Created by Paul Belanger and last modified
Get this branch:
bzr branch lp://qastaging/asterisk/10

Branch merges

Related bugs

Related blueprints

Branch information

Registry Administrators

Import details

Import Status: Suspended

This branch is an import of the Subversion branch from http://svn.asterisk.org/svn/asterisk/branches/10.

Last successful import was .

Import started on neumayer and finished taking 4 minutes — see the log
Import started on russkaya and finished taking 12 minutes — see the log
Import started on russkaya and finished taking 3 minutes — see the log
Import started on neumayer and finished taking 4 minutes — see the log

Recent revisions

22648. By dlee

security: Inhibit execution of privilege escalating functions

This patch allows individual dialplan functions to be marked as
'dangerous', to inhibit their execution from external sources.

A 'dangerous' function is one which results in a privilege escalation.
For example, if one were to read the channel variable SHELL(rm -rf /)
Bad Things(TM) could happen; even if the external source has only read

Execution from external sources may be enabled by setting
'live_dangerously' to 'yes' in the [options] section of asterisk.conf.
Although doing so is not recommended.

(closes issue ASTERISK-22905)
Review: http://reviewboard.digium.internal/r/432/

Merged revisions 403913 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22647. By sgriepentrog

app_sms: BufferOverflow when receiving odd length 16 bit message

This patch prevents an infinite loop overwriting memory when
a message is received into the unpacksms16() function, where
the length of the message is an odd number of bytes.

(closes issue ASTERISK-22590)
Reported by: Jan Juergens
Tested by: Jan Juergens

Merged revisions 403853 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22646. By kharwell

Fix memory leaks

(closes issue ASTERISK-22368)
Reported by: Corey Farrell
     issueA22368_mixmonitor_free_filename.patch uploaded by wdoekes (license 5674)

22645. By mjordan

AST-2013-005: Fix crash caused by invalid SDP

If the SIP channel driver processes an invalid SDP that defines media
descriptions before connection information, it may attempt to reference
the socket address information even though that information has not yet
been set. This will cause a crash.

This patch adds checks when handling the various media descriptions that
ensures the media descriptions are handled only if we have connection
information suitable for that media.

Thanks to Walter Doekes, OSSO B.V., for reporting, testing, and providing
the solution to this problem.

(closes issue ASTERISK-22007)
Reported by: wdoekes
Tested by: wdoekes
  issueA22007_sdp_without_c_death.patch uploaded by wdoekes (License 5674)

Merged revisions 397756 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22644. By mjordan

AST-2013-004: Fix crash when handling ACK on dialog that has no channel

A remote exploitable crash vulnerability exists in the SIP channel driver if an
ACK with SDP is received after the channel has been terminated. The handling
code incorrectly assumed that the channel would always be present.

This patch adds a check such that the SDP will only be parsed and applied if
Asterisk has a channel present that is associated with the dialog.

Note that the patch being applied was modified only slightly from the patch
provided by Walter Doekes of OSSO B.V.

(closes issue ASTERISK-21064)
Reported by: Colin Cuthbertson
Tested by: wdoekes, Colin Cutherbertson
  issueA21064_fix.patch uploaded by wdoekes (License 5674)

Merged revisions 397710 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22643. By may

reject call attempts when gatekeeper is configured but not registered

(closes issue ASTERISK-21800)
Reported by: Dmitry Melekhov
Tested by: Dmitry Melekhov

Merged revisions 390181 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22642. By mjordan

AST-2013-003: Prevent username disclosure in SIP channel driver

When authenticating a SIP request with alwaysauthreject enabled, allowguest
disabled, and autocreatepeer disabled, Asterisk discloses whether a user
exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
information is disclosed when:
 * A "407 Proxy Authentication Required" response is sent instead of a
   "401 Unauthorized" response
 * The presence or absence of additional tags occurs at the end of "403
   Forbidden" (such as "(Bad Auth)")
 * A "401 Unauthorized" response is sent instead of "403 Forbidden" response
   after a retransmission
 * Retransmission are sent when a matching peer did not exist, but not when a
   matching peer did exist.

