Recent Releases
13.38.325 Jul 2021 00:25
minor feature:
AST-2021-009 - pjproject-bundled: Avoid crash during handshake for TLS
If an SSL socket parent/listener was destroyed during the handshake.
Depending on timing, it was possible for the handling callback to
Attempt access of it after the fact thus causing a crash. AST-2021-008 - chan_iax2: remote crash on unsupported media format
If chan_iax2 received a packet with an unsupported media format, for.
Example vp9, then it would set the frame's format to NULL. This could
Then result in a crash later when an attempt was made to access the
Format.
This patch makes it so chan_iax2 now ignores/drops frames received.
With unsupported media format types.
13.38.219 Feb 2021 16:45
minor feature:
Rtp: Enable srtp replay protection
Add option "srtpreplayprotection" rtp.conf to enable srtp.
Replay protection. res_pjsip_diversion: adding more than one histinfo to Supported
New responses sent within a PJSIP sessions are based on those that were.
Sent before. Therefore, adding/modifying a header once causes it to be
Sent on all responses that follow.
Sending 181 Call Is Being Forwarded many times first adds "histinfo".
Duplicated more and more, and eventually overflows past the array
Boundary.
This commit adds a check preventing adding "histinfo" more than once.
And skipping it if there is no more space in the header.
Similar overflow situations can also occur in res_pjsip_path and.
Res_pjsip_outbound_registration so those were also modified to
Check the bounds and suppress duplicate Supported values. pjsip: Make modify_local_offer2 tolerate previous failed SDP.
If a remote side is broken and sends an SDP that can not be.
Negotiated the call will be torn down but there is a window
Where a second 183 Session Progress or 200 OK that is forked
Can be received that also attempts to negotiate SDP. Since
The code marked the SDP negotiation as being done and complete
Prior to this it assumes that there is an active local and remote
SDP which it can modify, while in fact there is not as the SDP.
Did not successfully negotiate. Since there is no local or remote
SDP a crash occurs.
This patch changes the pjmedia_sdp_neg_modify_local_offer2.
Function to no longer assume that a previous SDP negotiation
Was successful.
13.38.123 Dec 2020 23:05
minor feature:
Update for 13.38.1
res/res_pjsip_diversion: prevent crash on tel: uri in History-Info.
Add a check to see if the URI is a Tel URI and prevent crashing on
trying to retrieve the reason parameter.
13.37.106 Nov 2020 08:05
minor feature:
AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
If Asterisk sends out an INVITE and receives a challenge with a.
Different nonce value each time, it will continuously send out INVITEs,
Even if the call is hung up. The endpoint must be configured for
Outbound authentication for this to occur. A limit has been set on
Outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate. AST-2020-001 - res_pjsip: Return dialog locked and referenced.
Pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference.
And removes the lock prior to returning. This makes it possible,
Under some circumstances, for another thread to free said dialog
Before the thread that created it attempts to use it again. Of
Course when the thread that created it tries to use a freed dialog
a crash can occur.
This patch makes it so Asterisk now returns the newly created.
Dialog both locked, and with an added reference. This allows the
Caller to de-reference, and unlock the dialog when it is safe to
do so.
In the case of a new SIP Invite the lock, and reference are now.
Held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects.
Like the transaction, to disappear. For example if there is a TCP
Transport error.
13.29.222 Nov 2019 23:05
minor feature:
Update CHANGES and UPGRADE.txt for 13.29.2
manager.c: Prevent the Originate action from running the Originate app.
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Action: Originate
Channel: Local/1111
Application: Originate
Data: Local/2222,app,System,touch /tmp/owned.
If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps. chan_sip.c: Prevent address change on unauthenticated SIP request.
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option. res_pjsip_session.c: Check for port of zero on incoming SDP.
If a re-invite comes in initiating T.38, but there is no c line in the
SDP and the port is also 0, a crash can occur. A check is now done on
the port to see if the steam is already declined, preventing the crash.
The logic was moved to res_pjsip_session.c because it is handled in a
similar manner in later versions of Asterisk.
13.29.118 Oct 2019 00:45
minor feature:
Pjproject_bundled: Replace earlier reverts with official.
in pjproject 2.9 caused us to revert some of their changes
as a work around. This introduced another where pjproject.
