Fixes four misuses of the parameter 'name'. Additionally, for
consistency and to avoid such an issue in future, those few other
places, which used '\file name', were changed just to '\file'. Then,
Doxygen uses the name of the current file.
ASTERISK-29733
Change-Id: I0c18b4c863c6988b138c77448057349a9ee7052d
Add a function to check if there is an exact match a one string between
delimiters in another string.
Add a function that will create an ast_json object out of a list of
Asterisk variables. An excludes string can also optionally be passed
in.
Also, add a macro to make it easier to get object integers.
Change-Id: I5f34f18e102126aef3997f19a553a266d70d6226
The stir_shaken configuration option now has 4 different choices to pick
from: off, attest, verify, and on. Off and on behave the same way they
do now. Attest will only perform attestation on the endpoint, and verify
will only perform verification on the endpoint.
Certain responses are required to be sent based on certain conditions
for STIR/SHAKEN. For example, if we get a Date header that is outside of
the time range that is considered valid, a 403 Stale Date response
should be sent. This and several other responses have been added.
Change-Id: I4ac1ecf652cd0e336006b0ca638dc826b5b1ebf7
Add a new function that converts a speech results type to a string.
Also add another function to unregister an engine, but returns a
pointer to the unregistered engine object instead of a success/fail
integer.
Change-Id: I0f7de17cb411021c09fb03988bc2b904e1380192
OpenSSL is one of those packages that often have alternatives
with later versions. For instance, CentOS/EL 7 has an
openssl package at version 1.0.2 but there's an openssl11
package from the epel repository that has 1.1.1. This gets
installed to /usr/include/openssl11 and /usr/lib64/openssl11.
Unfortunately, the existing --with-ssl and --with-crypto
./configure options expect to point to a source tree and
don't work in this situation. Also unfortunately, the
checks in ./configure don't use pkg-config.
In order to make this work with the existing situation, you'd
have to run...
./configure --with-ssl=/usr/lib64/openssl11 \
--with-crypto=/usr/lib64/openssl11 \
CFLAGS=-I/usr/include/openssl11
BUT... those options don't get passed down to bundled pjproject
so when you run make, you have to include the CFLAGS again
which is a big pain.
Oh... To make matters worse, although you can specify
PJPROJECT_CONFIGURE_OPTS on the ./configure command line,
they don't get saved so if you do a make clean, which will
force a re-configure of bundled pjproject, those options
don't get used.
So...
* In configure.ac... Since pkg-config is installed by install_prereq
anyway, we now use it to check for the system openssl >= 1.1.0.
If that works, great. If not, we check for the openssl11
package. If that works, great. If not, we fall back to just
checking for any openssl. If pkg-config isn't installed for some
reason, or --with-ssl=<dir> or --with-crypto=<dir> were specified
on the ./configure command line, we fall back to the existing
logic that uses AST_EXT_LIB_CHECK().
* The whole OpenSSL check process has been moved up before
THIRD_PARTY_CONFIGURE(), which does the initial pjproject
bundled configure, is run. This way the results of the above
checks, which may result in new include or library directories,
is included.
* Although not strictly needed for openssl, We now save the value of
PJPROJECT_CONFIGURE_OPTS in the makeopts file so it can be used
again if a re-configure is triggered.
ASTERISK-29693
Change-Id: I341ab7603e6b156aa15a66f43675ac5029d5fbde
Discovered while looking at ASTERISK~29684. Usage was removed in change
I3c77c7b00b2ffa2e935632097fa057b9fdf480c0.
Change-Id: Iaf2f7a16ea5a7eee6375319347e4b40b8e7b10e3
In res_pjsip_sdp_rtp, the bind_rtp_to_media_address option and the
fallback use of the transport's bind address solve problems sending
media on systems that cannot send ipv4 packets on ipv6 sockets, and
certain other situations. This change extends both of these behaviors
to UDPTL sessions as well in res_pjsip_t38, to fix fax-specific
problems on these systems, introducing a new option
endpoint/t38_bind_udptl_to_media_address.
ASTERISK-29402
Change-Id: I87220c0e9cdd2fe9d156846cb906debe08c63557
The behavior of max_contacts and remove_existing are connected. If
remove_existing is enabled, the soonest expiring contacts are removed.
This may occur when there is an unavailable contact. Similarly,
when remove_existing is not enabled, registrations from good
endpoints are rejected in favor of retaining unavailable contacts.
