The chan_sip module performs a T.38 re-invite using a single media
stream of udptl, and expects the SDP answer to be the same.

If an SDP answer is received instead that contains an additional
media stream with no joint codec a crash will occur as the code
assumes that at least one joint codec will exist in this
scenario.

This change removes this assumption.

ASTERISK-28465

Change-Id: I8b02845b53344c6babe867a3f0a5231045c7ac87

Fixes a crash in chan_dahdi occurring on 32-bit systems. A previous
patch introduced a variable of type unassigned long long which is 64-bits.
Casting it as 'ast_json_int_t' along with JSON type 'I' makes it work
with 32-bit systems.

ASTERISK-28457

Change-Id: I9cef6b5f2d826fc5c93f2f6a1c997c4e3e6c93fe

A few more format truncation issues addressed.

Change-Id: I047f373169caaca0eec4889d3c0e5e10f130017a

Fixed format-truncation issues in chan_dahdi.c and
sig_analog.c.  Since they're related to fields provided
by dahdi-tools we can't change the buffer sizes so we're just
checking the return from snprintf and printing an errior if we
overflow.

Change-Id: Idc1f3c1565b88a7d145332a0196074b5832864e5

We have seen some rare case of segmentation fault in hangup function
and we could notice that channel pointer was NULL.  Debug log shows
that there is a 200 OK answer and SIP timeout at the same time.  It
looks that while the SIP session was being destroyed due to timeout
call hangup due to answer event lead to race condition and channel
is being destroyed from two different places.  The check ensures we
check it not to be NULL before freeing it.

ASTERISK-25371

Change-Id: I19f6566830640625e08f7b87bfe15758ad33a778

After some definitions have been moved to asterisk/mwi.h the files
channels/chan_dahdi.h channels/sig_pri.c are missing this new
include.

ASTERISK-28427 #close

Change-Id: Ia8cc595eeda653324643f40dcd9799d4c3f0ac91

The caller endpoint hears dead silence if a callee replies 180 (without SDP)
and the caller already received 183 (with SDP).
It happens because Asterisk sends 180 (WITH SDP) to the caller,
there are not incoming RTP packets from the callee
and Asterisk does not generate inband ringing,
so there are not any outgoing RTP packets to the caller.

This patch replaces 180 by 183 if SDP negotiation has completed,
as if the caller endpoint is configured with "inband_progress=yes".

In this case Asterisk will generate inband ringing untill Asterisk receive
incoming RTP packets from the callee.

ASTERISK-27994 #close

Change-Id: I7450b751083ec30d68d6abffe922215a15ae5a73

Various fixes for issues caught by gcc 9.  Mostly snprintf
trying to copy to a buffer potentially too small.

ASTERISK-28412

Change-Id: I9e85a60f3c81d46df16cfdd1c329ce63432cf32e

There is enough MWI functionality to warrant it having its own 'c' and header
files. This patch moves all current core MWI data structures, and functions
into the following files:

main/mwi.h
main/mwi.c

Note, code was simply moved, and not modified. However, this patch is also in
preparation for core MWI changes, and additions to come.

Change-Id: I9dde8bfae1e7ec254fa63166e090f77e4d3097e0

When the dtmf_mode on an endpoint is configured as "auto_info"
Asterisk will produce an inband DTMF tone alongside an INFO
message when sending DTMF.

ASTERISK-28371

Change-Id: I1380b82f006e110a1b83fbb50c9873edd13a5d9a

The compiler complained about a couple of variables that weren't
initialized but were being used. Initializing them to NULL resolves the
warnings/errors.

ASTERISK-28362 #close

Change-Id: I6243afc5459b416edff6bbf571b0489f6b852e4b

The next usage of PJSIP_PARSE_URI will crash asterisk
${PJSIP_PARSE_URI(tel:+1234567890,host)}
or
${PJSIP_PARSE_URI(192.168.1.1:5060,host)}

The function pjsip_parse_uri successfully parses then, but returns
struct pjsip_other_uri *.

This patch restricts parsing only SIP/SIPS URIs.

Change-Id: I16f255c2b86a80a67e9f9604b94b129a381dd25e

Passing negative intervals to the scheduler rips a hole in the
space-time continuum.

