|
[-]
[+]
|
Changed |
asterisk.changes
|
|
|
|
[-]
[+]
|
Changed |
asterisk.spec
^
|
|
|
|
[-]
[+]
|
Deleted |
asterisk-1.8.28.0.tar.xz/asterisk-1.8.28.0-summary.html
^
|
| @@ -1,312 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>Release Summary - asterisk-1.8.28.0</title></head>
-<body>
-<h1 align="center"><a name="top">Release Summary</a></h1>
-<h3 align="center">asterisk-1.8.28.0</h3>
-<h3 align="center">Date: 2014-05-29</h3>
-<h3 align="center"><asteriskteam@digium.com></h3>
-<hr/>
-<h2 align="center">Table of Contents</h2>
-<ol>
- <li><a href="#summary">Summary</a></li>
- <li><a href="#contributors">Contributors</a></li>
- <li><a href="#issues">Closed Issues</a></li>
- <li><a href="#commits">Other Changes</a></li>
- <li><a href="#diffstat">Diffstat</a></li>
-</ol>
-<hr/>
-<a name="summary"><h2 align="center">Summary</h2></a>
-<center><a href="#top">[Back to Top]</a></center><br/><p>This release includes only bug fixes. The changes included were made only to address problems that have been identified in this release series. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous release series are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.</p>
-<p>The data in this summary reflects changes that have been made since the previous release, asterisk-1.8.27.0.</p>
-<hr/>
-<a name="contributors"><h2 align="center">Contributors</h2></a>
-<center><a href="#top">[Back to Top]</a></center><br/><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were closed by commits that went into this release.</p>
-<table width="100%" border="0">
-<tr>
-<td width="33%"><h3>Coders</h3></td>
-<td width="33%"><h3>Testers</h3></td>
-<td width="33%"><h3>Reporters</h3></td>
-</tr>
-<tr valign="top">
-<td>
-6 rmudgett<br/>
-5 wdoekes<br/>
-4 kmoore<br/>
-4 mmichelson<br/>
-3 jrose<br/>
-3 mjordan<br/>
-1 Bradley Watkins<br/>
-1 David Woodhouse<br/>
-1 file<br/>
-1 jcolp<br/>
-1 may<br/>
-1 newtonr<br/>
-1 sgriepentrog<br/>
-1 Steve Davies<br/>
-</td>
-<td>
-</td>
-<td>
-2 kristoff<br/>
-2 wdoekes<br/>
-1 dwmw2<br/>
-1 gma<br/>
-1 igorg<br/>
-1 italorossi<br/>
-1 marquis<br/>
-1 mjordan<br/>
-1 mmichelson<br/>
-1 one47<br/>
-1 rolek<br/>
-</td>
-</tr>
-</table>
-<hr/>
-<a name="issues"><h2 align="center">Closed Issues</h2></a>
-<center><a href="#top">[Back to Top]</a></center><br/><p>This is a list of all issues from the issue tracker that were closed by changes that went into this release.</p>
-<h3>Category: Addons/chan_ooh323</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23754">ASTERISK-23754</a>: [patch] Use var/lib directory for log file configured in asterisk.conf<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=414152">414152</a><br/>
-Reporter: igorg<br/>
-Coders: may<br/>
-<br/>
-<h3>Category: Applications/app_queue</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23547">ASTERISK-23547</a>: [patch] app_queue removing callers from queue when reloading<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411584">411584</a><br/>
-Reporter: italorossi<br/>
-Coders: jcolp<br/>
-<br/>
-<h3>Category: Applications/app_sms</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-18331">ASTERISK-18331</a>: app_sms failure<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412655">412655</a><br/>
-Reporter: dwmw2<br/>
-Coders: David Woodhouse<br/>
-<br/>
-<h3>Category: Applications/app_stack</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23620">ASTERISK-23620</a>: Code path in app_stack fails to unlock list<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412225">412225</a><br/>
-Reporter: marquis<br/>
-Coders: Bradley Watkins<br/>
-<br/>
-<h3>Category: CEL/General</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-22977">ASTERISK-22977</a>: chan_sip+CEL: missing ANSWER and PICKUP event for INVITE/w/replaces pickup<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413832">413832</a><br/>
-Reporter: wdoekes<br/>
-Coders: wdoekes<br/>
-<br/>
-<h3>Category: Channels/chan_dahdi</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23709">ASTERISK-23709</a>: Regression in Dahdi/Analog/waitfordialtone<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=414067">414067</a><br/>
-Reporter: one47<br/>
-Coders: Steve Davies<br/>
-<br/>
-<h3>Category: Channels/chan_sip/General</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-19465">ASTERISK-19465</a>: P-Asserted-Identity Privacy<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412744">412744</a><br/>
-Reporter: kristoff<br/>
-Coders: jrose<br/>
-<br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-19465">ASTERISK-19465</a>: P-Asserted-Identity Privacy<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412821">412821</a><br/>
-Reporter: kristoff<br/>
-Coders: jrose<br/>
-<br/>
-<h3>Category: Channels/chan_sip/Transfers</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-22977">ASTERISK-22977</a>: chan_sip+CEL: missing ANSWER and PICKUP event for INVITE/w/replaces pickup<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413832">413832</a><br/>
-Reporter: wdoekes<br/>
-Coders: wdoekes<br/>
-<br/>
-<h3>Category: Core/Channels</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-22846">ASTERISK-22846</a>: testsuite: masquerade super test fails on all branches (still)<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411715">411715</a><br/>
-Reporter: mjordan<br/>
-Coders: rmudgett<br/>
-<br/>
-<h3>Category: Core/Configuration</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23546">ASTERISK-23546</a>: CB_ADD_LEN does not do what you'd think<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411960">411960</a><br/>
-Reporter: wdoekes<br/>
-Coders: rmudgett<br/>
-<br/>
-<h3>Category: Core/General</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23546">ASTERISK-23546</a>: CB_ADD_LEN does not do what you'd think<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411960">411960</a><br/>
-Reporter: wdoekes<br/>
-Coders: rmudgett<br/>
-<br/>
-<h3>Category: Core/RTP</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23665">ASTERISK-23665</a>: Wrong mime type for codec H263-1998 (h263+)<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413787">413787</a><br/>
-Reporter: gma<br/>
-Coders: wdoekes<br/>
-<br/>
-<h3>Category: Functions/func_strings</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23650">ASTERISK-23650</a>: Intermittent segfault in string functions<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=414214">414214</a><br/>
-Reporter: rolek<br/>
-Coders: sgriepentrog<br/>
-<br/>
-<h3>Category: Resources/res_config_pgsql</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-23707">ASTERISK-23707</a>: Realtime Contacts: Apparent mismatch between PGSQL database state and Asterisk state<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413224">413224</a><br/>
-Reporter: mmichelson<br/>
-Coders: mmichelson<br/>
-<br/>
-<h3>Category: Tests/testsuite</h3><br/>
-<a href="https://issues.asterisk.org/jira/browse/ASTERISK-22846">ASTERISK-22846</a>: testsuite: masquerade super test fails on all branches (still)<br/>
-Revision: <a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411715">411715</a><br/>
-Reporter: mjordan<br/>
-Coders: rmudgett<br/>
-<br/>
-<hr/>
-<a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a>
-<center><a href="#top">[Back to Top]</a></center><br/><p>This is a list of all changes that went into this release that did not directly close an issue from the issue tracker. The commits may have been marked as being related to an issue. If that is the case, the issue numbers are listed here, as well.</p>
-<table width="100%" border="1">
-<tr><td><b>Revision</b></td><td><b>Author</b></td><td><b>Summary</b></td><td><b>Issues Referenced</b></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411807">411807</a></td><td>wdoekes</td><td>configs: Clean up long line and typo in res_odbc.conf.sample.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=411964">411964</a></td><td>rmudgett</td><td>Internal timing: Add notice that the -I and internal_timing option are no longer needed.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412114">412114</a></td><td>mjordan</td><td>main/astobj2: Make REF_DEBUG a menuselect item; improve REF_DEBUG output</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412480">412480</a></td><td>mjordan</td><td>channels/chan_oss: Fix compilation problem on SmartOS/Illumos/SunOS</td>
-<td><a href="https://issues.asterisk.org/jira/browse/ASTERISK-23576">ASTERISK-23576</a></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412585">412585</a></td><td>newtonr</td><td>sounds: Fix Sounds Makefile and XML that didn't support new sound prompt sets</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412745">412745</a></td><td>kmoore</td><td>HTTP: Add TCP_NODELAY to accepted connections</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412764">412764</a></td><td>jrose</td><td>Typo in CHANGES</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=412922">412922</a></td><td>rmudgett</td><td>http: Fix spurious ERROR message in responses with no content.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413241">413241</a></td><td>mmichelson</td><td>Prevent crashes in res_config_odbc due to uninitialized string fields.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413304">413304</a></td><td>mmichelson</td><td>Ensure that all parts of SQL UPDATEs and DELETEs are encoded.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413396">413396</a></td><td>mmichelson</td><td>Fix encoding of custom prepare extra data.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413485">413485</a></td><td>file</td><td>app_queue: Extend documentation for various Manager actions and events.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413586">413586</a></td><td>kmoore</td><td>Allow Asterisk to compile under GCC 4.10</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413591">413591</a></td><td>kmoore</td><td>Fix 32bit build for chan_sip</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413592">413592</a></td><td>kmoore</td><td>Fix 32bit build for func_env</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413894">413894</a></td><td>wdoekes</td><td>res_musiconhold: Minor cleanup.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413949">413949</a></td><td>wdoekes</td><td>chan_local+app_dial: Propagagate call answered elsewhere over local channels.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=413991">413991</a></td><td>rmudgett</td><td>app_meetme: Fix overwrite of DAHDI conference data structure.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=414269">414269</a></td><td>rmudgett</td><td>chan_local: Only block media frames when a generator is on both ends of a local channel.</td>