This commit adds a new AOR option remove_unavailable, and the effect
of this setting will depend on remove_existing. If remove_existing
is set to no, we will still remove unavailable contacts when they
exceed max_contacts, if there are any. If remove_existing is set to
yes, we will prioritize the removal of unavailable contacts before
those that are expiring soonest.
ASTERISK-29525
Change-Id: Ia2711b08f2b4d1177411b1be23e970d7fdff5784
Adds the ability for users to log to custom log levels
by providing custom log level names in logger.conf. Also
adds a logger show levels CLI command.
ASTERISK-29529
Change-Id: If082703cf81a436ae5a565c75225fa8c0554b702
Adds parsing of ANI II digits (Originating
Line Information) to PJSIP, on par with
what currently exists in chan_sip.
ASTERISK-29472
Change-Id: Ifc938a7a7d45ce33999ebf3656a542226f6d3847
Up until now, all of the logic used to translate
arguments to the Say applications has been
directly coupled to playback, preventing other
modules from using this logic.
This refactors code in say.c and adds a SAYFILES
function that can be used to retrieve the file
names that would be played. These can then be
used in other applications or for other purposes.
Additionally, a SayMoney application and a SayOrdinal
application are added. Both SayOrdinal and SayNumber
are also expanded to support integers greater than
one billion.
ASTERISK-29531
Change-Id: If9718c89353b8e153d84add3cc4637b79585db19
dsp.c contains arbitrary tone detection functionality
which is currently only used for fax tone recognition.
This change makes this functionality publicly
accessible so that other modules can take advantage
of this.
Additionally, a WaitForTone and TONE_DETECT app and
function are included to allow users to do their
own tone detection operations in the dialplan.
ASTERISK-29546
Change-Id: Ie38c395000f4fd4d04e942e8658e177f8f499b26
IPv6 nameserver addresses are stored in different part of the
__res_state structure, so look there if we appear to have support for
it.
ASTERISK-28004 #close
Change-Id: I67067077d8a406ee996664518d9c8fbf11f6977d
Allows for the digit # to be read as a digit,
just like any other DTMF digit, as opposed to
forcing it to be used as an end of input
indicator. The default behavior remains
unchanged.
ASTERISK-18454 #close
Change-Id: I3033432adb9d296ad227e76b540b8b4a2417665b
Meter types are not well supported,
lacking support in telegraf, datadog and the official statsd servers.
We deprecate meters and provide a compliant fallback for any existing usages.
A flag has been introduced to allow meters to fallback to counters.
ASTERISK-29513
Change-Id: I5fcb385983a1b88f03696ff30a26b55c546a1dd7
When we try to play a list of sound files in the same Play command,
we get only one PlaybackFinish event, after all sounds are played.
But in the case where the Play fails (because channel is destroyed
for example), Asterisk will send one PlaybackFinish event for each
sound file still to be played. If the list is big, Asterisk is
sending many events.
This patch adds a failed state so we can understand that the play
failed. On that case we don't send the event, if we still have a
list of sounds to be played.
When we reach the last sound, we send the PlaybackFinish with
the failed state.
ASTERISK-29464 #close
Change-Id: I4c2e5921cc597702513af0d7c6c2c982e1798322
When using the Busy() and Congestion() applications the
function ast_safe_sleep is used by wait_for_hangup to safely
wait on the channel. This function may send silence if Asterisk
is configured to do so using the transmit_silence option.
In a scenario where an answered channel dials a Local channel
either directly or through call forwarding and the Busy()
or Congestion() dialplan applications were executed with the
transmit_silence option enabled the busy or congestion
tone would not be heard.
This is because inband generation of tones (such as busy
and congestion) is stopped when other audio is sent to
the channel they are being played to. In the given
scenario the transmit_silence option would result in
silence being sent to the channel, thus stopping the
inband generation.
This change adds a variant of ast_safe_sleep which can be
used when silence should not be played to the channel. The
wait_for_hangup function has been updated to use this
resulting in the tones being generated as expected.
ASTERISK-29485
Change-Id: I066bfc987a3ad6f0ccc88e0af4cd63f6a4729133
STIR/SHAKEN requires a Date header alongside the Identity header, so
that has been added. Still on the outgoing side, we were missing the
dest->tn section of the JSON payload, so that has been added as well.
Moving to the incoming side, URL checking has been added to the public
cert URL to ensure that it starts with http.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Idee5b1b5e45bc3b483b3070e46ce322dca5b3f1c
RFC7616 and RFC8760 allow more than one WWW-Authenticate or
Proxy-Authenticate header per realm, each with different digest
algorithms (including new ones like SHA-256 and SHA-512-256).
