MixMonitor AMI commands StartMixMonitor and StopMixMonitor lacked class
authorization. StopMixMonitor now requires that the manager user either have
the call or system class authorization. StartMixMonitor is a slightly larger
issue since it can execute shell commands if the right arguments are passed
into it, and we consider this a permission escalation. A security release
will be issued for problem this shortly.
ASTERISK-23609 #close
Reported by: Corey Farrell
........
Merged revisions 415825 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415832 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415834 65c4cc65-6c06-0410-ace0-fbb531ad65f3
A remotely exploitable crash vulnerability exists in the PJSIP channel driver's
pub/sub framework. If an attempt is made to unsubscribe when not currently
subscribed and the endpoint's "sub_min_expiry" is set to zero, Asterisk tries
to create an expiration timer with zero seconds, which is not allowed, so an
assertion raised.
The fix was to reject a subscription that is attempting to unsubscribe when not
being already subscribed. Asterisk now checks for this situation appropriately
and responds with a 400 instead of crashing.
AST-2014-005
ASTERISK-23489 #close
........
Merged revisions 415812 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415813 65c4cc65-6c06-0410-ace0-fbb531ad65f3
SIP transaction timeouts are handled in the PJSIP monitor thread. When
this happens on a subscription, and the subscription is destroyed, the
subscription destruction is dispatched synchronously to the threadpool.
The issue is that the PJSIP dialog is locked by the monitor thread,
and then the dispatched task attempts to lock the dialog. This leads
to a deadlock that causes SIP traffic to no longer be accepted on the
Asterisk server.
The fix here is to treat the monitor thread as if it were a threadpool
thread when it attempts to dispatch synchronous tasks. This way, the
dispatched task turns into a simple function call within the same thread,
and the locking issue is averted.
AST-2014-008
ASTERISK-23802 #close
........
Merged revisions 415794 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415795 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This change makes res_pjsip_pubsub persist inbound subscriptions in sorcery. By default
this uses the local astdb but it can also be configured to store within an outside
database. When Asterisk is started these subscriptions are recreated if they have not
expired. Notifications are sent to the devices which have subscribed and they are none
the wiser that the system has restarted.
Review: https://reviewboard.asterisk.org/r/3598/
........
Merged revisions 415766 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415767 65c4cc65-6c06-0410-ace0-fbb531ad65f3
From now on, make install will overwrite safe_asterisk with the
latest version. You need to move any local modifications to files
inside /etc/asterisk/startup.d, if you have any.
See also commits r394939 and r397938.
ASTERISK-21965 #close
Patches:
safe_asterisk.patch uploaded by jkister (License 6232, modified by me)
........
Merged revisions 415748 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415749 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The supplied hash function to a container must be idempotent given the
object's key value to figure out which container bucket the object belongs
in. Returning a random number or the current container count is not
idempotent. The "computed hash" value doesn't help find the object later
in those cases.
* Fixed the format_list container to actually be a list since that is how
the container is used. Conceptually, if more than 283 formats were added
to the format_list then odd things may have happened before the fix.
........
Merged revisions 415728 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415729 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415730 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Adds presence state value to output of core show
hints. Also reformats the output slightly so it
doesn't use as much space as it would otherwise.
Was:
1000@demo : SIP/1000 State:Unavailable Watchers 0
Now:
1000@demo : SIP/1000 State:Unavailable Presence:Idle Watchers 0
AFS-53 #close
Review: https://reviewboard.asterisk.org/r/3604/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415698 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Documentation for how to add custom headers/content to notifies created
with the PJSIPNotify manager action was a little sparse and it also
wasn't vetting application of Content-length headers like its chan_sip
equivalent was (so two Content-length headers could be applied... and
PJSIP determines the content length anyway, so it just opens people up
for error). This patch also flips the variable order so that the
variables are interpreted in the same order as they are put in the AMI
action.
Review: https://reviewboard.asterisk.org/r/3587/
........
Merged revisions 415658 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415659 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When using PJSIP_HEADER() to add custom headers to outgoing INVITE requests, certain
situations could result in the headers being duplicated. For instance, if the request
were retransmitted, or if the INVITE were re-sent with authentication credentials,
the custom headers would be re-added to the request.
The fix here is to, after adding the custom headers to the outbound INVITE, remove
the datastore that holds the custom headers to add. This way, there is no risk in
accidentally adding them if the session supplement is called into a second or third
time.
........
Merged revisions 415579 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415580 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch is a re-do of r414122.