-<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/branches/1.8?view=revision&revision=414345">414345</a></td><td>mjordan</td><td>UPGRADE: Add note for REF_DEBUG flag</td>
-<td></td></tr></table>
-<hr/>
-<a name="diffstat"><h2 align="center">Diffstat Results</h2></a>
-<center><a href="#top">[Back to Top]</a></center><br/><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p>
-<pre>
-CHANGES | 23 +++
-UPGRADE.txt | 15 ++
-addons/chan_ooh323.c | 5
-apps/app_adsiprog.c | 2
-apps/app_dial.c | 8 -
-apps/app_dumpchan.c | 6
-apps/app_festival.c | 2
-apps/app_getcpeid.c | 8 -
-apps/app_meetme.c | 40 ++++--
-apps/app_minivm.c | 4
-apps/app_queue.c | 96 +++++++++++----
-apps/app_sms.c | 46 ++++---
-apps/app_stack.c | 3
-apps/app_voicemail.c | 8 -
-build_tools/cflags.xml | 3
-cdr/cdr_adaptive_odbc.c | 4
-cel/cel_odbc.c | 6
-cel/cel_pgsql.c | 4
-channels/chan_alsa.c | 6
-channels/chan_dahdi.c | 52 ++++----
-channels/chan_gtalk.c | 12 +
-channels/chan_iax2.c | 78 ++++++------
-channels/chan_jingle.c | 14 +-
-channels/chan_local.c | 22 ++-
-channels/chan_mgcp.c | 26 ++--
-channels/chan_oss.c | 2
-channels/chan_phone.c | 4
-channels/chan_sip.c | 245 +++++++++++++++++++++++----------------
-channels/chan_skinny.c | 24 +--
-channels/chan_unistim.c | 74 +++++------
-channels/iax2-parser.c | 4
-channels/sig_analog.c | 30 ++--
-channels/sig_pri.c | 101 +++++++++++-----
-channels/sip/config_parser.c | 2
-channels/sip/include/sip.h | 11 +
-configs/asterisk.conf.sample | 1
-configs/res_odbc.conf.sample | 8 -
-configs/sip.conf.sample | 12 +
-configure.ac | 2
-contrib/scripts/refcounter.py | 171 +++++++++++++++++++++++++++
-formats/format_pcm.c | 8 -
-funcs/func_enum.c | 2
-funcs/func_env.c | 6
-funcs/func_iconv.c | 2
-funcs/func_srv.c | 6
-funcs/func_strings.c | 2
-funcs/func_sysinfo.c | 10 -
-include/asterisk/astobj.h | 2
-include/asterisk/astobj2.h | 129 +++++++++++---------
-include/asterisk/autoconfig.h.in | 9 -
-include/asterisk/options.h | 6
-include/asterisk/utils.h | 9 +
-main/abstract_jb.c | 2
-main/adsi.c | 2
-main/aoc.c | 4
-main/app.c | 4
-main/asterisk.c | 22 ++-
-main/astobj2.c | 62 ++++++---
-main/audiohook.c | 6
-main/bridging.c | 10 -
-main/callerid.c | 8 -
-main/ccss.c | 20 +--
-main/cel.c | 2
-main/channel.c | 148 ++++++++++++-----------
-main/cli.c | 12 -
-main/config.c | 10 -
-main/data.c | 13 +-
-main/devicestate.c | 4
-main/dsp.c | 2
-main/enum.c | 4
-main/event.c | 4
-main/features.c | 12 -
-main/file.c | 2
-main/frame.c | 14 +-
-main/http.c | 22 +++
-main/io.c | 4
-main/loader.c | 4
-main/logger.c | 15 --
-main/manager.c | 11 -
-main/netsock.c | 6
-main/pbx.c | 2
-main/rtp_engine.c | 4
-main/sched.c | 6
-main/security_events.c | 6
-main/stdtime/localtime.c | 2
-main/stun.c | 10 -
-main/taskprocessor.c | 2
-main/translate.c | 6
-main/udptl.c | 8 -
-main/utils.c | 33 ++++-
-main/xmldoc.c | 2
-pbx/dundi-parser.c | 8 -
-pbx/pbx_config.c | 2
-pbx/pbx_dundi.c | 8 -
-res/ael/pval.c | 2
-res/res_agi.c | 4
-res/res_calendar.c | 8 -
-res/res_calendar_caldav.c | 7 -
-res/res_calendar_ews.c | 2
-res/res_calendar_exchange.c | 4
-res/res_calendar_icalendar.c | 2
-res/res_config_odbc.c | 63 ++++++----
-res/res_config_pgsql.c | 11 -
-res/res_crypto.c | 2
-res/res_fax.c | 56 ++++----
-res/res_fax_spandsp.c | 16 +-
-res/res_jabber.c | 28 ++--
-res/res_monitor.c | 4
-res/res_musiconhold.c | 70 ++++-------
-res/res_odbc.c | 2
-res/res_pktccops.c | 19 +--
-res/res_rtp_asterisk.c | 46 +++----
-res/res_srtp.c | 10 -
-res/res_timing_dahdi.c | 4
-sounds/Makefile | 6
-sounds/sounds.xml | 171 +++++++++++++++++++++++++--
-116 files changed, 1553 insertions(+), 887 deletions(-)
-</pre><br/>
-<hr/>
-</body>
-</html>
|
|
[-]
[+]
|
Deleted |
asterisk-1.8.28.0.tar.xz/asterisk-1.8.28.0-summary.txt
^
|
| @@ -1,407 +0,0 @@
- Release Summary
-
- asterisk-1.8.28.0
-
- Date: 2014-05-29
-
- <asteriskteam@digium.com>
-
- ----------------------------------------------------------------------
-
- Table of Contents
-
- 1. Summary
- 2. Contributors
- 3. Closed Issues
- 4. Other Changes
- 5. Diffstat
-
- ----------------------------------------------------------------------
-
- Summary
-
- [Back to Top]
-
- This release includes only bug fixes. The changes included were made only
- to address problems that have been identified in this release series.
- Users should be able to safely upgrade to this version if this release
- series is already in use. Users considering upgrading from a previous
- release series are strongly encouraged to review the UPGRADE.txt document
- as well as the CHANGES document for information about upgrading to this
- release series.
-
- The data in this summary reflects changes that have been made since the
- previous release, asterisk-1.8.27.0.
-
- ----------------------------------------------------------------------
-
- Contributors
-
- [Back to Top]
-
- This table lists the people who have submitted code, those that have
- tested patches, as well as those that reported issues on the issue tracker
- that were resolved in this release. For coders, the number is how many of
- their patches (of any size) were committed into this release. For testers,
- the number is the number of times their name was listed as assisting with
- testing a patch. Finally, for reporters, the number is the number of
- issues that they reported that were closed by commits that went into this
- release.
-
- Coders Testers Reporters
- 6 rmudgett 2 kristoff
- 5 wdoekes 2 wdoekes
- 4 kmoore 1 dwmw2
- 4 mmichelson 1 gma
- 3 jrose 1 igorg
- 3 mjordan 1 italorossi
- 1 Bradley Watkins 1 marquis
- 1 David Woodhouse 1 mjordan
- 1 file 1 mmichelson
- 1 jcolp 1 one47
- 1 may 1 rolek
- 1 newtonr
- 1 sgriepentrog
- 1 Steve Davies
-
- ----------------------------------------------------------------------
-
- Closed Issues
-
- [Back to Top]
-
- This is a list of all issues from the issue tracker that were closed by
- changes that went into this release.
-
- Category: Addons/chan_ooh323
-
- ASTERISK-23754: [patch] Use var/lib directory for log file configured in
- asterisk.conf
- Revision: 414152
- Reporter: igorg
- Coders: may
-
- Category: Applications/app_queue
-
- ASTERISK-23547: [patch] app_queue removing callers from queue when
- reloading
- Revision: 411584
- Reporter: italorossi
- Coders: jcolp
-
- Category: Applications/app_sms
-
- ASTERISK-18331: app_sms failure
- Revision: 412655
- Reporter: dwmw2
- Coders: David Woodhouse
-
- Category: Applications/app_stack
-
- ASTERISK-23620: Code path in app_stack fails to unlock list
- Revision: 412225
- Reporter: marquis
- Coders: Bradley Watkins
-
- Category: CEL/General
-
- ASTERISK-22977: chan_sip+CEL: missing ANSWER and PICKUP event for
- INVITE/w/replaces pickup
- Revision: 413832
- Reporter: wdoekes
- Coders: wdoekes
-
- Category: Channels/chan_dahdi
-
- ASTERISK-23709: Regression in Dahdi/Analog/waitfordialtone
- Revision: 414067
- Reporter: one47
- Coders: Steve Davies
-
- Category: Channels/chan_sip/General
-
- ASTERISK-19465: P-Asserted-Identity Privacy
- Revision: 412744
- Reporter: kristoff
- Coders: jrose
-
- ASTERISK-19465: P-Asserted-Identity Privacy
- Revision: 412821
- Reporter: kristoff
- Coders: jrose
-
- Category: Channels/chan_sip/Transfers
-
- ASTERISK-22977: chan_sip+CEL: missing ANSWER and PICKUP event for
- INVITE/w/replaces pickup
- Revision: 413832
- Reporter: wdoekes
- Coders: wdoekes
-
- Category: Core/Channels
-
- ASTERISK-22846: testsuite: masquerade super test fails on all branches
- (still)
- Revision: 411715
- Reporter: mjordan
- Coders: rmudgett
-
- Category: Core/Configuration
-
- ASTERISK-23546: CB_ADD_LEN does not do what you'd think
- Revision: 411960
- Reporter: wdoekes
- Coders: rmudgett
-
- Category: Core/General
-
- ASTERISK-23546: CB_ADD_LEN does not do what you'd think
- Revision: 411960
- Reporter: wdoekes
- Coders: rmudgett
-
- Category: Core/RTP
-
- ASTERISK-23665: Wrong mime type for codec H263-1998 (h263+)
- Revision: 413787
- Reporter: gma
- Coders: wdoekes
-
- Category: Functions/func_strings
-
- ASTERISK-23650: Intermittent segfault in string functions
- Revision: 414214
- Reporter: rolek
- Coders: sgriepentrog
-
- Category: Resources/res_config_pgsql
-
- ASTERISK-23707: Realtime Contacts: Apparent mismatch between PGSQL
- database state and Asterisk state
- Revision: 413224
- Reporter: mmichelson
- Coders: mmichelson
-
- Category: Tests/testsuite
-
- ASTERISK-22846: testsuite: masquerade super test fails on all branches
- (still)
- Revision: 411715
- Reporter: mjordan
- Coders: rmudgett
-
- ----------------------------------------------------------------------
-
- Commits Not Associated with an Issue
-
- [Back to Top]
-
- This is a list of all changes that went into this release that did not
- directly close an issue from the issue tracker. The commits may have been
- marked as being related to an issue. If that is the case, the issue
- numbers are listed here, as well.
