For RTCP to work, we update the ssrc to be the one corresponding to
the native bridge while active.  However when the bridge ends we
should generate a new SSRC as the sequence numbers will not continue
from the native bridge left off.

ASTERISK-29300 #close

Change-Id: I23334b6934d2bf6490bda4bbf6414d96b8d17d10

Some sorcery objects actually contain dynamic content
that can change despite the underlying configuration
itself not changing. A good example of this is the
res_pjsip_endpoint_identifier_ip module which allows
specifying hostnames. While the configuration may not
change between reloads the DNS information of the
hostnames can.

This change adds the ability for a sorcery object to be
marked as having dynamic contents which is then taken
into account when reloading by the sorcery file based
config module. If there is an object with dynamic content
then a reload will be forced while if there are none
then the existing behavior of not reloading occurs.

ASTERISK-29321

Change-Id: I9342dc55be46cc00204533c266a68d972760a0b1

Although the dlg session count was incremented in a pjsip servant
thread, there's no guarantee that the last thread to unref this
progress object was one.  Before we decrement, we need to make
sure that this is either a servant thread or that we push the
decrement to a serializer that is one.

Because pjsip_dlg_dec_session requires the dialog lock, we don't
want to wait on the task to complete if we had to push it to a
serializer.

Change-Id: I8ff2d5d94be3ff04298394070434e22a7d3cbc41

When registering it can be useful to see the source IP address and
port in cases where multiple devices are using the same endpoint
or when anonymous is in use.

ASTERISK-29325

Change-Id: Ie178a6f55f53f8473035854c411bc3d056e0a2e0

ASTERISK-29326

Change-Id: Ia95dbfb66e2d11ac4d1228444283bb2e4d77396a

When Asterisk sends a reinvite negotiating T38 faxing, it's possible a
crash can occur if the response contains a m=image and zero port. The
reinvite callback code now checks session_media to see if it is null or
not before trying to access the udptl variable on it.

ASTERISK-29305

Change-Id: I1dfc51c5fa586e38579ede4bc228edee213ccaa9

Fixed:
* RFC 4629 does not allow the value "0" for MPI, K, and N.
* Allow value "0" for PAR.
* BPP is printed only when specified because "0" has a meaning.

New:
* Added CPCF and MaxBR.
* Some implementations provide CIF without MPI: a=fmtp:xx CIF;F=1
  Although a violation of RFC 3555 section 3, we can support that.

Changed:
* Resorts the CIFs from large to small which partly fixes ASTERISK~29267.

Change-Id: I95a650c715007b8dde11a77cb37d9c6c123a441e

When sending a SIP response to an incoming REGISTER request
we don't want to change the Contact header as it will
contain the Contacts registered to the AOR and not our own
Contact URI.

ASTERISK-29235

Change-Id: I35a0723545281dd01fcd5cae497baab58720478c

A frame suppression API exists as part of channels
which allows audio frames to or from a channel to
be dropped. The MuteAudio AMI action uses this
API to perform its job.

This API uses a framehook to intercept flowing
audio and drop it when appropriate. It is the
responsibility of the framehook to free the
frame it is given if it changes the frame. The
suppression API failed to do this resulting in
a leak of audio frames.

This change adds the freeing of these frames.

ASTERISK-29071

Change-Id: Ie50acd454d672d36af914050c327d2e120d8ba7b

This change will check is the remote ICE session got reset or not by
checking the offered ufrag and password with session. If the remote ICE
reset session then Asterisk reset its local ufrag and password to reject
binding request with Old ufrag and Password.

ASTERISK-29266

Change-Id: I9c55e79a7af98a8fbb497d336b828ba41bc34eeb

ASTERISK-29105

Change-Id: If1615fe7115fe544ef974b044d3cea5c48b94a38

Implemented the english way of saying the year in ast_say_date_with_format_nl.
Currently the numbers are spoken correctly until 2020 and stopped working
this year.

ASTERISK-29297 #close
Reported-by: Jacek Konieczny

Change-Id: If5918eed5ab05df31df4dd23f08a909a60f6aba4

If set_outbound_initial_authentication_credentials() fails,
handle_client_registration() bails early without creating or
sending a register message.

[set_outbound_initial_authentication_credentials() failures
can occur during the process of retrieving an oauth access
token.]

The return from handle_client_registration is ignored, so
returning an error doesn't do any good.

This is a real problem when the registration request is a
re-register, because then the registration will still be
marked 'active' despite the re-register never being sent at all.

So instead, log a warning but let the registration be created
and sent (and probably fail) and follow the normal registration
failed retry/abort logic.

