The ub_result pointer passed to unbound_resolver_callback by
libunbound can be NULL if the query was for something malformed
like `.1` or `[.1]`. If it is, we now set a 'ns_r_formerr' result
and return instead of crashing with a SEGV. This causes pjproject
to simply cancel the transaction with a "No answer record in the DNS
response" error. The existing "off nominal" unit test was also
updated to check this condition.
Although not necessary for this fix, we also made
ast_dns_resolver_completed() tolerant of a NULL result.
Resolves: GHSA-v428-g3cw-7hv9
Added Reload and DBdeltree to the list of dialplan application that
can't be executed via the Originate manager action without also
having write SYSTEM permissions.
Added CURL, DB*, FILE, ODBC and REALTIME* to the list of dialplan
functions that can't be executed via the Originate manager action
without also having write SYSTEM permissions.
If the Queue application is attempted to be run by the Originate
manager action and an AGI parameter is specified in the app data,
it'll be rejected unless the manager user has either the AGI or
SYSTEM permissions.
Resolves: #GHSA-c4cg-9275-6w44
There can be empty slots in payload_mapping_tx corresponding to
dynamic payload types that haven't been seen before so we now
check for NULL before attempting to use 'type' in the call to
ast_format_cmp.
Note: Currently only chan_sip calls ast_rtp_codecs_payloads_unset()
Resolves: #822
When using the PJSIP_DIAL_CONTACTS() function for use in the Dial()
command, the contacts are returned in text form, so the input to
the path_outgoing_request() function is a contact value of NULL.
The issue was reported in ASTERISK-28211, but was not actually fixed
in ASTERISK-30100. This fix brings back the code that was previously
removed and adds code to search for a contact to extract the path
value from it.
(cherry picked from commit caa1820d2b)
After change made in 624f509 to add support for non 8K RFC 4733/2833 digits,
Asterisk would only accept RFC 4733/2833 offers that matched the sample rate of
the negotiated codec(s).
This change allows Asterisk to accept 8K RFC 4733/2833 offers if the UAC
offfers 8K RFC 4733/2833 but negotiates for a non 8K bitrate codec.
A number of corresponding tests in tests/channels/pjsip/dtmf_sdp also needed to
be re-written to allow for these scenarios.
Fixes: #776
(cherry picked from commit ac9c510d99)
Remove duplicate creation of ast_bool_values from
2b7c507d7d12_add_queue_log_option_log_restricted_.py. This was
causing alembic upgrades to fail since the enum was already created
in fe6592859b85_fix_mwi_subscribe_replaces_.py back in 2018.
Resolves: #797
(cherry picked from commit 614d71fa19)
The `Require: mediasec` and `Proxy-Require: mediasec` headers need
to be sent whenever we send `Security-Client` or `Security-Verify`
headers but the logic to do that was only in add_security_headers()
in res_pjsip_outbound_register. So while we were sending them on
REGISTER requests, we weren't sending them on INVITE requests.
This commit moves the logic to send the two headers out of
res_pjsip_outbound_register:add_security_headers() and into
security_agreement:ast_sip_add_security_headers(). This way
they're always sent when we send `Security-Client` or
`Security-Verify`.
Resolves: #789
(cherry picked from commit 1d9f43b5a5)
Whenver a new channel snapshot is created or when a channel is
destroyed, we need to delete any existing channel snapshot from
the snapshot cache. Historically, we used the channel->snapshot
pointer to delete any existing snapshots but this has two issues.
First, if something (possibly ast_channel_internal_swap_snapshots)
sets channel->snapshot to NULL while there's still a snapshot in
the cache, we wouldn't be able to delete it and it would be orphaned
when the channel is destroyed. Since we use the cache to list
channels from the CLI, AMI and ARI, it would appear as though the
channel was still there when it wasn't.
Second, since there are actually two caches, one indexed by the
channel's uniqueid, and another indexed by the channel's name,
deleting from the caches by pointer requires a sequential search of
all of the hash table buckets in BOTH caches to find the matching
snapshots. Not very efficient.
