_sock_imp_common.h
|
||||
@@ -99,26 +99,27 @@ struct pj_ssl_sock_t
|
||||
* information allocation. Don't use for
|
||||
* other purposes. */
|
||||
pj_ssl_sock_t *parent;
|
||||
pj_ssl_sock_param param;
|
||||
pj_ssl_sock_param newsock_param;
|
||||
pj_ssl_cert_t *cert;
|
||||
|
||||
pj_ssl_cert_info local_cert_info;
|
||||
pj_ssl_cert_info remote_cert_info;
|
||||
|
||||
- pj_bool_t is_server;
|
||||
- enum ssl_state ssl_state;
|
||||
- pj_ioqueue_op_key_t handshake_op_key;
|
||||
- pj_ioqueue_op_key_t shutdown_op_key;
|
||||
- pj_timer_entry timer;
|
||||
- pj_status_t verify_status;
|
||||
+ pj_bool_t is_server;
|
||||
+ enum ssl_state ssl_state;
|
||||
+ pj_ioqueue_op_key_t handshake_op_key;
|
||||
+ pj_ioqueue_op_key_t shutdown_op_key;
|
||||
+ pj_timer_entry timer;
|
||||
+ pj_status_t verify_status;
|
||||
+ pj_status_t handshake_status;
|
||||
|
||||
pj_bool_t is_closing;
|
||||
unsigned long last_err;
|
||||
|
||||
pj_sock_t sock;
|
||||
pj_activesock_t *asock;
|
||||
|
||||
pj_sockaddr local_addr;
|
||||
pj_sockaddr rem_addr;
|
||||
int addr_len;
|
||||
diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
index 5c8e67b76..8a717e362 100644
|
||||
--- a/pjlib/src/pj/ssl_sock_ossl.c
|
||||
+++ b/pjlib/src/pj/ssl_sock_ossl.c
|
||||
@@ -1646,27 +1646,34 @@ static void ssl_reset_sock_state(pj_ssl_sock_t *ssock)
|
||||
|
||||
/* Detach from SSL instance */
|
||||
if (ossock->ossl_ssl) {
|
||||
SSL_set_ex_data(ossock->ossl_ssl, sslsock_idx, NULL);
|
||||
}
|
||||
|
||||
/**
|
||||
* Avoid calling SSL_shutdown() if handshake wasn't completed.
|
||||
* OpenSSL 1.0.2f complains if SSL_shutdown() is called during an
|
||||
* SSL handshake, while previous versions always return 0.
|
||||
+ * Call SSL_shutdown() when there is a timeout handshake failure or
|
||||
+ * the last error is not SSL_ERROR_SYSCALL and not SSL_ERROR_SSL.
|
||||
*/
|
||||
if (ossock->ossl_ssl && SSL_in_init(ossock->ossl_ssl) == 0) {
|
||||
- int ret = SSL_shutdown(ossock->ossl_ssl);
|
||||
- if (ret == 0) {
|
||||
- /* SSL_shutdown will potentially trigger a bunch of
|
||||
- * data to dump to the socket */
|
||||
- post_unlock_flush_circ_buf = 1;
|
||||
+ if (ssock->handshake_status == PJ_ETIMEDOUT ||
|
||||
+ (ssock->last_err != SSL_ERROR_SYSCALL &&
|
||||
+ ssock->last_err != SSL_ERROR_SSL))
|
||||
+ {
|
||||
+ int ret = SSL_shutdown(ossock->ossl_ssl);
|
||||
+ if (ret == 0) {
|
||||
+ /* SSL_shutdown will potentially trigger a bunch of
|
||||
+ * data to dump to the socket */
|
||||
+ post_unlock_flush_circ_buf = 1;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
ssock->ssl_state = SSL_STATE_NULL;
|
||||
|
||||
pj_lock_release(ssock->write_mutex);
|
||||
|
||||
if (post_unlock_flush_circ_buf) {
|
||||
/* Flush data to send close notify. */
|
||||
flush_circ_buf_output(ssock, &ssock->shutdown_op_key, 0, 0);
|
||||
--
|
||||
2.41.0
|
||||
|
||||
Reference in New Issue
Block a user