Subject: CVS commit: pkgsrc/comms/asterisk18
From: John Nemeth
Date: 2024-10-21 06:53:15
Message id: 20241021045315.A6DA7FC7E@cvs.NetBSD.org

Log Message:
Upgrade to Asterisk 18.25.0.

## Change Log for Release asterisk-18.25.0

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.25.0.md)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/18.24.3...18.25.0)
 - \ 
[Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18.25.0.tar.gz)
 - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)

### Summary:

- Commits: 24
- Commit Authors: 9
- Issues Resolved: 18
- Security Advisories Resolved: 0

### User Notes:

- #### res_pjsip_notify: add dialplan application
  A new dialplan application PJSIPNotify is now available
  which can send SIP NOTIFY requests from the dialplan.
  The pjsip send notify CLI command has also been enhanced to allow
  sending NOTIFY messages to a specific channel. Syntax:
  pjsip send notify <option> channel <channel>

- #### channel: Add multi-tenant identifier.
  tenantid has been added to channels. It can be read in
  dialplan via CHANNEL(tenantid), and it can be set using
  Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to
  use the new tenantid option for pjsip endpoints (e.g., tenantid=My
  tenant ID) so that it will show up in Newchannel events. You can set it
  like any other channel variable using set_var in pjsip.conf as well, but
  note that this will NOT show up in Newchannel events. Tenant ID is also
  available in CDR and can be accessed with CDR(tenantid). The peer tenant
  ID can also be accessed with CDR(peertenantid). CEL includes tenant ID
  as well if it has been set.

- #### res_pjsip_config_wizard.c: Refactor load process
  The res_pjsip_config_wizard.so module can now be reloaded.

### Upgrade Notes:

- #### channel: Add multi-tenant identifier.
  A new versioned struct (ast_channel_initializers) has been
  added that gets passed to __ast_channel_alloc_ap. The new function
  ast_channel_alloc_with_initializers should be used when creating
  channels that require the use of this struct. Currently the only value
  in the struct is for tenantid, but now more fields can be added to the
  struct as necessary rather than the __ast_channel_alloc_ap function. A
  new option (tenantid) has been added to endpoints in pjsip.conf as well.
  CEL has had its version bumped to include tenant ID.

### Commit Authors:

- Alexei Gradinari: (2)
- Ben Ford: (1)
- Cade Parker: (1)
- George Joseph: (10)
- Jaco Kroon: (1)
- Jean-Denis Girard: (1)
- Mike Bradeen: (3)
- Sean Bright: (2)
- Tinet-Mucw: (3)

## Issue and Commit Detail:

### Closed Issues:

  - 740: [new-feature]: Add multi-tenant identifier to chan_pjsip
  - 763: [bug]: autoservice thread stuck in an endless sleep
  - 780: [bug]: Infinite loop of "Indicated Video Update", max CPU usage
  - 799: [improvement]: Add PJSIPNOTIFY dialplan application
  - 801: [bug]: res_stasis: Occasional 200ms delay adding channel to a bridge
  - 809: [bug]: CLI stir_shaken show verification kills asterisk
  - 816: [bug]: res_pjsip_config_wizard doesn't load properly if res_pjsip is \ 
loaded first
  - 831: [bug]: app_voicemail ODBC
  - 845: [bug]: Buffer overflow in handling of security mechanisms in res_pjsip
  - 847: [bug]: Asterisk not using negotiated fall-back 8K digits
  - 854: [bug]:  wrong properties in stir_shaken.conf.sample
  - 856: [bug]: res_pjsip_sdp_rtp leaks astobj2 ast_format
  - 861: [bug]: ChanSpy unable to read audiohook read direction frame when no \ 
packet lost on both side of the call
  - 876: [bug]: ChanSpy unable to write whisper_audiohook when set flag \ 
OPTION_READONLY
  - 879: [bug]: res_stir_shaken/verification.c: Getting verification errors when \ 
global_disable=yes
  - 884: [bug]: A ':' at the top of in stir_shaken.conf make Asterisk producing \ 
a core file when starting
  - 889: [bug]: res_stir_shaken/verification.c has a stale include for jansson.h \ 
that can cause compilation to fail
  - 904: [bug]: stir_shaken: attest_level isn't being propagated correctly from \ 
attestation to profile to tn

### Commits By Author:

- #### Alexei Gradinari (2):
  - res_pjsip_sdp_rtp fix leaking astobj2 ast_format
  - autoservice: Do not sleep if autoservice_stop is called within autoservice thr..

- #### Ben Ford (1):
  - channel: Add multi-tenant identifier.

- #### Cade Parker (1):
  - chan_mobile: decrease CHANNEL_FRAME_SIZE to prevent delay

- #### George Joseph (10):
  - bridge_softmix: Fix queueing VIDUPDATE control frames
  - res_pjsip_config_wizard.c: Refactor load process
  - stir_shaken: CRL fixes and a new CLI command
  - manager.c: Fix FRACK when doing CoreShowChannelMap in DEVMODE
  - stir_shaken.conf.sample: Fix bad references to private_key_path
  - security_agreements.c: Refactor the to_str functions and fix a few other bugs
  - res_stir_shaken: Check for disabled before param validation
  - res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
  - res_stir_shaken: Remove stale include for jansson.h in verification.c
  - stir_shaken: Fix propagation of attest_level and a few other values

- #### Jaco Kroon (1):
  - configure:  Use . file rather than source file.

