Integrated STIR/SHAKEN support with outgoing INVITEs. When an INVITE is
sent, the caller ID will be checked to see if there is a certificate
that corresponds to it. If so, that information will be retrieved and an
Identity header will be added to the SIP message. The format is:

header.payload.signature;info=<public_key_url>alg=ES256;ppt=shaken

Header, payload, and signature are all BASE64 encoded. The public key
URL is retrieved from the certificate. Currently the algorithm and ppt
are ES256 and shaken, respectively. This message is signed and can be
used for verification on the receiving end.

Two new configuration options have been added to the certificate object:
attestation and origid. The attestation is required and must be A, B, or
C. origid is the origination identifier.

A new utility function has been added as well that takes a string,
allocates space, BASE64 encodes it, then returns it, eliminating the
need to calculate the size yourself.

Change-Id: I1f84d6a5839cb2ed152ef4255b380cfc2de662b4

What's wrong with ast_debug?

  ast_debug is fine for general purpose debug output but it's not
  really geared for scope tracing since it doesn't present its
  output in a way that makes capturing and analyzing flow through
  Asterisk easy.

How is scope tracing better?

  Scope tracing uses the same "cleanup" attribute that RAII_VAR
  uses to print messages to a separate "trace" log level.  Even
  better, the messages are indented and unindented based on a
  thread-local call depth counter.  When output to a separate log
  file, the output is uncluttered and easy to follow.

  Here's an example of the output. The leading timestamps and
  thread ids are removed and the output cut off at 68 columns for
  commit message restrictions but you get the idea.

--> res_pjsip_session.c:3680 handle_incoming PJSIP/1173-00000001
	--> res_pjsip_session.c:3661 handle_incoming_response PJSIP/1173
		--> res_pjsip_session.c:3669 handle_incoming_response PJSIP/
			--> chan_pjsip.c:3265 chan_pjsip_incoming_response_after
				--> chan_pjsip.c:3194 chan_pjsip_incoming_response P
					    chan_pjsip.c:3245 chan_pjsip_incoming_respon
				<-- chan_pjsip.c:3194 chan_pjsip_incoming_response P
			<-- chan_pjsip.c:3265 chan_pjsip_incoming_response_after
		<-- res_pjsip_session.c:3669 handle_incoming_response PJSIP/
	<-- res_pjsip_session.c:3661 handle_incoming_response PJSIP/1173
<-- res_pjsip_session.c:3680 handle_incoming PJSIP/1173-00000001

  The messages with the "-->" or "<--" were produced by including
  the following at the top of each function:

  SCOPE_TRACE(1, "%s\n", ast_sip_session_get_name(session));

  Scope isn't limited to functions any more than RAII_VAR is.  You
  can also see entry and exit from "if", "for", "while", etc blocks.

  There is also an ast_trace() macro that doesn't track entry or
  exit but simply outputs a message to the trace log using the
  current indent level.  The deepest message in the sample
  (chan_pjsip.c:3245) was used to indicate which "case" in a
  "select" was executed.

How do you use it?

  More documentation is available in logger.h but here's an overview:

  * Configure with --enable-dev-mode.  Like debug, scope tracing
    is #ifdef'd out if devmode isn't enabled.

  * Add a SCOPE_TRACE() call to the top of your function.

  * Set a logger channel in logger.conf to output the "trace" level.

  * Use the CLI (or cli.conf) to set a trace level similar to setting
    debug level... CLI> core set trace 2 res_pjsip.so

Summary Of Changes:

  * Added LOG_TRACE logger level.  Actually it occupies the slot
    formerly occupied by the now defunct "event" level.

  * Added core asterisk option "trace" similar to debug.  Includes
	ability to specify global trace level in asterisk.conf and CLI
	commands to turn on/off and set levels.  Levels can be set
	globally (probably not a good idea), or by module/source file.

  * Updated sample asterisk.conf and logger.conf.  Tracing is
    disabled by default in both.

  * Added __ast_trace() to logger.c which keeps track of the indent
    level using TLS. It's #ifdef'd out if devmode isn't enabled.

