UpgradeNote: The safe_asterisk script now checks that, if it was run by the
root user, the /etc/asterisk/startup.d directory and all the files it contains
are owned by root. If the checks fail, safe_asterisk will exit with an error
and Asterisk will not be started. Additionally, the default logging
destination is now stderr instead of tty "9" which probably won't exist
in modern systems.
Resolves: #GHSA-v9q8-9j8m-5xwp
DeveloperNote: The 32-bit ast_options has no room left to accomodate new
options and so has been converted to an ast_flags64 structure. All internal
references to ast_options have been updated to use the 64-bit flag
manipulation macros. External module references to the 32-bit ast_options
should continue to work on little-endian systems because the
least-significant bytes of a 64 bit integer will be in the same location as a
32-bit integer. Because that's not the case on big-endian systems, we've
swapped the bytes in the flags manupulation macros on big-endian systems
so external modules should still work however you are encouraged to test.
This patch fixes an issue in the ODBC Realtime engine where Asterisk incorrectly
falls back to the next configured backend when the current one returns
SQL_NO_DATA (i.e., no record found).
This is a logical error and performance risk in multi-backend configurations.
Solution:
Introduced CONFIG_RT_NOT_FOUND ((void *)-1) as a special return marker.
ODBC Realtime backend now return CONFIG_RT_NOT_FOUND when no data is found.
Core engine stops iterating on this marker, avoiding unnecessary fallback.
Notes:
Other Realtime backends (PostgreSQL, LDAP, etc.) can be updated similarly.
This patch only covers ODBC.
Fixes: #1305
`ast_ari_channels_create` and `ast_ari_channels_dial` called the
`ast_channel_get_by_name` function with optional arguments. Since
8f1982c4d6, this function logs an error for empty channel names.
This commit adds checks for empty optional arguments that are used
to call `ast_channel_get_by_name` to prevent these error logs.
The already-deprecated "password" option for the AGENT function was
removed in commit d43b17a872 for
Asterisk 12, but the documentation for it wasn't removed then.
Resolves: #1321
Under certain circumstances the context/extens/prio are set in the ast_async_goto, for example action Redirect.
In the situation that action Redirect is broken by pbx_extension_helper this info is changed.
This will cause the current dialplan location to be executed twice.
In other words, the Redirect action does not take effect.
Resolves: #1315
Currently, the ast_tls_cert script is hardcoded to produce certificates
with a validity of 365 days, which is not generally desirable for self-
signed certificates. Make this parameter configurable.
Resolves: #1307
The CDR tenantid was being set in cdr_object_alloc from the channel->base
snapshot. Since this happens at channel creation before the dialplan is even
reached, calls to `CHANNEL(tenantid)=<something>` in the dialplan were being
ignored. Instead we now take tenantid from party_a when
cdr_object_create_public_records() is called which is after the call has
ended and all channel snapshots rebuilt. This is exactly how accountcode
and amaflags, which can also be set in tha dialplpan, are handled.
Resolves: #1259
When using the "D" option to output interleaved audio, the file extension
must be ".raw". That info wasn't being properly rendered in the markdown
and HTML on the documentation site. The XML was updated to move the
note in the option section to a warning in the description.
Resolves: #1269
Previously, we were only using # (ST) as a terminator, and not handling
A (STP), B (ST2P), or C (ST3P), which erroneously led to it being
treated as part of the dialed number. Parse any of these as the start
digit.
Resolves: #1301
In the WebSocket channel driver, the FLUSH_MEDIA command clears all frames from
the queue but does not reset the frame_queue_length counter.
As a result, the driver incorrectly thinks the queue is full after flushing,
which prevents new multimedia frames from being sent, especially after multiple
flush commands.
This fix sets frame_queue_length to 0 after flushing, ensuring the queue state
is consistent with its actual content.
Fixes: #1304
When the callback() API was invoked but no channel passed the test, callback
would return the last channel tested instead of NULL. It now correctly
returns NULL when no channel matches.
Resolves: #1288
When the RTP media source changes, such as after a blind transfer, the new source introduces a discontinuous timestamp. According to RFC 3550, Section 5.1, an RTP stream's timestamp for a given SSRC must increment monotonically and linearly.
To comply with the standard and avoid a large timestamp jump on the existing SSRC, a new SSRC is generated for the new media stream.
