* Added checks for missing session, session->channel and rdata
in stir_shaken_incoming_request.
* Added checks for missing session, session->channel and tdata
in stir_shaken_outgoing_request.
Resolves: #645
Add a timeout option to control the amount of time
to wait if no early media is received before giving
up. This allows aborting early if the destination
is not being responsive.
Resolves: #588
UserNote: The timeout argument to Dial now allows
specifying the maximum amount of time to dial if
early media is not received.
(cherry picked from commit bdf9327a33)
Most app_voicemail unit tests were not properly cleaning up
after themselves after running. This led to test mailboxes
lingering around in the system. It also meant that if any
unit tests in app_voicemail that create mailboxes were executed
and the module was not unloaded/loaded again prior to running
the test_voicemail_vm_info unit test, Asterisk would segfault
due to an attempt to copy a NULL string.
The load_config test did actually have logic to reinitialize
the config after the test. However, this did not work in practice
since load_config() would not reload the config since voicemail.conf
had not changed during the test; thus, additional logic has been
added to ensure that voicemail.conf is truly reloaded, after any
unit tests which modify the users list.
This prevents the SEGV due to invalid mailboxes lingering around,
and also ensures that the system state is restored to what it was
prior to the tests running.
Resolves: #629
(cherry picked from commit 2ac9c8fb5c)
This adds an option to allow preventing callers from leaving
messages marked as 'urgent'.
Resolves: #619
UserNote: The leaveurgent mailbox option can now be used to
control whether callers may leave messages marked as 'Urgent'.
(cherry picked from commit 190b6eafb3)
This migrates the relevant schema objects from the `('yes', 'no')`
definition to the `('0', '1', 'off', 'on', 'false', 'true', 'yes', 'no')`
one.
Fixes#617
(cherry picked from commit 1a94502551)
In as_check_common_config, we were calling ast_std_free on
raw_key but raw_key was allocated with ast_malloc so it
should be freed with ast_free.
Resolves: #636
(cherry picked from commit 1b94c90524)
The default location for the stir_shaken cache is
/var/lib/asterisk/keys/stir_shaken/cache but we were only creating
/var/lib/asterisk/keys/stir_shaken on istall. We now create
the cache sub-directory.
Resolves: #634
(cherry picked from commit 215424aa76)
Why do we need a refactor?
The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation. The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.
There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.
Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use. With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.
What's changed?
* Configuration objects have been refactored to be clearer about
their uses and to fix issues.
* The "general" object was renamed to "verification" since it
contains parameters specific to the incoming verification
process. It also never handled ca_path and crl_path
correctly.
* A new "attestation" object was added that controls the
outgoing attestation process. It sets default certificates,
keys, etc.
* The "certificate" object was renamed to "tn" and had it's key
change to telephone number since outgoing call attestation
needs to look up certificates by telephone number.
* The "profile" object had more parameters added to it that can
override default parameters specified in the "attestation"
and "verification" objects.
* The "store" object was removed altogther as it was never
implemented.
* We now use libjwt to create outgoing Identity headers and to
parse and validate signatures on incoming Identiy headers. Our
previous custom implementation was much of the source of the
interoperability issues.
* General code cleanup and refactor.
* Moved things to better places.
* Separated some of the complex functions to smaller ones.
* Using context objects rather than passing tons of parameters
in function calls.
* Removed some complexity and unneeded encapsuation from the
config objects.
Resolves: #351Resolves: #46
UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.
UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed. The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information. This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added. Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
(cherry picked from commit 2e0d837e01)
The new mode lists for each codec translation the actual real cost in cpu microseconds per second translated audio.
This allows to compare the real cpu usage of translations and helps in evaluation of codec implementation changes regarding performance (regression testing).
- add new table mode
- hide the 999999 comp values, as these only indicate an issue with transcoding
- hide the 0 values, as these also do not contain any information (only indicate a multistep transcoding)
Resolves: #601
(cherry picked from commit 3c72bc8a7b)
If a dynamic string is created with an initial length of 0,
`ast_str_buffer(…)` will return an invalid pointer.
This was a secondary discovery when fixing #65.
(cherry picked from commit 31ab82840b)
Media Experience Score relies on incorrect pseudo_mos variable
calculation. According to forming an opinion section of the
documentation, calculation relies on ITU-T G.107 standard:
https://docs.asterisk.org/Deployment/Media-Experience-Score/#forming-an-opinion
ITU-T G.107 Annex B suggests to calculate MOS with a coefficient
"seven times ten to the power of negative six", 7 * 10^(-6). which
would mean 6 digits after the decimal point. Current implementation
has 7 digits after the decimal point, which downrates the calls.
Fixes: #597
(cherry picked from commit a7a03bc294)
If ast_dsp_process is called with a codec besides slin, ulaw,
or alaw, a warning is logged that in-band DTMF is not supported,
but this message is not always appropriate or correct, because
ast_dsp_process is much more generic than just DTMF detection.
This logs a more generic message in those cases, and also improves
codec-mismatch logging throughout dsp.c by ensuring incompatible
codecs are printed out.
Resolves: #595
(cherry picked from commit 6ddcdfce1f)
Under rare circumstances, it's possible for the original audio
session in the active_media_state default_session to be corrupted
instead of removed when switching to the t38/image media session
during fax negotiation. This can cause a segfault when a "pjsip
show channelstats" attempts to print that audio media session's
rtp statistics. In these cases, the active_media_state
topology is correctly showing only a single t38/image stream
so we now check that there's an audio stream in the topology
before attempting to use the audio media session to get the rtp
statistics.
Resolves: #592
(cherry picked from commit adcfbcd50e)
When started with a verbose level of 3, asterisk can emit over 1500
verbose message that serve no real purpose other than to fill up
logs. When asterisk shuts down, it emits another 1100 that are of
even less use. Since the testsuite runs asterisk with a verbose
level of 3, and asterisk starts and stops for every one of the 700+
tests, the number of log messages is staggering. Besides taking up
resources, it also makes it hard to debug failing tests.
This commit changes the log level for those verbose messages to 5
instead of 3 which reduces the number of log messages to only a
handful. Of course, NOTICE, WARNING and ERROR message are
unaffected.
There's also one other minor change...
ast_context_remove_extension_callerid2() logs a DEBUG message
instead of an ERROR if the extension you're deleting doesn't exist.
The pjsip_config_wizard calls that function to clean up the config
and has been triggering that annoying error message for years.
Resolves: #582
(cherry picked from commit a5ae546b88)
The last time configure was run, it was run on a system that
did not enable -std=gnu11 by default, which meant that the
restrict qualifier would not be recognized on certain platforms.
This regenerates the configure files from running bootstrap.sh,
so that these should be recognized on all supported platforms.