When r414122 was merged, a major problem with it was uncovered. UNBRIDGE soft
hangup flags have a catastrophic effect on the pbx core if they leak out from
the bridge layer: the channel gets hung up. With the number of threads
involved in a blind transfer, and with the initial patch, it was likely that
this would occur. This caused a large number of test failures
This patch is nearly identical with the one proposed in r414122, save for the
following changes:
- We explicitly clear the UNBRIDGE flag when setting an after goto on a
channel in a bridge
- Defensively, if we encounter an UNBRIDGE flag in the pbx core, we handle it
https://reviewboard.asterisk.org/r/3585/
........
Merged revisions 415443 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415444 65c4cc65-6c06-0410-ace0-fbb531ad65f3
If using the custom URI parsing code (not external uriparser lib) and there
was no query parameters the resulting pointer would be NULL and then an
attempt was made to subtract from it. The pointer is now set to a valid
value if there is no query parameter(s).
Also, in the 'ast_uri_make_host_with_port' function when setting the terminator
on the resulting string it was writing it one past the end of allocated memory.
It now writes the string terminator appropriately.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415358 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Currently, there are situations that can occur when using chan_pjsip
and certain dialplan applications (notably ChanSpy()) that can cause
the channel to get no audio with scrolling warnings about format
mismatches. This is caused by a failure to update translation paths on
a mid-call native format update since the raw formats have already
been updated by res_pjsip_sdp_rtp.c in set_caps(). Removing the
premature raw format updates allows the translation paths to be setup
correctly and the raw read and write formats with them.
AFS-63 #close
........
Merged revisions 415342 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415343 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Changed naming of included alias templates to avoid confusion between version names. For example, asterisk12 was for asterisk 1.2, so I changed it to asterisk_1dot2, so that later we can use asterisk_12 for Asterisk 12.
Added alias for "features reload" to the template for Asterisk 11 style syntax template, as features reload was removed in 12, but you can still do "module reload features"
Added alias for "pjsip reload" to the friendly template. It is shorter than "module reload res_pjsip.so" and if some are like me; I constantly forget that reloading chan_pjsip doesn't parse config. Remembering "pjsip reload" is just easier.
ASTERISK-23654 #close
ASTERISK-23654 #comment Fixed by adding two new aliases and enhancements for context names.
Review: https://reviewboard.asterisk.org/r/3572/
........
Merged revisions 415301 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415302 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The twisted logic determining if a config file should be reloaded was
mostly broken and disabled. The incorrect test that ASTERISK-23383 fixed
actually reenabled the broken logic. The incorrect test was causing the
timestamp to always be cleared which caused config files with includes to
always be reloaded.
* Made wildcard includes always cause a reload. Determining if a file was
deleted cannot be determined without restructuring the cache to determine
if any files are missing from the last files actually loaded. Also
without refactoring config_text_file_load(), the glob loop couldn't check
more than one file for changes anyway.
* Made remove the cache entry if the file no longer exists when trying to
get its timestamp or it is no longer a regular file. This fixes the
corner case where the file was loaded, then deleted, then the config
reloaded, then the file restored with the same timestamp, and then the
config reloaded again.
* Made remove the cache entry include list when actually loading the file.
This gets rid of any stale includes the file had from the last time the
file was loaded.
ASTERISK-23683 #close
Reported by: tootai
Review: https://reviewboard.asterisk.org/r/3575/
........
Merged revisions 415225 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415229 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415230 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415231 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Added a websocket server client in Asterisk. Asterisk has a websocket server,
but not a client. The ability to have Asterisk be able to connect to a websocket
server can potentially be useful for future work (for instance this could allow
ARI to connect back to some external system, although more work would be needed
in order to incorporate that).
Also a couple of things to note - proxy connection support has not been
implemented and there is limited http response code handling (basically, it is
connect or not).
Also added an initial new URI handling mechanism to core. Internet type URI's
are parsed into a data structure that contains pointers to the various parts of
the URI.
(closes issue ASTERISK-23742)
Reported by: Kevin Harwell
Review: https://reviewboard.asterisk.org/r/3541/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415223 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Prior to this patch, users waiting to enter a ConfBridge were not considered
when muted via the CLI or via AMI. Instead, a confusing message would be
emitted stating that the channel did not exist.
This patch allows a user to be muted when waiting to enter a ConfBridge
conference. This is equivalent to start when muted, only toggled via the CLI
or AMI.
