From ebaa99518ae5d4bf2278290c96a2462f4dddc893 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 21:50:44 +0100 Subject: [PATCH 1/7] kamailio-5.x: convert init to procd This commit - updates init script to use procd - adds a default user 'kamailio' (kamailio will switch to this user) - introduces uci init config (instead of /etc/default/kamailio) Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/Makefile | 10 +-- net/kamailio-5.x/files/kamailio.config | 12 ++++ net/kamailio-5.x/files/kamailio.default | 14 ---- net/kamailio-5.x/files/kamailio.init | 85 ++++++++++++++++--------- 4 files changed, 73 insertions(+), 48 deletions(-) create mode 100644 net/kamailio-5.x/files/kamailio.config delete mode 100644 net/kamailio-5.x/files/kamailio.default diff --git a/net/kamailio-5.x/Makefile b/net/kamailio-5.x/Makefile index 32d82af..e5aa478 100644 --- a/net/kamailio-5.x/Makefile +++ b/net/kamailio-5.x/Makefile @@ -241,11 +241,13 @@ endef define Package/kamailio5 $(call Package/kamailio5/Default) TITLE:=Mature and flexible open source SIP server, v$(PKG_VERSION) + USERID:=kamailio=380:kamailio=380 MENU:=1 endef define Package/kamailio5/conffiles -/etc/default/kamailio +/etc/config/kamailio +/etc/init.d/kamailio /etc/kamailio/kamailio.cfg /etc/kamailio/kamctlrc endef @@ -260,10 +262,10 @@ $(foreach c,kamailio.cfg kamctlrc,$(call Package/kamailio5/install/conffile,$(1) $(CP) \ $(PKG_INSTALL_DIR)/usr/lib/kamailio/lib{srdb1,srdb2,srutils}.so* \ $(1)/usr/lib/kamailio/ - $(INSTALL_DIR) $(1)/etc/default + $(INSTALL_DIR) $(1)/etc/config $(INSTALL_CONF) \ - ./files/kamailio.default \ - $(1)/etc/default/kamailio + ./files/kamailio.config \ + $(1)/etc/config/kamailio $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_BIN) \ ./files/kamailio.init \ diff --git a/net/kamailio-5.x/files/kamailio.config b/net/kamailio-5.x/files/kamailio.config new file mode 100644 index 0000000..1f91f85 --- /dev/null +++ b/net/kamailio-5.x/files/kamailio.config @@ -0,0 +1,12 @@ + +config kamailio 'general' + option enabled 0 + option user kamailio + option group kamailio + # Amount of shared and private memory to allocate in MByte: + option shm_memory 8 + option pkg_memory 2 + option cfg_file /etc/kamailio/kamailio.cfg + # Any other option can be put between the quotes below: + #option options "" + diff --git a/net/kamailio-5.x/files/kamailio.default b/net/kamailio-5.x/files/kamailio.default deleted file mode 100644 index 1fc875d..0000000 --- a/net/kamailio-5.x/files/kamailio.default +++ /dev/null @@ -1,14 +0,0 @@ -# -# Kamailio startup options -# - -# Set to yes to enable kamailio, once configured properly. -#RUN_KAMAILIO=yes - -# Amount of shared and private memory to allocate -# for the running Kamailio server (in Mb) -#SHM_MEMORY=64 -#PKG_MEMORY=4 - -# Config file -#CFGFILE=/etc/kamailio/kamailio.cfg diff --git a/net/kamailio-5.x/files/kamailio.init b/net/kamailio-5.x/files/kamailio.init index 38bba51..75a8302 100644 --- a/net/kamailio-5.x/files/kamailio.init +++ b/net/kamailio-5.x/files/kamailio.init @@ -1,38 +1,63 @@ #!