The SuccessfulAuth using_password field was declared as a pointer to a
uint32_t when the field was later read as a uint32_t value.  This resulted
in unnecessary casts and a non-portable field value reinterpret in
main/security_events.c:add_json_object().  i.e., It would work on a 32 bit
architecture but not on a 64 bit big endian architecture.

Change-Id: Ia08bc797613a62f07e5473425f9ccd8d77c80935

This change makes the presence of the GMIME_MAJOR_VERSION
definition optional, as not all versions of gmime actually
define it.

ASTERISK-27454

Change-Id: I01d99590045971ed6787899147170a5954077238

The patch for ASTERISK_24560 inverted a test checking if the bridge name
is being updated to a different name.

* Fix the test to return "Changing bridge name is not implemented" when
someone attempts to change the bridge name.

ASTERISK-27445

Change-Id: I4b70bf08b0e02e016108b077ff75b345dec12fc9

Previously, Asterisk sent srflx only when configured exclusively for IPv4. Now,
srflx is gathered and sent via SDP, even when Asterisk is enabled for
Dual Stack (IPv4+IPv6) and an IPv4 interface is available/used.

ASTERISK-27437

Change-Id: Ie07d8e2bfa7b6fe06fcdc73d390a7a9a4d8c0bc1

res_parking had an inplicit load_pri of 0 meaning it was one of the very
first modules loaded after modules with global symbols.  Set it to
AST_MODPRI_DEVSTATE_PROVIDER as it provides device state for parking
lots.

Change-Id: I297b6fb3ff6993ec004e667b22a74f5925906259

res_mwi_external_ami specified AST_MODFLAG_LOAD_ORDER but didn't set
load_pri, resulting in an actual load priority of 0.  This module only
provides AMI actions so it has no reason to load early.

Change-Id: I82987fcf10d3ea42716b2f9df915b16687fd5839

Instead of specifying AST_MODFLAG_LOAD_ORDER with load_pri
AST_MODPRI_DEFAULT just use AST_MODFLAG_DEFAULT.

Change-Id: I0123258eafce324249433a69df15a85cc16e509f

Mac doesn't like the comparison of -1 to an enum, so store the result of
ast_sip_str_to_dtmf to an int so we can check for the negative return
value.  ast_sip_str_to_dtmf returns an int so this is only delaying the
implicit type cast.

Change-Id: I0c262c1719ee951aae1f437d733a301cf5f8ad29

Some net-snmp builds do not provide the RONLY declare, only
NETSNMP_OLDAPI_RONLY.  Map RONLY to NETSNMP_OLDAPI_RONLY to get around
this error.

Change-Id: Ida5c7ad9406515825485c4d3b4a34fd6ad0da577

It's impossible for gwtimeout or fdtimeout to be less than 0 because
they are unsigned int's.  Remove checks and unreachable branches.

Change-Id: Ib2286960621e6ee245e40013c84986143302bc78

Some clients do not send rtp packets every ptime ms. This can lead to
situations in which the rtp source learning algorithm will never learn
the address of the client. This has been discovered on a Mac mini with
a pjsip based softphone after updating to Sierra: as soon as USB
headsets are involved, the softphone will send the second packet 30ms
after the first, the third 30ms after the second and the fourth 1ms
after the third. So in the old implmentation the rtp source learning
algorithm was repeatedly reset on the fourth packet.

The patch changes the algorithm in a way that doesn't take the arrival
time between two consecutive packets into account but the time between
the first and the last packet of a learning sequence.

The patch also fixes a second problem: when a user was using a wrong
value for the probation setting there was a LOG_WARNING output stating
that the value had been set to the default value instead. However
the code for setting the value back to defaults was missing.

ASTERISK-27421 #close

Change-Id: If778fe07678a6fd2041eaca7cd78267d0ef4fc6c

Domains themselves can be up to 255 characters long (per RFC 1035), so
our current buffer sizes are wholly inadequate for many use cases.

Change-Id: If3f30a68307f1365a1fe06bc4b854c62842c9292

We were not \0 terminating this string, so any attempt to print it would
in the best case show an empty string and in the worst case potentially
crash.

Change-Id: I63d96ef8f7516ac02a0f91e22dfa8acdc615042c

This improves performance for registrations assuming that
res_config_astdb is not in use.

Change-Id: I86f37aa9ef07a4fe63448cb881bbadd996834bb1

Previously for PJSIP the local address of WebSocket connections
was set to the remote address. For logging purposes this is
not particularly useful.

The WebSocket API has been extended to allow the local
address to be queried and this is used in PJSIP to set the
local address to the correct value.

The PJSIP HEP support has also been tweaked so that reliable
transports always use the local address on the transport
and do not try to (wrongly) guess. As they are connection
based it is impossible for the source to be anything else.

ASTERISK-26758
ASTERISK-27363

Change-Id: Icd305fd038ad755e2682ab2786e381f6bf29e8ca

Some consumers of the sorcery API use ast_sorcery_retrieve_by_regex
only so that they can anchor the potential match as a prefix and not
because they truly need regular expressions.

Rather than using regular expressions for simple prefix lookups, add
a new operation - ast_sorcery_retrieve_by_prefix - that does them.

Change-Id: I56f4e20ba1154bd52281f995c27a429a854f6a79

A previous commit made it so when an invite session transitioned into a
disconnected state destruction of the Asterisk pjsip session object was
postponed until either a transport error occurred or the event timer
expired. However, if a call was rejected (for instance a 488) before the
session was fully established the event timer may not have been initiated,
or it was canceled without triggering either of the session finalizing states
mentioned above.

Really the only time destruction of the session should be delayed is when a
BYE is being transacted. This is because it's possible in some cases for the
session to be disconnected, but the BYE is still transacting.