ASTERISK-25792 #close
Reported by: Paul Sandys

Change-Id: Ie706f21cee05f76ffb6f7d89e9c867930ee7bcd7

Add logical group at DAHDIChannel event
and create "dahdi_group" at CHANNEL function.

ASTERISK-28317

Change-Id: Ic1f834cd53982a9707a9748395ee746d6575086a

chan_sip will always ignore 183 responses that do not contain SDP
however, chan_pjsip will currently always translate it into a
183 with SDP.  This new flag allows chan_pjsip to have the same
behavior as chan_sip.

ASTERISK-28322 #close

Change-Id: If81cfaa17c11b6ac703e3d71696f259d86c6be4a

strtok() uses a static buffer, making it not thread safe.

Also add a #define to cause a compile failure if strtok is used.

Change-Id: Icce265153e1e65adafa8849334438ab6d190e541

Currently, the pjsip show channelstats cli does not show channel's
stats after hits the invalid channel info. This makes hard to use
this cli. Changed to keep iterate after hits the invalid channel
info.

ASTERISK-28292

Change-Id: I3efdff1c9e1b1efd3c971fb82ae77aa133a6f43c

Free old peer's contactacl before overwrite it within build_peer.

ASTERISK-28194

Change-Id: Ie580db6494e50cee0e2a44b38e568e34116ff54c

When a channel snapshot was created it used to be done
from scratch, copying all data (many strings). This incurs
a cost when doing so.

This change segments the channel snapshot into different
components which can be reused if unchanged from the
previous snapshot creation, reducing the cost. In normal
cases this results in some pointers being copied with
reference count being bumped, some integers being set,
and a string or two copied. The other benefit is that it
is now possible to determine if a channel snapshot update
is redundant and thus stop it before a message is published
to stasis.

The specific segments in the channel snapshot were split up
based on whether they are changed together, how often they
are changed, and their general grouping. In practice only
1 (or 0) of the segments actually get changed in normal
operation.

Invalidation is done by setting a flag on the channel when
the segment source is changed, forcing creation of a new
segment when the channel snapshot is created.

ASTERISK-28119

Change-Id: I5d7ef3df963a88ac47bc187d73c5225c315f8423

Channels no longer use the Stasis cache for channel snapshots. Instead
they are stored in a hash table in stasis_channels which reduces the
number of Stasis messages created and allows better storage.

As a result the following APIs are no longer available since the stasis
cache is no longer used:
ast_channel_topic_cached()
ast_channel_topic_all_cached()

The ast_channel_cache_all() and ast_channel_cache_by_name() functions
now return an ao2_container of ast_channel_snapshots rather than
a container of stasis_messages therefore you can't (and don't need
to) call stasis_cache functions on it.

The ast_channel_topic_all() function now returns a normal topic not
a cached one so you can't use stasis cache functions on it either.

The ast_channel_snapshot_type() stasis message now has the
ast_channel_snapshot_update structure as it's data. It contains the
last snapshot and the new one.

ast_channel_snapshot_get_latest() still returns the latest snapshot.

The latest snapshot is now stored on the channel itself to eliminate
cache hits when Stasis messages that have the snapshot as a payload
are created.

ASTERISK-28102

Change-Id: I9334febff60a82d7c39703e49059fa3a68825786

Replace usage of ao2_container_alloc with ao2_container_alloc_hash or
ao2_container_alloc_list.  Remove ao2_container_alloc macro.

Change-Id: I0907d78bc66efc775672df37c8faad00f2f6c088

New dialplan function PJSIP_PARSE_URI added to parse an URI and return
a specified part of the URI.

This is useful when need to get part of the URI instead of cutting it
using a CUT function.

For example to get 'user' part of Remote URI
${PJSIP_PARSE_URI(${CHANNEL(pjsip,remote_uri)},user)}

ASTERISK-28144 #close

Change-Id: I5d828fb87f6803b6c1152bb7b44835f027bb9d5a

This change adds the ability for subscriptions to indicate
which message types they are interested in accepting. By
doing so the filtering is done before being dispatched
to the subscriber, reducing the amount of work that has
to be done.