  * Added ast_trace() and SCOPE_TRACE() macros to logger.h.
    These are all #ifdef'd out if devmode isn't enabled.

Why not use gcc's -finstrument-functions capability?

  gcc's facility doesn't allow access to local data and doesn't
  operate on non-function scopes.

Known Issues:

  The only know issue is that we currently don't know the line
  number where the scope exited.  It's reported as the same place
  the scope was entered.  There's probably a way to get around it
  but it might involve looking at the stack and doing an 'addr2line'
  to get the line number.  Kind of like ast_backtrace() does.
  Not sure if it's worth it.

Change-Id: Ic5ebb859883f9c10a08c5630802de33500cad027

Adds the "STIR_SHAKEN" dialplan function and an API call to add a
STIR_SHAKEN verification result to a channel. This information will be
held in a datastore on the channel that can later be queried through the
"STIR_SHAKEN" dialplan funtion to get information on STIR_SHAKEN results
including identity, attestation, and verify_result. Here are some
examples:

STIR_SHAKEN(count)
STIR_SHAKEN(0, identity)
STIR_SHAKEN(1, attestation)
STIR_SHAKEN(2, verify_result)

Getting the count can be used to iterate through the results and pull
information by specifying the index and the field you want to retrieve.

Change-Id: Ice6d52a3a7d6e4607c9c35b28a1f7c25f5284a82

When in a conference bridge it may be necessary to have
text messages disabled for specific participants or for
all. This change adds a configuration option, "text_messaging",
which can be used to enable or disable this on the
user profile. By default existing behavior is preserved
as it defaults to "yes".

ASTERISK-28841

Change-Id: I30b5d9ae6f4803881d1ed9300590d405e392bc13

Based on this new endpoint setting, a joint list of preferred codecs
between those received from the Asterisk core (remote), and those
specified in the endpoint's "allow" parameter (local) is created and
is used to create the outgoing SDP offer.

* Add outgoing_call_offer_pref to pjsip_configuration (endpoint)

* Add "call_direction" to res_pjsip_session.

* Update pjsip_session_caps.c to make the functions more generic
  so they could be used for both incoming and outgoing.

* Update ast_sip_session_create_outgoing to create the
  pending_media_state->topology with the results of
  ast_sip_session_create_joint_call_stream().

* The endpoint "preferred_codec_only" option now automatically sets
  AST_SIP_CALL_CODEC_PREF_FIRST in incoming_call_offer_pref.

* A helper function ast_stream_get_format_count() was added to
  streams to return the current count of formats.

ASTERISK-28777

Change-Id: Id4ec0b4a906c2ae5885bf947f101c59059935437

A pure blacklist is not good enough, we need a whitelist mechanism as
well, and the simplest way to do that is to re-use existing ACL
infrastructure.

This makes it simpler to blacklist say an entire block (/24) except a
smaller block (eg, a /29 or even a /32).  Normally you'd need to
recursively split the block, so if you want to blacklist a /24 except
for a /29 you'd end up with a blacklit for a /25, /26, /27 and /28.  I
feel that having an ACL instead of a blacklist only is clearer.

Change-Id: Id57a8df51fcfd3bd85ea67c489c85c6c3ecd7b30
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

ASTERISK-20325 #close

Change-Id: I06cb9b467b0fd06c8af2a5aee049f872c09cc4b6

These tones come from http://www.itu.int/ITU-T/inr/forms/files/tones-0203.pdf

ASTERISK-23407

Change-Id: I48e2285f1e5bb29b3335f762006f66c423d0fcb8

Add a new option, incoming_call_offer_pref, to res_pjsip endpoints that
specifies the preferred order of codecs after receiving an offer.

This patch does the following:

  Adds a new enumeration, ast_sip_call_codec_pref, used by the the new
configuration option that's added to the endpoint media structure.

  Adds a new ast_sip_session_caps structure that's set for each session media
object.

  Creates a new file, res_pjsip_session_caps that "implements" the new
structure and option, and is compiled into the res_pjsip_session library.