Review: https://reviewboard.asterisk.org/r/3582
#ASTERISK-23824 #close
patches:
rb3582.patch uploaded by tm1000 (License 6524)
........
Merged revisions 415206 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415207 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415208 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Cleans up the safe_asterisk script and adds the ASTSAFE_FOREGROUND
option that allows the debian asterisk init script to capture the
right pid.
* Drop the vim #modeline which wasn't used. Use test consistently
without the odd configure xno syntax. Double quote all paths.
General cleanup.
* Don't output message()s to the console but only to TTY if set.
* Allow TTY to be "no" as well as empty (debian compatibility with
debian/patches/safe_asterisk-config).
* Add option to export ASTSAFE_FOREGROUND=1 from the init script
that calls this to disable backgrounding. Debian uses a similar
method in debian/patches/safe_asterisk-nobg).
ASTERISK-23492 #close
Review: https://reviewboard.asterisk.org/r/3574/
........
Merged revisions 415132 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415171 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415172 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415173 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Conference names were not checked for maximum length, allowing unexpected
behaviour. This change adds checking to ensure the maximum length is not
exceeded. The maximum length is also changed from 32 to AST_MAX_EXTENSION.
ASTERISK-23035 #close
Reported by: Iñaki Cívico
Tested by: Iñaki Cívico
Patches:
confbridge-enforce_max-1.8.patch uploaded by coreyfarrell (license 5909)
confbridge-enforce_max-11up.patch uploaded by coreyfarrell (license 5909)
........
Merged revisions 415060 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415066 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415078 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415080 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The bridge_native_rtp module currently uses the bridge result of the first
channel that joins a bridge as the ultimate result. This means that if the
first channel has direct media enabled but the second does not a direct
media bridge will still occur.
This change makes it so that both sides are taken into account. If either
side forbids the bridge or responds with a local bridge result then
either a generic or local bridge occurs.
ASTERISK-23541 #close
Reported by: Justin E
Review: https://reviewboard.asterisk.org/r/3577/
........
Merged revisions 414975 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414976 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch adds a new channel function TALK_DETECT that, when set on a
channel, causes events indicating the start/stop of talking on a channel to be
emitted to both AMI and ARI clients.
The function allows setting both the silence threshold (the length of silence
after which we decide no one is talking) as well as the talking threshold (the
amount of energy that counts as talking). Parameters can be updated on a channel
after talk detection has been enabled, and talk detection can be removed at
any time.
The events raised by the function use a nomenclature similar to existing AMI/ARI
events.
For AMI: ChannelTalkingStart/ChannelTalkingStop
For ARI: ChannelTalkingStarted/ChannelTalkingFinished
Review: https://reviewboard.asterisk.org/r/3563/
#ASTERISK-23786 #close
Reported by: Matt Jordan
........
Merged revisions 414934 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414935 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch addresses some aesthetic issues in Asterisk. These are all just
minor tweaks to improve the look of the CLI when used in a variety of
settings. Specifically:
* A number of chatty verbose messages were removed or demoted to DEBUG
messages. Verbose messages with a verbosity level of 5 or higher were -
if kept as verbose messages - demoted to level 4. Several messages
that were emitted at verbose level 3 were demoted to 4, as announcement
of dialplan applications being executed occur at level 3 (and so the
effects of those applications should generally be less).
* Some verbose messages that only appear when their respective 'debug'
options are enabled were bumped up to always be displayed.
* Prefix/timestamping of verbose messages were moved to the verboser
handlers. This was done to prevent duplication of prefixes when the
timestamp option (-T) is used with the CLI.
* Verbose magic is removed from messages before being emitted to
non-verboser handlers. This prevents the magic in multi-line verbose
messages (such as SIP debug traces or the output of DumpChan) from
being written to files.
* _Slightly_ better support for the "light background" option (-W) was
added. This includes using ast_term_quit in the output of XML
documentation help, as well as changing the "Asterisk Ready" prompt to
bright green on the default background (which stands a better chance of
being displayed properly than bright white).
Review: https://reviewboard.asterisk.org/r/3547/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414798 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When generating SQL files via the repotools alembic_creator.py script, a
configuration object is used programatically with SQLAlechemy, as opposed to
a configuration file. This patch ignores failures to interpret a config file,
as ... there isn't one in this case.
........
Merged revisions 414763 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414764 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Simply enabling PJSIP to negotiage a video codec (e.g., h264) would leak
video RTP ports if the codec were not negotiated by an incoming call.