Resolves: #586
(cherry picked from commit d0d09ef010)
Fixes: #406
UserNote: Bundled pjproject has been upgraded to 2.14. For more
information on what all is included in this change, check out the
pjproject Github page: https://github.com/pjsip/pjproject/releases
(cherry picked from commit 6efa51f512)
This introduces a setting for outbound registrations to override the
global User-Agent header setting.
Resolves: #515
UserNote: PJSIP outbound registrations now support a per-registration
User-Agent header
(cherry picked from commit c7fc6ae362)
Adds 'p' option to SpeechBackground() application.
With this option, when the app timeout is reached,
whatever the backend speech engine collected will
be returned as if it were the final, full result.
(This works for engines that make partial results.)
Resolves: #572
UserNote: The SpeechBackground dialplan application now supports a 'p'
option that will return partial results from speech engines that
provide them when a timeout occurs.
(cherry picked from commit c863e0d77d)
Given the scenario of passing an empty string to the
ast_strsep functions the functions would return NULL
instead of an empty string. This is counter to how
strsep itself works.
This change alters the behavior of the functions to
match that of strsep.
Fixes: #565
(cherry picked from commit 8ce69eda14)
Adds the 'D' option to app chanspy that causes the input and output
frames of the spied channel to be interleaved in the spy output frame.
This allows the input and output of the spied channel to be decoded
separately by the receiver.
If the 'o' option is also set, the 'D' option is ignored as the
audio being spied is inherently one direction.
Fixes: #569
UserNote: The ChanSpy application now accepts the 'D' option which
will interleave the spied audio within the outgoing frames. The
purpose of this is to allow the audio to be read as a Dual channel
stream with separate incoming and outgoing audio. Setting both the
'o' option and the 'D' option and results in the 'D' option being
ignored.
(cherry picked from commit 69fe814813)
Need to update the github-script to v7 to squash deprecation
warnings.
Also fixed the API name for github.rest.pulls.requestReviewers.
(cherry picked from commit 9baf49497e)
Commit fa3922a4d2 fixed
a branching issue but "overshoots" when calculating
the next priority. This fixes that; accompanying
test suite tests have also been extended.
Resolves: #560
(cherry picked from commit ed39406838)
Resolves a regression identified by @justinludwig involving the
rendering of IPv6 addresses in outgoing SDP.
Also updates `media_address` on PJSIP endpoints so that if we are able
to parse the configured value as an IP we store it in a format that we
can directly use later. Based on my reading of the code it appeared
that one could configure `media_address` as:
```
[foo]
type = endpoint
...
media_address = [2001:db8::]
```
And that value would be blindly copied into the outgoing SDP without
regard to its format.
Fixes#541
(cherry picked from commit 9f20b4659f)
Currently, a reload will always occur if the
Reload header is provided for the UpdateConfig
action. However, we should not be doing a reload
if the header value has a falsy value, per the
documentation, so this makes the reload behavior
consistent with the existing documentation.
Resolves: #551
(cherry picked from commit 874ee6e9aa)
The numeric bridge profile options `internal_sample_rate` and
`maximum_sample_rate` are documented to accept the special values
`auto` and `none`, respectively. While these values currently work,
they also emit warnings when used which could be confusing for users.
In passing, also ensure that we only accept the documented range of
sample rate values between 8000 and 192000.
Fixes#546
(cherry picked from commit 03ad690276)
When app_macro was deprecated, the macrocontext column was removed from
the INSERT statement but the binds were not renumbered. This broke the
insert.
This change removes the macrocontext column via alembic and re-numbers
the existing columns in the INSERT.
Fixes: #527
UserNote: The fix requires removing the macrocontext column from the
voicemail_messages table in the voicemail database via alembic upgrade.
UpgradeNote: The fix requires that the voicemail database be upgraded via
alembic. Upgrading to the latest voicemail database via alembic will
remove the macrocontext column from the voicemail_messages table.
(cherry picked from commit a22db8fd60)
This adds a CLI command to manually toggle the MWI status
of a channel, useful for troubleshooting or resetting
MWI devices, similar to the capabilities offered with
SIP messaging to manually control MWI status.
UserNote: The 'dahdi set mwi' now allows MWI on channels
to be manually toggled if needed for troubleshooting.
Resolves: #440
(cherry picked from commit 4b908f364d)
This adds a simple CLI command that can be used for
analyzing all frames currently queued to a channel.
A couple log messages are also adjusted to be more
useful in tracing bridging problems.
Resolves: #533
(cherry picked from commit 67088b256d)
Commit 008731b0a4
caused a regression by resulting in logger.xml
being compiled and linked into the asterisk
binary in lieu of logger.c on certain platforms
if Asterisk was compiled in dev mode.
To fix this, we ensure the file has a unique
name without the extension. Most existing .xml
files have been named differently from any
.c files in the same directory or did not
pose this issue.
channels/pjsip/dialplan_functions.xml does not
pose this issue but is also being renamed
to adhere to this policy.
Resolves: #539
This reverts commit 315eb551db.
Over the past year, we've had several reports of "topology storms"
occurring where 2 external facing channels connected by one or more
local channels and bridges will get themselves in a state where
they continually send each other topology change requests. This
usually manifests itself in no-audio calls and a flood of
"Exceptionally long queue length" messages. It appears that this
commit is the cause so we're reverting it for now until we can
determine a more appropriate solution.
Resolves: #530
(cherry picked from commit c31cd32b82)
Instead of using the same error message for
missing dependencies and conflicts, be specific
about what actually went wrong.
Resolves: #520
(cherry picked from commit 7683259f37)
The ast_sip_request_transport_details must be zero initialized,
otherwise this could lead to a SEGV.
Resolves: #509
(cherry picked from commit 81188ada5f)
This fixes faulty branching logic for the
EndIf application. Instead of computing
the next priority, which should be done
for false conditionals or ExitIf, we should
simply advance to the next priority.
Resolves: #341
(cherry picked from commit 1bf4493371)
Commit 424be34563 introduced
a regression by calling ast_free on memory allocated by
realpath. This causes Asterisk to abort when executing this
function. Since the memory is allocated by glibc, it should
be freed using ast_std_free.
Resolves: #513
(cherry picked from commit bb364fc61f)
This increases the format width of option descriptions
to avoid needless truncation for longer descriptions.
Resolves: #428
(cherry picked from commit d20c3e2f6f)
Improve the "manager show connected" CLI command
to clarify that the last two columns are permissions
related, not counts, and use sufficient widths
to consistently display these values.
ASTERISK-30143 #close
Resolves: #482
(cherry picked from commit 09bd80c627)
Although `make_xml_documentation`'s `print_dependencies` command was
corrected by the previous fix (#461) for #142, the `create_xml` was
not properly handling `LOCAL_MOD_SUBDIRS` XML documentation.
