Recent Releases
16.29.102 Dec 2022 16:25
minor feature:
Update for 16.29.1
pjproject: 2.13 security
Backports two security (c4d3498 and 450baca) from pjproject 2.13. pjsip_transport_events: possible use after free on transport.
It was possible for a module that registered for transport monitor.
Events to pass in a pjsip_transport that had already been freed.
This caused pjsip_transport_events to crash when looking up the.
Monitor for the transport. The is a two pronged approach.
1. We now increment the reference count on pjsip_transports when we.
Create monitors for them, then decrement the count when the
Transport is going to be destroyed.
2. There are now APIs to register and unregister monitor callbacks
by "transport key" which is a string concatenation of the remote ip.
Address and port. This way the module needing to monitor the
Transport doesn't have to hold on to the transport object itself to
Unregister. It just has to save the transport_key.
Added the pjsip_transport reference increment and decrement.
Changed the internal transport monitor container key from the.
Transport- obj_name (which may not be unique anyway) to the
Transport_key.
Added a helper macro AST_SIP_MAKE_REMOTE_IPADDR_PORT_STR() that.
Fills a buffer with the transport_key using a passed-in
Pjsip_transport.
Added the following functions:
Ast_sip_transport_monitor_register_key
Ast_sip_transport_monitor_register_replace_key
Ast_sip_transport_monitor_unregister_key
And marked their non-key counterparts as deprecated.
Updated res_pjsip_pubsub and res_pjsip_outbound_register to use.
The new "key" monitor functions.
NOTE: res_pjsip_registrar also uses the transport monitor.
Functionality but doesn't have a persistent object other than
Contact to store a transport key. At this time, it continues to
Use the non-key monitor functions. manager: prevent file access outside of config dir
Add live_dangerously flag to manager and use this flag to.
Determine if a configuation file outside of AST_CONFIG_DIR
Should be read. ooh323c: not checking for IE minimum le
16.26.122 May 2022 04:45
minor feature:
Res_pjsip_transport_websocket: Also set the remote name.
As part of PJSIP 2.11 a behavior change was done to require
a matching remote hostname on an established transport for.
Secure transports. Since the Websocket transport is considered
a secure transport this caused the existing connection to not
be found and used.
We now set the remote hostname and the transport can be found.
16.25.327 Apr 2022 14:45
minor feature:
Res_pjsip_stir_shaken.c: enabled when not configured.
There was an with the conditional where STIR/SHAKEN would be.
Enabled even when not configured. It has been changed to ensure that if
a profile does not exist and stir_shaken is not set in pjsip.conf, then.
The conditional will return from the function without performing
STIR/SHAKEN operations.
16.25.215 Apr 2022 14:45
minor feature:
Doing a fresh summary
Update for 16.25.2.
Update CHANGES and UPGRADE.txt for 16.25.2.
Update CHANGES and UPGRADE.txt for 16.25.2.
func_odbc: Add SQL_ESC_BACKSLASHES dialplan function.
Some databases depending on their configuration using backslashes.
For escaping. When combined with the use of ' this can result in
a broken func_odbc query.
This change adds a SQL_ESC_BACKSLASHES dialplan function which can
be used to escape the backslashes.
This is done as a dialplan function instead of being always done
as some databases do not require this, and always doing it would.
Result in incorrect data being put into the database. AST-2022-002 - res_stir_shaken/curl: Add ACL checks for Identity header.
Adds a new configuration option, stir_shaken_profile, in pjsip.conf that.
Can be specified on a per endpoint basis. This option will reference a
Stir_shaken_profile that can be configured in stir_shaken.conf. The type
of this option must be 'profile'. The stir_shaken option can be.
Specified on this object with the same values as before (attest, verify,
on), but it cannot be off since having the profile itself implies wanting
STIR/SHAKEN support. You can also specify an ACL from acl.conf (along.
With permit and deny lines in the object itself) that will be used to
Limit what interfaces Asterisk will attempt to retrieve information from
When reading the Identity header. AST-2022-001 - res_stir_shaken/curl: Limit file size and check start.
Put checks in place to limit how much we will actually download, as well
as a check for the data we receive at the start to ensure it begins with.
What we would expect a certificate to begin with.
16.25.103 Apr 2022 01:05
minor feature:
Makefile: Disable XML doc validation
Make_xml_documentation was being called with the --validate.
Flag set when it shouldn't have been. This was causing
Build failures if neither xmllint nor xmlstarlet were installed.
The correct behavior is to simply print a message that either.
One of those tools should be installed for validation and
Continue with the build. make_xml_documentation: Remove usage of get_sourceable_makeopts
Get_sourceable_makeopts wasn't handling variables with embedded.
Double quotes in them very well. One example was the DOWNLOAD
Variable when curl was being used instead of wget. Rather than
Trying to get_sourceable_makeopts, it's just been removed.
16.24.105 Mar 2022 18:25
minor feature:
AST-2022-006: pjproject - unconstrained malformed multipart SIP message
AST-2022-005: pjproject - undefined behavior after freeing a dialog set.
