Refactors generic functions used for email generation
into utils.c so that they can be used by multiple
modules, including app_voicemail and app_minivm,
to avoid code duplication.
ASTERISK-29715 #close
Change-Id: I1de0ed3483623e9599711129edc817c45ad237ee
STIR/SHAKEN encodes using base64 URL format. Currently, we just use
base64. New functions have been added that convert to and from base64
encoding.
The origid field should also be an UUID. This means there's no reason to
have it as an option in stir_shaken.conf, as we can simply generate one
when creating the Identity header.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Icf094a2a54e87db91d6b12244c9f5ba4fc2e0b8c
With the addition of STIR/SHAKEN, the function ast_base64decode_string
was added for convenience since there is a lot of converting done during
the STIR/SHAKEN process. This function returned the decoded string for
you, but did not NULL terminate it, causing some issues (specifically
with MALLOC_DEBUG). Now, the returned string is NULL terminated, and the
documentation has been updated to reflect this.
Change-Id: Icdd7d05b323b0c47ff6ed43492937a03641bdcf5
Integrated STIR/SHAKEN support with outgoing INVITEs. When an INVITE is
sent, the caller ID will be checked to see if there is a certificate
that corresponds to it. If so, that information will be retrieved and an
Identity header will be added to the SIP message. The format is:
header.payload.signature;info=<public_key_url>alg=ES256;ppt=shaken
Header, payload, and signature are all BASE64 encoded. The public key
URL is retrieved from the certificate. Currently the algorithm and ppt
are ES256 and shaken, respectively. This message is signed and can be
used for verification on the receiving end.
Two new configuration options have been added to the certificate object:
attestation and origid. The attestation is required and must be A, B, or
C. origid is the origination identifier.
A new utility function has been added as well that takes a string,
allocates space, BASE64 encodes it, then returns it, eliminating the
need to calculate the size yourself.
Change-Id: I1f84d6a5839cb2ed152ef4255b380cfc2de662b4
Integrated STIR/SHAKEN support with incoming INVITES. Upon receiving an
INVITE, the Identity header is retrieved, parsing the message to verify
the signature. If any of the parsing fails,
AST_STIR_SHAKEN_VERIFY_NOT_PRESENT will be added to the channel for this
caller ID. If verification itself fails,
AST_STIR_SHAKEN_VERIFY_SIGNATURE_FAILED will be added. If anything in
the payload does not line up with the SIP signaling,
AST_STIR_SHAKEN_VERIFY_MISMATCH will be added. If all of the above steps
pass, then AST_STIR_SHAKEN_VERIFY_PASSED will be added, completing the
verification process.
A new config option has been added to the general section for
stir_shaken.conf. "signature_timeout" is the amount of time a signature
will be considered valid. If an INVITE is received and the amount of
time between when it was received and when it was signed is greater than
signature_timeout, verification will fail.
Some changes were also made to signing and verification. There was an
error where the whole JSON string was being signed rather than the
header combined with the payload. This has been changed to sign the
correct thing. Verification has been changed to do this as well, and the
unit tests have been updated to reflect these changes.
A couple of utility functions have also been added. One decodes a BASE64
string and returns the decoded string, doing all the length calculations
for you. The other retrieves a string value from a header in a rdata
object.
Change-Id: I855f857be3d1c63b64812ac35d9ce0534085b913
This prevents use-after-scope issues when unwinding the stack,
which happens in reverse order. The varname variable needs to
remain alive for the destruction to be able to access it.
Issue was found using clang + address-sanitizer.
ASTERISK-28232 #close
Change-Id: I00811c34ae910836a5fb6d22304528aef92624db
Some platforms provide an implementation of socket() and pipe2() that allow the
caller to specify that the resulting file descriptors should be non-blocking.
Using these allows us to potentially elide 3 calls into 1 by avoiding extraneous
calls to fcntl() to set the O_NONBLOCK flag afterwards.
In passing, change ast_alertpipe_init() to use pipe2() directly instead of the
wrapper if it is available.
Change-Id: I3ebe654fb549587537161506c6c950f4ab298bb0
* changes:
channel.c: Make CHECK_BLOCKING() save thread LWP id for messages.
channel.c: Fix usage of CHECK_BLOCKING()
autoservice: Don't start channel autoservice if the thread is a user interface.
