When networks experience disruptions, there can be large gaps of time
between receiving packets. When strictrtp is enabled, this created
issues where a flood of packets could come in and be seen as an attack.
Another option - seqno - has been added to the strictrtp option that
ignores the time interval and goes strictly by sequence number for
validity.

Change-Id: I8a42b8d193673899c8fc22fe7f98ea87df89be71

app_voicemail was using the stasis cache to build and maintain a
list of mailboxes that had subscribers.  It then used this list
to determine if a mailbox should be polled for new messages if
polling was enabled.  For this to work, stasis had to cache every
subscription and unsubscription to the mailbox which caused a lot of
overhead, both cpu and memory related.

Since polling is only required when changes are being made to
mailboxes outside of app_voicemail and since the number of mailboxes
that don't have any subscribers is likely to be very low, all
mailboxes are now polled instead of just the ones with subscribers.

This paves the way for disabling the caching of stasis subscription
change messages.

Also fixed cleanup in some of the unit tests that not only left
test users in the users list but also caused segfaults if the tests
were run more than once.

ASTERISK-27121

Change-Id: I5cceb737246949f9782955c64425b8bd25a9e9ee

Change disables loading of res_hep.so in default installation.  Loading
res_hep has a performance impact whether it's used or not.  This disables
loading of it in sample config files.

Change-Id: I5ec150cf941634fabc72973e5bf1a965cb0ef9d0

Change-Id: I33d0ad0611c2124ca3440f0f811fa0f45e4e2849

It is valid for a config file to be empty or contain only comments, but
not valid for a config value to be set when no uncommented context
exists.  This caused an error to be loged numerous times during start
when loading the default pjsip.conf.

Change-Id: Icf3b0d69b4ecb6e935eecd43c99ed8b32a5a1cf6

Remove the note that SRV records are not supported as that is no longer
true.

ASTERISK-27993

Change-Id: Id0dd6ef40e52702be9727a2b6122216cb00bb4ca

Change-Id: I5394fdff6a296efc8e1695a156e616acd932ae52

A new option 'suppress_q850_reason_headers' has been added to the
endpoint object. Some devices can't accept multiple Reason headers and
get confused when both 'SIP' and 'Q.850' Reason headers are received.
This option allows the 'Q.850' Reason header to be suppressed.
The default value is 'no'.

ASTERISK-27949
Reported-by: Ross Beer

Change-Id: I54cf37a827d77de2079256bb3de7e90fa5e1deb1

The Websocket transport uses the built-in HTTP server. As a result
the TLS configuration is done in http.conf and not in pjsip.conf.

This change adds a warning if this is configured in pjsip.conf and
also clarifies in the sample configuration file.

Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9

pjproject by default currently will follow media forked during an INVITE
on outbound calls if the To tag is different on a subsequent response as
that on an earlier response.  We handle this correctly.  There have
been reported cases where the To tag is the same but we still need to
follow the media.  The pjproject patch in this commit adds the
capability to sip_inv and also adds the capability to control it at
runtime.  The original "different tag" behavior was always controllable
at runtime but we never did anything with it and left it to default to
TRUE.

So, along with the pjproject patch, this commit adds options to both the
system and endpoint objects to control the two behaviors, and a small
logic change to session_inv_on_media_update in res_pjsip_session to
control the behavior at the endpoint level.

The default behavior for "different tags" remains the same at TRUE and
the default for "same tag" is FALSE.

Change-Id: I64d071942b79adb2f0a4e13137389b19404fe3d6
ASTERISK-27936
Reported-by: Ross Beer

ConfBridge can now send events to participants via in-dialog MESSAGEs.
All current Confbridge events are supported, such as ConfbridgeJoin,
ConfbridgeLeave, etc.  In addition to those events, a new event
ConfbridgeWelcome has been added that will send a list of all
current participants to a new participant.

For all but the ConfbridgeWelcome event, the JSON message contains
information about the bridge, such as its id and name, and information
about the channel that triggered the event such as channel name,
callerid info, mute status, and the MSID labels for their audio and
video tracks. You can use the labels to correlate callerid and mute
status to specific video elements in a webrtc client.

