Commit Graph

1912 Commits

Author SHA1 Message Date
Kinsey Moore 457d5c39dc Use srtp_shutdown when available
This allows the SRTP library to be shut down properly when the
functionality is offered by libsrtp.

Review: https://reviewboard.asterisk.org/r/2538/
(closes issue ASTERISK-21719)
........

Merged revisions 388768 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@388769 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-05-15 12:39:55 +00:00
Kinsey Moore 6b5b35b756 Revert r388529 for now
Adding the cleanup function needs some deeper thought since it
apparently doesn't exist for all variants of libsrtp.
........

Merged revisions 388596 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@388597 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-05-13 20:35:28 +00:00
Kinsey Moore c3a0ce8338 Close libsrtp properly
Ensure that libsrtp is shutdown properly when res_srtp is unloaded.

(closes issue ASTERISK-21719)
Reported by: Corey Farrell
Patches:
    res_srtp-library-shutdown.patch uploaded by Corey Farrell
........

Merged revisions 388529 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@388530 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-05-13 18:09:21 +00:00
Michael L. Young 08c2a533f2 Fix The Payload Being Set On CN Packets And Do Not Set Marker Bit
When we send out a CN packet (for instance, in the case of using rtpkeepalives),
we are not setting the payload code properly.  Also, we are setting the marker
bit when we shouldn't be according to RFC 3389, section 4.

AST_RTP_CN is not defined by AST_FORMAT codes.  Therefore, we should be using
ast_rtp_codecs_payload_code() rather than ast_rtp_codecs_payload_lookup().

11 and trunk already use the appropriate function.

* In 1.8, use ast_rtp_codecs_payload_code()

* Remove the setting of the marker bit

* Fix the debug message by incrementing the seqno after the debug message is set
  in order to display the correct seqno that was sent out

(closes issue ASTERISK-21246)
Reported by: Peter Katzmann
Tested by: Peter Katzmann, Michael L. Young
Patches:
    asterisk-21246-rtp-cng-payload-error_1.8_v2.diff
                                     uploaded by Michael L. Young (license 5026)

Review: https://reviewboard.asterisk.org/r/2500/
........

Merged revisions 388111 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@388112 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-05-09 04:10:27 +00:00
David M. Lee 1a3c5aaa6c Minor fixups to Doxygen comments.
The \example tags marks an entire file as an example, not a code snippet.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@387823 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-05-07 18:29:30 +00:00
Matthew Jordan a1d8e4fbd6 Clear the DTMF sending digit tracking on off nominal paths
In certain situations, when the RTP engine goes to send a DTMF end digit
it may be in a situation where the remote address is no longer available,
or the digit that was supposed to be sent is invalid. In such cases, we
need to clear the RTP counters appropriately. Otherwise, when the RTP
source is set again, we'll continue to think that we're in the middle of
sending a DTMF digit, which can confuse the remote party (signficantly).

(closes issue ASTERISK-21522)
Reported by: Corey Farrell
patches:
  rtp_dtmf_process_end.patch uploaded by Corey Farrell (License 5909)
........

Merged revisions 387213 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@387216 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-05-01 21:17:38 +00:00
Matthew Jordan a3a58d9d44 Prevent res_timing_pthread from blocking callers
There were several reports of deadlock when using
res_timing_pthread. Backtraces indicated that one thread was blocked
waiting for the write to the pipe to complete and this thread held
the container lock for the timers.  Therefore any thread that wanted
to create a new timer or read an existing timer would block waiting
for either the timer lock or the container lock and deadlock ensued.

This patch changes the way the pipe is used to eliminate this source
of deadlocks:

1) The pipe is placed in non-blocking mode so that it would never
block even if the following changes someone fail...

2) Instead of writing bytes into the pipe for each "tick" that's
fired the pipe now has two states--signaled and unsignaled. If
signaled, the pipe is hot and any pollers of the read side
filedescriptor will be woken up. If unsigned the pipe is idle. This
eliminates even the chance of filling up the pipe and reduces the
potential overhead of calling unnecessary writes.