Executing dialplan functions from either AMI or ARI by getting a variable
could place the channel into autoservice. However, these user interface
threads do not handle the channel's media so we wind up with two threads
attempting to handle the media.
There can be one and only one thread handling a channel's media at a time.
Otherwise, we don't know which thread is going to handle the media frames.
ASTERISK-27625
Change-Id: If2dc94ce15ddabf923ed1e2a65ea0ef56e013e49
Similar to pjproject's PJ_ASSERT_RETURN macro, this one will do the
following...
If the assert passes... NoOp
If the assert fails and AST_DEVMODE is defined, execute ast_assert()
then, if DO_CRASH isn't set, return from the calling function with
the supplied value.
If the assert fails and AST_DEVMODE is not defined, return from the
calling function with the supplied value.
The macro will execute a return without a value if one isn't suppled.
Change-Id: I0003844affeab550d5ff5bca7aa7cf8a559b873e
This replaces AST_INLINE_API allocators in utils.h with real functions
implemented in astmm.c. Associated macro's are also moved from utils.h
to astmm.h.
Remove menuselect conflicts between MALLOC_DEBUG and DEBUG_CHAOS as they
can now be combined.
This has multiple benefits:
* Simplifies asterisk/utils.h by removing inline functions and use of
the logger.
* Removal of these inline functions decreases size of Asterisk and
module binaries by 1% or more.
* Puts memory management functions together with and without
MALLOC_DEBUG enabled, simplifying management of the code.
* Enables DEBUG_CHAOS for ASTMM_REDIRECT and bundled pjproject.
Change-Id: If9df4377f74bdbb627461b27a473123e05525887
GCC documentation states that when __attribute__((malloc)) is used it
should not return storage which contains any valid pointers. It
specifically mentions that realloc functions should not have the malloc
attribute, but this also means that complex initializers which could
contain initialized pointers should not use this attribute.
Change-Id: If507f33ffb3ca3b83b702196eb0e8215d27fc7d2
This allows asterisk to be compiled with MALLOC_DEBUG to load modules
built without MALLOC_DEBUG. Now pre-compiled third-party modules will
still work regardless of MALLOC_DEBUG being enabled or not.
Change-Id: Ic07ad80b2c2df894db984cf27b16a69383ce0e10
There are many places in the code base where we ignore the return value
of fcntl() when getting/setting file descriptior flags. This patch
introduces a convenience function that allows setting or clearing file
descriptor flags and will also log an error on failure for later
analysis.
Change-Id: I8b81901e1b1bd537ca632567cdb408931c6eded7
When (v)asprintf() fails, the state of the allocated buffer is undefined.
The library had better not leave an allocated buffer as a result or no one
will know to free it. The most likely way it can return failure is for an
allocation failure. If the printf conversion fails then you actually have
a threading problem which is much worse because another thread modified
the parameter values.
* Made __ast_asprintf()/__ast_vasprintf() set the returned buffer to NULL
on failure. That is much more useful than either an uninitialized pointer
or a pointer that has already been freed. Many uses won't have to check
for failure to ensure that the buffer won't be double freed or prevent an
attempt to free an uninitialized pointer.
* stasis.c: Fixed memory leak in multi_object_blob_to_ami() allocated by
ast_asprintf().
* ari/resource_bridges.c:ari_bridges_play_helper(): Remove assignment to
the wrong thing which is now not needed even if assigning to the right
thing.
Change-Id: Ib5252fb8850ecf0f78ed0ee2ca0796bda7e91c23
The latest Release candidate fails to create RTP streams when IPv6
is not available. Due to the changes made in September the ast_sockaddr
structure passed around to create these streams is always of AF_INET6
type, causing failure when used for IPv4. This patch adds a utility
function to check for availability of IPv6 and applies such check
at startup to determine how to create the ast_sockaddr structures.
ASTERISK-26617 #close
Change-Id: I627a4e91795e821111e1cda523f083a40d0e0c3e
* Compile __ast_assert_failed unconditionally.
* Use __ast_assert_failed to log messages from log_bad_ao2
* Remove calls to ast_assert(0) that happen after log_bad_ao2 was run.
Change-Id: I48f1af44b2718ad74a421ff75cb6397b924a9751
This allows asterisk to compiled with LOW_MEMORY to load modules built
without LOW_MEMORY.