-
- +------------------------------------------------------------------------+
- | Revision | Author | Summary | Issues |
- | | | | Referenced |
- |----------+------------+-------------------------------+----------------|
- | | | configs: Clean up long line | |
- | 411807 | wdoekes | and typo in | |
- | | | res_odbc.conf.sample. | |
- |----------+------------+-------------------------------+----------------|
- | | | Internal timing: Add notice | |
- | 411964 | rmudgett | that the -I and | |
- | | | internal_timing option are no | |
- | | | longer needed. | |
- |----------+------------+-------------------------------+----------------|
- | | | main/astobj2: Make REF_DEBUG | |
- | 412114 | mjordan | a menuselect item; improve | |
- | | | REF_DEBUG output | |
- |----------+------------+-------------------------------+----------------|
- | | | channels/chan_oss: Fix | |
- | 412480 | mjordan | compilation problem on | ASTERISK-23576 |
- | | | SmartOS/Illumos/SunOS | |
- |----------+------------+-------------------------------+----------------|
- | | | sounds: Fix Sounds Makefile | |
- | 412585 | newtonr | and XML that didn't support | |
- | | | new sound prompt sets | |
- |----------+------------+-------------------------------+----------------|
- | 412745 | kmoore | HTTP: Add TCP_NODELAY to | |
- | | | accepted connections | |
- |----------+------------+-------------------------------+----------------|
- | 412764 | jrose | Typo in CHANGES | |
- |----------+------------+-------------------------------+----------------|
- | | | http: Fix spurious ERROR | |
- | 412922 | rmudgett | message in responses with no | |
- | | | content. | |
- |----------+------------+-------------------------------+----------------|
- | | | Prevent crashes in | |
- | 413241 | mmichelson | res_config_odbc due to | |
- | | | uninitialized string fields. | |
- |----------+------------+-------------------------------+----------------|
- | | | Ensure that all parts of SQL | |
- | 413304 | mmichelson | UPDATEs and DELETEs are | |
- | | | encoded. | |
- |----------+------------+-------------------------------+----------------|
- | 413396 | mmichelson | Fix encoding of custom | |
- | | | prepare extra data. | |
- |----------+------------+-------------------------------+----------------|
- | | | app_queue: Extend | |
- | 413485 | file | documentation for various | |
- | | | Manager actions and events. | |
- |----------+------------+-------------------------------+----------------|
- | 413586 | kmoore | Allow Asterisk to compile | |
- | | | under GCC 4.10 | |
- |----------+------------+-------------------------------+----------------|
- | 413591 | kmoore | Fix 32bit build for chan_sip | |
- |----------+------------+-------------------------------+----------------|
- | 413592 | kmoore | Fix 32bit build for func_env | |
- |----------+------------+-------------------------------+----------------|
- | 413894 | wdoekes | res_musiconhold: Minor | |
- | | | cleanup. | |
- |----------+------------+-------------------------------+----------------|
- | | | chan_local+app_dial: | |
- | 413949 | wdoekes | Propagagate call answered | |
- | | | elsewhere over local | |
- | | | channels. | |
- |----------+------------+-------------------------------+----------------|
- | | | app_meetme: Fix overwrite of | |
- | 413991 | rmudgett | DAHDI conference data | |
- | | | structure. | |
- |----------+------------+-------------------------------+----------------|
- | | | chan_local: Only block media | |
- | 414269 | rmudgett | frames when a generator is on | |
- | | | both ends of a local channel. | |
- |----------+------------+-------------------------------+----------------|
- | 414345 | mjordan | UPGRADE: Add note for | |
- | | | REF_DEBUG flag | |
- +------------------------------------------------------------------------+
-
- ----------------------------------------------------------------------
-
- Diffstat Results
-
- [Back to Top]
-
- This is a summary of the changes to the source code that went into this
- release that was generated using the diffstat utility.
-
- CHANGES | 23 +++
- UPGRADE.txt | 15 ++
- addons/chan_ooh323.c | 5
- apps/app_adsiprog.c | 2
- apps/app_dial.c | 8 -
- apps/app_dumpchan.c | 6
- apps/app_festival.c | 2
- apps/app_getcpeid.c | 8 -
- apps/app_meetme.c | 40 ++++--
- apps/app_minivm.c | 4
- apps/app_queue.c | 96 +++++++++++----
- apps/app_sms.c | 46 ++++---
- apps/app_stack.c | 3
- apps/app_voicemail.c | 8 -
- build_tools/cflags.xml | 3
- cdr/cdr_adaptive_odbc.c | 4
- cel/cel_odbc.c | 6
- cel/cel_pgsql.c | 4
- channels/chan_alsa.c | 6
- channels/chan_dahdi.c | 52 ++++----
- channels/chan_gtalk.c | 12 +
- channels/chan_iax2.c | 78 ++++++------
- channels/chan_jingle.c | 14 +-
- channels/chan_local.c | 22 ++-
- channels/chan_mgcp.c | 26 ++--
- channels/chan_oss.c | 2
- channels/chan_phone.c | 4
- channels/chan_sip.c | 245 +++++++++++++++++++++++----------------
- channels/chan_skinny.c | 24 +--
- channels/chan_unistim.c | 74 +++++------
- channels/iax2-parser.c | 4
- channels/sig_analog.c | 30 ++--
- channels/sig_pri.c | 101 +++++++++++-----
- channels/sip/config_parser.c | 2
- channels/sip/include/sip.h | 11 +
- configs/asterisk.conf.sample | 1
- configs/res_odbc.conf.sample | 8 -
- configs/sip.conf.sample | 12 +
- configure.ac | 2
- contrib/scripts/refcounter.py | 171 +++++++++++++++++++++++++++
- formats/format_pcm.c | 8 -
- funcs/func_enum.c | 2
- funcs/func_env.c | 6
- funcs/func_iconv.c | 2
- funcs/func_srv.c | 6
- funcs/func_strings.c | 2
- funcs/func_sysinfo.c | 10 -
- include/asterisk/astobj.h | 2
- include/asterisk/astobj2.h | 129 +++++++++++---------
- include/asterisk/autoconfig.h.in | 9 -
- include/asterisk/options.h | 6
- include/asterisk/utils.h | 9 +
- main/abstract_jb.c | 2
- main/adsi.c | 2
- main/aoc.c | 4
- main/app.c | 4
- main/asterisk.c | 22 ++-
- main/astobj2.c | 62 ++++++---
- main/audiohook.c | 6
- main/bridging.c | 10 -
- main/callerid.c | 8 -
- main/ccss.c | 20 +--
- main/cel.c | 2
- main/channel.c | 148 ++++++++++++-----------
- main/cli.c | 12 -
- main/config.c | 10 -
- main/data.c | 13 +-
- main/devicestate.c | 4
- main/dsp.c | 2
- main/enum.c | 4
- main/event.c | 4
- main/features.c | 12 -
- main/file.c | 2
- main/frame.c | 14 +-
- main/http.c | 22 +++
- main/io.c | 4
- main/loader.c | 4
- main/logger.c | 15 --
- main/manager.c | 11 -
- main/netsock.c | 6
- main/pbx.c | 2
- main/rtp_engine.c | 4
- main/sched.c | 6
- main/security_events.c | 6
- main/stdtime/localtime.c | 2
- main/stun.c | 10 -
- main/taskprocessor.c | 2
- main/translate.c | 6
- main/udptl.c | 8 -
- main/utils.c | 33 ++++-
- main/xmldoc.c | 2
- pbx/dundi-parser.c | 8 -
- pbx/pbx_config.c | 2
- pbx/pbx_dundi.c | 8 -
- res/ael/pval.c | 2
- res/res_agi.c | 4
- res/res_calendar.c | 8 -
- res/res_calendar_caldav.c | 7 -
- res/res_calendar_ews.c | 2
- res/res_calendar_exchange.c | 4
- res/res_calendar_icalendar.c | 2
- res/res_config_odbc.c | 63 ++++++----
- res/res_config_pgsql.c | 11 -
- res/res_crypto.c | 2
- res/res_fax.c | 56 ++++----
- res/res_fax_spandsp.c | 16 +-
- res/res_jabber.c | 28 ++--
- res/res_monitor.c | 4
- res/res_musiconhold.c | 70 ++++-------
- res/res_odbc.c | 2
- res/res_pktccops.c | 19 +--
- res/res_rtp_asterisk.c | 46 +++----
- res/res_srtp.c | 10 -
- res/res_timing_dahdi.c | 4
- sounds/Makefile | 6
- sounds/sounds.xml | 171 +++++++++++++++++++++++++--
- 116 files changed, 1553 insertions(+), 887 deletions(-)
-
- ----------------------------------------------------------------------
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/.version
^
|
| @@ -1 +1 @@
-1.8.28.0
+1.8.28.2
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/ChangeLog
^
|
| @@ -1,3 +1,59 @@
+2014-06-13 Asterisk Development Team <asteriskteam@digium.com>
+
+ * Asterisk 1.8.28.2 Released.
