and update PLIST for new Music On Hold files.
1.6.1.8 fixes AST-2009-007.
-----
A missing ACL check for handling SIP INVITEs allows a device to
make calls on networks intended to be prohibited as defined by the
"deny" and "permit" lines in sip.conf. The ACL check for handling
SIP registrations was not affected.
-----
1.6.1.9 fixes AST-2009-008 and AST-2009-009.
-----
It is possible to determine if a peer with a specific name is
configured in Asterisk by sending a specially crafted REGISTER
message twice. The username that is to be checked is put in the
user portion of the URI in the To header. A bogus non-matching
value is put into the username portion of the Digest in the
Authorization header. If the peer does exist the second REGISTER
will receive a response of 403 Authentication user name does not
match account name. If the peer does not exist the response will
be 404 Not Found if alwaysauthreject is disabled and 401 Unauthorized
if alwaysauthreject is enabled.
-----
Asterisk includes a demonstration AJAX based manager interface,
ajamdemo.html which uses the prototype.js framework. An issue was
uncovered in this framework which could allow someone to execute
a cross-site AJAX request exploit.
- 1.6.1.6 fixes AST-2009-006 which is an IAX2 DOS vulnerability
- 1.6.1.5 contains a variety of bug fixes:
Category: Applications/app_chanspy
#15660: ChanSpy "whisper" is broken in 1.4.26
Category: Applications/app_fax
#15606: app_fax.c is not compiling under OpenBSD
#15610: T.38 re-INVITE received after T.38 already negotiated fails
Category: Applications/app_milliwatt
#15386: [patch] Milliwatt() is off by -11dbm
Category: Applications/app_mixmonitor
#15699: [patch] using ast_free instead of mixmonitor_free
Category: Applications/app_queue
#14536: [patch] After a caller is processed by app_queue the queue_log
logs the hangup as TRANSFER
#15664: [patch] QUEUE_MEMBER_LIST() returns member names instead of
Category: Applications/app_stack
#15557: [patch] Gosub() dequotes once more than Macro()
#15617: [patch] crash in LOCAL() if Gosub stack is allocated but empty
Category: Applications/app_voicemail
#15717: MWI is not sent to a SIP phone upon registration, but is after the
mailbox is updated/checked
#15720: opendir() return code is not checked in last_message_index()
Category: Applications/app_voicemail/IMAP
#14496: [patch] IMAP crash multiple callers / callers hangup at beep
#14597: greetings can not be retrieved from IMAP
#14950: [patch] Greetings are stored as IMAP messages even when
imapgreetings=no
#15729: IMAP greetings not stored in dovecot
Category: CDR/General
#15751: [patch] Core dump in ast_bridge_call features.c line 2772
Category: Channels/chan_agent
#15668: AGENTACCEPTDTMF is incorrectly spelled as AGENTACCEPTDMTF in code
to recognize channel variables.
Category: Channels/chan_dahdi
#15655: [patch] Dialplan starts execution before call is accepted
#15727: [patch] Message Waiting Indication(MWI) is randomly generated when
FXO is set to DTMF Caller ID
Category: Channels/chan_misdn
#12113: [patch] asterisk crash at reload chan_misdn.so
Category: Channels/chan_sip/General
#12869: [patch] 'context' doesn't change when 'sip reload' issued when
driven from realtime
#15362: [patch] log message output is truncated
#15596: [patch] all codecs allowed, but textsupport=no crashes on T140RED
enabled call
Category: Channels/chan_sip/Registration
#14366: [patch] Registration expiry not compatible with some ITSP
#15539: [patch] Register request line contains wrong address when domain
and registrar host differ
Category: Channels/chan_sip/T.38
#15182: [patch] T.38 invite does not always comply with RFC 2327
Category: Channels/chan_sip/Video
#15121: [patch] Video support in SIP channel driver appears to be totally
broken
Category: Core/BuildSystem
#15697: most cleaner alaw don't compile
#15698: [patch] If enable DEBUG_FD_LEAKS - h323 can't start.
