The verification check for missing or anonymous callerid was happening before
the endpoint's profile was retrieved which meant that the failure_action
parameter wasn't available. Therefore, if verification was enabled and there
was no callerid or it was "anonymous", the call was immediately terminated
instead of giving the dialplan the ability to decide what to do with the call.
* The callerid check now happens after the verification context is created and
the endpoint's stir_shaken_profile is available.
* The check now processes the callerid failure just as it does for other
verification failures and respects the failure_action parameter. If set
to "continue" or "continue_return_reason", `STIR_SHAKEN(0,verify_result)`
in the dialplan will return "invalid_or_no_callerid".
* If the endpoint's failure_action is "reject_request", the call will be
rejected with `433 "Anonymity Disallowed"`.
* If the endpoint's failure_action is "continue_return_reason", the call will
continue but a `Reason: STIR; cause=433; text="Anonymity Disallowed"`
header will be added to the next provisional or final response.
Resolves: #1112
(cherry picked from commit 71551013c4)
Introduce a ChannelTransfer event and the ability to notify progress to
ARI. Implement emitting this event from the PJSIP channel instead of
handling the transfer in Asterisk when configured.
Introduce a dialplan function to the PJSIP channel to switch between the
"core" and "ari-only" behavior.
UserNote: Call transfers on the PJSIP channel can now be controlled by
ARI. This can be enabled by using the PJSIP_TRANSFER_HANDLING(ari-only)
dialplan function.
(cherry picked from commit 71eb8a262f)
Nothing ever sets the `AST_GENERATOR_FD`, so this block of code will
never execute. It also is the only place where the `generate` callback
is called with the channel lock held which made it difficult to reason
about the thread safety of `ast_generator`s.
In passing, also note that `AST_AGENT_FD` isn't used either.
(cherry picked from commit 2cc2710e5f)
An issue in config_auth.c:ast_sip_auth_digest_algorithms_vector_init() was
causing double allocations for the two supported_algorithms vectors to the
tune of 915 bytes. The leak only happens on startup and when a reload is done
and doesn't get bigger with the number of auth objects defined.
* Pre-initialized the two vectors in config_auth:auth_alloc().
* Removed the allocations in ast_sip_auth_digest_algorithms_vector_init().
* Added a note to the doc for ast_sip_auth_digest_algorithms_vector_init()
noting that the vector passed in should be initialized and empty.
* Simplified the create_artificial_auth() function in pjsip_distributor.
* Set the vector initialization count to 0 in config_global:global_apply().
Correct an issue in ast_config_text_file_save2() when updating configuration
files with "#tryinclude" statements. The API currently replaces "#tryinclude"
with "#include". The API also creates empty template files if the referenced
files do not exist. This change resolves these problems.
Resolves: https://github.com/asterisk/asterisk/issues/920
(cherry picked from commit 5945703267)
* Added the "since" element to the XML configObject and configOption elements
in appdocsxml.dtd.
* Added the "Since" section to the following CLI output:
```
config show help <module> <object>
config show help <module> <object> <option>
core show application <app>
core show function <func>
manager show command <command>
manager show event <event>
agi show commands topic <topic>
```
* Refactored the commands above to output their sections in the same order:
Synopsis, Since, Description, Syntax, Arguments, SeeAlso
* Refactored the commands above so they all use the same pattern for writing
the output to the CLI.
* Fixed several memory leaks caused by failure to free temporary output
buffers.
* Added a "since" array to the mustache template for the top-level resources
(Channel, Endpoint, etc.) and to the paths/methods underneath them. These
will be added to the generated markdown if present.
Example:
```
"resourcePath": "/api-docs/channels.{format}",
"requiresModules": [
"res_stasis_answer",
"res_stasis_playback",
"res_stasis_recording",
"res_stasis_snoop"
],
"since": [
"18.0.0",
"21.0.0"
],
"apis": [
{
"path": "/channels",
"description": "Active channels",
"operations": [
{
"httpMethod": "GET",
"since": [
"18.6.0",
"21.8.0"
],
"summary": "List all active channels in Asterisk.",
"nickname": "list",
"responseClass": "List[Channel]"
},
```
NOTE: No versioning information is actually added in this commit.
Those will be added separately and instructions for adding and maintaining
them will be published on the documentation site at a later date.
