aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2009-08-18git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@212958 ↵v1.2.33kpfleming12-12/+30
f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-05Importing release summary for 1.2.33 release.lmadsen2-0/+193
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199269 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-05Update ChangeLoglmadsen1-2/+6
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199265 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-05update ChangeLogdvossel1-3/+5
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199261 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-04update ChangeLog reflecting AST-2009-001 updatesdvossel1-0/+8
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199210 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-04IAX2 REGAUTH loopdvossel2-12/+18
IAX was not sending REGREJ to terminate invalid registrations. Instead it sent another REGAUTH if the authentication challenge failed. This caused a loop of REGREQ and REGAUTH frames. This patch also fixes some compile errors that occured using gcc v4.3.2. (Related to Security fix AST-2009-001) (closes issue #14386) Reported by: sabbathbh git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199188 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-04Additional updates to AST-2009-001dvossel1-4/+20
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199149 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-04Update .versionlmadsen1-1/+1
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199130 f38db490-d61c-443f-a65b-d21fe96a405b
2009-06-04Create new tag for 1.2.33.lmadsen0-0/+0
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.33@199125 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Importing release summary for 1.2.32 release.lmadsen2-0/+138
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.32@186146 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Importing files for 1.2.32 release.lmadsen3-0/+6806
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.32@186145 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Creating tag for the release of asterisk-1.2.32lmadsen5-6944/+0
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.32@186144 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Importing release summary for 1.2.32 release.lmadsen2-0/+138
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.32@186142 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Importing files for 1.2.32 release.lmadsen3-0/+6806
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.32@186141 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Creating tag for the release of asterisk-1.2.32lmadsen0-0/+0
git-svn-id: http://svn.digium.com/svn/asterisk/tags/1.2.32@186139 f38db490-d61c-443f-a65b-d21fe96a405b
2009-04-02Fix for AST-2009-003tilghman2-10/+91
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@186056 f38db490-d61c-443f-a65b-d21fe96a405b
2009-01-23Updates to AST-2009-001tilghman1-3/+6
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@170580 f38db490-d61c-443f-a65b-d21fe96a405b
2009-01-151.2 regression on security fix AST-2009-001tilghman1-13/+11
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@168632 f38db490-d61c-443f-a65b-d21fe96a405b
2009-01-09add license for Allison Smith prompts (AST-162)kpfleming1-0/+310
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@168197 f38db490-d61c-443f-a65b-d21fe96a405b
2009-01-06Security fix AST-2009-001.tilghman1-16/+28
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@167259 f38db490-d61c-443f-a65b-d21fe96a405b
2008-12-10Fix for AST-2008-012tilghman1-2/+2
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@162868 f38db490-d61c-443f-a65b-d21fe96a405b
2008-12-05Fix build errors on FreeBSD (uint -> unsigned int).seanbright2-4/+4
(closes issue #14006) Reported by: alphaque Patches: astobj2.h-patch uploaded by alphaque (license 259) (Slightly modified by seanbright) git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@161421 f38db490-d61c-443f-a65b-d21fe96a405b
2008-11-25Regression fix for last security fix. Set the iseqno correctly.tilghman1-2/+2
(closes issue #13918) Reported by: ffloimair Patches: 20081119__bug13918.diff.txt uploaded by Corydon76 (license 14) Tested by: ffloimair git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@159245 f38db490-d61c-443f-a65b-d21fe96a405b
2008-08-09Regression fixes for Solaristilghman2-0/+3
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@136945 f38db490-d61c-443f-a65b-d21fe96a405b
2008-07-25Fix the IAX2 URI for calling Digiumrussell1-1/+1
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@133577 f38db490-d61c-443f-a65b-d21fe96a405b
2008-07-24This part was not correctly patched for AST-2008-010.tilghman1-2/+2
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@133360 f38db490-d61c-443f-a65b-d21fe96a405b
2008-07-22Fixes for AST-2008-010 and AST-2008-011tilghman2-1/+38
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@132711 f38db490-d61c-443f-a65b-d21fe96a405b
2008-06-03Copy the From header into a variable so that pedantic SIP handling does not ↵file1-5/+6
try to mess with a NULL pointer. (AST-2008-008) (closes issue #12607) Reported by: hooi git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@120109 f38db490-d61c-443f-a65b-d21fe96a405b
2008-05-30- Instead of only enforcing destination call number checking on an ACK, checkrussell1-11/+53
all full frames except for PING and LAGRQ, which may be sent by older versions too quickly to contain the destination call number. (As suggested by Tim Panton on the asterisk-dev list) - Merge changes from team/russell/iax2-frame-race, which prevents PING and LAGRQ from being sent before the destination call number is known. git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@119237 f38db490-d61c-443f-a65b-d21fe96a405b
2008-05-29Merge changes from team/russell/iax2-another-fix-to-the-fixrussell1-7/+8
As described in the following post to the asterisk-dev mailing list, only enforce destination call numbers when processing an ACK. http://lists.digium.com/pipermail/asterisk-dev/2008-May/033217.html git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@119008 f38db490-d61c-443f-a65b-d21fe96a405b
2008-05-08Fix a race condition that bbryant just found while doing some IAX2 testing.russell1-1/+33