- #### Jean-Denis Girard (1):
  - app_voicemail: Fix sql insert mismatch caused by cherry-pick

- #### Mike Bradeen (3):
  - res_stasis: fix intermittent delays on adding channel to bridge
  - res_pjsip_notify: add dialplan application
  - res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch

- #### Sean Bright (2):
  - alembic: Make 'revises' header comment match reality.
  - res_pjsip_logger.c: Fix 'OPTIONS' tab completion.

- #### Tinet-mucw (3):
  - res_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto
  - app_chanspy.c: resolving the issue with audiohook direction read
  - app_chanspy.c: resolving the issue writing frame to whisper audiohook.

### Commit List:

-  stir_shaken: Fix propagation of attest_level and a few other values
-  res_stir_shaken: Remove stale include for jansson.h in verification.c
-  res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
-  res_stir_shaken: Check for disabled before param validation
-  app_chanspy.c: resolving the issue writing frame to whisper audiohook.
-  app_voicemail: Fix sql insert mismatch caused by cherry-pick
-  res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch
-  app_chanspy.c: resolving the issue with audiohook direction read
-  security_agreements.c: Refactor the to_str functions and fix a few other bugs
-  res_pjsip_sdp_rtp fix leaking astobj2 ast_format
-  stir_shaken.conf.sample: Fix bad references to private_key_path
-  res_pjsip_logger.c: Fix 'OPTIONS' tab completion.
-  alembic: Make 'revises' header comment match reality.
-  chan_mobile: decrease CHANNEL_FRAME_SIZE to prevent delay
-  res_pjsip_notify: add dialplan application
-  manager.c: Fix FRACK when doing CoreShowChannelMap in DEVMODE
-  channel: Add multi-tenant identifier.
-  configure:  Use . file rather than source file.
-  res_stasis: fix intermittent delays on adding channel to bridge
-  res_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto
-  stir_shaken: CRL fixes and a new CLI command
-  res_pjsip_config_wizard.c: Refactor load process
-  bridge_softmix: Fix queueing VIDUPDATE control frames

### Commit Details:

#### stir_shaken: Fix propagation of attest_level and a few other values
  Author: George Joseph
  Date:   2024-09-24

  attest_level, send_mky and check_tn_cert_public_url weren't
  propagating correctly from the attestation object to the profile
  and tn.

  * In the case of attest_level, the enum needed to be changed
  so the "0" value (the default) was "NOT_SET" instead of \ 
"A".  This
  now allows the merging of the attestation object, profile and tn
  to detect when a value isn't set and use the higher level value.

  * For send_mky and check_tn_cert_public_url, the tn default was
  forced to "NO" which always overrode the profile and attestation
  objects.  Their defaults are now "NOT_SET" so the propagation
  happens correctly.

  * Just to remove some redundant code in tn_config.c, a bunch of calls to
  generate_sorcery_enum_from_str() and generate_sorcery_enum_to_str() were
  replaced with a single call to generate_acfg_common_sorcery_handlers().

  Resolves: #904

#### res_stir_shaken: Remove stale include for jansson.h in verification.c
  Author: George Joseph
  Date:   2024-09-17

  verification.c had an include for jansson.h left over from previous
  versions of the module.  Since res_stir_shaken no longer has a
  dependency on jansson, the bundled version wasn't added to GCC's
  include path so if you didn't also have a jansson development package
  installed, the compile would fail.  Removing the stale include
  was the only thing needed.

  Resolves: #889

#### res_stir_shaken.c: Fix crash when stir_shaken.conf is invalid
  Author: George Joseph
  Date:   2024-09-13

  * If the call to ast_config_load() returns CONFIG_STATUS_FILEINVALID,
  check_for_old_config() now returns LOAD_DECLINE instead of continuing
  on with a bad pointer.

  * If CONFIG_STATUS_FILEMISSING is returned, check_for_old_config()
  assumes the config is being loaded from realtime and now returns
  LOAD_SUCCESS.  If it's actually not being loaded from realtime,
  sorcery will catch that later on.

  * Also refactored the error handling in load_module() a bit.

  Resolves: #884

#### res_stir_shaken: Check for disabled before param validation
  Author: George Joseph
  Date:   2024-09-11

  For both attestation and verification, we now check whether they've
  been disabled either globally or by the profile before validating
  things like callerid, orig_tn, dest_tn, etc.  This prevents useless
  error messages.

  Resolves: #879

#### app_chanspy.c: resolving the issue writing frame to whisper audiohook.
  Author: Tinet-mucw
  Date:   2024-09-10

  ChanSpy(${channel}, qEoSw): because flags set o, \ 
ast_audiohook_set_frame_feed_direction(audiohook, AST_AUDIOHOOK_DIRECTION_READ); \ 
this will effect whisper audiohook and spy audiohook, this makes writing frame \ 
to whisper audiohook impossible. So add function start_whispering to starting \ 
whisper audiohook.

  Resolves: #876

#### autoservice: Do not sleep if autoservice_stop is called within autoservice thr..
  Author: Alexei Gradinari
  Date:   2024-09-04

  It's possible that ast_autoservice_stop is called within the autoservice thread.
  In this case the autoservice thread is stuck in an endless sleep.

  To avoid endless sleep ast_autoservice_stop must check that it's not called
  within the autoservice thread.

  Fixes: #763

#### app_voicemail: Fix sql insert mismatch caused by cherry-pick
  Author: Jean-Denis Girard
  Date:   2024-08-07

  When commit e8c9cb80 was cherry-picked in from master, the
  fact that the 20 and 18 branches still had the old "macrocontext"
  column wasn't taken into account so the number of named parameters
  didn't match the number of '?' placeholders.  They do now.

  We also now use ast_asprintf to create the full mailbox query SQL
  statement instead of trying to calculate the proper length ourselves.