So, we now delete from the caches using the channel's uniqueid
and name. This solves both issues.
This doesn't address how channel->snapshot might have been set
to NULL in the first place because although we have concrete
evidence that it's happening, we haven't been able to reproduce it.
Resolves: #783
(cherry picked from commit 6f67835b4f)
This commit adds a new voicemail.conf option 'odbc_audio_on_disk'
which when set causes the ODBC variant of app_voicemail to leave
the message and greeting audio files on disk and only store the
message metadata in the database. This option came from a concern
that the database could grow to large and cause remote access
and/or replication to become slow. In a clustering situation
with this option, all asterisk instances would share the same
database for the metadata and either use a shared filesystem
or other filesystem replication service much more suitable
for synchronizing files.
The changes to app_voicemail to implement this feature were actually
quite small but due to the complexity of the module, the actual
source code changes were greater. They fall into the following
categories:
* Tracing. The module is so complex that it was impossible to
figure out the path taken for various scenarios without the addition
of many SCOPE_ENTER, SCOPE_EXIT and ast_trace statements, even in
code that's not related to the functional change. Making this worse
was the fact that many "if" statements in this module didn't use
braces. Since the tracing macros add multiple statements, many "if"
statements had to be converted to use braces.
* Excessive use of PATH_MAX. Previous maintainers of this module
used PATH_MAX to allocate character arrays for filesystem paths
and SQL statements as though they cost nothing. In fact, PATH_MAX
is defined as 4096 bytes! Some functions had (and still have)
multiples of these. One function has 7. Given that the vast
majority of installations use the default spool directory path
`/var/spool/asterisk/voicemail`, the actual path length is usually
less than 80 bytes. That's over 4000 bytes wasted. It was the
same for SQL statement buffers. A 4K buffer for statement that
only needed 60 bytes. All of these PATH_MAX allocations in the
ODBC related code were changed to dynamically allocated buffers.
The rest will have to be addressed separately.
* Bug fixes. During the development of this feature, several
pre-existing ODBC related bugs were discovered and fixed. They
had to do with leaving orphaned files on disk, not preserving
original message ids when moving messages between folders,
not honoring the "formats" config parameter in certain circumstances,
etc.
UserNote: This commit adds a new voicemail.conf option
'odbc_audio_on_disk' which when set causes the ODBC variant of
app_voicemail_odbc to leave the message and greeting audio files
on disk and only store the message metadata in the database.
Much more information can be found in the voicemail.conf.sample
file.
(cherry picked from commit 2b9dc329bd)
From the gdb information, we can see that while iterating over bridge->channels, the ast_bridge_channel reference count is 0, indicating it has already been destroyed.Additionally, when ast_bridge_channel is removed from bridge->channels, the bridge is first locked. Therefore, locking the bridge before iterating over bridge->channels can resolve the race condition.
Resolves: https://github.com/asterisk/asterisk/issues/768
(cherry picked from commit a1d0dac6c6)
Add a queue option log-restricted-caller-id to strip the Caller ID when storing the ENTERQUEUE event
in the queue log if the Caller ID is restricted.
Resolves: #765
UpgradeNote: Add a new column to the queues table:
queue_log_option_log_restricted ENUM('0','1','off','on','false','true','no','yes')
to control whether the Restricted Caller ID will be stored in the queue log.
UserNote: Add a Queue option log-restricted-caller-id to control whether the Restricted Caller ID
will be stored in the queue log.
If log-restricted-caller-id=no then the Caller ID will be stripped if the Caller ID is restricted.
(cherry picked from commit 624c23310e)
The current width for "extension" is 20 and "device state id" is 20, which is too small.
The "extension" field contains "ext"@"context", so 20 characters is not enough.
The "device state id" field, for example for Queue pause state contains Queue:"queue_name"_pause_PSJIP/"endpoint", so the 20 characters is not enough.