This change resolves known interoperability issues with certain SBCs (like Sonus/Ribbon) that stop forwarding media when they detect such a timestamp violation. This code uses the existing implementation from chan_sip.
Resolves: #927
* Created chan_websocket which can exchange media over both inbound and
outbound websockets which the driver will frame and time.
See http://s.asterisk.net/mow for more information.
* res_http_websocket: Made defines for max message size public and converted
a few nuisance verbose messages to debugs.
* main/channel.c: Changed an obsolete nuisance error to a debug.
* ARI channels: Updated externalMedia to include chan_websocket as a supported
transport.
UserNote: A new channel driver "chan_websocket" is now available. It can
exchange media over both inbound and outbound websockets and will both frame
and re-time the media it receives.
See http://s.asterisk.net/mow for more information.
UserNote: The ARI channels/externalMedia API now includes support for the
WebSocket transport provided by chan_websocket.
DEBUG_FD_LEAKS replaces calls to "open" and "close" with functions that keep
track of file descriptors, even when those calls are actually callbacks
defined in structures like ast_channelstorage_instance->open and don't touch
file descriptors. This causes compilation failures. Those callbacks
have been renamed to "open_instance" and "close_instance" respectively.
Resolves: #1287
This patch adjusts the read/write synchronization logic in audiohook_read_frame_both()
to better handle calls where participants use different codecs or sample sizes
(e.g., alaw vs G.722). The previous hard threshold of 2 * samples caused MixMonitor
recordings to break or stutter when frames were not aligned between both directions.
The new logic uses a more tolerant limit (1.5 * samples), which prevents audio tearing
without causing excessive buffer overruns. This fix specifically addresses issues
with MixMonitor when recording directly on a channel in a bridge using mixed codecs.
Reported-by: Michal Hajek <michal.hajek@daktela.com>
Resolves: #1276Resolves: #1279
Quote from an audio engineer NR9V:
There is a minor issue of a small amount of crossover distortion though as a result of `ast_slinear_saturated_multiply_float()` not rounding the float. This could result in some quiet but potentially audible distortion artifacts in lower volume parts of the signal. If you have for example a sign wave function with a max amplitude of just a few samples, all samples between -1 and 1 will be truncated to zero, resulting in the waveform no longer being a sine wave and in harmonic distortion.
Resolves: #1176
Under certain circumstances the context/extens/prio are set in the ast_async_goto, for example action Redirect.
In the situation that action Redirect is broken by GotoIf this info is changed.
that will causes confusion in dialplan execution.
Resolves: #1273
This relates to #829
This doesn't sully solve the Ops issue, but it solves the specific crash
there. Further PRs to follow.
In the specific crash the generator was still under construction when
moh was being stopped, which then proceeded to close the stream whilst
it was still in use.
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
The verification process will now load a full certificate chain retrieved
via the X5U URL instead of loading only the end user cert.
* Renamed crypto_load_cert_from_file() and crypto_load_cert_from_memory()
to crypto_load_cert_chain_from_file() and crypto_load_cert_chain_from_memory()
respectively.
* The two load functions now continue to load certs from the file or memory
PEMs and store them in a separate stack of untrusted certs specific to the
current verification context.
* crypto_is_cert_trusted() now uses the stack of untrusted certs that were
extracted from the PEM in addition to any untrusted certs that were passed
in from the configuration (and any CA certs passed in from the config of
course).
Resolves: #1272
UserNote: The STIR/SHAKEN verification process will now load a full
certificate chain retrieved via the X5U URL instead of loading only
the end user cert.
UserNote: A new STIR/SHAKEN verification option "ignore_sip_date_header" has
been added that when set to true, will cause the verification process to
not consider a missing or invalid SIP "Date" header to be a failure. This
will make the IAT the sole "truth" for Date in the verification process.
The option can be set in the "verification" and "profile" sections of
stir_shaken.conf.
Also fixed a bug in the port match logic.
Resolves: #1251Resolves: #1271
Add a function that can be used to retrieve info
about a previous recording, such as its duration.
This is being added as a function to avoid possibly
trampling on dialplan variables, and could be extended
to provide other information in the future.
Resolves: #548
UserNote: The RECORDING_INFO function can now be used
to retrieve the duration of a recording.
This fixes bugs in SMS messaging to SMS-capable analog phones that prevented app_sms.c from talking to phones using SMS protocol 2.
