Skip to content
Snippets Groups Projects
Select Git revision
  • dev_fxs_no_wb
  • fix_transport_fallback_at_dns_failure
  • 16302-renew-registration
  • asterisk_rdkb
  • 14600-wenpeng
  • fix_fallback
  • 14666_fxs_no_wideband_codec
  • fix_srv_records
  • wenpeng-test-250121
  • wenpeng-registration-test
  • fix_deadlock_in_bridge_peer_functions
  • devel default protected
  • securesip_pjproject_part1
  • PJ_Example_Review
  • fix_re_register_authorization_header
  • fix_internal_calls_auth
  • fix_internal_calls
  • Secure_SIPtelephony_part1
  • SIPtelephony_DECT_syslog
  • syslog_develop_phase1
  • 22.0.0-pre1
  • 21.4.2
  • 20.9.2
  • 18.24.2
  • certified-20.7-cert2
  • certified-18.9-cert11
  • 21.4.1
  • 20.9.1
  • 18.24.1
  • 21.4.0
  • 20.9.0
  • 18.24.0
  • certified-20.7-cert1
  • certified-18.9-cert10
  • 21.4.0-rc1
  • 20.9.0-rc1
  • 18.24.0-rc1
  • 21.3.1
  • 20.8.1
  • 18.23.1
40 results
Search by author
  • Any Author
  • Adam Porteous Adam Porteous adam.porteous
  • Alex Hopkins Alex Hopkins 59hopper
  • Amin Ben Romdhane Amin Ben Romdhane amin.benromdhane
  • Andreas Gnau Andreas Gnau AGnau
  • Andrej Kucharik Andrej Kucharik andrej.kucharik
  • Andrii Pypa Andrii Pypa andrii.pypa
  • Anjan Chanda Anjan Chanda anjancx
  • Balalakshmi Arunachalam Rajendran Balalakshmi Arunachalam Rajendran arbala
  • Benjamin Larsson Benjamin Larsson benjamin
  • Charles Foster Charles Foster charles.foster_bt.com
  • Dariusz Iwanoczko Dariusz Iwanoczko dariusz.iwanoczko
  • Divya Chandrasekaran Divya Chandrasekaran divya.c
  • Dominic Lake Dominic Lake dominic.lake
  • Elena Vengerova Elena Vengerova helen
  • Erik Karlsson Erik Karlsson erik.karlsson
  • Filip Matusiak Filip Matusiak filmat
  • Filip Strelec Filip Strelec filip.strelec
  • Fredrik Östling Fredrik Östling fredrik.ostling
  • Geoff Elliott Geoff Elliott gdelliott
  • George Yang George Yang gyang
20 authors
  1. Jan 02, 2020
    • Sean Bright's avatar
      websocket: Consider pending SSL data when waiting for socket input · 87110c1b
      Sean Bright authored 
      When TLS is in use, checking the readiness of the underlying FD is insufficient
for determining if there is data available to be read. So before polling the
FD, check if there is any buffered data in the TLS layer and use that first.

ASTERISK-28562 #close
Reported by: Robert Sutton

Change-Id: I95fcb3e2004700d5cf8e5ee04943f0115b15e10d
      87110c1b
  3. Aug 30, 2018
    • Richard Mudgett's avatar
      iostream.c: Fix ast_iostream_gets() needlessly returning failure. · f657793e
      Richard Mudgett authored 
      Providing a buffer larger than the internal buffer of ast_iostream_gets()
fails to get lines longer than the internal buffer.

* Made ast_iostream_gets() fill the supplied buffer with read data until
either a '\n' is found or the supplied buffer is filled just like fgets().

Change-Id: If18b3f6ee500e22f0633a68779ed09f7e0f305ed
      f657793e
  5. Jun 11, 2018
    • Sean Bright's avatar
      AST-2018-007: iostreams potential DoS when client connection closed prematurely · b649682c
      Sean Bright authored 
      Before Asterisk sends an HTTP response (at least in the case of errors),
it attempts to read & discard the content of the request. If the client
lies about the Content-Length, or the connection is closed from the
client side before "Content-Length" bytes are sent, the request handling
thread will busy loop.

ASTERISK-27807

Change-Id: I945c5fc888ed92be625b8c35039fc6d2aa89c762
      b649682c
  7. May 28, 2018
    • Alexander Traud's avatar
      tcptls.h: Repair ./configure --with-ssl=PATH. · 24503fb6
      Alexander Traud authored 
      asterisk/tcptls.h was included (explicitly, implicitly, or transitively). Those
inclusions got replaced by forward declarations. As side effect, the inclusions
got completed.

