When dealing with a lot of video streams on WebRTC
the resulting SDPs can grow to be quite large. This
effectively doubles the maximum size to allow more
streams to exist.

The res_http_websocket module has also been changed
to use a buffer on the session for reading in packets
to ensure that the stack space usage is not excessive.

Change-Id: I31d4351d70c8e2c11564807a7528b984f3fbdd01

I noticed this while looking at another issue and brought
it up with Teluu. It was possible for an uninitialized timer
to be cancelled, resulting in the invalid timer id of 0
being placed into the timer heap causing issues.

This change is a backport from the pjproject repository
preventing this from happening.

Change-Id: I1ba318b1f153a6dd7458846396e2867282b428e7

This patch makes the usual necessary changes when upgrading to a new
version pjproject. For instance, version number bump, patches removed
from third-party, new *.md5 file added, etc..

This patch also includes a change to the Asterisk pjproject Makefile to
explicitly create the 'source/pjsip-apps/lib' directory. This directory
is no longer there by default so needs to be added so the Asterisk
malloc debug can be built.

This patch also includes some minor changes to Asterisk that were a result
of the upgrade. Specifically, there was a backward incompatibility change
made in 2.10 that modified the "expires header" variable field from a
signed to an unsigned value. This potentially effects comparison. Namely,
those check for a value less than zero. This patch modified a few locations
in the Asterisk code that may have been affected.

Lastly, this patch adds a new macro PJSIP_MINVERSION that can be used to
check a minimum version of pjproject at compile time.

ASTERISK-28899 #close

Change-Id: Iec8821c6cbbc08c369d0e3cd2f14e691b41d0c81

Pjproject makefiles miss some dependencies which can cause race
conditions when building with parallel make processes. This patch
adds such dependencies correctly.

ASTERISK-28879 #close
Reported-by: Dmitry Wagin <dmitry.wagin@ya.ru>

Change-Id: Ie1b0dc365dafe4a84c5248097fe8d73804043c22

The configure.m4 script for pjproject contains some += syntax, which
is specific to bash, replacing it with string substitutions makes
the script compatible with traditional Bourne shells.

ASTERISK-28866 #close
Reported-by: Christoph Moench-Tegeder <cmt@FreeBSD.org>

Change-Id: I382a78160e028044598b7da83ec7e1ff42b91c05

In practice it has been seen that some users come
close to our maximum ICE candidate count of 32.
In case people have gone over this increases the
count to 64, giving ample room.

ASTERISK-28859

Change-Id: I35cd68948ec0ada86c14eb53092cdaf8b62996cf

ASTERISK-28837

Change-Id: Id057324912a3cfe6f50af372675626bb515907d9

ASTERISK-28758
Reported by: Patrick Wakano
Reported by: Dmitriy Serov

Change-Id: Ifb6b85c559d116739af00bc48d1f547caa85efac

Change-Id: Iebf7687613aa0295ea3c82256460b337f1595be2

When handling ICE negotiations, it's possible that there can be a delay
between STUN binding requests which in turn will cause a delay in ICE
completion, preventing media from flowing. It should be possible to send
media when there is at least one valid pair, preventing this scenario
from occurring.

A change was added to PJPROJECT that adds an optional callback
(on_valid_pair) that will be called when the first valid pair is found
during ICE negotiation. Asterisk uses this to start the DTLS handshake,
allowing media to flow. It will only be called once, either on the first
valid pair, or when ICE negotiation is complete.

ASTERISK-28716

Change-Id: Ia7b68c34f06d2a1d91c5ed51627b66fd0363d867

ASTERISK-26955 #close
Reported by: Peter Sokolov

Change-Id: Ib2803640905a77b65d0cee2d0ed2c7b310d470ac

Issues in pjproject 2.9 caused us to revert some of their changes
as a work around.  This introduced another issue where pjproject
wouldn't build with older gcc versions such as that found on
CentOS 6.  This commit replaces the reverts with the official
fixes for the original issues and allows pjproject to be built
on CentOS 6 again.