ASTERISK-26398 #close
Change-Id: I24b78ac9493ab933b11087a8b6794f3c96d4872d
Allocator functions that take file/line/func parameters are prefixed
with single-underscore when MALLOC_DEBUG is not defined,
double-underscore when it is defined. This change updates all
allocators that accept file/line/func to have the same prototype in
either ABI mode. The parameter order of __ast_vasprintf and
__ast_asprintf in utils.h have been changed to match that of astmm.h.
End-use allocator macro's have been removed from astmm.h and moved to an
unconditional part of utils.h.
Change-Id: I823bb6ce2b5675b3a4735948f10a3b420e9a023a
The Exchanging Device and Mailbox States could not working
if the Entity ID (EID) is not set manually and can't be obtained
from ethernet interface.
This patch replaces debug message to warning
and addes missing description about option 'entityid' to
asterisk.conf.sample.
With this patch the asterisk also:
(1) decline loading the modules which won't work without EID:
res_corosync and res_pjsip_publish_asterisk.
(2) warn if EID is empty on loading next modules:
pbx_dundi, res_xmpp
Starting with v197 systemd/udev will automatically assign "predictable"
names for all local Ethernet interfaces.
This patch also addes some new ethernet prefixes "eno" and "ens".
ASTERISK-26164 #close
Change-Id: I72d712f1ad5b6f64571bb179c5cb12461e7c58c6
This adds support for tagging functions with the noreturn attribute.
If DO_CRASH is enabled then ast_do_crash never returns. If AST_DEVMODE
and DO_CRASH are enabled then failed assertions never return. This can
resolve a large number of false positives with static analyzers.
ASTERISK-26220 #close
Change-Id: Icfb61e5fe54574eced4c3e88b317244f467ec753
pjproject < 2.5.0 will segfault on a tls transport if async_operations
is greater than 1. A runtime version check has been added to throw
an error if the version is < 2.5.0 and async_operations > 1.
To assist in the check, a new api "ast_compare_versions" was added
to utils which compares 2 major.minor.patch.extra version strings.
ASTERISK-25615 #close
Change-Id: I8e88bb49cbcfbca88d9de705496d6f6a8c938a98
Reported-by: George Joseph
Tested-by: George Joseph
Both transport and endpoint now check for the existence and readability
of tls certificate and key files before passing them on to pjproject.
This will cause the object to not load rather than waiting for pjproject
to discover that there's a problem when a session is attempted.
NOTE: chan_sip also uses ast_rtp_dtls_cfg_parse but it's located
in build_peer which is gigantic and I didn't want to disturb it.
Error messages will emit but it won't interrupt chan_sip loading.
ASTERISK-25618 #close
Change-Id: Ie43f2c1d653ac1fda6a6f6faecb7c2ebadaf47c9
Reported-by: George Joseph
Tested-by: George Joseph
- When you need to refer to 'variable XXX' outside a block, it needs
to be declared as '__block XXX', otherwise it will not be available with-
in the block, making updating that variable hard to do, and ast_free
lead to issues.
- Removed the #error message
because it creates complications when compiling external projects
against asterisk For example when using a different compiler than the
one used to compile asterisk. The warning/error should be generated
during the configure process not the compilation process
ASTERISK-24917
Change-Id: I12091228090e90831bf2b498293858f46ea7a8c2
This fixes autological comparison warnings in the following:
* chan_skinny: letohl may return a signed or unsigned value, depending on the
macro chosen
* func_curl: Provide a specific cast to CURLoption to prevent mismatch
* cel: Fix enum comparisons where the enum can never be negative
* enum: Fix comparison of return result of dn_expand, which returns a signed
int value
* event: Fix enum comparisons where the enum can never be negative
* indications: tone_data.freq1 and freq2 are unsigned, and hence can never be
negative
* presencestate: Use the actual enum value for INVALID state
* security_events: Fix enum comparisons where the enum can never be negative
* udptl: Don't bother to check if the return value from encode_length is less
than 0, as it returns an unsigned int
* translate: Since the parameters are unsigned int, don't bother checking
to see if they are negative. The cast to unsigned int would already blow
past the matrix bounds.
* res_pjsip_exten_state: Use a temporary value to cache the return of
ast_hint_presence_state
* res_stasis_playback: Fix enum comparisons where the enum can never be
negative
* res_stasis_recording: Add an enum value for the case where the recording
operation is in error; fix enum comparisons
* resource_bridges: Use enum value as opposed to -1
* resource_channels: Use enum value as opposed to -1
Review: https://reviewboard.asterisk.org/r/4533
ASTERISK-24917
Reported by: dkdegroot
patches:
rb4533.patch submitted by dkdegroot (License 6600)
........
