The PeerStatus event for IAX2 channels currently includes a header named Post
which should have been Port.  Post was removed and the AMI version has been
updated to 1.3.
........

Merged revisions 359982 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359983 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Fix AMI module reload deadlock regression from ASTERISK-18479 when it
tried to fix the race between calling an AMI action callback and
unregistering that action.  Refixes ASTERISK-13784 broken by
ASTERISK-17785 change.

Locking the ao2 object guaranteed that there were no active callbacks that
mattered when ast_manager_unregister() was called.  Unfortunately, this
causes the deadlock situation.  The patch stops locking the ao2 object to
allow multiple threads to invoke the callback re-entrantly.  There is no
way to guarantee a module unload will not crash because of an active
callback.  The code attempts to minimize the chance with the registered
flag and the maximum 5 second delay before ast_manager_unregister()
returns.

The trunk version of the patch changes the API to fix the race condition
correctly to prevent the module code from unloading from memory while an
action callback is active.

* Don't hold the lock while calling the AMI action callback.

(closes issue ASTERISK-19487)
Reported by: Philippe Lindheimer

Review: https://reviewboard.asterisk.org/r/1818/
Review: https://reviewboard.asterisk.org/r/1820/
........

Merged revisions 359979 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359980 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359981 65c4cc65-6c06-0410-ace0-fbb531ad65f3

* Added missing error exits with cause in manager_mutestream().

* Cleaned up manager_mutestream() and func_mute_write().

* Some whitespace and comment cleanup.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359942 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch addresses a bug with chanspy on local channels which roughly 50% of the time
would create a situation where chanspy can latch onto a zombie channel, keeping the zombie
alive forever and causing the channel doing the spying to never be able to hang up.

(closes issue ASTERISK-19493)
Reported by: lvl
Review: https://reviewboard.asterisk.org/r/1819/
........

Merged revisions 359892 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359898 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359905 65c4cc65-6c06-0410-ace0-fbb531ad65f3

* Remove unnnecessary const from const char * const var declaration in the
ast_app_run_macro() and ast_app_run_sub() prototypes.  The second const is
unnecessary.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359904 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The code may be just fine, but it had not received a "ship it!" on
review board yet.



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359857 65c4cc65-6c06-0410-ace0-fbb531ad65f3

from Review: https://reviewboard.asterisk.org/r/1699/
........

Merged revisions 359809 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359810 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359811 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359772 65c4cc65-6c06-0410-ace0-fbb531ad65f3

There exists a remotely exploitable stack buffer overflow in HTTP digest
authentication handling in Asterisk.  The particular method in question
is only utilized by HTTP AMI.  When parsing the digest information, the
length of the string is not checked when it is copied into temporary buffers
allocated on the stack.

This patch fixes this behavior by parsing out pre-defined key/value pairs
and avoiding unnecessary copies to the stack.

(closes issue ASTERISK-19542)
Reported by: Russell Bryant
Tested by: Matt Jordan
........

Merged revisions 359706 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359707 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359708 65c4cc65-6c06-0410-ace0-fbb531ad65f3

* Added 'b' and 'B' options to Dial.  These options will allow you to run
  last-minute dialplan on the caller and callee channels while the Dial
  application is executing, but before the call is started.  For example you
  can use the 'b' option to run dialplan on the callee channel to get the name
  of the newly created channel right away.

Review: https://reviewboard.asterisk.org/r/1229/

(closes issue: ASTERISK-19548)
Reported by: Mark Murawski
Tested by: Mark Murawski, Stefan Schmidt



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359705 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Milliwatt is vulnerable to a remotely exploitable stack overrun when using
the 'o' option.  This occurs due to the milliwatt_generate function not
accounting for AST_FRIENDLY_OFFSET when calculating the maximum number of
samples it can put in the output buffer.

This patch resolves this issue by taking into account AST_FRIENDLY_OFFSET
when determining the maximum number of samples allowed.  Note that at no
point is remote code execution possible.  The data that is written into the
buffer is the pre-defined Milliwatt data, and not custom data.

(closes issue ASTERISK-19541)
Reported by: Russell Bryant
Tested by: Matt Jordan
Patches:
  milliwatt_stack_overrun.rev1.txt by Russell Bryant (license 6283)
  Note that this patch was written by Russell, even though Matt uploaded it
........

Merged revisions 359645 from http://svn.asterisk.org/svn/asterisk/branches/1.6.2
........

Merged revisions 359656 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359694 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359704 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Missed on the previous commit


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359651 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The connected line interception macros do not get executed when the
outgoing channel is initially created and that channel's caller-id is
implicitly imported into the incoming channel's connected line data.  If
you are using the interception macros, you would expect that they get run
for every change to a channel's connected line information outside of
normal dialplan execution.

