From 80d0fbd4054885222a82465965c59a7b18646e3f Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Thu, 14 May 2020 21:40:03 +0200 Subject: [PATCH 1/4] pjproject: add two patches from Asterisk 16.10.0 Signed-off-by: Sebastian Kemper --- libs/pjproject/Makefile | 2 +- ...-Add-callback-for-finding-valid-pair.patch | 84 +++++++++++++++++++ ...0040-brackets-in-via-received-params.patch | 40 +++++++++ 3 files changed, 125 insertions(+), 1 deletion(-) create mode 100644 libs/pjproject/patches/0040-ICE-Add-callback-for-finding-valid-pair.patch create mode 100644 libs/pjproject/patches/0040-brackets-in-via-received-params.patch diff --git a/libs/pjproject/Makefile b/libs/pjproject/Makefile index 8df3c80..d132727 100644 --- a/libs/pjproject/Makefile +++ b/libs/pjproject/Makefile @@ -11,7 +11,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pjproject PKG_VERSION:=2.9 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=pjproject-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://www.pjsip.org/release/$(PKG_VERSION) diff --git a/libs/pjproject/patches/0040-ICE-Add-callback-for-finding-valid-pair.patch b/libs/pjproject/patches/0040-ICE-Add-callback-for-finding-valid-pair.patch new file mode 100644 index 0000000..062e75e --- /dev/null +++ b/libs/pjproject/patches/0040-ICE-Add-callback-for-finding-valid-pair.patch @@ -0,0 +1,84 @@ +From 8b8199180766e3eab6014feaa64ccaedcdc12816 Mon Sep 17 00:00:00 2001 +From: Ben Ford +Date: Mon, 23 Dec 2019 11:11:13 -0600 +Subject: [PATCH] ICE: Add callback for finding valid pair. + +It's possible to start sending as soon as one valid pair is found during +ICE negotiation. The reason we would want to do this is because it is +possible for a delay to occur at the start of a call for up to 3 seconds +until ICE negotiation has actually completed. More information can be +found here: +https://bugs.chromium.org/p/chromium/issues/detail?id=1024096 + +This patch adds a callback once a valid pair is found that applications +can use to start sending to avoid this scenario. Since only one valid +pair is needed to start media, we only trigger the callback once. +--- + pjnath/include/pjnath/ice_session.h | 9 +++++++++ + pjnath/src/pjnath/ice_session.c | 16 ++++++++++++++++ + 2 files changed, 25 insertions(+) + +diff --git a/pjnath/include/pjnath/ice_session.h b/pjnath/include/pjnath/ice_session.h +index 15f0d04..8971220 100644 +--- a/pjnath/include/pjnath/ice_session.h ++++ b/pjnath/include/pjnath/ice_session.h +@@ -468,6 +468,14 @@ typedef struct pj_ice_sess_cb + { + /** + * An optional callback that will be called by the ICE session when ++ * a valid pair has been found during ICE negotiation. ++ * ++ * @param ice The ICE session. ++ */ ++ void (*on_valid_pair)(pj_ice_sess *ice); ++ ++ /** ++ * An optional callback that will be called by the ICE session when + * ICE negotiation has completed, successfully or with failure. + * + * @param ice The ICE session. +@@ -625,6 +633,7 @@ struct pj_ice_sess + pj_bool_t is_nominating; /**< Nominating stage */ + pj_bool_t is_complete; /**< Complete? */ + pj_bool_t is_destroying; /**< Destroy is called */ ++ pj_bool_t valid_pair_found; /**< First pair found */ + pj_status_t ice_status; /**< Error status. */ + pj_timer_entry timer; /**< ICE timer. */ + pj_ice_sess_cb cb; /**< Callback. */ +diff --git a/pjnath/src/pjnath/ice_session.c b/pjnath/src/pjnath/ice_session.c +index c51dba7..ed4138a 100644 +--- a/pjnath/src/pjnath/ice_session.c ++++ b/pjnath/src/pjnath/ice_session.c +@@ -418,6 +418,8 @@ PJ_DEF(pj_status_t) pj_ice_sess_create(pj_stun_config *stun_cfg, + + pj_list_init(&ice->early_check); + ++ ice->valid_pair_found = PJ_FALSE; ++ + /* Done */ + *p_ice = ice; + +@@ -1348,6 +1350,20 @@ static pj_bool_t on_check_complete(pj_ice_sess *ice, + GET_CHECK_ID(&ice->clist, check), + (check->nominated ? " and nominated" : ""))); + ++ { ++ /* On the first valid pair, we call the callback, if present */ ++ if (ice->valid_pair_found == PJ_FALSE) { ++ void (*on_valid_pair)(pj_ice_sess *ice); ++ ++ ice->valid_pair_found = PJ_TRUE; ++ on_valid_pair = ice->cb.on_valid_pair; ++ ++ if (on_valid_pair) { ++ (*on_valid_pair)(ice); ++ } ++ } ++ } ++ + } + + /* 8.2. Updating States +-- +2.7.4 + diff --git a/libs/pjproject/patches/0040-brackets-in-via-received-params.patch b/libs/pjproject/patches/0040-brackets-in-via-received-params.patch new file mode 100644 index 0000000..bf96d3d --- /dev/null +++ b/libs/pjproject/patches/0040-brackets-in-via-received-params.patch @@ -0,0 +1,40 @@ +From 6324760c2fb0ffeb2e29c6c0a96a33906caa8d5f Mon Sep 17 00:00:00 2001 +From: Sean Bright +Date: Thu, 16 Jan 2020 10:46:11 -0500 +Subject: [PATCH] sip_parser.c: Allow brackets in via parameters + +From RFC 5118 section 4.5: + + While it would be beneficial if the same non-terminal + ("IPv6reference") was used for both the "sent-by" and "via-received" + production rules, there has not been a consensus in the working group + to that effect. Thus, the best that can be suggested is that + implementations must follow the Robustness Principle [RFC1122] and be + liberal in accepting a "received" parameter with or without the + delimiting "[" and "]" tokens. When sending a request, + implementations must not put the delimiting "[" and "]" tokens. +--- + pjsip/src/pjsip/sip_parser.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/pjsip/src/pjsip/sip_parser.c b/pjsip/src/pjsip/sip_parser.c +index e01e672fb..4f9c7fca4 100644 +--- a/pjsip/src/pjsip/sip_parser.c ++++ b/pjsip/src/pjsip/sip_parser.c +@@ -384,11 +384,11 @@ static pj_status_t init_parser() + + status = pj_cis_dup(&pconst.pjsip_VIA_PARAM_SPEC, &pconst.pjsip_TOKEN_SPEC); + PJ_ASSERT_RETURN(status == PJ_SUCCESS, status); +- pj_cis_add_str(&pconst.pjsip_VIA_PARAM_SPEC, ":"); ++ pj_cis_add_str(&pconst.pjsip_VIA_PARAM_SPEC, "[:]"); + + status = pj_cis_dup(&pconst.pjsip_VIA_PARAM_SPEC_ESC, &pconst.pjsip_TOKEN_SPEC_ESC); + PJ_ASSERT_RETURN(status == PJ_SUCCESS, status); +- pj_cis_add_str(&pconst.pjsip_VIA_PARAM_SPEC_ESC, ":"); ++ pj_cis_add_str(&pconst.pjsip_VIA_PARAM_SPEC_ESC, "[:]"); + + status = pj_cis_dup(&pconst.pjsip_HOST_SPEC, &pconst.pjsip_ALNUM_SPEC); + PJ_ASSERT_RETURN(status == PJ_SUCCESS, status); +-- +2.20.1 + From 54d0fb32eb6ec1e726421fd5a92279820749c2c5 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Thu, 14 May 2020 21:46:29 +0200 Subject: [PATCH 2/4] asterisk-16.x: bump to 16.10.0 Patches refreshed, no longer needed patches are dropped. This adds directory "/usr/share/asterisk/firmware/iax" to silence a run-time warning. Signed-off-by: Sebastian Kemper --- net/asterisk-16.x/Makefile | 9 ++- ...semaphores-on-uclibc-otherwise-allow.patch | 2 +- ...tection-of-re-entrant-resolver-funct.patch | 2 +- .../patches/056-fix-check_expr2-build.patch | 19 ----- .../patches/100-build-reproducibly.patch | 2 +- net/asterisk-16.x/patches/130-eventfd.patch | 2 +- .../patches/AST-2019-006-16.diff | 73 ------------------- .../patches/AST-2019-007-16.diff | 46 ------------ 8 files changed, 9 insertions(+), 146 deletions(-) delete mode 100644 net/asterisk-16.x/patches/056-fix-check_expr2-build.patch delete mode 100644 net/asterisk-16.x/patches/AST-2019-006-16.diff delete mode 100644 net/asterisk-16.x/patches/AST-2019-007-16.diff diff --git a/net/asterisk-16.x/Makefile b/net/asterisk-16.x/Makefile index 6c1d2cb..062eee8 100644 --- a/net/asterisk-16.x/Makefile +++ b/net/asterisk-16.x/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk AST_MAJOR_VERSION:=16 PKG_NAME:=asterisk$(AST_MAJOR_VERSION) -PKG_VERSION:=$(AST_MAJOR_VERSION).6.1 -PKG_RELEASE:=4 +PKG_VERSION:=$(AST_MAJOR_VERSION).10.0 +PKG_RELEASE:=1 PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases -PKG_HASH:=9a028b4e3e608c1b8325671a249183adc00e1b29a95d82cb5e6fb35980aef053 +PKG_HASH:=8733f137b4b4e01d90bb796fa41d992e656b4cf1c28d2d7e81863a6839975702 PKG_BUILD_DIR:=$(BUILD_DIR)/asterisk-$(PKG_VERSION) PKG_BUILD_DEPENDS:=libxml2/host @@ -496,9 +496,10 @@ $(call Package/$(PKG_NAME)/install/sbin,$(1),safe_asterisk) $(call Package/$(PKG_NAME)/install/sbin,$(1),astgenkey) $(foreach m,$(AST_CFG_FILES),$(call Package/$(PKG_NAME)/install/conffile,$(1),$(m));) $(foreach m,$(AST_EMB_MODULES),$(call Package/$(PKG_NAME)/install/module,$(1),$(m));) - $(INSTALL_DIR) $(1)/usr/share/asterisk/sounds/ $(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_DIR) $(1)/usr/share/asterisk/firmware/iax + $(INSTALL_DIR) $(1)/usr/share/asterisk/sounds $(INSTALL_BIN) ./files/asterisk.init $(1)/etc/init.d/asterisk $(INSTALL_CONF) ./files/asterisk.conf $(1)/etc/config/asterisk endef diff --git a/net/asterisk-16.x/patches/001-disable-semaphores-on-uclibc-otherwise-allow.patch b/net/asterisk-16.x/patches/001-disable-semaphores-on-uclibc-otherwise-allow.patch index c295cc6..e8c5a2b 100644 --- a/net/asterisk-16.x/patches/001-disable-semaphores-on-uclibc-otherwise-allow.patch +++ b/net/asterisk-16.x/patches/001-disable-semaphores-on-uclibc-otherwise-allow.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -1033,15 +1033,18 @@ AC_LINK_IFELSE( +@@ -1031,15 +1031,18 @@ AC_LINK_IFELSE( # Some platforms define sem_init(), but only support sem_open(). joyous. AC_MSG_CHECKING(for working unnamed semaphores) diff --git a/net/asterisk-16.x/patches/002-configure-fix-detection-of-re-entrant-resolver-funct.patch b/net/asterisk-16.x/patches/002-configure-fix-detection-of-re-entrant-resolver-funct.patch index c7b91e7..c9e2cae 100644 --- a/net/asterisk-16.x/patches/002-configure-fix-detection-of-re-entrant-resolver-funct.patch +++ b/net/asterisk-16.x/patches/002-configure-fix-detection-of-re-entrant-resolver-funct.patch @@ -18,7 +18,7 @@ Signed-off-by: Bernd Kuhls --- a/configure.ac +++ b/configure.ac -@@ -1427,7 +1427,11 @@ AC_LINK_IFELSE( +@@ -1425,7 +1425,11 @@ AC_LINK_IFELSE( #include #endif #include ], diff --git a/net/asterisk-16.x/patches/056-fix-check_expr2-build.patch b/net/asterisk-16.x/patches/056-fix-check_expr2-build.patch deleted file mode 100644 index dca0193..0000000 --- a/net/asterisk-16.x/patches/056-fix-check_expr2-build.patch +++ /dev/null @@ -1,19 +0,0 @@ ---- a/utils/Makefile -+++ b/utils/Makefile -@@ -180,14 +180,13 @@ conf2ael: conf2ael.o ast_expr2f.o ast_ex - - check_expr2: $(ASTTOPDIR)/main/ast_expr2f.c $(ASTTOPDIR)/main/ast_expr2.c $(ASTTOPDIR)/main/ast_expr2.h astmm.o - $(ECHO_PREFIX) echo " [CC] ast_expr2f.c -> ast_expr2fz.o" -- $(CC) -g -c -I$(ASTTOPDIR)/include -DSTANDALONE $(ASTTOPDIR)/main/ast_expr2f.c -o ast_expr2fz.o -+ $(CC) -g -c -I$(ASTTOPDIR)/include $(_ASTCFLAGS) $(ASTTOPDIR)/main/ast_expr2f.c -o ast_expr2fz.o - $(ECHO_PREFIX) echo " [CC] ast_expr2.c -> ast_expr2z.o" -- $(CC) -g -c -I$(ASTTOPDIR)/include -DSTANDALONE2 $(ASTTOPDIR)/main/ast_expr2.c -o ast_expr2z.o -+ $(CC) -g -c -I$(ASTTOPDIR)/include $(_ASTCFLAGS) -DSTANDALONE2 $(ASTTOPDIR)/main/ast_expr2.c -o ast_expr2z.o - $(ECHO_PREFIX) echo " [LD] ast_expr2fz.o ast_expr2z.o -> check_expr2" - $(CC) -g -o check_expr2 ast_expr2fz.o ast_expr2z.o astmm.o -lm $(_ASTLDFLAGS) - $(ECHO_PREFIX) echo " [RM] ast_expr2fz.o ast_expr2z.o" - rm ast_expr2z.o ast_expr2fz.o -- ./check_expr2 expr2.testinput - - smsq: smsq.o strcompat.o - smsq: LIBS+=$(POPT_LIB) diff --git a/net/asterisk-16.x/patches/100-build-reproducibly.patch b/net/asterisk-16.x/patches/100-build-reproducibly.patch index e7116ff..736fd5d 100644 --- a/net/asterisk-16.x/patches/100-build-reproducibly.patch +++ b/net/asterisk-16.x/patches/100-build-reproducibly.patch @@ -17,7 +17,7 @@ * build.h --- a/Makefile +++ b/Makefile -@@ -484,7 +484,7 @@ doc/core-en_US.xml: makeopts .lastclean +@@ -488,7 +488,7 @@ doc/core-en_US.xml: makeopts .lastclean @echo "" >> $@ @for x in $(MOD_SUBDIRS); do \ printf "$$x " ; \ diff --git a/net/asterisk-16.x/patches/130-eventfd.patch b/net/asterisk-16.x/patches/130-eventfd.patch index de4441b..7746715 100644 --- a/net/asterisk-16.x/patches/130-eventfd.patch +++ b/net/asterisk-16.x/patches/130-eventfd.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -1206,7 +1206,7 @@ if test "${ac_cv_have_variable_fdset}x" +@@ -1204,7 +1204,7 @@ if test "${ac_cv_have_variable_fdset}x" fi AC_MSG_CHECKING([if we have usable eventfd support]) diff --git a/net/asterisk-16.x/patches/AST-2019-006-16.diff b/net/asterisk-16.x/patches/AST-2019-006-16.diff deleted file mode 100644 index 1f589b2..0000000 --- a/net/asterisk-16.x/patches/AST-2019-006-16.diff +++ /dev/null @@ -1,73 +0,0 @@ -From 8cdaa93e658a46e7baf6b606468b5e2c88a0133b Mon Sep 17 00:00:00 2001 -From: Ben Ford -Date: Mon, 21 Oct 2019 14:55:06 -0500 -Subject: [PATCH] chan_sip.c: Prevent address change on unauthenticated SIP request. - -If the name of a peer is known and a SIP request is sent using that -peer's name, the address of the peer will change even if the request -fails the authentication challenge. This means that an endpoint can -be altered and even rendered unusuable, even if it was in a working -state previously. This can only occur when the nat option is set to the -default, or auto_force_rport. - -This change checks the result of authentication first to ensure it is -successful before setting the address and the nat option. - -ASTERISK-28589 #close - -Change-Id: I581c5ed1da60ca89f590bd70872de2b660de02df ---- - -diff --git a/channels/chan_sip.c b/channels/chan_sip.c -index 6ac2e61..4d79a47 100644 ---- a/channels/chan_sip.c -+++ b/channels/chan_sip.c -@@ -19245,18 +19245,6 @@ - bogus_peer = NULL; - } - -- /* build_peer, called through sip_find_peer, is not able to check the -- * sip_pvt->natdetected flag in order to determine if the peer is behind -- * NAT or not when SIP_PAGE3_NAT_AUTO_RPORT or SIP_PAGE3_NAT_AUTO_COMEDIA -- * are set on the peer. So we check for that here and set the peer's -- * address accordingly. -- */ -- set_peer_nat(p, peer); -- -- if (p->natdetected && ast_test_flag(&peer->flags[2], SIP_PAGE3_NAT_AUTO_RPORT)) { -- ast_sockaddr_copy(&peer->addr, &p->recv); -- } -- - if (!ast_apply_acl(peer->acl, addr, "SIP Peer ACL: ")) { - ast_debug(2, "Found peer '%s' for '%s', but fails host access\n", peer->name, of); - sip_unref_peer(peer, "sip_unref_peer: check_peer_ok: from sip_find_peer call, early return of AUTH_ACL_FAILED"); -@@ -19325,6 +19313,21 @@ - ast_string_field_set(p, peermd5secret, NULL); - } - if (!