AST-2022-004: pjproject - possible integer underflow on STUN message.
16.19.124 Jul 2021 19:05
minor feature:
AST-2021-009 - pjproject-bundled: Avoid crash during handshake for TLS
If an SSL socket parent/listener was destroyed during the handshake.
Depending on timing, it was possible for the handling callback to
Attempt access of it after the fact thus causing a crash. AST-2021-007 - res_pjsip_session: Don't offer if no channel exists.
If a re-INVITE is received after we have sent a BYE request then it
is possible for no channel to be present on the session. If this.
Occurs we allow PJSIP to produce the offer instead. Since the call
is being hung up if it produces an incorrect offer it doesn't.
Actually matter. This also ensures that code which produces SDP
Does not need to handle if a channel is not present. AST-2021-008 - chan_iax2: remote crash on unsupported media format
If chan_iax2 received a packet with an unsupported media format, for.
Example vp9, then it would set the frame's format to NULL. This could
Then result in a crash later when an attempt was made to access the
Format.
This patch makes it so chan_iax2 now ignores/drops frames received.
With unsupported media format types.
16.16.206 Mar 2021 01:45
minor feature:
AST-2021-006 - res_pjsip_t38.c: Check for session_media on reinvite.
When Asterisk sends a reinvite negotiating T38 faxing, it's possible a.
Crash can occur if the response contains a m=image and zero port. The
Reinvite callback code now checks session_media to see if it is null or
Not before trying to access the udptl variable on it.
16.16.119 Feb 2021 20:25
minor feature:
AST-2021-002: Remote crash possible when negotiating T.38
When an endpoint requests to re-negotiate for fax and the incoming
re-invite is received prior to Asterisk sending out the 200 OK for.
The initial invite the re-invite gets delayed. When Asterisk does
Finally send the re-inivite the SDP includes streams for both audio
And T.38.
This happens because when the pending topology and active topologies.
Differ (pending stream is not in the active) in the delayed scenario
The pending stream is appended to the active topology. However, in
The fax case the pending stream should replace the active.
This patch makes it so when a delay occurs during fax negotiation,
to or from, the audio stream is replaced by the T.38 stream, or vice.
Versa instead of being appended.
Further when Asterisk sent the re-invite with both audio and T.38.
And the endpoint responded with a declined T.38 stream then Asterisk
Would crash when attempting to change the T.38 state.
This patch also puts in a check that ensures the media state has a.
Valid fax session (associated udptl object) before changing the
T.38 state internally. rtp: Enable srtp replay protection.
Add option "srtpreplayprotection" rtp.conf to enable srtp.
Replay protection. res_pjsip_diversion: adding more than one histinfo to Supported
New responses sent within a PJSIP sessions are based on those that were.
Sent before. Therefore, adding/modifying a header once causes it to be
Sent on all responses that follow.
Sending 181 Call Is Being Forwarded many times first adds "histinfo".
Duplicated more and more, and eventually overflows past the array
Boundary.
This commit adds a check preventing adding "histinfo" more than once.
And skipping it if there is no more space in the header.
Similar overflow situations can also occur in res_pjsip_path and.
Res_pjsip_outbound_registration so those were also modified to
Check the bounds and suppress duplicate Supported values. res_rtp_asterisk.c: signed mismatch that leads to overflow
pjsip:
16.15.124 Dec 2020 11:25
minor feature:
Update for 16.15.1
res/res_pjsip_diversion: prevent crash on tel: uri in History-Info.
Add a check to see if the URI is a Tel URI and prevent crashing on
trying to retrieve the reason parameter.
16.14.106 Nov 2020 11:45
minor feature:
AST-2020-002 - res_pjsip: Stop sending INVITEs after challenge limit.
If Asterisk sends out an INVITE and receives a challenge with a.
Different nonce value each time, it will continuously send out INVITEs,
Even if the call is hung up. The endpoint must be configured for
Outbound authentication for this to occur. A limit has been set on
Outbound INVITEs so that, once reached, Asterisk will stop sending
INVITEs and the transaction will terminate. AST-2020-001 - res_pjsip: Return dialog locked and referenced.
Pjproject returns the dialog locked and with a reference. However,
in Asterisk the method that handles this decrements the reference.
And removes the lock prior to returning. This makes it possible,
Under some circumstances, for another thread to free said dialog
Before the thread that created it attempts to use it again. Of
Course when the thread that created it tries to use a freed dialog
a crash can occur.
This patch makes it so Asterisk now returns the newly created.
Dialog both locked, and with an added reference. This allows the
Caller to de-reference, and unlock the dialog when it is safe to
do so.
In the case of a new SIP Invite the lock, and reference are now.
Held for the entirety of the new invite handling process.
Otherwise it's possible for the dialog, or its dependent objects.
Like the transaction, to disappear. For example if there is a TCP
Transport error.
16.11.120 Jun 2020 22:25
minor feature:
Res_ari: create channel request channelId parameter parsing
If channelId parameters were passed in the body, the Asterisk doesn't parsing it correctly.
it to parse the channelId, other_channel_id parameter correclty.