He was running Asterisk trunk running IAX2 calls through a few Asterisk boxes, however, the audio was extremely choppy. We looked at a packet trace and saw a storm of INVAL and VNAK frames being sent from one box to another. It turned out that what had happened was that one box tried to send a CONTROL frame before the 3 way handshake had completed. So, that frame did not include the destination call number, because it didn't have it yet. Part of our recent work for security issues included an additional check to ensure that frames that are supposed to include the destination call number have the correct one. This caused the frame to be rejected with an INVAL. The frame would get retransmitted for forever, rejected every time ... This race condition exists in all versions that got the security changes, in theory. However, it is really only likely that this would cause a problem in Asterisk trunk. There was a control frame being sent (SRCUPDATE) at the _very_ beginning of the call, which does not exist in 1.2 or 1.4. However, I am fixing all versions that could potentially be affected by the introduced race condition. These changes are what bbryant and I came up with to fix the issue. Instead of simply dropping control frames that get sent before the handshake is complete, the code attempts to wait a little while, since in most cases, the handshake will complete very quickly. If it doesn't complete after yielding for a little while, then the frame gets dropped. git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@115564 f38db490-d61c-443f-a65b-d21fe96a405b
2008-05-07Remove remnants of dlinkedlists. I didn't actually use them in the final ↵russell2-977/+0
version of my IAX2 improvements. git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@115511 f38db490-d61c-443f-a65b-d21fe96a405b
2008-05-06read requires an argument on some non-bash shellsqwell1-1/+1
(closes issue #12593) Reported by: bkruse Patches: getilbc.sh_12593_v1.diff uploaded by bkruse (license 132) git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@115421 f38db490-d61c-443f-a65b-d21fe96a405b
2008-05-05Merge changes from team/russell/iax2_find_callno_1.2russell5-135/+2493
These changes address a critical performance issue introduced in the latest release. The fix for the latest security issue included a change that made Asterisk randomly choose call numbers to make them more difficult to guess by attackers. However, due to some inefficient (this is by far, an understatement) code, when Asterisk chose high call numbers, chan_iax2 became unusable after just a small number of calls. On a small embedded platform, it would not be able to handle a single call. On my Intel Core 2 Duo @ 2.33 GHz, I couldn't run more than about 16 IAX2 channels. Ouch. These changes address some performance issues of the find_callno() function that have bothered me for a very long time. On every incoming media frame, it iterated through every possible call number trying to find a matching active call. This involved a mutex lock and unlock for each call number checked. So, if the random call number chosen was 20000, then every media frame would cause 20000 locks and unlocks. Previously, this problem was not as obvious since Asterisk always chose the lowest call number it could. A second container for IAX2 pvt structs has been added. It is an astobj2 hash table. When we know the remote side's call number, the pvt goes into the hash table with a hash value of the remote side's call number. Then, lookups for incoming media frames are a very fast hash lookup instead of an absolutely insane array traversal. In a quick test, I was able to get more than 3600% more IAX2 channels on my machine with these changes. git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@115296 f38db490-d61c-443f-a65b-d21fe96a405b
2008-04-29stop script from appending source code if run multiple timeskpfleming1-0/+11
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@114822 f38db490-d61c-443f-a65b-d21fe96a405b
2008-04-22When we receive a full frame that is supposed to contain our call number,russell1-17/+34
ensure that it has the correct one. (closes issue #10078) (AST-2008-006) git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@114561 f38db490-d61c-443f-a65b-d21fe96a405b
2008-03-26update UPGRADE notes to document usage of the scriptkpfleming1-10/+4
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@111125 f38db490-d61c-443f-a65b-d21fe96a405b
2008-03-26add a script to make getting the iLBC source code simple for end userskpfleming1-0/+22
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@111019 f38db490-d61c-443f-a65b-d21fe96a405b
2008-03-26due to licensing restrictions, we cannot distribute the source code for iLBC ↵kpfleming48-7006/+18
encoding and decoding... so remove it, and add instructions on how the user can obtain it themselves git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@110869 f38db490-d61c-443f-a65b-d21fe96a405b
2008-03-20Fix some very broken code that was introduced in 1.2.26 as a part of the ↵russell2-14/+9
security fix. The dnsmgr is not appropriate here. The dnsmgr takes a pointer to an address structure that a background thread continuously updates. However, in these cases, a stack variable was passed. That means that the dnsmgr thread would be continuously writing to bogus memory. git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@110335 f38db490-d61c-443f-a65b-d21fe96a405b
2008-03-18Fix character string being treated as format stringtwilson1-1/+1
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@109488 f38db490-d61c-443f-a65b-d21fe96a405b
2008-03-18Do not return with a successful authentication if the From header ends up empty.qwell1-2/+0
(AST-2008-003) git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@109391 f38db490-d61c-443f-a65b-d21fe96a405b
2008-01-07Change misery.digium.com to pbx.digium.comrussell1-1/+1
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@96931 f38db490-d61c-443f-a65b-d21fe96a405b
2007-12-23Fix for fix for security fix (third time's the charm?)tilghman1-25/+24
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@94661 f38db490-d61c-443f-a65b-d21fe96a405b
2007-12-20Fix another potential seg fault ...russell1-2/+2
(closes issue #11606) Reported by: dimas git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@94255 f38db490-d61c-443f-a65b-d21fe96a405b
2007-12-20Fix a couple of places where it's possible to dereference a NULL pointer.russell1-2/+2
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@94214 f38db490-d61c-443f-a65b-d21fe96a405b
2007-12-18Oops, missed this one casetilghman1-1/+1
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@93675 f38db490-d61c-443f-a65b-d21fe96a405b
2007-12-18Fixing AST-2007-027 (Closes issue #11119)tilghman2-10/+95
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@93667 f38db490-d61c-443f-a65b-d21fe96a405b
2007-11-29Properly escape src and dst fields (Fixes AST-2007-026)tilghman1-11/+16
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@90170 f38db490-d61c-443f-a65b-d21fe96a405b
2007-09-13clarify the OpenSSL and OpenH323 license exceptionskpfleming1-1/+1
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.2@82334 f38db490-d61c-443f-a65b-d21fe96a405b
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-04 15:38:43 +0000