Review: https://reviewboard.asterisk.org/r/1817/
........

Merged revisions 359609 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359620 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359644 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Review: https://reviewboard.asterisk.org/r/1696/


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359607 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Initialize a struct sockaddr_in in try_transfer() so that the code isn't
(potentially) trying to read from it while uninitialized.
........

Merged revisions 359558 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359559 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359560 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Avoid potential use of idroster in gtalk_alloc() before it has been
initialized.
........

Merged revisions 359508 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359509 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359510 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Ensure that status is set before it is used by resetting it during each loop
iteration.  This could have resulted in incorrect results from this app.
........

Merged revisions 359486 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359491 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359495 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Scan results indicated that this array could be used uninitialized.  At a quick
look, it looks correct.  In any case, initializing it is a Good Thing (tm).
........

Merged revisions 359457 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359458 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359459 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch ensures that the struct defined by AST_DECLARE_APP_ARGS() is always
fully initialized.  I'm not sure if this fixes any real bugs, but it silences
a bunch of warnings from coverity, and is generally a good thing to do anyway.
........

Merged revisions 359452 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359454 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359456 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Calling ast_indicate()/ast_indicate_data() with the channel lock held can
result in a deadlock with a local channel because of how local channels
need to avoid deadlock.
........

Merged revisions 359451 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359453 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359455 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch adds unit tests for main/jitterbuf.c.  This includes checking for
the following:
  * Nominal insertion and retrieval of frames
  * Insertion and retrieval of frames where the frames are inserted out of
    order with respect to the previous frame
  * Insertion and retrieval of frames where some number of frames that would
    occur in the expected sequence are instead dropped
  * Insertion and retrieval of frames with an arrival time that does not occur
    at the same rate as the surrounding frames
  * Resynchronization of the jitter buffer when an inserted frame breaks the
    resynchronization threshold
  * Overfilling of the jitter buffer

For each of the tests, both JB_TYPE_VOICE and JB_TYPE_CONTROL permutations
exist.

Review: https://reviewboard.asterisk.org/r/1815

(issue: ASTERISK-18964)
Reported by: Kris Shaw
Tested by: Kris Shaw, Matt Jordan



git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359406 65c4cc65-6c06-0410-ace0-fbb531ad65f3

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359360 65c4cc65-6c06-0410-ace0-fbb531ad65f3

When a change in time occurs, such that the timestamps associated with frames
being placed into an adaptive jitter buffer (implemented in jitterbuf.c)
are significantly different then the previously inserted frames, the jitter
buffer checks to see if it needs to be resynched to the new time frame.  If
three consecutive packets break the threshold, the jitter buffer resynchs
itself to the new timestamps.  This currently only occurs when history is
calculated, and hence only on JB_TYPE_VOICE frames.

JB_TYPE_CONTROL frames, on the other hand, are never passed to the history
calculations.  Because of this, if the jump in time is greater then the
maximum allowed length of the jitter buffer, the JB_TYPE_CONTROL frames are
dropped and no resynchronization occurs.  Alterntively, if the overfill
logic is not triggered, the JB_TYPE_CONTROL frame will be placed into the
buffer, but with a time reference that is not applicable.  Subsequent
JB_TYPE_VOICE frames will quickly trigger the overflow logic until reads
from the jitter buffer reach the errant JB_TYPE_CONTROL frame.

This patch allows JB_TYPE_CONTROL frames to resynch the jitter buffer.  As
JB_TYPE_CONTROL frames are unlikely to occur in multiples, it perform the
resynchronization on any JB_TYPE_CONTROL frame that breaks the resynch
threshold.

Note that this only impacts chan_iax2, as other consumers of the adaptive
jitter buffer use the abstract jitter buffer API, which does not use
JB_TYPE_CONTROL frames.

Review: https://reviewboard.asterisk.org/r/1814/

(closes issue ASTERISK-18964)
Reported by: Kris Shaw
Tested by: Kris Shaw, Matt Jordan
Patches:
  jitterbuffer-2012-2-26.diff uploaded by Kris Shaw (license 5722)
........

Merged revisions 359356 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359358 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359359 65c4cc65-6c06-0410-ace0-fbb531ad65f3

When connected line support was added, the wait_for_answer() variable
single changed its meaning slightly.  Unfortunately, the places where
single was used did not necessarily get updated to reflect that change.
Also audio/video frames were sent to all forked calls when the endpoints
were never made compatible.

* Don't pass audio/video media frames when the channels have not been made
compatible.

* Added handling of AST_CONTROL_SRCCHANGE to app_dial.c.

* Fixed app_dial.c passing on AST_CONTROL_HOLD because that frame can also
pass a requested MOH class.

(closes issue ASTERISK-16901)
Reported by: Chris Gentle

(closes issue ASTERISK-17541)
Reported by: clint

Review: https://reviewboard.asterisk.org/r/1805/
........