(cherry picked from commit e001a1b6d3)
This fixes a number of broken links throughout the
tree, mostly caused by wiki.asterisk.org being replaced
with docs.asterisk.org, which should eliminate the
need for sporadic fixes as in f28047db36.
Resolves: #430
(cherry picked from commit 3bb34477d4)
Resolves: #462
UserNote: The option "j" is now available for the Dial application which
uses the initial stream topology of the caller to create the outgoing
channels.
(cherry picked from commit 366dc1e99f)
`pbx_config` subscribes to manager events to capture the `FullyBooted`
event but fails to unsubscribe if the module is loaded after that
event fires. If the module is unloaded, a crash occurs the next time a
manager event is raised.
We now unsubscribe when the module is unloaded if we haven't already
unsubscribed.
Fixes#470
(cherry picked from commit 16a42b2aec)
Instead of searching for the asterisk binary and the modules in the
filesystem, we now get their locations, along with libdir, from
the coredump itself...
For the binary, we can use `gdb -c <coredump> ... "info proc exe"`.
gdb can print this even without having the executable and symbols.
Once we have the binary, we can get the location of the modules with
`gdb ... "print ast_config_AST_MODULE_DIR`
If there was no result then either it's not an asterisk coredump
or there were no symbols loaded. Either way, it's not usable.
For libdir, we now run "strings" on the note0 section of the
coredump (which has the shared library -> memory address xref) and
search for "libasteriskssl|libasteriskpj", then take the dirname.
Since we're now getting everything from the coredump, it has to be
correct as long as we're not crossing namespace boundaries like
running asterisk in a docker container but trying to run
ast_coredumper from the host using a shared file system (which you
shouldn't be doing).
There is still a case for using --asterisk-bin and/or --libdir: If
you've updated asterisk since the coredump was taken, the binary,
libraries and modules won't match the coredump which will render it
useless. If you can restore or rebuild the original files that
match the coredump and place them in a temporary directory, you can
use --asterisk-bin, --libdir, and a new --moddir option to point to
them and they'll be correctly captured in a tarball created
with --tarball-coredumps. If you also use --tarball-config, you can
use a new --etcdir option to point to what normally would be the
/etc/asterisk directory.
Also addressed many "shellcheck" findings.
Resolves: #445
(cherry picked from commit aec2453688)
The `get_documentation` awk script will only extract the first
DOCUMENTATION block that it finds in a given file. This is by design
(9bc2127) to prevent AMI event documentation from being pulled in to
the core.xml documentation file.
Because of this, the `LOG_GROUP` documentation added in 89709e2 was
not being properly extracted and was missing fom the resulting XML
documentation file. This commit moves the `LOG_GROUP` documentation to
a separate `logger.xml` file.
(cherry picked from commit 1d05e34d98)
There are valid scenarios where res_odbc's connection pool might have some dead
or stuck connections while others are healthy (imagine network
elements/firewalls/routers silently timing out connections to a single DB and a
single IP address, or a heterogeneous connection pool connected to potentially
multiple IPs/instances of a replicated DB using a DNS front end for load
balancing and one replica fails).
In order to time out those unhealthy connections without blocking access to
other parts of Asterisk that may attempt access to the connection pool, it would
be beneficial to not lock/block access around the entire pool in
_ast_odbc_request_obj2 while doing potentially blocking operations on connection
pool objects such as the connection_dead() test, odbc_obj_connect(), or by
dereferencing a struct odbc_obj for the last time and triggering a
odbc_obj_disconnect().
This would facilitate much quicker and concurrent timeout of dead connections
via the connection_dead() test, which could block potentially for a long period
of time depending on odbc.ini or other odbc connector specific timeout settings.
This also would make rapid failover (in the clustered DB scenario) much quicker.
This patch changes the locking in _ast_odbc_request_obj2() to not lock around
odbc_obj_connect(), _disconnect(), and connection_dead(), while continuing to
lock around truly shared, non-immutable state like the connection_cnt member and
the connections list on struct odbc_class.
Fixes: #465
(cherry picked from commit e0bf65bde6)
If the script referenced by `#exec` does not exist, writes anything to
stderr, or exits abnormally or with a non-zero exit status, we log
that to Asterisk's error logging channel.
Additionally, write out a warning if the script produces no output.
Fixes#259
(cherry picked from commit b437cc3267)
If LOCAL_MOD_SUBDIRS contains absolute paths, do not prefix them with
the path to Asterisk's source tree.
Fixes#142
(cherry picked from commit 5f0b568341)
Resequencing is a process that occurs when we open a voicemail folder
and discover that there are gaps between messages (e.g. `msg0000.txt`
is missing but `msg0001.txt` exists). Resequencing involves shifting
the existing messages down so we end up with a sequential list of
messages.
Currently, this process stops after reaching a threshold based on the
message limit (`maxmsg`) configured on the current folder. However, if
`maxmsg` is lowered when a voicemail folder contains more than
`maxmsg + 10` messages, resequencing will not run completely leaving
the mailbox in an inconsistent state.
We now resequence up to the maximum number of messages permitted by
`app_voicemail` (currently hard-coded at 9999 messages).
Fixes#86
(cherry picked from commit fbe92dce2b)
When mwimonitor=yes is enabled for an FXO port,
the do_monitor thread will launch mwi_thread if it thinks
there could be MWI on an FXO channel, due to the noise
threshold being satisfied. This, in turns, calls
analog_ss_thread_start in sig_analog. However, unlike
all other instances where __analog_ss_thread is called
in sig_analog, this call path does not properly set
pvt->ss_astchan to the Asterisk channel, which means
that the Asterisk channel is NULL when __analog_ss_thread
starts executing. As a result, the thread exits and the
channel is never properly cleaned up by calling ast_hangup.
This caused issues with do_monitor on incoming calls,
as it would think the channel was still owned even while
receiving events, leading to an infinite barrage of
warning messages; additionally, the channel would persist
improperly.
To fix this, the assignment is added to the call path
where it is missing (which is only used for mwi_thread).
A warning message is also added since previously there
was no indication that __analog_ss_thread was exiting
abnormally. This resolves both the channel leak and the
condition that led to the warning messages.
Resolves: #458
(cherry picked from commit c930230a73)
In 5ac5c2b0 we defined `OPENSSL_SUPPRESS_DEPRECATED` to silence
deprecation warnings. This commit switches over to using
non-deprecated API.
(cherry picked from commit 05924e30f9)
Certain channel options are not set anywhere or
exposed in any way to users, making them unusable.
This exposes some of these options which make sense
for users to manipulate at runtime.