#15714: [patch] Asterisk won't build with curl unless curl_config is
present
Category: Core/General
#14730: [patch] Fix runlevels in Debian rc files
#15273: [patch] german time (20:01:00 oh clock) is announced wrong
#15649: T38 Faxing failing on 1.6.1 svn
#15667: LOGGER WARNING : error executing after rotate
Category: Core/ManagerInterface
#15397: [patch] segfault in action_coreshowchannels() at manager.c
#15730: [patch] manager keeps creating /tmp/ast-ami-XXXXXX files (without
deleting) when a single manager client remains logged in
Category: Core/PBX
#15242: [patch] log does not indicate which function is missing closing
parenthesis
Category: Documentation
#15755: Description in queues.conf on call recording is slightly
misleading
Category: Functions/func_iconv
#15169: When building with uClibc, configure script mistakenly assumes
iconv is always available
Category: General
#15571: [patch] 'received' typos in trunk, in 6 files
#15595: [patch] fix spelling for typos, mainly in comments.
Category: PBX/pbx_dundi
#15322: [patch] DUNDILOOKUP() does not accept comma as argument separator
Category: Resources/General
#15624: res_ais, communication ok, but wrong state send and receive.
Category: Resources/res_config_ldap
#13725: [patch] ERROR[7387]: res_config_ldap.c:1292 update_ldap: Couldn't
modify dn:cn=1001,dc=xxx,dc=xxx because Invalid syntax
#15710: Typo in LDAP schema files on line 598
Category: Resources/res_musiconhold
#15051: [patch] Moh class set in the dialplan is ignored with realtime moh
----------------------------------------------------------------------
Commits Not Associated with an Issue
[Back to Top]
This is a list of all changes that went into this release that did not
directly close an issue from the issue tracker. The commits may have been
marked as being related to an issue. If that is the case, the issue
numbers are listed here, as well.
+------------------------------------------------------------------------+
| Revision | Author | Summary | Issues |
| | | | Referenced |
|----------+------------+-----------------------------------+------------|
| | | Restore explicit export of | |
| 209058 | kpfleming | ASTCFLAGS/ASTLDFLAGS and | |
| | | underscore-variants to sub-makes. | |
|----------+------------+-----------------------------------+------------|
| 209237 | mmichelson | Gracefully handle malformed RTP | |
| | | text packets. | |
|----------+------------+-----------------------------------+------------|
| 209262 | kpfleming | Make T.38 switchover in | |
| | | ReceiveFAX synchronous. | |
|----------+------------+-----------------------------------+------------|
| 209281 | kpfleming | Cleanup T.38 negotiation changes. | |
|----------+------------+-----------------------------------+------------|
| 209327 | tilghman | Publish French extra sounds | |
|----------+------------+-----------------------------------+------------|
| | | Fix some places where | |
| 209714 | russell | ast_event_type was used instead | |
| | | of ast_event_ie_type. | |
|----------+------------+-----------------------------------+------------|
| 209781 | kpfleming | Minor changes inspired by testing | |
| | | with latest GCC. | |
|----------+------------+-----------------------------------+------------|
| 209900 | russell | Resolve a valgrind warning about | #15396 |
| | | a read from uninitialized memory. | |
|----------+------------+-----------------------------------+------------|
| 211115 | russell | Resolve a deadlock involving | |
| | | app_chanspy and masquerades. | |
|----------+------------+-----------------------------------+------------|
| 211277 | tilghman | Small oops. Clear the flags which | |
| | | have been checked. | |
|----------+------------+-----------------------------------+------------|
| 211569 | tilghman | AST-2009-005 | |
|----------+------------+-----------------------------------+------------|
| 211586 | tilghman | Conversion specifiers, not format | |
| | | specifiers | |
|----------+------------+-----------------------------------+------------|
| | | Check an actual populated | |
| 212069 | file | variable when seeing if we need | |
| | | to do video or not. | |
|----------+------------+-----------------------------------+------------|
| | | Ensure that T38FaxVersion is put | |
| 212115 | kpfleming | into outgoing SDP in the proper | |
| | | case. | |
|----------+------------+-----------------------------------+------------|
| 212386 | seanbright | Handle slin16 for extra sounds as | |
| | | well. | |
|----------+------------+-----------------------------------+------------|