Thankfully however a UAS can NOT send back multiple Authenticate
headers for the same realm with the same digest algorithm. The
UAS is also supposed to send the headers in order of preference
with the first one being the most preferred. We're supposed to
send an Authorization header for the first one we encounter for a
realm that we can support.
The UAS can also send multiple realms, especially when it's a
proxy that has forked the request in which case the proxy will
aggregate all of the Authenticate headers and then send them all
back to the UAC.
It doesn't stop there though... Each realm can require a
different username from the others. There's also nothing
preventing each digest algorithm from having a unique password
although I'm not sure if that adds any benefit.
So now... For each Authenticate header we encounter, we have to
determine if we support the digest algorithm and, if not, just
skip the header. We then have to find an auth object that
matches the realm AND the digest algorithm or find a wildcard
object that matches the digest algorithm. If we find one, we add
it to the results vector and read the next Authenticate header.
If the next header is for the same realm AND we already added an
auth object for that realm, we skip the header. Otherwise we
repeat the process for the next header.
In the end, we'll have accumulated a list of credentials we can
pass to pjproject that it can use to add Authentication headers
to a request.
NOTE: Neither we nor pjproject can currently handle digest
algorithms other than MD5. We don't even have a place for it in
the ast_sip_auth object. For this reason, we just skip processing
any Authenticate header that's not MD5. When we support the
others, we'll move the check into the loop that searches the
objects.
Changes:
* Added a new API ast_sip_retrieve_auths_vector() that takes in
a vector of auth ids (usually supplied on a call to
ast_sip_create_request_with_auth()) and populates another
vector with the actual objects.
* Refactored res_pjsip_outbound_authenticator_digest to handle
multiple Authenticate headers and set the stage for handling
additional digest algorithms.
* Added a pjproject patch that allows them to ignore digest
algorithms they don't support. This patch has already been
merged upstream.
* Updated documentation for auth objects in the XML and
in pjsip.conf.sample.
* Although res_pjsip_authenticator_digest isn't affected
by this change, some debugging and a testsuite AMI event
was added to facilitate testing.
Discovered during OpenSIPit 2021.
ASTERISK-29397
Change-Id: I3aef5ce4fe1d27e48d61268520f284d15d650281
Although Asterisk can receive and propogate flash events, it currently
provides no mechanism for doing anything with them itself.
This AMI event allows flash events to be processed by Asterisk.
Additionally, AST_CONTROL_FLASH is included in a switch statement
in channel.c to avoid throwing a warning when we shouldn't.
ASTERISK-29380
Change-Id: Ie17ffe65086e0282c88542e38eed6a461ec79e81
STIR/SHAKEN encodes using base64 URL format. Currently, we just use
base64. New functions have been added that convert to and from base64
encoding.
The origid field should also be an UUID. This means there's no reason to
have it as an option in stir_shaken.conf, as we can simply generate one
when creating the Identity header.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Icf094a2a54e87db91d6b12244c9f5ba4fc2e0b8c
During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.
We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.
The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
Added a TIME_UNIT enumeration, and a function that converts a
string to one of the enumerated values. Also, added functions
that create and initialize a timeval object using a specified
value, and unit type.
Change-Id: Ic31a1c3262a44f77a5ef78bfc85dcf69a8d47392
The 'core' console (ie: asterisk -c) does read logger.conf and does
use the dateformat= option.
Whereas 'remote' consoles (ie: asterisk -r -T) does not read logger.conf
and uses a hard coded dateformat option for printing received verbose messages:
main/logger.c: static char dateformat[256] = "%b %e %T"
This change will load logger.conf for each remote console session and
use the dateformat= option to set the per-line timestamp for verbose messages
Change-Id: I3ea10990dbd920e9f7ce8ff771bc65aa7f4ea8c1
ASTERISK-25358: #close
Reported-by: Igor Liferenko
Because they modify their argument they are not pure functions and
should not be marked as such, otherwise the compiler may optimize
them away.
ASTERISK-29306 #close
Change-Id: Ibec03a08522dd39e8a137ece9bc6a3059dfaad5f
Some sorcery objects actually contain dynamic content
that can change despite the underlying configuration
itself not changing. A good example of this is the
res_pjsip_endpoint_identifier_ip module which allows
specifying hostnames. While the configuration may not
change between reloads the DNS information of the
hostnames can.