+
+ * AST-2014-007: Fix of fix to allow AMI and SIP TCP to send messages.
+
+ The original fix for AST-2014-007 inadvertently introduced a
+ regression in Asterisk's TCP and TLS handling that prevented
+ Asterisk from sending data over these transports. This patch fixes
+ that regression.
+
+2014-06-12 Asterisk Development Team <asteriskteam@digium.com>
+
+ * Asterisk 1.8.28.1 Released.
+
+ * AST-2014-007: Fix DOS by consuming the number of allowed HTTP
+ connections.
+
+ Simply establishing a TCP connection and never sending anything to
+ the configured HTTP port in http.conf will tie up a HTTP connection.
+ Since there is a maximum number of open HTTP sessions allowed at a
+ time you can block legitimate connections.
+
+ A similar problem exists if a HTTP request is started but never
+ finished.
+
+ * Added http.conf session_inactivity timer option to close HTTP
+ connections that aren't doing anything. Defaults to 30000 ms.
+
+ * Removed the undocumented manager.conf block-sockets option. It
+ interferes with TCP/TLS inactivity timeouts.
+
+ * AMI and SIP TLS connections now have better authentication timeout
+ protection. Though I didn't remove the bizzare TLS timeout polling
+ code from chan_sip.
+
+ * chan_sip can now handle SSL certificate renegotiations in the
+ middle of a session. It couldn't do that before because the socket
+ was non-blocking and the SSL calls were not restarted as documented
+ by the OpenSSL documentation.
+
+ * Fixed an off nominal leak of the ssl struct in
+ handle_tcptls_connection() if the FILE stream failed to open and
+ the SSL certificate negotiations failed.
+
+ The patch creates a custom FILE stream handler to give the created FILE
+ streams inactivity timeout and timeout after a specific moment in time
+ capability. This approach eliminates the need for code using the FILE
+ stream to be redesigned to deal with the timeouts.
+
+ This patch indirectly fixes most of ASTERISK-18345 by fixing the usage
+ of the SSL_read/SSL_write operations.
+
+ ASTERISK-23673 #close
+ Reported by: Richard Mudgett
+
2014-05-29 Asterisk Development Team <asteriskteam@digium.com>
* Asterisk 1.8.28.0 Released.
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/UPGRADE.txt
^
|
| @@ -18,6 +18,13 @@
===
===========================================================
+from 1.8.28.0 to 1.8.28.1:
+* Added http.conf session_inactivity timer option to close HTTP connections
+ that aren't doing anything.
+
+* Removed the undocumented manager.conf block-sockets option. It interferes with
+ TCP/TLS inactivity timeouts.
+
from 1.8.27.0 to 1.8.28.0:
* The asterisk command line -I option and the asterisk.conf internal_timing
option are removed and always enabled if any timing module is loaded.
|
|
[-]
[+]
|
Added |
asterisk-1.8.28.2.tar.xz/asterisk-1.8.28.2-summary.html
^
|
| @@ -0,0 +1,68 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>Release Summary - asterisk-1.8.28.2</title></head>
+<body>
+<h1 align="center"><a name="top">Release Summary</a></h1>
+<h3 align="center">asterisk-1.8.28.2</h3>
+<h3 align="center">Date: 2014-06-13</h3>
+<h3 align="center"><asteriskteam@digium.com></h3>
+<hr/>
+<h2 align="center">Table of Contents</h2>
+<ol>
+ <li><a href="#summary">Summary</a></li>
+ <li><a href="#contributors">Contributors</a></li>
+ <li><a href="#commits">Other Changes</a></li>
+ <li><a href="#diffstat">Diffstat</a></li>
+</ol>
+<hr/>
+<a name="summary"><h2 align="center">Summary</h2></a>
+<center><a href="#top">[Back to Top]</a></center><br/><p>This release has been made to address one or more security vulnerabilities that have been identified. A security advisory document has been published for each vulnerability that includes additional information. Users of versions of Asterisk that are affected are strongly encouraged to review the advisories and determine what action they should take to protect their systems from these issues.</p>
+<p>Security Advisories: <a href="http://downloads.asterisk.org/pub/security/AST-2014-007.html">AST-2014-007</a></p>
+<p>The data in this summary reflects changes that have been made since the previous release, asterisk-1.8.28.0.</p>
+<hr/>
+<a name="contributors"><h2 align="center">Contributors</h2></a>
+<center><a href="#top">[Back to Top]</a></center><br/><p>This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were closed by commits that went into this release.</p>
+<table width="100%" border="0">
+<tr>
+<td width="33%"><h3>Coders</h3></td>
+<td width="33%"><h3>Testers</h3></td>
+<td width="33%"><h3>Reporters</h3></td>
+</tr>
+<tr valign="top">
+<td>
+5 bebuild<br/>
+</td>
+<td>
+</td>
+<td>
+</td>
+</tr>
+</table>
+<hr/>
+<a name="commits"><h2 align="center">Commits Not Associated with an Issue</h2></a>
+<center><a href="#top">[Back to Top]</a></center><br/><p>This is a list of all changes that went into this release that did not directly close an issue from the issue tracker. The commits may have been marked as being related to an issue. If that is the case, the issue numbers are listed here, as well.</p>
+<table width="100%" border="1">
+<tr><td><b>Revision</b></td><td><b>Author</b></td><td><b>Summary</b></td><td><b>Issues Referenced</b></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/tags/1.8.28.2?view=revision&revision=416056">416056</a></td><td>bebuild</td><td>Create 1.8.28.2</td>
+<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/tags/1.8.28.2?view=revision&revision=416061">416061</a></td><td>bebuild</td><td>Update .version, remove summaries</td>
+<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/tags/1.8.28.2?view=revision&revision=416068">416068</a></td><td>bebuild</td><td>Merge fix for regression caused by fix for AST-2014-007</td>
+<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/tags/1.8.28.2?view=revision&revision=416082">416082</a></td><td>bebuild</td><td>Importing release summary for 1.8.28.2 release.</td>
+<td></td></tr><tr><td><a href="http://svn.digium.com/view/asterisk/tags/1.8.28.2?view=revision&revision=416138">416138</a></td><td>bebuild</td><td>Update ChangeLog</td>
+<td></td></tr></table>
+<hr/>
+<a name="diffstat"><h2 align="center">Diffstat Results</h2></a>
+<center><a href="#top">[Back to Top]</a></center><br/><p>This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.</p>
+<pre>
+.version | 2
+ChangeLog | 13 +++++
+asterisk-1.8.28.1-summary.html | 70 ----------------------------
+asterisk-1.8.28.1-summary.txt | 101 -----------------------------------------
+channels/chan_sip.c | 6 ++
+include/asterisk/tcptls.h | 14 +++++
+main/http.c | 3 +
+main/manager.c | 6 ++
+main/tcptls.c | 17 ++++++
+9 files changed, 59 insertions(+), 173 deletions(-)
+</pre><br/>
+<hr/>
+</body>
+</html>
|
|
[-]
[+]
|
Added |
asterisk-1.8.28.2.tar.xz/asterisk-1.8.28.2-summary.txt
^
|
| @@ -0,0 +1,103 @@
+ Release Summary
+
+ asterisk-1.8.28.2
+
+ Date: 2014-06-13
+
+ <asteriskteam@digium.com>
+
+ ----------------------------------------------------------------------
+
+ Table of Contents
+
+ 1. Summary
+ 2. Contributors
+ 3. Other Changes
+ 4. Diffstat
+
+ ----------------------------------------------------------------------
+
+ Summary
+
+ [Back to Top]
+
+ This release has been made to address one or more security vulnerabilities
+ that have been identified. A security advisory document has been published
+ for each vulnerability that includes additional information. Users of
+ versions of Asterisk that are affected are strongly encouraged to review
+ the advisories and determine what action they should take to protect their
+ systems from these issues.
+
+ Security Advisories: AST-2014-007
+
+ The data in this summary reflects changes that have been made since the
+ previous release, asterisk-1.8.28.0.
+
+ ----------------------------------------------------------------------
+
+ Contributors
+
+ [Back to Top]
+
+ This table lists the people who have submitted code, those that have
+ tested patches, as well as those that reported issues on the issue tracker
+ that were resolved in this release. For coders, the number is how many of
+ their patches (of any size) were committed into this release. For testers,
+ the number is the number of times their name was listed as assisting with
+ testing a patch. Finally, for reporters, the number is the number of
+ issues that they reported that were closed by commits that went into this
+ release.
+
+ Coders Testers Reporters
+ 5 bebuild
+
+ ----------------------------------------------------------------------
+
+ Commits Not Associated with an Issue
+
+ [Back to Top]
+
+ This is a list of all changes that went into this release that did not
+ directly close an issue from the issue tracker. The commits may have been
+ marked as being related to an issue. If that is the case, the issue
+ numbers are listed here, as well.
