Currently, the device state provider API will allow you to register a
device state provider with the same case insensitive name more than
once. This could cause strange issues, as the duplicate device state
providers will not be queried when a device's state has to be polled.
This patch updates the API such that a device state provider with the
same name as one that has already registered will be rejected.

Change-Id: I4a418a12280b7b6e4960bd44f302e27cd036ceb2

When running valgrind on Asterisk, it complained about:

    ==32423== Source and destination overlap in memcpy(0x85a920, 0x85a920, 304)
    ==32423==    at 0x4C2F71C: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/...)
    ==32423==    by 0x55BA91: ast_rtp_engine_unload_format (rtp_engine.c:2292)
    ==32423==    by 0x4EEFB7: ast_format_attr_unreg_interface (format.c:1437)

The code in question is a struct assignment, which may be performed by
memcpy as a compiler optimization. It is changed to only copy the struct
contents if source and destination are different.

ASTERISK-25219 #close

Change-Id: I6d3546c326b03378ca8e9b8cefd41c16e0088b9a

If DEBUG_FD_LEAKS was used and more file descriptors than the default of
1024 were available, some DEBUG_FD_LEAKS-patched functions would
overwrite memory past the fixed-size (1024) fdleaks buffer.

This change:
- adds bounds checks to __ast_fdleak_fopen and __ast_fdleak_pipe
- consistently uses ARRAY_LEN() instead of sizeof() or 1023 or 1024
- stores pointers to constants instead of copying the contents
- reorders the fdleaks struct for possibly tighter packing
- adds a tiny bit of documentation

ASTERISK-25212 #close

Change-Id: Iacb69e7701c0f0a113786bd946cea5b6335a85e5

When a frame is queued on a channel, any failure in
ast_channel_alert_write is logged along with errno.

This change improves the diagnostic message through
aligning the errno value with actual failure cases.

ASTERISK-25224
Reported by: Andrey Biglari

Change-Id: I1bf7b3337ad392789a9f02c650589cd065d20b5b

When 8297136f was merged for ASTERISK-25040, a regression was introduced
surrounding the case sensitivity of device names within hints.
Previously, device names - such as 'sip/foo' - were compared in a case
insensitive fashion. Thus, 'sip/foo' was equivalent to 'SIP/foo'. After
that patch, only the case sensitive name would match, i.e., 'SIP/foo'.
As a result, some dialplan hints stopped working.

This patch re-introduces case insensitive matching for device names in
hints.

ASTERISK-25040

ASTERISK-25202 #close

Change-Id: If5046a7d14097e1e3c12b63092b9584bb1e9cb4c

Although ast_context_find, ast_context_find_or_create and
ast_context_destroy perform locking of the contexts table,
any context pointer can become invalid at any time that the
contexts table is unlocked. This change adds locking around
all complete operations involving these functions.

Places where ast_context_find was followed by ast_context_destroy
have been replaced with calls ast_context_destroy_by_name.

ASTERISK-25094 #close
Reported by: Corey Farrell

Change-Id: I1866b6787730c9c4f3f836b6133ffe9c820734fa

Show uptime information ends with an unnecessary space.

Now NEEDCOMMA is better defined.

Change-Id: I11b360504a0703309ff51772ff8f672287f3c5a1

The code in astobj2_hash.c wrongly assumed that abs(int) is always > 0.
However, abs(INT_MIN) = INT_MIN and is still negative, as well as
abs(INT_MIN) % num_buckets, and as a result this led to a crash.

One way to trigger the bug is using host=::80 or 0.0.0.128 in peer
configuration section in chan_sip or chan_iax.

This patch takes the remainder before applying abs, so that bucket
number is always in range.

ASTERISK-25100 #close
Reported by: Mark Petersen

Change-Id: Id6981400ad526f47e10bcf7b847b62bd2785e899

Reset options to default values before reloading config.  This ensures
that if a setting is removed or commented out of the configuration file
it is unset on reload.

