Fix the configure script not to detect the presence of gethostbyname_r()
on NetBSD incorrectly.  NetBSD includes it as an internal libc symbol
that is not exposed in system headers and that is incompatible with
other implementations.  In order to avoid misdetecting it, perform
the symbol check only if the declaration is found in the public header
first.

ASTERISK-29817

Change-Id: Iafa359b09908251bcd299ff54be003ea129b9eda

There are times when you need to troubleshoot issues with bundled
pjproject or add new features that need to be pushed upstream
but...

* The source directory created by extracting the pjproject tarball
  is not scanned for code changes so you have to keep forcing
  rebuilds.
* The source directory isn't a git repo so you can't easily create
  patches, do git bisects, etc.
* Accidentally doing a make distclean will ruin your day by wiping
  out the source directory, and your changes.
* etc.

This commit makes that easier.
See third-party/pjproject/README-hacking.md for the details.

ASTERISK-29824

Change-Id: Idb1251040affdab31d27cd272dda68676da9b268

Furthermore, consistently use not 'No' but ':' for non-existent file
paths. Finally, use the same pattern for checking file paths:
  a)  = ":"
  b) != "x:"

Change-Id: I0c80c76d2cc98b0e5c859131290f4e3141a1a544

ASTERISK-29724

Change-Id: I59aa0e52effdc16992f3a736ccf73430a6ef135b

ASTERISK-29709

Change-Id: Ie169df878bdfc3a06b3097c5c38d185b480f54d4

OpenSSL is one of those packages that often have alternatives
with later versions.  For instance, CentOS/EL 7 has an
openssl package at version 1.0.2 but there's an openssl11
package from the epel repository that has 1.1.1.  This gets
installed to /usr/include/openssl11 and /usr/lib64/openssl11.
Unfortunately, the existing --with-ssl and --with-crypto
./configure options expect to point to a source tree and
don't work in this situation.  Also unfortunately, the
checks in ./configure don't use pkg-config.

In order to make this work with the existing situation, you'd
have to run...
./configure --with-ssl=/usr/lib64/openssl11 \
    --with-crypto=/usr/lib64/openssl11 \
    CFLAGS=-I/usr/include/openssl11

BUT...  those options don't get passed down to bundled pjproject
so when you run make, you have to include the CFLAGS again
which is a big pain.

Oh...  To make matters worse, although you can specify
PJPROJECT_CONFIGURE_OPTS on the ./configure command line,
they don't get saved so if you do a make clean, which will
force a re-configure of bundled pjproject, those options
don't get used.

So...

* In configure.ac... Since pkg-config is installed by install_prereq
  anyway, we now use it to check for the system openssl >= 1.1.0.
  If that works, great.  If not, we check for the openssl11
  package. If that works, great.  If not, we fall back to just
  checking for any openssl.  If pkg-config isn't installed for some
  reason, or --with-ssl=<dir> or --with-crypto=<dir> were specified
  on the ./configure command line, we fall back to the existing
  logic that uses AST_EXT_LIB_CHECK().

* The whole OpenSSL check process has been moved up before
  THIRD_PARTY_CONFIGURE(), which does the initial pjproject
  bundled configure, is run.  This way the results of the above
  checks, which may result in new include or library directories,
  is included.

* Although not strictly needed for openssl, We now save the value of
  PJPROJECT_CONFIGURE_OPTS in the makeopts file so it can be used
  again if a re-configure is triggered.

ASTERISK-29693

Change-Id: I341ab7603e6b156aa15a66f43675ac5029d5fbde

Discovered while looking at ASTERISK~29684. Usage was removed in change
I3c77c7b00b2ffa2e935632097fa057b9fdf480c0.

Change-Id: Iaf2f7a16ea5a7eee6375319347e4b40b8e7b10e3

IPv6 nameserver addresses are stored in different part of the
__res_state structure, so look there if we appear to have support for
it.

ASTERISK-28004 #close

Change-Id: I67067077d8a406ee996664518d9c8fbf11f6977d

From https://www.mail-archive.com/bug-autoconf@gnu.org/msg04408.html



> ... the long-obsolete AC_HEADER_STDC, previously used internally by
> AC_INCLUDES_DEFAULT, used AC_EGREP_HEADER.  The AC_HEADER_STDC macro
> is now a no-op (and is not used at all within Autoconf anymore), so
> that change is likely what made the first use of AC_EGREP_HEADER the
> one inside the if condition, causing the observed results.

