Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[23.05] asterisk + pjproject: bump for security #850

Merged
merged 4 commits into from
Jan 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion libs/pjproject/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ include $(TOPDIR)/rules.mk

PKG_NAME:=pjproject
PKG_VERSION:=2.13.1
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_CPE_ID:=cpe:/a:pjsip:pjsip

# download "vX.Y.tar.gz" as "pjproject-vX.Y.tar.gz"
PKG_SOURCE_URL_FILE:=$(PKG_VERSION).tar.gz
Expand Down
10 changes: 9 additions & 1 deletion libs/pjproject/patches/0004-config_site.patch
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
--- /dev/null
+++ b/pjlib/include/pj/config_site.h
@@ -0,0 +1,83 @@
@@ -0,0 +1,91 @@
+/*
+ * Asterisk config_site.h
+ */
Expand Down Expand Up @@ -84,3 +84,11 @@
+#define PJSIP_TSX_UAS_CONTINUE_ON_TP_ERROR 0
+#define PJ_SSL_SOCK_OSSL_USE_THREAD_CB 0
+#define PJSIP_AUTH_ALLOW_MULTIPLE_AUTH_HEADER 1
+
+/*
+ * The default is 32 with 8 being used by pjproject itself.
+ * Since this value is used in invites, dialogs, transports
+ * and subscriptions as well as the global pjproject endpoint,
+ * we don't want to increase it too much.
+ */
+#define PJSIP_MAX_MODULE 38
26 changes: 26 additions & 0 deletions libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
--- a/pjsip/src/pjsip/sip_transport.c
+++ b/pjsip/src/pjsip/sip_transport.c
@@ -2088,15 +2088,17 @@ PJ_DEF(pj_ssize_t) pjsip_tpmgr_receive_p
* which were sent to keep NAT bindings.
*/
if (tmp.slen) {
- PJ_LOG(1, (THIS_FILE,
- "Error processing %d bytes packet from %s %s:%d %.*s:\n"
- "%.*s\n"
- "-- end of packet.",
+ PJ_LOG(2, (THIS_FILE,
+ "Dropping %d bytes packet from %s %s:%d %.*s\n",
msg_fragment_size,
rdata->tp_info.transport->type_name,
- rdata->pkt_info.src_name,
+ rdata->pkt_info.src_name,
rdata->pkt_info.src_port,
- (int)tmp.slen, tmp.ptr,
+ (int)tmp.slen, tmp.ptr));
+ PJ_LOG(4, (THIS_FILE,
+ "Dropped packet:"
+ "%.*s\n"
+ "-- end of packet.",
(int)msg_fragment_size,
rdata->msg_info.msg_buf));
}
7 changes: 4 additions & 3 deletions net/asterisk/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,13 @@
include $(TOPDIR)/rules.mk

PKG_NAME:=asterisk
PKG_VERSION:=20.3.0
PKG_RELEASE:=2
PKG_VERSION:=20.5.2
PKG_RELEASE:=1
PKG_CPE_ID:=cpe:/a:digium:asterisk

PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases
PKG_HASH:=2e70b4bb40114966c6572eae38b5106b588a7a759d41f1c90a6032407dd60463
PKG_HASH:=8f68e1789dfb8aa04b0eba87ea1d599a62e088ddd20926afc997f36b455e1859

PKG_BUILD_DEPENDS:=libxml2/host

Expand Down
2 changes: 1 addition & 1 deletion net/asterisk/patches/130-eventfd.patch
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
--- a/configure.ac
+++ b/configure.ac
@@ -1256,7 +1256,7 @@ if test "${ac_cv_have_variable_fdset}x"
@@ -1257,7 +1257,7 @@ if test "${ac_cv_have_variable_fdset}x"
fi

AC_MSG_CHECKING([if we have usable eventfd support])
Expand Down
2 changes: 1 addition & 1 deletion net/asterisk/patches/140-use-default-lua.patch
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
--- a/configure.ac
+++ b/configure.ac
@@ -2616,7 +2616,7 @@ if test -z "$__opus_include" -o x"$__opu
@@ -2608,7 +2608,7 @@ if test -z "$__opus_include" -o x"$__opu
fi
AST_EXT_LIB_CHECK([OPUSFILE], [opusfile], [op_open_callbacks], [opus/opusfile.h], [], [$__opus_include])

Expand Down
17 changes: 17 additions & 0 deletions net/asterisk/patches/180-app_queue_time_t.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
--- a/apps/app_queue.c
+++ b/apps/app_queue.c
@@ -4614,8 +4614,12 @@ static int is_longest_waiting_caller(str
* will be unused until the first caller is picked up.
*/
if (ch->start < caller->start && !ch->pending) {
- ast_debug(1, "Queue %s has a call at position %i that's been waiting longer (%li vs %li)\n",
- q->name, ch->pos, ch->start, caller->start);
+ char time1[AST_TIME_T_LEN];
+ char time2[AST_TIME_T_LEN];
+ ast_time_t_to_string(ch->start, time1, sizeof(time1));
+ ast_time_t_to_string(caller->start, time2, sizeof(time2));
+ ast_debug(1, "Queue %s has a call at position %i that's been waiting longer (%s vs %s)\n",
+ q->name, ch->pos, time1, time2);
is_longest_waiting = 0;
break;
}

This file was deleted.

This file was deleted.

Loading