Resolves: #442
(cherry picked from commit 9211fb5e97)
Any function or application that accepts a `&`-separated list of
filenames can now include a literal `&` in a filename by wrapping the
entire filename in single quotes, e.g.:
```
exten = _X.,n,Playback('https://example.com/sound.cgi?a=b&c=d'&hello-world)
```
Fixes#172
UpgradeNote: Ampersands in URLs passed to the `Playback()`,
`Background()`, `SpeechBackground()`, `Read()`, `Authenticate()`, or
`Queue()` applications as filename arguments can now be escaped by
single quoting the filename. Additionally, this is also possible when
using the `CONFBRIDGE` dialplan function, or configuring various
features in `confbridge.conf` and `queues.conf`.
(cherry picked from commit 33213c1979)
I assume this was missed when initially converting to XML
documentation and we've been kicking the can down the road since.
(cherry picked from commit d3c411cd05)
Additionally add a `assert()` to in the TLS client setup code to
ensure that hostname is set when it is supposed to be.
Fixes#433
(cherry picked from commit 40a9f5a88c)
`astcachedir` (added in b0842713) was not added to `live_ast` so
continued to point to the system `/var/cache` directory instead of the
one in the live environment.
(cherry picked from commit 1e426b6f1c)
Fixes a crash due to a lack of proper reference on the nativeformats
object before passing it into ast_request(). Also found potentially
similar use case bugs in app_chanisavail.c, bridge.c, and bridge_basic.c
Fixes: #388
(cherry picked from commit b5c31b55c9)
This improves the documentation for the bandwidth setting
in iax.conf by making it clearer what the ramifications
of this setting are. It also changes the sample default
from low to high, since only high is compatible with good
codecs that people will want to use in the vast majority
of cases, and this is a common gotcha that trips up new users.
Resolves: #425
(cherry picked from commit 582c4645f3)
This adds the ability to filter console
logging by channel or groups of channels.
This can be useful on busy systems where
an administrator would like to analyze certain
calls in detail. A dialplan function is also
included for the purpose of assigning a channel
to a group (e.g. by tenant, or some other metric).
ASTERISK-30483 #close
Resolves: #242
UserNote: The console log can now be filtered by
channels or groups of channels, using the
logger filter CLI commands.
(cherry picked from commit a6439d3723)
Fedora 37 started shipping ilbc 3.0.4 which we don't yet support.
configure.ac now checks the system for "libilbc < 3" instead of
just "libilbc". If true, the system version of ilbc will be used.
If not, the version included at codecs/ilbc will be used.
Resolves: #84
(cherry picked from commit 5a770ad13f)
See UserNote below.
Exposed the existing Hangup AMI action in manager.c so we can use
all of it's channel search and AMI protocol handling without
duplicating that code in dialplan_functions.c.
Added a lookup function to res_pjsip.c that takes in the
string represenation of the pjsip_status_code enum and returns
the actual status code. I.E. ast_sip_str2rc("DECLINE") returns
603. This allows the caller to specify PJSIPHangup(decline) in
the dialplan, just like Hangup(call_rejected).
Also extracted the XML documentation to its own file since it was
almost as large as the code itself.
UserNote: A new dialplan app PJSIPHangup and AMI action allows you
to hang up an unanswered incoming PJSIP call with a specific SIP
response code in the 400 -> 699 range.
(cherry picked from commit af7e89ebf8)
When IAX2 debugging was enabled (`iax2 set debug on`), if the last IE
in a frame was one that may not have any data - such as the CALLTOKEN
IE in an NEW request - it was not getting displayed.
(cherry picked from commit 19507ae160)
If attempting to ring a channel using a nonexistent cadence,
emit a warning, before falling back to the default cadence.
Resolves: #409
(cherry picked from commit cdcdca5199)
This adds optional ADSI support to the Directory
application, which allows callers with ADSI CPE
to navigate the Directory system significantly
faster than is possible using the audio prompts.
Callers can see the directory name (and optionally
extension) on their screenphone and confirm or
reject a match immediately rather than waiting
for it to be spelled out, enhancing usability.
Resolves: #356
(cherry picked from commit 4a356e984c)
Currently, trying to call a Local channel with a slash
in the extension will fail due to the parsing of characters
after such a slash as being dial modifiers. Additionally,
core_local is inconsistent and incomplete with
its parsing of Local dial strings in that sometimes it
uses the first slash and at other times it uses the last.
For instance, something like DAHDI/5 or PJSIP/device
is a perfectly usable extension in the dialplan, but Local
channels in particular prevent these from being called.
This creates inconsistent behavior for users, since using
a slash in an extension is perfectly acceptable, and using
a Goto to accomplish this works fine, but if specified
through a Local channel, the parsing prevents this.
This fixes this by explicitly parsing options from the
last slash in the extension, rather than the first one,
which doesn't cause an issue for extensions with slashes.
ASTERISK-30013 #close
Resolves: #248
(cherry picked from commit 65f83311b7)
This adds an AMI event that is emitted whenever a
mailbox password is successfully changed, allowing
AMI consumers to process these.
UserNote: The VoicemailPasswordChange event is
now emitted whenever a mailbox password is updated,
containing the mailbox information and the new
password.
Resolves: #398
(cherry picked from commit 95bc661542)
In simple_bridge_join, we were sending topology change requests
even when the new and old topologies were the same. In some
circumstances, this can cause unnecessary re-invites and even
a re-invite flood. We now suppress those.
Resolves: #384
(cherry picked from commit 57d31d97dc)
If too many ciphers are specified in the PJSIP config,
include the maximum number of ciphers that may be
specified in the user-facing error message.
Resolves: #396
(cherry picked from commit d4185ca025)
* Allow res_speech to translate the input channel if the
format is translatable to a format suppored by the
speech provider.
Resolves: #129
UserNote: res_speech now supports translation of an input channel
to a format supported by the speech provider, provided a translation
path is available between the source format and provider capabilites.
(cherry picked from commit e8fbdca40b)
The '*' list indicator for default values and allowable values for
path, query and POST parameters need to be indented 4 spaces
instead of 2.
Should resolve issue 38 in the documentation repo.
(cherry picked from commit 443f94b438)
Per RFC8827:
Implementations MUST NOT implement DTLS renegotiation and MUST
reject it with a "no_renegotiation" alert if offered.
So we disable it when webrtc=yes is set.
Fixes#378
UpgradeNote: The dtls_rekey will be disabled if webrtc support is
requested on an endpoint. A warning will also be emitted.
(cherry picked from commit c7afd5357c)
Commit f66f77f last year prevents the res_pjsip_exten_state and
res_pjsip_mwi modules from unloading due to possible pjproject
asserts if the modules are reloaded. A side effect of the
implementation is that the taskprocessors these modules use aren't
being released. When asterisk is doing a graceful shutdown, it
waits AST_TASKPROCESSOR_SHUTDOWN_MAX_WAIT seconds for all
taskprocessors to stop but since those 2 modules don't release
theirs, the shutdown hangs for that amount of time.