(cherry picked from commit 3e28ddce78)
* Refactored pjproject code to support the new algorithms and
added a patch file to third-party/pjproject/patches
* Added new parameters to the pjsip auth object:
* password_digest = <algorithm>:<digest>
* supported_algorithms_uac = List of algorithms to support
when acting as a UAC.
* supported_algorithms_uas = List of algorithms to support
when acting as a UAS.
See the auth object in pjsip.conf.sample for detailed info.
* Updated both res_pjsip_authenticator_digest.c (for UAS) and
res_pjsip_outbound_authentocator_digest.c (UAC) to suport the
new algorithms.
The new algorithms are only available with the bundled version
of pjproject, or an external version > 2.14.1. OpenSSL version
1.1.1 or greater is required to support SHA-512-256.
Resolves: #948
UserNote: The SHA-256 and SHA-512-256 algorithms are now available
for authentication as both a UAS and a UAC.
(cherry picked from commit 1933548d41)
* The autoconf-archive package contains macros useful for detecting C++
standard and testing other C++ capabilities but that package was never
included in the install_prereq script so many existing build environments
won't have it. Even if it is installed, older versions won't newer C++
standards and will actually cause an error if you try to test for that
version. To make it available for those environments, the
ax_cxx_compile_stdcxx.m4 macro has copied from the latest release of
autoconf-archive into the autoconf directory.
* A convenience wrapper(ast_cxx_check_std) around ax_cxx_compile_stdcxx was
also added so checking the standard version and setting the
asterisk-specific PBX_ variables becomes a one-liner:
`AST_CXX_CHECK_STD([std], [force_latest_std])`.
Calling that with a version of `17` for instance, will set PBX_CXX17
to 0 or 1 depending on whether the current c++ compiler supports stdc++17.
HAVE_CXX17 will also be 'defined" or not depending on the result.
* C++ compilers hardly ever default to the latest standard they support. g++
version 14 for instance supports up to C++23 but only uses C++17 by default.
If you want to use C++23, you have to add `-std=gnu++=23` to the g++
command line. If you set the second argument of AST_CXX_CHECK_STD to "yes",
the macro will automatically keep the highest `-std=gnu++` value that
worked and pass that to the Makefiles.
* The autoconf-archive package was added to install_prereq for future use.
* Updated configure.ac to use AST_CXX_CHECK_STD() to check for C++
versions 11, 14, 17, 20 and 23.
* Updated configure.ac to accept the `--enable-latest-cxx-std` option which
will set the second option to AST_CXX_CHECK_STD() to "yes". The default
is "no".
* ast_copy_string() in strings.h declares the 'sz' variable as volatile and
does an `sz--` on it later. C++20 no longer allows the `++` and `--`
increment and decrement operators to be used on variables declared as
volatile however so that was changed to `sz -= 1`.
(cherry picked from commit fb45a473cf)
Previously, when AST_CONTROL_RINGING was received by
a DAHDI device, it would set its channel state to
AST_STATE_RINGING. However, an analysis of the codebase
and other channel drivers reveals RINGING corresponds to
physical power ringing, whereas AST_STATE_RING should be
used for audible ringback on the channel. This also ensures
the correct device state is returned by the channel state
to device state conversion.
Since there seems to be confusion in various places regarding
AST_STATE_RING vs. AST_STATE_RINGING, some documentation has
been added or corrected to clarify the actual purposes of these
two channel states, and the associated device state mapping.
An edge case that prompted this fix, but isn't explicitly
addressed here, is that of an incoming call to an FXO port.
The channel state will be "Ring", which maps to a device state
of "In Use", not "Ringing" as would be more intuitive. However,
this is semantic, since technically, Asterisk is treating this
the same as any other incoming call, and so "Ring" is the
semantic state (put another way, Asterisk isn't ringing anything,
like in the cases where channels are in the "Ringing" state).
Since FXO ports don't currently support Call Waiting, a suitable
workaround for the above would be to ignore the device state and
instead check the channel state (e.g. IMPORT(DAHDI/1-1,CHANNEL(state)))
since it will be Ring if the FXO port is idle (but a call is ringing
on it) and Up if the FXO port is actually in use. (In both cases,
the device state would misleadingly be "In Use".)