  Resolves: #831

#### res_pjsip_sdp_rtp: Use negotiated DTMF Payload types on bitrate mismatch
  Author: Mike Bradeen
  Date:   2024-08-21

  When Asterisk sends an offer to Bob that includes 48K and 8K codecs with
  matching 4733 offers, Bob may want to use the 48K audio codec but can not
  accept 48K digits and so negotiates for a mixed set.

  Asterisk will now check Bob's offer to make sure Bob has indicated this is
  acceptible and if not, will use Bob's preference.

  Fixes: #847

#### app_chanspy.c: resolving the issue with audiohook direction read
  Author: Tinet-mucw
  Date:   2024-08-30

  ChanSpy(${channel}, qEoS): When chanspy spy the direction read, reading frame \ 
is often failed when reading direction read audiohook. because chanspy only read \ 
audiohook direction read; write_factory_ms will greater than 100ms soon, then \ 
ast_slinfactory_flush will being called, then direction read will fail.

  Resolves: #861

#### security_agreements.c: Refactor the to_str functions and fix a few other bugs
  Author: George Joseph
  Date:   2024-08-17

  * A static array of security mechanism type names was created.

  * ast_sip_str_to_security_mechanism_type() was refactored to do
    a lookup in the new array instead of using fixed "if/else if"
    statments.

  * security_mechanism_to_str() and ast_sip_security_mechanisms_to_str()
    were refactored to use ast_str instead of a fixed length buffer
    to store the result.

  * ast_sip_security_mechanism_type_to_str was removed in favor of
    just referencing the new type name array.  Despite starting with
    "ast_sip_", it was a static function so removing it doesn't affect
    ABI.

  * Speaking of "ast_sip_", several other static functions that
    started with "ast_sip_" were renamed to avoid confusion about
    their public availability.

  * A few VECTOR free loops were replaced with AST_VECTOR_RESET().

  * Fixed a meomry leak in pjsip_configuration.c endpoint_destructor
    caused by not calling ast_sip_security_mechanisms_vector_destroy().

  * Fixed a memory leak in res_pjsip_outbound_registration.c
    add_security_headers() caused by not specifying OBJ_NODATA in
    an ao2_callback.

  * Fixed a few ao2_callback return code misuses.

  Resolves: #845

#### res_pjsip_sdp_rtp fix leaking astobj2 ast_format
  Author: Alexei Gradinari
  Date:   2024-08-23

  PR #700 added a preferred_format for the struct ast_rtp_codecs,
  but when set the preferred_format it leaks an astobj2 ast_format.
  In the next code
  ast_rtp_codecs_set_preferred_format(&codecs, \ 
ast_format_cap_get_format(joint, 0));
  both functions ast_rtp_codecs_set_preferred_format
  and ast_format_cap_get_format increases the ao2 reference count.

  Fixes: #856

#### stir_shaken.conf.sample: Fix bad references to private_key_path
  Author: George Joseph
  Date:   2024-08-22

  They should be private_key_file.

  Resolves: #854

#### res_pjsip_logger.c: Fix 'OPTIONS' tab completion.
  Author: Sean Bright
  Date:   2024-08-19

  Fixes #843

#### alembic: Make 'revises' header comment match reality.
  Author: Sean Bright
  Date:   2024-08-17

#### chan_mobile: decrease CHANNEL_FRAME_SIZE to prevent delay
  Author: Cade Parker
  Date:   2024-08-07

  On modern Bluetooth devices or lower-powered asterisk servers, decreasing the \ 
channel frame size significantly improves latency and delay on outbound calls \ 
with only a mild sacrifice to the quality of the call (the frame size before was \ 
massive overkill to begin with)

#### res_pjsip_notify: add dialplan application
  Author: Mike Bradeen
  Date:   2024-07-09

  Add dialplan application PJSIPNOTIFY to send either pre-configured
  NOTIFY messages from pjsip_notify.conf or with headers defined in
  dialplan.

  Also adds the ability to send pre-configured NOTIFY commands to a
  channel via the CLI.

  Resolves: #799

  UserNote: A new dialplan application PJSIPNotify is now available
  which can send SIP NOTIFY requests from the dialplan.

  The pjsip send notify CLI command has also been enhanced to allow
  sending NOTIFY messages to a specific channel. Syntax:

  pjsip send notify <option> channel <channel>

#### manager.c: Fix FRACK when doing CoreShowChannelMap in DEVMODE
  Author: George Joseph
  Date:   2024-08-08

  If you run an AMI CoreShowChannelMap on a channel that isn't in a
  bridge and you're in DEVMODE, you can get a FRACK because the
  bridge id is empty.  We now simply return an empty list for that
  request.

#### channel: Add multi-tenant identifier.
  Author: Ben Ford
  Date:   2024-05-21

  This patch introduces a new identifier for channels: tenantid. It's
  a stringfield on the channel that can be used for general purposes. It
  will be inherited by other channels the same way that linkedid is.

  You can set tenantid in a few ways. The first is to set it in the
  dialplan with the Set and CHANNEL functions:

  exten => example,1,Set(CHANNEL(tenantid)=My tenant ID)

  It can also be accessed via CHANNEL:

  exten => example,2,NoOp(CHANNEL(tenantid))

  Another method is to use the new tenantid option for pjsip endpoints in
  pjsip.conf:

  [my_endpoint]
  type=endpoint
  tenantid=My tenant ID

  This is considered the best approach since you will be able to see the
  tenant ID as early as the Newchannel event.