* Made add_sdp_streams() associate the handler with the media stream if
the handler handled the media stream. Otherwise, when the
ast_sip_session_media object was destroyed it didn't know how to clean up
the RTP resources.
* Fixed sdp_requires_deferral() associating the handler with the media
stream when deciding if the SDP processing needs to be deferred for T.38.
Like the leaked video RTP ports, the T.38 handler needs to clean up
allocated resources from deciding if SDP processing needs to be deffered.
* Cleaned up some dead code in handle_incoming_sdp() and
sdp_requires_deferral().
ASTERISK-23721 #close
Reported by: cervajs
Review: https://reviewboard.asterisk.org/r/3571/
........
Merged revisions 414749 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414750 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Improvements to the agent pool functionality.
* AgentRequest no longer hangs up the caller if the agent fails to connect
with the caller. It now continues in the dialplan.
* AgentRequest returns AGENT_STATUS set to NOT_CONNECTED if the agent
failed to connect with the call. Most likely because the agent did not
acknowledge the call in time or got disconnected.
* The agent alerting play file configured by the agent.conf custom_beep
option can now be disabled by setting the option to an empty string. The
agent is effectively alerted to a call presence when MOH stops.
* Fixed bridge reference leak when the agent connects with a caller.
ASTERISK-23499 #close
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/3551/
........
Merged revisions 414747 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414748 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Asterisk started counting the session timer at INVITE while the other
end correctly started at 200. This meant that for short session-expiries
(90 seconds) combined with long ringing times (e.g. 30 seconds), asterisk
would wrongly assume that the timer was hit before the other end thought
it was time to send a session refresh. This resulted in prematurely
ended calls.
This changes the session timer to start counting first at 200 like RFC
says it should.
(Also removed a few excess NULL checks that would never hit, because if
they did, asterisk would have crashed already.)
ASTERISK-22551 #close
Reported by: i2045
Review: https://reviewboard.asterisk.org/r/3562/
........
Merged revisions 414620 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 414628 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 414636 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414643 65c4cc65-6c06-0410-ace0-fbb531ad65f3
The ODBC realtime driver uses ^NN parameter encoding to cope with the
special meaning of the semi-colon. A semi-colon in a field is
interpreted as if the key was supplied twice, something which isn't
otherwise possible with fixed database columns. E.g. allow=alaw;ulaw
is parsed as allow=alaw and allow=ulaw. A literal semi-colon is
rewritten to ^3B when stored in the database.
The module uses a stringfield to efficiently store the encoded
parameters. However, this stringfield wasn't always freed in some
off-nominal cases.
Commit r413241 fixed initialization so the encoding for INSERT and
DELETE queries wouldn't crash. (Only SELECTs and UPDATEs worked
apparently.) But that commit forgot the frees. This change cleans
that up.
Review: https://reviewboard.asterisk.org/r/3555/
........
Merged revisions 414564 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 414565 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 414566 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414567 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a channel is destroyed (such as via ast_channel_release in off nominal
paths in core_unreal), it will attempt to free (via ast_free) the channel tech
pvt. This is problematic for a few reasons:
1. The channel tech pvt is an ao2 object in core_unreal. Free'ing the pvt
directly is no good.
2. The channel tech pvt's reference count is dropped just prior to calling
ast_channel_release, resulting in the pvt's destruction. Hence, the
channel destructor is free'ing an invalid pointer.
This patch keeps the dropping of the reference count, but sets the pvt to
NULL on the channel prior to releasing it. This models what would occur if the
channel was hung up directly.
........
Merged revisions 414542 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414543 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Occasionally, when the last marked user leaves the conference, waitmarked
users don't get MOH if MOH is supposed to be played while a waitmarked
user is waiting for another marked user.
* Made not interrupt MOH when the user is a waitmarked user. The
waitmarked user doesn't need to hear any leave announcements from the
conference as the user would have already heard different leave
announcements if they were enabled. Apparently DAHDI occasionally sends
unending non-silent streams to these users or a normal user still in the
conference has continuous high background noise. These non-silent streams
cause MOH to be suspended while the never ending "announcement" is played.
Issue caused by ASTERISK-13680.
AST-1349 #close
Reported by: Tyler Stewart
Review: https://reviewboard.asterisk.org/r/3543/
........
Merged revisions 414401 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 414402 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 414404 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@414417 65c4cc65-6c06-0410-ace0-fbb531ad65f3