- Fix MORX message reception (from phone to Asterisk) in SMS protocol 2
- Fix MTTX message transmission (from Asterisk to phone) in SMS protocol 2
One of the bugs caused messages to have random characters and junk appended at the end up to the character limit. Another bug prevented Asterisk from sending messages from Asterisk to the phone at all. A final bug caused the transmission from Asterisk to the phone to take a long time because app_sms.c did not hang up after correctly sending the message, causing the phone to have to time out and hang up in order to complete the message transmission.
This was tested with a Linksys PAP2T and with a GrandStream HT814, sending and receiving messages with Telefónica DOMO Mensajes phones from Telefónica Spain. I had to play with both the network jitter buffer and the dB gain to get it to work. One of my phones required the gain to be set to +3dB for it to work, while another required it to be set to +6dB.
Only MORX and MTTX were tested, I did not test sending and receiving messages to a TelCo SMSC.
This update adds support for a new QUEUE_RAISE_PENALTY format: rN
When QUEUE_RAISE_PENALTY is set to rN (e.g., r4), only members whose current penalty
is greater than or equal to the defined min_penalty and less than or equal to max_penalty
will have their penalty raised to N.
Members with penalties outside the min/max range remain unchanged.
Example behaviors:
QUEUE_RAISE_PENALTY=4 → Raise all members with penalty < 4 (existing behavior)
QUEUE_RAISE_PENALTY=r4 → Raise only members with penalty in [min_penalty, max_penalty] to 4
Implementation details:
Adds parsing logic to detect the r prefix and sets the raise_respect_min flag
Modifies the raise logic to skip members outside the defined penalty range when the flag is active
UserNote: This change introduces QUEUE_RAISE_PENALTY=rN, allowing selective penalty raises
only for members whose current penalty is within the [min_penalty, max_penalty] range.
Members with lower or higher penalties are unaffected.
This behavior is backward-compatible with existing queue rule configurations.
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
UserNote: New cache_size option for res_odbc to on a per class basis limit the
number of cached connections. Please reference the sample configuration
for details.
This enables setting cache_type classes to a round-robin queueing system
rather than the historic stack mechanism.
This should result in lower risk of connection drops due to shorter idle
times (the first connection to go onto the stack could in theory never
be used again, ever, but sit there consuming resources, there could be
multiple of these).
And with a queue rather than a stack, dead connections are guaranteed to
be detected and purged eventually.
This should end up better balancing connection_cnt with actual load
over time, assuming the database doesn't keep connections open
excessively long from it's side.
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
UserNote: When using res_odbc it should be noted that back-end
connections to the underlying database can now be configured to re-use
the cached connections in a round-robin manner rather than repeatedly
re-using the same connection. This helps to keep connections alive, and
to purge dead connections from the system, thus more dynamically
adjusting to actual load. The downside is that one could keep too many
connections active for a longer time resulting in resource also begin
consumed on the database side.
Asterisk can now establish websocket sessions _to_ your ARI applications
as well as accepting websocket sessions _from_ them.
Full details: http://s.asterisk.net/ari-outbound-ws
Code change summary:
* Added an ast_vector_string_join() function,
* Added ApplicationRegistered and ApplicationUnregistered ARI events.
* Converted res/ari/config.c to use sorcery to process ari.conf.
* Added the "outbound-websocket" ARI config object.
* Refactored res/ari/ari_websockets.c to handle outbound websockets.
* Refactored res/ari/cli.c for the sorcery changeover.
* Updated res/res_stasis.c for the sorcery changeover.
* Updated apps/app_stasis.c to allow initiating per-call outbound websockets.
* Added CLI commands to manage ARI websockets.
* Added the new "outbound-websocket" object to ari.conf.sample.
* Moved the ARI XML documentation out of res_ari.c into res/ari/ari_doc.xml
UserNote: Asterisk can now establish websocket sessions _to_ your ARI applications
as well as accepting websocket sessions _from_ them.
Full details: http://s.asterisk.net/ari-outbound-ws
Since multiple Asterisk capabilities now need to create websocket clients
it makes sense to create a common set of utilities rather than making
each of those capabilities implement their own.
* A new configuration file "websocket_client.conf" is used to store common
client parameters in named configuration sections.
* APIs are provided to list and retrieve ast_websocket_client objects created
from the named configurations.