  It can also be set using set_var in pjsip.conf on the endpoint like
  setting other channel variable:

  set_var=CHANNEL(tenantid)=My tenant ID

  Note that set_var will not show tenant ID on the Newchannel event,
  however.

  Tenant ID has also been added to CDR. It's read-only and can be accessed
  via CDR(tenantid). You can also get the tenant ID of the last channel
  communicated with via CDR(peertenantid).

  Tenant ID will also show up in CEL records if it has been set, and the
  version number has been bumped accordingly.

  Fixes: #740

  UserNote: tenantid has been added to channels. It can be read in
  dialplan via CHANNEL(tenantid), and it can be set using
  Set(CHANNEL(tenantid)=My tenant ID). In pjsip.conf, it is recommended to
  use the new tenantid option for pjsip endpoints (e.g., tenantid=My
  tenant ID) so that it will show up in Newchannel events. You can set it
  like any other channel variable using set_var in pjsip.conf as well, but
  note that this will NOT show up in Newchannel events. Tenant ID is also
  available in CDR and can be accessed with CDR(tenantid). The peer tenant
  ID can also be accessed with CDR(peertenantid). CEL includes tenant ID
  as well if it has been set.

  UpgradeNote: A new versioned struct (ast_channel_initializers) has been
  added that gets passed to __ast_channel_alloc_ap. The new function
  ast_channel_alloc_with_initializers should be used when creating
  channels that require the use of this struct. Currently the only value
  in the struct is for tenantid, but now more fields can be added to the
  struct as necessary rather than the __ast_channel_alloc_ap function. A
  new option (tenantid) has been added to endpoints in pjsip.conf as well.
  CEL has had its version bumped to include tenant ID.

#### configure:  Use . file rather than source file.
  Author: Jaco Kroon
  Date:   2024-08-05

  source is a bash concept, so when /bin/sh points to another shell the
  existing construct won't work.

  Reference: https://bugs.gentoo.org/927055
  Signed-off-by: Jaco Kroon <jaco@uls.co.za>

#### res_stasis: fix intermittent delays on adding channel to bridge
  Author: Mike Bradeen
  Date:   2024-07-10

  Previously, on command execution, the control thread was awoken by
  sending a SIGURG. It was found that this still resulted in some
  instances where the thread was not immediately awoken.

  This change instead sends a null frame to awaken the control thread,
  which awakens the thread more consistently.

  Resolves: #801

#### res_pjsip_sdp_rtp.c: Fix DTMF Handling in Re-INVITE with dtmf_mode set to auto
  Author: Tinet-mucw
  Date:   2024-08-02

  When the endpoint dtmf_mode is set to auto, a SIP request is sent to the UAC, \ 
and the SIP SDP from the UAC does not include the telephone-event. Later, the \ 
UAC sends an INVITE, and the SIP SDP includes the telephone-event. In this case, \ 
DTMF should be sent by RFC2833 rather than using inband signaling.

  Resolves: asterisk#826

#### stir_shaken: CRL fixes and a new CLI command
  Author: George Joseph
  Date:   2024-07-19

  * Fixed a bug in crypto_show_cli_store that was causing asterisk
  to crash if there were certificate revocation lists in the
  verification certificate store.  We're also now prefixing
  certificates with "Cert:" and CRLs with "CRL:" to \ 
distinguish them
  in the list.

  * Added 'untrusted_cert_file' and 'untrusted_cert_path' options
  to both verification and profile objects.  If you have CRLs that
  are signed by a different CA than the incoming X5U certificate
  (indirect CRL), you'll need to provide the certificate of the
  CRL signer here.  Thse will show up as 'Untrusted" when showing
  the verification or profile objects.

  * Fixed loading of crl_path.  The OpenSSL API we were using to
  load CRLs won't actually load them from a directory, only a file.
  We now scan the directory ourselves and load the files one-by-one.

  * Fixed the verification flags being set on the certificate store.
    - Removed the CRL_CHECK_ALL flag as this was causing all certificates
      to be checked for CRL extensions and failing to verify the cert if
      there was none.  This basically caused all certs to fail when a CRL
      was provided via crl_file or crl_path.
    - Added the EXTENDED_CRL_SUPPORT flag as it is required to handle
      indirect CRLs.

  * Added a new CLI command...
  `stir_shaken verify certificate_file <certificate_file> [ <profile> ]`
  which will assist troubleshooting certificate problems by allowing
  the user to manually verify a certificate file against either the
  global verification certificate store or the store for a specific
  profile.

  * Updated the XML documentation and the sample config file.

  Resolves: #809

#### res_pjsip_config_wizard.c: Refactor load process
  Author: George Joseph
  Date:   2024-07-23

  The way we have been initializing the config wizard prevented it
  from registering its objects if res_pjsip happened to load
  before it.

  * We now use the object_type_registered sorcery observer to kick
  things off instead of the wizard_mapped observer.

  * The load_module function now checks if res_pjsip has been loaded
  already and if it was it fires the proper observers so the objects
  load correctly.

  Resolves: #816

  UserNote: The res_pjsip_config_wizard.so module can now be reloaded.

#### bridge_softmix: Fix queueing VIDUPDATE control frames
  Author: George Joseph
  Date:   2024-07-17

  softmix_bridge_write_control() now calls ast_bridge_queue_everyone_else()
  with the bridge_channel so the VIDUPDATE control frame isn't echoed back.

  softmix_bridge_write_control() was setting bridge_channel to NULL
  when calling ast_bridge_queue_everyone_else() for VIDUPDATE control
  frames.  This was causing the frame to be echoed back to the
  channel it came from.  In certain cases, like when two channels or
  bridges are being recorded, this can cause a ping-pong effect that
  floods the system with VIDUPDATE control frames.