To control this behavior, the following options have been added to
confbridge.conf:

bridge_profile/enable_events:  This must be enabled on any bridge where
events are desired.

user_profile/send_events:  This must be set for a user profile to send
events.  Different user profiles connected to the same bridge can have
different settings.  This allows admins to get events but not normal
users for instance.

user_profile/echo_events:  In some cases, you might not want the user
triggering the event to get the event sent back to them.  To prevent it,
set this to false.

A change was also made to res_pjsip_sdp_rtp to save the generated msid
to the stream so it can be re-used.  This allows participant A's video
stream to appear as the same label to all other participants.

Change-Id: I26420aa9f101f0b2387dc9e2fd10733197f1318e

The OUTPUTDIR variable in ast_debug_tools.conf.sample is now set
to "/tmp" instead of "/some/directory".

Variables set on the command line or that are already in the
environment now take predecence over variables set in the config files.

ASTERISK-27846
Reported by: Ted G

Change-Id: Ie8baec52d531886bf5849ec1d59bb59dc87ad387

Analog phones dial overlap dialing and it is chan_dahdi's job to read the
numbers.  It has three timeout constants that this commit converts to
channel-level configuration options:

* firstdigit_timeout: Default time (ms) to detect first digit

* interdigit_timeout: Default time (ms) to detect following digits

* matchdigit_timeout: Default time (ms) to wait in case of ambiguous
match.  This happens when the dialed digits match a number in the current
context but are also the prefix of another number.

Change-Id: Ib728fa900a4f6ae56d1ed810aba61b6593fb7213

This change adds the ability for multiple REMB reports in
bridge_softmix to be combined according to a configured
behavior into a single report. This single report is sent
back to the sender of video, which adjusts the encoding bitrate
to be at or below the bitrate of the report. The available
behaviors are: lowest, highest, and average. Lowest uses the
lowest received bitrate. Highest uses the highest received
bitrate. Average goes through the received bitrates adding
them to the previous average and creates a new average.

Other behaviors can be added in the future and the existing
average one may be adjusted, but this provides the foundation
to do so.

Support for configuring which behavior to use has been
added to app_confbridge.

ASTERISK-27804

Change-Id: I9eafe4e7c1f72d67074a8d6acb26bfcf19322b66

This change adds a configuration option to app_confbridge which can be
used to set the interval at which we will send a combined REMB (remote
estimated maximum bitrate) frame to sources of video. The bridging API
has also been extended slightly to allow setting this so bridge_softmix
can use it.

ASTERISK-27786

Change-Id: I0e49eae60f369c86434414f3cb8278709c793c82

If the two formats on a channel are equal, we don't transcode and since
the generic plc needs slin to work, it doesn't get invoked.

* A new configuration option "genericplc_on_equal_codecs" was added
  to the "plc" section of codecs.conf to allow generic packet loss
  concealment even if no transcoding was originally needed.
  Transcoding via SLIN is forced in this case.

ASTERISK-27743

Change-Id: I0577026a179dea34232e63123254b4e0508378f4

The pool cache gets in the way of finding use after free errors of memory
pool contents.  Tools like valgrind and MALLOC_DEBUG don't know when a
pool is released because it gets put into the cache instead of being
freed.

* Added the "cache_pools" option to pjproject.conf.  Disabling the option
helps track down pool content mismanagement when using valgrind or
MALLOC_DEBUG.  The cache gets in the way of determining if the pool
contents are used after free and who freed it.

To disable the pool caching simply disable the cache_pools option in
pjproject.conf and restart Asterisk.

Sample pjproject.conf setting:
[startup]
cache_pools=no

* Made current users of the caching pool factory initialization and
destruction calls call common routines to create and destroy cached pools.

ASTERISK-27704

Change-Id: I64d5befbaeed2532f93aa027a51eb52347d2b828

When a line is the maximum length "\n" is found at sizeof(buf) - 2 since
the last character is actually the null terminator.  In addition if a
line was exactly 8190 plus a multiple of 8192 characters long the config
parser would skip the following line.

Additionally fix comment in voicemail.conf sample config.  It previously
stated that emailbody can only contain up to 512 characters which is
always wrong.  The buffer is normally 8192 characters unless LOW_MEMORY
is enabled then it is 512 characters.  The updated comment states that
the line can be up to 8190 or 510 characters since the line feed and
NULL terminator each use a character.