Wouldn't build with older gcc versions such as that found on
CentOS 6. This commit replaces the reverts with the official.
For the original and allows pjproject to be built
on CentOS 6 again. res_pjsip_mwi: potential double unref, and potential unwanted double link.
When creating an unsolicited MWI aggregate subscription it was possible for.
The subscription object to be double unref'ed. This patch removes the explicit
Unref as it is not needed since the RAII_VAR will handle it at function end.
Less concerning there was also a that could potentially allow the aggregate.
Subscription object to be added to the unsolicited container twice. This patch
Ensures it is added only once.
13.28.107 Sep 2019 02:45
minor feature:
AST-2019-005 - translate: Don't assume all frames will have a src.
This change removes the assumption that a frame will always have
a src set on it. This assumption is incorrect.
Given a scenario where an RTP packet is received with no payload.
The resulting audio frame will have no samples. If this frame goes
Through a signed linear translation path an interpolated frame can
be created (if generic packet loss concealment is enabled) that has.
Minimal data on it, including no src. If this frame is given to a
Translation path a crash will occur due to the lack of src.
13.27.112 Jul 2019 21:25
minor feature:
Res_pjsip_messaging: Check for body in in-dialog message
We now check that a body exists and it has a length 0 before.
Attempting to process it. chan_sip: Handle invalid SDP answer to T.38 re-invite
The chan_sip module performs a T.38 re-invite using a single media.
Stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional.
Media stream with no joint codec a crash will occur as the code
Assumes that at least one joint codec will exist in this
Scenario.
This change removes this assumption.
13.24.127 Dec 2018 17:05
minor feature:
Revert "stasis_cache: Stop caching stasis subscription change messages"
This commit caused with polling when combined with
the revert commit "Revert "app_voicemail: Remove need to subscribe
to stasis".
This reverts commit 94a4eea7f6e486368b35585ea867479f248095c2.
13.23.121 Sep 2018 20:05
minor feature:
AST-2018-009: crash processing websocket HTTP Upgrade requests
The HTTP request processing in res_http_websocket allocates additional.
Space on the stack for various headers received during an Upgrade request.
An attacker could send a specially crafted request that causes this code
to overflow the stack, resulting in a crash.
No longer allocate memory from the stack in a loop to parse the header.
Values. NOTE: There is a slight API change when using the passed in
Strings as is. We now require the passed in strings to no longer have
Leading or trailing whitespace. This isn't a problem as the only callers
Have already done this before passing the strings to the affected
Function. CI: typo in testsuite git checkout
CI: Use proper credentials for Security testsuite checkout.
Can't do anonymous http checkout from Security-testsuite.
Need to use same credentials as the gerrit review checkout.
13.21.113 Jun 2018 06:05
minor feature:
Update for 13.21.1
AST-2018-008: enumeration of endpoints from ACL rejected addresses.
When endpoint specific ACL rules block a SIP request they respond with a
403 forbidden. However, if an endpoint is not identified then a 401.
Unauthorized response is sent. This vulnerability just diswhich
Requests hit a defined endpoint. The ACL rules cannot be bypassed to gain
Access to the disendpoints.
Made endpoint specific ACL rules now respond with a 401 unauthorized.
Which is the same as if an endpoint were not identified. The is
Accomplished by replacing the found endpoint with the artificial endpoint
Which always fails authentication.
13.19.225 Feb 2018 18:05
minor feature:
AST-2018-003: Crash with an invalid SDP fmtp attribute
Pjproject's fmtp retrieval function failed to catch invalid fmtp attributes.
Because of this Asterisk would crash if given an SDP with an invalid fmtp.
Attribute.
When retrieving the format this patch now makes sure the fmtp attribute is.
Available. If not available it now returns an error status. AST-2018-002: Crash with an invalid SDP media format description
Pjproject's media format parsing algorithm failed to catch invalid values.
Because of this Asterisk would crash if given an SDP with a invalid media.
Format description.
When parsing the media format description this patch now properly parses the.
Value and returns an error status if it can't successfully parse/convert the
Value. AST-2018-005: res_pjsip_transport_management: Move to core
Since res_pjsip_transport_management provides several attack.
Mitigation features, its functionality moved to res_pjsip and
This module has been removed. This way the features will always
be available if res_pjsip is loaded. AST-2018-005: tdata leaks when calling pjsip_endpt_send_response(2).
