feed/telephony.git
2 years agorestund: fix CVE-2021-21382 717/head
Sebastian Kemper [Mon, 6 Dec 2021 23:02:25 +0000 (00:02 +0100)]
restund: fix CVE-2021-21382

Patches taken from [1].

[1] https://github.com/wireapp/restund/pull/7

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit dec6316f2f9204f3c34fadc7616435ddecf19e6c)

3 years agoMerge pull request #709 from micmac1/1907-sccp-mwi
micmac1 [Tue, 9 Nov 2021 18:03:55 +0000 (19:03 +0100)]
Merge pull request #709 from micmac1/1907-sccp-mwi

[19.07] asterisk-chan-sccp: fix mwi header issue

3 years agoasterisk-chan-sccp: fix mwi header issue 709/head
Sebastian Kemper [Tue, 9 Nov 2021 17:48:13 +0000 (18:48 +0100)]
asterisk-chan-sccp: fix mwi header issue

Asterisk, somewhere between release 16.3.0 and 16.22.0, added a new
header "mwi.h". This causes compile failure, because the chan-sccp
snapshot is not aware.

This adds a patch from upstream to resolve.

All patches refreshed.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #708 from micmac1/1907-fs1107
micmac1 [Sun, 7 Nov 2021 23:25:11 +0000 (00:25 +0100)]
Merge pull request #708 from micmac1/1907-fs1107

[19.07] freeswitch: security update to 1.10.7

3 years agofreetdm: add package 708/head
Sebastian Kemper [Sun, 7 Nov 2021 23:16:10 +0000 (00:16 +0100)]
freetdm: add package

It was moved from the freeswitch source tree into its own package.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agofreeswitch-stable: bump to 1.10.7
Sebastian Kemper [Sun, 7 Nov 2021 23:10:47 +0000 (00:10 +0100)]
freeswitch-stable: bump to 1.10.7

- freetdm is now external
- install libfreeswitch to staging directory for external freetdm
- fix pkgconfig file
- add dependency on libks to mod-verto
- add missing PKG_CONFIG_DEPENDS
- add build fixes
- refresh patches

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agosofia-sip: bump to 1.13.6
Sebastian Kemper [Sun, 7 Nov 2021 23:02:07 +0000 (00:02 +0100)]
sofia-sip: bump to 1.13.6

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #700 from micmac1/ast16.20
micmac1 [Sun, 7 Nov 2021 19:54:39 +0000 (20:54 +0100)]
Merge pull request #700 from micmac1/ast16.20

[19.07] bump pjproject, asterisk & chan-lantiq

3 years agoasterisk-16.x-chan-lantiq: bump for DTMF fix 700/head
Sebastian Kemper [Thu, 4 Nov 2021 17:58:04 +0000 (18:58 +0100)]
asterisk-16.x-chan-lantiq: bump for DTMF fix

Patch and exports file dropped as included upstream.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoasterisk-16.x: bump to 16.22.0
Sebastian Kemper [Wed, 3 Nov 2021 20:43:57 +0000 (21:43 +0100)]
asterisk-16.x: bump to 16.22.0

- add new modules
- add res_timing_timerfd to base package (see commit e538fc3)
- update some module dependencies
- refresh patches
- remove upstreamed patches

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agopjproject: bump to 2.10 + sync with asterisk
Sebastian Kemper [Wed, 3 Nov 2021 18:24:31 +0000 (19:24 +0100)]
pjproject: bump to 2.10 + sync with asterisk

This is a squashed commit of the following:

01. revert of f42ce26555cf8f765e9124bb410cda3e3a445ff4 to be able to
    cleanly cherry-pick from master
02. cherry pick from commit 9ea4a8b49b82db2d208a9a2879fcb531ed44e940
03. cherry pick from commit 5cc8a6719600d22f33c1a0a307c787ba8f8015f6
04. cherry pick from commit 93e08d1ad9d1385256666380d7eb970b1b36f382
05. cherry pick from commit 80d0fbd4054885222a82465965c59a7b18646e3f
06. cherry pick from commit a71a6666d2b5b6beb693b933b82dfe1aeed42f48
07. cherry pick from commit f7fe759fe2d32fe361735035bd764d944af518b6
08. cherry pick from commit 6d6dd129aadba611e8bc603364c4991bc8a9f99d
09. cherry pick from commit 5a916dc3511d01a1dcc629b69cd10ec360a71a15
10. cherry pick from commit 95611304d9c49816a47071f9349d6676569ee299
11. cherry pick from commit 376473b38c0a6f4a8e742a26caafbf484ed1b9c5
12. sync patches with asterisk 16.22.0

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #669 from micmac1/19sof14
micmac1 [Wed, 11 Aug 2021 21:00:42 +0000 (23:00 +0200)]
Merge pull request #669 from micmac1/19sof14

[19.07] sofia-sip: bump to 1.13.4

3 years agosofia-sip: bump to 1.13.4 669/head
Sebastian Kemper [Fri, 6 Aug 2021 18:41:19 +0000 (20:41 +0200)]
sofia-sip: bump to 1.13.4

Fixes some issues, for instance a segfault during shutdown when
sofia-sip wasn't fully loaded, see [1]. The segfault was reproducible
by simply calling "freeswitch -help".

