The bridge_native_rtp module adds a frame hook to channels which are in
a native RTP bridge. This frame hook is used to intercept when a hold
or unhold frame traverses the bridge so native RTP can be stopped or
started as appropriate. This is expected but exposes a specific bug
when attended transfers are involved.

Upon completion of an attended transfer an unhold frame is queued up
to take one of the channels involved off hold. After this is done
the channel is moved between bridges.

When the frame hook is involved in this case for the unhold it
releases the channel lock and acquires the bridge lock. This
allows the bridge core to step in and move the channel
(potentially changing the bridging techology) from another thread.
Once completed the bridge lock is released by the bridge core.
The frame hook is then able to acquire the bridge lock and
wrongfully starts native RTP again, despite the channel no longer
being in the bridge or needing to start native RTP. In fact at
this point the frame hook is no longer attached to the channel.

This change makes it so the native RTP bridge data is available to
the frame hook when it is invoked. Whether the frame hook has
been detached or not is stored on the native RTP bridge data and
is checked by the frame hook before starting or stopping native
RTP bridging. If the frame hook has been detached it does nothing.

ASTERISK-25240 #close

Change-Id: I13a73186a05f4e5a764f81e5cd0ccec1ed1891d2

This change fixes a bug where the DTLS timeout timer would be
initialized to 0 if DTLS was not used for an RTP session.

ASTERISK-25103

Change-Id: If8d26bb054f1d300838850da5b8db9044c2fe2ac

Prior to this patch, the DNS core present in master had no default system-level
resolver implementation. Therefore, it was not possible for the DNS core to
perform resolutions unless the libunbound library was installed and the
res_resolver_unbound module was loaded.

This patch introduces a system-level DNS resolver implementation that will
register itself with the lowest consideration priority available (to ensure
that it is to be used only as a last resort). The resolver relies on low-level
DNS search functions to perform a rudimentary DNS search based on a provided
query and then supplies the search results to the DNS core.

ASTERISK-25146 #close
Reported By: Joshua Colp

Change-Id: I3b36ea17b889a98df4f8d80d50bb7ee175afa077

* changes:
  res_pjsip_mwi.c: Eliminate a simple RAII_VAR.
  res_pjsip_mwi.c: Fix mid-line log message line breaks.

This change moves logic for setting up the DTLS SSL contexts to
when the SDP is done being processed instead of when ICE negotiation
completes. It also stops handshakes from being initiated when we
are acting as a server.

Manipulating the SSL context when ICE negotiation has completed
is problematic as the SSL context is not protected and if acting
as a client the remote side may have started DTLS negotiation
already.

The retransmission timeout timer code has also been split up
and simplified some. Both RTP and RTCP now have their own timers
and the points at which the timer is stopped and started is now
more specific. When a packet is sent the timer is started. When
a response is received but before it is processed the timer is
stopped. This provides a guarantee that the timeout is not
occurring while the response is processed.

ASTERISK-22805 #close
ASTERISK-24550 #close
ASTERISK-24651 #close
ASTERISK-24832 #close
ASTERISK-25103 #close
ASTERISK-25127 #close

Change-Id: Ib75ea2546f29d6efc3d2d37c58df6986c7bd9b91

MWI subscriptions can crash or corrupt memory when using the subscription
datastore to access the MWI subscription object because the datastore is
not holding a reference to the object.

* Give the subscription datastore a ref to the MWI subscription object.
It is unfortunate that the ref causes a circular ref chain that must be
explicitly broken to allow the memory to get released.  The loop is broken
when the subscription is shutdown and if the subscription setup fails.

ASTERISK-25168 #close
Reported by: Carl Fortin

Change-Id: Ice4fa823f138ff10a6c74d280699c41a82836d4f

When res_pjsip body generator modules were generating XML or XPIDF
response bodies, there was a chance that the generated body would be the
exact size of the supplied buffer.  Adding the nul string terminator would
then write beyond the end of the buffer and potentially corrupt memory.

* Fix MALLOC_DEBUG high fence violations caused by adding a nul string
terminator on the end of a buffer for XML or XPIDF response bodies.

* Made calls to pj_xml_print() safer if the XML prolog is requested.  Due
to a bug in pjproject, the return value could be -1 _or_
AST_PJSIP_XML_PROLOG_LEN if the supplied buffer is not large enough.

* Updated the doxygen comment of AST_PJSIP_XML_PROLOG_LEN to describe the
return value of pj_xml_print() when the supplied buffer is not large
enough.

ASTERISK-25168
Reported by: Carl Fortin

Change-Id: Id70e1d373a6a2b2bd9e678b5cbc5e55b308981de

When a caller calls a FAX number and then hangs up right after the call is
answered then the T.38 re-INVITE automatic reject timer may still be
running after the channel goes away.

* Added session NULL channel checks on the code paths that get executed by
t38_automatic_reject() to prevent a crash when the T.38 re-INVITE
automatic reject timer expires.

ASTERISK-25168
Reported by: Carl Fortin

Change-Id: I07b6cd23815aedce5044f8f32543779e2f7a2403

Change-Id: I6f39d809a6d1b47b35bb32b298f5a12f35d6f907

Change-Id: Ib1843f81e826a6c760c424c88eb70c350d9d61da

* Add create_mwi_subscriptions_for_endpoint() doxygen comment.