This change adds the ability for a sorcery object to be
marked as having dynamic contents which is then taken
into account when reloading by the sorcery file based
config module. If there is an object with dynamic content
then a reload will be forced while if there are none
then the existing behavior of not reloading occurs.
ASTERISK-29321
Change-Id: I9342dc55be46cc00204533c266a68d972760a0b1
This partially reverts commit 3d1bf3c537,
specifically for app.h.
This works with both gcc 9.3.0 and 10.2.0 now, both for C and C++ (as
tested with external modules).
ASTERISK-29287
Change-Id: I5b9f02a9b290675682a1d13f1788fdda597c9fca
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
After some changes to streams and topologies, receiving fax through
local channels stopped working. This change adds a stream topology with
a stream of type IMAGE to the local channel pair and allows fax to be
received.
ASTERISK-29035 #close
Change-Id: Id103cc5c9295295d8e68d5628e76220f8f17e9fb
When a Transfer/REFER is executed, TRANSFERSTATUSPROTOCOL variable is
0 when no protocl specific error
SIP example of failure, 3xx-6xx for the SIP error code received
This allows applications to perform actions based on the failure
reason.
ASTERISK-29252 #close
Reported-by: Dan Cropp
Change-Id: Ia6a94784b4925628af122409cdd733c9f29abfc4
Rename check_manager_enabled() and check_webmanager_enabled() to begin
with ast_ so that the symbols are automatically exported by the
linker.
ASTERISK~29184
Change-Id: I85762b9a5d14500c15f6bad6507138c8858644c9
This was dead code, test code introduced with Asterisk 13. This was
found while analyzing ASTERISK_28416 and ASTERISK_29185. This change
partly fixes, not closes those two issues.
Change-Id: I42d0daa37f6f334c7d86672f06f085858a3f3940
As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.
I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).
This commit just makes the cache directory configurable, and changes
the default location from /tmp to /var/cache/asterisk.
ASTERISK-29143
Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d
* Added a ONESHOT type that never reschedules.
* Added "like" capability to "pjsip show scheduled_tasks" so you can do
the following:
CLI> pjsip show scheduled_tasks like outreg
PJSIP Scheduled Tasks:
Task Name Interval Times Run ...
============================================= ========= ========= ...
pjsip/outreg/testtrunk-reg-0-00000074 50.000 oneshot ...
pjsip/outreg/voipms-reg-0-00000073 110.000 oneshot ...
* Fixed incorrect display of "Next Start".
* Compacted the displays of times in the CLI.
* Added two new functions (ast_sip_sched_task_get_times2,
ast_sip_sched_task_get_times_by_name2) that retrieve the interval,
next start time, and next run time in addition to the times already
returned by ast_sip_sched_task_get_times().
Change-Id: Ie718ca9fd30490b8a167bedf6b0b06d619dc52f3
The data can be freed if the old object '_data' is the same object as
new 'data'. Because at first the object is unreferenced which can lead
to destroying it.
This could happened in res_pjsip_pubsub when the publication is updated
which could lead to segfault in function publish_expire.
Change-Id: I0164f57c387243510bdbd2f8dcf33377b6c202da
This avoids the inclusion of the OpenSSL headers in the public header,
which avoids one external library dependency in res_pjsip_stir_shaken.
Change-Id: I6a07e2d81d2b5442e24e99b8cc733a99f881dcf4
pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference
and removes the lock prior to returning. This makes it possible,
under some circumstances, for another thread to free said dialog
before the thread that created it attempts to use it again. Of
course when the thread that created it tries to use a freed dialog
a crash can occur.
This patch makes it so Asterisk now returns the newly created
dialog both locked, and with an added reference. This allows the
caller to de-reference, and unlock the dialog when it is safe to
do so.
In the case of a new SIP Invite the lock, and reference are now
held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects,
like the transaction, to disappear. For example if there is a TCP
transport error.
ASTERISK-29057 #close
Change-Id: I5ef645a47829596f402cf383dc02c629c618969e
(cherry picked from commit 6baa4b53be)
If Asterisk sends out and INVITE and receives a challenge with a
different nonce value each time, it will continually send out INVITEs,
even if the call is hung up. The endpoint must be configured for
outbound authentication in order for this to occur. A limit has been set
on outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate.
ASTERISK-29013
Change-Id: I2d001ca745b00ca8aa12030f2240cd72363b46f7