The added patch is to address a library versioning regression, patch is
from upstream.

[1] https://github.com/freeswitch/sofia-sip/issues/58

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #646 from micmac1/fs1106-nua-mem-leak-19.07
micmac1 [Thu, 27 May 2021 20:03:50 +0000 (22:03 +0200)]
Merge pull request #646 from micmac1/fs1106-nua-mem-leak-19.07

[19.07] sofia-sip: add upstream fix for memory leak

3 years agosofia-sip: add upstream fix for memory leak 646/head
Sebastian Kemper [Thu, 27 May 2021 18:17:21 +0000 (20:17 +0200)]
sofia-sip: add upstream fix for memory leak

Upstream provided a patch for a memory leak in Sofia SIP (see [1] for
more information).

[1] https://github.com/signalwire/freeswitch/issues/1174

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #636 from micmac1/fs-modmake-patch-19.07
micmac1 [Thu, 8 Apr 2021 20:02:51 +0000 (22:02 +0200)]
Merge pull request #636 from micmac1/fs-modmake-patch-19.07

[19.07] freeswitch-stable: fix 003-modmake-fix.patch

3 years agofreeswitch-stable: fix 003-modmake-fix.patch 636/head
Sebastian Kemper [Wed, 7 Apr 2021 18:55:44 +0000 (20:55 +0200)]
freeswitch-stable: fix 003-modmake-fix.patch

Somehow this white space change slipped in unintentionally.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #633 from micmac1/fs-1106-1907
micmac1 [Sun, 4 Apr 2021 08:45:18 +0000 (10:45 +0200)]
Merge pull request #633 from micmac1/fs-1106-1907

[19.07] freeswitch-stable: bump to 1.10.6

3 years agofreeswitch-stable: bump to 1.10.6 633/head
Sebastian Kemper [Sat, 3 Apr 2021 08:44:02 +0000 (10:44 +0200)]
freeswitch-stable: bump to 1.10.6

- patches refreshed
- upstreamed patches removed
- hotplug script fix (ntpq output could print a plus that the script
  didn't expect)

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agospandsp3: bump to 2020-10-19
Sebastian Kemper [Sat, 3 Apr 2021 08:39:23 +0000 (10:39 +0200)]
spandsp3: bump to 2020-10-19

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agosofia-sip: bump to 1.13.3
Sebastian Kemper [Sat, 3 Apr 2021 08:37:59 +0000 (10:37 +0200)]
sofia-sip: bump to 1.13.3

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agosignalwire-client-c: bump to 1.3.0
Sebastian Kemper [Sat, 3 Apr 2021 08:36:17 +0000 (10:36 +0200)]
signalwire-client-c: bump to 1.3.0

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agolibks: bump to 1.7.0
Sebastian Kemper [Sat, 3 Apr 2021 08:33:38 +0000 (10:33 +0200)]
libks: bump to 1.7.0

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agoMerge pull request #620 from micmac1/ast-2021-1
Jiri Slachta [Tue, 9 Mar 2021 16:29:57 +0000 (17:29 +0100)]
Merge pull request #620 from micmac1/ast-2021-1

[19.07] asterisk/pjproject: add patches for recently published Asterisk security notices

3 years agoasterisk-16.x: add patch for AST-2021-001 620/head
Sebastian Kemper [Sun, 7 Mar 2021 10:07:20 +0000 (11:07 +0100)]
asterisk-16.x: add patch for AST-2021-001

180-AST-2019-007-16.diff refreshed.

Upstream patch for AST-2021-001 added. This patch is mainly for
res_pjsip_diversion, but the part that is patched there was added later
("res_pjsip_diversion: implement support for History-Info"), so asterisk
16.3.0 is not affected. Hence the res_pjsip_diversion part was removed
from the patch. The patch resolves similar overflow situations in
res_pjsip_path and res_pjsip_outbound_registration, so these were kept.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
3 years agopjproject: add patch for AST-2021-005
Sebastian Kemper [Sun, 7 Mar 2021 10:04:44 +0000 (11:04 +0100)]
pjproject: add patch for AST-2021-005

https://downloads.asterisk.org/pub/security/AST-2021-005.html
https://issues.asterisk.org/jira/browse/ASTERISK-29196

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #587 from micmac1/19.07AST
Jiri Slachta [Mon, 23 Nov 2020 20:52:23 +0000 (21:52 +0100)]
Merge pull request #587 from micmac1/19.07AST

[19.07] asterisk-16.x: fix AST-2020-001 and 002

4 years agoasterisk-16.x: fix AST-2020-001 and 002 587/head
Sebastian Kemper [Fri, 6 Nov 2020 20:18:23 +0000 (21:18 +0100)]
asterisk-16.x: fix AST-2020-001 and 002

Patches used:

http://downloads.asterisk.org/pub/security/AST-2020-001-16.diff
http://downloads.asterisk.org/pub/security/AST-2020-002-16.diff

Patch AST-2020-002-16.diff was amended a bit in res/res_pjsip_session.c:

if (++session->authentication_challenge_count > MAX_RX_CHALLENGES) {
ast_debug(3, "%s: Initial INVITE reached maximum number of auth attempts.\n", ast_sip_session_get_name(session));
return PJ_FALSE;
}

The above was not possible, because of missing bits introduced only in a
later version of Asterisk 16 (see upstream commit [1]). So the ast_debug
call was simplified accordingly.

