In your Diaplan, if you specify
same => n,Set(CHANNEL(secure_bridge_media)=1)
same => n,Set(CHANNEL(secure_bridge_signaling)=1)
only the SIP channel driver chan_sip supports this. All other channels drivers
like res_pjsip fail. In case of failure, the original sRTP source code released
the whole channel, even if not hung-up, yet. This change does not release the
channel but instead hangs-up the channel.
ASTERISK-26306
Change-Id: I0489f0cb660fab6673b0db8af027d116e70a66db
When using the migration script sip_to_pjsip.py, and your sip.conf is
configured with bindaddr=::, two transports are written to pjsip.conf, one for
0.0.0.0 (IPv4) and one for [::] (IPv6). That way, PJProject listens on the IPv4
and IPv6 wildcards; a IPv4/IPv6 Dual Stack configuration on a single interface
like in chan_sip.
Furthermore, the script internal functions "build_host" and "split_hostport"
did not parse Literal IPv6 addresses as expected (like [::1]:5060). This change
makes sure, even such addresses are parsed correctly.
ASTERISK-26309
Change-Id: Ia4799a0f80fc30c0550fc373efc207c3330aeb48
We may check a global config option hundreds of times a second or more.
Asking sorcery for the global configuration from the config files backend
involves several allocations and container traversals. Using realtime
without a memory cache is a lot worse because you have to lookup in the
realtime database each time to reconstitute the sorcery object. With a
memory cache for realtime, there is about the same amount of overhead as
for config files. Either way, it is still fairly expensive to access the
sorcery object that much.
* Cache the global config options so we can access them faster. You must
now always perform a res_pjsip reload to change the global options.
Change-Id: Ice16c7a4cbca4614da344aaea21a072b86263ef7
ast_channel_get_t38_state() calls ast_channel_queryoption() with
AST_OPTION_T38_STATE. If the passed in channel is a local channel then a
deadlock can happen if a channel lock is held when called.
* Made ast_channel_get_t38_state() callers not hold a channel lock before
calling.
* Update ast_channel_get_t38_state() doxygen to note that no channel locks
can be held when calling the function.
ASTERISK-26203 #close
Reported by: Etienne Lessard
ASTERISK-24822 #close
Reported by: David Brillert
ASTERISK-22732 #close
Reported by: Richard Mudgett
Change-Id: I49fd76fa9af628b4198009b5c0b82c8b03681214
ASTERISK-25980 added the FAXMODE channel variable to res_fax.c.
Unfortunately, it also introduced a deadlock potential because
set_channel_variables() which sets FAXMODE can be called during a
masquerade. The ast_channel_get_t38_state() which gets the value used to
set FAXMODE cannot be called with the channel locked. As a result, local
channels can deadlock because of how they must acquire the locks necessary
to operate.
The intent of FAXMODE is for dialplan to know how a fax was transferred
after the fax completes. However, the previous patch sets FAXMODE to the
channel's current T.38 state AFTER the fax has completed and where T.38
may have already disconnected.
* Set FAXMODE based upon T.38 negotiations exchanged either with the fax
applications or the fax framehooks.
ASTERISK-26203
Reported by: Etienne Lessard
ASTERISK-24822
Reported by: David Brillert
ASTERISK-22732
Reported by: Richard Mudgett
Change-Id: Id525747254b64c1efe8b1b5973d52ff9719c2ae1
fax_gateway_indicate_t38() calls ast_indicate_data() which cannot be
called with any channel locks already held. A deadlock can happen if the
function is operating on a local channel.
* Made fax_gateway_indicate_t38() unlock the channel before calling
ast_indicate_data() since fax_gateway_indicate_t38() is always called with
the channel locked.
* Made fax_gateway_indicate_t38() return void since nothing cared about
its return value.
ASTERISK-26203
Reported by: Etienne Lessard
ASTERISK-24822
Reported by: David Brillert
ASTERISK-22732
Reported by: Richard Mudgett
Change-Id: I701ff2d26c5fc23e0d5a48a3fd98759a9fd09407
As described in issue ASTERISK-26282 the AEL parser creates macros with
extension '~~s~~'. app_macro searches only for extension 's' so the
created extension cannot be found. with this patch app_macro searches for
both extensions and performs the right extension.