This patch makes it so the session object always gets released (no more
memory leak) when the pjsip session is in a disconnected state. Except when
the method is a BYE. Then it waits until a transport error occurs or an event
timeout.

ASTERISK-27345 #close

Reported by: Corey Farrell

Change-Id: I1e724737b758c20ac76d19d3611e3d2876ae10ed

Change-Id: I68ece0073ea79667ca41eb10405f516f1d30d482

Change-Id: I41e8d5183ace284095cc721f3b1fb32ade3f940f

* Pre-initialize cloned media state vectors to final size to ensure
  vector errors cannot happen later in the clone initialization.
* Release session_media on vector replace failure in
  ast_sip_session_media_state_add.
* Release clone and media_state in ast_sip_session_refresh if we fail to
  append to the stream topology, return an error.

Change-Id: Ib5ffc9b198683fa7e9bf166d74d30c1334c23acb

One of the patches for ASTERISK_27147 introduced a deadlock regression.
When the connection oriented transport shut down, the code attempted to
remove the associated contact.  However, that same transport had just
requested a registration that we hadn't responded to yet.  Depending
upon timing we could deadlock.

* Made send the REGISTER response after we completed processing the
request contacts and released the AOR lock to avoid the deadlock.

ASTERISK-27391

Change-Id: I89a90f87cb7a02facbafb44c75d8845f93417364

Free memory and return error if ast_stream_topology_set_stream fails.

Change-Id: I9f4dbf44bed627243d2f1dd8aea2eab6c38a028d

Change-Id: I81b2587427c6982aa3e2a3f9ad69cce8d316eb10

* res/stasis/app.c JSON passed to app_send needs to be released.
* res/stasis_message.c: objects leak if vector append fails.

Change-Id: I8dd5385b9f50a5cadf2b1d16efecffd6ddb4db4a

Change-Id: I74688038e7afe3a279359cce53aadb28ade51ead

Asterisk will crash if contact uri is invalid, so contact_apply_handler
should check if the uri is NULL or empty.

ASTERISK-27393 #close
Reported-by: Aaron An
Tested-by: AaronAn

Change-Id: Ia0309bdc6b697c73c9c736e1caec910b77ca69f5

Change-Id: I774b88b3c9da41edd4dc8d78f095481f52f2bd46

Release reference to publisher if we fail to add it to the vector.

Change-Id: I64dff3f481b67b9884f37cadba7a5ccf23d084f3

wizard_apply_handler():
- Free host if we fail to add it to the vector.

wizard_mapped_observer():
- Check for otw allocation failure.
- Free otw if we fail to add it to the vector.

Change-Id: Ib5d3bcabbd9c24dd8a3c9cc692a794a5f60243ad

Free resources and return error if we fail to append the vector in
stasis_app_control_play_uri.

Change-Id: I22c4a90dd859b253f2850c6511de48b25609422b

Change-Id: Ib0fc7a18f3135ca8990c3984c9e15f6d26e556e8

Change-Id: I076c7bd207c7989a23005395ce1735392657be65

When stasis_app_message_handler needs to queue a message for a later
connection it needs to bump the message reference so it doesn't get
freed when the caller releases it's reference.

Change-Id: I82696df8fe723b3365c15c3f7089501da8daa892

This change makes it so that any user of the pubsub
API that requests the remote URI receives only the URI.
Previously the entire string was returned, which could
contain a display name.

ASTERISK-27290

Change-Id: If1d0cd6630f0a264856d31d2a67933109187a017

* Eliminate RAII_VAR()
* Short circuit application name lookup if global debug enabled.

Change-Id: I5f78b7bd6ca7fd2c3b07cbbe036c6a93b4681123

When (v)asprintf() fails, the state of the allocated buffer is undefined.
The library had better not leave an allocated buffer as a result or no one
will know to free it.  The most likely way it can return failure is for an
allocation failure.  If the printf conversion fails then you actually have
a threading problem which is much worse because another thread modified
the parameter values.

* Made __ast_asprintf()/__ast_vasprintf() set the returned buffer to NULL
on failure.  That is much more useful than either an uninitialized pointer
or a pointer that has already been freed.  Many uses won't have to check
for failure to ensure that the buffer won't be double freed or prevent an
attempt to free an uninitialized pointer.

* stasis.c: Fixed memory leak in multi_object_blob_to_ami() allocated by
ast_asprintf().

* ari/resource_bridges.c:ari_bridges_play_helper(): Remove assignment to
the wrong thing which is now not needed even if assigning to the right
thing.

Change-Id: Ib5252fb8850ecf0f78ed0ee2ca0796bda7e91c23

When using realtime, fields that are not explicitly set by an
administrator are still presented to sorcery as empty strings. Handle
this case explicitly.

In this particular case, if any of these fields are required for TLS
support, their existence should be validated in the 'apply' handler once
we have a complete transport definition.

ASTERISK-27032 #close
Reported by: seanchann.zhou

Change-Id: Ie3b5fb421977ccdb33e415d4ec52c3fd192601b7

This mimics the behavior of Chrome and Firefox and creates an ephemeral
X.509 certificate for each DTLS session.

Currently, the only supported key type is ECDSA because of its faster
generation time, but other key types can be added in the future as
necessary.

ASTERISK-27395

Change-Id: I5122e5f4b83c6320cc17407a187fcf491daf30b4

Change-Id: Id569c624c426e3b22a99936473c730592d8b83fb

* Eliminate RAII_VAR()
* Replace looped alloca with a char[] since that is how it is used anyway.

Change-Id: Ia27e64a884afa0f50b9ffdb1cf23da6bfa51ffdf