Both patches were refreshed within OpenWrt SDK.

[1] https://github.com/asterisk/asterisk/commit/6abf6f345dbd0510d8a217d16cc1819e4d2bf815

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #574 from guidosarducci/19.07-update-siproxd-0.8.3
Jiri Slachta [Tue, 22 Sep 2020 09:25:09 +0000 (11:25 +0200)]
Merge pull request #574 from guidosarducci/19.07-update-siproxd-0.8.3

[19.07] siproxd: update to version 0.8.3, improve logging and memory usage

4 years agosiproxd: update to version 0.8.3, improve logging and memory usage 574/head
Tony Ambardar [Sun, 30 Aug 2020 06:21:35 +0000 (23:21 -0700)]
siproxd: update to version 0.8.3, improve logging and memory usage

This release includes bug fixes and improvements accumulated over the last
4 years of development snapshots [1].

Bump upstream version, build new plugins 'stats' and 'blacklist', and add
an 'sqlite3' package dependency for siproxd-mod-blacklist.

Disable procd capturing stderr to syslog, since siproxd in 'foreground'
mode writes both to syslog and stderr, duplicating log messages.

Include a patch to drastically reduce memory usage (RSS from 17MB to 5MB
on ipq40xx platform):

  * 005-reduce-rtpproxy-urlmap-size.patch

Drop the following patches now included upstream:

  * 010-syslog-msg.patch
  * 100-musl-compat.patch

[1] http://siproxd.sourceforge.net/index.php?op=changelog.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
4 years agoMerge pull request #573 from micmac1/span3xml2-1907
micmac1 [Sun, 20 Sep 2020 18:19:44 +0000 (20:19 +0200)]
Merge pull request #573 from micmac1/span3xml2-1907

[19.07] spandsp3: prevent host include search paths

4 years agospandsp3: prevent host include search paths 573/head
Sebastian Kemper [Sun, 20 Sep 2020 11:40:56 +0000 (13:40 +0200)]
spandsp3: prevent host include search paths

Note the host include path for libxml2 below. This shouldn't cause an
issue because libxml2 is never used. But better safe than sorry as the
configure script probes other host include paths as well.

/bin/sh ../libtool  --tag=CC   --mode=compile ccache_cc -DHAVE_CONFIG_H -I.  -I.. -I/openwrt/staging_dir/target-mips_24kc_musl/usr/include -I/openwrt/staging_dir/toolchain-mips_24kc_gcc-10.2.0_musl/usr/include -I/openwrt/staging_dir/toolchain-mips_24kc_gcc-10.2.0_musl/include/fortify -I/openwrt/staging_dir/toolchain-mips_24kc_gcc-10.2.0_musl/include  -I/usr/include/libxml2 -DNDEBUG -Wunused-but-set-variable -std=gnu99 -ffast-math -Wall -Wunused-variable -Wwrite-strings -Wstrict-prototypes -Wmissing-prototypes -fvisibility=hidden -DHAVE_VISIBILITY=1  -Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -msoft-float -mips16 -minterlink-mips16 -fmacro-prefix-map=/openwrt/build_dir/target-mips_24kc_musl/spandsp3-2020-08-14-6ec23e5a=spandsp3-2020-08-14-6ec23e5a -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro   -MT dds_float.lo -MD -MP -MF .deps/dds_float.Tpo -c -o dds_float.lo dds_float.c

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #570 from micmac1/1907fs10105
micmac1 [Thu, 17 Sep 2020 17:15:38 +0000 (19:15 +0200)]
Merge pull request #570 from micmac1/1907fs10105

(19.07) freeswitch-stable: bump to 1.10.5

4 years agofreeswitch-stable: bump to 1.10.5 570/head
Sebastian Kemper [Fri, 11 Sep 2020 12:01:34 +0000 (14:01 +0200)]
freeswitch-stable: bump to 1.10.5

Includes some backports from master.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agospandsp3: backport from master
Sebastian Kemper [Fri, 11 Sep 2020 12:01:02 +0000 (14:01 +0200)]
spandsp3: backport from master

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agosofia-sip: backport from master
Sebastian Kemper [Fri, 11 Sep 2020 12:00:45 +0000 (14:00 +0200)]
sofia-sip: backport from master

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #539 from micmac1/fs-check-19
micmac1 [Wed, 10 Jun 2020 18:22:21 +0000 (20:22 +0200)]
Merge pull request #539 from micmac1/fs-check-19

[19.07] freeswitch-stable: prevent libcheck use

4 years agofreeswitch-stable: prevent libcheck use 539/head
Sebastian Kemper [Tue, 9 Jun 2020 17:05:40 +0000 (19:05 +0200)]
freeswitch-stable: prevent libcheck use

Currently we disable some sofia tests to prevent build failure. An issue
was actually raised upstream ([1]) where this was discussed.

This cleared up some doubts. For instance it was established that
libcheck is used as a test framework, if the lib is detected. In OpenWrt
libcheck is available, so it may be in staging during the freeswitch
build.

Upstream also mentioned that libcheck is not always compatible with
freeswitch, which depends on the libcheck version.