* An API is provided that accepts an ast_websocket_client object, connects
to the remote server with retries and returns an ast_websocket object. TLS is
supported as is basic authentication.
* An observer can be registered to receive notification of loaded or reloaded
client objects.
* An API is provided to compare an existing client object to one just
reloaded and return the fields that were changed. The caller can then decide
what action to take based on which fields changed.
Also as part of thie commit, several sorcery convenience macros were created
to make registering common object fields easier.
UserNote: A new module "res_websocket_client" and config file
"websocket_client.conf" have been added to support several upcoming new
capabilities that need common websocket client configuration.
UserNote: A new asterisk.conf option 'disable_remote_console_shell' has
been added that, when set, will prevent remote consoles from executing
shell commands using the '!' prefix.
Resolves: #GHSA-c7p6-7mvq-8jq2
Incoming SIP MESSAGEs will now have their From header's display name
sanitized by replacing any characters < 32 (space) with a space.
Resolves: #GHSA-2grh-7mhv-fcfw
The added retry mechanism addresses an issue that arises when fragmented TCP
packets are received, each containing only a portion of an AudioSocket packet.
This situation can occur if the external service sending the AudioSocket data
has Nagle's algorithm enabled.
This patch resolves a build failure in `menuselect_gtk.c` when running
`make menuconfig` on Fedora 42. The new version of GTK introduced stricter
type checking for callback signatures.
Changes include:
- Add wrapper functions to match the expected `void (*)(void)` signature.
- Update `menu_items` array to use these wrappers.
Fixes: #1243
Since Chrome 136, using Windows, when initiating a video call the INVITE SDP exceeds the maximum number of allowed attributes, resulting in the INVITE being rejected. This increases the attribute limit and the number of formats allowed when using bundled pjproject.
Fixes: #1240
We have a use-case where we generate a *lot* of events on the AMI, and
then when doing `manager show eventq` we would see some events which
would linger for hours or days in there. Obviously something was leaking.
Testing allowed us to track down this logic bug in the ref-counting on
the event purge.
Reproducing the bug was not super trivial, we managed to do it in a
production-like load testing environment with multiple AMI consumers.
The race condition itself:
1. something allocates and links `session`
2. `purge_sessions` iterates over that `session` (takes ref)
3. `purge_session` correctly de-referencess that session
4. `purge_session` re-evaluates the while() loop, taking a reference
5. `purge_session` exits (`n_max > 0` is false)
6. whatever allocated the `session` deallocates it, but a reference is
now lost since we exited the `while` loop before de-referencing.
7. since the destructor is never called, the session->last_ev->usecount
is never decremented, leading to events lingering in the queue
The impact of this bug does not seem major. The events are small and do
not seem, from our testing, to be causing meaningful additional CPU
usage. Mainly we wanted to fix this issue because we are internally
adding prometheus metrics to the eventq and those leaked events were
causing the metrics to show garbage data.
When a call is transfered via dialplan behind a NAT, the
host portion of the Contact header in the 302 will no longer
be over-written with the external NAT IP and will retain the
hostname.
Fixes: #1141
When a call is transfered via DTMF feature code, the Transfer Target and
Transferer are bridged immediately. This opens the possibilty of a race
condition between the creation of an INVITE and the bridge induced colp
update that can result in the set caller ID being over-written with the
transferer's default info.
Fixes: #1234
Full details: http://s.asterisk.net/dc679ec3
The previous proof-of-concept showed that the cpp_map_name_id alternate
storage backed performed better than all the others so this final PR
adds only that option. You still need to enable it in menuselect under
the "Alternate Channel Storage Backends" category.
To select which one is used at runtime, set the "channel_storage_backend"
option in asterisk.conf to one of the values described in
asterisk.conf.sample. The default remains "ao2_legacy".
UpgradeNote: With this release, you can now select an alternate channel
storage backend based on C++ Maps. Using the new backend may increase
performance and reduce the chances of deadlocks on heavily loaded systems.
For more information, see http://s.asterisk.net/dc679ec3
Adds support for Call Waiting Deluxe options to enhance
the current call waiting feature.
As part of this change, a mechanism is also added that
allows a channel driver to queue an audio file for Dial()
to play, which is necessary for the announcement function.
ASTERISK-30373 #close
Resolves: #271
UserNote: Call Waiting Deluxe can now be enabled for FXS channels
by enabling its corresponding option.
