Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[8025] branches/1.0/package/asterisk
|
From: <abe...@us...> - 2016-12-09 13:32:19
|
Revision: 8025
http://sourceforge.net/p/astlinux/code/8025
Author: abelbeck
Date: 2016-12-09 13:32:17 +0000 (Fri, 09 Dec 2016)
Log Message:
-----------
asterisk, version bump to 11.25.1 and 13.x security patches
Modified Paths:
--------------
branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch
branches/1.0/package/asterisk/asterisk.mk
Added Paths:
-----------
branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-008-13-security.patch
branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-009-13-security.patch
branches/1.0/package/asterisk/asterisk-13-upstream-cli-libedit-utf8.patch
Removed Paths:
-------------
branches/1.0/package/asterisk/asterisk-13-cli-libedit-utf8.patch
Modified: branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch 2016-12-08 16:54:13 UTC (rev 8024)
+++ branches/1.0/package/asterisk/asterisk-11-extension-changed-verbosity-chan_sip.patch 2016-12-09 13:32:17 UTC (rev 8025)
@@ -1,6 +1,6 @@
--- asterisk-11/channels/chan_sip.c.orig 2015-04-23 10:22:04.000000000 -0500
+++ asterisk-11/channels/chan_sip.c 2015-04-23 10:22:40.000000000 -0500
-@@ -16817,7 +16817,7 @@
+@@ -16815,7 +16815,7 @@
}
if (!force) {
Deleted: branches/1.0/package/asterisk/asterisk-13-cli-libedit-utf8.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-cli-libedit-utf8.patch 2016-12-08 16:54:13 UTC (rev 8024)
+++ branches/1.0/package/asterisk/asterisk-13-cli-libedit-utf8.patch 2016-12-09 13:32:17 UTC (rev 8025)
@@ -1,63 +0,0 @@
-X-Git-Url: http://git.asterisk.org/gitweb/?p=asterisk%2Fasterisk.git;a=blobdiff_plain;f=main%2Fasterisk.c;h=fa919936b4767580ff852f2ba1fcbe7781949968;hp=1c7a0e1885501e5e2446c72266e492ffd40a08ef;hb=5e0c22404316ecdf8e1510553474274eddf55e20;hpb=ec17e96784b8a75f74d84621165c73d986d56f95
-
-diff --git a/main/asterisk.c b/main/asterisk.c
-index 1c7a0e1..fa91993 100644
---- a/main/asterisk.c
-+++ b/main/asterisk.c
-@@ -2818,7 +2818,13 @@ static void send_rasterisk_connect_commands(void)
- }
- }
-
-+#define HAVE_LIBEDIT_IS_UNICODE 1
-+
-+#ifdef HAVE_LIBEDIT_IS_UNICODE
-+static int ast_el_read_char(EditLine *editline, wchar_t *cp)
-+#else
- static int ast_el_read_char(EditLine *editline, char *cp)
-+#endif
- {
- int num_read = 0;
- int lastpos = 0;
-@@ -2848,10 +2854,16 @@ static int ast_el_read_char(EditLine *editline, char *cp)
- }
-
- if (!ast_opt_exec && fds[1].revents) {
-- num_read = read(STDIN_FILENO, cp, 1);
-+ char c = '\0';
-+ num_read = read(STDIN_FILENO, &c, 1);
- if (num_read < 1) {
- break;
- } else {
-+#ifdef HAVE_LIBEDIT_IS_UNICODE
-+ *cp = btowc(c);
-+#else
-+ *cp = c;
-+#endif
- return (num_read);
- }
- }
-@@ -2895,7 +2907,11 @@ static int ast_el_read_char(EditLine *editline, char *cp)
- console_print(buf, 0);
-
- if ((res < EL_BUF_SIZE - 1) && ((buf[res-1] == '\n') || (res >= 2 && buf[res-2] == '\n'))) {
-+#ifdef HAVE_LIBEDIT_IS_UNICODE
-+ *cp = btowc(CC_REFRESH);
-+#else
- *cp = CC_REFRESH;
-+#endif
- return(1);
- } else {
- lastpos = 1;
-@@ -2903,7 +2919,12 @@ static int ast_el_read_char(EditLine *editline, char *cp)
- }
- }
-
-+#ifdef HAVE_LIBEDIT_IS_UNICODE
-+ *cp = btowc('\0');
-+#else
- *cp = '\0';
-+#endif
-+
- return (0);
- }
-
Added: branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-008-13-security.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-008-13-security.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-008-13-security.patch 2016-12-09 13:32:17 UTC (rev 8025)
@@ -0,0 +1,72 @@
+commit 888142e89160169220bff1bae742f6ef558a7b11
+Author: Joshua Colp <jc...@di...>
+Date: Tue Nov 15 00:18:21 2016 +0000
+
+ res_format_attr_opus: Fix crash when fmtp contains spaces.