This change allows the modules to be unloaded and their resources to
be released when ast_shutdown_final is true.
Resolves: #379
(cherry picked from commit b9ee664440)
This commit introduces an extension to the endpoint and relevant
resource sizes for PJSIP, transitioning from its current 40-character
constraint to a more versatile 255-character capacity. This enhancement
significantly overcomes limitations related to domain qualification and
practical usage, ultimately delivering improved functionality. In
addition, it includes adjustments to accommodate the expanded realm size
within the ARI, specifically enhancing the maximum realm length.
Resolves: #345
UserNote: With this update, the PJSIP realm lengths have been extended
to support up to 255 characters.
UpgradeNote: As part of this update, the maximum allowable length
for PJSIP endpoints and relevant resources has been increased from
40 to 255 characters. To take advantage of this enhancement, it is
recommended to run the necessary procedures (e.g., Alembic) to
update your schemas.
(cherry picked from commit 9b70b18dec)
The workflows that get triggered when PRs are submitted or updated
have been replaced with ones that are more secure and have
a higher level of parallelism.
(cherry picked from commit 6389654b21)
The workflows that get triggered when PRs are submitted or updated
have been replaced with ones that are more secure and have
a higher level of parallelism.
(cherry picked from commit d06bb7f2fe)
res_statsis's app loop sleeps for up to .2s waiting on input
to a channel before re-checking the command queue. This can
cause delays between channel setup and bridge.
This change is to send a SIGURG on the sleeping thread when
a new command is enqueued. This exits the sleeping thread out
of the ast_waitfor() call triggering the new command being
processed on the channel immediately.
Resolves: #362
UserNote: Call setup times should be significantly improved
when using ARI.
(cherry picked from commit 7ea0e3bfda)
Make it possible to start a playback and the calling party
to receive audio on a bridge before the call is connected.
Model the implementation after play_on_channel and deliver a
AST_CONTROL_PROGRESS before starting the playback.
For a PJSIP channel this will result in sending a SIP 183
Session Progress.
(cherry picked from commit 624c7ac883)
You can now define the _TRACE_PREFIX_ macro to change the
default trace line prefix of "file:line function" to
something else. Full documentation in logger.h.
(cherry picked from commit f599114ee3)
The current STIR/SHAKEN implementation is not currently usable due
to encryption issues. Rather than trying to futz with OpenSSL and
the the current code, we can take advantage of the existing
capabilities of libjwt but we first need to add it to the
third-party infrastructure already in place for jansson and
pjproject.
A few tweaks were also made to the third-party infrastructure as
a whole. The jansson "dest" install directory was renamed "dist"
to better match convention, and the third-party Makefile was updated
to clean all product directories not just the ones currently in
use.
Resolves: #349
(cherry picked from commit d7a6116681)
The documentation on qualify_timeout does not explicitly state that the timeout
includes any time required to perform any needed DNS queries on the endpoint.
If the OPTIONS response is delayed due to the DNS query, it can still render an
endpoint as Unreachable if the net time is enough for qualify_timeout to expire.
Resolves: #352
(cherry picked from commit 323a51fd6c)
Internally, chan_dahdi only applies callgroup and
pickupgroup to FXO signalled channels, but this is
not documented anywhere. This is now documented in
the sample config, and a warning is emitted if a
user tries configuring these settings for channel
types that do not support these settings, since they
will not have any effect.
Resolves: #294
(cherry picked from commit 5b89e40541)
This commit fixes crashes in JSON_DECODE() for types null, true, false
and real numbers.
In addition it ensures that a path is not deeper than 32 levels.
Also allow root object to be an array.
Add unit tests for above cases.
(cherry picked from commit 1cbbf36929)
res_speech_aeap previously did not register an error handler
with aeap, so it was not notified of a disconnect. This resulted
in SpeechBackground never exiting upon a websocket disconnect.
Resolves: #303
(cherry picked from commit e921f5e010)
If ADSI is available on a channel, app_voicemail will repeatedly
try to use ADSI, even if there is no CPE that supports it. This
leads to many unnecessary delays during the session. If ADSI is
available but ADSI setup fails, we now disable it to prevent
further attempts to use ADSI during the session.
Resolves: #354
(cherry picked from commit 75620616f4)
Some providers require a multiple of 20 for the maxptime or fail to complete calls,
e.g. Vivo in Brazil. To increase compatibility, only multiples of 20 are now used.
Resolves: #260
(cherry picked from commit ca1ed84820)
Previously, DETECT_DEADLOCKS depended on DEBUG_THREADS.
Unfortunately, DEBUG_THREADS adds a lot of lock tracking overhead
to all of the lock lifecycle calls whereas DETECT_DEADLOCKS just
causes the lock calls to loop over trylock in 200us intervals until
the lock is obtained and spits out log messages if it takes more
than 5 seconds. From a code perspective, the only reason they were
tied together was for logging. So... The ifdefs in lock.c were
refactored to allow DETECT_DEADLOCKS to be enabled without
also enabling DEBUG_THREADS.
Resolves: #321
UserNote: You no longer need to select DEBUG_THREADS to use
DETECT_DEADLOCKS. This removes a significant amount of overhead
if you just want to detect possible deadlocks vs needing full
lock tracing.
(cherry picked from commit e1050b4add)
The CLI .asterisk_history file is read from/written to the directory
specified by the HOME environment variable. If the root user starts
asterisk with the -U/-G options, or with runuser/rungroup set in
asterisk.conf, the asterisk process is started as root but then it
calls setuid/setgid to set the new user/group. This does NOT reset
the HOME environment variable to the new user's home directory
though so it's still left as "/root". In this case, the new user
will almost certainly NOT have access to read from or write to the
history file.
* Added function process_histfile() which calls
getpwuid(geteuid()) and uses pw->dir as the home directory
instead of the HOME environment variable.
* ast_el_read_default_histfile() and ast_el_write_default_histfile()
have been modified to use the new process_histfile()
function.
Resolves: #337
(cherry picked from commit fc516f5781)
From the gdb information, ast_websocket_read reads a message successfully,
then transport_read is called in the serializer. During execution of pjsip_transport_down,
ws_session->stream->fd is closed; ast_websocket_read encounters an error and exits the while loop.
After executing transport_shutdown, the transport's reference count becomes 0, causing a crash when sending SIP messages.
This was due to pjsip_transport_dec_ref executing earlier than pjsip_rx_data_clone, leading to this issue.