This commit prevents libcheck detection. This is nicer than explicitly
disabling tests that fail.

[1] https://github.com/signalwire/freeswitch/issues/681

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #535 from micmac1/fs110319
micmac1 [Sat, 30 May 2020 05:10:03 +0000 (07:10 +0200)]
Merge pull request #535 from micmac1/fs110319

[19.07] freeswitch-stable: bump to 1.10.3

4 years agofreeswitch-stable: bump to 1.10.3 535/head
Sebastian Kemper [Tue, 26 May 2020 19:35:20 +0000 (21:35 +0200)]
freeswitch-stable: bump to 1.10.3

Minor version bump. Backport from master.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #513 from micmac1/ast-1907-keys
Jiri Slachta [Sat, 4 Apr 2020 08:15:59 +0000 (10:15 +0200)]
Merge pull request #513 from micmac1/ast-1907-keys

[openwrt-19.07] asterisk-16.x: update keys directory in init script

4 years agoasterisk-16.x: update keys directory in init script 513/head
Sebastian Kemper [Fri, 3 Apr 2020 18:10:42 +0000 (20:10 +0200)]
asterisk-16.x: update keys directory in init script

Currently the init script creates "/var/lib/asterisk/keys". But the
default keys directory is actually "/usr/share/asterisk/keys".

This commit amends the init script.

Resolves: #512

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #506 from BKPepe/fix-patch-for-aslr-pie
Jiri Slachta [Sun, 8 Mar 2020 12:17:00 +0000 (13:17 +0100)]
Merge pull request #506 from BKPepe/fix-patch-for-aslr-pie

asterisk-16.x: 056-fix-check_expr2-build.patch - rebase

4 years agoasterisk-16.x: 056-fix-check_expr2-build.patch - rebase 506/head
Josef Schlehofer [Sat, 7 Mar 2020 22:47:45 +0000 (23:47 +0100)]
asterisk-16.x: 056-fix-check_expr2-build.patch - rebase

Fixes: 1ea2095081a5a2e04dfabefe3f9922a2b2f1d250 (asterisk-16.x: fix
compile with PKG_ASLR_PIE)

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
4 years agoMerge pull request #505 from BKPepe/fix-hardening-asterisk-19.07
Jiri Slachta [Sat, 7 Mar 2020 12:11:29 +0000 (13:11 +0100)]
Merge pull request #505 from BKPepe/fix-hardening-asterisk-19.07

[19.07] asterisk-16.x: fix compile with PKG_ASLR_PIE

4 years agoasterisk-16.x: fix compile with PKG_ASLR_PIE 505/head
Sebastian Kemper [Sat, 11 Jan 2020 22:44:38 +0000 (23:44 +0100)]
asterisk-16.x: fix compile with PKG_ASLR_PIE

CFLAGS aren't used when compiling objects for check_expr2. This commits
adds the flags, which fixes the compilation when PKG_ASLR_PIE is
enabled. Note: The STANDALONE define is removed because it is already
defined in _ASTCFLAGS.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 357949967f330ae1e6d199d1c362f2666de82c43)

4 years agoMerge pull request #501 from micmac1/19.07-fs-1102
micmac1 [Wed, 1 Jan 2020 14:24:49 +0000 (15:24 +0100)]
Merge pull request #501 from micmac1/19.07-fs-1102

[19.07] freeswitch-stable: bump to 1.10.2

4 years agofreeswitch-stable: bump to 1.10.2 501/head
Sebastian Kemper [Wed, 1 Jan 2020 14:11:19 +0000 (15:11 +0100)]
freeswitch-stable: bump to 1.10.2

Patches refreshed, two patches removed (included upstream), fixed one
typo (will send pull request to upstream if nobody did so yet).

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #498 from micmac1/1907-fix-weak-md
micmac1 [Fri, 20 Dec 2019 09:11:54 +0000 (10:11 +0100)]
Merge pull request #498 from micmac1/1907-fix-weak-md

[19.07] freeswitch-stable: fix weak md in gentls_cert

4 years agofreeswitch-stable: fix weak md in gentls_cert 498/head
Sebastian Kemper [Fri, 20 Dec 2019 08:32:20 +0000 (09:32 +0100)]
freeswitch-stable: fix weak md in gentls_cert

gentls_cert generates certificates that are deemed too weak by Debian's
OpenSSL (on Buster and up). This patch upgrades the message digest to
SHA256 to address this.

See patch for details. Sent upstream ([1]).

[1] https://github.com/signalwire/freeswitch/pull/126

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #496 from micmac1/backport-sigwire
micmac1 [Tue, 17 Dec 2019 18:10:45 +0000 (19:10 +0100)]
Merge pull request #496 from micmac1/backport-sigwire

[19.07] freeswitch-stable: backport mod-signalwire + libs from master

4 years agofreeswitch-stable: add mod_signalwire 496/head
Sebastian Kemper [Sun, 6 Oct 2019 12:55:44 +0000 (14:55 +0200)]
freeswitch-stable: add mod_signalwire

