When the MessageSend destination is in the form
PJSIP/<number>@<endpoint> and the endpoint's contact
URI already has a user component, that user component
will now be replaced with <number> when creating the
request URI.

ASTERISK_29404

Change-Id: I80e5910fa25c803d1440da0594a0d6b34b6b4ad5

Set preferred transport when querying the local address to use in
filter_on_tx_messages(). This prevents the module to erroneously select
the wrong transport if more than one transports of the same type (TCP or
TLS) are configured.

ASTERISK-29241

Change-Id: I598e60257a7f92b29efce1fb3e9a2fc06f1439b6

Previously, SayNumber always emitted a warning if the caller hung up
during execution. Usually this isn't correct, so check if the channel
hung up and, if so, don't emit a warning.

ASTERISK-29475

Change-Id: Ieea4a67301c6ea83bbc7690c1d4808d79a704594

The scenario where a channel still has an associated datastore we
cannot unload since there is a function pointer to the destroy and fixup
functions in play.  Thus increase the module ref count whenever we
allocate a datastore, and decrease it during destroy.

In order to tighten the race that still exists in spite of this (below)
add some extra failure cases to prevent allocations in these cases.

Race:

If module ref is zero, an LOCK or TRYLOCK is invoked (near)
simultaneously on a channel that has NOT PREVIOUSLY taken a lock, and if
in such a case the datastore is created *prior* to unloading being set
to true (first step in module unload) then it's possible that the module
will unload with the destructor being called (and segfault) post the
module being unloaded.  The module will however wait for such locks to
release prior to unloading.

If post that we can recheck the module ref before returning the we can
(in theory, I think) eliminate the last of the race.  This race is
mostly theoretical in nature.

Change-Id: I21a514a0b56755c578a687f4867eacb8b59e23cf
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

For example:

arthur*CLI> dialplan locks show
func_lock locks:
Name                                     Requesters Owner
uls-autoref                              0          (unlocked)
1 total locks listed.

Obviously other potentially useful stats could be added (eg, how many
times there was contention, how many times it failed etc ... but that
would require keeping the stats and I'm not convinced that's worth the
effort.  This was useful to troubleshoot some other issues so submitting
it.

Change-Id: Ib875e56feb49d523300aec5f36c635ed74843a9f
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

AST_TRAVERSE accessess current as current = current->(field).next ...
and since we free current (and ast_free poisons the memory) we either
end up on a ast_mutex_lock to a non-existing lock that can never be
obtained, or a segfault.

Incidentally add logging in the "we have to wait for a lock to release"
case, and remove an ineffective statement that sets memory that was just
cleared by ast_calloc to zero.

Change-Id: Id19ba3d9867b23d0e6783b97e6ecd8e62698b8c3
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

In two places we bail out with failure after we've already incremented
the requesters counter, if this occured then it would effectively result
in unload to wait indefinitely, thus preventing clean shutdown.

Change-Id: I362a6c0dc424f736d4a9c733d818e72d19675283
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

Caller ID can now be set on the called channel and
Variables can now be set on the destination
using the Originate application, just as
they can be currently using call files
or the Manager Action.

ASTERISK-29450

Change-Id: Ia64cfe97d2792bcbf4775b3126cad662922a8b66

The text description needs to be the last thing on the AST_MODULE_INFO
line to be pulled in properly by menuselect.

Change-Id: I0c913e36fea8b661f42e56920b6c5513ae8fd832

Adds a new ConfKick() application, which may
be used to kick a specific channel, all channels,
or all non-admin channels from a specified
conference bridge, similar to existing CLI and
AMI commands.

ASTERISK-29446

Change-Id: I5d96b683880bfdd27b2ab1c3f2e897c5046ded9b

Adds the "auto" case which is valid with
both chan_sip dtmfmode and chan_pjsip's
dtmf_mode, adds subscribecontext to
subscribe_context conversion, and accounts
for cipher = ALL being invalid.

ASTERISK-29459

Change-Id: Ie27d6606efad3591038000e5f3c34fa94730f6f2

Adds hook flash recognition support
for application/hook-flash.

ASTERISK-29460

Change-Id: I1d060fa89a7cf41244c98f892fff44eb1c9738ea

A new user option, answer_channel, adds the capability to
prevent answering the channel if it hasn't already been
answered yet.

ASTERISK-29440

Change-Id: I26642729d0345f178c7b8045506605c8402de54b

 * Implemented the new "to" parameter of the MessageSend()
   dialplan application.  This allows a user to specify
   a complete SIP "To" header separate from the Request URI.

 * Completely refactored the get_outbound_endpoint() function
   to actually handle all the destination combinations that
   we advertized as supporting.

 * We now also accept a destination in the same format
   as Dial()...  PJSIP/number@endpoint

 * Added lots of debugging.

ASTERISK-29404
Reported by Brian J. Murrell

Change-Id: I67a485196d9199916468f7f98bfb9a0b993a4cce

Introduces three new dialplan functions, MIN and MAX,
which can be used to calculate the minimum or
maximum of up to two numbers, and ABS, an absolute
value function.