+
+ +------------------------------------------------------------------------+
+ | Revision | Author | Summary | Issues Referenced |
+ |----------+---------+-------------------------------+-------------------|
+ | 416056 | bebuild | Create 1.8.28.2 | |
+ |----------+---------+-------------------------------+-------------------|
+ | 416061 | bebuild | Update .version, remove | |
+ | | | summaries | |
+ |----------+---------+-------------------------------+-------------------|
+ | | | Merge fix for regression | |
+ | 416068 | bebuild | caused by fix for | |
+ | | | AST-2014-007 | |
+ |----------+---------+-------------------------------+-------------------|
+ | 416082 | bebuild | Importing release summary for | |
+ | | | 1.8.28.2 release. | |
+ |----------+---------+-------------------------------+-------------------|
+ | 416138 | bebuild | Update ChangeLog | |
+ +------------------------------------------------------------------------+
+
+ ----------------------------------------------------------------------
+
+ Diffstat Results
+
+ [Back to Top]
+
+ This is a summary of the changes to the source code that went into this
+ release that was generated using the diffstat utility.
+
+ .version | 2
+ ChangeLog | 13 +++++
+ asterisk-1.8.28.1-summary.html | 70 ----------------------------
+ asterisk-1.8.28.1-summary.txt | 101 -----------------------------------------
+ channels/chan_sip.c | 6 ++
+ include/asterisk/tcptls.h | 14 +++++
+ main/http.c | 3 +
+ main/manager.c | 6 ++
+ main/tcptls.c | 17 ++++++
+ 9 files changed, 59 insertions(+), 173 deletions(-)
+
+ ----------------------------------------------------------------------
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/channels/chan_sip.c
^
|
| @@ -209,7 +209,7 @@
#include "asterisk.h"
-ASTERISK_FILE_VERSION(__FILE__, "$Revision: 413832 $")
+ASTERISK_FILE_VERSION(__FILE__, "$Revision: 416068 $")
#include <signal.h>
#include <sys/signal.h>
@@ -2952,11 +2952,21 @@
goto cleanup;
}
+ /*
+ * We cannot let the stream exclusively wait for data to arrive.
+ * We have to wake up the task to send outgoing messages.
+ */
+ ast_tcptls_stream_set_exclusive_input(tcptls_session->stream_cookie, 0);
+
+ ast_tcptls_stream_set_timeout_sequence(tcptls_session->stream_cookie, ast_tvnow(),
+ tcptls_session->client ? -1 : (authtimeout * 1000));
+
for (;;) {
struct ast_str *str_save;
if (!tcptls_session->client && req.authenticated && !authenticated) {
authenticated = 1;
+ ast_tcptls_stream_set_timeout_disable(tcptls_session->stream_cookie);
ast_atomic_fetchadd_int(&unauth_sessions, -1);
}
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/configs/http.conf.sample
^
|
| @@ -37,6 +37,12 @@
;
;sessionlimit=100
;
+; session_inactivity specifies the number of milliseconds to wait for
+; more data over the HTTP connection before closing it.
+;
+; Default: 30000
+;session_inactivity=30000
+;
; Whether Asterisk should serve static content from http-static
; Default is no.
;
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/include/asterisk/tcptls.h
^
|
| @@ -136,6 +136,65 @@
const char *name;
};
+struct ast_tcptls_stream;
+
+/*!
+ * \brief Disable the TCP/TLS stream timeout timer.
+ *
+ * \param stream TCP/TLS stream control data.
+ *
+ * \return Nothing
+ */
+void ast_tcptls_stream_set_timeout_disable(struct ast_tcptls_stream *stream);
+
+/*!
+ * \brief Set the TCP/TLS stream inactivity timeout timer.
+ *
+ * \param stream TCP/TLS stream control data.
+ * \param timeout Number of milliseconds to wait for data transfer with the peer.
+ *
+ * \details This is basically how much time we are willing to spend
+ * in an I/O call before we declare the peer unresponsive.
+ *
+ * \note Setting timeout to -1 disables the timeout.
+ * \note Setting this timeout replaces the I/O sequence timeout timer.
+ *
+ * \return Nothing
+ */
+void ast_tcptls_stream_set_timeout_inactivity(struct ast_tcptls_stream *stream, int timeout);
+
+/*!
+ * \brief Set the TCP/TLS stream I/O sequence timeout timer.
+ *
+ * \param stream TCP/TLS stream control data.
+ * \param start Time the I/O sequence timer starts.
+ * \param timeout Number of milliseconds from the start time before timeout.
+ *
+ * \details This is how much time are we willing to allow the peer
+ * to complete an operation that can take several I/O calls. The
+ * main use is as an authentication timer with us.
+ *
+ * \note Setting timeout to -1 disables the timeout.
+ * \note Setting this timeout replaces the inactivity timeout timer.
+ *
+ * \return Nothing
+ */
+void ast_tcptls_stream_set_timeout_sequence(struct ast_tcptls_stream *stream, struct timeval start, int timeout);
+
+/*!
+ * \brief Set the TCP/TLS stream I/O if it can exclusively depend upon the set timeouts.
+ *
+ * \param stream TCP/TLS stream control data.
+ * \param exclusive_input TRUE if stream can exclusively wait for fd input.
+ * Otherwise, the stream will not wait for fd input. It will wait while
+ * trying to send data.
+ *
+ * \note The stream timeouts still need to be set.
+ *
+ * \return Nothing
+ */
+void ast_tcptls_stream_set_exclusive_input(struct ast_tcptls_stream *stream, int exclusive_input);
+
/*
* describes a server instance
*/
@@ -155,6 +214,8 @@
* extra data.
*/
struct ast_str *overflow_buf;
+ /*! ao2 FILE stream cookie object associated with f. */
+ struct ast_tcptls_stream *stream_cookie;
};
#if defined(HAVE_FUNOPEN)
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/include/asterisk/utils.h
^
|
| @@ -351,6 +351,7 @@
int ast_utils_init(void);
int ast_wait_for_input(int fd, int ms);
+int ast_wait_for_output(int fd, int ms);
/*!
\brief Try to write string, but wait no more than ms milliseconds
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/main/http.c
^
|
| @@ -36,7 +36,7 @@
#include "asterisk.h"
-ASTERISK_FILE_VERSION(__FILE__, "$Revision: 412922 $")
+ASTERISK_FILE_VERSION(__FILE__, "$Revision: 416068 $")
#include <time.h>
#include <sys/time.h>
@@ -60,6 +60,7 @@
#define MAX_PREFIX 80
#define DEFAULT_SESSION_LIMIT 100
+#define DEFAULT_SESSION_INACTIVITY 30000 /* (ms) Idle time waiting for data. */
#define DEFAULT_HTTP_PORT 8088
#define DEFAULT_HTTPS_PORT 8089
@@ -70,6 +71,7 @@
#endif
static int session_limit = DEFAULT_SESSION_LIMIT;
+static int session_inactivity = DEFAULT_SESSION_INACTIVITY;
static int session_count = 0;
static struct ast_tls_config http_tls_cfg;
@@ -883,6 +885,7 @@
char *uri, *method;
enum ast_http_method http_method = AST_HTTP_UNKNOWN;
int remaining_headers;
+ int flags;
struct protoent *p;
if (ast_atomic_fetchadd_int(&session_count, +1) >= session_limit) {
@@ -904,7 +907,17 @@
ast_log(LOG_WARNING, "Some HTTP requests may be slow to respond.\n");
}
- if (!fgets(buf, sizeof(buf), ser->f)) {
+ /* make sure socket is non-blocking */
+ flags = fcntl(ser->fd, F_GETFL);
+ flags |= O_NONBLOCK;
+ fcntl(ser->fd, F_SETFL, flags);
+
+ /* We can let the stream wait for data to arrive. */
+ ast_tcptls_stream_set_exclusive_input(ser->stream_cookie, 1);
+
+ ast_tcptls_stream_set_timeout_inactivity(ser->stream_cookie, session_inactivity);
+
+ if (!fgets(buf, sizeof(buf), ser->f) || feof(ser->f)) {
goto done;
}
@@ -940,12 +953,19 @@
/* process "Request Headers" lines */
remaining_headers = MAX_HTTP_REQUEST_HEADERS;
- while (fgets(header_line, sizeof(header_line), ser->f)) {
- char *name, *value;
+ for (;;) {
+ char *name;
+ char *value;
+
+ if (!fgets(header_line, sizeof(header_line), ser->f) || feof(ser->f)) {
+ ast_http_error(ser, 400, "Bad Request", "Timeout");
+ goto done;
+ }
/* Trim trailing characters */
ast_trim_blanks(header_line);
if (ast_strlen_zero(header_line)) {
+ /* A blank line ends the request header section. */
break;
}
@@ -996,7 +1016,7 @@
ast_variables_destroy(headers);
if (ser->f) {
- fclose(ser->f);
+ ast_tcptls_close_session_file(ser);
}
ao2_ref(ser, -1);
ser = NULL;
@@ -1111,6 +1131,9 @@
ast_sockaddr_setnull(&https_desc.local_address);
+ session_limit = DEFAULT_SESSION_LIMIT;
+ session_inactivity = DEFAULT_SESSION_INACTIVITY;
+
if (cfg) {
v = ast_variable_browse(cfg, "general");
for (; v; v = v->next) {
@@ -1161,6 +1184,12 @@
ast_log(LOG_WARNING, "Invalid %s '%s' at line %d of http.conf\n",
v->name, v->value, v->lineno);
}
+ } else if (!strcasecmp(v->name, "session_inactivity")) {
+ if (ast_parse_arg(v->value, PARSE_INT32 |PARSE_DEFAULT | PARSE_IN_RANGE,
+ &session_inactivity, DEFAULT_SESSION_INACTIVITY, 1, INT_MAX)) {
+ ast_log(LOG_WARNING, "Invalid %s '%s' at line %d of http.conf\n",
+ v->name, v->value, v->lineno);
+ }
} else {
ast_log(LOG_WARNING, "Ignoring unknown option '%s' in http.conf\n", v->name);
}
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/main/manager.c
^
|
| @@ -47,7 +47,7 @@
#include "asterisk.h"
-ASTERISK_FILE_VERSION(__FILE__, "$Revision: 413586 $")
+ASTERISK_FILE_VERSION(__FILE__, "$Revision: 416068 $")
#include "asterisk/_private.h"
#include "asterisk/paths.h" /* use various ast_config_AST_* */
@@ -887,7 +887,6 @@
static const int DEFAULT_ENABLED = 0; /*!< Default setting for manager to be enabled */
static const int DEFAULT_WEBENABLED = 0; /*!< Default setting for the web interface to be enabled */
-static const int DEFAULT_BLOCKSOCKETS = 0; /*!< Default setting for block-sockets */
static const int DEFAULT_DISPLAYCONNECTS = 1; /*!< Default setting for displaying manager connections */
static const int DEFAULT_TIMESTAMPEVENTS = 0; /*!< Default setting for timestampevents */
static const int DEFAULT_HTTPTIMEOUT = 60; /*!< Default manager http timeout */
@@ -911,7 +910,6 @@
#define DEFAULT_REALM "asterisk"
static char global_realm[MAXHOSTNAMELEN]; /*!< Default realm */
-static int block_sockets;
static int unauth_sessions = 0;
@@ -1354,15 +1352,7 @@
}
if (session->f != NULL) {
- /*
- * Issuing shutdown() is necessary here to avoid a race
- * condition where the last data written may not appear
- * in the the TCP stream. See ASTERISK-23548
- */
fflush(session->f);
- if (session->fd != -1) {
- shutdown(session->fd, SHUT_RDWR);
- }
fclose(session->f);
}
if (eqe) {
@@ -5101,12 +5091,9 @@
ast_log(LOG_WARNING, "Failed to set manager tcp connection to TCP_NODELAY, getprotobyname(\"tcp\") failed\nSome manager actions may be slow to respond.\n");
}
+ /* make sure socket is non-blocking */
flags = fcntl(ser->fd, F_GETFL);
- if (!block_sockets) { /* make sure socket is non-blocking */
- flags |= O_NONBLOCK;
- } else {
- flags &= ~O_NONBLOCK;
- }
+ flags |= O_NONBLOCK;
fcntl(ser->fd, F_SETFL, flags);
ao2_lock(session);
@@ -5132,11 +5119,23 @@
}
ao2_unlock(session);
+ /*
+ * We cannot let the stream exclusively wait for data to arrive.
