ASTERISK-24434 #close

Change-Id: I0144e8d65d878128da59dcf3df12ca8cee47d6db

minargs enables enforcing of minimum count of arguments to pass to
func_odbc, so if you're unconditionally using ARG1 through ARG4 then
this should be set to 4.  func_odbc will generate an error in this case,
so for example

[FOO]
minargs = 4

and ODBC_FOO(a,b,c) in dialplan will now error out instead of using a
potentially leaked ARG4 from Gosub().

ARGC is needed if you're using optional argument, to verify whether or
not an argument has been passed, else it's possible to use a leaked ARGn
from Gosub (app_stack).  So now you can safely do
${IF($[${ARGC}>3]?${ARGV}:default value)} kind of thing.

Change-Id: I6ca0b137d90b03f6aa9c496991f6cbf1518f6c24
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

ASTERISK-29244

Change-Id: I1862d58264c2c8b5d8983272cb29734b184d67c5

Add option "srtpreplayprotection" rtp.conf to enable srtp
replay protection.

ASTERISK-29260
Reported by: Alexander Traud

Change-Id: I5cd346e3c6b6812039d1901aa4b7be688173b458

If there's no secret specified for an iax2 peer and there's no secret
specified in the dial string, Asterisk will crash if the auth method
requested by the peer is MD5 or plaintext.  You also couldn't specify
a default auth method in the [general] section of iax.conf so if you
don't have static peers defined and just use the dial string, Asterisk
will still crash even if you have a secret specified in the dial string.

* Added logic to iax2_call() and authenticate_reply() to print
  a warning and hanhup the call if encryption is requested and
  there's no secret or auth method.  This prevents the crash.

* Added the ability to specify a default "auth" in the [general]
  section of iax.conf.

ASTERISK-29624
Reported by: N A

Change-Id: I5928e16137581f7d383fcc7fa04ad96c919e6254

As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.

I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).

This commit just makes the cache directory configurable, and changes
the default location from /tmp to /var/cache/asterisk.

ASTERISK-29143

Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d

Change-Id: I79cc693cd5a6e5dd7d403b7e91d970ff1ddf8306

Currently any response from res_curl where we get an answer from the
web server, regardless of what the response is (404, 403 etc.) Asterisk
currently treats it as a success. This patch allows you to set which
codes should be considered as a failure by Asterisk. If say we set
failurecodes=404,403 then when using curl in realtime if a server gives
a 404 error Asterisk will try to failover to the next option set in
extconfig.conf

ASTERISK-28825

Reported by: Dovid Bender
Code by: Gobinda Paul

Change-Id: I94443e508343e0a3e535e51ea6e0562767639987

ASTERISK-29136 #close

Change-Id: I3186536d65a50014c8da4780c9224919caa81440

Add missing comment mark from stock configuration.

ASTERISK-29123 #close

Change-Id: I4f94eb4544166bca8af4c17fd11edee3c6980620

This changes the outgoing offer call preference
default option to match the behavior of previous
versions of Asterisk.

The additional advanced codec negotiation options
have also been removed from the sample configuration
and marked as reserved for future functionality in
XML documentation.

The codec preference options have also been fixed to
enforce local codec configuration.

ASTERISK-29109

Change-Id: Iad19347bd5f3d89900c15ecddfebf5e20950a1c2

app_confbridge now has the ability to set the estimated bitrate on an
SFU bridge.  To use it, set a bridge profile's remb_behavior to "force"
and set remb_estimated_bitrate to a rate in bits per second.  The
remb_estimated_bitrate parameter is ignored if remb_behavior is something
other than "force".

Change-Id: Idce6464ff014a37ea3b82944452e56cc4d75ab0a

Change-Id: I41e77a04e4a523f4ed61a7a20b738ffd42be441e

Since ASTERISK_27978 the default is not off but 90 seconds. That change
happened because ASTERISK_27347 disabled the keep-alives in the bundled
PJProject and Asterisk should behave the same as before.

Change-Id: Ie63dc558ade6a5a2b969c30a4bd492d63730dc46

Added a new log formatter called "plain" that always prints
file, function and line number if available (even for verbose
messages) and never prints color control characters.  It also
doesn't apply any special formatting for verbose messages.
Most suitable for file output but can be used for other channels
as well.

You use it in logger.conf like so:
debug => [plain]debug
console => [plain]error,warning,debug,notice,pjsip_history
messages => [plain]warning,error,verbose

Change-Id: I4fdfe4089f66ce2f9cb29f3005522090dbb5243d

This change renames the codec preference endpoint options.
incoming_offer_codec_prefs becomes codec_prefs_incoming_offer
to keep the options together when showing an endpoint.