This plugin allows to make a connection to the SignalWire CLOUD.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agosignalwire-client-c: new package
Sebastian Kemper [Sun, 6 Oct 2019 12:53:59 +0000 (14:53 +0200)]
signalwire-client-c: new package

signalwire-client-c is a dependency of mod-signalwire.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agolibks: new package
Sebastian Kemper [Sun, 6 Oct 2019 12:53:06 +0000 (14:53 +0200)]
libks: new package

libks is a dependency of signalwire-client-c.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agoMerge pull request #488 from micmac1/19.07-AST-2019-006_007
Jiri Slachta [Sun, 1 Dec 2019 21:21:05 +0000 (22:21 +0100)]
Merge pull request #488 from micmac1/19.07-AST-2019-006_007

[19.07] asterisk-16.x: add fixes for AST-2019-006 and 007

4 years agoMerge pull request #493 from micmac1/fs-vpx-cve-1907
micmac1 [Fri, 29 Nov 2019 20:15:49 +0000 (21:15 +0100)]
Merge pull request #493 from micmac1/fs-vpx-cve-1907

(19.07) freeswitch-stable: fix libvpx CVEs + T38 patch

4 years agofreeswitch-stable: patch CVEs in included libvpx 493/head
Sebastian Kemper [Fri, 29 Nov 2019 19:41:11 +0000 (20:41 +0100)]
freeswitch-stable: patch CVEs in included libvpx

Patch taken from Debian Buster, fixes:

CVE-2019-9232
CVE-2019-9325
CVE-2019-9371
CVE-2019-9433

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agofreeswitch-stable: add T.38 reINVITE fix
Sebastian Kemper [Fri, 29 Nov 2019 19:38:52 +0000 (20:38 +0100)]
freeswitch-stable: add T.38 reINVITE fix

Patch sent upstream. It's a one-liner with a big explanation within the
patch.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
4 years agofreeswitch-stable: remove warning
Sebastian Kemper [Fri, 29 Nov 2019 19:37:39 +0000 (20:37 +0100)]
freeswitch-stable: remove warning

The warning can be removed, as 19.07 is not affected.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoasterisk-16.x: add fixes for AST-2019-006 and 007 488/head
Sebastian Kemper [Fri, 22 Nov 2019 17:53:28 +0000 (18:53 +0100)]
asterisk-16.x: add fixes for AST-2019-006 and 007

https://downloads.asterisk.org/pub/security/AST-2019-006.html
https://downloads.asterisk.org/pub/security/AST-2019-007.html

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #456 from micmac1/AST-2019-004-19.07
Jiri Slachta [Fri, 20 Sep 2019 16:18:10 +0000 (18:18 +0200)]
Merge pull request #456 from micmac1/AST-2019-004-19.07

[19.07] asterisk-16.x: add patch for AST-2019-004

5 years agoMerge pull request #454 from micmac1/1907-baresip-recurs
Jiri Slachta [Fri, 20 Sep 2019 16:03:49 +0000 (18:03 +0200)]
Merge pull request #454 from micmac1/1907-baresip-recurs

[19.07] baresip: fix recursive dependency

5 years agoasterisk-16.x: add patch for AST-2019-004 456/head
Sebastian Kemper [Thu, 5 Sep 2019 17:58:52 +0000 (19:58 +0200)]
asterisk-16.x: add patch for AST-2019-004

Add patch for a remote crash vulnerability. Crash can occur when
negotiating for T.38 with a declined stream.

CVE-2019-15297

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agobaresip: fix recursive dependency 454/head
Sebastian Kemper [Wed, 4 Sep 2019 20:37:30 +0000 (22:37 +0200)]
baresip: fix recursive dependency

Since OpenWrt commit e82a4d9cfb ("config: regenerate *_shipped sources")
a few recursive dependencies have been discovered that were not visible
before.

$ make menuconfig
tmp/.config-package.in:103098:error: recursive dependency detected!
For a resolution refer to Documentation/kbuild/kconfig-language.txt
subsection "Kconfig recursive dependency limitations"
tmp/.config-package.in:103098: symbol PACKAGE_baresip-mod-pulse depends on PACKAGE_baresip-mod-pulse
tmp/.config-package.in:121863:error: recursive dependency detected!
For a resolution refer to Documentation/kbuild/kconfig-language.txt
subsection "Kconfig recursive dependency limitations"
tmp/.config-package.in:121863: symbol PACKAGE_pulseaudio-profiles depends on PACKAGE_pulseaudio-profiles
tmp/.config-package.in:121878:error: recursive dependency detected!
For a resolution refer to Documentation/kbuild/kconfig-language.txt
subsection "Kconfig recursive dependency limitations"
tmp/.config-package.in:121878: symbol PACKAGE_pulseaudio-tools depends on PACKAGE_pulseaudio-tools

The recursive dependencies were reported at [1] and [2].

This commit addresses the recursive dependency of baresip-mod-pulse. The
new dependency string may look a bit peculiar, but it works and when
specified like this pulseaudio (when selected) doesn't get compiled
automatically when the intention is only to build baresip with mod-pulse
disabled (which in general is why we have the "patsubst" in the module
builder - but this is only triggered when the dependency has a leading
"+").