Resolves: #1029
(cherry picked from commit 9f6f9a60e5)
A few tweaks needed to be done to some existing header files to allow them to
be compiled when included from C++ source files.
logger.h had declarations for ast_register_verbose() and
ast_unregister_verbose() which caused C++ issues but those functions were
actually removed from logger.c many years ago so the declarations were just
removed from logger.h.
(cherry picked from commit d5898305fb)
Unit tests can now be passed custom arguments from the command
line. For example, the following command would run the "mytest" test
in the "/main/mycat" category with the option "myoption=54"
`CLI> test execute category /main/mycat name mytest options myoption=54`
You can also pass options to an entire category...
`CLI> test execute category /main/mycat options myoption=54`
Basically, everything after the "options" keyword is passed verbatim to
the test which must decide what to do with it.
* A new API ast_test_get_cli_args() was created to give the tests access to
the cli_args->argc and cli_args->argv elements.
* Although not needed for the option processing, a new macro
ast_test_validate_cleanup_custom() was added to test.h that allows you
to specify a custom error message instead of just "Condition failed".
* The test_skel.c was updated to demonstrate parsing options and the use
of the ast_test_validate_cleanup_custom() macro.
(cherry picked from commit 6d63b62853)
Added a new option "qualify_2xx_only" to the res_pjsip AOR qualify
feature to mark a contact as available only if an OPTIONS request
returns a 2XX response. If the option is not specified or is false,
any response to the OPTIONS request marks the contact as available.
UserNote: The pjsip.conf AOR section now has a "qualify_2xx_only"
option that can be set so that only 2XX responses to OPTIONS requests
used to qualify a contact will mark the contact as available.
(cherry picked from commit 85f5a047c1)
Normally, when one party in a call sends Asterisk an SDP with
a "sendonly" or "inactive" attribute it means "hold" and causes
Asterisk to start playing MOH back to the other party. This can be
problematic if it happens at certain times, such as in a 183
Progress message, because the MOH will replace any early media you
may be playing to the calling party. If you set this option
to "yes" on an endpoint and the endpoint receives an SDP
with "sendonly" or "inactive", Asterisk will NOT play MOH back to
the other party.
Resolves: #979
UserNote: The new "suppress_moh_on_sendonly" endpoint option
can be used to prevent playing MOH back to a caller if the remote
end sends "sendonly" or "inactive" (hold) to Asterisk in an SDP.
(cherry picked from commit badf203203)
The tenantid field was originally added to the ast_sip_endpoint
structure at the end of the AST_DECLARE_STRING_FIELDS block. This
caused everything after it in the structure to move down in memory
and break ABI compatibility. It's now at the end of the structure
as an AST_STRING_FIELD_EXTENDED. Given the number of string fields
in the structure now, the initial string field allocation was
also increased from 64 to 128 bytes.
Resolves: #982
(cherry picked from commit be8f3a3fa4)
The key used for transport monitors was the remote host name for the
transport and not the remote address resolved for this domain.
This was problematic for domains returning multiple addresses as several
transport monitors were created with the same key.
Whenever a subsystem wanted to register a callback it would always end
up attached to the first transport monitor with a matching key.
The key used for transport monitors is now the remote address and port
the transport actually connected to.
Fixes: #932
(cherry picked from commit 2ee258b0fc)
The dnsmgr_refresh() function checks to see if the IP address associated
with a name/service has changed. The gotcha is that the ast_get_ip_or_srv()
function only returns the first IP address returned by the DNS query. If
there are multiple IPs associated with the name and the returned order is
not consistent (e.g. with DNS round-robin) then the other IP addresses are
not included in the comparison and the entry is flagged as changed even
though the IP is still valid.
Updated the code to check all IP addresses and flag a change only if the
original IP is no longer valid.
Resolves: #924
(cherry picked from commit 4a3319a587)
Calls to `ast_replace_sigchld()` and `ast_unreplace_sigchld()` must be
balanced to ensure that we can capture the exit status of child
processes when we need to. This extends to functions that call
`ast_replace_sigchld()` and `ast_unreplace_sigchld()` such as
`ast_safe_fork()` and `ast_safe_fork_cleanup()`.
The primary change here is ensuring that we do not call
`ast_safe_fork_cleanup()` in `res_agi.c` if we have not previously
called `ast_safe_fork()`.
Additionally we reinforce some of the documentation and add an
assertion to, ideally, catch this sooner were this to happen again.