Pjsip_distributor:
Authenticate() creates a tdata and uses it to send a challenge or
Failure response. When pjsip_endpt_send_response2() succeeds, it
Automatically decrements the tdata ref count but when it fails, it
Doesn't. Since we weren't checking for a return status, we weren't
Decrementing the count ourselves on error and were therefore leaking
Tdatas.
Res_pjsip_session:
Session_reinvite_on_rx_request wasn't decrementing the ref count
if an error happened while sending a 491 response.
Pre_session_setup wasn't decrementing the ref count if
While sending an error after a pjsip_inv_verify_request failure.
Res_pjsip:
Ast_sip_send_response wasn't decrementing the ref count on error. AST-2018-004: Restrict the number of Accept headers in a SUBSCRIBE.
When receiving a SUBSCRIBE request the Accept headers from it are.
Stored locally. This operation has a limit of 32 Accept headers
But
13.19.117 Feb 2018 06:25
minor feature:
Cdr.c: runtime leak of CDR records.
Need to remove all CDR's listed by a CDR object from the active_cdrs_all.
Container including the root/master record.
13.18.524 Dec 2017 00:05
minor feature:
AST-2017-014: res_pjsip - Missing contact header can cause crash
Those SIP messages that create dialogs require a contact header to be present.
If the contact header was missing from the message it could cause Asterisk to.
Crash.
This patch checks to make sure SIP messages that create a dialog contain the.
Contact header. If the message does not and it is required Asterisk now returns
a "400 Missing Contact header" response. Also added NULL checks when retrieving.
The contact header that were missing as a "just in case".
13.18.415 Dec 2017 02:25
minor feature:
AST-2017-012: Place single RTCP report block at beginning of report.
When the RTCP code was transitioned over to Stasis a code change.
Was made to keep track of how many reports are present. This count
Controlled where report blocks were placed in the RTCP report.
If a compound RTCP packet was received this logic would incorrectly.
Place a report block in the wrong location resulting in a write
to an invalid location.
This change removes this counting logic and always places the report.
Block at the first position. If in the future multiple reports are
Supported the logic can be extended but for now keeping a count
Serves no purpose.
13.18.303 Dec 2017 08:45
minor feature:
AST-2017-013: chan_skinny: Call pthread_detach when sess threads end
Chan_skinny creates a new thread for each new session. In trying
to be a good cleanup citizen, the threads are joinable and the.
Unload_module function does a pthread_cancel() and a pthread_join()
on any sessions that are active at that time. This has an.
Unintended side effect though. Since you can call pthread_join on a
Thread that's already terminated, pthreads keeps the thread's
Storage around until you explicitly call pthread_join (or
Pthread_detach()). Since only the module_unload function was
Calling pthread_join, and even then only on the ones active at the
Tme, the storage for every thread/session ever created sticks
Around until asterisk exits.
A thread can detach itself so the session_destroy() function.
Now calls pthread_detach() just before it frees the session
Memory allocation. The module_unload function still takes care
of the ones that are still active should the module be unloaded.
13.18.217 Nov 2017 14:45
minor feature:
Res_pjsip: Add to list of valid characters for from_user.
a regression where some characters were unable to be used in.
The from_user field of an endpoint. Additionally, the backtick was
Removed from the list of valid characters, since it is not valid,
And it was replaced with a single quote, which is a valid character. res_pjsip_registrar.c: named AOR and pjproject group deadlock.
One of the patches for ASTERISK_27147 introduced a deadlock regression.
When the connection oriented transport shut down, the code attempted to.
Remove the associated contact. However, that same transport had just
Requested a registration that we hadn't responded to yet. Depending
Upon timing we could deadlock.
Made send the REGISTER response after we completed processing the.
Request contacts and released the named AOR lock to avoid the deadlock.
13.18.109 Nov 2017 06:25
minor feature:
AST-2017-009: pjproject: Add validation of numeric header values
Parsing the numeric header fields like cseq, ttl, port, etc. all.
Had the potential to overflow, either causing unintended values to
be captured or, if the values were subsequently converted back to.
Strings, a buffer overrun. To address this, new "strto" functions
Have been created that do range checking and those functions are
Used wherever possible in the parser.