16.6.222 Nov 2019 19:25
minor feature:
Update CHANGES and UPGRADE.txt for 16.6.2
manager.c: Prevent the Originate action from running the Originate app.
If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.
Action: Originate
Channel: Local/1111
Application: Originate
Data: Local/2222,app,System,touch /tmp/owned.
If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps. chan_sip.c: Prevent address change on unauthenticated SIP request.
If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.
This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.
16.6.117 Oct 2019 16:45
minor feature:
Pjproject_bundled: Replace earlier reverts with official.
in pjproject 2.9 caused us to revert some of their changes
as a work around. This introduced another where pjproject.
Wouldn't build with older gcc versions such as that found on
CentOS 6. This commit replaces the reverts with the official.
For the original and allows pjproject to be built
on CentOS 6 again. res_pjsip_mwi: potential double unref, and potential unwanted double link.
When creating an unsolicited MWI aggregate subscription it was possible for.
The subscription object to be double unref'ed. This patch removes the explicit
Unref as it is not needed since the RAII_VAR will handle it at function end.
Less concerning there was also a that could potentially allow the aggregate.
Subscription object to be added to the unsolicited container twice. This patch
Ensures it is added only once.
16.5.106 Sep 2019 22:25
minor feature:
AST-2019-005 - translate: Don't assume all frames will have a src.
This change removes the assumption that a frame will always have
a src set on it. This assumption is incorrect.
Given a scenario where an RTP packet is received with no payload.
The resulting audio frame will have no samples. If this frame goes
Through a signed linear translation path an interpolated frame can
be created (if generic packet loss concealment is enabled) that has.
Minimal data on it, including no src. If this frame is given to a
Translation path a crash will occur due to the lack of src. AST-2019-004 - res_pjsip_t38.c: Add NULL checks before using session media
After receiving a 200 OK with a declined stream in response to a T.38.
Initiated re-invite Asterisk would crash when attempting to dereference
a NULL session media object.
This patch checks to make sure the session media object is not NULL before.
Attempting to use it.
16.4.112 Jul 2019 17:45
minor feature:
Res_pjsip_messaging: Check for body in in-dialog message
We now check that a body exists and it has a length 0 before.
Attempting to process it. chan_sip: Handle invalid SDP answer to T.38 re-invite
The chan_sip module performs a T.38 re-invite using a single media.
Stream of udptl, and expects the SDP answer to be the same.
If an SDP answer is received instead that contains an additional.
Media stream with no joint codec a crash will occur as the code
Assumes that at least one joint codec will exist in this
Scenario.
This change removes this assumption.
16.2.102 Mar 2019 03:25
minor feature:
Res_pjsip_sdp_rtp: return code from apply_negotiated_sdp_stream
Apply_negotiated_sdp_stream was returning a "1" when no joint.
Capabilities were found on an outgoing call instead of a "-1".
This indicated to res_pjsip_session that the handler DID handle.
The sdp when in fact it didn't. Without the appropriate setup,
a subsequent media frame coming in would have an invalid stream_num.
And cause a seg fault when the stream was attempted to be retrieved.
Apply_negotiated_sdp_stream now returns the correct "-1" and any.
Media is now discarded before it reaches the core stream processing. CI: Update jenkinsfiles with new Gerrit URLs
The recent upgrade of Gerrit to 2.16 elimiated referencing a.
Repository in a way the jenkinsfiles were relying on so
The URL references were changed to a more consistent and supported
Format.
16.1.127 Dec 2018 23:05
minor feature:
Revert "stasis_cache: Stop caching stasis subscription change messages"
This commit caused with polling when combined with
the revert commit "Revert "app_voicemail: Remove need to subscribe to stasis".
This reverts commit 17d6d9e1e7d0db04ebd8d2e0cd9e087ec5462e2f.
16.0.116 Nov 2018 21:45
minor feature:
AST-2018-010: length of buffer needed for SRV and NAPTR results
When dn_expand was being called on SRV and NAPTR results, the.
Return value was being used to calculate the size of the buffer
Needed to store the host names. Since dn_expand returns the
Length of the COMPRESSED name the buffer could be too short
to hold the EXPANDED name. The expanded name is NULL terminated
so using strlen() is the correct way to determine the length.
Actually needed for the buffer.
16.0.010 Oct 2018 09:32
major feature:
Improved Video Conferencing Performance
Asterisk 16 builds upon the extensive video conferencing capabilities introduced in Asterisk 15 to provide a dramatically improved video experience for users. Asterisk now delivers superior video performance for all network conditions, which reduces the risk of frozen video frames and provides a world-class framework for creating cutting-edge video applications.
New Text-Based Data Capabilities
Support for Enhanced Messaging has been added to give developers the ability to build rich client applications with text-based data exchanges. Now, multi-party video conferencing client applications can share URLs, list conference participants, highlight talkers, and enable multi-party chat.
Improved Call Handling
Asterisk 16 has also undergone significant performance enhancements to better handle SIP calling by decreasing the system memory and CPU consumption required during high volume situations, most notably when utilizing the PJSIP channel driver.