/bin/sh /etc/rc.common -# Copyright (C) 2014 OpenWrt.org +# Copyright (C) 2014 - 2018 OpenWrt.org START=99 -BINFILE=/usr/sbin/kamailio -PIDFILE=/var/run/kamailio.pid -DEFAULTS=/etc/default/kamailio -CFGFILE=/etc/kamailio/kamailio.cfg -SHM_MEMORY=8 -PKG_MEMORY=2 -RUN_KAMAILIO=no +NAME=kamailio +COMMAND=/usr/sbin/$NAME -start() { - # Load startup options if available - if [ -f $DEFAULTS ]; then - . $DEFAULTS - fi +RUNDIR=/var/run/$NAME +PIDFILE=$RUNDIR/$NAME.pid - if [ "$RUN_KAMAILIO" != "yes" ]; then - echo "[WARNING] Kamailio not yet configured. Edit /etc/default/kamailio first." - else - start-stop-daemon -S -x $BINFILE -b -- -P $PIDFILE -f $CFGFILE -m $SHM_MEMORY -M $PKG_MEMORY - echo "[INFO] Kamailio has succesfully started." - fi +LOG_ERR="/usr/bin/logger -p user.err -s -t $NAME" + +USE_PROCD=1 + +#PROCD_DEBUG=1 + +start_service() { + local enabled + local user + local group + local shm_memory + local pkg_memory + local cfg_file + local options + + config_load $NAME + + config_get_bool enabled general enabled 0 + + if [ $enabled -eq 0 ]; then + $LOG_ERR service not enabled in /etc/config/$NAME + exit 1 + fi + + config_get user general user $NAME + config_get group general group $NAME + config_get shm_memory general shm_memory 8 + config_get pkg_memory general pkg_memory 2 + config_get cfg_file general cfg_file /etc/$NAME/$NAME.cfg + config_get options general options + + if [ ! -d $RUNDIR ]; then + mkdir -p $RUNDIR + chown "$user":"$group" $RUNDIR + fi + + procd_open_instance + procd_set_param command $COMMAND + procd_append_param command \ + -P $PIDFILE \ + -f "$cfg_file" \ + -m "$shm_memory" \ + -M "$pkg_memory" \ + $options \ + -u "$user" \ + -g "$group" \ + -DD -E + # forward stderr to logd + procd_set_param stderr 1 + procd_close_instance } -stop() { - start-stop-daemon -K -x $BINFILE -p $PIDFILE -q - rm -rf $PID_FILE -} - -restart(){ - echo "[INFO] Restarting kamailio. Waiting 5 seconds before start." - stop - sleep 5 - start -} From eef0679cb4035857178c7adfa2667bcc8c605855 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 21:57:47 +0100 Subject: [PATCH 2/7] kamailio-5.x: amend mips2 tweak Commit f84dda74e615c803e6a218cea83dd2a2bfaa67e5 ("kamailio-5.x: enable FAST_LOCK for MIPS") turned out to be problematic, because it changed the ARCH to "mips2" not only for "mips", but also for some "mipsel" targets, which was unintentional. Address this by filtering for "mips" specifically before setting the variable. Also, get rid of PKG_BUILD_PARALLEL, because adding it really didn't change anything - due to the way "make" is called. Leave a comment to prevent repetition (read: prevent _me_ from doing the same mistake again in the future). Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/Makefile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/kamailio-5.x/Makefile b/net/kamailio-5.x/Makefile index e5aa478..9bf139c 100644 --- a/net/kamailio-5.x/Makefile +++ b/net/kamailio-5.x/Makefile @@ -21,7 +21,8 @@ PKG_LICENSE:=GPL-2.0+ PKG_LICENSE_FILES:=COPYING PKG_MAINTAINER:=Jiri Slachta -PKG_BUILD_PARALLEL:=1 +# Defining PKG_BUILD_PARALLEL to 1 would be a noop due to the way we call make +#PKG_BUILD_PARALLEL:=1 MODULES_AVAILABLE:= \ acc \ @@ -379,7 +380,9 @@ EXTRA_MODULES:= \ # # When CONFIG_CPU_TYPE matches one of the identifiers in the list below, set # ARCH to "mips2" to get FAST_LOCK support. +ifeq ($(call qstrip,$(CONFIG_ARCH)),mips) CPU_MIPS2:=mips32 24kc 34kc 74kc +endif PKG_MAKE_ARGS:= \ prefix=/ \ From 6568006dde4a2441c6920687fe75587d50c48d59 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 22:16:25 +0100 Subject: [PATCH 3/7] kamailio-5.x: add ip translation to init kamailio can be started with multiple "-l" ("listen") parameters to tell it which IPs to listen on. This can also be configured in kamailio.cfg, of course. This commit adds the ability to the init script to translate iface names like "wan" into IP