ASTERISK-26688 #close

Change-Id: I80864a0d40d2e2d8cd79d72af52a8f0a3a99c015

The dsp_talking_threshold does not represent time in milliseconds.  It
represents the average magnitude per sample in the audio packets.  This is
what the DSP uses to determine if a packet is silence or talking/noise.

Change-Id: If6f939c100eb92a5ac6c21236559018eeaf58443

The sample modules.conf explicitly loaded res_musiconhold.so.  This is
redundent as autoload=yes is already set.  It causes warnings if
res_musiconhold.so was not installed and results in an unexpected load
if the admin disables autoload without remembering to remove the
res_musiconhold load statement.

Also remove reference to unknown module pbx_gtkconsole.

Change-Id: Ib01888994d9f1364b14d3c9fb6ff96774a6e580a

This patch adds the ability to configure a prompt which will be read
to the "winner" who pressed 1 (or the configured value) and received
the call.

ASTERISK-24372 #close

Change-Id: I6ec1c6c883347f7d1e1f597189544993c8d65272

The type=identify endpoint identification method can match by IP address
and by SIP header.  However, the SIP header matching has limited
usefulness because you cannot specify the SIP header matching priority
relative to the IP address matching.  All the matching happens at the same
priority and the order of evaluating the identify sections is
indeterminate.  e.g., If you had two type=identify sections where one
matches by IP address for endpoint alice and the other matches by SIP
header for endpoint bob then you couldn't predict which endpoint is
matched when a request comes in that matches both.

* Extract the SIP header matching criteria into its own "header" endpoint
identification method so the user can specify the relative priority of the
SIP header and the IP address matching criteria in the global
endpoint_identifier_order option.  The "ip" endpoint identification method
now only matches by IP address.

ASTERISK-27491

Change-Id: I9df142a575b7e1e3471b7cda5d3ea156cef08095

* Endpoint identify_by documentation.
* IP/Header endpoint identifier documentation.

Change-Id: Id92f00b495acca7be945daf749d2abd7f76a0b5a

Change-Id: I873c1c6d00f447269bd841494459efccdd2c19c0

This patch adds the ability to set the wrapuptime on the queue member
config.

When the option is set the wrapuptime on the queue member is used instead
of the queue's wrapuptime.

ASTERISK-27483 #close

Change-Id: I11c85809537f974eb44dc5bbf82bcedd8a458902

The mute/unmute sounds are only played when the
action is initiated using the DTMF menu.

ASTERISK-24756

Change-Id: I55b3dd5bc166096bf5e2f547ddd0ce355f36e3dc

We should not do flood detection on video RTP streams.  Video RTP streams
are very bursty by nature.  They send out a burst of packets to update the
video frame then wait for the next video frame update.  Really only audio
streams can be checked for flooding.  The others are either bursty or
don't have a set rate.

* Added code to selectively disable packet flood detection for video RTP
streams.

ASTERISK-27440

Change-Id: I78031491a6e75c2d4b1e9c2462dc498fe9880a70

This no longer appears to exist, so no sense in causing confusion.

ASTERISK-27175 #close
Reported by: Tzafrir Cohen

Change-Id: Idde967924c69f6a741dc9a5ab7dacb44d22cf100

With Asterisk 12 (commit 866d9681), the default of "icesupport" changed to
- "yes" in the module "res_rtp_asterisk" and
- "no" in the module "chan_sip".
The latter was reflected in the sample configuration file for "sip.conf". The
former did not make it into "rtp.conf.sample".

ASTERISK-20643

Change-Id: I2a2e0a900455d0767a99ea576e30adc6d7608a36

Change-Id: Id2899331fe05d1909a862ea879742879d086bc64

Beanstalkd is a simple to use job queue. It provides a means to
create multiple job queues called "tubes". Each tube can store
multiple jobs, with varying priorities with the queue. Queue
processing is available via a simple TCP socket or via well defined
libraries, avaialble at
https://github.com/kr/beanstalkd/wiki/client-libraries

This module is based upon the beanstalk-client library, available
for download at: https://github.com/deepfryed/beanstalk-client

This module currently doesn't support user defined events.

Change-Id: Ic3a087faeeac045d69a2a018e60e29831ddb95ab

The OUTPUTDIR environment variable can now be set either in the
environment itself or in ast_debug_tools.conf.  If set, it's used
for all work products instead of /tmp.