Fixes#922
(cherry picked from commit 243f20a78d)
When Asterisk sends an offer to Bob that includes 48K and 8K codecs with
matching 4733 offers, Bob may want to use the 48K audio codec but can not
accept 48K digits and so negotiates for a mixed set.
Asterisk will now check Bob's offer to make sure Bob has indicated this is
acceptible and if not, will use Bob's preference.
Fixes: #847
(cherry picked from commit ac673dd14e)
This patch introduces a new identifier for channels: tenantid. It's
a stringfield on the channel that can be used for general purposes. It
will be inherited by other channels the same way that linkedid is.
You can set tenantid in a few ways. The first is to set it in the
dialplan with the Set and CHANNEL functions:
exten => example,1,Set(CHANNEL(tenantid)=My tenant ID)
It can also be accessed via CHANNEL:
exten => example,2,NoOp(CHANNEL(tenantid))
Another method is to use the new tenantid option for pjsip endpoints in
pjsip.conf:
[my_endpoint]
type=endpoint
tenantid=My tenant ID
This is considered the best approach since you will be able to see the
tenant ID as early as the Newchannel event.
It can also be set using set_var in pjsip.conf on the endpoint like
setting other channel variable:
set_var=CHANNEL(tenantid)=My tenant ID
Note that set_var will not show tenant ID on the Newchannel event,
however.
Tenant ID has also been added to CDR. It's read-only and can be accessed
via CDR(tenantid). You can also get the tenant ID of the last channel
communicated with via CDR(peertenantid).
Tenant ID will also show up in CEL records if it has been set, and the
version number has been bumped accordingly.
Fixes: #740
UserNote: tenantid has been added to channels. It can be read in
dialplan via CHANNEL(tenantid), and it can be set using
Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to
use the new tenantid option for pjsip endpoints (e.g., tenantid=My
tenant ID) so that it will show up in Newchannel events. You can set it
like any other channel variable using set_var in pjsip.conf as well, but
note that this will NOT show up in Newchannel events. Tenant ID is also
available in CDR and can be accessed with CDR(tenantid). The peer tenant
ID can also be accessed with CDR(peertenantid). CEL includes tenant ID
as well if it has been set.
UpgradeNote: A new versioned struct (ast_channel_initializers) has been
added that gets passed to __ast_channel_alloc_ap. The new function
ast_channel_alloc_with_initializers should be used when creating
channels that require the use of this struct. Currently the only value
in the struct is for tenantid, but now more fields can be added to the
struct as necessary rather than the __ast_channel_alloc_ap function. A
new option (tenantid) has been added to endpoints in pjsip.conf as well.
CEL has had its version bumped to include tenant ID.
(cherry picked from commit 3841fa814e)
After change made in 624f509 to add support for non 8K RFC 4733/2833 digits,
Asterisk would only accept RFC 4733/2833 offers that matched the sample rate of
the negotiated codec(s).
This change allows Asterisk to accept 8K RFC 4733/2833 offers if the UAC
offfers 8K RFC 4733/2833 but negotiates for a non 8K bitrate codec.
A number of corresponding tests in tests/channels/pjsip/dtmf_sdp also needed to
be re-written to allow for these scenarios.
Fixes: #776
(cherry picked from commit 7d53986262)
Add RFC2833 DTMF support for 16K, 24K, and 32K bitrate codecs.
Asterisk currently treats RFC2833 Digits as a single rtp payload type
with a fixed bitrate of 8K. This change would expand that to 8, 16,
24 and 32K.
This requires checking the offered rtp types for any of these bitrates
and then adding an offer for each (if configured for RFC2833.) DTMF
generation must also be changed in order to look at the current outbound
codec in order to generate appropriately timed rtp.
For cases where no outgoing audio has yet been sent prior to digit
generation, Asterisk now has a concept of a 'preferred' codec based on
offer order.
On inbound calls Asterisk will mimic the payload types of the RFC2833
digits.
On outbound calls Asterisk will choose the next free payload types starting
with 101.
UserNote: No change in configuration is required in order to enable this
feature. Endpoints configured to use RFC2833 will automatically have this
enabled. If the endpoint does not support this, it should not include it in
the SDP offer/response.
Resolves: #699
(cherry picked from commit 624f509ce4)
Add unique verbose prefixes for levels higher than 4, so
that these can be visually differentiated from each other.
