Create include_free to run ast_destroy_timing and ast_free, use that in
all places that freed an ast_include structure.  This fixes a couple of
paths that previously did not run ast_destroy_timing.

ASTERISK-26196 #close

Change-Id: I1671bd111bef0dc113e8bf8f77f89fcfc395d838

The roundtrip_usec json member is optional.  If it isn't present then
don't put it into the converted json structure where ast_json_pack()
will choke on it.

Change-Id: I39bb2f86154ef54591270c58bfda8635070f9ea0

aor_observer_deleted() needs to operate on all contacts found for the
deleted AOR instead of only the first one found.  This is really only a
problem if there is more than one contact for the AOR.

Change-Id: Id24ac0d5e8c931330231fb45dd2a331a84339dc1

* Fix some whitespace in various routines.

* Rename i to iter in persistent_endpoint_update_state().

* Fix off-nominal copy/paste message wording in
persistent_endpoint_contact_deleted_observer()

Change-Id: Id8e34f5d09e7eebac3af22501c44c1110a3e29d8

Cleanup the peer reference when stasis_subscription_final_message is
true.  Also free peer_name even if peer exists, after reload a new
peer_name will be allocated.

ASTERISK-26193 #close

Change-Id: If7ecd52facdc5c227f701c760841e3f6ca53cc69

Since July 2014, TLS based protocols (SIP over TLS, Secure WebSockets, HTTPS)
support PFS thanks to ASTERISK-23905. In July 2015, the same feature was added
for DTLS. The source code from main/tcptls.c should have been re-used to ease
security audits. Therefore, this change rolls back the change from July 2015 and
re-uses the code from July 2014. This has the additional benefits to work under
CentOS 7 and enabling not just ECDHE but DHE based cipher suites as well.

ASTERISK-25659 #close
Reported by: StefanEng86, urbaniak, pay123
Tested by: sarumjanuch, traud
patches:
res_rtp_asterisk.patch submitted by sarumjanuch
dtls_centos_step_1.patch submitted by traud
dtls_centos_step_2.patch submitted by traud

Change-Id: I537cadf4421f092a613146b230f2c0ee1be28d5c

It is possible in a hypothetical situation for a session refresh to be
invoked on a PJSIP when the negotiatior on the INVITE session has not
yet been established. While this shouldn't occur with existing uses of
ast_sip_session_refresh, the crashes that occur due to improperly
calling PJSIP functions that expect a non-NULL negotiatior are
avoidable. PJSIP will create the negotiator in pjsip_inv_reinvite; this
means that simply checking for the presence of the negotiator before
passing it to other PJSIP functions that use it is allowable. As such,
this patch adds checks for the presence of the negotiator before calling
PJSIP functions that assume it is non-NULL.

Change-Id: I1028323e7e01b0a531865e5412a71b6f6ec4276d

When something very sad and wrong occurs, it's challenging sometimes to
figure out why. This patch adds some additional debug statements on
off-nominal paths to try and make debugging easier.

Change-Id: I7bffb73cc733b6f80193a23340881db4a102b640

When res_corosync detects that a node leaves or joins, it currently is
informed of this via Corosync callbacks. However, there are a few
limitations with the information presented:
(1) While we have information that Corosync is aware of - such as the
    Corosync nodeid - that information is really only useful inside of
    Corosync or res_corosync. There's no way to translate a Corosync
    nodeid to some other internally useful unique identifier for the
    Asterisk instance that just joined or left the cluster.
(2) While res_corosync is notified of the instance joining or leaving
    the cluster, it has no mechanism to inform the Asterisk core or
    other modules of this event. This limits the usefulness of res_corosync
    as a heartbeat mechanism for other modules.

This patch addresses both issues.

First, it adds the notion of a cluster discovery message both within the
Stasis message bus, as well as the binary event messages that
res_corosync uses to transmit data back and forth within the cluster.
When Asterisk joins the cluster, it sends a discovery message to the other
nodes in the cluster, which correlates the Corosync nodeid along with
the Asterisk EID. res_corosync now maintains a hash of Corosync nodeids
to Asterisk EIDs, such that it can map changes in cluster state with the
Asterisk instance that has that nodeid. Likewise, when an Asterisk
instance receives a discovery message from a node in the cluster, it now
sends its own discovery message back to the originating node with the
local Asterisk EID. This lets Asterisk instances within the cluster
build a complete picture of the other Asterisk instances within the
cluster.

Second, it publishes the discovery messages onto the Stasis message bus.
Said messages are published whenever a node joins or leaves the cluster.
Interested modules can subscribe for the ast_cluster_discovery_type()
message under the ast_system_topic() and be notified when changes in
cluster state occur.

Change-Id: I9015f418d6ae7f47e4994e04e18948df4d49b465

Updated the macro-set autoconf/ax_pthread.m4 to its latest upstream version.

ASTERISK-26046 #close

Change-Id: I11abc11d17acd2b6a8a5a5be8ae8e0949dab9cc7

* We weren't properly subscribing to the channel and it's originator
  on create.
* We weren't doing a publish_dial after calling ast_call on dial.
* We weren't calling depart_bridge when a channel left the dial bridge.

The first 2 issues were causing events to not be generated and the third
was actually causing channels to not get properly destroyed when hung up.

Together these 3 issues were causing the new
rest_apichannels/create_dial_bridge tests to fail.