3) Since we're tracking the signaled / unsignaled state, we can
eliminate the exta poll system call for every firing because we know
that there is data to be read.

(closes issue ASTERISK-21389)
Reported by: Matt Jordan
Tested by: Shaun Ruffell, Matt Jordan, Tony Lewis
patches:
  0001-res_timing_pthread-Reduce-probability-of-deadlocking.patch uploaded by sruffell (License 5417)

(closes issue ASTERISK-19754)
Reported by: Nikola Ciprich

(closes issue ASTERISK-20577)
Reported by: Kien Kennedy

(closes issue ASTERISK-17436)
Reported by: Henry Fernandes

(closes issue ASTERISK-17467)
Reported by: isrl

(closes issue ASTERISK-17458)
Reported by: isrl

Review: https://reviewboard.asterisk.org/r/2441/
........

Merged revisions 386109 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@386159 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-19 22:25:49 +00:00
Alec L Davis f49c09b8e5 Distributed Device State broken at sites using res_xmpp or res_jabber where Secuity Advisory AST-2012-015 is inplace
res_xmpp was not adding AST_EVENT_IE_CACHABLE to the event as each message came in,
then devstate_change_collector_cb() was unable to find AST_EVENT_IE_CACHABLE in the event,
so defaulted incorrectly to AST_DEVSTATE_NOT_CACHABLE.

(issue ASTERISK-20175)
(closes issue ASTERISK-21429)
(closes issue ASTERISK-21069)
(closes issue ASTERISK-21164)

Reported by: alecdavis
Tested by: alecdavis
alecdavis (license 585)

Review https://reviewboard.asterisk.org/r/2452/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@385938 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-16 23:27:51 +00:00
Alec L Davis 2814d40134 Distributed Device State broken at sites using res_xmpp or res_jabber where Secuity Advisory AST-2012-015 is inplace
res_jabber/res_xmpp were not adding AST_EVENT_IE_CACHABLE to the event as each message came in,
then devstate_change_collector_cb() was unable to find AST_EVENT_IE_CACHABLE in the event,
so defaulted incorrectly to AST_DEVSTATE_NOT_CACHABLE.

(issue ASTERISK-20175)
(closes issue ASTERISK-21429)
(closes issue ASTERISK-21069)
(closes issue ASTERISK-21164)

Reported by: alecdavis
Tested by: alecdavis
alecdavis (license 585)

Review https://reviewboard.asterisk.org/r/2452/
........

Merged revisions 385916 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@385917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-16 23:13:58 +00:00
David M. Lee 918addee55 Fix the svn:keywords property on several files.
Normally I think keyword expansion is silly, but the one time it would have
been good, it didn't work because the property had quotes in it. This patch
fixes obviously busted svn:keywords properties.
........

Merged revisions 385683 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@385689 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-15 15:18:54 +00:00
Matthew Jordan 70c792d035 Calculate the timestamp for outbound RTP if we don't have timing information
This patch calculates the timestamp for outbound RTP when we don't have timing
information. This uses the same approach in res_rtp_asterisk. Thanks to both
Pietro and Tzafrir for providing patches.

(closes issue ASTERISK-19883)
Reported by: Giacomo Trovato
Tested by: Pietro Bertera, Tzafrir Cohen
patches:
  rtp-timestamp-1.8.patch uploaded by tzafrir (License 5035)
  rtp-timestamp.patch uploaded by pbertera (License 5943)
........

Merged revisions 385636 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@385637 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-14 03:00:27 +00:00
Jason Parker d8216bd9ee Add dependency on libuuid, for res_rtp_asterisk
pjproject is what actually requires libuuid.

(closes issue ASTERISK-21125)
reported by Private Name

(Ed. note: Really?  Private Name?  I am rolling my eyes so hard right now.)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@385356 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-11 19:59:35 +00:00
Matthew Jordan 3a73c367f9 Use LDAP memory management functions instead of Asterisk's
When MALLOC_DEBUG is enabled with res_config_ldap, issues (munmap_chunk:
invalid pointer errors) can occur as the memory is being allocated with
Asterisk's wrappers around malloc/calloc/free/strdup, as opposed to the
LDAP library's wrappers.