Merged revisions 434469 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 434470 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@434471 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This introduces a new logger routine ast_log_safe. This routine should be
used for all error messages in code that can be run as a result of ast_log.
ast_log_safe does nothing if run recursively. All error logging in
astobj2.c, strings.c and utils.h have been switched to ast_log_safe.
This required adding support for raw threadstorage. This provides direct
access to the void* pointer in threadstorage. In ast_log_safe, NULL is used
to signify that this thread is not already running ast_log_safe, (void*)1 when
it is already running. This was done since it's critical that ast_log_safe
do nothing that could log during recursion checking.
ASTERISK-24155 #close
Reported by: Timo Teräs
Review: https://reviewboard.asterisk.org/r/4502/
........
Merged revisions 433522 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 433523 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@433524 65c4cc65-6c06-0410-ace0-fbb531ad65f3
RAII_VAR, which is used extensively in Asterisk to manage reference counted
resources, uses a GCC extension to automatically invoke a cleanup function
when a variable loses scope. While this functionality is incredibly useful
and has prevented a large number of memory leaks, it also prevents Asterisk
from being compiled with clang.
This patch updates the RAII_VAR macro such that it can be compiled with clang.
It makes use of the BlocksRuntime, which allows for a closure to be created
that performs the actual cleanup.
Note that this does not attempt to address the numerous warnings that the clang
compiler catches in Asterisk.
Much thanks for this patch goes to:
* The folks on StackOverflow who asked this question and Leushenko for
providing the answer that formed the basis of this code:
http://stackoverflow.com/questions/24959440/rewrite-gcc-cleanup-macro-with-nested-function-for-clang
* Diederik de Groot, who has been extremely patient in working on getting this
patch into Asterisk.
Review: https://reviewboard.asterisk.org/r/4370/
ASTERISK-24133
ASTERISK-23666
ASTERISK-20399
ASTERISK-20850 #close
Reported by: Diederik de Groot
patches:
RAII_CLANG.patch uploaded by Diederik de Groot (License 6600)
........
Merged revisions 432807 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 432808 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@432809 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When a config file is read, an unescaped semicolon signals comments which are
stripped from the value before it's stored. Escaped semicolons are then
unescaped and become part of the value. Both of these behaviors are normal
and expected. When the config is serialized either by 'dialplan save' or
AMI/UpdateConfig however, the now unescaped semicolons are written as-is.
If you actually reload the file just saved, the unescaped semicolons are
now treated as start of comments.
Since true comments are stripped on read, any semicolons in
ast_variable.value must have been escaped originally. This patch
re-escapes semicolons in ast_variable.values before they're written to
file either by 'dialplan save' or config/ast_config_text_file_save which
is called by AMI/UpdateConfig. I also fixed a few pre-existing formatting
issues nearby in pbx_config.c
Tested-by: George Joseph
ASTERISK-20127 #close
Review: https://reviewboard.asterisk.org/r/4132/
........
Merged revisions 427275 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 427276 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@427277 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Simply establishing a TCP connection and never sending anything to the
configured HTTP port in http.conf will tie up a HTTP connection. Since
there is a maximum number of open HTTP sessions allowed at a time you can
block legitimate connections.
A similar problem exists if a HTTP request is started but never finished.
* Added http.conf session_inactivity timer option to close HTTP
connections that aren't doing anything. Defaults to 30000 ms.
* Removed the undocumented manager.conf block-sockets option. It
interferes with TCP/TLS inactivity timeouts.
* AMI and SIP TLS connections now have better authentication timeout
protection. Though I didn't remove the bizzare TLS timeout polling code
from chan_sip.
* chan_sip can now handle SSL certificate renegotiations in the middle of
a session. It couldn't do that before because the socket was non-blocking
and the SSL calls were not restarted as documented by the OpenSSL
documentation.
* Fixed an off nominal leak of the ssl struct in
handle_tcptls_connection() if the FILE stream failed to open and the SSL
certificate negotiations failed.
The patch creates a custom FILE stream handler to give the created FILE
streams inactivity timeout and timeout after a specific moment in time
capability. This approach eliminates the need for code using the FILE
stream to be redesigned to deal with the timeouts.