This patch resolves these various vectors by ensuring that the responses sent
in all scenarios is the same, regardless of the presence of a matching peer.

This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
the testing and the solution to this problem was done by Walter as well - a
huge thanks to his tireless efforts in finding all the ways in which this
setting didn't work, providing automated tests, and working with Kinsey on
getting this fixed.

(closes issue ASTERISK-21013)
Reported by: wdoekes
Tested by: wdoekes, kmoore
  AST-2013-003-1.8 uploaded by kmoore, wdoekes (License 6273, 5674)
  AST-2013-003-10 uploaded by kmoore, wdoekes (License 6273, 5674)
  AST-2013-003-11 uploaded by kmoore, wdoekes (License 6273, 5674)

22641. By mjordan

AST-2013-002: Prevent denial of service in HTTP server

AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
HTTP server for a remotely-triggered crash. While the fix put in place fixed
the possibility for the crash to be triggered, a denial of service vector still
exists with that solution if an attacker sends one or more HTTP POST requests
with very large Content-Length values. This patch resolves this by capping
the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
Content-Length greater than this cap will not result in any memory allocation.
The POST will be responded to with an HTTP 413 "Request Entity Too Large"

This issue was reported by Christoph Hebeisen of TELUS Security Labs

(closes issue ASTERISK-20967)
Reported by: Christoph Hebeisen
  AST-2013-002-1.8.diff uploaded by mmichelson (License 5049)
  AST-2013-002-10.diff uploaded by mmichelson (License 5049)
  AST-2013-002-11.diff uploaded by mmichelson (License 5049)

22640. By mjordan

Update init.d scripts to handle stderr; readd splash screen for remote consoles

When r376428 was commited to re-order start up sequences to be more tolerant of
forking with thread primitives, a few items were changed that caused changes
in behavior on some distros. This includes:
 * Not displaying the splash screen on a remote console.
 * Displaying an error message on stderr when a remote console cannot connect
   to a running instance of Asterisk.

In the first case, the splash screen was re-added (thanks to Michael L. Young).
In the second case, the various init.d scripts were modified to pipe stderr
to /dev/null, as the error message is useful - if you execute a remote
console or a remote console command execution and it fail, it should tell
you. Note that the error message was always present, it just failed to be
printed prior to r376428.

Much thanks to the folks who quickly reported this problem, provided solutions,
and promptly tested the various init.d scripts on a variety of distros.

*** NOTE ***
If you're wondering why this got merged into 10, it's because we're going to
release a regression release with this in it. Might as well get it into the
branch so the tag reflects some version of reality.

(closes issue ASTERISK-20945)
Reported by: Warren Selby
Tested by: Michael L. Young, Jamuel Starkey, kaldemar, Danny Nicholas, mjordan
  asterisk-20945-remote-intro-msg.diff uploaded by elguero (license 5026)
  ASTERISK-20945-1.8-mjordan.diff uploaded by mjordan (license 6283)

Merged revisions 379760 from http://svn.asterisk.org/svn/asterisk/branches/1.8

22639. By mjordan

Fix astcanary startup problem due to wrong pid value from before daemon call

When Asterisk forks itself into the background via a call to daemon, it must
re-set the pid value of the new process. Otherwise, astcanary gets the pid
value of the process before the fork, which prevents it from running. Asterisk
eventually starts lowering its priority, as it can no longer communicate
with the proverbial canary in the coal mine.

This patch ensures that the correct process identifier is used by astcanary.

Note that this is getting committed to 10 as a regression fix.

(closes issue ASTERISK-20947)
Reported by: Jakob Hirsch
Tested by: mjordan
  asterisk-10.12.0.astcanary_ppid.diff uploaded by Jakob Hirsch (license 6113)

Merged revisions 379509 from http://svn.asterisk.org/svn/asterisk/branches/1.8

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.