Acccording to the man page for sprintf, using the same buffer for
output as one used as an input yields undefined behavior.
This patch should work around this problem.
ASTERISK-27903
Reported-by: Alexander Traud
Change-Id: I2213dcb454aff26457e2e4cc9c6821276463ae3a
This patch changes the way asterisk polls output from mpg123, instead
of waiting for 10 seconds(when playing an http url) it now uses a
timeout of one second and iterates 10 times using this same timeout.
The main difference is that for every timeout asterisk receives it now
checks if mpg123 is still running before poll again.
ASTERISK-27752
Change-Id: Ib7df8462e3e380cb328011890ad9270d9e9b4620
The iax2 module is not handling timeout and EINTR case properly. Mainly when
there is an interupt to the kernel thread. In case of ast_io_wait recieves a
signal, or timeout it can be an error or return 0 which eventually escapes the
thread loop, so that it cant recieve any data. This then causes the modules
receive queue to build up on the kernel and stop any communications via iax in
asterisk.
The proposed patch is for the iax module, so that timeout and EINTR does not
exit the thread.
ASTERISK-27705
Reported-by: Kirsty Tyerman
Change-Id: Ib4c32562f69335869adc1783608e940c3535fbfb
Previously, Asterisk used its script ./configure, to test whether OpenSSL was
built with no-srtp (or was simply too old). However, the header file
<openssl/opensslconf.h> is the preferred way to detect the local configuration
of OpenSSL.
As a positive side-effect the script ./configure does not interleave the
detection of the Open Settlement Protocol Toolkit (OSPTK) with the detection of
individual features of OpenSSL anymore.
Change-Id: I3c77c7b00b2ffa2e935632097fa057b9fdf480c0
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401
unauthorized response is sent. This vulnerability just discloses which
requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
access to the disclosed endpoints.
* Made endpoint specific ACL rules now respond with a 401 unauthorized
which is the same as if an endpoint were not identified. The fix is
accomplished by replacing the found endpoint with the artificial endpoint
which always fails authentication.
ASTERISK-27818
Change-Id: Icb275a54ff8e2df6c671a6d9bda37b5d732b3b32
Furthermore, allow OpenSSL configured with no-dh. Additionally, this change
allows auto-negotiation of the elliptic curve/group for servers, not only with
OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer. This enables X25519
(since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a side-effect.
ASTERISK-27910
Change-Id: I5b0dd47c5194ee17f830f869d629d7ef212cf537
The functions acf_odbc_read/cli_odbc_read ignore a number of columns
returned by the SQLNumResultCols.
If the number of columns is zero it means no data.
In this case, a SQLFetch function has to be not called,
because it will cause an error.
ASTERISK-27888 #close
Change-Id: Ie0f7bdac6c405aa5bbd38932c7b831f90729ee19
chan_pjsip wasn't registering for "BEFORE_MEDIA" responses which meant
it was not updating HANGUPCAUSE for 4XX responses. If the remote end
sent a "180 Ringing", then a "486 Busy", the hangup cause was left at
"180 Normal Clearing".
* Removed chan_pjsip_incoming_response from the original session
supplement (which was handling only "AFTER MEDIA") and added it to a
new session supplement which accepts both "BEFORE_MEDIA" and
"AFTER_MEDIA".
* Also cleaned up some cleanup code in load module.
ASTERISK-27902
Change-Id: If9b860541887aca8ac2c9f2ed51ceb0550fb007a
There was no real reason to limit the conteny type to text/plain other
than that's what it was limited to before. Now any text/* content
type will be allowed for channel drivers that don't support enhanced
messaging and any type will be allowed for channel drivers that do
support enhanced messaging.
Change-Id: I94a90cfee98b4bc8e22aa5c0b6afb7b862f979d9
ast_indicate is invoked with the bridge locked. As ast_indicate locks the
other end of the bridge as well this can lead to a deadlock in some situations.
(Especially when a different thread does the same in the reverse order).
This patch calls ast_indicate after unlocking the bridge which fixes the
deadlock. Calling ast_indicate with these parameters without locking the
bridge should be safe as this is done at different places without a
bridge lock.
ASTERISK-27094 #close
Reported-by: David Brillert
Change-Id: I5f86c1e2ce75b9929a36ab589b18c450e62ea35f
When an AMI client connects, it cannot determine if a user was talking
prior to a transition in the user speaking state (which would generate
a ConfbridgeTalking event). This patch causes app_confbridge to track the
talking state and make this state available via ConfBridgeList.
ASTERISK-27877 #close
Change-Id: I19b5284f34966c3fda94f5b99a7e40e6b89767c6
The MeetmeJoin, MeetmeLeave, MeetmeEnd, MeetmeMute, MeetmeTalking, and
MeetmeTalkRequest AMI events were documented with sending out a Usernum
header when the User header was actually output.
* Change the online documentation to match reality.
ASTERISK-27873
ASTERISK-25261
Change-Id: I437bc70618d07c183c9624b7069c2fcae7f17a39
asterisk/tcptls.h was included (explicitly, implicitly, or transitively). Those
inclusions got replaced by forward declarations. As side effect, the inclusions
got completed.
ASTERISK-27878
Change-Id: I9d102728e30336d6522e5e4ae9e964013a0835f7
Currentrly pjsip_options code does not handle the situation when the
qualify options were changed in realtime database.
Only 'module reload res_pjsip' helps.
This patch add a check on contact add/update observers if the contact
qualify options are different than local aor qualify options.
If the qualify options were modified then synchronize
the pjsip_options AOR local state.
ASTERISK-27872
Change-Id: Id55210a18e62ed5d35a88e408d5fe84a3c513c62
Additionally, this change allows auto-negotiation of the elliptic curve/group
for servers, not only with OpenSSL 1.0.2 but also with OpenSSL 1.1.0 and newer.
This enables X25519 (since OpenSSL 1.1.0) and X448 (since OpenSSL 1.1.1) as a
side-effect.
ASTERISK-27876
Change-Id: I62c2aba4a630aefc231b71f646207e8c027d9497
The OUTPUTDIR variable in ast_debug_tools.conf.sample is now set
to "/tmp" instead of "/some/directory".
Variables set on the command line or that are already in the
environment now take predecence over variables set in the config files.
ASTERISK-27846
Reported by: Ted G
Change-Id: Ie8baec52d531886bf5849ec1d59bb59dc87ad387