In websocket_cb executeing pjsip_transport_add_ref, this we now ensure the transport is not destroyed while in the loop.
Resolves: asterisk#299
(cherry picked from commit a38add11e6)
Add a wrapper function around ast_cel_publish_event that
packs event and extras into a blob before publishing
Resolves:#330
(cherry picked from commit 4592f97c36)
To terminate a console channel, stop_stream causes pthread_cancel
to make stream_monitor exit. However, commit 5b8fea93d1
added locking to this function which results in deadlock due to
the stream_monitor thread being killed while it's holding the pvt lock.
To resolve this, a flag is now set and read to indicate abort, so
the use of pthread_cancel and pthread_kill can be avoided altogether.
Resolves: #308
(cherry picked from commit 3b027d1e47)
To better co-exist with sounds files that may be managed by
packages, custom sound files may now be placed in
AST_DATA_DIR/sounds/custom instead of the standard
AST_DATA_DIR/sounds/<lang> directory. If the new
"sounds_search_custom_dir" option in asterisk.conf is set
to "true", asterisk will search the custom directory for sounds
files before searching the standard directory. For performance
reasons, the "sounds_search_custom_dir" defaults to "false".
Resolves: #315
UserNote: A new option "sounds_search_custom_dir" has been added to
asterisk.conf that allows asterisk to search
AST_DATA_DIR/sounds/custom for sounds files before searching the
standard AST_DATA_DIR/sounds/<lang> directory.
(cherry picked from commit 0e0f99db1d)
In function rtp_ioqueue_thread_remove counter in ioqueue object is not decreased
which prevents unused ICE TURN threads from being removed.
Resolves: #301
(cherry picked from commit 56244a7371)
The ast_sip_subscription_handler "test_handler" used for the unit
tests didn't set "body_type" so the NULL value was causing
a SEGV in build_subscription_tree(). It's now set to "".
Resolves: #335
(cherry picked from commit 71d75373f9)
The previous behavior of make_buildopts_h was to not add the
non-ABI-breaking MENUSELECT_CFLAGS like DETECT_DEADLOCKS,
REF_DEBUG, etc. to the buildopts.h file because "it caused
ccache to invalidate files and extended compile times". They're
only defined by passing them on the gcc command line with '-D'
options. In practice, including them in the include file rarely
causes any impact because the only time ccache cares is if you
actually change an option so the hit occurrs only once after
you change it.
OK so why would we want to include them? Many IDEs follow the
include files to resolve defines and if the options aren't in an
include file, it can cause the IDE to mark blocks of "ifdeffed"
code as unused when they're really not.
So...
* Added a new menuselect compile option ADD_CFLAGS_TO_BUILDOPTS_H
which tells make_buildopts_h to include the non-ABI-breaking
flags in buildopts.h as well as the ABI-breaking ones. The default
is disabled to preserve current behavior. As before though,
only the ABI-breaking flags appear in AST_BUILDOPTS and only
those are used to calculate AST_BUILDOPT_SUM.
A new AST_BUILDOPT_ALL define was created to capture all of the
flags.
* make_version_c was streamlined to use buildopts.h and also to
create asterisk_build_opts_all[] and ast_get_build_opts_all(void)
* "core show settings" now shows both AST_BUILDOPTS and
AST_BUILDOPTS_ALL.
UserNote: The "Build Options" entry in the "core show settings"
CLI command has been renamed to "ABI related Build Options" and
a new entry named "All Build Options" has been added that shows
both breaking and non-breaking options.
(cherry picked from commit 42f82d55b0)
func_periodic_hook does not hangup after playback, relying on hangup
which keeps the channel alive longer than necessary.
Resolves: #325
(cherry picked from commit 2265eafb3a)
func_periodic_hook was truncating long channel names which
causes issues when you need to run other dialplan functions/apps
on the channel.
Resolves: #319
(cherry picked from commit cff637a24f)
If the safe_asterisk script detects that the /var/lib/asterisk
directory doesn't exist, it now creates it with 755 permissions
instead of 770. safe_asterisk needing to create that directory
should be extremely rare though because it's normally created
by 'make install' which already sets the permissions to 755.
Resolves: #316
(cherry picked from commit 6bd9f9ae81)
Resolves: #298
UserNote: The dial string option 'g' was added to the UnicastRTP channel
which enables RTP glue and therefore native RTP bridges with those
channels.
(cherry picked from commit 1af2ae177c)
This newly introduced periodic-announce-startdelay makes it possible to
configure the initial start delay of the first periodic announcement
after which periodic-announce-frequency takes over.
UserNote: Introduce a new queue configuration option called
'periodic-announce-startdelay' which will vary the normal (historic)
behavior of starting the periodic announcement cycle at
periodic-announce-frequency seconds after entering the queue to start
the periodic announcement cycle at period-announce-startdelay seconds
after joining the queue. The default behavior if this config option is
not set remains unchanged.
Signed-off-by: Jaco Kroon <jaco@uls.co.za>
(cherry picked from commit 130c3ab792)
Using the Set dialplan application does not actually
delete channel or global variables. Instead the
variables are set to an empty value.
This change adds two dialplan functions,
GLOBAL_DELETE and DELETE which can be used to
delete global and channel variables instead
of just setting them to empty.
There is also no ability within the dialplan to
determine if a global or channel variable has
actually been set or not.
This change also adds two dialplan functions,
GLOBAL_EXISTS and VARIABLE_EXISTS which can be
used to determine if a global or channel variable
has been set or not.
Resolves: #289
UserNote: Four new dialplan functions have been added.
GLOBAL_DELETE and DELETE have been added which allows
the deletion of global and channel variables.
GLOBAL_EXISTS and VARIABLE_EXISTS have been added
which checks whether a global or channel variable has
been set.
(cherry picked from commit 182ad6926b)
* Since ICE candidates are used for the check and pjproject is
required to use ICE, res_rtp_asterisk was failing to compile
when pjproject wasn't available. The check is now wrapped
with an #ifdef HAVE_PJPROJECT.
* The rtp->ice_active_remote_candidates container was being
used to check the address on incoming packets but that
container doesn't contain peer reflexive candidates discovered
during negotiation. This was causing the check to fail
where it shouldn't. We now check against pjproject's
real_ice->rcand array which will contain those candidates.
* Also fixed a bug in ast_sockaddr_from_pj_sockaddr() where
we weren't zeroing out sin->sin_zero before returning. This
was causing ast_sockaddr_cmp() to always return false when
one of the inputs was converted from a pj_sockaddr, even
if both inputs had the same address and port.
Resolves: #500Resolves: #503Resolves: #505
When updating an existing header the 'update' code incorrectly
just copied the new value into the existing buffer. If the
new value exceeded the available buffer size memory outside
of the buffer would be written into, potentially causing
a crash.