ASTERISK-25112 #close
Reported by: Corey Farrell

Change-Id: Id24bb1fb0885c2c14cf8bd6f69a0c2ee7cd6c5bd

Currently, everytime a sample rate change occurs (on read or write) the
associated factory buffers are reset. If the requested sample rate on a
read differed from that of a write then the buffers are continually reset
on every read and write. This has the side effect of emptying the buffer,
thus there being no data to read and then write to a file in the case of
call recording.

This patch fixes it so that an audiohook_list's rate always maintains the
maximum sample rate among hooks and formats. Audiohook sample rates are
only overwritten by this value when slin native compatibility is turned on.
Also, the audiohook sample rate can only overwrite the list's sample rate
when its rate is greater than that of the list or if compatibility is
turned off. This keeps the rate from constantly switching/resetting.

ASTERISK-24944 #close
Reported by: Ronald Raikes

Change-Id: Idab4dfef068a7922c09cc631dda27bc920a6c76f

The message channel is a special channel that doesn't actually process frames.
However, certain actions can cause frames to be placed in the channel's read
queue including the Hangup application which is called on the channel after
each message is processed. Since the channel will continually be reused for
many messages, it's necessary to flush these frames at some point.

ASTERISK-25083 #close
Reported by: Jonathan Rose

Change-Id: Idf18df73ccd8c220be38743335b5c79c2a4c0d0f

Fix the alphabetic order added on ast_manager_register_struct. The order
for struct manager_action added is not working, this change fixes the
problem.

Change-Id: I149da0cd06c3c4445d7516cc303358e9f26f8b4b

The code which reads asterisk.conf supports processing the debug
option with ast_true, but ast_true returns -1.  This causes debug
to still be off, convert to 1 so debug will be on as requested.

ASTERISK-25042
Reported by: Corey Farrell

Change-Id: I3c898b7d082d914b057e111b9357fde46bad9ed6

ERR_remove_state was deprecated with OpenSSL 1.0.0 and was replaced by 
ERR_remove_thread_state. ERR_load_SSL_strings and ERR_load_BIO_strings were 
called by SSL_load_error_strings already and got removed. These changes allow 
OpenSSL forks like BoringSSL to be used with Asterisk.

ASTERISK-25043 #close
Reported by: Alexander Traud
patches:
  asterisk_with_BoringSSL.patch uploaded by Alexander Traud (License 6520)

Change-Id: If1c0871ece21a7e0763fafbd2fa023ae49d4d629
(cherry picked from commit 247fef66)

The PBX core maintains two hash tables for hints: a container of the
actual hints (hints), along with a container of devices that are watching that
hint (hintdevices). When a dialplan reload occurs, each hint in the hints
container is destroyed; this requires a lookup in the container of devices to
find the device => hint mapping object. In the current code, this performs an
ao2_callback, iterating over each of the device to hint objects in the
hintdevices container. For a large number of hints, this is extremely
expensive: dialplan reloads with 20000 hints could take several minutes
in just this phase.

This patch improves the performance of this step in the dialplan reloads
by caching which devices are watching a hint on the hint object itself.
Since we don't want to create a circular reference, we just cache the
name of the device. This allows us to perform a smarter ao2_callback on
the hintdevices container during hint removal, hashing on the name of the
device and returning an iterator to the matching names. The overall
performance improvement is rather large, taking this step down to a number of
seconds as opposed to minutes.

In addition, this patch also registers the hint containers in the PBX
core with the astobj2 library. This allows for reasonable debugging to
hash collisions in those containers.

ASTERISK-25040 #close
Reported by: Matt Jordan

Change-Id: Iedfc97a69d21070c50fca42275d7b3e714e59360
(cherry picked from commit 80c0756f7386452fddab3324fa6a71933cde006e)

The patch in 0b6410c4 did correctly fix a memory leak of the DTLS
structures in the RTP engine. However, when a 'core reload' is issued, a
double free of the memory pointed to by the char *'s in the DTLS
configuration struct can occur, as ast_rtp_dtls_cfg_free does not set
the pointers to NULL when they are freed.