Created pjlib/include/limits.h and pjlib/include/compat/limits.h
to either include the system limits.h or define common numeric.
Limits if there is no system limits.h.
Created strto*_validate functions in sip_parser that take bounds.
And on failure call the on_str_parse_error function which prints
an error message and calls PJ_THROW.
Updated sip_parser to validate the numeric fields.
an in sip_transport that prevented error messages.
From being properly displayed.
Added "volatile" to some variables referenced in PJ_CATCH blocks
as the optimizer was sometimes optimizing them away.
Length calculation in sip_transaction/create_tsx_key_2543
to account for signed ints being 11 characters, not 9. AST-2017-011 - res_pjsip_session: session leak when a call is rejected.
A previous commit made it so when an invite session transitioned into a.
Disconnected state destruction of the Asterisk pjsip session object was
Postponed until either a transport error occurred or the event timer
Expired. However, if a call was rejected (for instance a 488) before the
Session was fully established the event timer may not have been initiated,
or it was canceled without triggering either of the session finalizing states.
Mentioned above.
Really the only time destruction of the session should be delayed is when a
BYE is being transacted. This is because it's possible in some cases for the.
Session to be disconnected, but the BYE is still transacting.
This patch makes it so the session object always gets released (no more.
Memory leak) when the pjsip session is in a dis
13.17.220 Sep 2017 10:05
minor feature:
AST-2017-008: Improve RTP and RTCP packet processing.
Validate RTCP packets before processing them.
Validate that the received packet is of a minimum length and apply the
RFC3550 RTCP packet validation checks.
Potentially reading garbage beyond the received RTCP record data.
Rtp- themssrc only being set once when the remote could change.
The SSRC. We would effectively stop handling the RTCP statistic records.
Rtp- themssrc to not treat a zero value as special by adding.
Rtp- themssrc_valid to indicate if rtp- themssrc is available. strict RTP learning from always accepting the first new address
Packet as the new stream.
Strict RTP to initialize the expected sequence number with the.
Last received sequence number instead of the last transmitted sequence
Number.
The predicted next sequence number calculation in.
Rtp_learning_rtp_seq_update() to handle overflow.
13.17.101 Sep 2017 20:45
minor feature:
Pjsip_message_ip_updater: handling "tel" URIs
Sanitize_tdata was assuming all URIs were SIP URIs so when a non
SIP uri was in the From, To or Contact headers, the unconditional.
Cast of a non-pjsip_sip_uri structure to pjsip_sip_uri caused
a segfault when trying to access uri- other_param.
Added PJSIP_URI_SCHEME_IS_SIP(uri) PJSIP_URI_SCHEME_IS_SIPS(uri).
Checks before attempting to cast or use the returned uri. AST-2017-006: app_minivm application MinivmNotify command injection
An admin can configure app_minivm with an externnotify program to be run.
When a voicemail is received. The app_minivm application MinivmNotify
Uses ast_safe_system() for this purpose which is vulnerable to command
Injection since the Caller-ID name and number values given to externnotify
Can come from an external untrusted source.
Add ast_safe_execvp() function. This gives modules the ability to run.
External commands with greater safety compared to ast_safe_system().
Specifically when some parameters are filled by untrusted sources the new.
Function does not allow malicious input to break argument encoding. This
May be of particular concern where CALLERID(name) or CALLERID(num) may be
Used as a parameter to a script run by ast_safe_system() which could
Potentially allow arbitrary command execution.
Changed app_minivm.c:run_externnotify() to use the new ast_safe_execvp().
Instead of ast_safe_system() to avoid command injection.
Document code injection potential from untrusted data sources for other.
Shell commands that are under user control. res_rtp_asterisk: Only learn a new source in learn state.
This change moves the logic which learns a new source address.
For RTP so it only occurs in the learning state. The learning
State is entered on initial allocation of RTP or if we are
Told that the remote address for the media has changed. While
in the learning state if we continue to receive media from.
The original source we restart the learning process. It is
Only once we receive a sufficien
13.15.121 May 2017 08:05
minor feature:
AST-2017-004: chan_skinny: Add EOF check in skinny_session
The while(1) loop in skinny_session wasn't checking for EOF so
a packet that was longer than a header but still truncated.
