- added trailing '--' to logger to make it foolproof
- the script now checks if user and group exist
- directory creation is now done via awk script (more robust)
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The current patch disables semaphore use always. But musl and glibc
support semaphores. Only uClibc doesn't support them (the functions are
defined but just throw an error when called).
The patch is updated to allow Asterisk to use the system semaphores when
using anything but uClibc. It is also renamed to reflect that.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The current module descriptions look a bit topsy-turvy.
This updates the BuildAsteriskModule macro to simply take any sentence
(without trying to integrate the input into another string). If the
input contains '\n' a line break is inserted.
The module descriptions were updated from menuselect-tree.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Initial commit of Asterisk 16. Cleans up Makefile; the version number
now only occurs once in it.
Upstream removed the following modules:
- format_jpeg
- res_pjsip_registrar_expire (functionality was moved into
res_pjsip_registrar.)
pjsip has a new dependency, res-http-websocket.
Notes:
- replaced res_ninit patch
Replaced patch with the one from Alpine. It's a bit more flexible and
allows usage of res_ninit where available (when building against
glibc).
- fixed musl compiles
astmm.h now always gets included by asterisk.h, redefining allocators.
This causes breakage on musl:
ccache_cc -o chan_pjsip.o -c chan_pjsip.c -MD -MT chan_pjsip.o -MF .chan_pjsip.o.d -MP -pthread -I/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include -Os -pipe -mno-branch-likely -mips32r2 -mtune=24kc -fno-caller-saves -fno-plt -fhonour-copts -Wno-error=unused-but-set-variable -Wno-error=unused-result -msoft-float -mips16 -minterlink-mips16 -iremap/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1:asterisk-16.2.1 -Wformat -Werror=format-security -fstack-protector -D_FORTIFY_SOURCE=1 -Wl,-z,now -Wl,-z,relro -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/include -I/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-7.4.0_musl/usr/include -I/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-7.4.0_musl/include/fortify -I/home/sk/tmp/openwrt/staging_dir/toolchain-mips_24kc_gcc-7.4.0_musl/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libiconv-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/lib/libintl-stub/include -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/include/libxml2 -Wall -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -fPIC -DAST_MODULE=\"chan_pjsip\" -DAST_MODULE_SELF_SYM=__internal_chan_pjsip_self -DPJ_AUTOCONF=1 -DPJ_IS_BIG_ENDIAN=1 -DPJ_IS_LITTLE_ENDIAN=0 -fPIC -I/home/sk/tmp/openwrt/staging_dir/target-mips_24kc_musl/usr/include
In file included from /home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include/asterisk.h:23:0,
from chan_pjsip.c:35:
/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include/asterisk/astmm.h:158:35: error: expected '=', ',', ';', 'asm' or '__attribute__' before '->' token
Do_not_use_calloc__use_ast_calloc->fail(a, b)
^
/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/include/asterisk/astmm.h:162:77: error: expected '=', ',', ';', 'asm' or '__attribute__' before '->' token
Do_not_use_free__use_ast_free_or_ast_std_free_for_remotely_allocated_memory->fail(a)
^
make[4]: *** [/home/sk/tmp/openwrt/build_dir/target-mips_24kc_musl/asterisk-16.2.1/Makefile.rules:153: chan_pjsip.o] Error 1
The problem is that with _GNU_SOURCE defined musl also declares calloc in
<sched.h> - and when asterisk's source includes <sched.h> _after_
"asterisk/astmm.h" the definition clashes with the macro. Timo Teräs from
Alpine Linux fixed this by including <pthread.h> in "asterisk/compat.h". He
chose to include <pthread.h> instead of <sched.h> because the original
header inclusion chain seems to be "asterisk/astobj2.h" ->
"asterisk/lock.h" -> <pthread.h> -> <sched.h>. It seems Asterisk
practically never includes <sched.h> directly.
- added loader workaround for musl
When the modules are loaded, asterisk segfaults on musl.
Asterisk Dynamic Loader Starting:
[Mar 2 22:30:05] NOTICE[20712]: loader.c:2230 load_modules: 91 modules will be loaded.