Increase the width of "extension" field to 30 characters and the width of the "device state id" field to 60 characters.
Resolves: #770
UserNote: The fields width of "core show hints" were increased.
The width of "extension" field to 30 characters and
the width of the "device state id" field to 60 characters.
(cherry picked from commit dcdda4688e)
Various SIP headers permit a URI to be prefaced with a `display-name`
production that can include characters (like commas and parentheses)
that are problematic for Asterisk's dialplan parser and, specifically
in the case of this patch, the PJSIP_PARSE_URI function.
This patch introduces a new function - `PJSIP_PARSE_URI_FROM` - that
behaves identically to `PJSIP_PARSE_URI` except that the first
argument is now a variable name and not a literal URI.
Fixes#756
(cherry picked from commit 5068cc814f)
Two functions are deprecated as of libxml2 2.12:
* xmlSubstituteEntitiesDefault
* xmlParseMemory
So we update those with supported API.
Additionally, `res_calendar_caldav` has been updated to use libxml2's
xmlreader API instead of the SAX2 API which has always felt a little
hacky (see deleted comment block in `res_calendar_caldav.c`).
The xmlreader API has been around since libxml2 2.5.0 which was
released in 2003.
Fixes#725
(cherry picked from commit 126cb5a20d)
Missing or corrupt cdr_pgsql.conf configuration file can cause the
second attempt to load the PostgreSQL CDR module to crash Asterisk via
the Command Line Interface because a null CLI command is registered on
the first failed attempt to load the module.
Resolves: #736
(cherry picked from commit 4fea8a433b)
Add RFC2833 DTMF support for 16K, 24K, and 32K bitrate codecs.
Asterisk currently treats RFC2833 Digits as a single rtp payload type
with a fixed bitrate of 8K. This change would expand that to 8, 16,
24 and 32K.
This requires checking the offered rtp types for any of these bitrates
and then adding an offer for each (if configured for RFC2833.) DTMF
generation must also be changed in order to look at the current outbound
codec in order to generate appropriately timed rtp.
For cases where no outgoing audio has yet been sent prior to digit
generation, Asterisk now has a concept of a 'preferred' codec based on
offer order.
On inbound calls Asterisk will mimic the payload types of the RFC2833
digits.
On outbound calls Asterisk will choose the next free payload types starting
with 101.
UserNote: No change in configuration is required in order to enable this
feature. Endpoints configured to use RFC2833 will automatically have this
enabled. If the endpoint does not support this, it should not include it in
the SDP offer/response.
Resolves: #699
(cherry picked from commit 6bf66b82d7)
Send "RELOADING=1" instead of "RELOAD=1" to follow the format
expected by systemd (see sd_notify(3) man page).
Do not send STOPPING=1 in remote console mode:
attempting to execute "asterisk -rx" by the main process leads to
a warning if NotifyAccess=main (the default) or to a forced termination
if NotifyAccess=all.
(cherry picked from commit 3e9922d389)
Include signal.h to avoid the following build failure with uclibc-ng
raised since
2694792e13:
stasis/control.c: In function 'exec_command_on_condition':
stasis/control.c:313:3: warning: implicit declaration of function 'pthread_kill'; did you mean 'pthread_yield'? [-Wimplicit-function-declaration]
313 | pthread_kill(control->control_thread, SIGURG);
| ^~~~~~~~~~~~
| pthread_yield
stasis/control.c:313:41: error: 'SIGURG' undeclared (first use in this function)
313 | pthread_kill(control->control_thread, SIGURG);
| ^~~~~~
cherry-pick-to: 18
cherry-pick-to: 20
cherry-pick-to: 21
Fixes: #729
(cherry picked from commit 044f3e85ba)
Currently, reloading res_pjsip will cause logging
to be disabled. This is because logging can also
be controlled via the debug option in pjsip.conf
and this defaults to "no".
To improve this, logging is no longer disabled on
reloads if logging had not been previously
enabled using the debug option from the config.