Would spin the while loop infinitely. Not only does this
Permanently tie up a thread and drive a core to 100 utilization,
The call of ast_log() in such a tight loop eats all available
Process memory.
Added poll with timeout to top of read loop.
AST-2017-003: Handle zero-length body parts correctly. AST-2017-002: Ensure transaction key buffer is large enough.
13.14.106 Apr 2017 00:45
minor feature:
CDR: Protect from data overflow in ast_cdr_setuserfield.
Ast_cdr_setuserfield wrote to a length field using strcpy. This could.
Result in a buffer overrun when called from chan_sip or func_cdr. This patch
Adds a maximum bytes written to the field by using ast_copy_string instead.
13.13.109 Dec 2016 14:45
minor feature:
Update for 13.13.1
chan_sip: Do not allow non-SP/HTAB between header key and colon.
RFC says SIP headers look like:
HCOLON = *( SP / HTAB ) ":" SWS
SWS = LWS ; sep whitespace
LWS = *WSP CRLF 1*WSP ; linear whitespace
WSP = SP / HTAB ; from rfc2234.
chan_sip implemented this:
HCOLON = *( LOWCTL / SP ) ":" SWS
LOWCTL = x00-1F ; CTL without DEL.
This discrepancy meant that SIP proxies in front of Asterisk with
chan_sip could pass on unknown headers with x00- x1F in them, which
would be treated by Asterisk as a different (known) header. For
example, the "To x01:" header would gladly be forwarded by some proxies
as irrelevant, but chan_sip would treat it as the relevant "To:" header.
Those relying on a SIP proxy to scrub certain headers could mistakenly
get unexpected and unvalidated data fed to Asterisk.
This change so chan_sip only considers SP/HTAB as valid tokens
before the colon, making it agree on the headers with other speakers of
SIP. res_format_attr_opus: crash when fmtp contains spaces.
When an opus offer or answer was received that contained an
fmtp line with spaces between the attributes the module would
fail to properly parse it and crash due to recursion.
This change makes the module handle the space properly and
also removes the recursion requirement.
13.12.212 Nov 2016 06:25
minor feature:
Revert "chan_sip: lastrtprx always updated"
This reverts commit 93332cb1d0eea18021ea6538237297e627d6e2fc.
Unfortunately, the aforementioned commit caused a regression (incoming calls
would eventually disconnect). Thus it is being removed.
13.12.103 Nov 2016 09:25
minor feature:
App_voicemail: Clear voice mailbox in MailboxExists and MAILBOX_EXISTS.
When executing the MailboxExists dialplan application and
MAILBOX_EXISTS dialplan function the passed in temporary voice.
Mailbox was not cleared, causing it to try to free garbage.
13.11.211 Sep 2016 06:45
minor feature:
Release summaries: Remove previous versions
version: Update for 13.11.2.
lastclean: Update for 13.11.2.
realtime: Add database scripts for 13.11.2.
res_pjsip: Only invoke unidentified endpoint logic when unidentified.
The code was incorrectly invoking the unidentified logic when
an endpoint had actually been identified, causing log messages
to be output.
13.11.002 Sep 2016 23:25
minor feature:
Release summaries: Add summaries for 13.11.0
Release summaries: Remove previous versions.
version: Update for 13.11.0.
lastclean: Update for 13.11.0.
realtime: Add database scripts for 13.11.0.
ChangeLog: Updated for 13.11.0.
Release summaries: Add summaries for 13.11.0.
Release summaries: Remove previous versions.
version: Update for 13.11.0.
lastclean: Update for 13.11.0.
realtime: Add database scripts for 13.11.0.
13.10.022 Jul 2016 14:25
minor feature:
Release summaries: Add summaries for 13.10.0
Release summaries: Remove previous versions.
version: Update for 13.10.0.
lastclean: Update for 13.10.0.
realtime: Add database scripts for 13.10.0.
13.9.119 May 2016 19:45
minor feature:
Release summaries: Remove previous versions
version: Update for 13.9.1.
lastclean: Update for 13.9.1.
realtime: Add database scripts for 13.9.1.
Use doubles instead of floats for conversions when comparing strings.
In 13.9.0, there was an where PJSIP contacts added to an AOR would
be deleted at seemingly random times.
One reason this was happening was because of an operation to retrieve.