(res = check_auth(p, req, peer->name, p->peersecret, p->peermd5secret, sipmethod, uri2, reliable))) { -+ -+ /* build_peer, called through sip_find_peer, is not able to check the -+ * sip_pvt->natdetected flag in order to determine if the peer is behind -+ * NAT or not when SIP_PAGE3_NAT_AUTO_RPORT or SIP_PAGE3_NAT_AUTO_COMEDIA -+ * are set on the peer. So we check for that here and set the peer's -+ * address accordingly. The address should ONLY be set once we are sure -+ * authentication was a success. If, for example, an INVITE was sent that -+ * matched the peer name but failed the authentication check, the address -+ * would be updated, which is bad. -+ */ -+ set_peer_nat(p, peer); -+ if (p->natdetected && ast_test_flag(&peer->flags[2], SIP_PAGE3_NAT_AUTO_RPORT)) { -+ ast_sockaddr_copy(&peer->addr, &p->recv); -+ } -+ - /* If we have a call limit, set flag */ - if (peer->call_limit) - ast_set_flag(&p->flags[0], SIP_CALL_LIMIT); -@@ -19424,6 +19427,7 @@ - } - } - sip_unref_peer(peer, "check_peer_ok: sip_unref_peer: tossing temp ptr to peer from sip_find_peer"); -+ - return res; - } - diff --git a/net/asterisk-16.x/patches/AST-2019-007-16.diff b/net/asterisk-16.x/patches/AST-2019-007-16.diff deleted file mode 100644 index 0f187c1..0000000 --- a/net/asterisk-16.x/patches/AST-2019-007-16.diff +++ /dev/null @@ -1,46 +0,0 @@ -From 7574be5110e049a44b8c8ead52cd1c2a5d442afa Mon Sep 17 00:00:00 2001 -From: George Joseph -Date: Thu, 24 Oct 2019 11:41:23 -0600 -Subject: [PATCH] manager.c: Prevent the Originate action from running the Originate app - -If an AMI user without the "system" authorization calls the -Originate AMI command with the Originate application, -the second Originate could run the "System" command. - -Action: Originate -Channel: Local/1111 -Application: Originate -Data: Local/2222,app,System,touch /tmp/owned - -If the "system" authorization isn't set, we now block the -Originate app as well as the System, Exec, etc. apps. - -ASTERISK-28580 -Reported by: Eliel SardaƱons - -Change-Id: Ic4c9dedc34c426f03c8c14fce334a71386d8a5fa ---- - -diff --git a/doc/UPGRADE-staging/AMI-Originate.txt b/doc/UPGRADE-staging/AMI-Originate.txt -new file mode 100644 -index 0000000..f2d3133 ---- /dev/null -+++ b/doc/UPGRADE-staging/AMI-Originate.txt -@@ -0,0 +1,5 @@ -+Subject: AMI -+ -+The AMI Originate action, which optionally takes a dialplan application as -+an argument, no longer accepts "Originate" as the application due to -+security concerns. -diff --git a/main/manager.c b/main/manager.c -index f138801..1963151 100644 ---- a/main/manager.c -+++ b/main/manager.c -@@ -5744,6 +5744,7 @@ - EAGI(/bin/rm,-rf /) */ - strcasestr(app, "mixmonitor") || /* MixMonitor(blah,,rm -rf) */ - strcasestr(app, "externalivr") || /* ExternalIVR(rm -rf) */ -+ strcasestr(app, "originate") || /* Originate(Local/1234,app,System,rm -rf) */ - (strstr(appdata, "SHELL") && (bad_appdata = 1)) || /* NoOp(${SHELL(rm -rf /)}) */ - (strstr(appdata, "EVAL") && (bad_appdata = 1)) /* NoOp(${EVAL(${some_var_containing_SHELL})}) */ - )) { From e44fb87cc713beb4a9359215dd1e9487ccc3c189 Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Thu, 