GitLab

Call ubus_lookup_id directly instead of passively being updated by
the callback ubus_event_new_obj() which doesn't work reliably during
the system startup.

Some long verbose or debug log messages like contents of INVITE are truncated in syslog,
/var/log/asterisk/messages and console.

There were two issues before this fix.
- The dynamic RTP payload type 96-127 can not be configured with option rtp_pt_dynamic
- 101 is always used as the telephone-event payload type regardless the configured value

The problem was caused by a segmentation fault in chan_sip.c.

Note
In order to make CBBS (Calling Back when Busy) work, the SIP account which is associated
with the channel triggering the service must be configured with at least one codec, e.g.

config sip_service_provider 'sip0'
	option codec0 'alaw'
	option ptime_alaw '20'

Otherwise a "488 not acceptable" will be received for the subsequent INVITE requests since
the only offered codec is "rtpmap:10 L16" (slin).

- Replace brcm.conf with chan_telephony.conf
- Replace channel type "BRCM" with "TELCHAN"

It is caused that PTHREAD_RECURSIVE_MUTEX_INITIALIZER_NP is not defined on Broadcom ARM platform.
But recursive mutex is mandatory for Asterisk to work properly. Otherwise there will be dead lock
in some modules, e.g. loader.c.

The current version (3cc129fe) of asterisk including chan_brcm
is based upon 16.3.0 (tag: certified-16.3, commitment: e48f63cf),
plus all iopsys changes made on version 13.18.4.

The snapshot taken from iopsys' git repo asterisk-13.x with the following commitment.
92b9750802152983553f72cf22323205c8aef2a8

It can also be found from the below link.
asterisk-13.x@92b97508

Also replace __ao2_callback_debug() with __ao2_callback() in chan_sip.c as the former
has been removed from the current version of asterisk.

Note that chan_brcm is not included yet.

There was a race condition between client initiated DTLS setup, and handling
of server side ice completion that caused the underlying SSL object to get
cleared during DTLS initialization. If this happened Asterisk would be left
in a partial DTLS setup state. RTP packets were sent and received, but were
not being encrypted and decrypted. This resulted in no audio, or static.

Specifically, this occurred when '__rtp_recvfrom' was processing the handshake
sequence from the client to the server, and then 'ast_rtp_on_ice_complete'
gets called from another thread and clears the SSL object when calling the
'dtls_perform_setup' function. The timing had to be just right in the sense
that from the external SSL library perspective SSL initialization completed
(rtp recv), Asterisk clears/resets the SSL object (ice done), and then checks
to see if SSL is intialized (rtp recv). Since it was cleared, Asterisk thinks
it is not finished, thus not completing 'dtls_srtp_setup'.

This patch removes calls to 'dtls_perform_setup', which clears the SSL object,
in 'ast_rtp_on_ice_complete'. When ice completes, there is no reason to clear
the underlying SSL object. If an ice candidate changes a full protocol level
renegotiation occurs. Also, in the case of bundled ICE candidates are reused
when a stream is added. So no real reason to have to clear, and reset in this
instance.

Also, this patch adds a bit of extra logging to aid in diagnosis of any future
problems.

ASTERISK-28742 #close

Change-Id: I34c9e6bad5a39b087164646e2836e3e48fe6892f

In Asterisk 16+, there are a few places in ast_rtp_read where we've
allocated a frame list but return a null frame instead of the list.
In these cases, any frames left in the list won't be freed.  In the
vast majority of the cases, the list is empty when we return so
there's nothing to free but there have been leaks reported in the
wild that can be traced back to frames left in the list before
returning.

The escape paths now all have logic to free frames left in the
list.

ASTERISK-28609
Reported by: Ted G

Change-Id: Ia1d7075857ebd26b47183c44b1aebb0d8f985f7a

ConfBridge has the ability to move between different sample
rates for mixing the conference bridge. Up until now there has
only been the ability to set the conference bridge to mix at
a specific sample rate, or to let it move between sample rates
as necessary. This change adds the ability to configure a
conference bridge with a maximum sample rate so it can move
between sample rates but only up to the configured maximum.

ASTERISK-28658

Change-Id: Idff80896ccfb8a58a816e4ce9ac4ebde785963ee

The problem is essentially the same as in ASTERISK~28245. Besides
the direct media scenario we have an additional scenario where a
special client is involved. This device mutes audio by default in
transmit direction (no rtp frames) and activates audio only by a
foot switch. In this situation dtmf input (pin for conferences,
transfer features codes , etc) using SIP INFO mode is not
understood properly especially when SIP INFO messages are sent
quickly.