This change makes it so that the 'update' now duplicates
the new header value instead of copying it into the existing
buffer.
Add patch to split the log level for invalid packets received on the
signaling port. The warning regarding the packet will move to level 2
so that it can still be displayed, while the raw packet will be at level
4.
When ICE is in use, we can prevent a possible DOS attack by allowing
DTLS protocol messages (client hello, etc) only from sources that
are in the active remote candidates list.
Resolves: GHSA-hxj9-xwr8-w8pq
When using AMI GetConfig, it was possible to access files outside of the
Asterisk configuration directory by using filenames with ".." and "./"
even while live_dangerously was not enabled. This change resolves the
full path and ensures we are still in the configuration directory before
attempting to access the file.
All of the links that reference page anchors with capital letters in
the ids (#Something) have been changed to lower case to match the
anchors that are generated by mkdocs.
(cherry picked from commit c4508accc6)
Handle session interval lower than endpoint's configured minimum timer
when sending first answer. Timer setting is checked during this step and
needs to handled appropriately.
Before this change, no response was sent at all. After this change a
response with 422 Session Interval too small is sent to UAC.
(cherry picked from commit 9284dca636)
If the called party hangs up while digits are being
sent, -1 is returned to indicate so, but app_dial
was not checking the return value, resulting in
the hangup being lost and looping forever until
the caller manually hangs up the channel. We now
abort if digit sending fails.
ASTERISK-29428 #close
Resolves: #281
(cherry picked from commit c032d38d3f)
Add quoting around the ps_endpoints 100rel column in the ALTER
statements. Although alembic doesn't complain when generating
sql statements, postgresql does (rightly so).
Resolves: #274
(cherry picked from commit f8438714ca)
* Fixed issue with the script not parsing the new tag format for
certified releases. The format changed from certified/18.9-cert5
to certified-18.9-cert5.
* Fixed issue where the asterisk version wasn't being considered
when looking for cached versions.
Resolves: #263
(cherry picked from commit 644ad2f9cd)
This adds support for Called Subscriber Held for FXS
lines, which allows users to go on hook when receiving
a call and resume the call later from another phone on
the same line, without disconnecting the call. This is
a convenience mechanism that most real PSTN telephone
switches support.
ASTERISK-30372 #close
Resolves: #240
UserNote: Called Subscriber Held is now supported for analog
FXS channels, using the calledsubscriberheld option. This allows
a station user to go on hook when receiving an incoming call
and resume from another phone on the same line by going on hook,
without disconnecting the call.
(cherry picked from commit cd0bfe193f)
This reverts commit 617dad4cba.
apps/app_stack.c: Revert buggy gosub patch
This seems to break the case when a predial macro calls a gosub.
When the gosub calls return, the Return function outputs:
app_stack.c:423 return_exec: Return without Gosub: stack is empty
This returns -1 to the calling macro, which returns to app_dial
and causes the call to hangup instead of proceeding with the macro
that invoked the gosub.
Resolves: #253
(cherry picked from commit 1d7ae8d227)
Fixes dependency solutions in install_prereq for Debian aarch64
platforms. install_prereq was attempting to forcibly install 32-bit
armhf packages due to the aptitude search for dependencies.
Resolves: #37
(cherry picked from commit 2f02095da8)
If the contact_user is configured on the endpoint it will now be set on the local Contact header URI for incoming calls. The contact_user has already been set on the local Contact header URI for outgoing calls.
Resolves: #226
(cherry picked from commit 720813dc97)
Added a new boolean configuration flag -
`order_multi_row_results_by_initial_column` - to both res_pgsql.conf
and res_config_odbc.conf that allows the administrator to disable the
explicit `ORDER BY` that was previously being added to all generated
SQL statements that returned multiple rows.
Fixes: #179
(cherry picked from commit 1171beb7e4)
An earlier cherry-pick that involved rest-api somehow didn't include
a comment change in res/ari/resource_endpoints.h. This commit
corrects that. No changes other than the comment.
(cherry picked from commit 21b0522abd)
The documentation for PJSIP_HEADERS claims that
prefix is optional, but in the code it is actually not.
However, there is no inherent reason for this, as users
may want to retrieve all header names, not just those
beginning with a certain prefix.
This makes the prefix optional for this function,
simply fetching all header names if not specified.
As a result, the documentation is now correct.
Resolves: #230
UserNote: The prefix argument to PJSIP_HEADERS is now
optional. If not specified, all header names will be
returned.
(cherry picked from commit 2179082eaf)
The default is 32 with 8 being used by pjproject itself. Recent
commits have put us over the limit resulting in assertions in
pjproject. Since this value is used in invites, dialogs,
transports and subscriptions as well as the global pjproject
endpoint, we don't want to increase it too much.
Resolves: #255
(cherry picked from commit d3ee0e6516)
In some cases I have yet to determine some stasis messages may
be created without a channel snapshot. This change adds some
tolerance to this scenario, preventing a crash from occurring.
(cherry picked from commit a75035be55)
stale-issue-message:'This issue is stale because it has been open 7 days with no activity. Remove stale label or comment or this will be closed in 14 days.'
stale-issue-label:stale
close-issue-message:'This issue was closed because it has been stalled for 14 days with no activity.'
This reverts commit 617dad4cba1513dddce87b8e95a61415fb587cf1.
apps/app_stack.c: Revert buggy gosub patch
This seems to break the case when a predial macro calls a gosub.
When the gosub calls return, the Return function outputs:
app_stack.c:423 return_exec: Return without Gosub: stack is empty
This returns -1 to the calling macro, which returns to app_dial
and causes the call to hangup instead of proceeding with the macro
that invoked the gosub.
Resolves: #253
- ### install_prereq: Fix dependency install on aarch64.
Author: Jason D. McCormick
Date: 2023-04-28
Fixes dependency solutions in install_prereq for Debian aarch64
platforms. install_prereq was attempting to forcibly install 32-bit
armhf packages due to the aptitude search for dependencies.
Resolves: #37
- ### res_pjsip.c: Set contact_user on incoming call local Contact header
Author: MikeNaso
Date: 2023-08-08
If the contact_user is configured on the endpoint it will now be set on the local Contact header URI for incoming calls. The contact_user has already been set on the local Contact header URI for outgoing calls.
Resolves: #226
- ### extconfig: Allow explicit DB result set ordering to be disabled.
Author: Sean Bright
Date: 2023-07-12
Added a new boolean configuration flag -
`order_multi_row_results_by_initial_column` - to both res_pgsql.conf
and res_config_odbc.conf that allows the administrator to disable the
explicit `ORDER BY` that was previously being added to all generated
SQL statements that returned multiple rows.