ASTERISK-28756 #close

Change-Id: I35e7a2a0c236cfb6bd9cdf89539f57a1ffefc76f

In order to reduce the amount of AMI and ARI events generated,
the global "Message/ast_msg_queue" channel can be set to suppress
it's normal channel housekeeping events such as "Newexten",
"VarSet", etc. This can greatly reduce load on the manager
and ARI applications when the Digium Phone Module for Asterisk
is in use.  To enable, set "hide_messaging_ami_events" in
asterisk.conf to "yes"  In Asterisk versions <18, the default
is "no" preserving existing behavior.  Beginning with
Asterisk 18, the option will default to "yes".

NOTE:  This change does not affect UserEvents or the ARI
TextMessageReceived events.

* Added the "hide_messaging_ami_events" option to asterisk.conf.

* Changed message.c to set the AST_CHAN_TP_INTERNAL property on
  the "Message/ast_msg_queue" channel if the option is set in
  asterisk.conf.  This suppresses the reporting of the events.

Change-Id: Ia2e3516d43f4e0df994fc6598565d6bba2d7018b

It said "restrict [...] which peers should be able to pass [audio]
to each other".

However, these settings are not global (for which you would expect
signaling IPs to be checked). These settings are available per peer
only, and the IPs being checked, are the RTP IPs.

Change-Id: I2a6c6cd7c2f5f30d1df4844e3e0308a077021660

Add a new configuration option 'enable_status' which allows the
/httpstatus URI handler to be administratively disabled.

We also no longer unconditionally register the /static and /httpstatus
URI handlers, but instead do it based upon configuration.

Behavior change: If enable_static was turned off, the URI handler was
still installed but returned a 403 when it was accessed. Because we
now register/unregister the URI handlers as appropriate, if the
/static URI is disabled we will return a 404 instead.

Additionally:

* Change 'enablestatic' to 'enable_static' but keep the former for
  backwards compatibility.
* Improve some internal variable names

ASTERISK-28710 #close

Change-Id: I647510f796473793b1d3ce1beb32659813be69e1

Change-Id: Ia05aab1f579597963d2ea23920d2210cfcb97c84

Adds source port matching support when IP matching is used:

  [example]
  type = identify
  match = 1.2.3.4:5060/32, 1.2.3.4:6000/32, asterisk.org:4444

If the IP matches but the source port does not, we reject and search for
alternatives. SRV lookups are still performed if enabled (srv_lookups = yes),
unless the configured FQDN includes a port number in which case just a host
lookup is performed.

ASTERISK-28639 #close
Reported by: Mitch Claborn

Change-Id: I256d5bd5d478b95f526e2f80ace31b690eebba92

ConfBridge has the ability to move between different sample
rates for mixing the conference bridge. Up until now there has
only been the ability to set the conference bridge to mix at
a specific sample rate, or to let it move between sample rates
as necessary. This change adds the ability to configure a
conference bridge with a maximum sample rate so it can move
between sample rates but only up to the configured maximum.

ASTERISK-28658

Change-Id: Idff80896ccfb8a58a816e4ce9ac4ebde785963ee

Original commit: cfbf5fbe

Change-Id: I34a841d73c429ca8d944481f8dccb756ee231c9c

Allow the list of files to be played to be provided explicitly in the
music class's configuration. The primary driver for this change is to
allow URLs to be used for MoH.

Change-Id: I9f43b80b43880980b18b2bee26ec09429d0b92fa

Changes made to apps/Makefile to optionally build all three app_voicemail
variations at the same time: 1) file (default), 2) odbc, and 3) imap.
This functionality was requested by users. modules.conf.sample warns the
user to make sure only one voicemail is loaded at a time.

Change-Id: Iba3cd8ffb4b7e8b1c64a11dd383e1eafcd3ed0e7

This change adds support for larger TLS certificates by allowing
OpenSSL to fragment the DTLS packets according to the configured
MTU. By default this is set to 1200.