Change-Id: I3c3f921f4ec749fb65b62d2f6fa0d4d1888b94e2

Calling t38_change_state() sets the t38 state so it makes little sense to
then check the state right after the call for something else.

* Made the code in t38_interpret_parameters() reject or exit T.38 mode as
intended but not implemented.

Change-Id: Ib281263a6ed44da9448132c4e6df1e183b8a3df2

Previously Asterisk did not properly failover to the next resolved DNS
address when a endpoint could not be reached. With this patch, and while
using res_pjsip, SIP requests (both in/out of dialog) now attempt to use
the next address in the list of resolved addresses until a proper response
is received or no more addresses are left.

ASTERISK-25076 #close
Reported by: Joshua Colp

Change-Id: Ief14f4ebd82474881f72f4538f4577f30af2a764

In Jenkins there is currently a sporadic test failure of a
variable number of sorcery memory cache unit tests. I have not
been able to reproduce this on the build agents themselves or
on my development machine.

My working theory is that the stale unit test is causing a
sorcery instance to persist longer than expected, causing subsequent
tests to fail when setting up and initializing the next
sorcery instance.

To see if this is the case this change moves the stale unit test
to execute last so no subsequent unit tests can have issues
initializing their sorcery instance.

Change-Id: Ifd6550a949613be774b75fa5db12c02110f82c4a

This change makes it so that when accepting a WebSocket
connection the HTTP response is sent as one packet instead of
fragmented. Browsers don't like it when you send it fragmented.

ASTERISK-25103

Change-Id: I9b82c4ec2949b0bce692ad0bf6f7cea9709e7f69

This patch updates a variety of Makefiles in Asterisk's build system to
remove .gcda and .gcno files when 'make clean' is executed. These files
are generated when '--enable-coverage' is passed to the Asterisk
configure script.

Change-Id: Ib70b41eea2ee2908885bff02e80faf9f40c84602

When handle_invite_replaces() was called, and either ast_bridge_impart()
failed or there was no bridge (because the channel we're picking up was
still ringing), chan_sip would leak a channel.

Thanks Matt and Corey for checking the bridge path.

ASTERISK-25226 #close

Change-Id: Ie736bb182170a73eef5bcef0ab0376f645c260c8

When a mapping does not exist between a sorcery.conf defined object and
a realtime mapping in extconf, currently, the user will receive a slew
of ERROR messages that don't really tell what is happening. Some ERROR
messages may even be misleading, as they occur after the sorcery API has
already given up on the attempt to load and create the sorcery object.

This patch adds a bit of debug and a useful WARNING message for when a
wizard's open callback fails for a particular object type. In the bad
configurations that resulted in this patch, this provided a 'root cause'
WARNING message that pointed in the right direction of the configuration
problem.

Change-Id: I1cc7344f2b015b8b9c85a7e6ebc8cb4753a8f80b

The recurring unit test expects the user data on a DNS query
created as a result of a recurring DNS query to be the recurring
structure itself. This is true, mostly. When invoking the user
provided callback this user data is changed to the user provided
data. This presents a race condition where the data may or may
not point to the recurring data.

This change simplifies the callback of the user provided callback
by creating a new query and populating it with the expected values.
This leaves the recurring DNS query alone and fixes the race
condition. This is more in line with how the API should be used
overall.

ASTERISK-25222 #close

Change-Id: I10fb6deec025dff097157e7ec17e6e4921778478

ASTERISK-25220 #close

Change-Id: Ic48f3a82f51ada87f2fb0e016c9efe0ad56f1ee3

When running valgrind on Asterisk, it complained about:

    ==32423== Source and destination overlap in memcpy(0x85a920, 0x85a920, 304)
    ==32423==    at 0x4C2F71C: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/...)
    ==32423==    by 0x55BA91: ast_rtp_engine_unload_format (rtp_engine.c:2292)
    ==32423==    by 0x4EEFB7: ast_format_attr_unreg_interface (format.c:1437)

The code in question is a struct assignment, which may be performed by
memcpy as a compiler optimization. It is changed to only copy the struct
contents if source and destination are different.

ASTERISK-25219 #close

Change-Id: I6d3546c326b03378ca8e9b8cefd41c16e0088b9a

If DEBUG_FD_LEAKS was used and more file descriptors than the default of
1024 were available, some DEBUG_FD_LEAKS-patched functions would
overwrite memory past the fixed-size (1024) fdleaks buffer.

This change:
- adds bounds checks to __ast_fdleak_fopen and __ast_fdleak_pipe
- consistently uses ARRAY_LEN() instead of sizeof() or 1023 or 1024
- stores pointers to constants instead of copying the contents
- reorders the fdleaks struct for possibly tighter packing
- adds a tiny bit of documentation

ASTERISK-25212 #close

Change-Id: Iacb69e7701c0f0a113786bd946cea5b6335a85e5

This fixes so a failure to get a timer file descriptor does not cascade
to closing FD 0.

On error, both res_timing_kqueue and res_timing_timerfd would call the
destructor before setting the file handle. The file handle had been
initialized to 0, causing FD 0 to be closed. This in turn, resulted in
floods of "CLI>" messages and an unusable terminal.

ASTERISK-19277 #close
Reported by: Barry Chern

For the master branch, this was already fixed. This patch only ensures
that we do not attempt to close a negative file descriptor.

Change-Id: I147d7e33726c6e5a2751928d56561494f5800350

Change-Id: I0ec7fd10d56d90d5a60b12b5a7d6807f265ac5e0