Segmentation fault
[48817.544248] do_page_fault(): sending SIGSEGV to asterisk for invalid read access from 00000000
[48817.544258] epc = 77f6b764 in libc.so[77ef8000+94000]
[48817.544285] ra = 0048d579 in asterisk[400000+160000]
The real problem is that the loader expects dlopen to always run the
constructor, which doesn't happen with musl, because its dlopen is
permanent.
This commit adds a new configure switch '--enable-permanent-dlopen'.
When enabled, the loader will manually call 'ast_module_register(...)'
and 'ast_module_unregister(...)' when needed.
- allow eventfd detection
Asterisk 16 wants to use eventfd, but it doesn't allow the detection
during cross-compiling. This results in runtime warnings, for instance
when shutting down:
[Mar 2 22:37:41] WARNING[21593]: alertpipe.c:112 ast_alertpipe_read: read() failed: Bad file descriptor
[Mar 2 22:37:41] WARNING[21593]: alertpipe.c:112 ast_alertpipe_read: read() failed: Bad file descriptor
[Mar 2 22:37:41] WARNING[21593]: alertpipe.c:112 ast_alertpipe_read: read() failed: Bad file descriptor
Relax the configure script so that eventfd can also be detected when
cross-compiling.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This adds two (three, really) sed scripts to update the default
configuration. All example accounts are getting disabled/commented. And
the module_path is set to the actual path.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The files in /usr/share/baresip are all read-only anyway, so
INSTALL_DATA can be used.
Use it as well for the included (default) modules, otherwise they'll
have different permissions than the extra modules.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
It is not a nice user experience when a package changes configuration
files during an upgrade. Remove this from the postinstall routine.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The ffmpeg full variant does not compile on i386_pentium currently.
Disable ffmpeg support on i386 to prevent breakage on the buildbots.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
It is not a nice user experience when a package changes configuration
files during an upgrade. Remove this from the postinstall routine.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The ffmpeg full variant does not compile on i386_pentium currently.
Disable mod_av on i386 to prevent breakage on the buildbots.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Add two patches that were submitted upstream to address warnings that
occur when using gcc 8.3 (like arc does currently) which turn into
errors (-Werror).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
The libhiredis package now contais a fix for its pkgconfig file. This
allows to add prefixes, which is needed when cross-compiling in
environments like OpenWrt.
Therefore, the workaround in kamailio is no longer needed and can be
removed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Since the update to openssl-1.1.1a the compile fails like this:
CC src/libfreeswitch_la-switch_rtp.lo
src/switch_rtp.c: In function 'switch_rtp_get_random':
src/switch_rtp.c:2419:2: error: implicit declaration of function 'RAND_bytes'; did you mean 'RSA_bits'? [-Werror=implicit-function-declaration]
RAND_bytes(buf, len);
^~~~~~~~~~
RSA_bits
cc1: all warnings being treated as errors
make[4]: *** [Makefile:2377: src/libfreeswitch_la-switch_rtp.lo] Error 1
This patch adds the missing include.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
- bump to 5.2.1
- drops sources.openwrt.org from PKG_SOURCE_URL because this mirror is
meant as last resort
- adds six new modules (app_python3 marked @BROKEN - doesn't compile
yet)
- 050-fix-kamailio-utils.patch refreshed. Alpine pushed a fix upstream
that fixes the quoting issue, so this part could be dropped. I found
some other issue with kamctl, where the prompt (for password) wasn't
shown because OpenWrt doesn't have /dev/stderr. So I fixed that and
added it to this patch as well. Sent upstream.
- hiredis handling was changed upstream. They changed the default
include from "hiredis/hiredis.h" (which worked for us) to "hiredis.h".
And the only way to get "hiredis/hiredis.h" is via pkg-config, which
upstream doesn't allow during cross-compile, probably because hiredis
pkg-config is rubbish. Patch added to forces pkg-config detection.
Also includes a fix for a logical error in the Makefile regarding
header setup. Sent upstream.
Patch to fix hiredis pkg-config file sent upstream (also to OpenWrt
package maintainer). Even without hiredis patch we can get away with
forcing pkg-config detection of hiredis.