This patch uses the LDAP library's wrappers where appropriate, so that
compiling with MALLOC_DEBUG doesn't cause more problems than it solves.

Note that the patch listed below was modified slightly for this commit
to account for some additional memory allocation/deallocations.

(closes issue ASTERISK-17386)
Reported by: John Covert
Tested by: Andrew Latham
patches:
  issue18789-1.8-r316873.patch uploaded by seanbright (License 5060)
........

Merged revisions 385190 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@385199 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-04-10 14:25:44 +00:00
Kinsey Moore d014e51a18 Fix white noise on SRTP decryption
When res_rtp_asterisk.c was altered to avoid attempting to apply
unprotect algorithms to non-audio RTP packets, the test used was
incorrect. This caused the audio packets to not be decrypted and
resulted in loud white noise on the other endpoint (or both endpoints
depending on the call legs involved). The test now properly checks the
version field in the RTP header to ensure that RTP and RTCP are
decrypted while other types of packets are not.

(closes issue ASTERISK-21323)
Reported by: andrea
Tested by: Kinsey Moore, andrea, John Bigelow
Patches:
    whitenoise_fix.diff uploaded by Kinsey Moore
........

Merged revisions 384048 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@384049 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-03-27 17:06:07 +00:00
Matthew Jordan 916a397fc3 AST-2013-001: Prevent buffer overflow through H.264 format negotiation
The format attribute resource for H.264 video performs an unsafe read against a
media attribute when parsing the SDP. The value passed in with the format
attribute is not checked for its length when parsed into a fixed length buffer.
This patch resolves the vulnerability by only reading as many characters from
the SDP value as will fit into the buffer.

(closes issue ASTERISK-20901)
Reported by: Ulf Harnhammar
patches:
  h264_overflow_security_patch.diff uploaded by jrose (License 6182)



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383973 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-03-27 14:26:44 +00:00
Sean Bright a52a841d8e Properly delimit post data in res_config_curl.
........

Merged revisions 383667 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383668 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-03-25 12:36:33 +00:00
Joshua Colp c379172cae Fix a bug where resources were not found due to hashing on the priority itself.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@383266 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-03-16 15:14:37 +00:00
Joshua Colp 7031ad62e8 Fix a crash when res_xmpp is configured using a username without a domain.
(closes issue ASTERISK-21156)
Reported by: amsoft2001


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382923 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-03-12 20:06:28 +00:00
Matthew Jordan 5b1533ca7b Add a 'secret' probation strictrtp mode to handle delayed changes in RTP source
Often, Asterisk may realize that a change in the source of an RTP stream is
about to occur and ask that the RTP engine reset it's lock on the current RTP
source. In certain scenarios, it may take awhile for the new remote system to
send RTP packets, while the old remote system may continue providing RTP during
that time period. This causes Asterisk to re-lock onto the old source, thereby
rejecting the new source when the old source stops sending RTP and the new
source begins.

This patch prevents that by having a constant secondary, 'secret' probation
mode enabled when an RTP source has been chosen. RTP packets from other sources
are always considered, but never chosen unless the current RTP source stops
sending RTP.