This ensures that logging enabled from the CLI
will persist through a reload.
ASTERISK-29912 #close
Resolves: #246
UserNote: Issuing "pjsip reload" will no longer disable
logging if it was previously enabled from the CLI.
(cherry picked from commit 3b600e2787)
Add unique verbose prefixes for levels higher than 4, so
that these can be visually differentiated from each other.
Resolves: #721
(cherry picked from commit 23f5ce69fd)
Some of the money announcements can be off by one cent,
due to the use of floating point in the money calculations,
which is bad for obvious reasons.
This replaces floating point with simple string parsing
to ensure the cents value is converted accurately.
Resolves: #525
(cherry picked from commit b836f9c01c)
Because of the (often recursive) nature of module dependencies in
Asterisk, hot swapping a module on the fly is cumbersome if a module
is depended on by other modules. Currently, dependencies must be
popped manually by unloading dependents, unloading the module of
interest, and then loading modules again in reverse order.
To make this easier, the ability to do this recursively in certain
circumstances has been added, as an optional extension to the
"module refresh" command. If requested, Asterisk will check if a module
that has a positive usecount could be unloaded safely if anything
recursively dependent on it were unloaded. If so, it will go ahead
and unload all these modules and load them back again. This makes
hot swapping modules that provide dependencies much easier.
Resolves: #474
UserNote: In certain circumstances, modules with dependency relations
can have their dependents automatically recursively unloaded and loaded
again using the "module refresh" CLI command or the ModuleLoad AMI command.
(cherry picked from commit c276ae11e0)
First rtp activity check was performed after 500ms regardless of the rtp_timeout setting. Having a call in ringing state for more than rtp_timeout and the first rtp package is received more than 500ms after sdp negotiation and before the rtp_timeout, erronously caused the call to be hungup. Changed to perform the first rtp inactivity check after the timeout setting preventing calls to be disconnected before the rtp_timeout has elapsed since sdp negotiation.
Fixes#710
(cherry picked from commit d74266fe05)
If the hostname field of the ast_tcptls_session_args structure is
set (which it is for websocket client connections), that hostname
will now automatically be used in an SNI TLS extension in the client
hello.
Resolves: #713
UserNote: Secure websocket client connections now send SNI in
the TLS client hello.
(cherry picked from commit f9a1e3095c)
* Fixed possible memory leak in tn_config:tn_get_etn() where we
weren't releasing etn if tn or eprofile were null.
* We now canonicalize TNs before using them for lookups or adding
them to Identity headers.
* Fixed a typo in stir_shaken.conf.sample.
Resolves: #716
(cherry picked from commit 3d2def92e2)
Since DETECT_DEADLOCKS is now split from DEBUG_THREADS, it must
always be included in buildopts.h instead of only when
ADD_CFLAGS_TO_BUILDOPTS_H is defined. A SEGV will result otherwise.
Resolves: #719
(cherry picked from commit 6568c86989)
Fixed crash error when cli "module reload". The error appears when
compiling with res_prometheus and using the sorcery memory cache for
registrations
(cherry picked from commit 5a883f5410)
Commit f2f397c1a8 previously
made it possible to send Caller ID parameters to FXS stations
which, prior to that, could not be sent.
This change is complementary in that we now handle receiving
all these parameters on FXO lines and provide these up to
the dialplan, via chan_dahdi. In particular:
* If a redirecting reason is provided, the channel's redirecting
reason is set. No redirecting number is set, since there is
no parameter for this in the Caller ID protocol, but the reason
can be checked to determine if and why a call was forwarded.
* If the Call Qualifier parameter is received, the Call Qualifier
variable is set.
* Some comments have been added to explain why some of the code
is the way it is, to assist other people looking at it.
With this change, Asterisk's Caller ID implementation is now
reasonably complete for both FXS and FXO operation.
Resolves: #681
(cherry picked from commit 6bd0b67081)