ASTERISK-28574
Reported-by: Niklas Larsson

Change-Id: I06f8507bea553d1a01b0b8874197d35b9d47ec4c

We've found a connection re-use regression in pjproject 2.9
introduced by commit
"Close #1019: Support for multiple listeners."
https://trac.pjsip.org/repos/changeset/6002
https://trac.pjsip.org/repos/ticket/1019

Normally, multiple SSL requests should reuse the same connection
if one already exists to the remote server.  When a transport
error occurs, the next request should establish a new connection
and any following requests should use that same one.  With this
patch, when a transport error occurs, every new request creates
a new connection so you can wind up with thousands of open tcp
sockets, possibly exhausting file handles, and increasing memory
usage.

Reverting pjproject commit 6002 (and related 6021) restores the
expected behavior.

We also found a memory leak in SSL processing that was introduced by
commit
"Fixed #2204: Add OpenSSL remote certificate chain info"
https://trac.pjsip.org/repos/changeset/6014
https://trac.pjsip.org/repos/ticket/2204

Apparently the remote certificate chain is continually recreated
causing the leak.

Reverting pjproject commit 6014 (and related 6022) restores the
expected behavior.

Both of these issues have been acknowledged by Teluu.

ASTERISK-28521

Change-Id: I8ae7233c3ac4ec29a3b991f738e655dabcaba9f1

NEC SIP Station interface with authenticated registration only supports cnonce
up to 32 characters.  In Linux, PJSIP would generate 36 character cnonce
which included hyphens.  Teluu developed this patch adding a compile time
setting to default to not include the hyphens.  They felt it best to still
generate the UUID and strip the hyphens.
They have indicated it will be part of PJSIP 2.10.

ASTERISK-28509
Reported-by: Dan Cropp

Change-Id: Ibdfcf845d4f8c0a14df09fd983b11f2d72c5f470

Most SSL/TLS error messages coming from pjproject now have either
the peer address:port or peer hostname, depending on what was
available at the time and code location where the error was
generated.

ASTERISK-28444
Reported by: Bernhard Schmidt

Change-Id: I41770e8a1ea5e96f6e16b236692c4269ce1ba91e

Relies on https://github.com/asterisk/third-party/pull/4

Change-Id: Iec9cad42cb4ae109a86a3d4dae61e8bce4424ce3

This patch fixes three compatibility issues for Darwin compatible builds:

(1) Use BSD compatible command line option for sed

For some versions of BSD sed, the -r command line option is unknown.
Both GNU and BSD sed support the -E command line option for enabling
extended regular expressions; as such, this patch replaces the -r
option with -E.

(2) Look for '_' in pjproject generated symbols

In Darwin comaptible systems, the symbols generated for pjproject may be
prefixed with an '_'. When exporting these to a symbol file, the invocation
to sed has to optionally look for a prefix of said '_' character.

(3) Use -all_load/-noall_load when linking

The flags -whole-archive/-no-whole-archive are not supported by the
linker, and must instead be replaced with -all_load/-noall_load.

Change-Id: I58121756de6a0560a6e49ca9d6bf9566a333cde3

Fixed #2191:
  - Stricter double timer entry scheduling prevention.
  - Integrate group lock in SIP transport, e.g: for add/dec ref,
    for timer scheduling.

ASTERISK-28161
Reported-by: Ross Beer

Change-Id: I2e09aa66de0dda9414d8a8259a649c4d2d96a9f5

When the gcc version is >= 8.2.1, we were already setting the
--fno-partial-inlining flag for Asterisk source files to get around
a gcc bug but we weren't passing the flag down to the bundled
builds of pjproject and jansson.