Also added the --tarball-config option that includes the contents
of /etc/asterisk when either --tarball-coredumps or --tarball-results
are used.

Change-Id: I66b2553319df61caea5b313d084f51978f730b4c

The media frame cache gets in the way of finding use after free errors of
media frames.  Tools like valgrind and MALLOC_DEBUG don't know when a
frame is released because it gets put into the cache instead of being
freed.

* Added the "cache_media_frames" option to asterisk.conf.  Disabling the
option helps track down media frame mismanagement when using valgrind or
MALLOC_DEBUG.  The cache gets in the way of determining if the frame is
used after free and who freed it.  NOTE: This option has no effect when
Asterisk is compiled with the LOW_MEMORY compile time option enabled
because the cache code does not exist.

To disable the media frame cache simply disable the cache_media_frames
option in asterisk.conf and restart Asterisk.

Sample asterisk.conf setting:
[options]
cache_media_frames=no

ASTERISK-27413

Change-Id: I0ab2ce0f4547cccf2eb214901835c2d951b78c00

This mimics the behavior of Chrome and Firefox and creates an ephemeral
X.509 certificate for each DTLS session.

Currently, the only supported key type is ECDSA because of its faster
generation time, but other key types can be added in the future as
necessary.

ASTERISK-27395

Change-Id: I5122e5f4b83c6320cc17407a187fcf491daf30b4

When the identify_by option on an endpoint is set to ip it will
only be identified using the res_pjsip_endpoint_identifier_ip module.
This ensures that it is not mistakenly matched using the username of
the From header. To ensure behavior has not changed the default has
been changed to "username,ip" for the identify_by option.

ASTERISK-27206

Change-Id: I2170b86a7f7e221b4f00bf14aa1ef1ac5b050bbd

Beanstalkd is a simple to use job queue. It provides a means to
create multiple job queues called "tubes". Each tube can store
multiple jobs, with varying priorities with the queue. Queue
processing is available via a simple TCP socket or via well defined
libraries, avaialble at
https://github.com/kr/beanstalkd/wiki/client-libraries

This module is based upon the beanstalk-client library, available
for download at: https://github.com/deepfryed/beanstalk-client

Change-Id: I5fe4089a34ab3b39230786d9bbfddafa56715f48

When "rewrite_contact" is enabled, the "max_contacts" count option can
block re-registrations because the source port from the endpoint can be
random.  When the re-registration is blocked, the endpoint may give up
re-registering and require manual intervention.

* The "remove_existing" option now allows a registration to succeed by
displacing any existing contacts that now exceed the "max_contacts" count.
Any removed contacts are the next to expire.  The behaviour change is
beneficial when "rewrite_contact" is enabled and "max_contacts" is greater
than one.  The removed contact is likely the old contact created by
"rewrite_contact" that the device is refreshing.

ASTERISK-27192

Change-Id: I64c107a10b70db1697d17136051ae6bf22b5314b

Change-Id: I65a5190b2732b2246d67472db70dd37db64ddad4

Incoming requests with non sip(s) URIs in the Request, To, From
or Contact URIs are now rejected with
PJSIP_SC_UNSUPPORTED_URI_SCHEME (416).  This is performed in
pjsip_message_filter (formerly pjsip_message_ip_updater) and is
done at pjproject's "TRANSPORT" layer before a request can even
reach the distributor.

URIs read by res_pjsip_outbound_publish from pjsip.conf are now
also checked for both length and sip(s) scheme.  Those URIs read
by outbound registration and aor were already being checked for
scheme but their error messages needed to be updated to include
scheme failure as well as length failure.

Change-Id: Ibb2f9f1d2dc7549da562af4cbd9156c44ffdd460

A new endpoint parameter "incoming_mwi_mailbox" allows Asterisk to
receive unsolicited MWI NOTIFY requests and make them available to
other modules via the stasis message bus.

res_pjsip_pubsub has a new handler "pubsub_on_rx_mwi_notify_request"
that parses a simple-message-summary body and, if
endpoint->incoming_mwi_account is set, calls ast_publish_mwi_state
with the voice-message counts from the message.

Change-Id: I08bae3d16e77af48fcccc2c936acce8fc0ef0f3c