This patch ensures that SIP INFO frames are properly queued and
processed in the above scenario. The patch also corrects situations
where successive dtmf events are received quicker than the
signalled event duration (plus minimum gap/pause) allows, i.e. DTMF
events have to be buffered in the ast channel read queue and
emulation has to be processed asynchronously at slower speed.

Reported by: Thomas Arimont
patches:
  trigger_dtmf_emulation.patch submitted by Thomas Arimont (license 5525)

Change-Id: I309bf61dd065c9978c8e48f5b9a936ab47de64c2

ASTERISK-28631

Change-Id: Ia74d084799fbb9bee3403e30d2391aacd46243cc

Change-Id: I6f709a45a0d4ebadf8d51f64bd3509b1382d0496

If the name of a peer is known and a SIP request is sent using that
peer's name, the address of the peer will change even if the request
fails the authentication challenge. This means that an endpoint can
be altered and even rendered unusuable, even if it was in a working
state previously. This can only occur when the nat option is set to the
default, or auto_force_rport.

This change checks the result of authentication first to ensure it is
successful before setting the address and the nat option.

ASTERISK-28589 #close

Change-Id: I581c5ed1da60ca89f590bd70872de2b660de02df

If an AMI user without the "system" authorization calls the
Originate AMI command with the Originate application,
the second Originate could run the "System" command.

Action: Originate
Channel: Local/1111
Application: Originate
Data: Local/2222,app,System,touch /tmp/owned

If the "system" authorization isn't set, we now block the
Originate app as well as the System, Exec, etc. apps.

ASTERISK-28580
Reported by: Eliel Sardañons

Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa

ASTERISK-28624

Change-Id: I8da7c300dd985ab7b10dbd5194aff2f737808561

ASTERISK-28616

Change-Id: Iabe31ae38d01604284fcc5c2438d44e29a32ea4d

There exists a scenario where a thread can hold a lock on the
channels container while trying to lock a bridge. At the same
time another thread can hold the lock for said bridge while
attempting to retrieve a channel. This causes a deadlock.

This change fixes this scenario by retrieving a channel snapshot
instead of a channel, as information present in the snapshot
is all that is needed.

ASTERISK-28616

Change-Id: I68ceb1d62c7378addcd286e21be08a660a7cecf2

The following message:

"Subscription request from endpoint <blah> rejected. Expiration of 0 is invalid"

Would sometimes spam the log with warnings if Asterisk restarted and a bunch
of clients sent unsubscribes. This patch changes it from a warning to a debug
message.

Change-Id: I841ec42f65559f3135e037df0e55f89b6447a467

When a stale item was being updated the object was being retrieved, but its
reference was not being decremented after the update. This patch makes it so
the object is now appropriately de-referenced.

ASTERISK-28523

Change-Id: I9d8173d3a0416a242f4eba92fa0853279c500ec7

When fax detection occurs on an outbound PJSIP channel the
redirect operation will result in a masquerade occurring and
the underlying channel on the session changing. The code
incorrectly relocked the new channel instead of the old
channel when returning. This resulted in the new channel
being locked indefinitely. The code now always acts on the
expected channel.

ASTERISK-28538

Change-Id: I2b2e60d07e74383ae7e90d752c036c4b02d6b3a3

After receiving a 200 OK with a declined stream in response to a T.38
initiated re-invite Asterisk would crash when attempting to dereference
a NULL session media object.

This patch checks to make sure the session media object is not NULL before
attempting to use it.

ASTERISK-28495
patches:
  ast-2019-004.patch submitted by Alexei Gradinari (license 5691)

Change-Id: I168f45f4da29cfe739acf87e597baa2aae7aa572
(cherry picked from commit 965df3c2)

Module res_adsi.so is deprecated, therefore it does not load by default.
Module not loaded causes it to yield a FAIL when tested by tests/test_utils.c.
This fix checks if the corresponding module is loaded at the start of the test,
and if not, it passes the test and exits with a message.

This fix is applied to all versions where the module is marked deprecated.

Change-Id: I52be64c8f6af222e15148a856d1f10cb113e1e94

Change-Id: I52be64c8f6af2bbe15148a856d1f10cb113e1e94

To make throttling by label fully active, the "throttle" option
has to be specified with a specific label.

You can now specify "skip_gate" in the Gerrit comments when you
do a +2 code review to tell Jenkins not to actually run the
gate.  You'd do this if you plan to manually merge the change.

Also updated the "printenv" debug output to better sort multi-line
comments.

Change-Id: I4c0b1085acec4805f2ca207eebac50aad81f27e2