| 212768 | rmudgett | Removed some deadwood and added | |
| | | some doxygen comments. | |
|----------+------------+-----------------------------------+------------|
| | | Make the default extconfig.conf | |
| 212862 | tilghman | match entries with the sample | |
| | | res_mysql.conf. | |
|----------+------------+-----------------------------------+------------|
| 212928 | kpfleming | Convert this branch to Opsound | |
| | | music-on-hold. | |
|----------+------------+-----------------------------------+------------|
| | | Remove some | |
| 212942 | kpfleming | accidentally-committed | |
| | | properties. | |
|----------+------------+-----------------------------------+------------|
| 213449 | twilson | Make LOAD_ORDER actually work | |
|----------+------------+-----------------------------------+------------|
| 213452 | twilson | Oops, committed this first. Make | |
| | | the merged property happy | |
|----------+------------+-----------------------------------+------------|
| | | Make autoheader descriptions | |
| 214365 | tilghman | render correctly in our | #14906 |
| | | autoconfig.h file. | |
|----------+------------+-----------------------------------+------------|
| | | One more build system change, to | |
| 214496 | tilghman | make the descriptions look | |
| | | better, if we have better | |
| | | information. | |
+------------------------------------------------------------------------+
pkgsrc change: restore checksums for ilbc files.
This release has been made to address one or more security vulnerabilities
that have been identified. A security advisory document has been published
for each vulnerability that includes additional information. Users of
versions of Asterisk that are affected are strongly encouraged to review
the advisories and determine what action they should take to protect their
systems from these issues.
Security Advisories: AST-2009-004
------------------------------------------------------------------------------
--- Functionality changes from Asterisk 1.6.0 to Asterisk 1.6.1 -------------
------------------------------------------------------------------------------
Device State Handling
---------------------
* The event infrastructure in Asterisk got another big update to help support
distributed events. It currently supports distributed device state and
distributed Voicemail MWI (Message Waiting Indication). A new module has
been merged, res_ais, which facilitates communicating events between servers.
It uses the SAForum AIS (Service Availability Forum Application Interface
Specification) CLM (Cluster Management) and EVT (Event) services to maintain
a cluster of Asterisk servers, and to share events between them. For more
information on setting this up, see doc/distributed_devstate.txt.
Dialplan Functions
------------------
* Added a new dialplan function, AST_CONFIG(), which allows you to access
variables from an Asterisk configuration file.
* The JACK_HOOK function now has a c() option to supply a custom client name.
* Added two new dialplan functions from libspeex for audio gain control and
denoise, AGC() and DENOISE(). Both functions can be applied to the tx and
rx directions of a channel from the dialplan.
* The SMDI_MSG_RETRIEVE function now has the ability to search for SMDI messages
based on other parameters. The default is still to search based on the
forwarding station ID. However, there are new options that allow you to search
based on the message desk terminal ID, or the message desk number.
* TIMEOUT() has been modified to be accurate down to the millisecond.
* ENUM*() functions now include the following new options:
- 'u' returns the full URI and does not strip off the URI-scheme.
- 's' triggers ISN specific rewriting
- 'i' looks for branches into an Infrastructure ENUM tree
- 'd' for a direct DNS lookup without any flipping of digits.
* TXCIDNAME() has a new zone-suffix parameter (which defaults to 'e164.arpa')
* CHANNEL() now has options for the maximum, minimum, and standard or normal
deviation of jitter, rtt, and loss for a call using chan_sip.
DAHDI channel driver (chan_dahdi) Changes
----------------------------------------
* Channels can now be configured using named sections in chan_dahdi.conf, just
like other channel drivers, including the use of templates.
* The default for pridialplan has changed from 'national' to 'unknown'.
PBX Changes
-----------
* It is now possible to specify a pattern match as a hint. Once a phone subscribes
to something that matches the pattern a hint will be created using the contents
and variables evaluated.