ASTERISK-29315 #close

Change-Id: I2e03b1ea7fba1fa1a8279086aa4b17679e7fa7fa

If the remote Station ID contains invalid UTF-8 characters
the asterisk fails to publish the Stasis and ReceiveFax status messages.

json.c: Error building JSON from '{s: s, s: s}': Invalid UTF-8 string.
0: /usr/sbin/asterisk(ast_json_vpack+0x98) [0x4f3f28]
1: /usr/sbin/asterisk(ast_json_pack+0x8c) [0x4f3fcc]
2: /usr/sbin/asterisk(ast_channel_publish_varset+0x2b) [0x57aa0b]
3: /usr/sbin/asterisk(pbx_builtin_setvar_helper+0x121) [0x530641]
4: /usr/lib64/asterisk/modules/res_fax.so(+0x44fe) [0x7f27f4bff4fe]
...
stasis_channels.c: Error creating message

json.c: Error building JSON from '{s: s, s: s, s: s, s: s, s: s, s: s, s: o}': Invalid UTF-8 string.
0: /usr/sbin/asterisk(ast_json_vpack+0x98) [0x4f3f28]
1: /usr/sbin/asterisk(ast_json_pack+0x8c) [0x4f3fcc]
2: /usr/lib64/asterisk/modules/res_fax.so(+0x5acd) [0x7f27f4c00acd]
...
res_fax.c: Error publishing ReceiveFax status message

This patch replaces the invalid UTF-8 Station IDs with an empty string.

ASTERISK-29312 #close

Change-Id: Ieb00b6ecf67db3bfca787649caa8517f29d987db

ASTERISK-16799 #close

Change-Id: I40367b0d6dbf66a39721bde060c8b2d734a61cf4

Although refer_progress_notify() always runs in the progress
serializer, the pjproject evsub module itself can cause the
subscription to be destroyed which then triggers
refer_progress_on_evsub_state() to clean it up.  In this case,
it's possible that refer_progress_notify() could get the
subscription pulled out from under it while it's trying to use
it.

At one point we tried to have refer_progress_on_evsub_state()
push the cleanup to the serializer and wait for its return before
returning to pjproject but since pjproject calls its state
callbacks with the dialog locked, this required us to unlock the
dialog while waiting for the serialized cleanup, then lock it
again before returning to pjproject. There were also still some
cases where other callers of refer_progress_notify() weren't
using the serializer and crashes were resulting.

Although all callers of refer_progress_notify() now use the
progress serializer, we decided to simplify the locking so we
didn't have to unlock and relock the dialog in
refer_progress_on_evsub_state().

Now, refer_progress_notify() holds the dialog lock for its
duration and since pjproject also holds the dialog lock while
calling refer_progress_on_evsub_state() (which does the cleanup),
there should be no more chances for the subscription to be
cleaned up while still being used to send NOTIFYs.

To be extra safe, we also now increment the session count on
the dialog when we create a progress object and decrement
the count when the progress is destroyed.

ASTERISK-29313

Change-Id: I97a8bb01771a3c85345649b8124507f7622a8480

For some RTCP packet types the report count is actually the packet's subtype.
This was not being reflected in the packet debug output.

This patch makes it so for some RTCP packet types a "Packet Subtype" is
now output in the debug replacing the "Reception reports" (i.e count).

Change-Id: Id4f4b77bb37077a4c4f039abd6a069287bfefcb8

When PJSIP receives a re-INVITE without an SDP offer the INVITE
session library will first call the on_create_offer callback and
if unavailable then use the active negotiated SDP as the offer.

In some cases this would result in a different SDP then was
previously used without an incremented SDP version number. The two
known cases are:

1. Sending an initial INVITE with a set of codecs and having the
remote side answer with a subset. The active negotiated SDP would
have the pruned list but would not have an incremented SDP version
number.

2. Using re-INVITE for unhold. We would modify the active negotiated
SDP but would not increment the SDP version.

To solve these, and potential other unknown cases, the on_create_offer
callback has now been implemented which produces a fresh offer with
incremented SDP version number. This better fits within the model
provided by the INVITE session library.

ASTERISK-28452

Change-Id: I2d81048d54edcb80fe38fdbb954a86f0a58281a1

Also improve the in-process documentation to clarify that the value is
initialised from the DSN and not default false, but that the DSN's value
is default false if unset.