This is optional and if a subscriber does not add
message types they wish to accept and set the subscription
to selective filtering the previous behavior is preserved
and they receive all messages.

There is also the ability to explicitly force the reception
of all messages for cases such as AMI or ARI where a large
number of messages are expected that are then generically
converted into a different format.

ASTERISK-28103

Change-Id: I99bee23895baa0a117985d51683f7963b77aa190

When a call pickup is performed using and invite with replaces header
the ast_do_pickup method is attempted and a PICKUP stasis message is sent.

ASTERISK-28081 #close
Reported-by: Luit van Drongelen

Change-Id: Ieb1442027a3ce6ae55faca47bc095e53972f947a

This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.

The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.

The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.

The default value is 'yes' for both options.

Change-Id: I16af967815efd904597ec2f033337e4333d097cd

This officially deprecates chan_sip in Asterisk 17+.  A warning is
printed upon startup or module load to tell users that they should
consider migrating.  chan_sip is still built by default but the default
modules.conf skips loading it at startup.

Very important to note we are not scheduling a time where chan_sip will
be removed.  The goal of this change is to accurately inform end users
of the current state of chan_sip and encourage movement to the fully
supported chan_pjsip.

Change-Id: Icebd8848f63feab94ef882d36b2e99d73155af93

These macros have been documented as legacy for a long time but are
still used in new code because they exist.  Remove all references to:
* ao2_container_alloc_options
* ao2_t_container_alloc_options
* ao2_t_container_alloc

These macro's are also removed.  Only ao2_container_alloc remains due to
it's use in over 100 places.

Change-Id: I1a26258b5bf3deb081aaeed11a0baa175c933c7a

With tls and udp enabled asterisk generates a warning about sending
message via udp instead of tls.
sip notify command via cli works as expected and without warning.

asterisk has to set the connection information accordingly to connection
and not on presumption

ASTERISK-28057 #close

Change-Id: Ib43315aba1f2c14ba077b52d8c5b00be0006656e

Fixes random asterisk crash on start or reload with TLS phones.

ASTERISK-28034 #close
Reported-by: David Hajek

Change-Id: I2a859f97dc80c348e2fa56e918214ee29521c4ac

Also remove function peer_ipcmp_cb since it's not used (according to
rmudgett).

Prior to b2c4e866 (ASTERISK_27457)
insecure=port was the defacto standard.  That commit also prevented
insecure=port from being applied for sip/tcp or sip/tls.

Into consideration there are three sets of behaviour:

1.  "previous" - before the above commit.
2.  "current" - post above commit, pre this one.
3.  "new" - post this commit.

The problem that the above commit tried to address was guests over TCP.
It succeeded in doing that but broke transport!=udp with host!=dynamic.

This commit attempts to restore sane behaviour with respect to
transport!=udp for host!=dynamic whilst still retaining the guest users
over tcp.

It should be noted that when looking for a peer, two passes are made, the
first pass doesn't have SIP_INSECURE_PORT set for the searched-for peer,
thus looking for full matches (IP + Port), the second pass sets
SIP_INSECURE_PORT, thus expecting matches on IP only where the matched
peer allows for that (in the author's opinion:  UDP with insecure=port,
or any TCP based, non-dynamic host).

In previous behaviour there was special handling for transport=tcp|tls
whereby a peer would match during the first pass if the utilized
transport was TCP|TLS (and the peer allowed that specific transport).

This behaviour was wrong, or dubious at best.  Consider two dynamic tcp
peers, both registering from the same IP (NAT), in this case either peer
could match for connections from an IP.  It's also this behaviour that
prevented SIP guests over tcp.

The above referenced commit removed this behaviour, but kept applying
the SIP_INSECURE_PORT only to WS|WSS|UDP.  Since WS and WSS is also TCP
based, the logic here should fall into the TCP category.

This patch updates things such that the previously non-explicit (TCP
behaviour) transport test gets performed explicitly (ie, matched peer
must allow for the used transport), as well as the indeterministic
source-port nature of the TCP protocol is taken into account.  The new
match algorithm now looks like:

1.  As per previous behaviour, IP address is matched first.

2.  Explicit filter with respect to transport protocol, previous
    behaviour was semi-implied in the test for TCP pure IP match - this now
    made explicit.