Review: https://reviewboard.asterisk.org/r/2364

(closes issue AST-1124)
Reported by: John Bigelow
Tested by: John Bigelow

(closes issue AST-1125)
Reported by: John Bigelow
Tested by: John Bigelow



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382573 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-03-07 14:58:23 +00:00
Joshua Colp a78bb96d94 While the ICE negotiation is occurring leave strictrtp in an open state, media can and will come from different places.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382298 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-02-28 21:58:55 +00:00
Joshua Colp f6b368216a Fix a bug with ICE and strictrtp where media could get dropped.
If the end result of the ICE negotiation resulted in the path for media
changing it was possible for the strictrtp code to discard the RTP packets.
This change causes strictrtp to enter learning mode once again when the
ICE negotiation has completed successfully.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@382296 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-02-28 21:37:01 +00:00
Michael L. Young 2d451c64f7 Fix FastAGI To Properly Check For A Connection
When IPv6 support was added to FastAGI, the intent was to have the ability to
check all addresses resolved for a host since we might receive an IPv4 address
and an IPv6 address.  The problem with the current code, is that, since we are
doing O_NONBLOCK, we get EINPROGRESS when calling ast_connect() but are ignoring
this instead of handling it.  We break out of the loop and continue on.  When we
later call ast_poll(), it succeeds but we never check if we have a connection or
not on the socket level.  We then attempt to send data to the host address that
we think is setup and it fails.  We then check the errno and see that we have
"connection refused" and then return with agi failed.

This patch does the following:

* Handles EINPROGRESS by creating the function handle_connection()
  - ast_poll() was moved into this function
  - This function checks the results of the connection on the socket level after
    calling ast_poll()
* Continues to the next address if the above fails to create a connection
* Once all addresses resolved are tried and we still are unable to establish a
  connection, then we return that the FastAGI call failed

(closes issue ASTERISK-21065)
Reported by: Jeremy Kister
Tested by: Jeremy Kister, Michael L. Young
Patches:
  asterisk-21065_poll_correctly_v4.diff Michael L. Young (license 5026)

Review: https://reviewboard.asterisk.org/r/2330/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381893 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-02-22 19:38:06 +00:00
Matthew Jordan cb3dd02781 Fix crash in res_xmpp when deleting pubsub node from CLI
An error existed in res_xmpp where it would attempt to delete attributes from
a node that itself was also deleted. Per the iksemel documentation, attributes
added using iks_insert are copied to the parent node's stack, and will be
reclaimed when that node is itself destroyed.

(closes issue ASTERISK-20982)
Reported by: marcelloceschia
patches:
  delete-node-fix.diff uploaded by marcelloceschia (License 6036)



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@381159 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-02-11 15:03:40 +00:00
Jason Parker e7e730f973 Fix how we build pjproject.
Allow parallel builds, better tolerate failures, build faster.

This also stops running dependencies before top-level configure has been run.

(closes issue ASTERISK-20815)

Review: https://reviewboard.asterisk.org/r/2292/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380816 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-02-04 19:50:52 +00:00
Jason Parker d9d5028b01 Ignore warnings caused by PJ_TODO()s in pjproject.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380736 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-31 21:42:34 +00:00
Jason Parker 47f8394517 Fix a few compiler warnings.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380735 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-31 21:40:09 +00:00
Jason Parker d865240168 Add support for parallel builds of pjproject.
Also adds proper dependency checking, and direct .a file targets.  We don't
take advantage of this currently, but we will soon.

(issue ASTERISK-20815)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380673 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-31 19:03:03 +00:00
Jason Parker ff0d016390 Always check for libm, regardless of configure options.
git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380672 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-31 19:00:38 +00:00
Jason Parker e02189ffa1 Remove a cross-compile workaround.
ar and ranlib can be easily detected with autoconf.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380671 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-31 18:59:28 +00:00
Matthew Jordan 2a458061b1 Fix memory leak in res_calendar_icalendar
The ICalendar module had a systemic memory leak on each fetch of data from
the ICalendar source. The previous fetched data was not being properly
disposed. This patch makes it so that before each fetch of data, we dispose
of the previously fetched data.

(closes issue ASTERISK-21012)
Reported by: Joel Vandal
Tested by: Joel Vandal
........

Merged revisions 380451 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@380452 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-30 14:15:27 +00:00
Jonathan Rose c7d22a6af6 res_fax_spandsp: fix t38 transmission bug caused by not returning success
This patch fixes the problem, but the issue includes a test which is still
being considered for the automated test suite.