+ * We have to wake up the task to send async events.
+ */
+ ast_tcptls_stream_set_exclusive_input(ser->stream_cookie, 0);
+
+ ast_tcptls_stream_set_timeout_sequence(ser->stream_cookie,
+ ast_tvnow(), authtimeout * 1000);
+
astman_append(&s, "Asterisk Call Manager/%s\r\n", AMI_VERSION); /* welcome prompt */
for (;;) {
if ((res = do_message(&s)) < 0 || s.write_error) {
break;
}
+ if (session->authenticated) {
+ ast_tcptls_stream_set_timeout_disable(ser->stream_cookie);
+ }
}
/* session is over, explain why and terminate */
if (session->authenticated) {
@@ -5895,6 +5894,30 @@
}
}
+static void close_mansession_file(struct mansession *s)
+{
+ if (s->f) {
+ if (fclose(s->f)) {
+ ast_log(LOG_ERROR, "fclose() failed: %s\n", strerror(errno));
+ }
+ s->f = NULL;
+ s->fd = -1;
+ } else if (s->fd != -1) {
+ /*
+ * Issuing shutdown() is necessary here to avoid a race
+ * condition where the last data written may not appear
+ * in the TCP stream. See ASTERISK-23548
+ */
+ shutdown(s->fd, SHUT_RDWR);
+ if (close(s->fd)) {
+ ast_log(LOG_ERROR, "close() failed: %s\n", strerror(errno));
+ }
+ s->fd = -1;
+ } else {
+ ast_log(LOG_ERROR, "Attempted to close file/file descriptor on mansession without a valid file or file descriptor.\n");
+ }
+}
+
static void process_output(struct mansession *s, struct ast_str **out, struct ast_variable *params, enum output_format format)
{
char *buf;
@@ -5922,29 +5945,7 @@
xml_translate(out, "", params, format);
}
- if (s->f) {
- /*
- * Issuing shutdown() is necessary here to avoid a race
- * condition where the last data written may not appear
- * in the the TCP stream. See ASTERISK-23548
- */
- if (s->fd != -1) {
- shutdown(s->fd, SHUT_RDWR);
- }
- if (fclose(s->f)) {
- ast_log(LOG_ERROR, "fclose() failed: %s\n", strerror(errno));
- }
- s->f = NULL;
- s->fd = -1;
- } else if (s->fd != -1) {
- shutdown(s->fd, SHUT_RDWR);
- if (close(s->fd)) {
- ast_log(LOG_ERROR, "close() failed: %s\n", strerror(errno));
- }
- s->fd = -1;
- } else {
- ast_log(LOG_ERROR, "process output attempted to close file/file descriptor on mansession without a valid file or file descriptor.\n");
- }
+ close_mansession_file(s);
}
static int generic_http_callback(struct ast_tcptls_session_instance *ser,
@@ -6657,7 +6658,6 @@
ast_cli(a->fd, FORMAT, "Timestamp events:", AST_CLI_YESNO(timestampevents));
ast_cli(a->fd, FORMAT, "Channel vars:", S_OR(manager_channelvars, ""));
ast_cli(a->fd, FORMAT, "Debug:", AST_CLI_YESNO(manager_debug));
- ast_cli(a->fd, FORMAT, "Block sockets:", AST_CLI_YESNO(block_sockets));
#undef FORMAT
#undef FORMAT2
@@ -6796,7 +6796,6 @@
manager_debug = DEFAULT_MANAGERDEBUG;
displayconnects = DEFAULT_DISPLAYCONNECTS;
broken_events_action = DEFAULT_BROKENEVENTSACTION;
- block_sockets = DEFAULT_BLOCKSOCKETS;
timestampevents = DEFAULT_TIMESTAMPEVENTS;
httptimeout = DEFAULT_HTTPTIMEOUT;
authtimeout = DEFAULT_AUTHTIMEOUT;
@@ -6926,8 +6925,6 @@
if (!strcasecmp(var->name, "enabled")) {
manager_enabled = ast_true(val);
- } else if (!strcasecmp(var->name, "block-sockets")) {
- block_sockets = ast_true(val);
} else if (!strcasecmp(var->name, "webenabled")) {
webmanager_enabled = ast_true(val);
} else if (!strcasecmp(var->name, "port")) {
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/main/tcptls.c
^
|
| @@ -31,7 +31,7 @@
#include "asterisk.h"
-ASTERISK_FILE_VERSION(__FILE__, "$Revision: 411462 $")
+ASTERISK_FILE_VERSION(__FILE__, "$Revision: 416068 $")
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
@@ -50,98 +50,497 @@
#include "asterisk/astobj2.h"
#include "asterisk/pbx.h"
-/*! \brief
- * replacement read/write functions for SSL support.
- * We use wrappers rather than SSL_read/SSL_write directly so
- * we can put in some debugging.
- */
+/*! ao2 object used for the FILE stream fopencookie()/funopen() cookie. */
+struct ast_tcptls_stream {
+ /*! SSL state if not NULL */
+ SSL *ssl;
+ /*!
+ * \brief Start time from when an I/O sequence must complete
+ * by struct ast_tcptls_stream.timeout.
+ *
+ * \note If struct ast_tcptls_stream.start.tv_sec is zero then
+ * start time is the current I/O request.
+ */
+ struct timeval start;
+ /*!
+ * \brief The socket returned by accept().
+ *
+ * \note Set to -1 if the stream is closed.
+ */
+ int fd;
+ /*!
+ * \brief Timeout in ms relative to struct ast_tcptls_stream.start
+ * to wait for an event on struct ast_tcptls_stream.fd.
+ *
+ * \note Set to -1 to disable timeout.
+ * \note The socket needs to be set to non-blocking for the timeout
+ * feature to work correctly.
+ */
+ int timeout;
+ /*! TRUE if stream can exclusively wait for fd input. */
+ int exclusive_input;
+};
-#ifdef DO_SSL
-static HOOK_T ssl_read(void *cookie, char *buf, LEN_T len)
+void ast_tcptls_stream_set_timeout_disable(struct ast_tcptls_stream *stream)
{
- int i = SSL_read(cookie, buf, len-1);
-#if 0
- if (i >= 0)
- buf[i] = '\0';
- ast_verb(0, "ssl read size %d returns %d <%s>\n", (int)len, i, buf);
-#endif
- return i;
+ ast_assert(stream != NULL);
+
+ stream->timeout = -1;
}
-static HOOK_T ssl_write(void *cookie, const char *buf, LEN_T len)
+void ast_tcptls_stream_set_timeout_inactivity(struct ast_tcptls_stream *stream, int timeout)
{
-#if 0
- char *s = ast_alloca(len+1);
- strncpy(s, buf, len);
- s[len] = '\0';
- ast_verb(0, "ssl write size %d <%s>\n", (int)len, s);
-#endif
- return SSL_write(cookie, buf, len);
+ ast_assert(stream != NULL);
+
+ stream->start.tv_sec = 0;
+ stream->timeout = timeout;
}
-static int ssl_close(void *cookie)
+void ast_tcptls_stream_set_timeout_sequence(struct ast_tcptls_stream *stream, struct timeval start, int timeout)
{
- int cookie_fd = SSL_get_fd(cookie);
- int ret;
+ ast_assert(stream != NULL);
- if (cookie_fd > -1) {
- /*
- * According to the TLS standard, it is acceptable for an application to only send its shutdown
- * alert and then close the underlying connection without waiting for the peer's response (this
- * way resources can be saved, as the process can already terminate or serve another connection).