3.  During first pass (without SIP_INSECURE_PORT), always match on port.

4.  If doing UDP, match if matched against peer also has
    SIP_INSECURE_PORT, else don't match.

5.  Match if not a dynamic host (for non-UDP protocols)

6.  Don't match if this is WS|WSS, or we can't trust the Contact address
    (presumably due to NAT)

7.  Match (we have a valid Contact thus if the IP matches we have no
    choice, this will likely only apply to non-NAT).

To logic-test this we need a few different scenarios.  Towards this end,
I work with a set number of peers defined in sip.conf:

[peer1]
host=1.1.1.1
transport=tcp

[peer2]
host=1.1.1.1
transport=udp

[peer3]
host=1.1.1.1
port=5061
insecure=port
transport=udp

[peer4]
host=1.1.1.2
transport=udp,tcp

[peer5]
host=dynamic
transport=udp,tcp

Test cases for UDP:

1 - incoming UDP request from 1.1.1.1:
  - previous:
    - pass 1:
      * peer1 or peer2 if from port 5060 (indeterminate, depends on peer
        ordering)
      * peer3 if from port 5061
      * peer5 if registered from 1.1.1.1 and source port matches
    - pass 2:
      * peer3
  - current: as per previous.
  - new:
    - pass 1:
      * peer2 if from port 5060
      * peer3 if from port 5061
      * peer5 if registered from 1.1.1.1 and source port matches
    - pass 2:
      * peer3

2 - incoming UDP request from 1.1.1.2:
  - previous:
    - pass 1:
      * peer5 if registered from 1.1.1.2 and port matches
      * peer4 if source port is 5060
    - pass 2:
      * no match (guest)
  - current: as previous.
  - new as previous (with the variation that if peer5 didn't have udp as
          allowed transport it would not match peer5 whereas previous
          and current code could).

3 - incoming UDP request from anywhere else:
  - previous:
    - pass 1:
      * peer5 if registered from that address and source port matches.
    - pass 2:
      * peer5 if insecure=port is additionally set.
      * no match (guest)
  - current - as per previous
  - new - as per previous

Test cases for TCP based transports:

4 - incoming TCP request from 1.1.1.1
  - previous:
    - pass 1 (indeterministic, depends on ordering of peers in memory):
      * peer1; or
      * peer5 if peer5 registered from 1.1.1.1 (irrespective of source port); or
      * peer2 if the source port happens to be 5060; or
      * peer3 if the source port happens to be 5061.
    - pass 2: cannot happen since pass 1 will always find a peer.
  - current:
    - pass 1:
      * peer1 or peer2 if from source port 5060
      * peer3 if from source port 5060
      * peer5 if registered as 1.1.1.1 and source port matches
    - pass 2:
      * no match (guest)
  - new:
    - pass 1:
      * peer 1 if from port 5060
      * peer 5 if registered and source port matches
    - pass 2:
      * peer 1

5 - incoming TCP request from 1.1.1.2
  - previous (indeterminate, depends on ordering):
    - pass 1:
      * peer4; or
      * peer5 if peer5 registered from 1.1.1.2
    - pass 2: cannot happen since pass 1 will always find a peer.
  - current:
    - pass 1:
      * peer4 if source port is 5060
      * peer5 if peer5 registered as 1.1.1.2 and source port matches
    - pass 2:
      * no match (guest).
  - new:
    - pass 1:
      * peer4 if source port is 5060
      * peer5 if peer5 registered as 1.1.1.2 and source port matches
    - pass 2:
      * peer4

6 - incoming TCP request from anywhere else:
  - previous:
    - pass 1:
      * peer5 if registered from that address
    - pass 2: cannot happen since pass 1 will always find a peer.
  - current:
    - pass 1:
      * peer5 if registered from that address and port matches.
    - pass 2:
      * no match (guest)
  - new: as per current.

It should be noted the test cases don't make explicit mention of TLS, WS
or WSS.  WS and WSS previously followed UDP semantics, they will now
enforce source port matching.  TLS follow TCP semantics.