- dropped two patches that were upstreamed
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In a previous commit I updated the copyright message. But that was not
correct as I am not affiliated with OpenWrt. And I cannot change the
copyright message from a third party either. This commit reverts the
changes.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In a previous commit I updated the copyright message. But that was not
correct as I am not affiliated with OpenWrt. And I cannot change the
copyright message from a third party either. This commit reverts the
changes.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In a previous commit I updated the copyright message. But that was not
correct as I am not affiliated with OpenWrt. This commit reverts the
change.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In a previous commit I updated the copyright message. But that was not
correct as I am not affiliated with OpenWrt. This commit reverts the
change.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In a previous commit I updated the copyright message. But that was not
correct as I am not affiliated with OpenWrt. This commit reverts the
change.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Maintainer is not affiliated with OpenWrt so copyright needs to be set
to maintainer instead of OpenWrt. Also correct the year - it should read
the year in which the Makefile was first written.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
sources.openwrt.org is used by the build system as a last-resort mirror.
It's not supposed to be used as a regular source mirror. Remove it from
PKG_SOURCE_URL.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Refresh patches + add patch to remove luajit detection, which was added
upstream for this release. luajit is available in OpenWrt, but seems to
always fail on the buildbots. To prevent surprises in the future disable
it for now.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Although siproxd normally logs to syslog, it's debug output appears to go
only to stderr. Adjust procd setup to also capture stderr in syslog.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This has the advantage of being available in the package catalog and
hence anytime both pre- and post-installation for someone looking for
information, using only the 'opkg info siproxd' command.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Patch from upstream:
Summary Remote crash vulnerability DNS SRV and NAPTR lookups
Nature of Advisory Denial Of Service
Susceptibility Remote Unauthenticated Sessions
Severity Moderate
Exploits Known No
Reported On October 23, 2018
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
- clean up variable names
- add options to uci config to enable/disable logging
- remove option change_perm as it's hacky
- change check before mkdir and friends to prevent
overwriting/chown/chmod of existing files/directories (important)
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Don't force freeswitch to off during postinstall. It's not common
practice (anywhere) and it may be confusing.
Add a link to the Wiki, too, and bump the revision.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
There is no point in keeping the hotplug script in an extra package.
Move it to the main package.
The priority of the script is changed from 99 to 90 as the freeswitch
init script uses the same.
The postinstall script will check if 99-freeswitch exists. If it does a
warning is displayed with the suggestion to uninstall the hotplug
package.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
procd runs as pid 1. When freeswitch realizes that its parent has pid 1,
it thinks that it has been orphaned and terminates the console thread.
That's why procd isn't able to get freeswitch's console output.
This commit mutes the check in src/switch_console.c. Now console output
is properly logged. The workaround parameters "-nc -nf" are replaced by
a proper "-c" ("console").
Additionally this commit hands control over killing freeswitch to procd.
It's no longer done by the script. This simplifies things quite a bit.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Following up the discussion in pull request #388 this commit removes the
depend on libx264 and prevents baresip from linking to libx264.
baresip can still use a H.264 encoder through ffmpeg, which is the
preferred way anyway.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Minor version bump. Two CVE patches can be removed as they're already
included in the source. One patch was refreshed.
Also:
- https://sources.openwrt.org is added as primary source URL to lessen
the load on kamailio upstream
- Build/Configure is defined as empty (because there is no configure
script in the source tree
- patch is added to fix dp_replace(); the function was first added in the
5.1 release and didn't work; patch was accepted upstream
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Remove the depend on mod-db-sqlite from some modules. They may depend on
a db module, but any will do. And mod-jsonrpcs also does not depend on
mod-json.
Maybe things were different in the past. But today these depends aren't
needed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
kamailio can be started with multiple "-l" ("listen") parameters to tell
it which IPs to listen on. This can also be configured in kamailio.cfg,
of course.
This commit adds the ability to the init script to translate iface names
like "wan" into IP addresses and hand them over to kamailio as command
line arguments. This is useful when using a network connection where IPs
are dynamically assigned.
kamailio can also work with interface names, e.g. "eth0". But it may
listen to all IPs configured on the interface. To avoid this the commit
differentiates beteen IPv4 ("listen") and IPv6 ("listen6"). So if the
user wants kamailio to only listen on an IPv4 address configured on a
certain iface ("wan" for instance), he/she can just specify a list entry
"listen" with that iface.