As a result of the fixes, the cdr state machine had to be slightly
tweaked to allow bridge leave events without asserting and the tests
themselves had to be updated to account for the channels now cleaning
themselves up.

Change-Id: Ibf23abf5a62de76e82afb4461af5099c961b97d8

The ASTERISK-25904 change-id I8fad8aae9305481469c38d2146e1ba3a56d3108f
patch introduced several regressions when the newly created "Updated"
state goes out for each endpoint registration refresh.

1) It restarted any OPTIONS RTT ping cycle.

2) It would interfere with a currently active ping and throw off that
ping's resulting RTT calculation.

3) It cleared the RTT time each time the endpoint was refreshed.

4) The cleared RTT time was sent out as a statsd update each time.

5) It created two AMI events for each update.

* Revert the original patch and reimplement it.  Now the current contact
status state is re-sent instead of the state being momentarily toggled
every time the endpoint refreshes its registration.  The statsd events are
not created for the re-sent refresh because they are sent after every
OPTIONS ping.

ASTERISK-26160 #close
Reported by: Matt Jordan

Change-Id: Ie072be790fbb2a8f5c1c874266e4143fa31f66d1

The func_odbc module was modified to ensure that the
previous behavior of using a single database connection
was maintained. This was done by getting a single database
connection and holding on to it. With the new multiple
connection support in res_odbc this will actually starve
every other thread from getting access to the database as
it also maintains the previous behavior of having only
a single database connection.

This change disables the func_odbc specific behavior if
the res_odbc module is running with only a single database
connection active. The connection is only kept for the
duration of the request.

ASTERISK-26177 #close

Change-Id: I9bdbd8a300fb3233877735ad3fd07bce38115b7f

Before this change, make failed with the error
Unknown value '' found in build_tools/menuselect-deps for NATIVE_ARCH
when CFLAGS were supplied to the configure script. This was introduced with
<https://reviewboard.asterisk.org/r/1852/> which disabled BUILD_NATIVE when
CFLAGS were supplied. Those who need different -march= values, please, go for
./configure
make menuselect.makeopts or make menuselect
./menuselect/menuselect --disable BUILD_NATIVE

ASTERISK-25289 #close

Change-Id: Ic6365d5a97bb9b3556858f06432a8d1cfa83eebc

Thanks to ibercom for pointing out a memory leak that was missed
in the earlier patch for the issue.

ASTERISK-26119
Reported by: Alexei Gradinari

Change-Id: I9a151f5c4725d97fb82a9e938bc73dc659532b71

Since 5th November 2014, the master branch of libSRTP changed the prefix of
several member names and is not compatible with the source code in Asterisk
anymore. Therefore instead, this change checks out the latest version of the
libSRTP 1.5.x branch. Furthermore now, libSRTP is compiled with OpenSSL as
backend. This makes AES-GCM and AES-IN possible.

ASTERISK-22131 #close

Change-Id: I2e396cdc01da0ff610686e398ed210ca7408f7d6

* get_sip_pvt_from_replaces leaks sip_pvt_ptr on any error.
* build_peer leaks peer on failure to allocate the endpoint.

This patch fixes get_sip_pvt by using an RAII_VAR, build_peer is fixed
with an unref in the appropriate place.

ASTERISK-26184 #close

Change-Id: I728b424648ad041409f7d90880f4c28b3ce2ca12

Using AO2_CONTAINER_ALLOC_OPT_DUPS_REPLACE can result in an unref being
recorded to the refs log for the node being replaced.  This prevents
logging of those unrefs since they would produce errors in
refcounter.py.

ASTERISK-26181 #close

Change-Id: Ie4fded84e8a1a58b3a59ce59dfd7eb0da3ddc5d4

If the SQL UPDATE statement changes nothing then SQLRowCount returns 0.
This value should be treated as success.
But the function sorcery_realtime_update treats it as failed.

This bug was found using stress tests on PJSIP.
If there are 2 consecutive SIP REGISTER requests with the same contact data
during 1 second then res_pjsip_registrar adds contact location on 1st request
and tries to update contact location on 2nd.
The update fails and res_pjsip_registrar even removes correct contact location.

The test "object_update_uncreated" was removed from test_sorcery_realtime.c
because it's now a valid situation.

This patch also adds missing debug of extra SQL parameter.

ASTERISK-26172 #close

Change-Id: I05a7f3051455336c9dda29efc229decf86071303

Some T.38 implementations may send another re-invite after the initial
one which adds additional negotiation details (such as the max bitrate).
Currently this will fail when passthrough is being done in chan_sip as we
do nothing if T.38 is already active.

Other handlers of T.38 inside of Asterisk (such as res_fax) handle this
scenario so this change adds support for it to chan_sip and res_pjsip_t38.
If a request to negotiate is received while T.38 is already enabled a
new re-INVITE is sent and negotiation is done again.

ASTERISK-26179 #close

Change-Id: I0298494d3da6df3219bbfa4be9aa04015043145c

When using TCP transport with chan_pjsip, the TCP_NODELAY
option value was allocated on the stack, then passed as a
pointer to the tcp transport configuration structure, and
later re-used on subsequently created sockets when it was
no longer valid.  This patch changes the allocation to be
a static.

ASTERISK-26180 #close
Reported by: Scott Griepentrog

Change-Id: I3251164c7f710dbdab031282f00e30a9770626a0