This patch indirectly fixes most of ASTERISK-18345 by fixing the usage of
the SSL_read/SSL_write operations.
ASTERISK-23673 #close
Reported by: Richard Mudgett
........
Merged revisions 415841 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 415854 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 415896 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@415907 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Created the following AMI commands and corresponding events for res_pjsip:
PJSIPShowEndpoints - Provides a listing of all pjsip endpoints and a few
select attributes on each.
Events:
EndpointList - for each endpoint a few attributes.
EndpointlistComplete - after all endpoints have been listed.
PJSIPShowEndpoint - Provides a detail list of attributes for a specified
endpoint.
Events:
EndpointDetail - attributes on an endpoint.
AorDetail - raised for each AOR on an endpoint.
AuthDetail - raised for each associated inbound and outbound auth
TransportDetail - transport attributes.
IdentifyDetail - attributes for the identify object associated with
the endpoint.
EndpointDetailComplete - last event raised after all detail events.
PJSIPShowRegistrationsInbound - Provides a detail listing of all inbound
registrations.
Events:
InboundRegistrationDetail - inbound registration attributes for each
registration.
InboundRegistrationDetailComplete - raised after all detail records have
been listed.
PJSIPShowRegistrationsOutbound - Provides a detail listing of all outbound
registrations.
Events:
OutboundRegistrationDetail - outbound registration attributes for each
registration.
OutboundRegistrationDetailComplete - raised after all detail records
have been listed.
PJSIPShowSubscriptionsInbound - A detail listing of all inbound subscriptions
and their attributes.
Events:
SubscriptionDetail - on each subscription detailed attributes
SubscriptionDetailComplete - raised after all detail records have
been listed.
PJSIPShowSubscriptionsOutbound - A detail listing of all outboundbound
subscriptions and their attributes.
Events:
SubscriptionDetail - on each subscription detailed attributes
SubscriptionDetailComplete - raised after all detail records have
been listed.
(issue ASTERISK-22609)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2959/
........
Merged revisions 403131 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@403133 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Review https://reviewboard.asterisk.org/r/2580/ tried to fix the mismatch
in memory pools but had a math error determining the buffer size and
didn't address other similar memory pool mismatches.
* Effectively reverted the previous patch to go in the same direction as
trunk for the returned memory pool of ast_bt_get_symbols().
* Fixed memory leak in ast_bt_get_symbols() when BETTER_BACKTRACES is
defined.
* Fixed some formatting in ast_bt_get_symbols().
* Fixed sig_pri.c freeing memory allocated by libpri when MALLOC_DEBUG is
enabled.
* Fixed __dump_backtrace() freeing memory from ast_bt_get_symbols() when
MALLOC_DEBUG is enabled.
* Moved __dump_backtrace() because of compile issues with the utils
directory.
(closes issue ASTERISK-22221)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2778/
........
Merged revisions 397525 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 397528 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@397570 65c4cc65-6c06-0410-ace0-fbb531ad65f3
When asterisk has run out of memory (for whatever reason), the alloc
function logs a message. Logging requires memory. A recipe for
infinite recursion.
Stop the recursion by comparing the function call depth for sane values
before attempting another OOM log message.
Review: https://reviewboard.asterisk.org/r/2743/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@396822 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch is the first step in adding recording support to the
Asterisk REST Interface.
Recordings are stored in /var/spool/recording. Since recordings may be
destructive (overwriting existing files), the API rejects attempts to
escape the recording directory (avoiding issues if someone attempts to
record to ../../lib/sounds/greeting, for example).
(closes issue ASTERISK-21594)
(closes issue ASTERISK-21581)
Review: https://reviewboard.asterisk.org/r/2612/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393550 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This patch moves the RESTful URL's around to more appropriate
locations for release.
The /stasis URL's are moved to /ari, since Asterisk REST Interface was
a more appropriate name than Stasis-HTTP. (Most of the code still has
stasis_http references, but they will be cleaned up after there are no
more outstanding branches that would have merge conflicts with such a
change).
A larger change was moving the ARI events WebSocket off of the shared
/ws URL to its permanent home on /ari/events. The Swagger code
generator was extended to handle "upgrade: websocket" and
"websocketProtocol:" attributes on an operation.