The implication is that the test does nothing anyway, and due to it
being a no-op from 2.70 onwards, results in the required not being set
to yes, resulting in ./configure to fail.

Change-Id: Ic1ff38d87f791fbf1f2a80512f81bb7110392460
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

On Gentoo it's possible to have multiple lua versions installed, all
with a path of /usr, so it's not possible to use the current --with-lua
option to determisticly pin to a specific version as is required by the
Gentoo PMS standards.

This environment variable allows to lock to specific versions,
unversioned check will be skipped if this variable is supplied.

Change-Id: I8c403eda05df25ee0193960262ce849c7d2fd088
Signed-off-by: Jaco Kroon <jaco@uls.co.za>

As described in the issue, /tmp is not a suitable location for a
large amount of cached media files, since most distributions make
/tmp a RAM-based tmpfs mount with limited capacity.

I opted for a location that can be configured separately, as opposed
to using a subdirectory of spooldir, given the different storage
profile (transient files vs files that might stay there indefinitely).

This commit just makes the cache directory configurable, but leaves
it at /tmp by default, to ensure backwards compatibility.

A future commit that only targets master could change the default
location to something more sensible such as /var/tmp/asterisk. At
that point, the cachedir could be created and cleaned up during
uninstall by the Makefile script.

ASTERISK-29143

Change-Id: Ic54e95199405abacd9e509cef5f08fa14c510b5d

Note to maintainers: Lua 5.4, Lua 5.3, and Lua 5.2 have not been tested
at runtime with pbx_lua. Until then, use the lowest available version
of Lua, if you enabled the module pbx_lua at all.

Change-Id: Ie5270448b11fcb4e2a53d899e4fe7fea793ce7e0

The previous change missed that 'make' uses 'PJPROJECT_BUNDLED' anyway.

ASTERISK-28929

Change-Id: I7ef0e78a06ea391b59d95b99d46bbed3fec4fed9

The configure.m4 script for pjproject contains some += syntax, which
is specific to bash, replacing it with string substitutions makes
the script compatible with traditional Bourne shells.

ASTERISK-28866 #close
Reported-by: Christoph Moench-Tegeder <cmt@FreeBSD.org>

Change-Id: I382a78160e028044598b7da83ec7e1ff42b91c05

ASTERISK-28837

Change-Id: Id057324912a3cfe6f50af372675626bb515907d9

Change-Id: If8445f899ee4ce0c606c484943d4ce0c8e43b5da

Change-Id: I11d5693d25c166c99d8cebffc16184d58f6362de

ASTERISK-28758
Reported by: Patrick Wakano
Reported by: Dmitriy Serov

Change-Id: Ifb6b85c559d116739af00bc48d1f547caa85efac

The Python/C API is used only if the Test Framework was enabled in Asterisk
'make menuselect'. The Test Framework is available only if the Developer Mode
was enabled in Asterisk './configure --enable-dev-mode'. And that Python/C API
is used only if the PJProject was found and not disabled in Asterisk; the user
did not go for './configure --without-pjproject'.

Furthermore, because version 2 of that Python/C API is required (currently) and
because some platforms do not offer a generic version 2, the script searches
for 2.7 explicitly as well.

To avoid version mismatch between the Python/C API and the Python environment,
the script searches for the latter in the same versions, in the same the order
as well. Because this Python/C API is just for (some) Asterisk contributors,
the script also goes for the Python 3 environment as a last resort for all
other Asterisk users. This allows 'make full' even on minimal installations of
Ubuntu 18.04 LTS and newer.

Because the Python/C API is Asterisk contributor specific, the Python packages
are removed from the script './contrib/scripts/install_prereq' as this script
is intended for Asterisk users. Asterisk contributors have to install much more
packages in any case, like:
sudo apt install autoconf automake git git-review python2.7-dev

ASTERISK-28824
ASTERISK-27717

Change-Id: Id46d357e18869f64dcc217b8fdba821b63eeb876

Furthermore, the nowhere used compress is removed.

ASTERISK-28816

Change-Id: I77daab80cfabb56d51c3ea6b1d14bd9b9fbc577c

ASTERISK-28818

Change-Id: Ib7f246896457d9e3b14d7f5199136d6545ce0b6f

We (Gentoo distribution) reckon that in the case of multiple versions of
gmime installed we should prefer the newest one.

Change-Id: Idf7be613230232eb1d573d93c4a5a8297f4ecd2d

When building check_expr2 with ASLR PIE hardening enabled the linker
fails. This is resolved by adding the regular compiler flags when
building the object files from ast_expr2f.c and ast_expr2.c.