This patch sets those pointers to NULL, preventing a second call to
ast_rtp_dtls_cfg_free from corrupting memory.

ASTERISK-25022

Change-Id: I820471e6070a37e3c26f760118c86770e12f6115

The doxygen for ast_rtp_codecs_payloads_copy() states:

"This copies the payloads from the codecs0 structure to the codecs1
structure, overwriting any current values."

However, in practice, the overwriting of current values was not
happening. Instead, a new RTP codec payload object would be appended to
the codecs1 structure instead of replacing the corresponding object.

This patch corrects this behavior by overwriting the object in the
codecs1 structure if it exists already. If it does not already exist,
then create a new copy and link it in.

Tests of "memory show summary rtp_engine.c" had previously shown
additional allocations being performed any time that Asterisk processed
an incoming SDP. Scenarios involving lots of reinvites resulted in lots
of allocations. With this patch, I can perform as many reinvites as
I want and see no memory increases from the RTP engine.

ASTERISK-24916 #close
Reported by Christophe Osuna

Change-Id: I9a90bc3f564535bc767bf2fc0c455d5f065cea75

ao2 ref leak in res_rtp_asterisk.c when a DTLS policy is created.
The resources are linked into a table, but the original alloc refs
are never released. ast_strdup leak in rtp_engine.c. If
ast_rtp_dtls_cfg_copy() is called twice on the same destination struct,
a pointer to an alloc'd string is overwritten before the string is free'd.

ASTERISK-25022
Reported by: one47

Change-Id: I62a8ceb8679709f6c3769136dc6aa9a68202ff9b

clang can warn about a so called tautological-compare, when it finds
comparisons which are logically always true, and are therefor deemed
unnecessary.

Exanple:
unsigned int x = 4;
if (x > 0)    // x is always going to be bigger than 0

Enum Case:
Each enumeration is its own type. Enums are an integer type but they
do not have to be *signed*. C leaves it up to the compiler as an
implementation option what to consider the integer type of a particu-
lar enumeration is. Gcc treats an enum without negative values as
an int while clang treats this enum as an unsigned int.

rmudgett & mmichelson: cast the enum to (unsigned int) in assert.
The cast does have an effect. For gcc, which seems to treat all enums
as int, the cast to unsigned int will eliminate the possibility of
negative values being allowed. For clang, which seems to treat enums
without any negative members as unsigned int, the cast will have no
effect. If for some reason in the future a negative value is ever
added to the enum the assert will still catch the negative value.

ASTERISK-24917

Change-Id: I0557ae0154a0b7de68883848a609309cdf0aee6a

Fix a crash that could occur in __ast_channel_internal_alloc if
ao2_alloc fails.

ASTERISK-24991 #close

Change-Id: I4ca89189eb22f907408cb87d0a1645cfe1314a90

When a PBX registrar is unloaded, it will fail to remove its extension from
the context root_table if a dialplan application used by that extension is
still loaded. This can be the case for AGI, which can be unloaded after several
of the standard PBX providers. Often, this is harmless; however, if the
extension's priorities are removed during the failed unloading *and* the
dialplan application later unregisters, it leaves a ticking timebomb for the
next PBX provider that attempts to iterate over the extensions. When that
occurs, the peer_table pointer on the extension will already be set to NULL.
The current code does not check to see if the pointer is NULL before passing
it to a hashtab function this is not NULL tolerant.

Since it is possible for the peer_table to be NULL when we normally would not
expect that to be the case, the solution in this patch is to simply skip over
processing an extension's priorities if peer_table is NULL.

Prior to this patch, the tests/pbx/callerid_match test would crash during
module unload. With this patch, the test no longer crashes after running.