ASTERISK-26282 #close
Change-Id: I939aa2a694148cc1054dd75ec0c47c47f47c90fb
Starting from draft 2 of RFC 5456 (October 23, 2006) plaintext auth
is not supported in IAX2 protocol. Please refer to section 8.6.13 of
RFC 5456.
But plaintext auth is still supported by Asterisk implementation of IAX2.
This support should be dropped.
Patch, based on asterisk-dev discussion, adds deprecation warning on
startup if 'auth' is set to 'plaintext', changes default values of
'auth' from 'md5, plaintext' to 'md5'.
Patch is safe in terms of backwards compatibility, will work even if
remote peers have auth=plaintext and we have defaults.
auth=plaintext setting will remain deprecated in Asterisk 14 and 15,
and IAX2 plaintext support will be removed in Asterisk 16.
ASTERISK-22820 #close
Change-Id: I5d2f3830cb57645604818f87518916e8a5c317bf
NOTE: This patch was submitted earlier and reverted because of a failing
test. The test has been patched so that it adjusts for the changes here,
so this is being resubmitted for review.
One feature that confbridge has is the ability to play sounds to all
participants in the conference. Prior to this commit, the algorithm for
this was as follows:
* Grab the playback lock
* Push the conference announcer channel into the bridge
* Play back the sound
* Pull the conference announcer channel from the bridge
* Release the playback lock
The issue here is that the act of adding the playback channel to the
bridge and removing it for each announcement is expensive. Amongst the
expenses:
* The announcer channel is imparted into the bridge, meaning a new
thread is spun up for each playback.
* When the announcer is added or removed from the bridge, it results
in the BRIDGEPEER channel variable being set on all channels in the
bridge. This requires keeping the bridge locked and locking each
individual channel in order to set it.
* There's also just the general overhead of adding the channel and
removing it from the bridge. The bridge potentially has to reconfigure
every single time
With this commit, the paradigm for playing back announcements has
shifted.
* The announcer channel is now added to the bridge when the conference
is allocated, and it is hung up when the conference is destroyed.
* A taskprocessor is used to queue playbacks onto the announcer channel.
This keeps the behavior from before where playbacks do not overlap.
* The announcer channel is no longer placed into the bridge as
departable. Since we are not constantly removing the channel from
the bridge, it is safe to add the channel using an independent thread
and simply hang the channel up when it is time for the conference to
be destroyed.
The use of the taskprocessor for playbacks opens up the interesting
possibility of having asynchronous announcements played. In this commit,
however, the behavior is still exactly the same as it previously was.
ASTERISK-26289
Reported by Mark Michelson
Change-Id: Ica9fa4907c2f3728cdd1cf0bc564ef4eb40754a0
The compilation failed for devmode
--enable DONT_OPTIMIZE
--enable BETTER_BACKTRACES
--enable DO_CRASH
--enable TEST_FRAMEWORK
res_pjsip/pjsip_configuration.c: In function dtls_handler:
res_pjsip/pjsip_configuration.c:974:20: error:
back may be used uninitialized in this function [-Werror=maybe-uninitialized]
int size = strlen(front);
^
cc1: all warnings being treated as errors
Change-Id: I7f082ead0312792a577ec7c73015ba64dabca580
When res_odbc_transaction depended on res_odbc, it got the generic_odbc
headers and libs implicitly. Now that it no longer depends on res_odbc,
its dependency on generic_odbc must be explicit.
Change-Id: I9db88f7af7388437f49903d3008ba8d4890d5911
PJProject supports a lot of platforms even Windows, some with different defaults
when it comes to IPv6. In many Linux platforms like Ubuntu 16.04 LTS,
"/proc/sys/net/ipv6/bindv6only" is set to 0 (false). Different than in Windows.
Because of this, if configured with just an IPv6 address/transport, PJProject
listens to both IPv4 and IPv6. However, this is not supported by the PJProject
team. As consequence, you end-up with IPv4-mapped IPv6 addresses in SDP,
incompatible with IPv4-only clients. Technically, you end-up with an IPv6-only
server which accepts incoming connections on IPv4.
If you try to configure two transports, one with IPv4 and one with IPv6 on the
same interface, as expected by the PJProject team, the IPv4 transport is not
able to bind because the IPv6 transport listens to both already.