An explanation is also added to the uci configuration file.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Commit f84dda74e6 ("kamailio-5.x: enable
FAST_LOCK for MIPS") turned out to be problematic, because it changed
the ARCH to "mips2" not only for "mips", but also for some "mipsel"
targets, which was unintentional.
Address this by filtering for "mips" specifically before setting the
variable.
Also, get rid of PKG_BUILD_PARALLEL, because adding it really didn't
change anything - due to the way "make" is called. Leave a comment to
prevent repetition (read: prevent _me_ from doing the same mistake again
in the future).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This commit
- updates init script to use procd
- adds a default user 'kamailio' (kamailio will switch to this user)
- introduces uci init config (instead of /etc/default/kamailio)
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
rtpproxy expects IPs as parameters. Lots of OpenWrt devices use
connections where the IP is dynamically assigned. This commit adds shell
functions to convert an iface like 'wan' to an IP address before adding
the parameter to the rtpproxy command line.
Explanation is provided in /etc/config/rtpproxy. Some whitespace issues
were also fixed.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Add log_level option to uci config. Paired with the comment it makes
setting the log level easier when no man page is around.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Update rtpproxy init script to use procd.
Also increases the start priority to 90 (like the hotplug script) to
make sure rtpproxy is started before kamailio.
Fixes some whitespace issues along the way, too.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Install hotplug script along with rtpproxy. It will only be used if
enabled by the user (via uci config file).
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
With OpenWrt default awk - so awk from busybox - the filter is broken,
causing jsonrpc calls to fail, i.e. when running "kamctl ps". Below
patch makes the filter portable. Patch was already accepted upstream.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Add package for Opus codec support plugin. Variants for both asterisk13
and asterisk15 included.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
.. because the musl implementation doesn't seem to be fully compatible
with yate. We switched to the musl implementation in f6ad95d.
Yate has this regexp:
^([[:alpha:]][[:alnum:]]+:)?/?/?([^[:space:][:cntrl:]@]+@)?([[:alnum:]._+-]+|[[][[:xdigit:].:]+[]])(:[0-9]+)?
Given a string like
sip:012345678@11.111.11.111:5060;user=phone
musl's regexec() returns these matches:
index start end
0 -1 0
1 0 32 sip:012345678@11.111.11.111:5060
2 -1 -1
3 0 14 sip:012345678@
4 14 27 11.111.11.111
5 27 32 :5060
.. but this is what yate expects:
index start end
0 -1 0
1 0 32 sip:012345678@11.111.11.111:5060
2 0 4 sip:
3 4 14 012345678@
4 14 27 11.111.11.111
5 27 32 :5060
Fixes#378
Signed-off-by: Robert Högberg <robert.hogberg@gmail.com>
- bump version
- go back to using release tarballs (unavailable when 1.8.1 was
initially released)
- add OpenWrt mirror
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Add upstream fix for AST-2018-009: Remote crash vulnerability in HTTP
websocket upgrade
The vulnerability affects the res_http_websocket.so module.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Add upstream fix for AST-2018-009: Remote crash vulnerability in HTTP
websocket upgrade
The vulnerability affects the res_http_websocket.so module.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with
an invalid Via header causes a segmentation fault and crashes Kamailio. The
reason is missing input validation in the crcitt_string_array core function
for calculating a CRC hash for To tags. (An additional error is present in
the check_via_address core function: this function also misses input
validation.) This could result in denial of service and potentially the
execution of arbitrary code.
Patch from upstream.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This commit replaces /etc/default/freeswitch with /etc/config/freeswitch.
This way the init and hotplug configuration can be done with uci instead of
having to edit a file.
This also does away with the busybox ntpd warning. ntpd uses the same
configuration in system and it looks like busybox's ntpd is not used when
ntpd is installed.
Lastly some log strings are amended to start with a lowercase letter.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
There is a discussion ongoing if parallel builds should be enabled by
default. For freeswitch parallel builds are known to fail when certain
modules are enabled. This commit preemptively disables parallel builds
explicitly.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
A recent commit in packages/lang/perl is causing a problem with the
perlmod.mk include. Work around this by including perlver.mk instead and
setting up PERL_CMD and PERL_SITELIB manually.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