Note: The STANDALONE define is removed because it is already defined in
_ASTCFLAGS. YY_NO_INPUT is defined so that the compile survives
'--enable-dev-mode'.

Also, a Makefile variable "CROSS_COMPILING" is added so that the
build system doesn't try to run check_expr2 when cross-compiling,
because that will fail the build as will.

ASTERISK-28685 #close

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Change-Id: If435b7db9f9ad8266245bda51c81c220f9658915

When handling ICE negotiations, it's possible that there can be a delay
between STUN binding requests which in turn will cause a delay in ICE
completion, preventing media from flowing. It should be possible to send
media when there is at least one valid pair, preventing this scenario
from occurring.

A change was added to PJPROJECT that adds an optional callback
(on_valid_pair) that will be called when the first valid pair is found
during ICE negotiation. Asterisk uses this to start the DTLS handshake,
allowing media to flow. It will only be called once, either on the first
valid pair, or when ICE negotiation is complete.

ASTERISK-28716

Change-Id: Ia7b68c34f06d2a1d91c5ed51627b66fd0363d867

Instead of trying to use the defined MySQL client version from the
header use a configure check to determine whether the bool or my_bool
type should be used for defining a boolean.

ASTERISK-28604

Change-Id: Id2225b3785115de074c50c123ff1a68005b4a9c7

This change adds support for larger TLS certificates by allowing
OpenSSL to fragment the DTLS packets according to the configured
MTU. By default this is set to 1200.

This is accomplished by implementing our own BIO method that
supports MTU querying. The configured MTU is returned to OpenSSL
which fragments the packet accordingly. When a packet is to be
sent it is done directly out the RTP instance.

ASTERISK-28018

Change-Id: If2d5032019a28ffd48f43e9e93ed71dbdbf39c06

Asterisk assumes that dlopen() will always run the constructor of a
shared library and every dlclose() will run its destructor. But dlopen()
may be permanent, meaning the constructor will only be run once, as is
the case with musl libc.

With a permanent dlopen() the Asterisk module loader does not work
correctly, because it's expectations regarding when the constructors and
destructors are run are not met. In fact a segmentation fault will occur
when the first module is "re-opened" that has AST_MODFLAG_GLOBAL_SYMBOLS
set (the dlopen() does not call the constructor, resource_being_loaded
is not set to NULL, then strlen is called with NULL instead of a string,
see issue ASTERISK-28319).

This commit adds code to the loader that will manually run the
constructors/destructors of the (non-builtin) modules where needed. To
achieve this a new ao2 container (linked list) is started and filled
with objects that contain the names of the modules and the pointers to
their respective info structs.

This behavior can be activated when configuring Asterisk
(--enable-permanent-dlopen). By default this is disabled, of course.

ASTERISK-28319 #close

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Change-Id: I86693a0ecf25d5ba81c73773a03df4abc3426875

Bundled pjproject and jansson must be configured with the host and build
parameters provided to the configure script.
Autotools do not permit to check for the existence of local header files, so
the control of hrirs.h must not be done when cross-compiling.

ASTERISK-28250

Change-Id: If0a76e52a87d4ab82b7d4c72d27d8759ca931880

Some platforms provide an implementation of socket() and pipe2() that allow the
caller to specify that the resulting file descriptors should be non-blocking.

Using these allows us to potentially elide 3 calls into 1 by avoiding extraneous
calls to fcntl() to set the O_NONBLOCK flag afterwards.

In passing, change ast_alertpipe_init() to use pipe2() directly instead of the
wrapper if it is available.

Change-Id: I3ebe654fb549587537161506c6c950f4ab298bb0

We've had multiple opportunities where Richard Mudgett's
malloc_trim patch has been useful. Let's get it
pushed up to gerrit and merged.

Since malloc_trim is only available in libc, an entry is
added to configure.ac to create a definition for
HAVE_MALLOC_TRIM.

Change-Id: Ia38308c550149d9d6eae4ca414a649957de9700c

We previously allowed resample and g711 codecs to be built when
TEST_FRAMEWORK was enabled.  This could cause errors if the testsuite
was run without this option enabled.  Switch the build system to allow
those codecs to be built when --enable-dev-mode is used.  This removes a
chance for strange testsuite errors from use of an inadequate pjsua
binary.

Change-Id: Iee8a3613cdb711fa7e7d217c5a775a575907ae22

This change implements a few different generic things which were brought
on by Google Voice SIP.