  Resolves: #780

## Change Log for Release asterisk-18.24.3

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.24.3.md)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/18.24.2...18.24.3)
 - \ 
[Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18.24.3.tar.gz)
 - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)

### Summary:

- Commits: 1
- Commit Authors: 1
- Issues Resolved: 0
- Security Advisories Resolved: 1
  - \ 
[GHSA-v428-g3cw-7hv9](https://github.com/asterisk/asterisk/security/advisories/GHSA-v428-g3cw-7hv9): \ 
A malformed Contact or Record-Route URI in an incoming SIP request can cause \ 
Asterisk to crash when res_resolver_unbound is used

### User Notes:

### Upgrade Notes:

### Commit Authors:

- George Joseph: (1)

## Issue and Commit Detail:

### Closed Issues:

  - !GHSA-v428-g3cw-7hv9: A malformed Contact or Record-Route URI in an incoming \ 
SIP request can cause Asterisk to crash when res_resolver_unbound is used

### Commits By Author:

- #### George Joseph (1):
  - res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback

### Commit List:

-  res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback

### Commit Details:

#### res_resolver_unbound: Test for NULL ub_result in unbound_resolver_callback
  Author: George Joseph
  Date:   2024-08-12

  The ub_result pointer passed to unbound_resolver_callback by
  libunbound can be NULL if the query was for something malformed
  like `.1` or `[.1]`.  If it is, we now set a 'ns_r_formerr' result
  and return instead of crashing with a SEGV.  This causes pjproject
  to simply cancel the transaction with a "No answer record in the DNS
  response" error.  The existing "off nominal" unit test was also
  updated to check this condition.

  Although not necessary for this fix, we also made
  ast_dns_resolver_completed() tolerant of a NULL result.

  Resolves: GHSA-v428-g3cw-7hv9

## Change Log for Release asterisk-18.24.2

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.24.2.md)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/18.24.1...18.24.2)
 - \ 
[Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18.24.2.tar.gz)
 - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)

### Summary:

- Commits: 1
- Commit Authors: 1
- Issues Resolved: 0
- Security Advisories Resolved: 1
  - \ 
[GHSA-c4cg-9275-6w44](https://github.com/asterisk/asterisk/security/advisories/GHSA-c4cg-9275-6w44): \ 
Write=originate, is sufficient permissions for code execution / System() \ 
dialplan

### User Notes:

### Upgrade Notes:

### Commit Authors:

- George Joseph: (1)

## Issue and Commit Detail:

### Closed Issues:

  - !GHSA-c4cg-9275-6w44: Write=originate, is sufficient permissions for code \ 
execution / System() dialplan

### Commits By Author:

- #### George Joseph (1):
  - manager.c: Add entries to Originate blacklist

### Commit List:

-  manager.c: Add entries to Originate blacklist

### Commit Details:

#### manager.c: Add entries to Originate blacklist
  Author: George Joseph
  Date:   2024-07-22

  Added Reload and DBdeltree to the list of dialplan application that
  can't be executed via the Originate manager action without also
  having write SYSTEM permissions.

  Added CURL, DB*, FILE, ODBC and REALTIME* to the list of dialplan
  functions that can't be executed via the Originate manager action
  without also having write SYSTEM permissions.

  If the Queue application is attempted to be run by the Originate
  manager action and an AGI parameter is specified in the app data,
  it'll be rejected unless the manager user has either the AGI or
  SYSTEM permissions.

  Resolves: #GHSA-c4cg-9275-6w44

## Change Log for Release asterisk-18.24.1

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.24.1.md)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/18.24.0...18.24.1)
 - \ 
[Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18.24.1.tar.gz)
 - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)

### Summary:

- Commits: 2
- Commit Authors: 1
- Issues Resolved: 2
- Security Advisories Resolved: 0

### User Notes:

### Upgrade Notes:

### Commit Authors:

- George Joseph: (2)

## Issue and Commit Detail:

### Closed Issues:

  - 819: [bug]: Typo in voicemail.conf.sample that stops it from loading when \ 
using "make samples"
  - 822: [bug]: segfault in main/rtp_engine.c:1489 after updating 20.8.1 -> 20.9.0

### Commits By Author:

- #### George Joseph (2):
  - voicemail.conf.sample: Fix ':' comment typo
  - rtp_engine.c: Prevent segfault in ast_rtp_codecs_payloads_unset()

### Commit List:

-  rtp_engine.c: Prevent segfault in ast_rtp_codecs_payloads_unset()
-  voicemail.conf.sample: Fix ':' comment typo

### Commit Details:

#### rtp_engine.c: Prevent segfault in ast_rtp_codecs_payloads_unset()
  Author: George Joseph
  Date:   2024-07-25

  There can be empty slots in payload_mapping_tx corresponding to
  dynamic payload types that haven't been seen before so we now
  check for NULL before attempting to use 'type' in the call to
  ast_format_cmp.

  Note: Currently only chan_sip calls ast_rtp_codecs_payloads_unset()

  Resolves: #822

#### voicemail.conf.sample: Fix ':' comment typo
  Author: George Joseph
  Date:   2024-07-24

  ...and removed an errant trailing space.

  Resolves: #819

## Change Log for Release asterisk-18.24.0

### Links:

 - [Full \ 
ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.24.0.md)
 - [GitHub Diff](https://github.com/asterisk/asterisk/compare/18.23.1...18.24.0)
 - \ 
[Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-18.24.0.tar.gz)
 - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)

### Summary:

- Commits: 19
- Commit Authors: 8
- Issues Resolved: 8
- Security Advisories Resolved: 0

### User Notes:

- #### app_voicemail_odbc: Allow audio to be kept on disk
  This commit adds a new voicemail.conf option
  'odbc_audio_on_disk' which when set causes the ODBC variant of
  app_voicemail_odbc to leave the message and greeting audio files
  on disk and only store the message metadata in the database.
  Much more information can be found in the voicemail.conf.sample
  file.