One solution would be to change "/proc/sys/net/ipv6/bindv6only" system-wide.
Then, you are able to configure two transports, one for each IP version on the
same interface. That way, you get a server which works with IPv4 clients and
IPv6 clients at the same time over the same interface.
Here, this change sets this parameter directly within PJProject to match the
expectations of the PJProject team in any case. This allows IPv4/IPv6 Dual Stack
servers out of the box like in chan_sip. This change was accepted by the
PJProject team as <http://trac.pjsip.org/repos/changeset/5403> and is expected
to arrive in the next version, PJProject 2.6.0. Until then, this change is
incorporated in the bundled PJProject of Asterisk.
ASTERISK-26309
Change-Id: I3335d8718f79f4b2feae91b5b005a3ce684a63ae
MALLOC_DEBUG should not be used to check if debugging is actually
enabled, __AST_DEBUG_MALLOC should be used instead. MALLOC_DEBUG only
indicates that debugging is requested, __AST_DEBUG_MALLOC indicates it
is active.
Change-Id: I3ce9cdb6ec91b74ee1302941328462231be1ea53
Allocator functions that take file/line/func parameters are prefixed
with single-underscore when MALLOC_DEBUG is not defined,
double-underscore when it is defined. This change updates all
allocators that accept file/line/func to have the same prototype in
either ABI mode. The parameter order of __ast_vasprintf and
__ast_asprintf in utils.h have been changed to match that of astmm.h.
End-use allocator macro's have been removed from astmm.h and moved to an
unconditional part of utils.h.
Change-Id: I823bb6ce2b5675b3a4735948f10a3b420e9a023a
updated the uri handler to include the url prefix of the http server
this enables res_ari to add it to the uris when generating docs
Change-Id: I279335a2625261a8492206c37219698f42591c2e
(cherry picked from commit 6f448f32fe)
When using the migration script sip_to_pjsip.py, cert_file was not migrated to
pjsip.conf. A previous change regarding this contained a copy/paste error.
ASTERISK-22374
Change-Id: I0fa72e9412117d53b4284fc6b83fa5b2b95ba03b
When 'tlsclientmethod' is not specified in sip.conf, chan_sip uses the OpenSSL
SSLv23_method. This was documented incorrectly in the file sip.conf.sample.
SSLv23_method got its name in the 90s. Today, with OpenSSL 1.0.2, this method
enables (just) the secure TLSv1.0 and TLSv1.2. Or stated differently, that
function should have been called 'secure_method' or 'automatic_method' back in
the 90s.
Consequently please, specify 'tlsclientmethod=tlsv1' in your sip.conf only if
you face a server which has problems like not falling back to TLSv1.0
automatically.
ASTERISK-24425
Change-Id: I502ce6146b4504cadfd3973af8d6ec3994f54fa3
Historically, Asterisk has always specified annexb=no for the g729 format.
However, when using res_pjsip no format attribute was specified. This patch
makes it so the SDP now contains a format attribute line with annexb=no.
Note, that this means only g729a is negotiated. Even for pass through support.
According to rfc7261 the type of annex used (a or b) is dependent upon the
answerer. However, Asterisk being a back to back user agent makes this tricky
to support at this time, thus we only allow annex 'a' for now.
ASTERISK-26228 #close
patches:
res_format_attr_g729.c submitted by Jason Parker (license 4993)
Change-Id: I76bc20cc0a01af01536e9915afef319c269c22d0
Given resource paths did not have 'json' substituted in for the '{format}'. For
some auto generated documentation/comment strings it resulted in something like
the following:
"... REST handler for /api-docs/sounds.{format}"
This patch makes sure the resource api's path is properly substituted.
ASTERISK-25472 #close
Change-Id: Ie3e950a35db4043e284019d6c9061f3b03922e23
The MODULEINFO dependencies between these 2 modules was reversed.
res_odbc should depend on res_odbc_transaction, not the other way
around.
ASTERISK-25984 #close
Change-Id: Ifcfbb49c0b51cf6640a5446d47cd6c48caf1331f
A recent update had a copy/paste error where the unused variable 'val' was
being passed to the set_value function instead of the 'method' value itself.
This patch passes in the right variable.
ASTERISK-22374
Change-Id: I895b7b3779ce4442bc58b8ec40d59dd29bb43f06