(issue ASTERISK-20919)
Reported by: NITESH BANSAL
Patches:
	patch_ast_fax_spandsp.patch uploaded by NITESH BANSAL (license 6418)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379949 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-22 22:05:14 +00:00
Matthew Jordan fb72636fd8 Let documentation reference links specify which module they're linking to
Again, since res_jabber/res_xmpp have duplicate APIs, their documentation ref
links have to specify which reference they're referring to. The various
documentation parsers can interpret the module attribute however they want
in order to construct the appropriate links.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379228 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-16 17:45:37 +00:00
Matthew Jordan 28bdf7d292 Add module tags to documentation for res_jabber/res_xmpp
Since res_jabber/res_xmpp provide the same APIs (app/func/manager/etc.),
the XML documentation for each needs to call out which module is providing
the documentation. The module attribute has been added to the various XML
fragments for this purpose.



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@379209 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-16 15:27:44 +00:00
Matthew Jordan af1666f1cf Reset RTP timestamp; sequence number on SSRC change
In r370252 for ASTERISK-18404, Asterisk's handling of RTP was modified to
better account for out of order RTP packets. This was accomplished by using the
RTP timestamp and sequence number to check for out of order packets. However,
when a SSRC change occurs, the timestamp and sequence number will no longer
have any relation to the previously received packets. The variables tracking
the timestamp and sequence number therefore have to be reset.

(closes issue ASTERISK-20906)
Reported by: Eelco Brolman
patches:
  dtmf_on_hold.patch uploaded by Eelco Brolman (license #6442)
........

Merged revisions 378967 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378984 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-13 21:44:54 +00:00
Joshua Colp cef6475eb0 Retain XMPP filters across reconnections so external modules continue to function as expected.
Previously if an XMPP client reconnected any filters added by an external module were lost.
This issue exhibited itself with chan_motif not receiving and reacting to Jingle signaling.

(closes issue ASTERISK-20916)
Reported by: kuj


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378917 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-11 23:04:53 +00:00
Jonathan Rose d566b201ae res_srtp: Prevent a crash from occurring due to srtp_create failures in srtp_create
Under some circumstances, libsrtp's srtp_create function deallocates memory that
it wasn't initially responsible for allocating. Because we weren't initially
aware of this behavior, this memory was still used in spite of being unallocated
during the course of the srtp_unprotect function. A while back I made a patch
which would set this value to NULL, but that exposed a possible condition where
we would then try to check a member of the struct which would cause a segfault.
In order to address these problems, ast_srtp_unprotect will now set an error value
when it ends without a valid SRTP session which will result in the caller of
srtp_unprotect observing this error and hanging up the relevant channel instead of
trying to keep using the invalid session address.

(closes issue ASTERISK-20499)
Reported by: Tootai
Review: https://reviewboard.asterisk.org/r/2228/diff/#index_header
........

Merged revisions 378591 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378592 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-04 23:04:59 +00:00
Kinsey Moore 8653377baf Fix pjproject compilation in certain circumstances
On a fresh checkout of Asterisk 11, running make before ./configure
could cause the pjproject subdirectory to get in an odd state that
would prevent compilation. This patch by Tilghman prevents that from
occurring.

(closes issue ASTERISK-20681)
Reported by: Dinesh Ramjuttun
Tested by: danilo borges, Steve Lang
patches:
  20121208__ccar_solved.diff.txt uploaded by Tilghman Lesher (license 5003)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378582 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-04 22:18:21 +00:00
Joshua Colp c4587d7170 Don't pass STUN packets through the SRTP unprotect function.
(closes issue AST-1036)
Reported by: jbigelow
........

Merged revisions 378553 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378555 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-04 21:16:32 +00:00
Joshua Colp 17467a6926 Prevent exhaustion of system resources through exploitation of event cache
This patch changes res_xmpp to no longer cache events under certain circumstances.

(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378411 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-03 15:38:39 +00:00
Matthew Jordan 3778ed7fc1 Prevent crashes in res_xmpp when receiving large messages
Similar to r378287, res_xmpp was marshaling data read from an external source
onto the stack. For a sufficiently large message, this could cause a stack
overflow. This patch modifies res_xmpp in a similar fashion to res_jabber by
removing the stack allocation, as it was unnecessary.