addresses and hand them over to kamailio as command line arguments. This is useful when using a network connection where IPs are dynamically assigned. kamailio can also work with interface names, e.g. "eth0". But it may listen to all IPs configured on the interface. To avoid this the commit differentiates beteen IPv4 ("listen") and IPv6 ("listen6"). So if the user wants kamailio to only listen on an IPv4 address configured on a certain iface ("wan" for instance), he/she can just specify a list entry "listen" with that iface. An explanation is also added to the uci configuration file. Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/files/kamailio.config | 9 ++++ net/kamailio-5.x/files/kamailio.init | 68 ++++++++++++++++++++++++++ 2 files changed, 77 insertions(+) diff --git a/net/kamailio-5.x/files/kamailio.config b/net/kamailio-5.x/files/kamailio.config index 1f91f85..aaa9af8 100644 --- a/net/kamailio-5.x/files/kamailio.config +++ b/net/kamailio-5.x/files/kamailio.config @@ -7,6 +7,15 @@ config kamailio 'general' option shm_memory 8 option pkg_memory 2 option cfg_file /etc/kamailio/kamailio.cfg + # The lists "listen" and "listen6" basically have the same + # effect - each list entry will be added to the Kamailio command + # line ("-l address"). However, the init script will try to + # resolve any interface specifier into an IPv4 ("listen") or + # IPv6 ("listen6") address before starting Kamailio. These lists + # may be helpful when using dynamic IPs. + #list listen udp:wan:5060 + #list listen udp:192.168.1.1:5060 + #list listen6 udp:wan:5060 # Any other option can be put between the quotes below: #option options "" diff --git a/net/kamailio-5.x/files/kamailio.init b/net/kamailio-5.x/files/kamailio.init index 75a8302..a796407 100644 --- a/net/kamailio-5.x/files/kamailio.init +++ b/net/kamailio-5.x/files/kamailio.init @@ -15,6 +15,69 @@ USE_PROCD=1 #PROCD_DEBUG=1 +check_listen() { + local value="$1" + local type="$2" + + local address + local has_proto=0 + local one two three + local tmp + + [ -z "$value" ] && { + $LOG_ERR empty $type entry + exit 1 + } + + # IPv6 addresses need to be enclosed in square brackets. If there are + # square brackets in the listen entry, just copy it. + echo "$value" | grep "\[[0-9:A-Fa-f]*\]" &> /dev/null && { + options=$options" -l $value" + return + } + + # Bail if more than 2 colons. + [ $(echo "$value" | awk -F ":" '{print NF-1}') -gt 2 ] && { + $LOG_ERR init script does not understand $type entry \""$value"\" + exit 1 + } + + IFS=":" read one two three << EOF +$value +EOF + + case "$one" in + udp|tcp|tls|sctp) + tmp="$two" + has_proto=1 + ;; + *) + tmp="$one" + ;; + esac + + if [ "$type" = "listen" ]; then + network_get_ipaddr address "$tmp" || address="$tmp" + else + network_get_ipaddr6 address "$tmp" && address="[$address]" || \ + address="$tmp" + fi + + if [ -n "$three" ]; then + tmp="$one:$address:$three" + elif [ -n "$two" ]; then + if [ $has_proto = 1 ]; then + tmp="$one:$address" + else + tmp="$address:$two" + fi + else + tmp="$address" + fi + + options=$options" -l $tmp" +} + start_service() { local enabled local user @@ -40,6 +103,11 @@ start_service() { config_get cfg_file general cfg_file /etc/$NAME/$NAME.cfg config_get options general options + . /lib/functions/network.sh + + config_list_foreach general listen check_listen listen + config_list_foreach general listen6 check_listen listen6 + if [ ! -d $RUNDIR ]; then mkdir -p $RUNDIR chown "$user":"$group" $RUNDIR From 0dd94c624eb5f756872001c440fa43d041f5d82d Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 22:32:56 +0100 Subject: [PATCH 4/7] kamailio-5.x: add hotplug script Add hotplug script to base package. Hotplug will only occur if user enables it via uci config. Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/Makefile | 4 ++++ net/kamailio-5.x/files/kamailio.config | 4 ++++ net/kamailio-5.x/files/kamailio.hotplug | 24 ++++++++++++++++++++++++ 3 files changed, 32 insertions(+) create mode 100644 net/kamailio-5.x/files/kamailio.hotplug diff --git a/net/kamailio-5.x/Makefile b/net/kamailio-5.x/Makefile index 9bf139c..899c573 100644 --- a/net/kamailio-5.x/Makefile +++ b/net/kamailio-5.x/Makefile @@ -271,6 +271,10 @@ $(foreach c,kamailio.cfg kamctlrc,$(call Package/kamailio5/install/conffile,$(1) $(INSTALL_BIN) \ ./files/kamailio.init \ $(1)/etc/init.d/kamailio + $(INSTALL_DIR) $(1)/etc/hotplug.d/iface + $(INSTALL_BIN) \ + ./files/kamailio.hotplug \ + $(1)/etc/hotplug.d/iface $(CP) \ $(PKG_INSTALL_DIR)/usr/lib/kamailio/kamctl \ $(1)/usr/lib/kamailio/ diff --git a/net/kamailio-5.x/files/kamailio.config b/net/kamailio-5.x/files/kamailio.config index aaa9af8..f1a9c36 100644 --- a/net/kamailio-5.x/files/kamailio.config +++ b/net/kamailio-5.x/files/kamailio.config @@ -19,3 +19,7 @@ config kamailio 'general' # Any other option can be put between the quotes below: #option options "" +config kamailio 'hotplug' + # Uncomment to enable hotplug: + #option interface 'wan' + diff --git a/net/kamailio-5.x/files/kamailio.hotplug b/net/kamailio-5.x/files/kamailio.hotplug new file mode 100644 index 0000000..0dec974 --- /dev/null +++ b/net/kamailio-5.x/files/kamailio.hotplug @@ -0,0 +1,24 @@ +#!/bin/sh + +[ "$ACTION" = ifup ] || exit 0 + +NAME=kamailio +COMMAND=/etc/init.d/$NAME +LOGGER="/usr/bin/logger -t hotplug" + +$COMMAND enabled || exit 0 + +. /lib/functions.sh + +config_load $NAME + +config_get_bool enabled general enabled 0 +[ $enabled -eq 0 ] && exit 0 + +config_get hotplug_iface hotplug interface + +[ "$INTERFACE" = "$hotplug_iface" ] && { + $LOGGER "Restarting $NAME due to \"$ACTION\" of \"$INTERFACE\"" + $COMMAND restart +} + From 04d2b6822ebd105d18e801d60d607ca8cb2bac60 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 22:36:20 +0100 Subject: [PATCH 5/7] kamailio-5.x: add a note about the uci file Echoes a message upon installation and points the user to /etc/config/kamailio. Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/Makefile | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/net/kamailio-5.x/Makefile b/net/kamailio-5.x/Makefile index 899c573..7b5bf67 100644 --- a/net/kamailio-5.x/Makefile +++ b/net/kamailio-5.x/Makefile @@ -280,6 +280,20 @@ $(foreach c,kamailio.cfg kamctlrc,$(call Package/kamailio5/install/conffile,$(1) $(1)/usr/lib/kamailio/ endef +define Package/kamailio5/postinst +#!/bin/sh +if [ -z "$${IPKG_INSTROOT}" ]; then + echo + echo "o-------------------------------------------------------------------o" + echo "| Kamailio note |" + echo "o-------------------------------------------------------------------o" + echo "| Edit /etc/config/kamailio to change basic init configuration. |" + echo "o-------------------------------------------------------------=^_^=-o" + echo +fi +exit 0 +endef + define Package/kamailio5/install/conffile $(INSTALL_DIR) $(1)/etc/kamailio $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/kamailio/$(2) $(1)/etc/kamailio From 65565186ec441f0516df0430c5c8ec747e4ec798 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 22:39:36 +0100 Subject: [PATCH 6/7] kamailio-5.x: remove unnecessary depends Remove the depend on mod-db-sqlite from some modules. They may depend on a db module, but any will do. And mod-jsonrpcs also does not depend on mod-json. Maybe things were different in the past. But today these depends aren't needed. Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/Makefile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/net/kamailio-5.x/Makefile b/net/kamailio-5.x/Makefile index 7b5bf67..c95965f 100644 --- a/net/kamailio-5.x/Makefile +++ b/net/kamailio-5.x/Makefile @@ -448,14 +448,14 @@ $(eval $(call BuildPackage,kamailio5-util-kambdb-recover)) $(eval $(call BuildKamailio5Module,acc,Accounting,,+kamailio5-mod-tm)) $(eval $(call BuildKamailio5Module,acc_diameter,Accounting for DIAMETER backend,,+kamailio5-mod-acc)) -$(eval $(call BuildKamailio5Module,alias_db,Database-backend aliases,,+kamailio5-mod-db-sqlite)) +$(eval $(call BuildKamailio5Module,alias_db,Database-backend aliases,,)) $(eval $(call BuildKamailio5Module,app_jsdt,Execute JavaScript scripts,,)) $(eval $(call BuildKamailio5Module,app_lua,Execute embedded Lua scripts,,+liblua)) $(eval $(call BuildKamailio5Module,app_python,Execute Python scripts,,+python-light)) $(eval $(call BuildKamailio5Module,app_sqlang,Execute Squirrel language scripts,,+libstdcpp)) $(eval $(call BuildKamailio5Module,async,Asynchronous SIP handling functions,,+kamailio5-mod-tm +kamailio5-mod-tmx)) $(eval $(call BuildKamailio5Module,auth,Authentication Framework,,)) -$(eval $(call BuildKamailio5Module,auth_db,Database-backend authentication,,+kamailio5-mod-auth +kamailio5-mod-db-sqlite)) +$(eval $(call BuildKamailio5Module,auth_db,Database-backend authentication,,+kamailio5-mod-auth)) $(eval $(call BuildKamailio5Module,auth_diameter,Diameter authentication,,+kamailio5-mod-sl)) $(eval $(call BuildKamailio5Module,auth_ephemeral,Ephemeral credentials,,+libopenssl)) $(eval $(call BuildKamailio5Module,auth_identity,Identity authentication,,+libopenssl +libcurl)) @@ -470,7 +470,7 @@ $(eval $(call BuildKamailio5Module,carrierroute,Carrier Route,,+kamailio5-lib-li $(eval $(call BuildKamailio5Module,cdp,C Diameter Peer,,)) $(eval $(call BuildKamailio5Module,cdp_avp,CDP AVP helper module,,+kamailio5-mod-cdp)) $(eval $(call BuildKamailio5Module,cfgutils,Config utilities,,)) -$(eval $(call BuildKamailio5Module,cfg_db,Load parameters from database,,+kamailio5-mod-db-sqlite)) +$(eval $(call BuildKamailio5Module,cfg_db,Load parameters from database,,)) $(eval $(call BuildKamailio5Module,cfg_rpc,Update parameters via RPC,,)) $(eval $(call BuildKamailio5Module,cfgt,Unit test reporting,,)) $(eval $(call BuildKamailio5Module,cnxcc,Limit call duration,,+kamailio5-mod-dialog +libhiredis +libevent2)) @@ -526,7 +526,7 @@ $(eval $(call BuildKamailio5Module,ipops,IP and IPv6 operations,,)) $(eval $(call BuildKamailio5Module,jansson,Access to JSON attributes,,+jansson)) $(eval $(call BuildKamailio5Module,janssonrpcc,Alternative JSONRPC server,,+kamailio5-mod-jansson +libevent2)) $(eval $(call BuildKamailio5Module,json,Access to JSON document attributes,,+libjson-c)) -$(eval $(call BuildKamailio5Module,jsonrpcs,JSONRPC server over HTTP,,+kamailio5-mod-json +libevent2)) +$(eval $(call BuildKamailio5Module,jsonrpcs,JSONRPC server over HTTP,,+libevent2)) $(eval $(call BuildKamailio5Module,keepalive,SIP keepalive monitoring,+kamailio5-mod-tm,)) $(eval $(call BuildKamailio5Module,kex,Core extensions,,)) $(eval $(call BuildKamailio5Module,lcr,Least Cost Routing,,+kamailio5-mod-tm +libpcre)) From e8034c181f5c5536409a7ceaee64d31be7786242 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Mon, 5 Nov 2018 22:46:20 +0100 Subject: [PATCH 7/7] kamailio-5.x: update to 5.1.6 Minor version bump. Two CVE patches can be removed as they're already included in the source. One patch was refreshed. Also: - https://sources.openwrt.org is added as primary source URL to lessen the load on kamailio upstream - Build/Configure is defined as empty (because there is no configure script in the source tree - patch is added to fix dp_replace(); the function was first added in the 5.1 release and didn't work; patch was accepted upstream Signed-off-by: Sebastian Kemper --- net/kamailio-5.x/Makefile | 13 ++++-- .../patches/140-CVE-2018-14767.patch | 28 ----------- .../patches/141-CVE-2018-16657.patch | 46 ------------------- .../patches/150-posix-awk-filter.patch | 4 +- ...ix_dp_replace_in_cmd_export_t_struct.patch | 30 ++++++++++++ 5 files changed, 40 insertions(+), 81 deletions(-) delete mode 100644 net/kamailio-5.x/patches/140-CVE-2018-14767.patch delete mode 100644 net/kamailio-5.x/patches/141-CVE-2018-16657.patch create mode 100644 net/kamailio-5.x/patches/160-dialplan-fix_dp_replace_in_cmd_export_t_struct.patch diff --git a/net/kamailio-5.x/Makefile b/net/kamailio-5.x/Makefile index c95965f..8edaf84 100644 --- a/net/kamailio-5.x/Makefile +++ b/net/kamailio-5.x/Makefile @@ -9,12 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=kamailio5 -PKG_VERSION:=5.1.3 -PKG_RELEASE:=4 +PKG_VERSION:=5.1.6 +PKG_RELEASE:=1 -PKG_SOURCE_URL:=https://www.kamailio.org/pub/kamailio/$(PKG_VERSION)/src +PKG_SOURCE_URL := \ + https://sources.openwrt.org \ + https://www.kamailio.org/pub/kamailio/$(PKG_VERSION)/src PKG_SOURCE:=kamailio-$(PKG_VERSION)$(PKG_VARIANT)_src.tar.gz -PKG_HASH:=b2266e15ec8ffa62be66b44989155f26a31d137f06f81fb3841aad8315315a14 +PKG_HASH:=99880df20dd836e4d9ec03fe863f7a5fc77bb29e3d56f59ea92b8b986deb5186 PKG_USE_MIPS16:=0 PKG_LICENSE:=GPL-2.0+ @@ -424,6 +426,9 @@ PKG_MAKE_ARGS:= \ DESTDIR=$(PKG_INSTALL_DIR) \ quiet=verbose +define Build/Configure +endef + define Build/Compile $(MAKE) -C $(PKG_BUILD_DIR) $(PKG_MAKE_ARGS) cfg $(MAKE) -C $(PKG_BUILD_DIR) quiet=verbose all diff --git a/net/kamailio-5.x/patches/140-CVE-2018-14767.patch b/net/kamailio-5.x/patches/140-CVE-2018-14767.patch deleted file mode 100644 index 801353f..0000000 --- a/net/kamailio-5.x/patches/140-CVE-2018-14767.patch +++ /dev/null @@ -1,28 +0,0 @@ -commit 281a6c6b6eaaf30058b603325e8ded20b99e1456 -Author: Henning Westerholt -Date: Mon May 7 09:36:53 2018 +0200 - - core: improve to header check guards, str consists of length and pointer - -diff --git a/src/core/msg_translator.c b/src/core/msg_translator.c -index 22122768a..4dd648e87 100644 ---- a/src/core/msg_translator.c -+++ b/src/core/msg_translator.c -@@ -2369,7 +2369,7 @@ char * build_res_buf_from_sip_req( unsigned int code, str *text ,str *new_tag, - case HDR_TO_T: - if (new_tag && new_tag->len) { - to_tag=get_to(msg)->tag_value; -- if ( to_tag.len || to_tag.s ) -+ if ( to_tag.len && to_tag.s ) - len+=new_tag->len-to_tag.len; - else - len+=new_tag->len+TOTAG_TOKEN_LEN/*";tag="*/; -@@ -2497,7 +2497,7 @@ char * build_res_buf_from_sip_req( unsigned int code, str *text ,str *new_tag, - break; - case HDR_TO_T: - if (new_tag && new_tag->len){ -- if (to_tag.s ) { /* replacement */ -+ if (to_tag.len && to_tag.s) { /* replacement */ - /* before to-tag */ - append_str( p, hdr->name.s, to_tag.s-hdr->name.s); - /* to tag replacement */ diff --git a/net/kamailio-5.x/patches/141-CVE-2018-16657.patch b/net/kamailio-5.x/patches/141-CVE-2018-16657.patch deleted file mode 100644 index 45346e9..0000000 --- a/net/kamailio-5.x/patches/141-CVE-2018-16657.patch +++ /dev/null @@ -1,46 +0,0 @@ -commit d67b2f9874ca23bd69f18df71b8f53b1b6151f6d -Author: Henning Westerholt -Date: Sun Jun 3 20:59:32 2018 +0200 - - core: improve header safe guards for Via handling - - (cherry picked from commit ad68e402ece8089f133c10de6ce319f9e28c0692) - -diff --git a/src/core/crc.c b/src/core/crc.c -index 462846324..23b2876ec 100644 ---- a/src/core/crc.c -+++ b/src/core/crc.c -@@ -231,6 +231,8 @@ void crcitt_string_array( char *dst, str src[], int size ) - ccitt = 0xFFFF; - str_len=CRC16_LEN; - for (i=0; is[name->len-1]==']')&& - (strncasecmp(name->s+1, s, len)==0)) - ) -- ) -+ ) { - return 0; -- else -- -+ } -+ else { -+ if (unlikely(name->s==NULL)) { -+ LM_CRIT("invalid Via host name\n"); -+ return -1; -+ } - if (strncmp(name->s, s, name->len)==0) - return 0; -+ } - }else{ - LM_CRIT("could not convert ip address\n"); - return -1; diff --git a/net/kamailio-5.x/patches/150-posix-awk-filter.patch b/net/kamailio-5.x/patches/150-posix-awk-filter.patch index 4fe4e40..e569191 100644 --- a/net/kamailio-5.x/patches/150-posix-awk-filter.patch +++ b/net/kamailio-5.x/patches/150-posix-awk-filter.patch @@ -17,11 +17,9 @@ Date: Sun Oct 7 18:54:39 2018 +0200 Signed-off-by: Sebastian Kemper -diff --git a/utils/kamctl/kamctl.base b/utils/kamctl/kamctl.base -index adeceb77f..a776e10d8 100644 --- a/utils/kamctl/kamctl.base +++ b/utils/kamctl/kamctl.base -@@ -715,7 +715,7 @@ filter_json() +@@ -699,7 +699,7 @@ filter_json() $AWK 'function ltrim(s) { sub(/^[ \t\r\n]+/, "", s); return s } BEGIN { line=0; IGNORECASE=1; } { line++; } diff --git a/net/kamailio-5.x/patches/160-dialplan-fix_dp_replace_in_cmd_export_t_struct.patch b/net/kamailio-5.x/patches/160-dialplan-fix_dp_replace_in_cmd_export_t_struct.patch new file mode 100644 index 0000000..304b9c4 --- /dev/null +++ b/net/kamailio-5.x/patches/160-dialplan-fix_dp_replace_in_cmd_export_t_struct.patch @@ -0,0 +1,30 @@ +commit cbff35909edccffe778d04f3871d880195d82b7a +Author: Sebastian Kemper +Date: Fri Nov 2 10:10:38 2018 +0100 + + dialplan: fix dp_replace() in cmd_export_t struct + + In the struct 'int param_no' is set to '2'. But dp_replace() has actually three + parameters (dpid, inval, outvar), so kamailio's cfg parser fails when + dp_replace() is called: + + yyparse(): cfg. parser: failed to find command dp_replace (params 3) + yyerror_at(): parse error in config file /etc/kamailio/kamailio.cfg, line 366, column 45: unknown command, missing loadmodule? + + This commit fixes 'int param_no' to address this. + + Signed-off-by: Sebastian Kemper + +diff --git a/src/modules/dialplan/dialplan.c b/src/modules/dialplan/dialplan.c +index 39ba1ceef..a96b246b7 100644 +--- a/src/modules/dialplan/dialplan.c ++++ b/src/modules/dialplan/dialplan.c +@@ -115,7 +115,7 @@ static cmd_export_t cmds[]={ + ANY_ROUTE}, + {"dp_match",(cmd_function)w_dp_match, 2, fixup_igp_spve, + fixup_free_igp_spve, ANY_ROUTE}, +- {"dp_replace",(cmd_function)w_dp_replace, 2, dp_replace_fixup, ++ {"dp_replace",(cmd_function)w_dp_replace, 3, dp_replace_fixup, + dp_replace_fixup_free, ANY_ROUTE}, + {0,0,0,0,0,0} + };