Change-Id: I6202965b4723777f22a83afcbbafcdafb1d11c8d

Added a new configuration option for PJSIP endpoints - stir_shaken. If
set to yes, then STIR/SHAKEN support will be added to inbound and
outbound INVITEs. The default is no. Alembic has been updated to include
this option.

Previously the dialplan function was not trimming the whitespace from
the parameters it recieved. Now it does.

Also added a conditional that, when TEST_FRAMEWORK is enabled, the
timestamp in the identity header will be overlooked. This is just for
testing, since the testsuite will rely on a SIPp scenario with a preset
identity header to trigger the MISMATCH result.

Change-Id: I43d67f1489b8c1c5729ed3ca8d71e35ddf438df1

If your queues.conf had _no_ [general] section, they would default to
'yes'. Now, they always default to 'no'.

(Actually, commit ed615afb already
partially fixed it for shared_lastcall.)

ASTERISK-28951

Change-Id: Ic39d8a0202906bc454194368bbfbae62990fe5f6

This commit adds the endpoint options required to control
Advanced Codec Negotiation.

incoming_offer_codec_prefs
outgoing_offer_codec_prefs
incoming_answer_codec_prefs
outgoing_answer_codec_prefs

The documentation may need tweaking and some additional edits
added, especially for the "answer" prefs.  That'll be handled
when things finalize.

This commit is safe to merge as it doens't alter any existing
functionality nor does it alter the previous codec negotiation
work which may now be obsolete.

Change-Id: I920ba925d7dd36430dfd2ebd9d82d23f123d0e11

Currently when the pjsip making an outgoing request, it keep adding the
rport parameter in a request message as a default.

This causes unexpected rport handle at the other end.

Added option for disable this behaviour in the pjsip.conf.

This is a system option, but working as a gloabl option.

ASTERISK-28959

Change-Id: I9596675e52a742774738b5aad5d1fec32f477abc

Integrated STIR/SHAKEN support with outgoing INVITEs. When an INVITE is
sent, the caller ID will be checked to see if there is a certificate
that corresponds to it. If so, that information will be retrieved and an
Identity header will be added to the SIP message. The format is:

header.payload.signature;info=<public_key_url>alg=ES256;ppt=shaken

Header, payload, and signature are all BASE64 encoded. The public key
URL is retrieved from the certificate. Currently the algorithm and ppt
are ES256 and shaken, respectively. This message is signed and can be
used for verification on the receiving end.

Two new configuration options have been added to the certificate object:
attestation and origid. The attestation is required and must be A, B, or
C. origid is the origination identifier.

A new utility function has been added as well that takes a string,
allocates space, BASE64 encodes it, then returns it, eliminating the
need to calculate the size yourself.

Change-Id: I1f84d6a5839cb2ed152ef4255b380cfc2de662b4

What's wrong with ast_debug?

  ast_debug is fine for general purpose debug output but it's not
  really geared for scope tracing since it doesn't present its
  output in a way that makes capturing and analyzing flow through
  Asterisk easy.

How is scope tracing better?

  Scope tracing uses the same "cleanup" attribute that RAII_VAR
  uses to print messages to a separate "trace" log level.  Even
  better, the messages are indented and unindented based on a
  thread-local call depth counter.  When output to a separate log
  file, the output is uncluttered and easy to follow.

  Here's an example of the output. The leading timestamps and
  thread ids are removed and the output cut off at 68 columns for
  commit message restrictions but you get the idea.

--> res_pjsip_session.c:3680 handle_incoming PJSIP/1173-00000001
	--> res_pjsip_session.c:3661 handle_incoming_response PJSIP/1173
		--> res_pjsip_session.c:3669 handle_incoming_response PJSIP/
			--> chan_pjsip.c:3265 chan_pjsip_incoming_response_after
				--> chan_pjsip.c:3194 chan_pjsip_incoming_response P
					    chan_pjsip.c:3245 chan_pjsip_incoming_respon
				<-- chan_pjsip.c:3194 chan_pjsip_incoming_response P
			<-- chan_pjsip.c:3265 chan_pjsip_incoming_response_after
		<-- res_pjsip_session.c:3669 handle_incoming_response PJSIP/
	<-- res_pjsip_session.c:3661 handle_incoming_response PJSIP/1173
<-- res_pjsip_session.c:3680 handle_incoming PJSIP/1173-00000001

  The messages with the "-->" or "<--" were produced by including
  the following at the top of each function:

  SCOPE_TRACE(1, "%s\n", ast_sip_session_get_name(session));

  Scope isn't limited to functions any more than RAII_VAR is.  You
  can also see entry and exit from "if", "for", "while", etc blocks.

  There is also an ast_trace() macro that doesn't track entry or
  exit but simply outputs a message to the trace log using the
  current indent level.  The deepest message in the sample
  (chan_pjsip.c:3245) was used to indicate which "case" in a
  "select" was executed.