- #### app_queue:  Add option to not log Restricted Caller ID to queue_log
  Add a Queue option log-restricted-caller-id to control whether the Restricted \ 
Caller ID
  will be stored in the queue log.
  If log-restricted-caller-id=no then the Caller ID will be stripped if the \ 
Caller ID is restricted.

- #### pbx.c: expand fields width of "core show hints"
  The fields width of "core show hints" were increased.
  The width of "extension" field to 30 characters and
  the width of the "device state id" field to 60 characters.

- #### rtp_engine: add support for multirate RFC2833 digits
  No change in configuration is required in order to enable this
  feature. Endpoints configured to use RFC2833 will automatically have this
  enabled. If the endpoint does not support this, it should not include it in
  the SDP offer/response.
  Resolves: #699

### Upgrade Notes:

- #### app_queue:  Add option to not log Restricted Caller ID to queue_log
  Add a new column to the queues table:
  queue_log_option_log_restricted ENUM('0','1','off','on','false','true','no','yes')
  to control whether the Restricted Caller ID will be stored in the queue log.

### Commit Authors:

- Alexei Gradinari: (2)
- Chrsmj: (1)
- George Joseph: (4)
- Igor Goncharovsky: (1)
- Mike Bradeen: (2)
- Sean Bright: (7)
- Tinet-Mucw: (1)
- Walter Doekes: (1)

## Issue and Commit Detail:

### Closed Issues:

  - 699: [improvement]: Add support for multi-rate DTMF
  - 736: [bug]: Seg fault on CLI after PostgreSQL CDR module fails to load for a \ 
second time
  - 765: [improvement]: Add option to not log Restricted Caller ID to queue_log
  - 770: [improvement]: pbx.c: expand fields width of "core show hints"
  - 776: [bug] DTMF broken after rtp_engine: add support for multirate RFC2833 \ 
digits commit
  - 783: [bug]: Under certain circumstances a channel snapshot can get orphaned \ 
in the cache
  - 789: [bug]: Mediasec headers aren't sent on outgoing INVITEs
  - 797: [bug]:

### Commits By Author:

- ### Alexei Gradinari (2):
  - pbx.c: expand fields width of "core show hints"
  - app_queue:  Add option to not log Restricted Caller ID to queue_log

- ### George Joseph (4):
  - app_voicemail_odbc: Allow audio to be kept on disk
  - stasis_channels: Use uniqueid and name to delete old snapshots
  - security_agreement.c: Always add the Require and Proxy-Require headers
  - ast-db-manage: Remove duplicate enum creation

- ### Igor Goncharovsky (1):
  - res_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS()

- ### Mike Bradeen (2):
  - rtp_engine: add support for multirate RFC2833 digits
  - res_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits

- ### Sean Bright (7):
  - file.h: Rename function argument to avoid C++ keyword clash.
  - bundled_pjproject: Disable UPnP support.
  - asterisk.c: Don't log an error if .asterisk_history does not exist.
  - xml.c: Update deprecated libxml2 API usage.
  - manager.c: Properly terminate `CoreShowChannelMap` event.
  - pjsip: Add PJSIP_PARSE_URI_FROM dialplan function.
  - logger.h: Include SCOPE_CALL_WITH_INT_RESULT() in non-dev-mode builds.

- ### Tinet-mucw (1):
  - bridge_basic.c: Make sure that ast_bridge_channel is not destroyed while itera..

- ### Walter Doekes (1):
  - chan_ooh323: Fix R/0 typo in docs

- ### chrsmj (1):
  - cdr_pgsql: Fix crash when the module fails to load multiple times.

### Commit List:

-  res_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS()
-  res_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits
-  ast-db-manage: Remove duplicate enum creation
-  security_agreement.c: Always add the Require and Proxy-Require headers
-  logger.h: Include SCOPE_CALL_WITH_INT_RESULT() in non-dev-mode builds.
-  stasis_channels: Use uniqueid and name to delete old snapshots
-  app_voicemail_odbc: Allow audio to be kept on disk
-  app_queue:  Add option to not log Restricted Caller ID to queue_log
-  pbx.c: expand fields width of "core show hints"
-  pjsip: Add PJSIP_PARSE_URI_FROM dialplan function.
-  manager.c: Properly terminate `CoreShowChannelMap` event.
-  xml.c: Update deprecated libxml2 API usage.
-  cdr_pgsql: Fix crash when the module fails to load multiple times.
-  asterisk.c: Don't log an error if .asterisk_history does not exist.
-  chan_ooh323: Fix R/0 typo in docs
-  bundled_pjproject: Disable UPnP support.
-  file.h: Rename function argument to avoid C++ keyword clash.
-  rtp_engine: add support for multirate RFC2833 digits

### Commit Details:

#### res_pjsip_path.c: Fix path when dialing using PJSIP_DIAL_CONTACTS()
  Author: Igor Goncharovsky
  Date:   2024-05-12

  When using the PJSIP_DIAL_CONTACTS() function for use in the Dial()
  command, the contacts are returned in text form, so the input to
  the path_outgoing_request() function is a contact value of NULL.
  The issue was reported in ASTERISK-28211, but was not actually fixed
  in ASTERISK-30100. This fix brings back the code that was previously
  removed and adds code to search for a contact to extract the path
  value from it.