- */
- if ((ret = SSL_shutdown(cookie)) < 0) {
- ast_log(LOG_ERROR, "SSL_shutdown() failed: %d\n", SSL_get_error(cookie, ret));
+ stream->start = start;
+ stream->timeout = timeout;
+}
+
+void ast_tcptls_stream_set_exclusive_input(struct ast_tcptls_stream *stream, int exclusive_input)
+{
+ ast_assert(stream != NULL);
+
+ stream->exclusive_input = exclusive_input;
+}
+
+/*!
+ * \internal
+ * \brief fopencookie()/funopen() stream read function.
+ *
+ * \param cookie Stream control data.
+ * \param buf Where to put read data.
+ * \param size Size of the buffer.
+ *
+ * \retval number of bytes put into buf.
+ * \retval 0 on end of file.
+ * \retval -1 on error.
+ */
+static HOOK_T tcptls_stream_read(void *cookie, char *buf, LEN_T size)
+{
+ struct ast_tcptls_stream *stream = cookie;
+ struct timeval start;
+ int ms;
+ int res;
+
+ if (!size) {
+ /* You asked for no data you got no data. */
+ return 0;
+ }
+
+ if (!stream || stream->fd == -1) {
+ errno = EBADF;
+ return -1;
+ }
+
+ if (stream->start.tv_sec) {
+ start = stream->start;
+ } else {
+ start = ast_tvnow();
+ }
+
+#if defined(DO_SSL)
+ if (stream->ssl) {
+ for (;;) {
+ res = SSL_read(stream->ssl, buf, size);
+ if (0 < res) {
+ /* We read some payload data. */
+ return res;
+ }
+ switch (SSL_get_error(stream->ssl, res)) {
+ case SSL_ERROR_ZERO_RETURN:
+ /* Report EOF for a shutdown */
+ ast_debug(1, "TLS clean shutdown alert reading data\n");
+ return 0;
+ case SSL_ERROR_WANT_READ:
+ if (!stream->exclusive_input) {
+ /* We cannot wait for data now. */
+ errno = EAGAIN;
+ return -1;
+ }
+ while ((ms = ast_remaining_ms(start, stream->timeout))) {
+ res = ast_wait_for_input(stream->fd, ms);
+ if (0 < res) {
+ /* Socket is ready to be read. */
+ break;
+ }
+ if (res < 0) {
+ if (errno == EINTR || errno == EAGAIN) {
+ /* Try again. */
+ continue;
+ }
+ ast_debug(1, "TLS socket error waiting for read data: %s\n",
+ strerror(errno));
+ return -1;
+ }
+ }
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ while ((ms = ast_remaining_ms(start, stream->timeout))) {
+ res = ast_wait_for_output(stream->fd, ms);
+ if (0 < res) {
+ /* Socket is ready to be written. */
+ break;
+ }
+ if (res < 0) {
+ if (errno == EINTR || errno == EAGAIN) {
+ /* Try again. */
+ continue;
+ }
+ ast_debug(1, "TLS socket error waiting for write space: %s\n",
+ strerror(errno));
+ return -1;
+ }
+ }
+ break;
+ default:
+ /* Report EOF for an undecoded SSL or transport error. */
+ ast_debug(1, "TLS transport or SSL error reading data\n");
+ return 0;
+ }
+ if (!ms) {
+ /* Report EOF for a timeout */
+ ast_debug(1, "TLS timeout reading data\n");
+ return 0;
+ }
}
+ }
+#endif /* defined(DO_SSL) */
+
+ for (;;) {
+ res = read(stream->fd, buf, size);
+ if (0 <= res || !stream->exclusive_input) {
+ /* Got data or we cannot wait for it. */
+ return res;
+ }
+ if (errno != EINTR && errno != EAGAIN) {
+ /* Not a retryable error. */
+ ast_debug(1, "TCP socket error reading data: %s\n",
+ strerror(errno));
+ return -1;
+ }
+ ms = ast_remaining_ms(start, stream->timeout);
+ if (!ms) {
+ /* Report EOF for a timeout */
+ ast_debug(1, "TCP timeout reading data\n");
+ return 0;
+ }
+ ast_wait_for_input(stream->fd, ms);
+ }
+}
+
+/*!
+ * \internal
+ * \brief fopencookie()/funopen() stream write function.
+ *
+ * \param cookie Stream control data.
+ * \param buf Where to get data to write.
+ * \param size Size of the buffer.
+ *
+ * \retval number of bytes written from buf.
+ * \retval -1 on error.
+ */
+static HOOK_T tcptls_stream_write(void *cookie, const char *buf, LEN_T size)
+{
+ struct ast_tcptls_stream *stream = cookie;
+ struct timeval start;
+ int ms;
+ int res;
+ int written;
+ int remaining;
- if (!((SSL*)cookie)->server) {
- /* For client threads, ensure that the error stack is cleared */
- ERR_remove_state(0);
+ if (!size) {
+ /* You asked to write no data you wrote no data. */
+ return 0;
+ }
+
+ if (!stream || stream->fd == -1) {
+ errno = EBADF;
+ return -1;
+ }
+
+ if (stream->start.tv_sec) {
+ start = stream->start;
+ } else {
+ start = ast_tvnow();
+ }
+
+#if defined(DO_SSL)
+ if (stream->ssl) {
+ written = 0;
+ remaining = size;
+ for (;;) {
+ res = SSL_write(stream->ssl, buf + written, remaining);
+ if (res == remaining) {
+ /* Everything was written. */
+ return size;
+ }
+ if (0 < res) {
+ /* Successfully wrote part of the buffer. Try to write the rest. */
+ written += res;
+ remaining -= res;
+ continue;
+ }
+ switch (SSL_get_error(stream->ssl, res)) {
+ case SSL_ERROR_ZERO_RETURN:
+ ast_debug(1, "TLS clean shutdown alert writing data\n");
+ if (written) {
+ /* Report partial write. */
+ return written;
+ }
+ errno = EBADF;
+ return -1;
+ case SSL_ERROR_WANT_READ:
+ ms = ast_remaining_ms(start, stream->timeout);
+ if (!ms) {
+ /* Report partial write. */
+ ast_debug(1, "TLS timeout writing data (want read)\n");
+ return written;
+ }
+ ast_wait_for_input(stream->fd, ms);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ ms = ast_remaining_ms(start, stream->timeout);
+ if (!ms) {
+ /* Report partial write. */
+ ast_debug(1, "TLS timeout writing data (want write)\n");
+ return written;
+ }
+ ast_wait_for_output(stream->fd, ms);
+ break;
+ default:
+ /* Undecoded SSL or transport error. */
+ ast_debug(1, "TLS transport or SSL error writing data\n");
+ if (written) {
+ /* Report partial write. */
+ return written;
+ }
+ errno = EBADF;
+ return -1;
+ }
}
+ }
+#endif /* defined(DO_SSL) */
- SSL_free(cookie);
- /* adding shutdown(2) here has no added benefit */
- if (close(cookie_fd)) {
+ written = 0;
+ remaining = size;
+ for (;;) {
+ res = write(stream->fd, buf + written, remaining);
+ if (res == remaining) {
+ /* Yay everything was written. */
+ return size;
+ }
+ if (0 < res) {
+ /* Successfully wrote part of the buffer. Try to write the rest. */
+ written += res;
+ remaining -= res;
+ continue;
+ }
+ if (errno != EINTR && errno != EAGAIN) {
+ /* Not a retryable error. */
+ ast_debug(1, "TCP socket error writing: %s\n", strerror(errno));
+ if (written) {
+ return written;
+ }
+ return -1;
+ }
+ ms = ast_remaining_ms(start, stream->timeout);
+ if (!ms) {
+ /* Report partial write. */
+ ast_debug(1, "TCP timeout writing data\n");
+ return written;
+ }
+ ast_wait_for_output(stream->fd, ms);
+ }
+}
+
+/*!
+ * \internal
+ * \brief fopencookie()/funopen() stream close function.
+ *
+ * \param cookie Stream control data.
+ *
+ * \retval 0 on success.
+ * \retval -1 on error.
+ */
+static int tcptls_stream_close(void *cookie)
+{
+ struct ast_tcptls_stream *stream = cookie;
+
+ if (!stream) {
+ errno = EBADF;
+ return -1;
+ }
+
+ if (stream->fd != -1) {
+#if defined(DO_SSL)
+ if (stream->ssl) {
+ int res;
+
+ /*
+ * According to the TLS standard, it is acceptable for an
+ * application to only send its shutdown alert and then
+ * close the underlying connection without waiting for
+ * the peer's response (this way resources can be saved,
+ * as the process can already terminate or serve another
+ * connection).
+ */
+ res = SSL_shutdown(stream->ssl);
+ if (res < 0) {
+ ast_log(LOG_ERROR, "SSL_shutdown() failed: %d\n",
+ SSL_get_error(stream->ssl, res));
+ }
+
+ if (!stream->ssl->server) {
+ /* For client threads, ensure that the error stack is cleared */
+ ERR_remove_state(0);
+ }
+
+ SSL_free(stream->ssl);
+ stream->ssl = NULL;
+ }
+#endif /* defined(DO_SSL) */
+
+ /*
+ * Issuing shutdown() is necessary here to avoid a race
+ * condition where the last data written may not appear
+ * in the TCP stream. See ASTERISK-23548
+ */
+ shutdown(stream->fd, SHUT_RDWR);
+ if (close(stream->fd)) {
ast_log(LOG_ERROR, "close() failed: %s\n", strerror(errno));
}
+ stream->fd = -1;
}
+ ao2_t_ref(stream, -1, "Closed tcptls stream cookie");
+
return 0;
}
-#endif /* DO_SSL */
+
+/*!