ASTERISK-29431

Change-Id: I2bda9269d18f9d54833c85e48e41fce0e0ce4d8d

STIR/SHAKEN requires a Date header alongside the Identity header, so
that has been added. Still on the outgoing side, we were missing the
dest->tn section of the JSON payload, so that has been added as well.
Moving to the incoming side, URL checking has been added to the public
cert URL to ensure that it starts with http.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Idee5b1b5e45bc3b483b3070e46ce322dca5b3f1c

For connection oriented transports PJSIP uses factories to
produce transports. When doing a partial transport reload
we need to also move the factory of the transport over so
that anything referencing the transport (such as an endpoint)
has the factory available.

ASTERISK-29441

Change-Id: Ieae0fb98eab2d9257cad996a1136e5a62d307161

Up until now, the VOLUME function has been write
only, so that TX/RX values can be set but not
read afterwards. Now, previously set TX/RX values
can be read later.

ASTERISK-29439

Change-Id: Ia23e92fa2e755c36e9c8e69f2940d2703ccccb5f

When unsubscribing from an endpoint technology a FRACK
would occur due to incorrect reference counting. This fixes
that issue, along with some other issues.

Fixed a typo in get_subscription when calling ao2_find as it
needed to pass the endpoint ID and not the entire object.

Fixed scenario where a subscription would get returned when
it shouldn't have been when searching based on endpoint
technology.

A doulbe unreference has also been resolved by only explicitly
releasing the reference held by tech_subscriptions.

ASTERISK-28237 #close
Reported by: Lucas Tardioli Silveira

Change-Id: Ia91b15f8e5ea68f850c66889a6325d9575901729

In multidomain environments, it is desirable to create
PJSIP endpoints with the domain info in the endpoint name
in pjsip_endpoint.conf.  This resulted in an error with
registrations, NOTIFY, and OPTIONS packet generation.

This commit will detect if there is an @ in the endpoint
identifier and generate the URI accordingly so NOTIFY and
OPTIONS From headers will generate correctly.

ASTERISK-28393

Change-Id: I96f8d01dfdd5573ba7a28299e46271dd4210b619

RTCP ICE candidates use a base address derived from the RTP
candidate. The port on the base address was not being updated to
the RTCP port.

This change sets the base port to the RTCP port and all is well.

ASTERISK-29433

Change-Id: Ide2d2115b307bfd3c2dfbc4d187515d724519040

Change-Id: I48c1933dd79b50ddc0a6793acec4754b4e95c575

By default Asterisk reports the PJSIP version in a SOFTWARE attribute
of every STUN packet it sends. This may not be desired in a production
environment, and RFC5389 recommends making the use of the SOFTWARE
attribute a configurable option:

https://datatracker.ietf.org/doc/html/rfc5389#section-16.1.2

This patch adds a `stun_software_attribute` yes/no option to make it
possible to omit the SOFTWARE attribute from STUN packets.

ASTERISK-29434

Change-Id: Id3f2b1dd9584536ebb3a1d7e8395fd8b3e46860b

RFC7616 and RFC8760 allow more than one WWW-Authenticate or
Proxy-Authenticate header per realm, each with different digest
algorithms (including new ones like SHA-256 and SHA-512-256).
Thankfully however a UAS can NOT send back multiple Authenticate
headers for the same realm with the same digest algorithm.  The
UAS is also supposed to send the headers in order of preference
with the first one being the most preferred.  We're supposed to
send an Authorization header for the first one we encounter for a
realm that we can support.

The UAS can also send multiple realms, especially when it's a
proxy that has forked the request in which case the proxy will
aggregate all of the Authenticate headers and then send them all
back to the UAC.

It doesn't stop there though... Each realm can require a
different username from the others.  There's also nothing
preventing each digest algorithm from having a unique password
although I'm not sure if that adds any benefit.

So now... For each Authenticate header we encounter, we have to
determine if we support the digest algorithm and, if not, just
skip the header.  We then have to find an auth object that
matches the realm AND the digest algorithm or find a wildcard
object that matches the digest algorithm. If we find one, we add
it to the results vector and read the next Authenticate header.
If the next header is for the same realm AND we already added an
auth object for that realm, we skip the header. Otherwise we
repeat the process for the next header.

In the end, we'll have accumulated a list of credentials we can
pass to pjproject that it can use to add Authentication headers
to a request.

NOTE: Neither we nor pjproject can currently handle digest
algorithms other than MD5.  We don't even have a place for it in
the ast_sip_auth object. For this reason, we just skip processing
any Authenticate header that's not MD5.  When we support the
others, we'll move the check into the loop that searches the
objects.

Changes:

 * Added a new API ast_sip_retrieve_auths_vector() that takes in
   a vector of auth ids (usually supplied on a call to
   ast_sip_create_request_with_auth()) and populates another
   vector with the actual objects.

 * Refactored res_pjsip_outbound_authenticator_digest to handle
   multiple Authenticate headers and set the stage for handling
   additional digest algorithms.

 * Added a pjproject patch that allows them to ignore digest
   algorithms they don't support.  This patch has already been
   merged upstream.

 * Updated documentation for auth objects in the XML and
   in pjsip.conf.sample.