#### res_pjsip_sdp_rtp: Add support for default/mismatched 8K RFC 4733/2833 digits
  Author: Mike Bradeen
  Date:   2024-06-21

  After change made in 624f509 to add support for non 8K RFC 4733/2833 digits,
  Asterisk would only accept RFC 4733/2833 offers that matched the sample rate of
  the negotiated codec(s).

  This change allows Asterisk to accept 8K RFC 4733/2833 offers if the UAC
  offfers 8K RFC 4733/2833 but negotiates for a non 8K bitrate codec.

  A number of corresponding tests in tests/channels/pjsip/dtmf_sdp also needed to
  be re-written to allow for these scenarios.

  Fixes: #776

#### ast-db-manage: Remove duplicate enum creation
  Author: George Joseph
  Date:   2024-07-08

  Remove duplicate creation of ast_bool_values from
  2b7c507d7d12_add_queue_log_option_log_restricted_.py.  This was
  causing alembic upgrades to fail since the enum was already created
  in fe6592859b85_fix_mwi_subscribe_replaces_.py back in 2018.

  Resolves: #797

#### security_agreement.c: Always add the Require and Proxy-Require headers
  Author: George Joseph
  Date:   2024-07-03

  The `Require: mediasec` and `Proxy-Require: mediasec` headers need
  to be sent whenever we send `Security-Client` or `Security-Verify`
  headers but the logic to do that was only in add_security_headers()
  in res_pjsip_outbound_register.  So while we were sending them on
  REGISTER requests, we weren't sending them on INVITE requests.

  This commit moves the logic to send the two headers out of
  res_pjsip_outbound_register:add_security_headers() and into
  security_agreement:ast_sip_add_security_headers().  This way
  they're always sent when we send `Security-Client` or
  `Security-Verify`.

  Resolves: #789

#### logger.h: Include SCOPE_CALL_WITH_INT_RESULT() in non-dev-mode builds.
  Author: Sean Bright
  Date:   2024-06-29

  Fixes #785

#### stasis_channels: Use uniqueid and name to delete old snapshots
  Author: George Joseph
  Date:   2024-05-08

  Whenver a new channel snapshot is created or when a channel is
  destroyed, we need to delete any existing channel snapshot from
  the snapshot cache.  Historically, we used the channel->snapshot
  pointer to delete any existing snapshots but this has two issues.

  First, if something (possibly ast_channel_internal_swap_snapshots)
  sets channel->snapshot to NULL while there's still a snapshot in
  the cache, we wouldn't be able to delete it and it would be orphaned
  when the channel is destroyed.  Since we use the cache to list
  channels from the CLI, AMI and ARI, it would appear as though the
  channel was still there when it wasn't.

  Second, since there are actually two caches, one indexed by the
  channel's uniqueid, and another indexed by the channel's name,
  deleting from the caches by pointer requires a sequential search of
  all of the hash table buckets in BOTH caches to find the matching
  snapshots.  Not very efficient.

  So, we now delete from the caches using the channel's uniqueid
  and name.  This solves both issues.

  This doesn't address how channel->snapshot might have been set
  to NULL in the first place because although we have concrete
  evidence that it's happening, we haven't been able to reproduce it.

  Resolves: #783

#### app_voicemail_odbc: Allow audio to be kept on disk
  Author: George Joseph
  Date:   2024-04-09

  This commit adds a new voicemail.conf option 'odbc_audio_on_disk'
  which when set causes the ODBC variant of app_voicemail to leave
  the message and greeting audio files on disk and only store the
  message metadata in the database.  This option came from a concern
  that the database could grow to large and cause remote access
  and/or replication to become slow.  In a clustering situation
  with this option, all asterisk instances would share the same
  database for the metadata and either use a shared filesystem
  or other filesystem replication service much more suitable
  for synchronizing files.

  The changes to app_voicemail to implement this feature were actually
  quite small but due to the complexity of the module, the actual
  source code changes were greater.  They fall into the following
  categories:

  * Tracing.  The module is so complex that it was impossible to
  figure out the path taken for various scenarios without the addition
  of many SCOPE_ENTER, SCOPE_EXIT and ast_trace statements, even in
  code that's not related to the functional change.  Making this worse
  was the fact that many "if" statements in this module didn't use
  braces.  Since the tracing macros add multiple statements, many "if"
  statements had to be converted to use braces.

  * Excessive use of PATH_MAX.  Previous maintainers of this module
  used PATH_MAX to allocate character arrays for filesystem paths
  and SQL statements as though they cost nothing.  In fact, PATH_MAX
  is defined as 4096 bytes!  Some functions had (and still have)
  multiples of these.  One function has 7.  Given that the vast
  majority of installations use the default spool directory path
  `/var/spool/asterisk/voicemail`, the actual path length is usually
  less than 80 bytes.  That's over 4000 bytes wasted.  It was the
  same for SQL statement buffers.  A 4K buffer for statement that
  only needed 60 bytes.  All of these PATH_MAX allocations in the
  ODBC related code were changed to dynamically allocated buffers.
  The rest will have to be addressed separately.

  * Bug fixes.  During the development of this feature, several
  pre-existing ODBC related bugs were discovered and fixed.  They
  had to do with leaving orphaned files on disk, not preserving
  original message ids when moving messages between folders,
  not honoring the "formats" config parameter in certain circumstances,
  etc.

  UserNote: This commit adds a new voicemail.conf option
  'odbc_audio_on_disk' which when set causes the ODBC variant of
  app_voicemail_odbc to leave the message and greeting audio files
  on disk and only store the message metadata in the database.
  Much more information can be found in the voicemail.conf.sample
  file.