(issue ASTERISK-20658)
Reported by: wdoekes

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378409 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-03 15:36:05 +00:00
Matthew Jordan eda6664de0 Prevent exhaustion of system resources through exploitation of event cache
Asterisk maintains an internal cache for devices in the event subsystem. The
device state cache holds the state of each device known to Asterisk, such that
consumers of device state information can query for the last known state for
a particular device, even if it is not part of an active call. The concept of
a device in Asterisk can include entities that do not have a physical
representation. One way that this occurred was when anonymous calls are allowed
in Asterisk. A device was automatically created and stored in the cache for
each anonymous call that occurred; this was possible in the SIP and IAX2
channel drivers and through channel drivers that utilized the
res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
are never removed from the system, allowing anonymous calls to potentially
exhaust a system's resources.

This patch changes the event cache subsystem and device state management to
no longer cache devices that are not associated with a physical entity.

(issue ASTERISK-20175)
Reported by: Russell Bryant, Leif Madsen, Joshua Colp
Tested by: kmoore
patches:
  event-cachability-3.diff uploaded by jcolp (license 5000)
........

Merged revisions 378303 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 378320 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378321 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-02 18:09:55 +00:00
Matthew Jordan 5ebec60090 Resolve crashes due to large stack allocations when using TCP
Asterisk had several places where messages received over various network
transports may be copied in a single stack allocation. In the case of TCP,
since multiple packets in a stream may be concatenated together, this can
lead to large allocations that overflow the stack.

This patch modifies those portions of Asterisk using TCP to either
favor heap allocations or use an upper bound to ensure that the stack will not
overflow:
 * For SIP, the allocation now has an upper limit
 * For HTTP, the allocation is now a heap allocation instead of a stack
   allocation
 * For XMPP (in res_jabber), the allocation has been eliminated since it was
   unnecesary.

Note that the HTTP portion of this issue was independently found by Brandon
Edwards of Exodus Intelligence.

(issue ASTERISK-20658)
Reported by: wdoekes, Brandon Edwards
Tested by: mmichelson, wdoekes
patches:
  ASTERISK-20658_res_jabber.c.patch uploaded by mmichelson (license 5049)
  issueA20658_http_postvars_use_malloc2.patch uploaded by wdoekes (license 5674)
  issueA20658_limit_sip_packet_size3.patch uploaded by wdoekes (license 5674)
........

Merged revisions 378269 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 378286 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@378287 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2013-01-02 15:31:41 +00:00
Mark Michelson bdd5921950 Fix crash that can occur if CLI registration fails for an aliased command.
A recent memory leak fix in main/cli.c causes an ast_cli_entry's command
field to be freed and NULLed if ast_cli_register() fails. res_clialiases
was ignoring the return value of ast_cli_register() and was then passing
the NULL command off to a a hash function. This resulted in a crash.

The fix is not to ignore the erroneous return value. If ast_cli_register()
fails, then we do not continue trying to process the current alias.
........

Merged revisions 377840 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 377842 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377843 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-12-11 20:51:47 +00:00
Kinsey Moore b2c2a84e17 Ensure ReceiveFax provides a CED tone via T.38
When using res_fax_digium, the T.38 CED tone was not being provided
properly which would cause some incoming faxes to fail. This was not an
issue with res_fax_spandsp since it does not strictly honor the
send_ced flag and sends the CED tone whenever receiving a T.38 fax.

(closes issue FAX-343)
Reported-by: Benjamin Tietz
Patch-by: Kinsey Moore
........

Merged revisions 377655 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 377656 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377657 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-12-10 16:55:05 +00:00
Jonathan Rose e875e4b2c0 res_srtp: Fix a crash caused by srtp_dealloc on an already dealloced session
When srtp_create fails, the session may be dealloced or just not alloced. At
the same time though, the session pointer might not be set to NULL in this
process and attempting to srtp_dealloc it again will cause a segfault. This
patch checks for failure of srtp_create and sets the session pointer to NULL
if it fails.