The contacts whose expiration time was less than or equal to the current
Time. When retrieving existing contacts, the contact's expiration time
And the current time were converted from a string to a float, and those
Two floats were compared.
On some systems, including mine, this conversion was horribly off. For.
Instance, I could regularly see the string "1463079214" get converted
Into 1463079168.000000. When switching from using a float to using a
Double, the conversion was as expected.
Why was the conversion to float off? My best guess is that the.
Conversion to float was attempting to store the entire value in the 23
Bit significand of the IEEE-754 floating point number. In particular, if
You take only the 23 most significant bits of 1463079214, you get the
Messed up 1463079168 that we were seeing in the conversion. It likely
Was possible to get a more precise value by composing the number using
an exponent, but the conversion did not work that way. With a double.
You have a 52 bit significand, allowing the entire value to fit there,
And thereby allowing an accurate conversion. res_sorcery_astdb: creation of retrieved objects.
The contents of this commit come from a portion of commit.
A01ce2b88912cd802bb045e40fe264906e55bc45 of the 13 branch.
The commit referenced above's main point was to introduce some.
Performance enhancements for realtime. However, mixed in with that was a
For sorcery's astdb backend. The astdb was using an empty
Objectset to create an object.
This, combined with the floating point conversion, was what was.
Contributing to contacts being deleted early.
13.9.011 May 2016 09:25
minor feature:
Release summaries: Add summaries for 13.9.0
Release summaries: Remove previous versions.
version: Update for 13.9.0.
lastclean: Update for 13.9.0.
realtime: Add database scripts for 13.9.0.
13.8.228 Apr 2016 03:25
minor feature:
Release summaries: Remove previous versions
version: Update for 13.8.2.
lastclean: Update for 13.8.2.
realtime: Add database scripts for 13.8.2.
res_pjsip_registrar: bad memory-ness with user_agent.
Recent changes to the PJSIP registrar resulted in tests failing due to.
Missing AOR_CONTACT_ADDED test events. The reason for this was that the
User_agent string had junk values in it, resulting in being unable to
Generate the event.
I'm going to be honest here, I have no idea why this was happening. Here.
Are the steps needed for the user_agent variable to get messed up:
REGISTER is received.
First contact in the REGISTER results in a contact being removed.
Second contact in the REGISTER results in a contact being added.
The contact, AOR, expiration, and user agent all have to be passed as.
Format parameters to the creation of a string. Any subset of those
Parameters would not be enough to cause the problem.
Looking into what was happening, the thing that struck me as odd was.
That the user_agent variable was meant to be set to the value of the
User-Agent SIP header in the incoming REGISTER. However, when removing a.
Contact, the user_agent variable would be set (via ast_strdupa inside a
Loop) to the stored contact's user_agent. This means that the
User_agent's value would be incorrect when attempting to process further
Contacts in the incoming REGISTER.
The here is to use a different variable for the stored user agent.
When removing a contact. Correcting the behavior to be correct also
Means the memory usage is less weird, and the no longer occurs. res_pjsip_transport_management: Allow unload to occur.
At shutdown it is possible for modules to be unloaded that wouldn't.
Normally be unloaded. This allows the environment to be cleaned up.
The res_pjsip_transport_management module did not have the unload.
Logic in it to clean itself up causing the res_pjsip module to not
Get unloaded. As a result the res_pjsip monitor thread kept going
Processing traffic and timers when i
13.8.120 Apr 2016 13:25
minor feature:
Transport management: Register thread with PJProject.
The scheduler thread that kills idle TCP connections was not registering.
With PJProject properly and causing assertions if PJProject was built in
Demode.
This change registers the thread with PJProject the first time that the.
Scheduler callback executes.
2016-03-08 12:12 +0000 efafbb1319 Mark Michelson.
Res_pjsip_transport_management: Kill idle TCP connections.
Idle" here means that someone connects to us and does not send a SIP.
Request. PJProject will not automatically time out such connections, so
it's up to Asterisk to do it instead.
When we receive an incoming TCP connection, we will start a timer.
equivalent to transaction timer D) waiting to receive an incoming.
Request. If we do not receive a request in that timeframe, then we will
Shut down the TCP connection.
Rename res_pjsip_keepalive res_pjsip_transport_management.