#### bridge_basic.c: Make sure that ast_bridge_channel is not destroyed while itera..
  Author: Tinet-mucw
  Date:   2024-06-13

  Resolves: https://github.com/asterisk/asterisk/issues/768

#### app_queue:  Add option to not log Restricted Caller ID to queue_log
  Author: Alexei Gradinari
  Date:   2024-06-12

  Add a queue option log-restricted-caller-id to strip the Caller ID when \ 
storing the ENTERQUEUE event
  in the queue log if the Caller ID is restricted.

  Resolves: #765

  UpgradeNote: Add a new column to the queues table:
  queue_log_option_log_restricted ENUM('0','1','off','on','false','true','no','yes')
  to control whether the Restricted Caller ID will be stored in the queue log.

  UserNote: Add a Queue option log-restricted-caller-id to control whether the \ 
Restricted Caller ID
  will be stored in the queue log.
  If log-restricted-caller-id=no then the Caller ID will be stripped if the \ 
Caller ID is restricted.

#### pbx.c: expand fields width of "core show hints"
  Author: Alexei Gradinari
  Date:   2024-06-13

  The current width for "extension" is 20 and "device state \ 
id" is 20, which is too small.
  The "extension" field contains "ext"@"context", \ 
so 20 characters is not enough.
  The "device state id" field, for example for Queue pause state \ 
contains Queue:"queue_name"_pause_PSJIP/"endpoint", so the \ 
20 characters is not enough.

  Increase the width of "extension" field to 30 characters and the \ 
width of the "device state id" field to 60 characters.

  Resolves: #770

  UserNote: The fields width of "core show hints" were increased.
  The width of "extension" field to 30 characters and
  the width of the "device state id" field to 60 characters.

#### pjsip: Add PJSIP_PARSE_URI_FROM dialplan function.
  Author: Sean Bright
  Date:   2024-06-02

  Various SIP headers permit a URI to be prefaced with a `display-name`
  production that can include characters (like commas and parentheses)
  that are problematic for Asterisk's dialplan parser and, specifically
  in the case of this patch, the PJSIP_PARSE_URI function.

  This patch introduces a new function - `PJSIP_PARSE_URI_FROM` - that
  behaves identically to `PJSIP_PARSE_URI` except that the first
  argument is now a variable name and not a literal URI.

  Fixes #756

#### manager.c: Properly terminate `CoreShowChannelMap` event.
  Author: Sean Bright
  Date:   2024-06-10

  Fixes #761

#### xml.c: Update deprecated libxml2 API usage.
  Author: Sean Bright
  Date:   2024-05-23

  Two functions are deprecated as of libxml2 2.12:

    * xmlSubstituteEntitiesDefault
    * xmlParseMemory

  So we update those with supported API.

  Additionally, `res_calendar_caldav` has been updated to use libxml2's
  xmlreader API instead of the SAX2 API which has always felt a little
  hacky (see deleted comment block in `res_calendar_caldav.c`).

  The xmlreader API has been around since libxml2 2.5.0 which was
  released in 2003.

  Fixes #725

#### cdr_pgsql: Fix crash when the module fails to load multiple times.
  Author: chrsmj
  Date:   2024-05-16

  Missing or corrupt cdr_pgsql.conf configuration file can cause the
  second attempt to load the PostgreSQL CDR module to crash Asterisk via
  the Command Line Interface because a null CLI command is registered on
  the first failed attempt to load the module.

  Resolves: #736

#### asterisk.c: Don't log an error if .asterisk_history does not exist.
  Author: Sean Bright
  Date:   2024-05-27

  Fixes #751

#### chan_ooh323: Fix R/0 typo in docs
  Author: Walter Doekes
  Date:   2024-05-27

#### bundled_pjproject: Disable UPnP support.
  Author: Sean Bright
  Date:   2024-05-24

  Fixes #747

#### file.h: Rename function argument to avoid C++ keyword clash.
  Author: Sean Bright
  Date:   2024-05-24

  Fixes #744

#### rtp_engine: add support for multirate RFC2833 digits
  Author: Mike Bradeen
  Date:   2024-04-08

  Add RFC2833 DTMF support for 16K, 24K, and 32K bitrate codecs.

  Asterisk currently treats RFC2833 Digits as a single rtp payload type
  with a fixed bitrate of 8K.  This change would expand that to 8, 16,
  24 and 32K.

  This requires checking the offered rtp types for any of these bitrates
  and then adding an offer for each (if configured for RFC2833.)  DTMF
  generation must also be changed in order to look at the current outbound
  codec in order to generate appropriately timed rtp.

  For cases where no outgoing audio has yet been sent prior to digit
  generation, Asterisk now has a concept of a 'preferred' codec based on
  offer order.

  On inbound calls Asterisk will mimic the payload types of the RFC2833
  digits.

  On outbound calls Asterisk will choose the next free payload types starting
  with 101.

  UserNote: No change in configuration is required in order to enable this
  feature. Endpoints configured to use RFC2833 will automatically have this
  enabled. If the endpoint does not support this, it should not include it in
  the SDP offer/response.

  Resolves: #699

Files:
RevisionActionfile
1.162modifypkgsrc/comms/asterisk18/Makefile
1.32modifypkgsrc/comms/asterisk18/PLIST
1.77modifypkgsrc/comms/asterisk18/distinfo
1.3modifypkgsrc/comms/asterisk18/patches/patch-apps_app__voicemail.c
1.6modifypkgsrc/comms/asterisk18/patches/patch-configure