[1] https://github.com/openwrt/packages/issues/9300
[2] https://forum.openwrt.org/t/make-menuconfig-errors-this-day/38673/5

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #453 from micmac1/19.07fs1.10.1
micmac1 [Sun, 1 Sep 2019 09:57:30 +0000 (11:57 +0200)]
Merge pull request #453 from micmac1/19.07fs1.10.1

freeswitch-stable: import 1.10.1 from master

5 years agofreeswitch-stable: import 1.10.1 from master 453/head
Sebastian Kemper [Sun, 1 Sep 2019 09:51:04 +0000 (11:51 +0200)]
freeswitch-stable: import 1.10.1 from master

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #440 from jslachta/asterisk-13-removal-1907
Jiri Slachta [Sun, 14 Jul 2019 18:35:28 +0000 (20:35 +0200)]
Merge pull request #440 from jslachta/asterisk-13-removal-1907

asterisk-13.x: move package to abandoned packages

5 years agoasterisk-13.x: move package to abandoned packages 440/head
Jiri Slachta [Sun, 14 Jul 2019 17:25:59 +0000 (19:25 +0200)]
asterisk-13.x: move package to abandoned packages

Signed-off-by: Jiri Slachta <jiri@slachta.eu>
5 years agoMerge pull request #437 from micmac1/19-ast13-AST-2019-002-and-003
Jiri Slachta [Fri, 12 Jul 2019 20:14:22 +0000 (22:14 +0200)]
Merge pull request #437 from micmac1/19-ast13-AST-2019-002-and-003

(for 19.07) asterisk-1{3,6}.x: fix AST-2019-002 & AST-2019-003

5 years agoasterisk-16.x: fix AST-2019-002 & AST-2019-003 437/head
Sebastian Kemper [Fri, 12 Jul 2019 18:44:43 +0000 (20:44 +0200)]
asterisk-16.x: fix AST-2019-002 & AST-2019-003

https://downloads.asterisk.org/pub/security/AST-2019-002.html
https://downloads.asterisk.org/pub/security/AST-2019-003.html

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoasterisk-13.x: fix AST-2019-002 & AST-2019-003
Sebastian Kemper [Fri, 12 Jul 2019 18:43:14 +0000 (20:43 +0200)]
asterisk-13.x: fix AST-2019-002 & AST-2019-003

https://downloads.asterisk.org/pub/security/AST-2019-002.html
https://downloads.asterisk.org/pub/security/AST-2019-003.html

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agofreeswitch: move to packages-abandoned repository
Jiri Slachta [Sun, 16 Jun 2019 10:53:51 +0000 (12:53 +0200)]
freeswitch: move to packages-abandoned repository

Signed-off-by: Jiri Slachta <jiri@slachta.eu>
5 years agoMerge pull request #428 from micmac1/fs-186
micmac1 [Mon, 10 Jun 2019 13:18:12 +0000 (15:18 +0200)]
Merge pull request #428 from micmac1/fs-186

freeswitch-stable: bump to 1.8.6

5 years agofreeswitch-stable: bump to 1.8.6 428/head
Sebastian Kemper [Mon, 10 Jun 2019 12:44:12 +0000 (14:44 +0200)]
freeswitch-stable: bump to 1.8.6

- refresh patches
- drop RAND_bytes patch which was upstreamed
- fix ei_init detection
- add opusfile module

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #426 from micmac1/fs-init-awk
micmac1 [Sun, 12 May 2019 12:07:37 +0000 (14:07 +0200)]
Merge pull request #426 from micmac1/fs-init-awk

freeswitch-stable: init script update

5 years agofreeswitch-stable: init script update 426/head
Sebastian Kemper [Sun, 12 May 2019 11:57:54 +0000 (13:57 +0200)]
freeswitch-stable: init script update

- added trailing '--' to logger to make it foolproof
- the script now checks if user and group exist
- directory creation is now done via awk script (more robust)

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #425 from micmac1/sccp-gcc8
Jiri Slachta [Wed, 8 May 2019 18:55:03 +0000 (20:55 +0200)]
Merge pull request #425 from micmac1/sccp-gcc8

asterisk-chan-sccp: fix gcc8 compiles

5 years agoasterisk-chan-sccp: fix gcc8 compiles 425/head
Sebastian Kemper [Wed, 8 May 2019 18:15:36 +0000 (20:15 +0200)]
asterisk-chan-sccp: fix gcc8 compiles

Patch applied upstream. Fixes compiles for arc targets, which already
use new gcc8 toolchain.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #422 from micmac1/ast16-mod-desc
Jiri Slachta [Mon, 6 May 2019 18:53:25 +0000 (20:53 +0200)]
Merge pull request #422 from micmac1/ast16-mod-desc

asterisk-16.x: update module descriptions

5 years agoasterisk-15.x: drop support for asterisk-15.x
Jiri Slachta [Sun, 5 May 2019 20:10:53 +0000 (22:10 +0200)]
asterisk-15.x: drop support for asterisk-15.x

This commit drops support for asterisk-15.x in favor
of asterisk-16.x.

Signed-off-by: Jiri Slachta <jiri@slachta.eu>
5 years agoMerge pull request #424 from micmac1/16lantiq
Jiri Slachta [Sun, 5 May 2019 08:37:24 +0000 (10:37 +0200)]
Merge pull request #424 from micmac1/16lantiq

asterisk-16.x-chan-lantiq: add compile fix

5 years agoasterisk-16.x-chan-lantiq: add compile fix 424/head
Sebastian Kemper [Sat, 4 May 2019 20:32:17 +0000 (22:32 +0200)]
asterisk-16.x-chan-lantiq: add compile fix

Patch from upstream pull request
(https://github.com/kochstefan/asterisk_channel_lantiq/pull/3).