ASTERISK-24774 #close
Reported by: Corey Farrell

Change-Id: I2bbeecb7e0f77bac303a1b9135e4cdb4db6d4c40

Git does not support the ability to replace a token with a version
string during check-in. While it does have support for replacing a
token on clone, this is somewhat sub-optimal: the token is replaced
with the object hash, which is not particularly easy for human
consumption. What's more, in practice, the source file version was often
not terribly useful. Generally, when triaging bugs, the overall version
of Asterisk is far more useful than an individual SVN version of a file.
As a result, this patch removes Asterisk's support for showing source file
versions.

Specifically, it does the following:
* main/asterisk:
  - Refactor the file_version structure to reflect that it no longer
    tracks a version field.
  - Alter the "core show file version" CLI command such that it always
    reports the version of Asterisk. The file version is no longer
    available.

* main/manager: The Version key now always reports the Asterisk version.

* UPGRADE: Add notes for:
  - Modification to the ModuleCheck AMI Action.
  - Modification to the CLI "core show file version" command.

Change-Id: Ia932d3c64cd18a14a3c894109baa657ec0a85d28

This patch adds a .gitignore for main/editline to ignore all build results.

Change-Id: I68c7bf375ea46282689e5a706534b69fca233b5d

Add the .gitignore and .gitreview files to the asterisk repo.

NB:  You can add local ignores to the .git/info/exclude file
without having to do a commit.

Common ignore patterns are in the top-level .gitignore file.
Subdirectory-specific ignore patterns are in their own .gitignore
files.

Change-Id: I2b7513fc9acf5d432cf9587c25faa9786af14abf
Tested-by: George Joseph

When cleaning up some clang compiler warnings, the comparison of a negative
value to an unsigned enum was removed. However, the initial assignment of a
negative value to said enum remained in the variable declaration. This patch
removes that assignment.

Thanks to ibercom in #asterisk-bugs for pointing it out.


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434708 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Given a source capability of h264 and ulaw, a destination capability of
h264 and g722 then ast_translator_best_choice() would pick h264 as the
best choice even though h264 is a video codec and Asterisk only supports
translation of audio codecs.  When the audio starts flowing, there are
warnings about a codec mismatch when the channel tries to write a frame to
the peer.

* Made ast_translator_best_choice() only select audio codecs.

* Restore a check in channel.c:set_format() lost after v1.8 to prevent
trying to set a non-audio codec.

This is an intermediate patch for a series of patches aimed at improving
translation path choices for ASTERISK-24841.

This patch is a complete enough fix for ASTERISK-21777 as the v11 version
of ast_translator_best_choice() does the same thing.  However, chan_sip.c
still somehow tries to call ast_codec_choose() which then calls
ast_best_codec() with a capability set that doesn't contain any audio
formats for the incoming call.  The remaining warning message seems to be
a benign transient.

ASTERISK-21777 #close
Reported by: Nick Ruggles

ASTERISK-24380 #close
Reported by: Matt Jordan

Review: https://reviewboard.asterisk.org/r/4605/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434614 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This fixes autological comparison warnings in the following:
 * chan_skinny: letohl may return a signed or unsigned value, depending on the
   macro chosen
 * func_curl: Provide a specific cast to CURLoption to prevent mismatch
 * cel: Fix enum comparisons where the enum can never be negative
 * enum: Fix comparison of return result of dn_expand, which returns a signed
   int value
 * event: Fix enum comparisons where the enum can never be negative
 * indications: tone_data.freq1 and freq2 are unsigned, and hence can never be
   negative
 * presencestate: Use the actual enum value for INVALID state
 * security_events: Fix enum comparisons where the enum can never be negative
 * udptl: Don't bother to check if the return value from encode_length is less
   than 0, as it returns an unsigned int
 * translate: Since the parameters are unsigned int, don't bother checking
   to see if they are negative. The cast to unsigned int would already blow
   past the matrix bounds.

Review: https://reviewboard.asterisk.org/r/4533
ASTERISK-24917
Reported by: dkdegroot
patches:
  rb4533.patch submitted by dkdegroot (License 6600)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434469 65c4cc65-6c06-0410-ace0-fbb531ad65f3

When registering to a SIP server with TLS, Asterisk will accept CA signed
certificates with a common name that was signed for a domain other than the
one requested if it contains a null character in the common name portion of
the cert. This patch fixes that by checking that the common name length
matches the the length of the content we actually read from the common name
segment. Some certificate authorities automatically sign CA requests when
the requesting CN isn't already taken, so an attacker could potentially
register a CN with something like www.google.com\x00www.secretlyevil.net
and have their certificate signed and Asterisk would accept that certificate
as though it had been for www.google.com - this is a security fix and is
noted in AST-2015-003.

ASTERISK-24847 #close
Reported by: Maciej Szmigiero
Patches:
 asterisk-null-in-cn.patch submitted by mhej (license 6085)
........

Merged revisions 434337 from http://svn.asterisk.org/svn/asterisk/branches/1.8


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434338 65c4cc65-6c06-0410-ace0-fbb531ad65f3

These are fixes for compilation under gcc 5.0...

chan_sip.c:    In parse_request needed to make 'lim' unsigned.
inline_api.h:  Needed to add a check for '__GNUC_STDC_INLINE__' to detect C99 
               inline semantics (same as clang).
ccss.c:        In ast_cc_set_parm, needed to fix weird comparison.
dsp.c:         Needed to work around a possible compiler bug.  It was throwing 
               an array-bounds error but neither
               sgriepentrog, rmudgett nor I could figure out why.
manager.c:     In action_atxfer, needed to correct an array allocation.

This patch will go to 11, 13, trunk.

Review: https://reviewboard.asterisk.org/r/4581/
Reported-by: Jeffrey Ollie
Tested-by: George Joseph
ASTERISK-24932 #close




git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434113 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch fixes an invalid format specifier used in the formatting of an
ERROR message in the framehook code. The format specifier specifies a
type of 'unsigned short', but the argument passed to it is of type 'int'.
The patch changes the format specifier to 'i'.

Review: https://reviewboard.asterisk.org/r/4540

ASTERISK-24917
Reported by: dkdegroot
patches:
  rb4535.patch submitted by dkdegroot (License 6600)



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@434087 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The bug fixed by that patch exists in Asterisk 11 as
well, so the fix should be applied there.

When connecting to a remote Asterisk console, the buffer
used to read the initial hostname/pid/version from the
main Asterisk process did not ensure the input was
NULL-terminated, and the buffer was small for certain
use cases. This patch expands the buffer to be 256
bytes and ensures the input it reads is NULL-terminated.

ASTERISK-21854 #close
Reported by klaus3000



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433919 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Binary modules are sometimes built against the latest release of
Asterisk in each branch, and need to be compatible with all
releases of that branch.  This change ensures that utils.h only
uses ast_log_safe from the core.  For modules and utilities ast_log
is used instead.

Review: https://reviewboard.asterisk.org/r/4548/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433772 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch fixes several warnings caught by clang - in this case, usage of the
abs function on non-integer values. This patch uses labs and fabs, as
appropriate, in the various affected files.

Review: https://reviewboard.asterisk.org/r/4525

ASTERISK-24917
Reported by: dkdegroot
patches:
  rb4525.patch submitted by dkdegroot (License 6600)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433749 65c4cc65-6c06-0410-ace0-fbb531ad65f3

The patch in r433720 caused a warning to be kicked back by gcc. It occurred
due to this check in unistd.h:

    if (__nbytes > __bos0 (__buf))
        return __read_chk_warn (__fd, __buf, __nbytes, __bos0 (__buf));

That is, if __nbytes is greater than the result of GCC's built-in object size
for the struct, we'll kick back a warning.

As it turns out, this is because there is an error in the code in the patch.
We are passing the address of the pointer to the struct, not iev, which is a
pointer to the struct. Hence, the number of bytes is probably going to be lot
larger than the number of bytes that make up a pointer! This patch changes
the code just read from the pointer to the struct - which fixes the warning.

ASTERISK-24917


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433743 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch fixes a warning caught by clang, wherein a variable sized struct is
not located at the end of a struct. While the code in question actually
expected this, this is a good warning to watch for. Hence, this patch refactors
the code in question to not have two variable length elements in the same
struct.

Review: https://reviewboard.asterisk.org/r/4530/

ASTERISK-24917
Reported by: dkdegroot
patches:
  rb4530.patch submitted by dkdegroot (License 6600)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433717 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch fixes the -Wunused-value -Wunused-variable -Wunused-const-variable
errors caught by clang. Specifically:

* apps/app_queue.c: removed unused qpm_cmd_usage[], qum_cmd_usage[],
                    qsmp_cmd_usage[]
* cel/cel_sqlite3_custom.c: removed unused name[] = "cel_sqlite3_custom"
* codecs/gsm/src/gsm_create.c: removed unused ident[] = "$Header$"
* funcs/func_env.c:729: Fixed ast_str_append_substr.
* main/editline/np/strlcat.c: removed unused rcsid variable
* main/editline/np/strlcpy.c: removed unused rcsid variable
* utils/conf2ael.c: removed unused cfextension_states
* utils/extconf.c: removed unused cfextension_states

Review: https://reviewboard.asterisk.org/r/4526

ASTERISK-24917
Reported by: dkdegroot
patches:
  rb4526.patch submitted by dkdegroot (License 6600)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433693 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Clang will treat ((a == b)) as a warning, as it reasonably expects that the
developer may have intended to write (a == b) or ((a = b)). This patch cleans
up all instances where equality, not assignment, was intended between two
parantheses.

Review: https://reviewboard.asterisk.org/r/4531/

ASTERISK-24917
Repoted by: dkdegroot
patches:
  rb4531.patch submitted by dkdegroot (License 6600)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433687 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This patch fixes clang compilers warnings for unused functions. Specifically:
 * channels/chan_iax2: removed user_ref function
 * main/dsp.c: removed goertzel_update function

Review: https://reviewboard.asterisk.org/r/4527

ASTERISK-24917
Reported by: dkdegroot
patches:
  rb4527.patch submitted by dkdegroot (License 6600)


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433678 65c4cc65-6c06-0410-ace0-fbb531ad65f3

This introduces a new logger routine ast_log_safe.  This routine should be
used for all error messages in code that can be run as a result of ast_log.
ast_log_safe does nothing if run recursively.  All error logging in
astobj2.c, strings.c and utils.h have been switched to ast_log_safe.

This required adding support for raw threadstorage.  This provides direct
access to the void* pointer in threadstorage.  In ast_log_safe, NULL is used
to signify that this thread is not already running ast_log_safe, (void*)1 when
it is already running.  This was done since it's critical that ast_log_safe
do nothing that could log during recursion checking.

ASTERISK-24155 #close
Reported by: Timo Teräs
Review: https://reviewboard.asterisk.org/r/4502/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433522 65c4cc65-6c06-0410-ace0-fbb531ad65f3

Since 'core stop now' and 'core restart now' do not stop modules,
it is unsafe for most of the core to run cleanups.  Originally all
cleanups used ast_register_atexit, and were only changed when it
was shown to be unsafe.  ast_register_atexit is now used only when
absolutely required to prevent corruption and close child processes.

Exceptions that need to use ast_register_atexit:
* CDR: Flush records.
* res_musiconhold: Kill external applications.
* AstDB: Close the DB.
* canary_exit: Kill canary process.

ASTERISK-24142 #close
Reported by: David Brillert

ASTERISK-24683 #close
Reported by: Peter Katzmann

ASTERISK-24805 #close
Reported by: Badalian Vyacheslav

ASTERISK-24881 #close
Reported by: Corey Farrell

Review: https://reviewboard.asterisk.org/r/4500/
Review: https://reviewboard.asterisk.org/r/4501/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@433495 65c4cc65-6c06-0410-ace0-fbb531ad65f3