Merged revisions 359344 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359355 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359357 65c4cc65-6c06-0410-ace0-fbb531ad65f3

In r357272, astobj2 was changed to automatically enable REF_DEBUG when the
TEST_FRAMEWORK flag was enabled.  Unfortunately, some compilers (gcc 4.5.1
at least) will attempt to inline ao2_iterator_destroy in handle_astobj2_test.
This by itself is not a problem; unfortunately, the compiler believes that
there is a code path wherein an object allocated on the stack will be
free'd.  As warnings are treated as errors, this prevents compilation of
astobj2.

This patch works around that by adding the noinline attribue to
ao2_iterator_destroy, but only if the TEST_FRAMEWORK flag is enabled.
Preventing inlining is only needed for the test method defined in astobj2,
which is also only enabled if TEST_FRAMEWORK is enabled.

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359306 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch updates the NUMLOGLEVELS define in logger.h to 32, to match the fact
that logger.c implements 32 log levels (because of the custom log level stuff).
asterisk.c uses this define to size an array of levels per remote console.

This array is modified in ast_console_toggle_loglevel(), which is called by the
"logger set level" CLI command.  While the documentation for the CLI command
doesn't make it terribly obvious, you can use this CLI command to toggle a
custom log level on a remote console, as well.  However, doing so led to an
invalid array index in asterisk.c.

This array is read from any time a log message is written to a console.  So, 
all custom log level messages resulted in a bogus read if a remote console
was connected.
........

Merged revisions 359259 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359260 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359261 65c4cc65-6c06-0410-ace0-fbb531ad65f3

These few places in the code used sizeof() on h_addr in struct hostent.
This is sizeof(char *).  The correct way to get the size of this address is to
use h_length.  This error would result in reads/writes of 8 bytes instead of 4
on 64-bit machines.
........

Merged revisions 359211 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359212 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359213 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This code just needed sizeof(int), not sizeof(int *).
........

Merged revisions 359157 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359162 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359166 65c4cc65-6c06-0410-ace0-fbb531ad65f3

........

Merged revisions 359116 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359117 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359118 65c4cc65-6c06-0410-ace0-fbb531ad65f3

In this case, just remove the memset().  There was a redundant memset that is
done correctly just 2 lines later.
........

Merged revisions 359110 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359114 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359115 65c4cc65-6c06-0410-ace0-fbb531ad65f3

........

Merged revisions 359088 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359091 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359095 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This didn't actually result in a bug anywhere, luckily.  The only place
where the result of these memcpys was used is in app_dial, and the only
field that it read out of ast_call_feature was the first one, which is an
int, so these memcpys always copied just enough to avoid a problem.
........

Merged revisions 359069 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359072 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359075 65c4cc65-6c06-0410-ace0-fbb531ad65f3

........

Merged revisions 359059 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359060 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359061 65c4cc65-6c06-0410-ace0-fbb531ad65f3

's' is set to 'workspace'.  Make sure 'workspace' doesn't go out of scope while
the reference to it via 's' is still used.
........

Merged revisions 359056 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359057 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359058 65c4cc65-6c06-0410-ace0-fbb531ad65f3

........
Dump cache of published events when a node joins the cluster.

Also use a more reliable method for stopping the poll() thread.
........

Merged revisions 359053 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359055 65c4cc65-6c06-0410-ace0-fbb531ad65f3

These modules are being maintained outside of the tree and have been for a long
time now, so it doesn't make sense to keep them here.

Review: https://reviewboard.asterisk.org/r/1764/
........

Merged revisions 359050 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 359051 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359052 65c4cc65-6c06-0410-ace0-fbb531ad65f3

...again.


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@359011 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Added new chan_dahdi.conf colp_send option parameter to block connected
line updates per span.

(closes issue ASTERISK-17025)
Reported by: Michael Smith


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358997 65c4cc65-6c06-0410-ace0-fbb531ad65f3

A previous CDR fix for setting CDR variables during a bridge via
custom dialplan features broke setting CDR variables in the
hangup extension. This patch fixes the issue.

Review: https://reviewboard.asterisk.org/r/1794/
........

Merged revisions 358978 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 358989 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358993 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch drastically simplifies the device state aggegation code.
The old method was not only overly complex, but also made it impossible
to return AST_DEVICE_INVALID from the aggregation code. The unit test
update is as a result of fixing that bug.

The SIP change stems from a bug introduced by removing a DNS lookup
for hostname-based SIP channels.

(closes issue ASTERISK-16702)
Review: https://reviewboard.asterisk.org/r/1808/
........

Merged revisions 358943 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 358944 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@358945 65c4cc65-6c06-0410-ace0-fbb531ad65f3