The WebSocket module was modified to better handle WebSocket servers
that have a single registered protocol handler. If a client
connections does not specify the Sec-WebSocket-Protocol header, and
the server has a single protocol handler registered, the WebSocket
server will go ahead and accept the client for that subprotocol.
(closes issue ASTERISK-21857)
Review: https://reviewboard.asterisk.org/r/2621/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@393528 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In order to get people familiar with the Stasis message bus, it would
be useful to have something of a tutorial. Since I'm not clever enough
to think of some cool integration we could do with Twitter, I settled
for something that might actually be useful.
This patch adds a res_statsd.so module, which implements a basic
statsd[1] client. Statsd is a very simple statistics gathering server,
which can publish its results to a backend graphing engine, like
Graphite[2]. There are several different Statsd server
implementations[3], so you can pick what works best for your
environment.
The actual example of how to use the Stasis message bus is in
res_chan_stats.so. This module demonstrates how to use subscriptions
and the message router by monitoring messages and posting channels
stats to the statsd server.
A wiki page walking through res_chan_stats.so is forthcoming.
[1]: https://github.com/etsy/statsd/
[2]: http://graphite.readthedocs.org/en/latest/
[3]: http://joemiller.me/2011/09/21/list-of-statsd-server-implementations/
Review: https://reviewboard.asterisk.org/r/2460/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@386624 65c4cc65-6c06-0410-ace0-fbb531ad65f3
XML encoding in chan_sip is accomplished by naively building the XML
directly from strings. While this usually works, it fails to take into
account escaping the reserved characters in XML.
This patch adds an 'ast_xml_escape' function, which works similarly to
'ast_uri_encode'. This is used to properly escape the local_display
attribute in XML formatted NOTIFY messages.
Several things to note:
* The Right Thing(TM) to do would probably be to replace the
ast_build_string stuff with building an ast_xml_doc. That's a much
bigger change, and out of scope for the original ticket, so I
refrained myself.
* It is with great sadness that I wrote my own ast_xml_escape
function. There's one in libxml2, but it's knee-deep in
libxml2-ness, and not easily used to one-off escape a
string.
* I only escaped the string we know is causing problems
(local_display). At least some of the other strings are
URI-encoded, which should be XML safe. Rather than figuring out
what's safe and escaping what's not, it would be much cleaner to
simply build an ast_xml_doc for the messages and let the XML
library do the XML escaping. Like I said, that's out of scope.
(closes issue ABE-2902)
Reported by: Guenther Kelleter
Tested by: Guenther Kelleter
Review: http://reviewboard.digium.internal/r/365/
........
Merged revision 378919 from https://origsvn.digium.com/svn/asterisk/be/branches/C.3-bier
........
Merged revisions 378933 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 378934 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378935 65c4cc65-6c06-0410-ace0-fbb531ad65f3
* Makes malloc() behave like calloc(). It will return a memory block
filled with 0x55. A nonzero value.
* Makes free() fill the released memory block and boundary fence's with
0xdeaddead. Any pointer use after free is going to have a pointer
pointing to 0xdeaddead. The 0xdeaddead pointer is usually an invalid
memory address so a crash is expected.
* Puts the freed memory block into a circular array so it is not reused
immediately.
* When the circular array rotates out a memory block to the heap it checks
that the memory has not been altered from 0xdeaddead.
* Made the astmm_log message wording better.
* Made crash if the DO_CRASH menuselect option is enabled and something is
found.
* Fixed a potential alignment issue on 64 bit systems.
struct ast_region.data[] should now be aligned correctly for all
platforms.
* Extracted region_check_fences() from __ast_free_region() and
handle_memory_show().
* Updated handle_memory_show() CLI usage help.
Review: https://reviewboard.asterisk.org/r/2182/
........
Merged revisions 376029 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376030 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 376048 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@376049 65c4cc65-6c06-0410-ace0-fbb531ad65f3
In order to use nested functions on some versions of GCC (e.g. GCC on OS X),
the -fnested-functions flag must be passed to the compiler. This patch adds
detection logic to ./configure to add the flag if necessary. It also adds
a comment to utils.h as to why the nested function needs a prototype.
(closes issue ASTERISK-20399)
Reported by: David M. Lee
Review: https://reviewboard.asterisk.org/r/2102/
........
Merged revisions 373119 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@373120 65c4cc65-6c06-0410-ace0-fbb531ad65f3