+
+ When an opus offer or answer was received that contained an
+ fmtp line with spaces between the attributes the module would
+ fail to properly parse it and crash due to recursion.
+
+ This change makes the module handle the space properly and
+ also removes the recursion requirement.
+
+ ASTERISK-26579
+
+ Change-Id: I01f53e5d9fa9f1925a7365f8d25071b5b3ac2dc3
+
+diff --git a/res/res_format_attr_opus.c b/res/res_format_attr_opus.c
+index 49382f6..857b943 100644
+--- a/res/res_format_attr_opus.c
++++ b/res/res_format_attr_opus.c
+@@ -102,27 +102,35 @@ static int opus_clone(const struct ast_format *src, struct ast_format *dst)
+
+ static void sdp_fmtp_get(const char *attributes, const char *name, int *attr)
+ {
+- const char *kvp = "";
++ const char *kvp = attributes;
+ int val;
+
+- if (attributes && !(kvp = strstr(attributes, name))) {
++ if (ast_strlen_zero(attributes)) {
+ return;
+ }
+
+- /*
+- * If the named attribute is not at the start of the given attributes, and
+- * the preceding character is not a space or semicolon then it's not the
+- * attribute we are looking for. It's an attribute with the name embedded
+- * within it (e.g. ptime in maxptime, stereo in sprop-stereo).
++ /* This logic goes through each attribute in the fmtp line looking for the
++ * requested named attribute.
+ */
+- if (kvp != attributes && *(kvp - 1) != ' ' && *(kvp - 1) != ';') {
+- /* Keep searching as it might still be in the attributes string */
+- sdp_fmtp_get(strchr(kvp, ';'), name, attr);
+- /*
+- * Otherwise it's a match, so retrieve the value and set the attribute.
+- */
+- } else if (sscanf(kvp, "%*[^=]=%30d", &val) == 1) {
+- *attr = val;
++ while (*kvp) {
++ /* Skip any preceeding blanks as some implementations separate attributes using spaces too */
++ kvp = ast_skip_blanks(kvp);
++
++ /* If we are at at the requested attribute get its value and return */
++ if (!strncmp(kvp, name, strlen(name)) && kvp[strlen(name)] == '=') {
++ if (sscanf(kvp, "%*[^=]=%30d", &val) == 1) {
++ *attr = val;
++ break;
++ }
++ }
++
++ /* Move on to the next attribute if possible */
++ kvp = strchr(kvp, ';');
++ if (!kvp) {
++ break;
++ }
++
++ kvp++;
+ }
+ }
+
Added: branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-009-13-security.patch
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-009-13-security.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-13-upstream-AST-2016-009-13-security.patch 2016-12-09 13:32:17 UTC (rev 8025)
@@ -0,0 +1,27 @@
+diff --git a/channels/chan_sip.c b/channels/chan_sip.c
+index 50183c2..c53d9ba 100644
+--- a/channels/chan_sip.c
++++ b/channels/chan_sip.c
+@@ -8446,8 +8446,6 @@ static const char *__get_header(const struct sip_request *req, const char *name,
+ * one afterwards. If you shouldn't do it, what absolute idiot decided it was
+ * a good idea to say you can do it, and if you can do it, why in the hell would.
+ * you say you shouldn't.
+- * Anyways, pedanticsipchecking controls whether we allow spaces before ':',
+- * and we always allow spaces after that for compatibility.