ASTERISK-29311 #close

Change-Id: I46e2379f7b0656034442bce77cb37ccd4e61098d
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

Removes an unnecessary check for the conditional that compares the
stream topologies to see if they are equal to suppress re-invites. This
was a problem when a Digium phone received an INVITE that offered codecs
different than what it supported, causing Asterisk to send the
re-invite.

ASTERISK-29303

Change-Id: I04dc91befb2387904e28a9aaeaa3bcdbcaa7fa63

Added a SELECT 'LIMIT' clause to realtime_pgsql() and refactored the function.

ASTERISK-29293 #close

Change-Id: If5a6d4b1072ea2e6e89059b21139d554a74b34f5

Queue members using dialplan hints as a state interface must handle
INUSE+RINGING hint as RINGINUSE devstate, and INUSE + ONHOLD as INUSE.

ASTERISK-28369

Change-Id: I127e06943d4b4f1afc518f9e396de77449992b9f

This partially reverts commit 3d1bf3c5,
specifically for app.h.

This works with both gcc 9.3.0 and 10.2.0 now, both for C and C++ (as
tested with external modules).

ASTERISK-29287

Change-Id: I5b9f02a9b290675682a1d13f1788fdda597c9fca
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

Instead of looking for pass-through formats in the list of transcodable
formats (which is going to find nothing), go through the result which
is going to be the jointcaps of the tech_pvt of the channel. Finally,
only with that list, ast_format_cap_remove(.) is going to succeed.

This restores the behaviour of Asterisk 1.8. However, it does not fix
ASTERISK_29282 because that issue report is about chan_sip and PJSIP.
Here, only chan_sip is fixed because PJSIP does not even call
ast_rtp_instance_available_formats -> ast_translate_available_format.

Change-Id: Icade2366ac2b82935b95a9981678c987da2e8c34

minargs enables enforcing of minimum count of arguments to pass to
func_odbc, so if you're unconditionally using ARG1 through ARG4 then
this should be set to 4.  func_odbc will generate an error in this case,
so for example

[FOO]
minargs = 4

and ODBC_FOO(a,b,c) in dialplan will now error out instead of using a
potentially leaked ARG4 from Gosub().

ARGC is needed if you're using optional argument, to verify whether or
not an argument has been passed, else it's possible to use a leaked ARGn
from Gosub (app_stack).  So now you can safely do
${IF($[${ARGC}>3]?${ARGV}:default value)} kind of thing.

Change-Id: I6ca0b137d90b03f6aa9c496991f6cbf1518f6c24
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

ASTERISK-29244

Change-Id: I1862d58264c2c8b5d8983272cb29734b184d67c5

When an endpoint requests to re-negotiate for fax and the incoming
re-invite is received prior to Asterisk sending out the 200 OK for
the initial invite the re-invite gets delayed. When Asterisk does
finally send the re-inivite the SDP includes streams for both audio
and T.38.

This happens because when the pending topology and active topologies
differ (pending stream is not in the active) in the delayed scenario
the pending stream is appended to the active topology. However, in
the fax case the pending stream should replace the active.

This patch makes it so when a delay occurs during fax negotiation,
to or from, the audio stream is replaced by the T.38 stream, or vice
versa instead of being appended.

Further when Asterisk sent the re-invite with both audio and T.38,
and the endpoint responded with a declined T.38 stream then Asterisk
would crash when attempting to change the T.38 state.

This patch also puts in a check that ensures the media state has a
valid fax session (associated udptl object) before changing the
T.38 state internally.

ASTERISK-29203 #close

Change-Id: I407f4fa58651255b6a9030d34fd6578cf65ccf09

Add option "srtpreplayprotection" rtp.conf to enable srtp
replay protection.

ASTERISK-29260
Reported by: Alexander Traud

Change-Id: I5cd346e3c6b6812039d1901aa4b7be688173b458

New responses sent within a PJSIP sessions are based on those that were
sent before. Therefore, adding/modifying a header once causes it to be
sent on all responses that follow.

Sending 181 Call Is Being Forwarded many times first adds "histinfo"
duplicated more and more, and eventually overflows past the array
boundary.

This commit adds a check preventing adding "histinfo" more than once,
and skipping it if there is no more space in the header.

Similar overflow situations can also occur in res_pjsip_path and
res_pjsip_outbound_registration so those were also modified to
check the bounds and suppress duplicate Supported values.