14 May 2020 21:56:50 +0200 Subject: [PATCH 3/4] asterisk-16.x: update init and configuration This commit changes handling of configuration and init a bit: 1. Asterisk configuration files are installed with $(INSTALL_DATA). This way there is no need to chown /etc/asterisk to user asterisk. The package provides the standard asterisk configuration (no secrets) so it's OK to install it readable for all. If users put something sensitive in there they can update permissions how they like. 2. The init script no longer creates directories that the users can configure in /etc/config/asterisk, which could be all kinds of strange directories. Instead only the default directories are created, and only the ones that reside on volatile memory. The other directories are now created by the package itself. 3. This commit removes the ability to choose a user/group via /etc/config/asterisk. This makes the init script simpler. If anybody wants to play around with the user/group, then it's up to them to fix the permissions. 4. "local" is removed because it's not POSIX. 5. From issue #520 we know that adding the user to the dialout group does not help with the device permissions for chan_lantiq. This removes it again. Signed-off-by: Sebastian Kemper --- net/asterisk-16.x/Makefile | 6 +- net/asterisk-16.x/files/asterisk.conf | 30 +++---- net/asterisk-16.x/files/asterisk.init | 111 +++++--------------------- 3 files changed, 36 insertions(+), 111 deletions(-) diff --git a/net/asterisk-16.x/Makefile b/net/asterisk-16.x/Makefile index 062eee8..1d72cf7 100644 --- a/net/asterisk-16.x/Makefile +++ b/net/asterisk-16.x/Makefile @@ -334,7 +334,7 @@ endef define Package/$(PKG_NAME)/install/conffile $(INSTALL_DIR) $(1)/etc/asterisk - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/asterisk/$(2) $(1)/etc/asterisk/ + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/asterisk/$(2) $(1)/etc/asterisk/ endef define Package/$(PKG_NAME)/install/lib @@ -354,7 +354,7 @@ endef define Package/$(PKG_NAME)/install/util-conffile $(INSTALL_DIR) $(1)/etc - $(INSTALL_CONF) $(PKG_INSTALL_DIR)/etc/asterisk/$(2) $(1)/etc + $(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/asterisk/$(2) $(1)/etc endef define Package/$(PKG_NAME)/config @@ -498,7 +498,9 @@ $(foreach m,$(AST_CFG_FILES),$(call Package/$(PKG_NAME)/install/conffile,$(1),$( $(foreach m,$(AST_EMB_MODULES),$(call Package/$(PKG_NAME)/install/module,$(1),$(m));) $(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/init.d + $(INSTALL_DIR) $(1)/usr/share/asterisk/agi-bin $(INSTALL_DIR) $(1)/usr/share/asterisk/firmware/iax + $(INSTALL_DIR) $(1)/usr/share/asterisk/keys $(INSTALL_DIR) $(1)/usr/share/asterisk/sounds $(INSTALL_BIN) ./files/asterisk.init $(1)/etc/init.d/asterisk $(INSTALL_CONF) ./files/asterisk.conf $(1)/etc/config/asterisk diff --git a/net/asterisk-16.x/files/asterisk.conf b/net/asterisk-16.x/files/asterisk.conf index 3c05e0a..f175df8 100644 --- a/net/asterisk-16.x/files/asterisk.conf +++ b/net/asterisk-16.x/files/asterisk.conf @@ -1,26 +1,16 @@ +# The init script will create below default directories automatically. +# In case you change these paths in your Asterisk configuration, make +# sure that your directories exist and have the appropriate permissions +# (Asterisk will use the user "asterisk", not root). + +# dbdir => '/var/lib/asterisk/astdb' +# logdir => '/var/log/asterisk' +# rundir => '/var/run/asterisk' +# spooldir => '/var/spool/asterisk' +# varlibdir => '/var/lib/asterisk' config asterisk 'general' option enabled '0' - # If you have problems running Asterisk as user "asterisk" we'd - # like to hear from you. Please raise an issue at: - # https://github.com/openwrt/telephony/issues - option user 'asterisk' - option group 'asterisk' option log_stderr '1' option log_stdout '1' option options '' - -config asterisk 'directories' - # The init script will only create below directories and update - # their permissions if they don't exist. - # Note: To change the default paths you need to update your - # "asterisk.conf" file. - option agidir '/usr/share/asterisk/agi-bin' - option datadir '/usr/share/asterisk' - option dbdir '/var/lib/asterisk/astdb' - option keydir '/usr/share/asterisk/keys' - option logdir '/var/log/asterisk' - option rundir '/var/run/asterisk' - option spooldir '/var/spool/asterisk' - option varlibdir '/var/lib/asterisk' - diff --git a/net/asterisk-16.x/files/asterisk.init b/net/asterisk-16.x/files/asterisk.init index fd83948..256a3cf 100644 --- a/net/asterisk-16.x/files/asterisk.init +++ b/net/asterisk-16.x/files/asterisk.init @@ -13,25 +13,13 @@ COMMAND=/usr/sbin/$NAME LOGGER="/usr/bin/logger -p user.err -s -t $NAME --" start_service() { - local enabled - local user - local group - - local log_stderr - local log_stdout - - local agidir - local cdrcsvdir - local datadir - local dbdir - local keydir - local logdir - local rundir - local spooldir - local varlibdir - - local options + dbdir=/var/lib/asterisk/astdb + logdir=/var/log/asterisk + cdrcsvdir=$logdir/cdr-csv + rundir=/var/run/asterisk + spooldir=/var/spool/asterisk + varlibdir=/var/lib/asterisk config_load $NAME @@ -41,85 +29,30 @@ start_service() { exit 1 fi - config_get user general user $NAME - config_get group general group $NAME - - user_exists "$user" || { - $LOGGER user \""$user"\" does not exist - exit 1 - } - group_exists "$group" || { - $LOGGER group \""$group"\" does not exist - exit 1 - } - - if [ "$user" = $NAME ]; then - if ! id -nG $NAME | grep -qwF dialout; then - group_exists dialout && group_add_user dialout $NAME - fi - fi - config_get_bool log_stderr general log_stderr 1 config_get_bool log_stdout general log_stdout 1 - config_get agidir directories agidir /usr/share/$NAME/agi-bin - config_get datadir directories datadir /usr/share/$NAME - config_get dbdir directories dbdir /var/lib/$NAME/astdb - config_get keydir directories keydir /usr/share/$NAME/keys - config_get logdir directories logdir /var/log/$NAME - config_get rundir directories rundir /var/run/$NAME - config_get spooldir directories spooldir /var/spool/$NAME - config_get varlibdir directories varlibdir /var/lib/$NAME - config_get options general options - cdrcsvdir="${logdir}/cdr-csv" - - # do not touch directories that already exist - # posix shell does not support arrays, hence using awk - awk \ - -v user="$user" \ - -v group="$group" \ - -v a="$agidir" \ - -v b="$cdrcsvdir" \ - -v c="$datadir" \ - -v d="$dbdir" \ - -v e="$keydir" \ - -v f="$logdir" \ - -v g="$rundir" \ - -v h="$spooldir" \ - -v i="$varlibdir" \ - ' - BEGIN { - dir[0]=a - dir[1]=b - dir[2]=c - dir[3]=d - dir[4]=e - dir[5]=f - dir[6]=g - dir[7]=h - dir[8]=i - for (x in dir) { - if (system("test ! -e \"" dir[x] "\"" )) { - delete dir[x] - } - } - for (x in dir) { - system("mkdir -p \"" dir[x] "\"" ) - system("chmod 750 \"" dir[x] "\"" ) - system("chown \"" user "\":\"" group "\" \"" dir[x] "\"" ) - } - } - ' - - chown -R "$user":"$group" /etc/$NAME + for i in \ + "$logdir" \ + "$cdrcsvdir" \ + "$rundir" \ + "$spooldir" \ + "$varlibdir" \ + "$dbdir" + do + if ! [ -e "$i" ]; then + mkdir -m 0750 -p "$i" + [ -d "$i" ] && chown $NAME:$NAME "$i" + fi + done procd_open_instance procd_set_param command $COMMAND procd_append_param command \ - -G "$group" \ - -U "$user" \ + -G "$NAME" \ + -U "$NAME" \ $options \ -f # forward stderr to logd @@ -127,5 +60,5 @@ start_service() { # same for stdout procd_set_param stdout $log_stdout procd_close_instance -} +} From 985365c3f2c10a9d2f8917faeb241a7106e3183c Mon Sep 17 00:00:00 2001 From: Sebastian Kemper Date: Sat, 16 May 2020 20:55:27 +0200 Subject: [PATCH 4/4] asterisk-16.x: sort out lua detection We have both liblua and liblua5.3 in $(STAGING_DIR)/usr. But the headers for liblua5.3 are in (STAGING_DIR)/usr/include/lua5.3. The way things are now, Asterisk uses the headers from liblua and links against liblua5.3. The easiest way out of this is to turn off the lua detection that is based on version numbers. The next detection looks for a version-less lua, which works fine. Signed-off-by: Sebastian Kemper --- net/asterisk-16.x/Makefile | 2 +- .../patches/140-use-default-lua.patch | 15 +++++++++++++++ 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 net/asterisk-16.x/patches/140-use-default-lua.patch diff --git a/net/asterisk-16.x/Makefile b/net/asterisk-16.x/Makefile index 1d72cf7..4b139eb 100644 --- a/net/asterisk-16.x/Makefile +++ b/net/asterisk-16.x/Makefile @@ -923,7 +923,7 @@ $(eval $(call BuildAsteriskModule,odbc,ODBC,ODBC support.,+libpthread +libc +uni $(eval $(call BuildAsteriskModule,pbx-ael,Asterisk Extension Logic,Asterisk Extension Language compiler.,+$(PKG_NAME)-res-ael-share,extensions.ael,pbx_ael,,)) $(eval $(call BuildAsteriskModule,pbx-dundi,Dundi,Distributed Universal Number Discovery.,,dundi.conf,pbx_dundi,,)) $(eval $(call BuildAsteriskModule,pbx-loopback,Loopback switch,Loopback switch.,,,pbx_loopback,,)) -$(eval $(call BuildAsteriskModule,pbx-lua,Lua,Lua PBX switch.,+liblua5.3,extensions.lua,pbx_lua,,)) +$(eval $(call BuildAsteriskModule,pbx-lua,Lua,Lua PBX switch.,+liblua,extensions.lua,pbx_lua,,)) $(eval $(call BuildAsteriskModule,pbx-realtime,Realtime Switch,Realtime switch.,,,pbx_realtime,,)) $(eval $(call BuildAsteriskModule,pbx-spool,Call Spool,Outgoing spool support.,,,pbx_spool,,)) $(eval $(call BuildAsteriskModule,pgsql,PostgreSQL,PostgreSQL support.,+libpq,cel_pgsql.conf cdr_pgsql.conf res_pgsql.conf,cel_pgsql cdr_pgsql res_config_pgsql,,)) diff --git a/net/asterisk-16.x/patches/140-use-default-lua.patch b/net/asterisk-16.x/patches/140-use-default-lua.patch new file mode 100644 index 0000000..c2ea912 --- /dev/null +++ b/net/asterisk-16.x/patches/140-use-default-lua.patch @@ -0,0 +1,15 @@ +--- a/configure.ac ++++ b/configure.ac +@@ -2556,7 +2556,11 @@ if test -z "$__opus_include" -o x"$__opu + fi + AST_EXT_LIB_CHECK([OPUSFILE], [opusfile], [op_open_callbacks], [opus/opusfile.h], [], [$__opus_include]) + +-for ver in 5.3 5.2 5.1; do ++# This does not work for us. We have both liblua and liblua5.3 in ++# $(STAGING_DIR)/usr. But the headers for liblua5.3 are in ++# (STAGING_DIR)/usr/include/lua5.3. Using the below, Asterisk would ++# use the headers from liblua and link against liblua5.3 :/ ++for ver in ; do + AST_EXT_LIB_CHECK([LUA], lua${ver}, [luaL_newstate], lua${ver}/lua.h, [-lm]) + if test "x${PBX_LUA}" = "x1" ; then + if test x"${LUA_DIR}" = x; then