Merge pull request #499 from micmac1/18.06-fs-up
[18.06] freeswitch-stable: minor bump + cherry picks
This commit is contained in:
micmac1
GitHub
commit
8ecbdabc7c
8 changed files with 123 additions and 91 deletions
|
|
@ -9,13 +9,13 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PRG_NAME:=freeswitch
|
||||
PKG_NAME:=$(PRG_NAME)-stable
|
||||
PKG_VERSION:=1.8.6
|
||||
PKG_RELEASE:=2
|
||||
PKG_VERSION:=1.8.7
|
||||
PKG_RELEASE:=1
|
||||
PKG_MAINTAINER:=Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
|
||||
PKG_SOURCE:=$(PRG_NAME)-$(PKG_VERSION).tar.xz
|
||||
PKG_SOURCE_URL:=https://files.$(PRG_NAME).org/releases/$(PRG_NAME)
|
||||
PKG_HASH:=b87f47e57d13de2b901bd1e4eb85491178e59a159a2831d7430abe7947f0d3a4
|
||||
PKG_HASH:=7d3cee32713db5f65e3d4703c6420038872d8f6efab8be4d58fbf66ffa993008
|
||||
|
||||
PKG_CPE_ID:=cpe:/a:freeswitch:freeswitch
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@
|
|||
AC_PATH_PROG([PKG_CONFIG], [pkg-config], [no])
|
||||
if test "$PKG_CONFIG" = "no" \
|
||||
|| test x"$enable_core_pgsql_pkgconfig" = x"no" \
|
||||
@@ -1613,13 +1589,7 @@ AC_CHECK_PROG(PERL,perl,[ac_cv_have_perl
|
||||
@@ -1614,13 +1590,7 @@ AC_CHECK_PROG(PERL,perl,[ac_cv_have_perl
|
||||
# -a "x$ac_cv_have_EXTERN_h" != "xno"
|
||||
|
||||
if test "x$ac_cv_have_perl" != "xno"; then
|
||||
|
|
@ -55,7 +55,7 @@
|
|||
|
||||
save_CFLAGS="$CFLAGS"
|
||||
CFLAGS="$PERL_CFLAGS"
|
||||
@@ -1714,24 +1684,12 @@ then
|
||||
@@ -1715,24 +1685,12 @@ then
|
||||
if test "$python_has_distutils" != "no" ; then
|
||||
AC_MSG_CHECKING([location of site-packages])
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
commit 70d1cbafe4ab0176cd9fc01f740e34cd1bae326b
|
||||
Author: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
Date: Wed Nov 13 20:29:50 2019 +0100
|
||||
|
||||
[gentls_cert] Update message digest
|
||||
|
||||
Debian Buster updated /etc/ssl/openssl.cnf to default to
|
||||
|
||||
MinProtocol = TLSv1.2
|
||||
CipherString = DEFAULT@SECLEVEL=2
|
||||
|
||||
gentls_cert currently uses SHA1 as message digest. According to OpenSSL
|
||||
documentation this only offers 80 bit of security. 80 bits is enough for
|
||||
security level 1, but not 2.
|
||||
|
||||
The OpenSSL default MD nowadays is SHA256. This commit updates
|
||||
gentls_cert to use it.
|
||||
|
||||
Issue was reported on the FS mailing list. The certificates created by
|
||||
gentls_cert caused "md too weak" errors and clients were unable to
|
||||
connect.