Fixes: #179
- ### rest-api: Run make ari-stubs
Author: George Joseph
Date: 2023-08-09
An earlier cherry-pick that involved rest-api somehow didn't include
a comment change in res/ari/resource_endpoints.h. This commit
corrects that. No changes other than the comment.
- ### res_pjsip_header_funcs: Make prefix argument optional.
Author: Naveen Albert
Date: 2023-08-09
The documentation for PJSIP_HEADERS claims that
prefix is optional, but in the code it is actually not.
However, there is no inherent reason for this, as users
may want to retrieve all header names, not just those
beginning with a certain prefix.
This makes the prefix optional for this function,
simply fetching all header names if not specified.
As a result, the documentation is now correct.
Resolves: #230
UserNote: The prefix argument to PJSIP_HEADERS is now
optional. If not specified, all header names will be
returned.
- ### pjproject_bundled: Increase PJSIP_MAX_MODULE to 38
Author: George Joseph
Date: 2023-08-11
The default is 32 with 8 being used by pjproject itself. Recent
commits have put us over the limit resulting in assertions in
pjproject. Since this value is used in invites, dialogs,
transports and subscriptions as well as the global pjproject
endpoint, we don't want to increase it too much.
Resolves: #255
- ### manager: Tolerate stasis messages with no channel snapshot.
Author: Joshua C. Colp
Date: 2023-08-09
In some cases I have yet to determine some stasis messages may
be created without a channel snapshot. This change adds some
tolerance to this scenario, preventing a crash from occurring.
Fixing bracket placement in the "queue add member" cli usage string.
- ### app_voicemail: Allow preventing mark messages as urgent.
Author: Naveen Albert
Date: 2024-02-24
This adds an option to allow preventing callers from leaving
messages marked as 'urgent'.
Resolves: #619
UserNote: The leaveurgent mailbox option can now be used to
control whether callers may leave messages marked as 'Urgent'.
- ### res_pjsip: Use consistent type for boolean columns.
Author: Sean Bright
Date: 2024-02-27
This migrates the relevant schema objects from the `('yes', 'no')`
definition to the `('0', '1', 'off', 'on', 'false', 'true', 'yes', 'no')`
one.
Fixes #617
- ### attestation_config.c: Use ast_free instead of ast_std_free
Author: George Joseph
Date: 2024-03-05
In as_check_common_config, we were calling ast_std_free on
raw_key but raw_key was allocated with ast_malloc so it
should be freed with ast_free.
Resolves: #636
- ### Makefile: Add stir_shaken/cache to directories created on install
Author: George Joseph
Date: 2024-03-04
The default location for the stir_shaken cache is
/var/lib/asterisk/keys/stir_shaken/cache but we were only creating
/var/lib/asterisk/keys/stir_shaken on istall. We now create
the cache sub-directory.
Resolves: #634
- ### Stir/Shaken Refactor
Author: George Joseph
Date: 2023-10-26
Why do we need a refactor?
The original stir/shaken implementation was started over 3 years ago
when little was understood about practical implementation. The
result was an implementation that wouldn't actually interoperate
with any other stir-shaken implementations.
There were also a number of stir-shaken features and RFC
requirements that were never implemented such as TNAuthList
certificate validation, sending Reason headers in SIP responses
when verification failed but we wished to continue the call, and
the ability to send Media Key(mky) grants in the Identity header
when the call involved DTLS.
Finally, there were some performance concerns around outgoing
calls and selection of the correct certificate and private key.
The configuration was keyed by an arbitrary name which meant that
for every outgoing call, we had to scan the entire list of
configured TNs to find the correct cert to use. With only a few
TNs configured, this wasn't an issue but if you have a thousand,
it could be.
What's changed?
* Configuration objects have been refactored to be clearer about
their uses and to fix issues.
* The "general" object was renamed to "verification" since it
contains parameters specific to the incoming verification
process. It also never handled ca_path and crl_path
correctly.
* A new "attestation" object was added that controls the
outgoing attestation process. It sets default certificates,
keys, etc.
* The "certificate" object was renamed to "tn" and had it's key
change to telephone number since outgoing call attestation
needs to look up certificates by telephone number.
* The "profile" object had more parameters added to it that can
override default parameters specified in the "attestation"
and "verification" objects.
* The "store" object was removed altogther as it was never
implemented.
* We now use libjwt to create outgoing Identity headers and to
parse and validate signatures on incoming Identiy headers. Our
previous custom implementation was much of the source of the
interoperability issues.
* General code cleanup and refactor.
* Moved things to better places.
* Separated some of the complex functions to smaller ones.
* Using context objects rather than passing tons of parameters
in function calls.
* Removed some complexity and unneeded encapsuation from the
config objects.
Resolves: #351
Resolves: #46
UserNote: Asterisk's stir-shaken feature has been refactored to
correct interoperability, RFC compliance, and performance issues.
See https://docs.asterisk.org/Deployment/STIR-SHAKEN for more
information.
UpgradeNote: The stir-shaken refactor is a breaking change but since
it's not working now we don't think it matters. The
stir_shaken.conf file has changed significantly which means that
existing ones WILL need to be changed. The stir_shaken.conf.sample
file in configs/samples/ has quite a bit more information. This is
also an ABI breaking change since some of the existing objects
needed to be changed or removed, and new ones added. Additionally,
if res_stir_shaken is enabled in menuselect, you'll need to either
have the development package for libjwt v1.15.3 installed or use
the --with-libjwt-bundled option with ./configure.
- ### translate.c: implement new direct comp table mode
Author: Sebastian Jennen
Date: 2024-02-25
The new mode lists for each codec translation the actual real cost in cpu microseconds per second translated audio.
This allows to compare the real cpu usage of translations and helps in evaluation of codec implementation changes regarding performance (regression testing).
- add new table mode
- hide the 999999 comp values, as these only indicate an issue with transcoding
- hide the 0 values, as these also do not contain any information (only indicate a multistep transcoding)
Resolves: #601
- ### README.md: Removed outdated link
Author: Shyju Kanaprath
Date: 2024-02-23
Removed outdated link http://www.quicknet.net from README.md
cherry-pick-to: 18
cherry-pick-to: 20
cherry-pick-to: 21
- ### strings.h: Ensure ast_str_buffer(…) returns a 0 terminated string.
Author: Sean Bright
Date: 2024-02-17
If a dynamic string is created with an initial length of 0,
`ast_str_buffer(…)` will return an invalid pointer.
This was a secondary discovery when fixing #65.
- ### res_rtp_asterisk.c: Correct coefficient in MOS calculation.
Author: romryz
Date: 2024-02-06
Media Experience Score relies on incorrect pseudo_mos variable
calculation. According to forming an opinion section of the
documentation, calculation relies on ITU-T G.107 standard: