| Age | Commit message (Collapse) | Author |
|---|
|
|
|
into 13
|
|
|
|
When using the migration script sip_to_pjsip.py and tlsclientmethod is not set
in sip.conf, the default value of chan_sip (sslv23) is copied to pjsip.conf, to
overwrite the default of the PJProject (tlsv1). This makes sure, res_pjsip is
offering/using not just TLSv1.0 but TLSv1.2 as well.
ASTERISK-22374
Change-Id: Ie530a3dae9926ae14f3920a21be1e2edb15bda4f
|
|
When using the migration script sip_to_pjsip.py, no section of type=system or
type=general were created. Therefore the keys compactheaders, timerb, timert1,
and useragent were not migrated to pjsip.conf.
ASTERISK-22374
Change-Id: I318a453843227ea36bf130d392d4abd7bd26b5a1
|
|
When using the migration script sip_to_pjsip.py, session-timers=accept and
session-timers=refuse were mapped to wrong values.
ASTERISK-22374
Change-Id: Ie4e90d5f6a29aff07837b7fe5bc8aea5fb6fc092
|
|
When using the migration script sip_to_pjsip.py, now the (mandatory) username is
written to pjsip.conf, even if there was no (optional) authname in the register
string in sip.conf.
ASTERISK-22374
Change-Id: Ie53e1997104cd2674821688b8a8247249f5e156f
|
|
When using the migration script sip_to_pjsip.py and the register string
started with a transport in sip.conf - like tls://... - register was not parsed
correctly and therefore not migrated correctly to pjsip.conf.
ASTERISK-22374
Change-Id: I44c12104eea2bd8558ada6d25d77edfecd92edd2
|
|
When using the migration script sip_to_pjsip.py, those keys got missing. These
keys might appear several times and the function "merge_value" tried to collect
those. However, because these keys have different names in sip.conf and
pjsip.conf, "merge_value" was not able to find the new key name in sip.conf.
This change lets "merge_value" search with the old key name in sip.conf and
write with the new key name in pjsip.conf.
ASTERISK-22374
Change-Id: Ie53c5278ae6f1cb8fa7e96c5289877d46981d9d2
|
|
When using the migration script sip_to_pjsip.py, the externhost or externip of
sip.conf were erroneously written to Endpoints instead to Transports.
ASTERISK-22374
Change-Id: I2c5873386cfc388899fa9cf2368639dd12f1b8e4
|
|
When using the migration script sip_to_pjsip.py, defaultexpiry, maxexpiry, and
minexpiry were not migrated to pjsip.conf.
ASTERISK-22374
Change-Id: I007fbf543dcadc96fc3ed71c54da502bcb209b7b
|
|
When using the migration script sip_to_pjsip.py, encryption=yes got missing and
media_encryption=sdes was not written to pjsip.conf, because of a typo.
ASTERISK-22374
Change-Id: I0fc3e55dc512a57603ae0fef41baacccf2a35c05
|
|
When using the migration script sip_to_pjsip.py, both tos_sip and cos_sip got
missed, because of a typo. Therefore, cos and tos were not written to
pjsip.conf. Furthermore, that revealed a misuse of an internal function, caused
by a copy-and-paste error.
ASTERISK-22374
Change-Id: Id245ebadf70ab9776eb280c026288540af3af5c2
|
|
When using the migration script sip_to_pjsip.py, cert_file and ca_list_path were
not migrated to pjsip.conf.
ASTERISK-22374
Change-Id: I4612877d190b7f86a48698cefbf5c4db6c265825
|
|
contact_user, when specified on an endpoint, will override the user
portion of the Contact header on outgoing requests.
Change-Id: Icd4ebfda2f2e44d3ac749d0b4066630e988407d4
|
|
A new identify_by option was added recently, auth_username. However, this
setting was not added as an allowable choice in the database enumeration
value.
This patch updates the current enumeration, adding in the new setting.
ASTERISK-26268 #close
Change-Id: Ib4788e8485e4cd40172ec0abbf5810a147ab8bf8
|
|
The extensions table defined two columns (id and priority) as primary key
autoincrement columns. However only one is allowed when defining the primary
key.
This patch removes the autoincrement attribute from the priority column since
it does not need to be as such and really should not have been on there in the
first place.
This patch also removes 'context', 'exten', and 'priority' from the primary key
index and creates a new combined unique contraint index on them.
ASTERISK-26183 #close
Change-Id: Ib9c712c612a4d7ec1edb0dcb77f1bae0905a470b
|
|
The PJSIP taskprocessors could be overflowed on startup
if there are many (thousands) realtime endpoints
configured with unsolicited mwi.
The PJSIP stack could be totally unresponsive for a few minutes
after boot completed.
This patch creates a separate PJSIP serializers pool for mwi
and makes unsolicited mwi use serializers from this pool.
This patch also adds 2 new global options to tune taskprocessor
alert levels: 'mwi_tps_queue_high' and 'mwi_tps_queue_low'.
This patch also adds new global option 'mwi_disable_initial_unsolicited'
to disable sending unsolicited mwi to all endpoints on startup.
If disabled then unsolicited mwi will start processing
on next endpoint's contact update.
ASTERISK-26230 #close
Change-Id: I4c8ecb82c249eb887930980a800c9f87f28f861a
|
|
The regular expression would match causing the code that handled
the line if it was merely a comment to never get executed.
Change-Id: I3e4022481037ebcba9905587fe8c764b4ce21819
|
|
Change-Id: I2dea5815363f4d787d709228a04f33baee383ef5
|
|
|
|
When configuring SIP URIs in the pjsip.conf file it is
necessary to escape the semicolon so the parser does not
treat it as a comment. This change allows this to work in
the astconfigparser implementation.
A secondary bug where some data was lost if a configuration
option included a "=" in its value was also fixed.
A bug where sections would be considered equal despite
being different has also been fixed.
Change-Id: If229f656ef22050b50e7b34e90c4bffe796431f8
|
|
sqlalchemy was complaining:
sqlalchemy.exc.IdentifierError: Identifier
'ps_contacts_qualifyfreq_exptime' exceeds maximum length of 30
characters
This fixes the problem by changing the index name to be
"ps_contacts_qualifyfreq_exp" instead.
ASTERISK-26227 #close
Reported by Mark Michelson
Change-Id: I0ed784f87504be2a59ee8d3242ef6f625d5ed1a9
|
|
The new endpoint option allows the PJSIP channel driver's fax_detect
endpoint option to timeout on a call after the specified number of
seconds into a call. The new feature is disabled if the timeout is set
to zero. The option is disabled by default.
ASTERISK-26214
Reported by: Richard Mudgett
Change-Id: Id5a87375fb2c4f9dc1d4b44c78ec8735ba65453d
|
|
|
|
Since 5th November 2014, the master branch of libSRTP changed the prefix of
several member names and is not compatible with the source code in Asterisk
anymore. Therefore instead, this change checks out the latest version of the
libSRTP 1.5.x branch. Furthermore now, libSRTP is compiled with OpenSSL as
backend. This makes AES-GCM and AES-IN possible.
ASTERISK-22131 #close
Change-Id: I2e396cdc01da0ff610686e398ed210ca7408f7d6
|
|
If specified, incoming SUBSCRIBE requests will be searched for the matching
extension in the indicated context. If no "subscribe_context" is specified,
then the "context" setting is used.
ASTERISK-25471 #close
Change-Id: I3fb7a15f5bc154079bd348c08b7ad1cdd2d5e514
|
|
|
|
A non-existent constraint was being referenced in the upgrade script.
This patch corrects the problem by removing the reference.
This patch fixes another realtime problem as well. Our Alembic scripts
store booleans as yes or no values. However, Sorcery tries to insert
"true" or "false" instead. This patch updates Sorcery to use "yes" and
"no"
ASTERISK-26128 #close
Change-Id: I366dbbf91418a9cb160b3ca74b0e59b5ac284bec
|
|
The patch removes updating all Endpoints' status on startup.
Instead, only non-qualified aors with static contact
and non-qualified non-expired contacts are retrieved from the realtime to
update the endpoint status to ONLINE.
The endpoint name was added to the contact object to simply find the endpoint
that created this contact.
The status of endpoints with qualified aors will be updated by 'qualify'
functions.
ASTERISK-26061 #close
Change-Id: Id324c1776fa55d3741e0c5457ecac0304cb1a0df
|
|
The 81b01a191a46_pjsip_add_contact_reg_server.py script was attempting
to use UniqueConstraint and failing. It was not imported and after
importing it also continued to fail.
I've changed the script to use the explicit name of the constraint
instead.
Change-Id: I2438b0be90b7ce583b47dd27983c0c1a02cea5b9
|
|
As res_pjsip_nat rewrites contact's address, only the last Via header
can contain the source address of registered endpoint.
Also Call-Id header may contain the source address of registered
endpoint.
Added "via_addr", "via_port", "call_id" to contact.
Added new fields ViaAddress, CallID to AMI event ContactStatus.
ASTERISK-26011
Change-Id: I36bcc0bf422b3e0623680152d80486aeafe4c576
|
|
With the old SIP module we can use IP access controls per peer.
PJSIP module missing this feature.
This patch added next configuration Endpoint options:
"acl" - list of IP ACL section names in acl.conf
"deny" - List of IP addresses to deny access from
"permit" - List of IP addresses to permit access from
"contact_acl" - List of Contact ACL section names in acl.conf
"contact_deny" - List of Contact header addresses to deny
"contact_permit" - List of Contact header addresses to permit
This patch also better logging failed request:
add custom message instead of "No matching endpoint found"
add SIP method to logging
ASTERISK-25900
Change-Id: I456dea3909d929d413864fb347d28578415ebf02
|
|
|
|
This patch modified pjsip_options to retrieve only
permament contacts for aor if the qualify_frequency is > 0
and persisted contacts if the qualify_frequency is > 0.
This patch also fixed a bug in res_sorcery_astdb.
res_sorcery_astdb doesn't save object data retrived from astdb.
ASTERISK-25826
Change-Id: I1831fa46c4578eae5a3e574ee3362fddf08a1f05
|
|
ASTERISK-25931
Change-Id: Icc4321a88f5c93ff809da3f372eebbf69c6a8549
|
|
into 13
|
|
For all OSes:
* Disabled third-party codecs in pjproject and added
'--disable-speex-codec --disable-speex-aec --disable-gsm-codec' to the
configure options since we don't use the pjsip codec capability.
FreeBSD:
* Added FreeBSD support to install_prereq.
* Changed pjproject/configure.m4 to use $GNU_MAKE instead of hardcoding "make".
* Added __progname and environ to asterisk.exports.in.
* Reverted the use of ldconfig to create shared library symlinks to ln.
* Only enable epoll in pjproject if `uname -s` is Linux.
* Added a patch to pjproject to take the name of the 'make' command from
an environment variable if supplied. This is needed for the python bindings.
(merged by Teluu into pjproject trunk 5/3/2016)
FreeBSD support isn't complete. Still some general issues regarding
make/gmake having nothing to do with pjproject. With some handholding it DOES
build successfully.
CentOS:
Added 'patch' and 'bzip2' to install_prereq PACKAGES_RH.
CentOS 6/7 32/64 build and run the pjsip testsuite successfully.
Ubuntu:
No changes required.
Ubuntu 15/16 32/64 build and run the pjsip testsuite successfully.
Debian:
No changes required.
Debian 6/7/8 32/64 build and run the pjsip testsuite successfully.
There will utimately be a follow-up patch to create an install_prereq for
the testsuite as I've discovered a few missing requirements.
ASTERISK-25968 #close
Change-Id: I5756a07facfc63798115a5e73a8709382fe9259c
|
|
If the Asterisk system name is set in asterisk.conf, it will be stored
into the "reg_server" field in the ps_contacts table to facilitate
multi-server setups.
ASTERISK-25931
Change-Id: Ia8f6bd2267809c78753b52bcf21835b9b59f4cb8
|
|
A feature of chan_sip that service providers relied upon was the ability to
identify by the Authorization username. This is most often used when customers
have a PBX that needs to register rather than identify by IP address. From my
own experiance, this is pretty common with small businesses who otherwise
don't need a static IP.
In this scenario, a register from the customer's PBX may succeed because From
will usually contain the PBXs account id but an INVITE will contain the caller
id. With nothing recognizable in From, the service provider's Asterisk can
never match to an endpoint and the INVITE just stays unauthorized.
The fixes:
A new value "auth_username" has been added to endpoint/identify_by that
will use the username and digest fields in the Authorization header
instead of username and domain in the the From header to match an endpoint,
or the To header to match an aor. This code as added to
res_pjsip_endpoint_identifier_user rather than creating a new module.
Although identify_by was always a comma-separated list, there was only
1 choice so order wasn't preserved. So to keep the order, a vector was added
to the end of ast_sip_endpoint. This is only used by res_pjsip_registrar
to find the aor. The res_pjsip_endpoint_identifier_* modules are called in
globals/endpoint_identifier_order.
Along the way, the logic in res_pjsip_registrar was corrected to match
most-specific to least-specific as res_pjsip_endpoint_identifier_user does.
The order is:
username@domain
username@domain_alias
username
Auth by username does present 1 problem however, the first INVITE won't have
an Authorization header so the distributor, not finding a match on anything,
sends a securty_alert. It still sends a 401 with a challenge so the next
INVITE will have the Authorization header and presumably succeed. As a result
though, that first security alert is actually a false alarm.
To address this, a new feature has been added to pjsip_distributor that keeps
track of unidentified requests and only sends the security alert if a
configurable number of unidentified requests come from the same IP in a
configurable amout of time. Those configuration options have been added to
the global config object. This feature is only used when auth_username
is enabled.
Finally, default_realm was added to the globals object to replace the hard
coded "asterisk" used when an endpoint is not yet identified.
The testsuite tests all pass but new tests are forthcoming for this new
feature.
ASTERISK-25835 #close
Reported-by: Ross Beer
Change-Id: I30ba62d208e6f63439600916fcd1c08a365ed69d
|
|
This patch added new global pjsip option 'disable_multi_domain'.
Disabling Multi Domain can improve Realtime performance by reducing
number of database requests.
ASTERISK-25930 #close
Change-Id: I2e7160f3aae68475d52742107949a799aa2c7dc7
|
|
Because SQLite doesn't support full ALTER capabilities, alembic scripts
require batch operations. However, that capability wasn't available until
0.7.0 which some distributions haven't reached yet. Therefore, the batch
operations introduced in commit 86d6e44cc (review 2319) have been reverted
and SQLite is unsupported again, for now anyway.
Tested the full upgrade and downgrade on MySQL/Mariadb and Postgresql.
ASTERISK-25890 #close
Reported-by: Harley Peters
Change-Id: I82eba5456736320256f6775f5b0b40133f4d1c80
|
|
|
|
check_installed_debs wasn't handling virtual packages like libsrtp-dev and
libresample-dev and on multiarch systems it was accidentally filtering out all
packages if any :i386 packages were found instead of just filtering out the
:i386 packages themselves.
Change-Id: Ifd68da0d1ee30cc84df14de3f9b9079d7c3cecda
|
|
res_pjsip_mwi was missing the chan_sip "vmexten" functionality which adds
the Message-Account header to the MWI NOTIFY. Also, specifying mailboxes
on endpoints for unsolicited mwi and on aors for subscriptions required
that the admin know in advance which the client wanted. If you specified
mailboxes on the endpoint, subscriptions were rejected even if you also
specified mailboxes on the aor.
Voicemail extension:
* Added a global default_voicemail_extension which defaults to "".
* Added voicemail_extension to both endpoint and aor.
* Added ast_sip_subscription_get_dialog for support.
* Added ast_sip_subscription_get_sip_uri for support.
When an unsolicited NOTIFY is constructed, the From header is parsed, the
voicemail extension from the endpoint is substituted for the user, and the
result placed in the Message-Account field in the body.
When a subscribed NOTIFY is constructed, the subscription dialog local uri
is parsed, the voicemail_extension from the aor (looked up from the
subscription resource name) is substituted for the user, and the result
placed in the Message-Account field in the body.
If no voicemail extension was defined, the Message-Account field is not added
to the NOTIFY body.
mwi_subscribe_replaces_unsolicited:
* Added mwi_subscribe_replaces_unsolicited to endpoint.
The previous behavior was to reject a subscribe if a previous internal
subscription for unsolicited MWI was found for the mailbox. That remains the
default. However, if there are mailboxes also set on the aor and the client
subscribes and mwi_subscribe_replaces_unsolicited is set, the existing internal
subscription is removed and replaced with the external subscription. This
allows an admin to configure mailboxes on both the endpoint and aor and allows
the client to select which to use.
ASTERISK-25865 #close
Reported-by: Ross Beer
Change-Id: Ic15a9415091760539c7134a5ba3dc4a6a1217cea
|
|
There were a number of places in the res_pjsip stack that were getting
all endpoints or all aors, and then filtering them locally.
A good example is pjsip_options which, on startup, retrieves all
endpoints, then the aors for those endpoints, then tests the aors to see
if the qualify_frequency is > 0. One issue was that it never did
anything with the endpoints other than retrieve the aors so we probably
could have skipped a step and just retrieved all aors. But nevermind.
This worked reasonably well with local config files but with a realtime
backend and thousands of objects, this was a nightmare. The issue
really boiled down to the fact that while realtime supports predicates
that are passed to the database engine, the non-realtime sorcery
backends didn't.
They do now.
The realtime engines have a scheme for doing simple comparisons. They
take in an ast_variable (or list) for matching, and the name of each
variable can contain an operator. For instance, a name of
"qualify_frequency >" and a value of "0" would create a SQL predicate
that looks like "where qualify_frequency > '0'". If there's no operator
after the name, the engines add an '=' so a simple name of
"qualify_frequency" and a value of "10" would return exact matches.
The non-realtime backends decide whether to include an object in a
result set by calling ast_sorcery_changeset_create on every object in
the internal container. However, ast_sorcery_changeset_create only does
exact string matches though so a name of "qualify_frequency >" and a
value of "0" returns nothing because the literal "qualify_frequency >"
doesn't match any name in the objset set.
So, the real task was to create a generic string matcher that can take a
left value, operator and a right value and perform the match. To that
end, strings.c has a new ast_strings_match(left, operator, right)
function. Left and right are the strings to operate on and the operator
can be a string containing any of the following: = (or NULL or ""), !=,
>, >=, <, <=, like or regex. If the operator is like or regex, the
right string should be a %-pattern or a regex expression. If both left
and right can be converted to float, then a numeric comparison is
performed, otherwise a string comparison is performed.
To use this new function on ast_variables, 2 new functions were added to
config.c. One that compares 2 ast_variables, and one that compares 2
ast_variable lists. The former is useful when you want to compare 2
ast_variables that happen to be in a list but don't want to traverse the
list. The latter will traverse the right list and return true if all
the variables in it match the left list.
Now, the backends' fields_cmp functions call ast_variable_lists_match
instead of ast_sorcery_changeset_create and they can now process the
same syntax as the realtime engines. The realtime backend just passes
the variable list unaltered to the engine. The only gotcha is that
there's no common realtime engine support for regex so that's been noted
in the api docs for ast_sorcery_retrieve_by_fields.
Only one more change to sorcery was done... A new config flag
"allow_unqualified_fetch" was added to reg_sorcery_realtime.
"no": ignore fetches if no predicate fields were supplied.
"error": same as no but emit an error. (good for testing)
"yes": allow (the default);
"warn": allow but emit a warning. (good for testing)
Now on to res_pjsip...
pjsip_options was modified to retrieve aors with qualify_frequency > 0
rather than all endpoints then all aors. Not only was this a big
improvement in realtime retrieval but even for config files there's an
improvement because we're not going through endpoints anymore.
res_pjsip_mwi was modified to retieve only endpoints with something in
the mailboxes field instead of all endpoints then testing mailboxes.
res_pjsip_registrar_expire was completely refactored. It was retrieving
all contacts then setting up scheduler entries to check for expiration.
Now, it's a single thread (like keepalive) that periodically retrieves
only contacts whose expiration time is < now and deletes them. A new
contact_expiration_check_interval was added to global with a default of
30 seconds.
Ross Beer reports that with this patch, his Asterisk startup time dropped
from around an hour to under 30 seconds.
There are still objects that can't be filtered at the database like
identifies, transports, and registrations. These are not going to be
anywhere near as numerous as endpoints, aors, auths, contacts however.
Back to allow_unqualified_fetch. If this is set to yes and you have a
very large number of objects in the database, the pjsip CLI commands
will attempt to retrive ALL of them if not qualified with a LIKE.
Worse, if you type "pjsip show endpoint <tab>" guess what's going to
happen? :) Having a cache helps but all the objects will have to be
retrieved at least once to fill the cache. Setting
allow_unqualified_fetch=no prevents the mass retrieve and should be used
on endpoints, auths, aors, and contacts. It should NOT be used for
identifies, registrations and transports since these MUST be
retrieved in bulk.
Example sorcery.conf:
[res_pjsip]
endpoint=config,pjsip.conf,criteria=type=endpoint
endpoint=realtime,ps_endpoints,allow_unqualified_fetch=error
ASTERISK-25826 #close
Reported-by: Ross Beer
Tested-by: Ross Beer
Change-Id: Id2691e447db90892890036e663aaf907b2dc1c67
|
|
into 13
|
|
When to install packages the indexed local is more old of the
version of software on the repository they have been upgraded by security
update then get the package will give 404 not found.
The patch prevent by update local index to repository for aptitude before
install.
ASTERISK-25495 #close
Reporte by: Rodrigo Ramírez Norambuena
Change-Id: I645959e553aac542805ced394cac2dca964051fa
(cherry picked from commit 88f3dbaec9509bfba8bc1de7799aa0dc65304bb5)
|
|
If in Debian or system based, dont have aptitude installed the script do
nothing. This patch checked if aptitude installed, if not installed.
Also, if execute script with all packages installed yet, the script not show
nothing and return exit 1 because the command 'grep' get nothing from pipe from
'awk'.
ASTERISK-25113 #close
Reported By: Rodrigo Ramírez Norambuena <decipher.hk@gmail.com>
Change-Id: Iebdff55805d3917166e5e08e0a1e2176f36ff27f
(cherry picked from commit 6737ded0581a9e1256bdfe30c1d747e7ca93f8b3)
|
|
|