ASTERISK-28392

Change-Id: I99ede9bc35408ecd096f7d5369e8192d3dc75704

ASTERISK-28161 #close
Reported by: Ross Beer

Change-Id: I65331d554695753005eaa66c1d5d4807fe9009c8

On OpenSuse Leap, libjansson.a is installed in
third-party/jansson/dest/lib64 instead of lib (which is where
the top-level makeopts looks).  This causes a link failure.

* Updated jansson/Makefile to add an explicit --libdir to force
  the installation to third-party/jansson/dest/lib.

ASTERISK-28271
Reported by: David Wilcox

Change-Id: Ibf8af75e5da13562105fcc39ed898c6ef0b5a5f3

Bundled pjproject and jansson must be configured with the host and build
parameters provided to the configure script.
Autotools do not permit to check for the existence of local header files, so
the control of hrirs.h must not be done when cross-compiling.

ASTERISK-28250

Change-Id: If0a76e52a87d4ab82b7d4c72d27d8759ca931880

Fixed #2172: Avoid double reference counter decrements in
timer in the scenario of race condition between
pj_timer_heap_cancel() and pj_timer_heap_poll().

Change-Id: If000e9438c83ac5084b678eb811e902c035bd2d8

In ASTERISK-27095 an issue had been fixed because of which chan_pjsip was not
trying to send UPDATE messages when connected_line_method was set to invite.
However this only solved the issue for incoming INVITES. For outgoing INVITES
(important when transferring calls) the options variable needs to be updated
at a different place.

ASTERISK-28182 #close
Reported-by: nappsoft

Change-Id: I76cc06da4ca76ddd6dce814a8b97cc66b98aaf29

This brings in jansson-2.12, removes all patches that were merged
upstream.  README is created in third-party/jansson/patches to explain
how to add patches but also because the patches folder must exist for
the build process to succeed.

Change-Id: If0f2d541c50997690660c21fb7b03d625a5cdadd

We previously allowed resample and g711 codecs to be built when
TEST_FRAMEWORK was enabled.  This could cause errors if the testsuite
was run without this option enabled.  Switch the build system to allow
those codecs to be built when --enable-dev-mode is used.  This removes a
chance for strange testsuite errors from use of an inadequate pjsua
binary.

Change-Id: Iee8a3613cdb711fa7e7d217c5a775a575907ae22

pack_string crashed on non-NULL strings returned when s->has_error was
true if the string was the result of 's' format without '#', '%' or '+'.

Change-Id: Ic125df691d81ba2cbc413e37bdae657b304d20d0

This change implements a few different generic things which were brought
on by Google Voice SIP.

1.  The concept of flow transports have been introduced.  These are
configurable transports in pjsip.conf which can be used to reference a
flow of signaling to a target.  These have runtime configuration that can
be changed by the signaling itself (such as Service-Routes and
P-Preferred-Identity).  When used these guarantee an individual connection
(in the case of TCP or TLS) even if multiple flow transports exist to the
same target.

2.  Service-Routes (RFC 3608) support has been added to the outbound
registration module which when received will be stored on the flow
transport and used for requests referencing it.

3.  P-Associated-URI / P-Preferred-Identity (RFC 3325) support has been
added to the outbound registration module.  If a P-Associated-URI header
is received it will be used on requests as the P-Preferred-Identity.

4.  Configurable outbound extension support has been added to the outbound
registration module.  When set the extension will be placed in the
Supported header.

5.  Header parameters can now be configured on an outbound registration
which will be placed in the Contact header.

6.  Google specific OAuth / Bearer token authentication
(draft-ietf-sipcore-sip-authn-02) has been added to the outbound
registration module.

All functionality changes are controlled by pjsip.conf configuration
options and do not affect non-configured pjsip endpoints otherwise.

ASTERISK-27971 #close

Change-Id: Id214c2d1c550a41fcf564b7df8f3da7be565bd58

This patch is not in the upstream pjproject and does unsafe things with
the timer->_timer_id and timer->_grp_lock values in pj_timer_entry_reset()
outside of the timer heap lock.  pj_timer_entry_reset() is also called for
timers that are not about to be rescheduled in a few places.