|
||||
|
||||
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
|
||||
diff --git a/scripts/gentls_cert.in b/scripts/gentls_cert.in
|
||||
index 43aa8ac605..dd56c9f6dc 100644
|
||||
--- a/scripts/gentls_cert.in
|
||||
+++ b/scripts/gentls_cert.in
|
||||
@@ -89,7 +89,7 @@ setup_ca() {
|
||||
|
||||
openssl req -out "${CONFDIR}/CA/cacert.pem" \
|
||||
-new -x509 -keyout "${CONFDIR}/CA/cakey.pem" \
|
||||
- -config "${TMPFILE}.cfg" -nodes -days ${DAYS} -sha1 >/dev/null || exit 1
|
||||
+ -config "${TMPFILE}.cfg" -nodes -days ${DAYS} -sha256 >/dev/null || exit 1
|
||||
cat "${CONFDIR}/CA/cacert.pem" > "${CONFDIR}/cafile.pem"
|
||||
cp $TMPFILE.cfg /tmp/ssl.cfg
|
||||
rm "${TMPFILE}.cfg"
|
||||
@@ -131,11 +131,11 @@ generate_cert() {
|
||||
|
||||
openssl req -new -out "${TMPFILE}.req" \
|
||||
-newkey rsa:${KEY_SIZE} -keyout "${TMPFILE}.key" \
|
||||
- -config "${TMPFILE}.cfg" -nodes -sha1 >/dev/null || exit 1
|
||||
+ -config "${TMPFILE}.cfg" -nodes -sha256 >/dev/null || exit 1
|
||||
|
||||
openssl x509 -req -CAkey "${CONFDIR}/CA/cakey.pem" -CA "${CONFDIR}/CA/cacert.pem" -CAcreateserial \
|
||||
-in "${TMPFILE}.req" -out "${TMPFILE}.crt" -extfile "${TMPFILE}.cfg" \
|
||||
- -extensions "${EXTENSIONS}" -days ${DAYS} -sha1 >/dev/null || exit 1
|
||||
+ -extensions "${EXTENSIONS}" -days ${DAYS} -sha256 >/dev/null || exit 1
|
||||
|
||||
cat "${TMPFILE}.crt" "${TMPFILE}.key" > "${CONFDIR}/${OUTFILE}"
|
||||
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
--- a/src/switch_console.c
|
||||
+++ b/src/switch_console.c
|
||||
@@ -1053,10 +1053,12 @@ static void *SWITCH_THREAD_FUNC console_
|
||||
@@ -1051,10 +1051,12 @@ static void *SWITCH_THREAD_FUNC console_
|
||||
while (running) {
|
||||
int32_t arg = 0;
|
||||
|
||||
|
|
|
|||
66
net/freeswitch-stable/patches/390-t38-reinvite-488-fix.patch
Normal file
66
net/freeswitch-stable/patches/390-t38-reinvite-488-fix.patch
Normal file
|
|
@ -0,0 +1,66 @@
|
|||
commit 167294ea2649afd0ffedf4520b0f308979c3ca2a
|
||||
Author: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
Date: Fri Oct 18 18:28:07 2019 +0200
|
||||
|
||||
[mod-sofia] Fix reINVITE after T38 is rejected
|
||||
|
||||
From FS-11833.
|
||||
|
||||
After FS sends a reINVITE to T38 which gets rejected by peer it is no
|
||||
longer in a state where it can properly answer a reINVITE which requests
|
||||
a change of the media setup.
|
||||
|
||||
1. FS sends INVITE (destination is a fax machine)
|
||||
2. Call connects with "8 101"
|
||||
3. FS sends reINVITE to T38
|
||||
4. T38 rejected (488)
|
||||
5. FS receives INVITE to "8"
|
||||
6. FS replies with 200 OK without SDP
|
||||
7. Call fails
|
||||
|
||||
The bug is related to TFLAG_SDP. This flag is set when a media session
|
||||
is established. And when there's a reINVITE sofia_glue_do_invite() from
|
||||
sofia_glue.c is called and clears the flag again:
|
||||
|
||||
sofia_clear_flag_locked(tech_pvt, TFLAG_SDP);
|
||||
|
||||
So when FS sends a reINVITE to T38 the flag gets cleared. But when the
|
||||
reINVITE is rejected with 488 the flag is not set again. It stays
|
||||
cleared. So the call continues with the previously negotiated media, fax
|
||||
passthrough (8 101 in this case), but TFLAG_SDP is not set.