This is accomplished by implementing our own BIO method that
supports MTU querying. The configured MTU is returned to OpenSSL
which fragments the packet accordingly. When a packet is to be
sent it is done directly out the RTP instance.

ASTERISK-28018

Change-Id: If2d5032019a28ffd48f43e9e93ed71dbdbf39c06

ASTERISK-28234
Reported-by: Kirsty Tyerman

Change-Id: I5d6e6b52dbe51415046bb3953fd16f5b421bc2e1

This patch adds basic Asterisk channel statistics to the res_prometheus
module. This includes:

* asterisk_calls_sum: A running sum of the total number of
  processed calls

* asterisk_calls_count: The current number of calls

* asterisk_channels_count: The current number of channels

* asterisk_channels_state: The state of any particular channel

* asterisk_channels_duration_seconds: How long a channel has existed,
  in seconds

In all cases, enough information is provided with each channel metric
to determine a unique instance of Asterisk that provided the data, as
well as the name, type, unique ID, and - if present - linked ID of each
channel.

ASTERISK-28403

Change-Id: I0db306ec94205d4f58d1e7fbabfe04b185869f59

Prometheus is the defacto monitoring tool for containerized applications.
This patch adds native support to Asterisk for serving up Prometheus
compatible metrics, such that a Prometheus server can scrape an Asterisk
instance in the same fashion as it does other HTTP services.

The core module in this patch provides an API that future work can build
on top of. The API manages metrics in one of two ways:
(1) Registered metrics. In this particular case, the API assumes that
    the metric (either allocated on the stack or on the heap) will have
    its value updated by the module registering it at will, and not
    just when Prometheus scrapes Asterisk. When a scrape does occur,
    the metrics are locked so that the current value can be retrieved.
(2) Scrape callbacks. In this case, the API allows consumers to be
    called via a callback function when a Prometheus initiated scrape
    occurs. The consumers of the API are responsible for populating
    the response to Prometheus themselves, typically using stack
    allocated metrics that are then formatted properly into strings
    via this module's convenience functions.

These two mechanisms balance the different ways in which information is
generated within Asterisk: some information is generated in a fashion
that makes it appropriate to update the relevant metrics immediately;
some information is better to defer until a Prometheus server asks for
it.

Note that some care has been taken in how metrics are defined to
minimize the impact on performance. Prometheus's metric definition
and its support for nesting metrics based on labels - which are
effectively key/value pairs - can make storage and managing of metrics
somewhat tricky. While a naive approach, where we allow for any number
of labels and perform a lot of heap allocations to manage the information,
would absolutely have worked, this patch instead opts to try to place
as much information in length limited arrays, stack allocations, and
vectors to minimize the performance impacts of scrapes. The author of
this patch has worked on enough systems that were driven to their knees
by poor monitoring implementations to be a bit cautious.

Additionally, this patch only adds support for gauges and counters.
Additional work to add summaries, histograms, and other Prometheus
metric types may add value in the future. This would be of particular
interest if someone wanted to track SIP response types.

Finally, this patch includes unit tests for the core APIs.

ASTERISK-28403

Change-Id: I891433a272c92fd11c705a2c36d65479a415ec42

You can now add the "include_local_address" flag to an entry in
rtp.conf "[ice_host_candidates]" to include both the advertized
address and the local address in ICE negotiation:

[ice_host_candidates]
192.168.1.1 = 1.2.3.4,include_local_address

This causes both 192.168.1.1 and 1.2.3.4 to be advertized.

Change-Id: Ide492cd45ce84546175ca7d557de80d9770513db

When producing a combined REMB value the normal behavior
is to have a REMB value which is unique for each sender
based on all of their receivers. This can result in one
sender having low bitrate while all the rest are high.

This change adds "all" variants which produces a bridge
level REMB value instead. All REMB reports are combined
together into a single REMB value that is the same for
each sender.

ASTERISK-28401

Change-Id: I883e6cc26003b497c8180b346111c79a131ba88c

There a long history here:

In commit dd1e62c0 has introduce by default shared_lastcall = true by
default but this now only happen is there not [general] directive in
queues.conf

After that, the commit 4b50e3f1 fix the
sample file.