Reported by George Joseph.
Due to some ignored return values, Asterisk could crash if processing an.
Incoming REGISTER whose contact URI was above a certain length.
Patches:
0001-res_pjsip-Validate-that-URIs-don-t-exceed-pjproject-.patch.
Asterisk 13.8.0 Released.
Release summaries: Add summaries for 13.8.0.
Release summaries: Remove previous versions.
version: Update for 13.8.0.
lastclean: Update for 13.8.0.
Realtime: Add database scripts for 13.8.0.
Asterisk 13.8.0-rc1 Released.
Release summaries: Add summaries for 13.8.0-rc1.
version: Update for 13.8.0-rc1.
lastclean: Update for 13.8.0-rc1.
Realtime: Add database scripts for 13.8.0-rc1.
Chan_pjsip: ref leak when checking direct_media_glare.
The reference leak introduced in the following commit:
9444ddadf8525d1ce66a1faf1db97f9f6c265ca4.
Chan_pjsip: transfers with direct media reinvite has wrong address/port.
During a transfer involving direct media a race occurs between when the.
Transferer channel is swapped out, initiating rtp changes/updates, and the
Subsequent reinvites.
13.8.010 Apr 2016 03:26
minor feature:
Asterisk 13.8.0 Released.
Chan_pjsip: transfers with direct media reinvite has wrong address/port.
During a transfer involving direct media a race occurs between when the.
Transferer channel is swapped out, initiating rtp changes/updates, and the
Subsequent reinvites.
When Alice, after speaking with Charlie (Bob is on hold), connects Bob and
Charlie invites are sent to each in order to establish the call between them.
Bob is taken off hold and Charlie is told to have his media flow through
Asterisk. However, if before those invites go out the bridge updates Bob's.
And/or Charlie's rtp information with direct media data (i.e. address, port)
Then the invite(s) will contain the remote data in the SDP instead of the
Asterisk data.
The race occurs in the native bridge glue code when updating the peer. The.
Direct_media_address can get set twice before sending out the first invite
During call connection. This can happen because the checking/setting of the
Direct_media_address happened in one thread while the sending of the invite(s)
Happened in another thread.
This removes the race condition by moving the checking/setting of the.
Direct_media_address to be in the same thread as the sending of the invites(s).
This serializes the checking/setting and sending so they can no longer happen.
Out of order.
13.7.224 Mar 2016 08:11
minor feature:
2016-02-05 14:32 +0000 0ba44bd6f3 Mark Michelson
* Release summaries: Remove previous versions
2016-02-05 14:32 +0000 b750dfe202 Mark Michelson
* .version: Update for 13.7.2
2016-02-05 14:32 +0000 c1b94ffe78 Mark Michelson
* .lastclean: Update for 13.7.2
2016-02-05 14:32 +0000 932ed1ab5b Mark Michelson
* realtime: Add database scripts for 13.7.2
2016-02-02 10:52 +0000 8de94229ba Alexei Gradinari License #5691
* res_sorcery_realtime: Fix regex regression.
A regression was introduced where searching for realtime PJSIP objects
by regex by starting the regex with a leading " " would cause no items
to be returned.
This was due to a change which attempted to drop the requirement for a
leading " " to be present due to how some CLI commands formulate their
regexes. However, the change, rather than simply eliminating the
requirement, caused any regexes that did begin with " " to end up not
returning the expected results.
This change fixes the problem by inspecting the regex and formulating
the realtime query differently depending on if it begins with " ".
ASTERISK-25702 #close
Reported by Nic Colledge
Patches:
realtime_retrieve_regex.patch submitted by Alexei Gradinari License #5691
Change-Id: I055df608a6e6a10732044fa737a9fe8dca602693
(cherry picked from commit 32fc784284b570a05841d95c6d9a373b4bf3a35d)
2016-02-04 16:17 +0000 a56f55d566 Mark Michelson
* Check for OpenSSL defines before trying to use them.
The SSL_OP_NO_TLSv1_1 and SSL_OP_NO_TLSv1_2 defines did not exist prior
to OpenSSL version 1.0.1. A recent commit attempts to, by default, set these options, which can cause problems on systems with older OpenSSL installations.
This commit adds a configure script check for those defines and will not attempt to make use of those if they do not exist.