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #423 from micmac1/ast16-semaphores
Jiri Slachta [Sat, 4 May 2019 05:47:50 +0000 (07:47 +0200)]
Merge pull request #423 from micmac1/ast16-semaphores

asterisk-16.x: disable semaphores only on uClibc

5 years agoMerge pull request #417 from micmac1/ast16-add2
Jiri Slachta [Thu, 2 May 2019 10:01:13 +0000 (12:01 +0200)]
Merge pull request #417 from micmac1/ast16-add2

Asterisk 16 additions II

5 years agoMerge pull request #412 from dhewg/pull/asterisk16
Jiri Slachta [Thu, 2 May 2019 09:59:30 +0000 (11:59 +0200)]
Merge pull request #412 from dhewg/pull/asterisk16

Asterisk 16 additions

5 years agoasterisk-opus: add variant for asterisk 16 412/head
Andre Heider [Fri, 12 Oct 2018 10:41:59 +0000 (12:41 +0200)]
asterisk-opus: add variant for asterisk 16

Signed-off-by: Andre Heider <a.heider@gmail.com>
5 years agoasterisk-g72x: add variant for asterisk 16
Andre Heider [Fri, 12 Oct 2018 10:41:45 +0000 (12:41 +0200)]
asterisk-g72x: add variant for asterisk 16

Signed-off-by: Andre Heider <a.heider@gmail.com>
5 years agopjproject: add patches from asterisk's bundled pjproject
Andre Heider [Wed, 30 Jan 2019 10:16:56 +0000 (11:16 +0100)]
pjproject: add patches from asterisk's bundled pjproject

"check whether UPDATE is supported on outgoing calls", commit 5de36abd:

In ASTERISK-27095 an issue had been fixed because of which chan_pjsip was not
trying to send UPDATE messages when connected_line_method was set to invite.
However this only solved the issue for incoming INVITES. For outgoing INVITES
(important when transferring calls) the options variable needs to be updated
at a different place.

"Add patch for double free issue in timer heap", commit 9c11399b:

Fixed #2172: Avoid double reference counter decrements in
timer in the scenario of race condition between
pj_timer_heap_cancel() and pj_timer_heap_poll().

"Add timer patch from pjproject r5934", commit d4cd2a97.

Signed-off-by: Andre Heider <a.heider@gmail.com>
5 years agoasterisk-16.x: disable semaphores only on uClibc 423/head
Sebastian Kemper [Wed, 1 May 2019 18:43:34 +0000 (20:43 +0200)]
asterisk-16.x: disable semaphores only on uClibc

The current patch disables semaphore use always. But musl and glibc
support semaphores. Only uClibc doesn't support them (the functions are
defined but just throw an error when called).

The patch is updated to allow Asterisk to use the system semaphores when
using anything but uClibc. It is also renamed to reflect that.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoasterisk-16.x: update module descriptions 422/head
Sebastian Kemper [Wed, 1 May 2019 18:32:49 +0000 (20:32 +0200)]
asterisk-16.x: update module descriptions

The current module descriptions look a bit topsy-turvy.

This updates the BuildAsteriskModule macro to simply take any sentence
(without trying to integrate the input into another string). If the
input contains '\n' a line break is inserted.

The module descriptions were updated from menuselect-tree.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #411 from micmac1/ast16
Jiri Slachta [Wed, 1 May 2019 09:43:22 +0000 (11:43 +0200)]
Merge pull request #411 from micmac1/ast16

asterisk-16: new package

5 years agoasterisk-16.x: add Asterisk 16 411/head
Sebastian Kemper [Sat, 27 Apr 2019 14:04:34 +0000 (16:04 +0200)]
asterisk-16.x: add Asterisk 16

Initial commit of Asterisk 16. Cleans up Makefile; the version number
now only occurs once in it.

Upstream removed the following modules:

  - format_jpeg
  - res_pjsip_registrar_expire (functionality was moved into
    res_pjsip_registrar.)

pjsip has a new dependency, res-http-websocket.

Notes:

  - replaced res_ninit patch

    Replaced patch with the one from Alpine. It's a bit more flexible and
    allows usage of res_ninit where available (when building against
    glibc).

  - fixed musl compiles

    astmm.h now always gets included by asterisk.h, redefining allocators.
    This causes breakage on musl:

    ccache_cc -o chan_pjsip.o -c chan_pjsip.c -MD -MT chan_pjsip.o -MF .chan_pjsip.o.d -MP -pthread -I/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include -Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -msoft-float -mips16 -minterlink-mips16 -iremap/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1:asterisk-16.2.1 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/include -I/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-7.4.0_musl/usr/include -I/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-7.4.0_musl/include/fortify -I/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-7.4.0_musl/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/include    -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/include/libxml2  -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations       -fPIC -DAST_MODULE=\"chan_pjsip\" -DAST_MODULE_SELF_SYM=__internal_chan_pjsip_self  -DPJ_AUTOCONF=1 -DPJ_IS_BIG_ENDIAN=1 -DPJ_IS_LITTLE_ENDIAN=0 -fPIC -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/include
    In file included from /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include/asterisk.h:23:0,
                     from chan_pjsip.c:35:
    /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include/asterisk/astmm.h:158:35: error: expected '=', ',', ';', 'asm' or '__attribute__' before '->' token
      Do_not_use_calloc__use_ast_calloc->fail(a, b)
                                       ^
    /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include/asterisk/astmm.h:162:77: error: expected '=', ',', ';', 'asm' or '__attribute__' before '->' token
      Do_not_use_free__use_ast_free_or_ast_std_free_for_remotely_allocated_memory->fail(a)
                                                                                 ^
    make[4]: *** [/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/Makefile.rules:153: chan_pjsip.o] Error 1