We'll need to keep the same setting if there a general or not section in
configuration file since the shared_lastcall is by a long time in
sample files as default value to 'no'.

Change-Id: Id44faec370136df8d57902b453ad4059ed21b94c

Added a new PJSIP global setting called norefersub.
Default is true to keep support working as before.

res_pjsip_refer:  Configures PJSIP norefersub capability accordingly.

Checks the PJSIP global setting value.
If it is true (default) it adds the norefersub capability to PJSIP.
If it is false (disabled) it does not add the norefersub capability
to PJSIP.

This is useful for Cisco switches that do not follow RFC4488.

ASTERISK-28375 #close
Reported-by: Dan Cropp

Change-Id: I0b1c28ebc905d881f4a16e752715487a688b30e9

chan_sip will always ignore 183 responses that do not contain SDP
however, chan_pjsip will currently always translate it into a
183 with SDP.  This new flag allows chan_pjsip to have the same
behavior as chan_sip.

ASTERISK-28322 #close

Change-Id: If81cfaa17c11b6ac703e3d71696f259d86c6be4a

Change-Id: I84a45c3d9fd26ca61aca99927eec83b57f1de857

The res_pjsip_websocket module requires the res_http_websocket
module so ensure it is loaded. As well the res_pjsip_notify
module needs the pjsip_notify.conf configuration file so
ensure it is installed.

ASTERISK-28272

Change-Id: I261659b84e7a6ac4cb49990d9badb4b2ad01bacd

To prevent one subsystem's taskprocessors from causing others
to stall, new capabilities have been added to taskprocessors.

* Any taskprocessor name that has a '/' will have the part
  before the '/' saved as its "subsystem".
  Examples:
  "sorcery/acl-0000006a" and "sorcery/aor-00000019"
  will be grouped to subsystem "sorcery".
  "pjsip/distributor-00000025" and "pjsip/distributor-00000026"
  will bn grouped to subsystem "pjsip".
  Taskprocessors with no '/' have an empty subsystem.

* When a taskprocessor enters high-water alert status and it
  has a non-empty subsystem, the subsystem alert count will
  be incremented.

* When a taskprocessor leaves high-water alert status and it
  has a non-empty subsystem, the subsystem alert count will be
  decremented.

* A new api ast_taskprocessor_get_subsystem_alert() has been
  added that returns the number of taskprocessors in alert for
  the subsystem.

* A new CLI command "core show taskprocessor alerted subsystems"
  has been added.

* A new unit test was addded.

REMINDER: The taskprocessor code itself doesn't take any action
based on high-water alerts or overloading.  It's up to taskprocessor
users to check and take action themselves.  Currently only the pjsip
distributor does this.

* A new pjsip/global option "taskprocessor_overload_trigger"
  has been added that allows the user to select the trigger
  mechanism the distributor uses to pause accepting new requests.
  "none": Don't pause on any overload condition.
  "global": Pause on ANY taskprocessor overload (the default and
  current behavior)
  "pjsip_only": Pause only on pjsip taskprocessor overloads.

* The core pjsip pool was renamed from "SIP" to "pjsip" so it can
  be properly grouped into the "pjsip" subsystem.

* stasis taskprocessor names were changed to "stasis" as the
  subsystem.

* Sorcery core taskprocessor names were changed to "sorcery" to
  match the object taskprocessors.

Change-Id: I8c19068bb2fc26610a9f0b8624bdf577a04fcd56

When Asterisk is connected and used with a database the response
time of the database can cause problems in Asterisk if it is long.
Normally the only way to see this problem would be to retrieve a
backtrace from Asterisk and examine where things are blocked, or
examine the database to see if there is any indication of a
problem.

This change adds some basic query logging to make it easier to
investigate such a problem. When logging is enabled res_odbc will
now keep track of the number of queries executed, as well as the
query that has taken the longest time to execute. There is also
an option which will cause a WARNING message to be output if a
query takes longer than a configurable amount of time to execute.