Change-Id: I4fe0b4bc648f7be5903cf4531b94fc87275713c1

Change-Id: I045e420d5e73e60639079246e810da6ae21ae22b

Use json_vsprintf from versions which contain fix for va_copy leak.

Apply fixes from jansson master:
* va_copy leak fix.
* Avoid potential invalid memory read in json_pack.
* Rename variable that shadowed another.

Change-Id: I7522e462d2a52f53010ffa1e7d705c666ec35539

When writing an RTCP report to json the code attempts to pack the "ssrc" and
"source_ssrc" unsigned integer values as a signed int value type. This of course
means if the ssrc's unsigned value is greater than that which can fit into a
signed integer value it gets converted to a negative number. Subsequently, the
negative value goes out in the json report.

This patch now packs the value as a json_int_t, which is the widest integer type
available on a given system. This should make it so the value no longer
overflows.

Note, this was caught by two failing tests hep/rtcp-receiver/ and
hep/rtcp-sender.

Change-Id: I2af275286ee5e795b79f0c3d450d9e4b28e958b0

ASTERISK-28059

Change-Id: I027472f2753391646dde594a709a75f14422db93

This change brings in PJSIP 2.8, removes all the patches
that were merged upstream, and makes a minor change to
support a breaking change that was done.

ASTERISK-28059

Change-Id: I5097772b11b0f95c3c1f52df6400158666f0a189

If Asterisk is built using a DESTDIR this will cause the bundled jansson
to be installed to an unexpected location and we will fail to find it.

Change-Id: Id033e2813261e0d45232383d44c6391122169548

The authors of PJProject undef s_addr because of some issue in Microsoft
Windows. However in Oracle Solaris, s_addr is not a structure member, but
defined to map to the real structure member.

Updates the patch from ASTERISK_20366

ASTERISK-27997

Change-Id: I8223026d4d54e2a46521085fcc94bfa6ebe35b11

The script configure from Teluu expects shared libraries (.so) in a subfolder
called 'lib', when --with-xyz=PATH is specified. However for OpenSSL, the
default location is the root of the source folder = PATH. Furthermore, Asterisk
supports both, 'lib' and root. For consistency and because Asterisk is using
(only) OpenSSL in PJProject, it is enhanced to support both locations, just
like Asterisk.

ASTERISK-27995

Change-Id: I8eb916a88b6b8c22e29bb40bee8faaca6c73406f

The tdata containing the response can be shared by both the dialog
object and the tsx object.  In order to prevent the race condition
between the tsx retransmission and the dialog sending a response,
clone the tdata before modifying it for the dialog send response.

ASTERISK-27966 #close

Change-Id: Ic381004a3a212fe1d8eca0e707fe09dba4a6ab4e

Changing any Menuselect option in the `Compiler Flags` section causes a
full rebuild of the Asterisk source tree.  Every enabled option causes
a #define to be added to buildopts.h, thus breaking ccache caching for
every source file that includes "asterisk.h".  In most cases each option
only applies to one or two files.  Now we only define those options for
the specific sources which use them, this causes much better cache
matching when working with multiple builds.  For example testing code
with an without MALLOC_DEBUG will now use just over half the ccache
size, only main/astmm.o will have two builds cached instead of every
file.

Reorder main/Makefile so _ASTCFLAGS set on specific object files are all
together, sorted by filename.  Stop adding -DMALLOC_DEBUG to CFLAGS of
bundled pjproject, this define is no longer used by any header so only
serves to break cache.

The only code change is a slight adjustment to how main/astmm.c is
initialized.  Initialization functions always exist so main/asterisk.c
can call them unconditionally.  Additionally rename the astmm
initialization functions so they are not exported.

Change-Id: Ie2085237a964f6e1e6fff55ed046e2afff83c027

Change-Id: I7392c79c0173057f5378010bf1fe65e300e8fc56