Resolves: #721
(cherry picked from commit 57bb09667d)
Because of the (often recursive) nature of module dependencies in
Asterisk, hot swapping a module on the fly is cumbersome if a module
is depended on by other modules. Currently, dependencies must be
popped manually by unloading dependents, unloading the module of
interest, and then loading modules again in reverse order.
To make this easier, the ability to do this recursively in certain
circumstances has been added, as an optional extension to the
"module refresh" command. If requested, Asterisk will check if a module
that has a positive usecount could be unloaded safely if anything
recursively dependent on it were unloaded. If so, it will go ahead
and unload all these modules and load them back again. This makes
hot swapping modules that provide dependencies much easier.
Resolves: #474
UserNote: In certain circumstances, modules with dependency relations
can have their dependents automatically recursively unloaded and loaded
again using the "module refresh" CLI command or the ModuleLoad AMI command.
(cherry picked from commit a056e94885)
If the hostname field of the ast_tcptls_session_args structure is
set (which it is for websocket client connections), that hostname
will now automatically be used in an SNI TLS extension in the client
hello.
Resolves: #713
UserNote: Secure websocket client connections now send SNI in
the TLS client hello.
(cherry picked from commit 4d6f84a14f)
Commit f2f397c1a8 previously
made it possible to send Caller ID parameters to FXS stations
which, prior to that, could not be sent.
This change is complementary in that we now handle receiving
all these parameters on FXO lines and provide these up to
the dialplan, via chan_dahdi. In particular:
* If a redirecting reason is provided, the channel's redirecting
reason is set. No redirecting number is set, since there is
no parameter for this in the Caller ID protocol, but the reason
can be checked to determine if and why a call was forwarded.
* If the Call Qualifier parameter is received, the Call Qualifier
variable is set.
* Some comments have been added to explain why some of the code
is the way it is, to assist other people looking at it.
With this change, Asterisk's Caller ID implementation is now
reasonably complete for both FXS and FXO operation.
Resolves: #681
(cherry picked from commit 4cf8d9d94a)
If you're tracing a large function that may call another function
multiple times in different circumstances, it can be difficult to
see from the trace output exactly which location that function
was called from. There's no good way to automatically determine
the calling location. SCOPE_CALL and SCOPE_CALL_WITH_RESULT
simply print out a trace line before and after the call.
The difference between SCOPE_CALL and SCOPE_CALL_WITH_RESULT is
that SCOPE_CALL ignores the function's return value (if any) where
SCOPE_CALL_WITH_RESULT allows you to specify the type of the
function's return value so it can be assigned to a variable.
SCOPE_CALL_WITH_INT_RESULT is just a wrapper for SCOPE_CALL_WITH_RESULT
and the "int" return type.
(cherry picked from commit cf5c46d8ae)
Add a new identify_by option to res_pjsip_endpoint_identifier_ip
called 'transport' this matches endpoints based on the bound
ip address (local) instead of the 'ip' option, which matches on
the source ip address (remote).
UserNote: set identify_by=transport for the pjsip endpoint. Then
use the existing 'match' option and the new 'transport' option of
the identify.
Fixes: #672
(cherry picked from commit c8769f3d5a)
Add ability to match against PJSIP request URI.
UserNote: this new feature let users match endpoints based on the
indound SIP requests' URI. To do so, add 'request_uri' to the
endpoint's 'identify_by' option. The 'match_request_uri' option of
the identify can be an exact match for the entire request uri, or a
regular expression (between slashes). It's quite similar to the
header identifer.
Fixes: #599
(cherry picked from commit ac297d15f8)
This commit introduces configurable TCP keepalive settings for both TCP and TLS transports. The changes allow for finer control over TCP connection keepalives, enhancing stability and reliability in environments prone to connection timeouts or where intermediate devices may prematurely close idle connections. This has proven necessary and has already been tested in production in several specialized environments where access to the underlying transport is unreliable in ways invisible to the operating system directly, so these keepalive and timeout mechanisms are necessary.
Fixes#657
(cherry picked from commit 555eb9d3d2)
Why do we need a refactor?
The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation. The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.
There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.
Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use. With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.
What's changed?
* Configuration objects have been refactored to be clearer about
their uses and to fix issues.
* The "general" object was renamed to "verification" since it
contains parameters specific to the incoming verification
process. It also never handled ca_path and crl_path
correctly.