How do you use it?

  More documentation is available in logger.h but here's an overview:

  * Configure with --enable-dev-mode.  Like debug, scope tracing
    is #ifdef'd out if devmode isn't enabled.

  * Add a SCOPE_TRACE() call to the top of your function.

  * Set a logger channel in logger.conf to output the "trace" level.

  * Use the CLI (or cli.conf) to set a trace level similar to setting
    debug level... CLI> core set trace 2 res_pjsip.so

Summary Of Changes:

  * Added LOG_TRACE logger level.  Actually it occupies the slot
    formerly occupied by the now defunct "event" level.

  * Added core asterisk option "trace" similar to debug.  Includes
	ability to specify global trace level in asterisk.conf and CLI
	commands to turn on/off and set levels.  Levels can be set
	globally (probably not a good idea), or by module/source file.

  * Updated sample asterisk.conf and logger.conf.  Tracing is
    disabled by default in both.

  * Added __ast_trace() to logger.c which keeps track of the indent
    level using TLS. It's #ifdef'd out if devmode isn't enabled.

  * Added ast_trace() and SCOPE_TRACE() macros to logger.h.
    These are all #ifdef'd out if devmode isn't enabled.

Why not use gcc's -finstrument-functions capability?

  gcc's facility doesn't allow access to local data and doesn't
  operate on non-function scopes.

Known Issues:

  The only know issue is that we currently don't know the line
  number where the scope exited.  It's reported as the same place
  the scope was entered.  There's probably a way to get around it
  but it might involve looking at the stack and doing an 'addr2line'
  to get the line number.  Kind of like ast_backtrace() does.
  Not sure if it's worth it.

Change-Id: Ic5ebb859883f9c10a08c5630802de33500cad027

Adds the "STIR_SHAKEN" dialplan function and an API call to add a
STIR_SHAKEN verification result to a channel. This information will be
held in a datastore on the channel that can later be queried through the
"STIR_SHAKEN" dialplan funtion to get information on STIR_SHAKEN results
including identity, attestation, and verify_result. Here are some
examples:

STIR_SHAKEN(count)
STIR_SHAKEN(0, identity)
STIR_SHAKEN(1, attestation)
STIR_SHAKEN(2, verify_result)

Getting the count can be used to iterate through the results and pull
information by specifying the index and the field you want to retrieve.

Change-Id: Ice6d52a3a7d6e4607c9c35b28a1f7c25f5284a82

When in a conference bridge it may be necessary to have
text messages disabled for specific participants or for
all. This change adds a configuration option, "text_messaging",
which can be used to enable or disable this on the
user profile. By default existing behavior is preserved
as it defaults to "yes".

ASTERISK-28841

Change-Id: I30b5d9ae6f4803881d1ed9300590d405e392bc13

Based on this new endpoint setting, a joint list of preferred codecs
between those received from the Asterisk core (remote), and those
specified in the endpoint's "allow" parameter (local) is created and
is used to create the outgoing SDP offer.

* Add outgoing_call_offer_pref to pjsip_configuration (endpoint)

* Add "call_direction" to res_pjsip_session.

* Update pjsip_session_caps.c to make the functions more generic
  so they could be used for both incoming and outgoing.

* Update ast_sip_session_create_outgoing to create the
  pending_media_state->topology with the results of
  ast_sip_session_create_joint_call_stream().

* The endpoint "preferred_codec_only" option now automatically sets
  AST_SIP_CALL_CODEC_PREF_FIRST in incoming_call_offer_pref.

* A helper function ast_stream_get_format_count() was added to
  streams to return the current count of formats.

ASTERISK-28777

Change-Id: Id4ec0b4a906c2ae5885bf947f101c59059935437

A pure blacklist is not good enough, we need a whitelist mechanism as
well, and the simplest way to do that is to re-use existing ACL
infrastructure.

This makes it simpler to blacklist say an entire block (/24) except a
smaller block (eg, a /29 or even a /32).  Normally you'd need to
recursively split the block, so if you want to blacklist a /24 except
for a /29 you'd end up with a blacklit for a /25, /26, /27 and /28.  I
feel that having an ACL instead of a blacklist only is clearer.

Change-Id: Id57a8df51fcfd3bd85ea67c489c85c6c3ecd7b30
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

ASTERISK-20325 #close

Change-Id: I06cb9b467b0fd06c8af2a5aee049f872c09cc4b6

These tones come from http://www.itu.int/ITU-T/inr/forms/files/tones-0203.pdf

ASTERISK-23407

Change-Id: I48e2285f1e5bb29b3335f762006f66c423d0fcb8

Add a new option, incoming_call_offer_pref, to res_pjsip endpoints that
specifies the preferred order of codecs after receiving an offer.