ASTERISK-27878

Change-Id: I9d102728e30336d6522e5e4ae9e964013a0835f7
      24503fb6
  9. May 25, 2018
  11. May 03, 2018
  13. Dec 08, 2017
    • Sean Bright's avatar
      utils: Add convenience function for setting fd flags · 2ffe52a1
      Sean Bright authored 
      There are many places in the code base where we ignore the return value
of fcntl() when getting/setting file descriptior flags. This patch
introduces a convenience function that allows setting or clearing file
descriptor flags and will also log an error on failure for later
analysis.

Change-Id: I8b81901e1b1bd537ca632567cdb408931c6eded7
      2ffe52a1
  15. Nov 19, 2017
    • Corey Farrell's avatar
      iostream: Fix ast_iostream_printf declaration. · b4862e46
      Corey Farrell authored 
      This adds the printf attribute and changes 'fmt' from 'const void *' to
'const char *'.  This resolves a warning from some compiler for
vsnprintf needing a literal string for format.

Change-Id: I71c33a8262590042ee451e1146760c10bb22fb78
      b4862e46
  17. Jun 09, 2017
  19. May 09, 2017
    • Joshua Colp's avatar
      tcptls: Improve error messages for TLS connections. · cbbd119c
      Joshua Colp authored 
      This change uses the functions provided by OpenSSL to query
and better construct error messages for situations where
the connection encounters a problem.

ASTERISK-26606

Change-Id: I7ae40ce88c0dc4e185c4df1ceb3a6ccc198f075b
      cbbd119c
  21. Feb 03, 2017
  23. Dec 06, 2016
    • Mark Michelson's avatar
      Iostreams: Correct off-by-one error. · bf6423a3
      Mark Michelson authored 
      ast_iostream_printf() attempts first to use a fixed-size buffer to
perform its printf-like operation. If the fixed-size buffer is too
small, then a heap allocation is used instead. The heap allocation in
this case was exactly the length of the string to print. The issue here
is that the ensuing call to vsnprintf() will print a NULL byte in the
final space of the string. This meant that the final character was being
chopped off the string and replaced with a NULL byte. For HTTP in
particular, this caused problems because HTTP publishes the expected
Contact-Length. This meant HTTP was publishing a length one character
larger than what was actually present in the message.

This patch corrects the issue by adding one to the allocation length.

ASTERISK-26629
Reported by Joshua Colp

Change-Id: Ib3c5f41e96833d0415cf000656ac368168add639
      bf6423a3
  25. Dec 01, 2016
    • Tzafrir Cohen's avatar
      OpenSSL 1.1.0 support · 26c8552f
      Tzafrir Cohen authored 
      OpenSSL 1.1.0 includes some major changes in the interface. See
https://wiki.openssl.org/index.php/1.1_API_Changes .

Status: Right now there are still a few deprecation notes with OpenSSL
1.1.0. But it's a start.

Changes:
* CRYPTO_LOCK is no longer available. Replace it with its value for now.
  I don't completely understand what it is used for there.
* Remove several functions from libasteriskssl that seem to no longer be
  needed.
* Structures have become opaque and are accesses with accessors.
* ERR_remove_thread_state() no longer needed.
* SSLv2 code now could no longer be used in 1.1.

ASTERISK-26109 #close

Change-Id: I5e29d477d486ca29b6aae0dc2f5dff960c1cb82b
      26c8552f
  27. Nov 28, 2016
    • Joshua Colp's avatar
      iostream: Move include of asterisk.h · e3dae763
      Joshua Colp authored 
      The asterisk.h header file needs to be included first or else
some things go awry, such as:

implicit declaration of function 'vasprintf'

Change-Id: I981dc2a77a1ba791888e4f1726644d4656c0407c
      e3dae763
  29. Nov 15, 2016
    • Timo Teräs's avatar
      Implement internal abstraction for iostreams · 070a51bf
      Timo Teräs authored 
      fopencookie/funclose is a non-standard API and should not be used
in portable software. Additionally, the way FILE's fd is used in
non-blocking mode is undefined behaviour and cannot be relied on.

This introduces internal abstraction for io streams, that allows
implementing the desired virtualization of read/write operations
with necessary timeout handling.

ASTERISK-24515 #close
ASTERISK-24517 #close

Change-Id: Id916aef418b665ced6a7489aef74908b6e376e85
      070a51bf