+ */
+ const char *sname = find_alias(name, NULL);
+ int x, len = strlen(name), slen = (sname ? 1 : 0);
+@@ -8460,10 +8458,10 @@ static const char *__get_header(const struct sip_request *req, const char *name,
+ if (match || smatch) {
+ /* skip name */
+ const char *r = header + (match ? len : slen );
+- if (sip_cfg.pedanticsipchecking) {
+- r = ast_skip_blanks(r);
++ /* HCOLON has optional SP/HTAB; skip past those */
++ while (*r == ' ' || *r == '\t') {
++ ++r;
+ }
+-
+ if (*r == ':') {
+ *start = x+1;
+ return ast_skip_blanks(r+1);
Copied: branches/1.0/package/asterisk/asterisk-13-upstream-cli-libedit-utf8.patch (from rev 8024, branches/1.0/package/asterisk/asterisk-13-cli-libedit-utf8.patch)
===================================================================
--- branches/1.0/package/asterisk/asterisk-13-upstream-cli-libedit-utf8.patch (rev 0)
+++ branches/1.0/package/asterisk/asterisk-13-upstream-cli-libedit-utf8.patch 2016-12-09 13:32:17 UTC (rev 8025)
@@ -0,0 +1,63 @@
+X-Git-Url: http://git.asterisk.org/gitweb/?p=asterisk%2Fasterisk.git;a=blobdiff_plain;f=main%2Fasterisk.c;h=fa919936b4767580ff852f2ba1fcbe7781949968;hp=1c7a0e1885501e5e2446c72266e492ffd40a08ef;hb=5e0c22404316ecdf8e1510553474274eddf55e20;hpb=ec17e96784b8a75f74d84621165c73d986d56f95
+
+diff --git a/main/asterisk.c b/main/asterisk.c
+index 1c7a0e1..fa91993 100644
+--- a/main/asterisk.c
++++ b/main/asterisk.c
+@@ -2818,7 +2818,13 @@ static void send_rasterisk_connect_commands(void)
+ }
+ }
+
++#define HAVE_LIBEDIT_IS_UNICODE 1
++
++#ifdef HAVE_LIBEDIT_IS_UNICODE
++static int ast_el_read_char(EditLine *editline, wchar_t *cp)
++#else
+ static int ast_el_read_char(EditLine *editline, char *cp)
++#endif
+ {
+ int num_read = 0;
+ int lastpos = 0;
+@@ -2848,10 +2854,16 @@ static int ast_el_read_char(EditLine *editline, char *cp)
+ }
+
+ if (!ast_opt_exec && fds[1].revents) {
+- num_read = read(STDIN_FILENO, cp, 1);
++ char c = '\0';
++ num_read = read(STDIN_FILENO, &c, 1);
+ if (num_read < 1) {
+ break;
+ } else {
++#ifdef HAVE_LIBEDIT_IS_UNICODE
++ *cp = btowc(c);
++#else
++ *cp = c;
++#endif
+ return (num_read);
+ }
+ }
+@@ -2895,7 +2907,11 @@ static int ast_el_read_char(EditLine *editline, char *cp)
+ console_print(buf, 0);
+
+ if ((res < EL_BUF_SIZE - 1) && ((buf[res-1] == '\n') || (res >= 2 && buf[res-2] == '\n'))) {
++#ifdef HAVE_LIBEDIT_IS_UNICODE
++ *cp = btowc(CC_REFRESH);
++#else
+ *cp = CC_REFRESH;
++#endif
+ return(1);
+ } else {
+ lastpos = 1;
+@@ -2903,7 +2919,12 @@ static int ast_el_read_char(EditLine *editline, char *cp)
+ }
+ }
+
++#ifdef HAVE_LIBEDIT_IS_UNICODE
++ *cp = btowc('\0');
++#else
+ *cp = '\0';
++#endif
++
+ return (0);
+ }
+
Modified: branches/1.0/package/asterisk/asterisk.mk
===================================================================
--- branches/1.0/package/asterisk/asterisk.mk 2016-12-08 16:54:13 UTC (rev 8024)
+++ branches/1.0/package/asterisk/asterisk.mk 2016-12-09 13:32:17 UTC (rev 8025)
@@ -4,7 +4,7 @@
#
##############################################################
ifeq ($(BR2_PACKAGE_ASTERISK_v11),y)
-ASTERISK_VERSION := 11.25.0
+ASTERISK_VERSION := 11.25.1
else
ifeq ($(BR2_PACKAGE_ASTERISK_v13),y)
ASTERISK_VERSION := 13.12.2
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