1.  The concept of flow transports have been introduced.  These are
configurable transports in pjsip.conf which can be used to reference a
flow of signaling to a target.  These have runtime configuration that can
be changed by the signaling itself (such as Service-Routes and
P-Preferred-Identity).  When used these guarantee an individual connection
(in the case of TCP or TLS) even if multiple flow transports exist to the
same target.

2.  Service-Routes (RFC 3608) support has been added to the outbound
registration module which when received will be stored on the flow
transport and used for requests referencing it.

3.  P-Associated-URI / P-Preferred-Identity (RFC 3325) support has been
added to the outbound registration module.  If a P-Associated-URI header
is received it will be used on requests as the P-Preferred-Identity.

4.  Configurable outbound extension support has been added to the outbound
registration module.  When set the extension will be placed in the
Supported header.

5.  Header parameters can now be configured on an outbound registration
which will be placed in the Contact header.

6.  Google specific OAuth / Bearer token authentication
(draft-ietf-sipcore-sip-authn-02) has been added to the outbound
registration module.

All functionality changes are controlled by pjsip.conf configuration
options and do not affect non-configured pjsip endpoints otherwise.

ASTERISK-27971 #close

Change-Id: Id214c2d1c550a41fcf564b7df8f3da7be565bd58

In order to do this and provide good feedback, a new macro was
created (AST_EXT_LIB_EXTRA_CHECK) which does the normal check and
path setups for the library then compiles, links and runs a supplied
code fragment to do the final determination.  In this case, the
final code fragment compares UNBOUND_VERSION_MAJOR
and UNBOUND_VERSION_MINOR to determine if they're greater than or
equal to 1.5.

Since we require version 1.5, some code in res_resolver_unbound
was also simplified.

ASTERISK-28045
Reported by: Samuel Galarneau

Change-Id: Iee94ad543cd6f8b118df8c4c7afd9c4e2ca1fa72

Use json_vsprintf from versions which contain fix for va_copy leak.

Apply fixes from jansson master:
* va_copy leak fix.
* Avoid potential invalid memory read in json_pack.
* Rename variable that shadowed another.

Change-Id: I7522e462d2a52f53010ffa1e7d705c666ec35539

When writing an RTCP report to json the code attempts to pack the "ssrc" and
"source_ssrc" unsigned integer values as a signed int value type. This of course
means if the ssrc's unsigned value is greater than that which can fit into a
signed integer value it gets converted to a negative number. Subsequently, the
negative value goes out in the json report.

This patch now packs the value as a json_int_t, which is the widest integer type
available on a given system. This should make it so the value no longer
overflows.

Note, this was caught by two failing tests hep/rtcp-receiver/ and
hep/rtcp-sender.

Change-Id: I2af275286ee5e795b79f0c3d450d9e4b28e958b0

This change brings in PJSIP 2.8, removes all the patches
that were merged upstream, and makes a minor change to
support a breaking change that was done.

ASTERISK-28059

Change-Id: I5097772b11b0f95c3c1f52df6400158666f0a189

Change-Id: Id2a916ff9448706090e72ff2c7fb3f5ba24a05df

This new option can be passed for ./configure or
./tests/CI/buildAsterisk.sh to prevent download/install of binary
modules.

Normally enabling the categories MENUSELECT_CODECS or MENUSELECT_RES
will result in binary modules being enabled even if the build target is
incompatible with those modules.  This includes CI scripts which enable
categories before disabling specific modules.

If more binary modules are offered in the future this will help avoid
accidentally downloading them if unwanted or incompatible.  Adding a
binary module will only require creating a new menuselect entry similar
to the existing ones, it will not be necessary to modify the CI scripts.

Change-Id: I6b1bd1c75a2e48f05b8b8a45b7a7a2d00a079166

In Solaris, the header <jansson.h> is in /usr/include/jansson. To find
Jansson even in such a subdirectory, the tool pkg-config is queried via
AST_PKG_CONFIG_CHECK. For those platforms, which do not list Jansson via
pkg-config, the previous check remains and is executed thereafter.

Because the check for the NetBSD Editline library uses the tool pkg-config
the code of PKG_PROG_PKG_CONFIG must be used. Because that check happens
earlier than Jansson, it must be placed in front of that.

ASTERISK-27991

Change-Id: I69ea0f379f87a50049654b2487c76ee1c04fa53a

Change-Id: Ib3111b151d37cbda40768cf2a8a9c6cf6c5c7cbd