ASTERISK-29227
Reported by: Ivan Poddubny

Change-Id: Id43704a1f1a0293e35cc7f844026f0b04f2ac322

ASTERISK-29205 #close

Change-Id: Ib7aa65644e8df76e2378d7613ee7cf751b9d0bea

If a remote side is broken and sends an SDP that can not be
negotiated the call will be torn down but there is a window
where a second 183 Session Progress or 200 OK that is forked
can be received that also attempts to negotiate SDP. Since
the code marked the SDP negotiation as being done and complete
prior to this it assumes that there is an active local and remote
SDP which it can modify, while in fact there is not as the SDP
did not successfully negotiate. Since there is no local or remote
SDP a crash occurs.

This patch changes the pjmedia_sdp_neg_modify_local_offer2
function to no longer assume that a previous SDP negotiation
was successful.

ASTERISK-29196

Change-Id: I22de45916d3b05fdc2a67da92b3a38271ee5949e

refer_progress_notify wasn't always being called from the progress
serializer.  This could allow clearing notification->progress->sub
in one thread while another was trying to use it.

* Instances where refer_progress_notify was being called in-line,
  have been changed to use ast_sip_push_task().

Change-Id: Idcf1934c4e873f2c82e2d106f8d9f040caf9fa1e

After some changes to streams and topologies, receiving fax through
local channels stopped working. This change adds a stream topology with
a stream of type IMAGE to the local channel pair and allows fax to be
received.

ASTERISK-29035 #close

Change-Id: Id103cc5c9295295d8e68d5628e76220f8f17e9fb

Provided a support of a MIME-type for wav16. Added new MIME-type
for classic wav.

ASTERISK-29275 #close

Change-Id: I749bda287ba1ab20c1e0af5e4c0153817d47873b

Two previous commits, 620d9f47 and 6d980de2, allow to set up a call
without audio, again. That was introduced originally with commit f04d5fb8
but changed and broke over time. The original commit missed one
scenario: A [peer] section in sip.conf, which does not allow audio at
all. In that case, chan_sip rejected the call, although even when the
requester offered no audio. Now, chan_sip does not check whether there
is no audio format but checks whether there is no format in general. In
other words, if there is at least one format to offer, the call succeeds.

However, to prevent calls with no-audio, chan_sip still rejects calls
when both call parties (caller = requester of the call *and* callee =
[peer] section in sip.conf) included audio. In such a case, it is
expected that the call should have audio.

ASTERISK-29280

Change-Id: I0fb74faf51ef22a60c10b467df6a4d1c1943b73e

If there's no secret specified for an iax2 peer and there's no secret
specified in the dial string, Asterisk will crash if the auth method
requested by the peer is MD5 or plaintext.  You also couldn't specify
a default auth method in the [general] section of iax.conf so if you
don't have static peers defined and just use the dial string, Asterisk
will still crash even if you have a secret specified in the dial string.

* Added logic to iax2_call() and authenticate_reply() to print
  a warning and hanhup the call if encryption is requested and
  there's no secret or auth method.  This prevents the crash.

* Added the ability to specify a default "auth" in the [general]
  section of iax.conf.

ASTERISK-29624
Reported by: N A

Change-Id: I5928e16137581f7d383fcc7fa04ad96c919e6254

Change-Id: I350939f2220f9e5d44ddf4c8d9a4c99fde4d169a

The previous commit 6d980de2 fixed this issue in the core of Asterisk.
With that, each channel technology can be used without audio
theoretically. Practically, the channel-technology driver chan_sip
turned out to have an invalid check preventing that. chan_sip tested
whether there is at least one audio format. However, chan_sip has to
test whether there is at least one format. More cannot be tested while
requesting chan_sip because only the [general] capabilities but not the
[peer] caps are known yet. And the [peer] caps might not be a subset or
show any intersection with the [general] caps. This change here fixes
this.

The original commit f04d5fb8, thirteen years ago, contained a software
bug as it passed ANY audio capability to the channel-technology driver.
Instead, it should have passed NO audio format. Therefore, this
addressed issue here was not noticed in Asterisk 1.6.x and Asterisk 1.8.
Then, Asterisk 10 changed that from ANY to NO, but nobody reported since
then.

ASTERISK-29265

Change-Id: Ic16a3bf13cd1b5c4fc4041ed74961177d96b600f

When a Transfer/REFER is executed, TRANSFERSTATUSPROTOCOL variable is
0 when no protocl specific error
SIP example of failure, 3xx-6xx for the SIP error code received

This allows applications to perform actions based on the failure
reason.

ASTERISK-29252 #close
Reported-by: Dan Cropp

Change-Id: Ia6a94784b4925628af122409cdd733c9f29abfc4

ASTERISK-29259

Change-Id: Ib6a6550e0e08355745d66da8e60ef49e81f9c6c5