Before Asterisk sends an HTTP response (at least in the case of errors),
it attempts to read & discard the content of the request. If the client
lies about the Content-Length, or the connection is closed from the
client side before "Content-Length" bytes are sent, the request handling
thread will busy loop.
ASTERISK-27807
Change-Id: I945c5fc888ed92be625b8c35039fc6d2aa89c762
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
ASTERISK-27818
Change-Id: Icb275a54ff8e2df6c671a6d9bda37b5d732b3b32
The functions acf_odbc_read/cli_odbc_read ignore a number of columns
returned by the SQLNumResultCols.
If the number of columns is zero it means no data.
In this case, a SQLFetch function has to be not called,
because it will cause an error.
ASTERISK-27888 #close
Change-Id: Ie0f7bdac6c405aa5bbd38932c7b831f90729ee19
chan_pjsip wasn't registering for "BEFORE_MEDIA" responses which meant
it was not updating HANGUPCAUSE for 4XX responses. If the remote end
sent a "180 Ringing", then a "486 Busy", the hangup cause was left at
"180 Normal Clearing".
* Removed chan_pjsip_incoming_response from the original session
supplement (which was handling only "AFTER MEDIA") and added it to a
new session supplement which accepts both "BEFORE_MEDIA" and
"AFTER_MEDIA".
* Also cleaned up some cleanup code in load module.
ASTERISK-27902
Change-Id: If9b860541887aca8ac2c9f2ed51ceb0550fb007a
Currentrly pjsip_options code does not handle the situation when the
AOR qualify options were changed.
Also there is no way to find out what qualify options are using.
This patch add CLI commands to show and synchronize Aor qualify options:
pjsip show qualify endpoint <id>
Show the current qualify options for all Aors on the PJSIP endpoint.
pjsip show qualify aor <id>
Show the PJSIP Aor current qualify options.
pjsip reload qualify endpoint <id>
Synchronize the qualify options for all Aors on the PJSIP endpoint.
pjsip reload qualify aor <id>
Synchronize the PJSIP Aor qualify options.
ASTERISK-27872
Change-Id: I1746d10ef2b7954f2293f2e606cdd7428068c38c
Currentrly pjsip_options code does not handle the situation when the
qualify options were changed in realtime database.
Only 'module reload res_pjsip' helps.
This patch add a check on contact add/update observers if the contact
qualify options are different than local aor qualify options.
If the qualify options were modified then synchronize
the pjsip_options AOR local state.
ASTERISK-27872
Change-Id: Id55210a18e62ed5d35a88e408d5fe84a3c513c62
ast_indicate is invoked with the bridge locked. As ast_indicate locks the
other end of the bridge as well this can lead to a deadlock in some situations.
(Especially when a different thread does the same in the reverse order).
This patch calls ast_indicate after unlocking the bridge which fixes the
deadlock. Calling ast_indicate with these parameters without locking the
bridge should be safe as this is done at different places without a
bridge lock.
ASTERISK-27094 #close
Reported-by: David Brillert
Change-Id: I5f86c1e2ce75b9929a36ab589b18c450e62ea35f
There was no real reason to limit the conteny type to text/plain other
than that's what it was limited to before. Now any text/* content
type will be allowed for channel drivers that don't support enhanced
messaging and any type will be allowed for channel drivers that do
support enhanced messaging.
Change-Id: I94a90cfee98b4bc8e22aa5c0b6afb7b862f979d9
When an AMI client connects, it cannot determine if a user was talking
prior to a transition in the user speaking state (which would generate
a ConfbridgeTalking event). This patch causes app_confbridge to track the
talking state and make this state available via ConfBridgeList.
ASTERISK-27877 #close
Change-Id: I19b5284f34966c3fda94f5b99a7e40e6b89767c6
The MeetmeJoin, MeetmeLeave, MeetmeEnd, MeetmeMute, MeetmeTalking, and
MeetmeTalkRequest AMI events were documented with sending out a Usernum
header when the User header was actually output.
* Change the online documentation to match reality.
ASTERISK-27873
ASTERISK-25261
Change-Id: I437bc70618d07c183c9624b7069c2fcae7f17a39
asterisk/tcptls.h was included (explicitly, implicitly, or transitively). Those
inclusions got replaced by forward declarations. As side effect, the inclusions
got completed.
ASTERISK-27878
Change-Id: I9d102728e30336d6522e5e4ae9e964013a0835f7
Additionally, this change allows auto-negotiation of the elliptic curve/group
for servers, not only with OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer.
This enables X25519 (since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a
side-effect.
ASTERISK-27876
Change-Id: I62c2aba4a630aefc231b71f646207e8c027d9497
The OUTPUTDIR variable in ast_debug_tools.conf.sample is now set
to "/tmp" instead of "/some/directory".
Variables set on the command line or that are already in the
environment now take predecence over variables set in the config files.
ASTERISK-27846
Reported by: Ted G
Change-Id: Ie8baec52d531886bf5849ec1d59bb59dc87ad387
Certain race conditions between changing bridge types and DTMF can
cause the current FLAG_NEED_MARKER_BIT to send the marker bit before
the actual first packet of native bridging.
This logic keeps track of the ssrc the bridge is currently sending
and will correctly ensure the marker bit is set if SSRC as changed
from the previous sent packet.
ASTERISK-27845
Change-Id: I01858bd0235f1e5e629e20de71b422b16f55759b
When RTP was originally created it had the ability to place a single
extension in an RTP packet. In practice people wanted to potentially
put multiple extensions in one and so RFC 5285 (obsoleted by RFC
8285) came into existence. This allows RTP extensions to be negotiated
with a unique identifier to be used in the RTP packet, allowing
multiple extensions to be present in the packet.
This change extends the RTP engine API to add support for this. A
user of it can enable extensions and the API provides the ability to
retrieve the information (to construct SDP for example) and to provide
negotiated information (from SDP). The end result is that the RTP
engine can then query to see if the extension has been negotiated and
what unique identifier is to be used. It is then up to the RTP engine
implementation to construct the packet appropriately.
The first extension to use this support is abs-send-time which is
defined in the REMB draft[1] and is a second timestamp placed in an
RTP packet which is for when the packet has left the sending system.
It is used to more accurately determine the available bandwidth.
ASTERISK-27831
[1] https://tools.ietf.org/html/draft-alvestrand-rmcat-remb-03
Change-Id: I508deac557867b1e27fc7339be890c8018171588
__ast_channel_alloc_ap() had a failure exit path that hadn't setup the fd
descriptors to -1 yet. The destructor would then attempt to close these
fd's that had never been opened.
Change-Id: Icf21093f36c60781e8cf6ee9d586536302af33e3
The config engine destroy_func callback function returns the number of
rows deleted or -1 on error. But the function
ast_destroy_realtime_fields treated non-zero return values as error.
ASTERISK-27863
Change-Id: Ied02b38e8196cb03043e609a0679feebd288d17b
This function originally was used in chan_sip to enable some simplifying
assumptions and eventually was copy and pasted into res_pjsip_logger and
res_hep. Since it's replicated in three places, it's probably best to
move it into the public netsock2 API for these modules to use.
Change-Id: Id52e23be885601c51d70259f62de1a5e59d38d04