* A new "attestation" object was added that controls the
outgoing attestation process. It sets default certificates,
keys, etc.
* The "certificate" object was renamed to "tn" and had it's key
change to telephone number since outgoing call attestation
needs to look up certificates by telephone number.
* The "profile" object had more parameters added to it that can
override default parameters specified in the "attestation"
and "verification" objects.
* The "store" object was removed altogther as it was never
implemented.
* We now use libjwt to create outgoing Identity headers and to
parse and validate signatures on incoming Identiy headers. Our
previous custom implementation was much of the source of the
interoperability issues.
* General code cleanup and refactor.
* Moved things to better places.
* Separated some of the complex functions to smaller ones.
* Using context objects rather than passing tons of parameters
in function calls.
* Removed some complexity and unneeded encapsuation from the
config objects.
Resolves: #351Resolves: #46
UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.
UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed. The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information. This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added. Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
(cherry picked from commit 2e0d837e01)
If a dynamic string is created with an initial length of 0,
`ast_str_buffer(…)` will return an invalid pointer.
This was a secondary discovery when fixing #65.
(cherry picked from commit 31ab82840b)
The last time configure was run, it was run on a system that
did not enable -std=gnu11 by default, which meant that the
restrict qualifier would not be recognized on certain platforms.
This regenerates the configure files from running bootstrap.sh,
so that these should be recognized on all supported platforms.
Resolves: #586
(cherry picked from commit d0d09ef010)
Given the scenario of passing an empty string to the
ast_strsep functions the functions would return NULL
instead of an empty string. This is counter to how
strsep itself works.
This change alters the behavior of the functions to
match that of strsep.
Fixes: #565
(cherry picked from commit 8ce69eda14)
Certain channel options are not set anywhere or
exposed in any way to users, making them unusable.
This exposes some of these options which make sense
for users to manipulate at runtime.
Resolves: #442
(cherry picked from commit 9211fb5e97)
See UserNote below.
Exposed the existing Hangup AMI action in manager.c so we can use
all of it's channel search and AMI protocol handling without
duplicating that code in dialplan_functions.c.
Added a lookup function to res_pjsip.c that takes in the
string represenation of the pjsip_status_code enum and returns
the actual status code. I.E. ast_sip_str2rc("DECLINE") returns
603. This allows the caller to specify PJSIPHangup(decline) in
the dialplan, just like Hangup(call_rejected).
Also extracted the XML documentation to its own file since it was
almost as large as the code itself.
UserNote: A new dialplan app PJSIPHangup and AMI action allows you
to hang up an unanswered incoming PJSIP call with a specific SIP
response code in the 400 -> 699 range.
(cherry picked from commit af7e89ebf8)
This commit introduces an extension to the endpoint and relevant
resource sizes for PJSIP, transitioning from its current 40-character
constraint to a more versatile 255-character capacity. This enhancement
significantly overcomes limitations related to domain qualification and
practical usage, ultimately delivering improved functionality. In
addition, it includes adjustments to accommodate the expanded realm size
within the ARI, specifically enhancing the maximum realm length.
Resolves: #345
UserNote: With this update, the PJSIP realm lengths have been extended
to support up to 255 characters.
UpgradeNote: As part of this update, the maximum allowable length
for PJSIP endpoints and relevant resources has been increased from
40 to 255 characters. To take advantage of this enhancement, it is
recommended to run the necessary procedures (e.g., Alembic) to
update your schemas.
(cherry picked from commit 9b70b18dec)
You can now define the _TRACE_PREFIX_ macro to change the
default trace line prefix of "file:line function" to
something else. Full documentation in logger.h.
(cherry picked from commit f599114ee3)
The current STIR/SHAKEN implementation is not currently usable due
to encryption issues. Rather than trying to futz with OpenSSL and
the the current code, we can take advantage of the existing
capabilities of libjwt but we first need to add it to the
third-party infrastructure already in place for jansson and
pjproject.
A few tweaks were also made to the third-party infrastructure as
a whole. The jansson "dest" install directory was renamed "dist"
to better match convention, and the third-party Makefile was updated
to clean all product directories not just the ones currently in
use.
Resolves: #349
(cherry picked from commit d7a6116681)
This commit fixes crashes in JSON_DECODE() for types null, true, false
and real numbers.