|
||||
|
||||
So when FS receives a reINVITE at this point it doesn't see the need to
|
||||
renegotiate anything, even though it realizes that 2833 DTMF is now off:
|
||||
|
||||
2019-04-30 16:42:12.478025 [DEBUG] switch_core_media.c:5478 Audio Codec Compare [PCMA:8:8000:20:64000:1]/[PCMA:8:8000:20:64000:1]
|
||||
2019-04-30 16:42:12.478025 [DEBUG] switch_core_media.c:5533 Audio Codec Compare [PCMA:8:8000:20:64000:1] ++++ is saved as a match
|
||||
2019-04-30 16:42:12.478025 [DEBUG] switch_core_media.c:5802 No 2833 in SDP. Disable 2833 dtmf and switch to INFO
|
||||
|
||||
When FS doesn't send a reINVITE (fax_enable_t38_request=false) and the
|
||||
reINVITE to "8" is received, TFLAG_SDP is still set and then FS
|
||||
understands that it needs to renegotiate and replies with a 200 OK that
|
||||
includes SDP:
|
||||
|
||||
2019-04-30 16:41:19.358028 [DEBUG] switch_core_media.c:5478 Audio Codec Compare [PCMA:8:8000:20:64000:1]/[PCMA:8:8000:20:64000:1]
|
||||
2019-04-30 16:41:19.358028 [DEBUG] switch_core_media.c:5533 Audio Codec Compare [PCMA:8:8000:20:64000:1] ++++ is saved as a match
|
||||
2019-04-30 16:41:19.358028 [DEBUG] switch_core_media.c:5802 No 2833 in SDP. Disable 2833 dtmf and switch to INFO
|
||||
2019-04-30 16:41:19.358028 [DEBUG] sofia.c:8237 skemper was here in line 8232
|
||||
2019-04-30 16:41:19.358028 [DEBUG] switch_core_media.c:8390 skemper was here in line 8390.
|
||||
2019-04-30 16:41:19.358028 [DEBUG] switch_core_media.c:8496 Audio params are unchanged for sofia/external/+called_number.
|
||||
2019-04-30 16:41:19.358028 [DEBUG] sofia.c:8243 Processing updated SDP
|
||||
|
||||
This fixes the state problem after a rejected T38 reINVITE by setting
|
||||
TFLAG_SDP.
|
||||
|
||||
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
|
||||
--- a/src/mod/endpoints/mod_sofia/sofia.c
|
||||
+++ b/src/mod/endpoints/mod_sofia/sofia.c
|
||||
@@ -6501,6 +6501,7 @@ static void sofia_handle_sip_r_invite(sw
|
||||
switch_channel_clear_app_flag_key("T38", tech_pvt->channel, CF_APP_T38_REQ);
|
||||
switch_channel_set_app_flag_key("T38", tech_pvt->channel, CF_APP_T38_FAIL);
|
||||
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "%s T38 invite failed\n", switch_channel_get_name(tech_pvt->channel));
|
||||
+ sofia_set_flag(tech_pvt, TFLAG_SDP);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -1,32 +0,0 @@
|
|||
commit e114c6382e68824d4498f62562714860d20804e2
|
||||
Author: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
Date: Sun Apr 14 19:11:58 2019 +0200
|
||||
|
||||
FS-11783: [core] quiet gcc truncation warning
|
||||
|
||||
With -Wstringop-truncation gcc warns about calls to bounded string
|
||||
manipulation function "strncpy" that may either truncate the copied
|
||||
string or leave the destination unchanged. To avoid the warning when the
|
||||
result is not expected to be NUL-terminated, it is suggested to call
|
||||
"memcpy" instead.
|
||||
|
||||
src/switch_core_media.c: In function 'switch_core_media_patch_sdp':
|
||||
src/switch_core_media.c:11854:4: error: 'strncpy' output truncated before terminating nul copying 2 bytes from a string of the same length [-Werror=stringop-truncation]
|
||||
strncpy(q, strchr(a_engine->adv_sdp_ip, ':') ? "6 " : "4 ", 2);
|
||||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This commit follows gcc's recommendation.