+ * \internal
+ * \brief fopencookie()/funopen() stream destructor function.
+ *
+ * \param cookie Stream control data.
+ *
+ * \return Nothing
+ */
+static void tcptls_stream_dtor(void *cookie)
+{
+ struct ast_tcptls_stream *stream = cookie;
+
+ ast_assert(stream->fd == -1);
+}
+
+/*!
+ * \internal
+ * \brief fopencookie()/funopen() stream allocation function.
+ *
+ * \retval stream_cookie on success.
+ * \retval NULL on error.
+ */
+static struct ast_tcptls_stream *tcptls_stream_alloc(void)
+{
+ struct ast_tcptls_stream *stream;
+
+ stream = ao2_alloc(sizeof(*stream), tcptls_stream_dtor);
+ if (stream) {
+ stream->fd = -1;
+ stream->timeout = -1;
+ }
+ return stream;
+}
+
+/*!
+ * \internal
+ * \brief Open a custom FILE stream for tcptls.
+ *
+ * \param stream Stream cookie control data.
+ * \param ssl SSL state if not NULL.
+ * \param fd Socket file descriptor.
+ * \param timeout ms to wait for an event on fd. -1 if timeout disabled.
+ *
+ * \retval fp on success.
+ * \retval NULL on error.
+ */
+static FILE *tcptls_stream_fopen(struct ast_tcptls_stream *stream, SSL *ssl, int fd, int timeout)
+{
+ FILE *fp;
+
+#if defined(HAVE_FOPENCOOKIE) /* the glibc/linux interface */
+ static const cookie_io_functions_t cookie_funcs = {
+ tcptls_stream_read,
+ tcptls_stream_write,
+ NULL,
+ tcptls_stream_close
+ };
+#endif /* defined(HAVE_FOPENCOOKIE) */
+
+ if (fd == -1) {
+ /* Socket not open. */
+ return NULL;
+ }
+
+ stream->ssl = ssl;
+ stream->fd = fd;
+ stream->timeout = timeout;
+ ao2_t_ref(stream, +1, "Opening tcptls stream cookie");
+
+#if defined(HAVE_FUNOPEN) /* the BSD interface */
+ fp = funopen(stream, tcptls_stream_read, tcptls_stream_write, NULL,
+ tcptls_stream_close);
+#elif defined(HAVE_FOPENCOOKIE) /* the glibc/linux interface */
+ fp = fopencookie(stream, "w+", cookie_funcs);
+#else
+ /* could add other methods here */
+ ast_debug(2, "No stream FILE methods attempted!\n");
+ fp = NULL;
+#endif
+
+ if (!fp) {
+ stream->fd = -1;
+ ao2_t_ref(stream, -1, "Failed to open tcptls stream cookie");
+ }
+ return fp;
+}
HOOK_T ast_tcptls_server_read(struct ast_tcptls_session_instance *tcptls_session, void *buf, size_t count)
{
- if (tcptls_session->fd == -1) {
- ast_log(LOG_ERROR, "server_read called with an fd of -1\n");
+ if (!tcptls_session->stream_cookie || tcptls_session->stream_cookie->fd == -1) {
+ ast_log(LOG_ERROR, "TCP/TLS read called on invalid stream.\n");
errno = EIO;
return -1;
}
-#ifdef DO_SSL
- if (tcptls_session->ssl)
- return ssl_read(tcptls_session->ssl, buf, count);
-#endif
- return read(tcptls_session->fd, buf, count);
+ return tcptls_stream_read(tcptls_session->stream_cookie, buf, count);
}
HOOK_T ast_tcptls_server_write(struct ast_tcptls_session_instance *tcptls_session, const void *buf, size_t count)
{
- if (tcptls_session->fd == -1) {
- ast_log(LOG_ERROR, "server_write called with an fd of -1\n");
+ if (!tcptls_session->stream_cookie || tcptls_session->stream_cookie->fd == -1) {
+ ast_log(LOG_ERROR, "TCP/TLS write called on invalid stream.\n");
errno = EIO;
return -1;
}
-#ifdef DO_SSL
- if (tcptls_session->ssl)
- return ssl_write(tcptls_session->ssl, buf, count);
-#endif
- return write(tcptls_session->fd, buf, count);
+ return tcptls_stream_write(tcptls_session->stream_cookie, buf, count);
}
static void session_instance_destructor(void *obj)
{
struct ast_tcptls_session_instance *i = obj;
+
+ if (i->stream_cookie) {
+ ao2_t_ref(i->stream_cookie, -1, "Destroying tcptls session instance");
+ i->stream_cookie = NULL;
+ }
ast_free(i->overflow_buf);
ast_mutex_destroy(&i->lock);
}
@@ -174,12 +573,21 @@
return NULL;
}
+ tcptls_session->stream_cookie = tcptls_stream_alloc();
+ if (!tcptls_session->stream_cookie) {
+ ast_tcptls_close_session_file(tcptls_session);
+ ao2_ref(tcptls_session, -1);
+ return NULL;
+ }
+
/*
* open a FILE * as appropriate.
*/
if (!tcptls_session->parent->tls_cfg) {
- if ((tcptls_session->f = fdopen(tcptls_session->fd, "w+"))) {
- if(setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
+ tcptls_session->f = tcptls_stream_fopen(tcptls_session->stream_cookie, NULL,
+ tcptls_session->fd, -1);
+ if (tcptls_session->f) {
+ if (setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
ast_tcptls_close_session_file(tcptls_session);
}
}
@@ -189,19 +597,8 @@
SSL_set_fd(tcptls_session->ssl, tcptls_session->fd);
if ((ret = ssl_setup(tcptls_session->ssl)) <= 0) {
ast_verb(2, "Problem setting up ssl connection: %s\n", ERR_error_string(ERR_get_error(), err));
- } else {
-#if defined(HAVE_FUNOPEN) /* the BSD interface */
- tcptls_session->f = funopen(tcptls_session->ssl, ssl_read, ssl_write, NULL, ssl_close);
-
-#elif defined(HAVE_FOPENCOOKIE) /* the glibc/linux interface */
- static const cookie_io_functions_t cookie_funcs = {
- ssl_read, ssl_write, NULL, ssl_close
- };
- tcptls_session->f = fopencookie(tcptls_session->ssl, "w+", cookie_funcs);
-#else
- /* could add other methods here */
- ast_debug(2, "no tcptls_session->f methods attempted!\n");
-#endif
+ } else if ((tcptls_session->f = tcptls_stream_fopen(tcptls_session->stream_cookie,
+ tcptls_session->ssl, tcptls_session->fd, -1))) {
if ((tcptls_session->client && !ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER))
|| (!tcptls_session->client && ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) {
X509 *peer;
@@ -612,21 +1009,18 @@
void ast_tcptls_close_session_file(struct ast_tcptls_session_instance *tcptls_session)
{
if (tcptls_session->f) {
- /*
- * Issuing shutdown() is necessary here to avoid a race
- * condition where the last data written may not appear
- * in the TCP stream. See ASTERISK-23548
- */
fflush(tcptls_session->f);
- if (tcptls_session->fd != -1) {
- shutdown(tcptls_session->fd, SHUT_RDWR);
- }
if (fclose(tcptls_session->f)) {
ast_log(LOG_ERROR, "fclose() failed: %s\n", strerror(errno));
}
tcptls_session->f = NULL;
tcptls_session->fd = -1;
} else if (tcptls_session->fd != -1) {
+ /*
+ * Issuing shutdown() is necessary here to avoid a race
+ * condition where the last data written may not appear
+ * in the TCP stream. See ASTERISK-23548
+ */
shutdown(tcptls_session->fd, SHUT_RDWR);
if (close(tcptls_session->fd)) {
ast_log(LOG_ERROR, "close() failed: %s\n", strerror(errno));
|
|
[-]
[+]
|
Changed |
asterisk-1.8.28.2.tar.xz/main/utils.c
^
|
| @@ -29,7 +29,7 @@
#include "asterisk.h"
-ASTERISK_FILE_VERSION(__FILE__, "$Revision: 413586 $")
+ASTERISK_FILE_VERSION(__FILE__, "$Revision: 415904 $")
#include <ctype.h>
#include <sys/stat.h>
@@ -1233,13 +1233,24 @@
int ast_wait_for_input(int fd, int ms)
{
struct pollfd pfd[1];
+
+ memset(pfd, 0, sizeof(pfd));
+ pfd[0].fd = fd;
+ pfd[0].events = POLLIN | POLLPRI;
+ return ast_poll(pfd, 1, ms);
+}
+
+int ast_wait_for_output(int fd, int ms)
+{
+ struct pollfd pfd[1];
+
memset(pfd, 0, sizeof(pfd));
pfd[0].fd = fd;
- pfd[0].events = POLLIN|POLLPRI;
+ pfd[0].events = POLLOUT;
return ast_poll(pfd, 1, ms);
}
-static int ast_wait_for_output(int fd, int timeoutms)
+static int wait_for_output(int fd, int timeoutms)
{
struct pollfd pfd = {
.fd = fd,
@@ -1299,7 +1310,7 @@
int elapsed = 0;
while (len) {
- if (ast_wait_for_output(fd, timeoutms - elapsed)) {
+ if (wait_for_output(fd, timeoutms - elapsed)) {
return -1;
}
@@ -1340,7 +1351,7 @@
int elapsed = 0;
while (len) {
- if (ast_wait_for_output(fd, timeoutms - elapsed)) {
+ if (wait_for_output(fd, timeoutms - elapsed)) {
/* poll returned a fatal error, so bail out immediately. */
return -1;
}
|