This patch does the following:

  Adds a new enumeration, ast_sip_call_codec_pref, used by the the new
configuration option that's added to the endpoint media structure.

  Adds a new ast_sip_session_caps structure that's set for each session media
object.

  Creates a new file, res_pjsip_session_caps that "implements" the new
structure and option, and is compiled into the res_pjsip_session library.

ASTERISK-28756 #close

Change-Id: I35e7a2a0c236cfb6bd9cdf89539f57a1ffefc76f

In order to reduce the amount of AMI and ARI events generated,
the global "Message/ast_msg_queue" channel can be set to suppress
it's normal channel housekeeping events such as "Newexten",
"VarSet", etc. This can greatly reduce load on the manager
and ARI applications when the Digium Phone Module for Asterisk
is in use.  To enable, set "hide_messaging_ami_events" in
asterisk.conf to "yes"  In Asterisk versions <18, the default
is "no" preserving existing behavior.  Beginning with
Asterisk 18, the option will default to "yes".

NOTE:  This change does not affect UserEvents or the ARI
TextMessageReceived events.

* Added the "hide_messaging_ami_events" option to asterisk.conf.

* Changed message.c to set the AST_CHAN_TP_INTERNAL property on
  the "Message/ast_msg_queue" channel if the option is set in
  asterisk.conf.  This suppresses the reporting of the events.

Change-Id: Ia2e3516d43f4e0df994fc6598565d6bba2d7018b

It said "restrict [...] which peers should be able to pass [audio]
to each other".

However, these settings are not global (for which you would expect
signaling IPs to be checked). These settings are available per peer
only, and the IPs being checked, are the RTP IPs.

Change-Id: I2a6c6cd7c2f5f30d1df4844e3e0308a077021660

Add a new configuration option 'enable_status' which allows the
/httpstatus URI handler to be administratively disabled.

We also no longer unconditionally register the /static and /httpstatus
URI handlers, but instead do it based upon configuration.

Behavior change: If enable_static was turned off, the URI handler was
still installed but returned a 403 when it was accessed. Because we
now register/unregister the URI handlers as appropriate, if the
/static URI is disabled we will return a 404 instead.

Additionally:

* Change 'enablestatic' to 'enable_static' but keep the former for
  backwards compatibility.
* Improve some internal variable names

ASTERISK-28710 #close

Change-Id: I647510f796473793b1d3ce1beb32659813be69e1

Change-Id: Ia05aab1f579597963d2ea23920d2210cfcb97c84

Adds source port matching support when IP matching is used:

  [example]
  type = identify
  match = 1.2.3.4:5060/32, 1.2.3.4:6000/32, asterisk.org:4444

If the IP matches but the source port does not, we reject and search for
alternatives. SRV lookups are still performed if enabled (srv_lookups = yes),
unless the configured FQDN includes a port number in which case just a host
lookup is performed.

ASTERISK-28639 #close
Reported by: Mitch Claborn

Change-Id: I256d5bd5d478b95f526e2f80ace31b690eebba92

ConfBridge has the ability to move between different sample
rates for mixing the conference bridge. Up until now there has
only been the ability to set the conference bridge to mix at
a specific sample rate, or to let it move between sample rates
as necessary. This change adds the ability to configure a
conference bridge with a maximum sample rate so it can move
between sample rates but only up to the configured maximum.

ASTERISK-28658

Change-Id: Idff80896ccfb8a58a816e4ce9ac4ebde785963ee

Original commit: cfbf5fbe

Change-Id: I34a841d73c429ca8d944481f8dccb756ee231c9c

Allow the list of files to be played to be provided explicitly in the
music class's configuration. The primary driver for this change is to
allow URLs to be used for MoH.

Change-Id: I9f43b80b43880980b18b2bee26ec09429d0b92fa

Changes made to apps/Makefile to optionally build all three app_voicemail
variations at the same time: 1) file (default), 2) odbc, and 3) imap.
This functionality was requested by users. modules.conf.sample warns the
user to make sure only one voicemail is loaded at a time.

Change-Id: Iba3cd8ffb4b7e8b1c64a11dd383e1eafcd3ed0e7

This change adds support for larger TLS certificates by allowing
OpenSSL to fragment the DTLS packets according to the configured
MTU. By default this is set to 1200.

This is accomplished by implementing our own BIO method that
supports MTU querying. The configured MTU is returned to OpenSSL
which fragments the packet accordingly. When a packet is to be
sent it is done directly out the RTP instance.

ASTERISK-28018

Change-Id: If2d5032019a28ffd48f43e9e93ed71dbdbf39c06

ASTERISK-28234
Reported-by: Kirsty Tyerman

Change-Id: I5d6e6b52dbe51415046bb3953fd16f5b421bc2e1