|
||||
|
||||
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
|
||||
--- a/src/switch_core_media.c
|
||||
+++ b/src/switch_core_media.c
|
||||
@@ -11918,7 +11918,7 @@ SWITCH_DECLARE(void) switch_core_media_p
|
||||
strncpy(q, p, 7);
|
||||
p += 7;
|
||||
q += 7;
|
||||
- strncpy(q, strchr(a_engine->adv_sdp_ip, ':') ? "6 " : "4 ", 2);
|
||||
+ memcpy(q, strchr(a_engine->adv_sdp_ip, ':') ? "6 " : "4 ", 2);
|
||||
p +=2;
|
||||
q +=2;
|
||||
strncpy(q, a_engine->adv_sdp_ip, strlen(a_engine->adv_sdp_ip));
|
||||
|
|
@ -1,42 +0,0 @@
|
|||
commit 3ca75eb8efa4e50ebe083a269b75fcb1762daa91
|
||||
Author: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
Date: Sun Apr 14 19:23:41 2019 +0200
|
||||
|
||||
FS-11783: [mod_say_ja] quiet overflow warning
|
||||
|
||||
With -Wformat-overflow gcc warns about calls to formatted input/output
|
||||
function "sprintf" that might overflow the destination buffer.
|
||||
|
||||
In this case gcc does not know the upper bound of tm_min and assumes
|
||||
that up to 11 bytes might be written to buffer (3 bytes). But we know
|
||||
that tm_min can only be within the range 0 to 59.
|
||||
|
||||
mod_say_ja.c: In function 'ja_say_time':
|
||||
mod_say_ja.c:376:35: error: '%d' directive writing between 2 and 10 bytes into a region of size 3 [-Werror=format-overflow=]
|
||||
sprintf(buffer, "%d", tm.tm_min);
|
||||
^~
|
||||
mod_say_ja.c:376:34: note: directive argument in the range [11, 2147483647]
|
||||
sprintf(buffer, "%d", tm.tm_min);
|
||||
^~~~
|
||||
mod_say_ja.c:376:18: note: 'sprintf' output between 3 and 11 bytes into a destination of size 3
|
||||
sprintf(buffer, "%d", tm.tm_min);
|
||||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
This commits adds a hint for gcc, which silences the warning.
|
||||
|
||||
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
|
||||
|
||||
diff --git a/src/mod/say/mod_say_ja/mod_say_ja.c b/src/mod/say/mod_say_ja/mod_say_ja.c
|
||||
index 72c7c38131..d8e0692fd0 100644
|
||||
--- a/src/mod/say/mod_say_ja/mod_say_ja.c
|
||||
+++ b/src/mod/say/mod_say_ja/mod_say_ja.c
|
||||
@@ -367,7 +367,8 @@ static switch_status_t ja_say_time(switch_core_session_t *session, char *tosay,
|
||||
say_file("time/pm.wav");
|
||||
}
|
||||
say_file("time/hour-%d.wav", tm.tm_hour);
|
||||
- if (tm.tm_min > 10) {
|
||||
+ /* tm_min is always < 60 - this is just to silence gcc 8 warning */
|
||||
+ if (tm.tm_min > 10 && tm.tm_min < 60) {
|
||||
int temp;
|
||||
char tch[1+1];
|
||||
mod_min = tm.tm_min % 10;
|
||||
|
|
@ -1,11 +0,0 @@
|
|||
--- a/src/mod/event_handlers/mod_kazoo/kazoo_ei_utils.c
|
||||
+++ b/src/mod/event_handlers/mod_kazoo/kazoo_ei_utils.c
|
||||
@@ -519,7 +519,7 @@ switch_status_t create_acceptor() {
|
||||
char ipbuf[48];
|
||||
const char *ip_addr;
|
||||
|
||||
-#if ERLANG_MAJOR >= 10
|
||||
+#if (ERLANG_MAJOR == 10 && ERLANG_MINOR >= 3) || ERLANG_MAJOR >= 11
|
||||
ei_init();
|
||||
#endif
|
||||
|
||||
Loading…
Reference in a new issue