* Dialplan matching has been extended to allow an extension to return to the
PBX core to wait for more digits. This is done by using the new dialplan
application called "Incomplete". This will permit a whole new level of
extension control, by giving the administrator more control over early
matches employing one of the short-circuit pattern match operators. Note
that custom applications can trigger this same behavior by returning the
special value AST_PBX_INCOMPLETE.
The dial() application
----------------------
* Dial has a new option: F(context^extension^pri), which permits a callee to
continue in the dialplan, at the specified label, if the caller hangs up.
* The Dial() application no longer copies the language used by the caller to the callee's
channel. If you desire for the caller's channel's language to be used for file playback
to the callee, then the file specified may be prepended with "${CHANNEL(language)}/" .
The chanspy() application
-------------------------
* ChanSpy and ExtenSpy have a new option, 's' which suppresses speaking the
technology name (e.g. SIP, IAX, etc) of the channel being spied on.
* Chanspy has a new option, 'B', which can be used to "barge" on a call. This is
like the pre-existing whisper mode, except that the spy can also talk to the
participant on the bridged channel as well.
* Chanspy has a new option, 'n', which will allow for the spied-on party's name
to be spoken instead of the channel name or number. For more information on the
use of this option, issue the command "core show application ChanSpy" from the
Asterisk CLI.
* Chanspy has a new option, 'd', which allows the spy to use DTMF to swap between
spy modes. Use of this feature overrides the typical use of numeric DTMF. In other
words, if using the 'd' option, it is not possible to enter a number to append to
the first argument to Chanspy(). Pressing 4 will change to spy mode, pressing 5 will
change to whisper mode, and pressing 6 will change to barge mode.
Other Application Changes
-------------------------
* Directory now permits both first and last names to be matched at the same
time. In addition, the number of digits to enter of the name can be set in
the arguments to Directory; previously, you could enter only 3, regardless
of how many names are in your company. For large companies, this should be
quite helpful.
* Voicemail now permits a mailbox setting to wrap around from first to last
messages, if the "messagewrap" option is set to a true value.
* Voicemail now permits an external script to be run, for password validation.
The script should output "VALID" or "INVALID" on stdout, depending upon the
wish to validate or invalidate the password given. Arguments are:
"mailbox" "context" "oldpass" "newpass". See the sample voicemail.conf for
more details
* The voicemail externnotify script now accepts an additional (last) parameter
containing the number of urgent messages in the INBOX.
* The Jack application now has a c() option to supply a custom client name.
* ExternalIVR now takes several options that affect the way it performs, as
well as having several new commands. Please see doc/externalivr.txt for the
complete documentation.
* Added ability to communicate over a TCP socket instead of forking a child process for the
ExternalIVR application.
* ChanIsAvail has a new option, 'a', which will return all available channels instead
of just the first one if you give the function more then one channel to check.
* PrivacyManager now takes an option where you can specify a context where the
given number will be matched. This way you have more control over who is allowed
and it stops the people who blindly enter 10 digits.
* ForkCDR has new options: 'a' updates the answer time on the new CDR; 'A' locks
answer times, disposition, on orig CDR against updates; 'D' Copies the disposition
from the orig CDR to the new CDR after reset; 'e' sets the 'end' time on the
original CDR; 'R' prevents the new CDR from being reset; 's(var=val)' adds/changes
the 'var' variable on the original CDR; 'T' forces ast_cdr_end(), ast_cdr_answer(),
obey the LOCKED flag on cdr's in the chain, and also the ast_cdr_setvar() func.
* SendImage() no longer hangs up the channel on error; instead, it sets the
status variable SENDIMAGESTATUS to one of 'SUCCESS', 'FAILURE', or
'UNSUPPORTED'. This change makes SendImage() more consistent with other
applications.
* Park has a new option, 's', which silences the announcement of the parking space number.
* A non-numeric, zero, or negative timeout specified to Dial() will now be interpreted as
invalid input and will be assumed to mean that no timeout is desired.
SIP Changes
-----------
* Added DNS manager support to registrations for peers referencing peer entries.
DNS manager runs in the background which allows DNS lookups to be run asynchronously
as well as periodically updating the IP address. These properties allow for
better performance as well as recovery in the event of an IP change.