 * Although res_pjsip_authenticator_digest isn't affected
   by this change, some debugging and a testsuite AMI event
   was added to facilitate testing.

Discovered during OpenSIPit 2021.

ASTERISK-29397

Change-Id: I3aef5ce4fe1d27e48d61268520f284d15d650281

RFC 4235 Section 4.1.6 describes XML elements that should be
sent to subscribed endpoints to identify the local and remote
participants in the dialog.

This patch adds this functionality to PJSIP by iterating through the
ringing channels causing the NOTIFY, and inserts the channel info
into the dialog so that information is properly passed to the endpoint
in dialog-info+xml.

ASTERISK-24601
Patch submitted: Joshua Elson
Modified by: Joseph Nadiv and Sean Bright
Tested by: Joseph Nadiv

Change-Id: I20c5cf5b45f34d7179df6573c5abf863eb72964b

Hitherto, VoiceMail() played a non-customizable beep tone to indicate
the caller could leave a message. In some cases, the beep may not
be desired, or a different tone may be desired.

To increase flexibility, a new option allows customization of the tone.
If the t option is specified, the default beep will be overridden.
Supplying an argument will cause it to use the specified file for the tone,
and omitting it will cause it to skip the beep altogether. If the option
is not used, the default behavior persists.

ASTERISK-29349

Change-Id: I1c439c0011497e28a28067fc1cf1e654c8843280

Although Asterisk can receive and propogate flash events, it currently
provides no mechanism for doing anything with them itself.

This AMI event allows flash events to be processed by Asterisk.
Additionally, AST_CONTROL_FLASH is included in a switch statement
in channel.c to avoid throwing a warning when we shouldn't.

ASTERISK-29380

Change-Id: Ie17ffe65086e0282c88542e38eed6a461ec79e81

Some ATAs send hook flash events as application/hook-flash, rather than a DTMF
event. Now, we also recognize hook-flash as a flash event.

ASTERISK-29370

Change-Id: I1c3b82a040dff3affcd94bad8ce33edc90c04725

In some cases it was possible for a STUN packet to be destroyed
prematurely or even destroyed partially multiple times.

This patch provided by Teluu fixes the lifetime of these
packets and ensures they aren't partially destroyed multiple
times.

https://github.com/pjsip/pjproject/pull/2709

ASTERISK-29377

Change-Id: Ie842ad24ddf345e01c69a4d333023f05f787abca

AST_CONTROL_FLASH isn't accounted for in a switch statement in file.c
where it should be ignored. Adding this to the switch ensures a
warning isn't thrown on RFC2833 flash events, since nothing's amiss.

ASTERISK-29372

Change-Id: I4fa549bfb7ba1894a4044de999ea124877422fbc

ASTERISK-29358 #close

Change-Id: I050daff67066873df4e8fc7f4bd977c1ca06e647

STIR/SHAKEN encodes using base64 URL format. Currently, we just use
base64. New functions have been added that convert to and from base64
encoding.

The origid field should also be an UUID. This means there's no reason to
have it as an option in stir_shaken.conf, as we can simply generate one
when creating the Identity header.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Icf094a2a54e87db91d6b12244c9f5ba4fc2e0b8c

We're getting the serial number of the certificate from openssl and
freeing it with ast_free(), but it needs to be freed with OPENSSL_free()
instead. Now we duplicate the string and free the one from openssl with
OPENSSL_free(), which means we can still use ast_free() on the returned
string.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia6e1a4028c1933a0e1d204b769ebb9f5a11f00ab

During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.

We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.

The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d

Enhancements:

 * The MessageSend dialplan application now takes an optional
   third argument that can set the message's "To" field on
   outgoing messages.  It's an alternative to using the
   MESSAGE(to) dialplan function.

   NOTE: No channel driver currently implements this field.  A
   follow-on commit for res_pjsip_messaging will implement it for
   the chan_pjsip channel driver.

 * To prevent confusion with the first argument, currently named
   "to", it's been renamed to "destination". Its function,
   creating the request URI, hasn't changed.

 * The documentation for MessageSend was updated to be
   more clear about the parameters and how they interact
   the MESSAGE() dialplan function.

 * With the rename of MessageSend's first parameter, and the fact
   that message.c references <info> elements in chan_sip.c,
   res_pjsip_messaging.c and res_xmpp, they each needed
   documentation updates to use MessageDestinationInfo instead of
   MessageToInfo.

 * appdocsxml.dtd was updated to include a missing element
   declaration for "dataType".  This was showing up as an error
   in Eclipse's dtd editor.

 * Despite the changes in this commit, there should be
   no impact to current users of MessageSend.

Change-Id: I6fb5b569657a02866a66ea352fd53d30d8ac965a

Change-Id: Idbd61ff77545f4a78b06a5064b55112e774b70e6

When a stream topology is provided to chan_local when dialing
it filters the audio formats down. This operation did not skip
streams which were removed (that have no formats) resulting in
calling being aborted.

This change causes such streams to be skipped.

ASTERISK-29407

Change-Id: I1de8b98727cb2d10f4bc287da0b5fdcb381addd6