In addition it ensures that a path is not deeper than 32 levels.
Also allow root object to be an array.
Add unit tests for above cases.
(cherry picked from commit 1cbbf36929)
Previously, DETECT_DEADLOCKS depended on DEBUG_THREADS.
Unfortunately, DEBUG_THREADS adds a lot of lock tracking overhead
to all of the lock lifecycle calls whereas DETECT_DEADLOCKS just
causes the lock calls to loop over trylock in 200us intervals until
the lock is obtained and spits out log messages if it takes more
than 5 seconds. From a code perspective, the only reason they were
tied together was for logging. So... The ifdefs in lock.c were
refactored to allow DETECT_DEADLOCKS to be enabled without
also enabling DEBUG_THREADS.
Resolves: #321
UserNote: You no longer need to select DEBUG_THREADS to use
DETECT_DEADLOCKS. This removes a significant amount of overhead
if you just want to detect possible deadlocks vs needing full
lock tracing.
(cherry picked from commit e1050b4add)
Add a wrapper function around ast_cel_publish_event that
packs event and extras into a blob before publishing
Resolves:#330
(cherry picked from commit 4592f97c36)
To better co-exist with sounds files that may be managed by
packages, custom sound files may now be placed in
AST_DATA_DIR/sounds/custom instead of the standard
AST_DATA_DIR/sounds/<lang> directory. If the new
"sounds_search_custom_dir" option in asterisk.conf is set
to "true", asterisk will search the custom directory for sounds
files before searching the standard directory. For performance
reasons, the "sounds_search_custom_dir" defaults to "false".
Resolves: #315
UserNote: A new option "sounds_search_custom_dir" has been added to
asterisk.conf that allows asterisk to search
AST_DATA_DIR/sounds/custom for sounds files before searching the
standard AST_DATA_DIR/sounds/<lang> directory.
(cherry picked from commit 0e0f99db1d)
The previous behavior of make_buildopts_h was to not add the
non-ABI-breaking MENUSELECT_CFLAGS like DETECT_DEADLOCKS,
REF_DEBUG, etc. to the buildopts.h file because "it caused
ccache to invalidate files and extended compile times". They're
only defined by passing them on the gcc command line with '-D'
options. In practice, including them in the include file rarely
causes any impact because the only time ccache cares is if you
actually change an option so the hit occurrs only once after
you change it.
OK so why would we want to include them? Many IDEs follow the
include files to resolve defines and if the options aren't in an
include file, it can cause the IDE to mark blocks of "ifdeffed"
code as unused when they're really not.
So...
* Added a new menuselect compile option ADD_CFLAGS_TO_BUILDOPTS_H
which tells make_buildopts_h to include the non-ABI-breaking
flags in buildopts.h as well as the ABI-breaking ones. The default
is disabled to preserve current behavior. As before though,
only the ABI-breaking flags appear in AST_BUILDOPTS and only
those are used to calculate AST_BUILDOPT_SUM.
A new AST_BUILDOPT_ALL define was created to capture all of the
flags.
* make_version_c was streamlined to use buildopts.h and also to
create asterisk_build_opts_all[] and ast_get_build_opts_all(void)
* "core show settings" now shows both AST_BUILDOPTS and
AST_BUILDOPTS_ALL.
UserNote: The "Build Options" entry in the "core show settings"
CLI command has been renamed to "ABI related Build Options" and
a new entry named "All Build Options" has been added that shows
both breaking and non-breaking options.
(cherry picked from commit 42f82d55b0)
* Since ICE candidates are used for the check and pjproject is
required to use ICE, res_rtp_asterisk was failing to compile
when pjproject wasn't available. The check is now wrapped
with an #ifdef HAVE_PJPROJECT.
* The rtp->ice_active_remote_candidates container was being
used to check the address on incoming packets but that
container doesn't contain peer reflexive candidates discovered
during negotiation. This was causing the check to fail
where it shouldn't. We now check against pjproject's
real_ice->rcand array which will contain those candidates.
* Also fixed a bug in ast_sockaddr_from_pj_sockaddr() where
we weren't zeroing out sin->sin_zero before returning. This
was causing ast_sockaddr_cmp() to always return false when
one of the inputs was converted from a pj_sockaddr, even
if both inputs had the same address and port.
Resolves: #500Resolves: #503Resolves: #505