(closes issue ASTERISK-20499)
Reported by: tootai
Review: https://reviewboard.asterisk.org/r/2228/
........

Merged revisions 377256 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 377261 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@377262 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-12-05 17:08:12 +00:00
David M. Lee 4c924bdce1 Added missing newlines to websocket ast_logs.
Without these newlines, log messages just continue tacking onto the same
line, and do not flush immediately.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376561 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-11-20 21:58:35 +00:00
Jonathan Rose c0c552de2c monitor: prevent attempts to move/remove recordings skipped with 'i' and 'o'.
The i and o options for monitor skip the input and output sides of a recording
respectively. This patch addresses a problem in those options when monitor is
called without specifying a specific filename where monitor will try to move
the recording that was skipped. Since this usually doesn't exist when these
options are used, it would produce a warning when it does this in most cases,
but it is conceivable that there are use cases where this could result in
moving/removing a file unintentionally.

(closes issue ASTERISK-20641)
Reported by: Jonathan Rose
Review: https://reviewboard.asterisk.org/r/2190/
........

Merged revisions 376389 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 376390 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376391 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-11-16 19:59:45 +00:00
Joshua Colp fb74294b92 Remove a fixed size limitation for producing SDP and change how ICE support is disabled by default.
With ICE support enabled in chan_sip and a large number of interfaces on the system it was
possible for the produced SDP to be truncated due to some fixed size buffers. These buffers
have now been changed so they will dynamically grow as needed.

ICE support is now also enabled by default in res_rtp_asterisk to provide a smoother experience
for chan_motif users where it is required. To maintain the previous behavior in chan_sip it is
no longer enabled by default there.

(closes issue ASTERISK-20643)
Reported by: coopvr


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376130 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-11-11 17:08:58 +00:00
Mark Michelson 0e7a64e55e Fix a "set but not used" warning on newer gccs.
Turns out the "helpful" setting of ms and res in this
macro is completely useless after the timeout antipattern
fix.

If you're a new guy looking to write code, don't write
a macro like this one.
........

Merged revisions 376087 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 376088 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376089 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-11-08 22:08:58 +00:00
Mark Michelson a65fbf8012 Multiple revisions 375993-375994
........
  r375993 | mmichelson | 2012-11-07 11:01:13 -0600 (Wed, 07 Nov 2012) | 30 lines
  
  Fix misuses of timeouts throughout the code.
  
  Prior to this change, a common method for determining if a timeout
  was reached was to call a function such as ast_waitfor_n() and inspect
  the out parameter that told how many milliseconds were left, then use
  that as the input to ast_waitfor_n() on the next go-around.
  
  The problem with this is that in some cases, submillisecond timeouts
  can occur, resulting in the out parameter not decreasing any. When this
  happens thousands of times, the result is that the timeout takes much
  longer than intended to be reached. As an example, I had a situation where
  a 3 second timeout took multiple days to finally end since most wakeups
  from ast_waitfor_n() were under a millisecond.
  
  This patch seeks to fix this pattern throughout the code. Now we log the
  time when an operation began and find the difference in wall clock time
  between now and when the event started. This means that sub-millisecond timeouts
  now cannot play havoc when trying to determine if something has timed out.
  
  Part of this fix also includes changing the function ast_waitfor() so that it
  is possible for it to return less than zero when a negative timeout is given
  to it. This makes it actually possible to detect errors in ast_waitfor() when
  there is no timeout.
  
  (closes issue ASTERISK-20414)
  reported by David M. Lee
  
  Review: https://reviewboard.asterisk.org/r/2135/
........
  r375994 | mmichelson | 2012-11-07 11:08:44 -0600 (Wed, 07 Nov 2012) | 3 lines
  
  Remove some debugging that accidentally made it in the last commit.
........

Merged revisions 375993-375994 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 375995 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@376014 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2012-11-07 19:03:42 +00:00