* Performance improvements via using hash tables (astobj2) and doubly-linked lists to improve
load/reload of large numbers of peers/users by ~40x (for large lists of peers.
Initially, we saw 4x improvement in call setup/destruction, but at the time
of merging, this gain has disappeared; further research will be done to try
and restore this performance improvement. Astobj2 refcounting is now used
for users, peers, and dialogs. Users are encouraged to assist in regression
testing and problem reporting!
* Added ability to specify registration expiry time on a per registration basis in
the register line.
* Added support for Realtime Text redundancy - T140 RED - in T.140 to
prevent text loss due to lost packets.
* Added t38pt_usertpsource option. See sip.conf.sample for details.
* Added SIPnotify AMI command, for sending arbitrary SIP notify commands.
* 'sip show peers' and 'sip show users' display their entries sorted in
alphabetical order, as opposed to the order they were in, in the config
file or database.
* Videosupport now supports an additional option, "always", which always sets
up video RTP ports, even on clients that don't support it. This helps with
callfiles and certain transfers to ensure that if two video phones are
connected, they will always share video feeds.
IAX Changes
-----------
* Existing DNS manager lookups extended to check for SRV records.
* IAX2 encryption support has been improved to support periodic key rotation
within a call for enhanced security. The option "keyrotate" has been
provided to disable this functionality to preserve backwards compatibility
with older versions of IAX2 that do not support key rotation.
CLI Changes
-----------
* New CLI command, "config reload <file.conf>" which reloads any module that
references that particular configuration file. Also added "config list"
which shows which configuration files are in use.
* New CLI commands, "pri show version" and "ss7 show version" that will
display which version of libpri and libss7 are being used, respectively.
A new API call was added so trunk will now have to be compiled against
a versions of libpri and libss7 that have them or it will not know that
these libraries exist.
* The commands "core show globals", "core set global" and "core set chanvar" has
been deprecated in favor of the more semanticly correct "dialplan show globals",
"dialplan set chanvar" and "dialplan set global".
* New CLI command "dialplan show chanvar" to list all variables associated
with a given channel.
DNS manager changes
-------------------
* Addresses managed by DNS manager now can check to see if there is a DNS
SRV record for a given domain and will use that hostname/port if present.
AMI - The manager (TCP/TLS/HTTP)
--------------------------------
* The Status action now takes an optional list of variables to display
along with channel status.
ODBC Changes
------------
* res_odbc no longer has a limit of 1023 total possible unshared connections,
as some people were running into this limit. This limit has been increased
to 4.2 billion.
Queue changes
-------------
* The TRANSFER queue log entry now includes the caller's original position in
the transferred-from queue.
* A new configuration option, "timeoutpriority" has been added. Please see the section
labeled "QUEUE TIMING OPTIONS" in configs/queues.conf.sample for a detailed explanation
of the option as well as an explanation about timeout options in general
Realtime changes
----------------
* Several (ODBC, Postgres, MySQL, SQLite) realtime drivers have been given
adaptive capabilities. What this means in practical terms is that if your
realtime table lacks critical fields, Asterisk will now emit warnings to
that effect. Also, some of the realtime drivers have the ability (if
configured) to automatically add those columns to the table with the
correct type and length.
Miscellaneous
-------------
* The channel variable ATTENDED_TRANSFER_COMPLETE_SOUND can now be set using
the 'setvar' option to cause a given audio file to be played upon completion
of an attended transfer. Currently it works for DAHDI, IAX2, SIP, and
Skinny channels only.
* You can now compile Asterisk against the Hoard Memory Allocator, see doc/hoard.txt
for more information.
* Config file variables may now be appended to, by using the '+=' append
operator. This is most helpful when working with long SQL queries in
func_odbc.conf, as the queries no longer need to be specified on a single
line.
hardware support, so it can't replace comms/asterisk. However,
apparently there is demand for this version, so wiz@ suggested it
be imported here into comms/asterisk16. The latest version is
1.6.1.1, but I won't have time to update all the patches before the
freeze. I'll update to that version sometime after the freeze when
I get a chance.