The previous commit specifically tried to address test-case 6, but broke
test-cases 4 and 5 in the process.

ASTERISK-27881 #close

Change-Id: I61a9804e4feba9c7224c481f7a10bf7eb7c7f2a2

If asterisk offer an endpoint with SRTP and that endpoint respond
with non srtp, in that case channel(rtp,secure,audio) reply wrong
status.

Why delete flag AST_SRTP_CRYPTO_OFFER_OK while check identical remote_key:
Currently this flag has being set redundantly. In either case identical
or different remote_key this flag has being set. So if we
don't set it while we receive identical remote_key or non SRTP SDP
response then we can take decision of srtp use by using that flag.

ASTERISK-27999

Change-Id: I29dc2843cf4e5ae2604301cb4ff258f1822dc2d7

Changing any Menuselect option in the `Compiler Flags` section causes a
full rebuild of the Asterisk source tree.  Every enabled option causes
a #define to be added to buildopts.h, thus breaking ccache caching for
every source file that includes "asterisk.h".  In most cases each option
only applies to one or two files.  Now we only define those options for
the specific sources which use them, this causes much better cache
matching when working with multiple builds.  For example testing code
with an without MALLOC_DEBUG will now use just over half the ccache
size, only main/astmm.o will have two builds cached instead of every
file.

Reorder main/Makefile so _ASTCFLAGS set on specific object files are all
together, sorted by filename.  Stop adding -DMALLOC_DEBUG to CFLAGS of
bundled pjproject, this define is no longer used by any header so only
serves to break cache.

The only code change is a slight adjustment to how main/astmm.c is
initialized.  Initialization functions always exist so main/asterisk.c
can call them unconditionally.  Additionally rename the astmm
initialization functions so they are not exported.

Change-Id: Ie2085237a964f6e1e6fff55ed046e2afff83c027

I have removed the STATIC_BUILD option immediately as it has not
been maintained in many years and is non-functional.

ASTERISK-27965

Change-Id: I64783d017b86dba9ee3c7bcfb97e59889a3f76d7

M_READ existed already and was conflicting in name.

Change-Id: I02108e07ae7d2dc314fe1e6c706c17731095a3e4

Change-Id: I34c3b1201b1de539945bcfdcb264fff30332d48c

The iax2 module is not handling timeout and EINTR case properly. Mainly when
there is an interupt to the kernel thread. In case of ast_io_wait recieves a
signal, or timeout it can be an error or return 0 which eventually escapes the
thread loop, so that it cant recieve any data. This then causes the modules
receive queue to build up on the kernel and stop any communications via iax in
asterisk.

The proposed patch is for the iax module, so that timeout and EINTR does not
exit the thread.

ASTERISK-27705
Reported-by: Kirsty Tyerman

Change-Id: Ib4c32562f69335869adc1783608e940c3535fbfb

ASTERISK-27908

Change-Id: Iac49d9f82faeb8a4611c6805906bd6d650b1b1d8

chan_pjsip wasn't registering for "BEFORE_MEDIA" responses which meant
it was not updating HANGUPCAUSE for 4XX responses.  If the remote end
sent a "180 Ringing", then a "486 Busy", the hangup cause was left at
"180 Normal Clearing".

* Removed chan_pjsip_incoming_response from the original session
  supplement (which was handling only "AFTER MEDIA") and added it to a
  new session supplement which accepts both "BEFORE_MEDIA" and
  "AFTER_MEDIA".

* Also cleaned up some cleanup code in load module.

ASTERISK-27902

Change-Id: If9b860541887aca8ac2c9f2ed51ceb0550fb007a

This function originally was used in chan_sip to enable some simplifying
assumptions and eventually was copy and pasted into res_pjsip_logger and
res_hep.  Since it's replicated in three places, it's probably best to
move it into the public netsock2 API for these modules to use.

Change-Id: Id52e23be885601c51d70259f62de1a5e59d38d04

This fixes build warnings found by GCC 8.  In some cases format
truncation is intentional so the warning is just suppressed.

ASTERISK-27824 #close

Change-Id: I724f146cbddba8b86619d4c4a9931ee877995c84