This makes it easier and clearer for users that their database may
be experiencing a problem that could impact Asterisk.

ASTERISK-28277

Change-Id: I173cf4928b10754478a6a8c27dfa96ede0f058a6

The option value "sdp" for some of the settings was removed a while back,
however the sample conf was not updated.

This patch removes any wording with regards to the old "sdp" option value,
and adjusts the defaults to what they are now.

ASTERISK-28263

Change-Id: I41bfa44e9f69446bcc5c8fd92e3675c676fdc445

You can now define an "aliases" context in voicemail.conf
whose entries point to actual mailboxes.  These can be used anywhere
the mailbox is specified.

Example:
[general]
aliasescontext = myaliases

[default]
1234 = yadayada

[myaliases]
4321@devices = 1234@default

Now you can use 4321@devices to refer to the 1234@default mailbox.

This can be useful to provide channel drivers with constant
mailbox specifications such as <extension>@devices leaving
app_voicemail to control exactly which mailbox the alias points to.
Now, only voicemail has to be reloaded to make changes instead of
individual channel drivers which are usually more expensive to
reload.

Change-Id: I395b9205c91523a334fe971be0d1de4522067b04

The commit I2f97ebfa79969a36a97bb7b9afd5b6268cf1a07d removed sending out
the ContactStatus AMI event when a contact is updated.
Thist change broke things which rely on old behavior.

This patch adds a new PJSIP global configuration option
'send_contact_status_on_update_registration' to be able to preserve old
ContactStatus behavior.
By default new behavior, i.e. the ContactStatus event will not be sent when a
device refreshes its registration.

Change-Id: I706adf7584e7077eb6bde6d9799ca408bc82ce46

The module has been removed, so it shouldn't be in the default config any more.

Change-Id: Ie7e09f00f9c9a885574e29478250de4c2cefd9f1

This reverts commit 29115e23.

That commit closed a long standing hole which allowed subscriptions
to mailboxes that weren't configured in voicemail.conf.  This
caused an issue with FreePBX which depdended on that behavior.
The commit is being reverted until FreePBX can handle the new
behavior.

ASTERISK-28151
Reported by: Ronald Raikes

Change-Id: I57b7b85e75d7dd97c742b5c69d718a0f61260c15

When a channel snapshot was created it used to be done
from scratch, copying all data (many strings). This incurs
a cost when doing so.

This change segments the channel snapshot into different
components which can be reused if unchanged from the
previous snapshot creation, reducing the cost. In normal
cases this results in some pointers being copied with
reference count being bumped, some integers being set,
and a string or two copied. The other benefit is that it
is now possible to determine if a channel snapshot update
is redundant and thus stop it before a message is published
to stasis.

The specific segments in the channel snapshot were split up
based on whether they are changed together, how often they
are changed, and their general grouping. In practice only
1 (or 0) of the segments actually get changed in normal
operation.

Invalidation is done by setting a flag on the channel when
the segment source is changed, forcing creation of a new
segment when the channel snapshot is created.

ASTERISK-28119

Change-Id: I5d7ef3df963a88ac47bc187d73c5225c315f8423

This patch adds new options 'trust_connected_line' and 'send_connected_line'
to the endpoint.

The option 'trust_connected_line' is to control if connected line updates
are accepted from this endpoint.

The option 'send_connected_line' is to control if connected line updates
can be sent to this endpoint.

The default value is 'yes' for both options.

Change-Id: I16af967815efd904597ec2f033337e4333d097cd

This officially deprecates chan_sip in Asterisk 17+.  A warning is
printed upon startup or module load to tell users that they should
consider migrating.  chan_sip is still built by default but the default
modules.conf skips loading it at startup.

Very important to note we are not scheduling a time where chan_sip will
be removed.  The goal of this change is to accurately inform end users
of the current state of chan_sip and encourage movement to the fully
supported chan_pjsip.

Change-Id: Icebd8848f63feab94ef882d36b2e99d73155af93

Change-Id: Id449d4435c38148b56ac4cfd61ae4d90ac66bb90