    The problem is that with _GNU_SOURCE defined musl also declares calloc in
    <sched.h> - and when asterisk's source includes <sched.h> _after_
    "asterisk/astmm.h" the definition clashes with the macro. Timo Teräs from
    Alpine Linux fixed this by including <pthread.h> in "asterisk/compat.h". He
    chose to include <pthread.h> instead of <sched.h> because the original
    header inclusion chain seems to be "asterisk/astobj2.h" ->
    "asterisk/lock.h" -> <pthread.h> -> <sched.h>. It seems Asterisk
    practically never includes <sched.h> directly.

  - added loader workaround for musl

    When the modules are loaded, asterisk segfaults on musl.

       Asterisk Dynamic Loader Starting:
      [Mar  2 22:30:05] NOTICE[20712]: loader.c:2230 load_modules: 91 modules will be loaded.
      Segmentation fault

      [48817.544248] do_page_fault(): sending SIGSEGV to asterisk for invalid read access from 00000000
      [48817.544258] epc = 77f6b764 in libc.so[77ef8000+94000]
      [48817.544285] ra  = 0048d579 in asterisk[400000+160000]

    The real problem is that the loader expects dlopen to always run the
    constructor, which doesn't happen with musl, because its dlopen is
    permanent.

    This commit adds a new configure switch '--enable-permanent-dlopen'.
    When enabled, the loader will manually call 'ast_module_register(...)'
    and 'ast_module_unregister(...)' when needed.

  - allow eventfd detection

    Asterisk 16 wants to use eventfd, but it doesn't allow the detection
    during cross-compiling. This results in runtime warnings, for instance
    when shutting down:

      [Mar  2 22:37:41] WARNING[21593]: alertpipe.c:112 ast_alertpipe_read: read() failed: Bad file descriptor
      [Mar  2 22:37:41] WARNING[21593]: alertpipe.c:112 ast_alertpipe_read: read() failed: Bad file descriptor
      [Mar  2 22:37:41] WARNING[21593]: alertpipe.c:112 ast_alertpipe_read: read() failed: Bad file descriptor

    Relax the configure script so that eventfd can also be detected when
    cross-compiling.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agoMerge pull request #420 from micmac1/baresip-062
Jiri Slachta [Tue, 30 Apr 2019 16:42:54 +0000 (18:42 +0200)]
Merge pull request #420 from micmac1/baresip-062

baresip: update and a bit of polishing

5 years agobaresip: update to 0.6.2 420/head
Sebastian Kemper [Sun, 21 Apr 2019 13:27:21 +0000 (15:27 +0200)]
baresip: update to 0.6.2

- echo module is now built by default
- natbd, v4l, x264 don't exist anymore

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agobaresip: update default config
Sebastian Kemper [Sun, 21 Apr 2019 13:24:09 +0000 (15:24 +0200)]
baresip: update default config

This adds two (three, really) sed scripts to update the default
configuration. All example accounts are getting disabled/commented. And
the module_path is set to the actual path.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agobaresip: amend file permissions
Sebastian Kemper [Sun, 21 Apr 2019 13:21:36 +0000 (15:21 +0200)]
baresip: amend file permissions

The files in /usr/share/baresip are all read-only anyway, so
INSTALL_DATA can be used.

Use it as well for the included (default) modules, otherwise they'll
have different permissions than the extra modules.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agobaresip: rely on procd for shutdown
Sebastian Kemper [Sun, 21 Apr 2019 13:18:46 +0000 (15:18 +0200)]
baresip: rely on procd for shutdown

No need to stop baresip manually. Just let procd handle it.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agobaresip: do not disable on upgrade
Sebastian Kemper [Sun, 21 Apr 2019 13:17:29 +0000 (15:17 +0200)]
baresip: do not disable on upgrade

It is not a nice user experience when a package changes configuration
files during an upgrade. Remove this from the postinstall routine.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agobaresip: disable ffmpeg support on i386
Sebastian Kemper [Sun, 21 Apr 2019 13:14:11 +0000 (15:14 +0200)]
baresip: disable ffmpeg support on i386

The ffmpeg full variant does not compile on i386_pentium currently.
Disable ffmpeg support on i386 to prevent breakage on the buildbots.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
5 years agorestund: do not disable on upgrade
Sebastian Kemper [Sun, 21 Apr 2019 13:11:42 +0000 (15:11 +0200)]
restund: do not disable on upgrade

It is not a nice user experience when a package changes configuration
files during an upgrade. Remove this from the postinstall routine.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>