From 8ef219c850c6efdfe5278ebc3834dad360e1bb45 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Sun, 19 May 2024 09:05:42 +0200 Subject: [PATCH 1/2] pjproject: bump to 2.14.1 Pick patch from @dhewg so we keep pjproject in sync with the version bundled with Asterisk. Signed-off-by: Daniel Golle --- libs/pjproject/Makefile | 6 ++--- .../patches/0001-change_linker.patch | 4 +-- libs/pjproject/patches/0004-config_site.patch | 12 +++++++-- .../patches/0006-fix-pkg_config-file.patch | 2 +- ...new-129fb323a66dd1fd16880fe5ba5e6a57.patch | 27 ------------------- .../0020-log-dropped-packet-in-debug.patch | 26 ------------------ 6 files changed, 16 insertions(+), 61 deletions(-) delete mode 100644 libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch delete mode 100644 libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch diff --git a/libs/pjproject/Makefile b/libs/pjproject/Makefile index 326708c3d..4ab736c0a 100644 --- a/libs/pjproject/Makefile +++ b/libs/pjproject/Makefile @@ -10,15 +10,15 @@ include $(TOPDIR)/rules.mk PKG_NAME:=pjproject -PKG_VERSION:=2.13.1 -PKG_RELEASE:=2 +PKG_VERSION:=2.14.1 +PKG_RELEASE:=1 PKG_CPE_ID:=cpe:/a:pjsip:pjsip # download "vX.Y.tar.gz" as "pjproject-vX.Y.tar.gz" PKG_SOURCE_URL_FILE:=$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_URL_FILE) PKG_SOURCE_URL:=https://github.com/pjsip/$(PKG_NAME)/archive/refs/tags -PKG_HASH:=32a5ab5bfbb9752cb6a46627e4c410e61939c8dbbd833ac858473cfbd9fb9d7d +PKG_HASH:=6140f7a97e318caa89c17e8d5468599671c6eed12d64a7c160dac879ba004c68 PKG_INSTALL:=1 PKG_LICENSE:=GPL-2.0 diff --git a/libs/pjproject/patches/0001-change_linker.patch b/libs/pjproject/patches/0001-change_linker.patch index 5fd150304..64cf81bb6 100644 --- a/libs/pjproject/patches/0001-change_linker.patch +++ b/libs/pjproject/patches/0001-change_linker.patch @@ -1,7 +1,7 @@ --- a/build/cc-auto.mak.in +++ b/build/cc-auto.mak.in -@@ -2,7 +2,7 @@ export CC = @CC@ -c - export CXX = @CXX@ -c +@@ -2,7 +2,7 @@ export CC = @CC@ + export CXX = @CXX@ export AR = @AR@ export AR_FLAGS = @AR_FLAGS@ -export LD = @LD@ diff --git a/libs/pjproject/patches/0004-config_site.patch b/libs/pjproject/patches/0004-config_site.patch index d9d67aecf..4b5c37316 100644 --- a/libs/pjproject/patches/0004-config_site.patch +++ b/libs/pjproject/patches/0004-config_site.patch @@ -1,6 +1,6 @@ --- /dev/null +++ b/pjlib/include/pj/config_site.h -@@ -0,0 +1,91 @@ +@@ -0,0 +1,99 @@ +/* + * Asterisk config_site.h + */ @@ -28,6 +28,15 @@ +#define PJ_IOQUEUE_HAS_SAFE_UNREG 1 +#define PJ_IOQUEUE_MAX_EVENTS_IN_SINGLE_POLL (16) + ++/* ++ * Increase the number of socket options available. This adjustment is necessary ++ * to accommodate additional TCP keepalive settings required for optimizing SIP ++ * transport stability, especially in environments prone to connection timeouts. ++ * The default limit is insufficient when configuring all desired keepalive ++ * parameters along with standard socket options. ++ */ ++#define PJ_MAX_SOCKOPT_PARAMS 5 ++ +#define PJ_SCANNER_USE_BITWISE 0 +#define PJ_OS_HAS_CHECK_STACK 0 + @@ -91,4 +100,3 @@ + * and subscriptions as well as the global pjproject endpoint, + * we don't want to increase it too much. + */ -+#define PJSIP_MAX_MODULE 38 diff --git a/libs/pjproject/patches/0006-fix-pkg_config-file.patch b/libs/pjproject/patches/0006-fix-pkg_config-file.patch index 90f1d225c..f352ac858 100644 --- a/libs/pjproject/patches/0006-fix-pkg_config-file.patch +++ b/libs/pjproject/patches/0006-fix-pkg_config-file.patch @@ -13,7 +13,7 @@ Description: Multimedia communication library --- a/build.mak.in +++ b/build.mak.in -@@ -352,6 +352,6 @@ export PJ_LIBXX_FILES := $(APP_LIBXX_FIL +@@ -351,6 +351,6 @@ export PJ_LIBXX_FILES := $(APP_LIBXX_FIL export PJ_INSTALL_DIR := @prefix@ export PJ_INSTALL_INC_DIR := @includedir@ export PJ_INSTALL_LIB_DIR := @libdir@ diff --git a/libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch b/libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch deleted file mode 100644 index 36eacfcb0..000000000 --- a/libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch +++ /dev/null @@ -1,27 +0,0 @@ -From ac685b30c17be461b2bf5b46a772ed9742b8e985 Mon Sep 17 00:00:00 2001 -From: Riza Sulistyo -Date: Thu, 9 Feb 2023 13:19:23 +0700 -Subject: [PATCH] Make sure that NOTIFY tdata is set before sending it. - ---- - pjsip/src/pjsip-simple/evsub.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - ---- a/pjsip/src/pjsip-simple/evsub.c -+++ b/pjsip/src/pjsip-simple/evsub.c -@@ -2224,9 +2224,12 @@ static void on_tsx_state_uas( pjsip_evsu - /* Send the pending NOTIFY sent by app from inside - * on_rx_refresh() callback. - */ -- pj_assert(sub->pending_notify); -- status = pjsip_evsub_send_request(sub, sub->pending_notify); -- sub->pending_notify = NULL; -+ //pj_assert(sub->pending_notify); -+ /* Make sure that pending_notify is set. */ -+ if (sub->pending_notify) { -+ status = pjsip_evsub_send_request(sub, sub->pending_notify); -+ sub->pending_notify = NULL; -+ } - - } else if (pjsip_method_cmp(&tsx->method, &pjsip_notify_method)==0) { - diff --git a/libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch b/libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch deleted file mode 100644 index e625f2e18..000000000 --- a/libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch +++ /dev/null @@ -1,26 +0,0 @@ ---- a/pjsip/src/pjsip/sip_transport.c -+++ b/pjsip/src/pjsip/sip_transport.c -@@ -2088,15 +2088,17 @@ PJ_DEF(pj_ssize_t) pjsip_tpmgr_receive_p - * which were sent to keep NAT bindings. - */ - if (tmp.slen) { -- PJ_LOG(1, (THIS_FILE, -- "Error processing %d bytes packet from %s %s:%d %.*s:\n" -- "%.*s\n" -- "-- end of packet.", -+ PJ_LOG(2, (THIS_FILE, -+ "Dropping %d bytes packet from %s %s:%d %.*s\n", - msg_fragment_size, - rdata->tp_info.transport->type_name, -- rdata->pkt_info.src_name, -+ rdata->pkt_info.src_name, - rdata->pkt_info.src_port, -- (int)tmp.slen, tmp.ptr, -+ (int)tmp.slen, tmp.ptr)); -+ PJ_LOG(4, (THIS_FILE, -+ "Dropped packet:" -+ "%.*s\n" -+ "-- end of packet.", - (int)msg_fragment_size, - rdata->msg_info.msg_buf)); - } From 11353e1a17761ee1b29488da008e05fe81d3e174 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Sat, 22 Jun 2024 15:40:52 +0100 Subject: [PATCH 2/2] asterisk: update to version 20.8.1 Update to most recent LTS release addressing multiple security and stability issues. Complete changelog: https://github.com/asterisk/asterisk/compare/20.5.2...20.8.1 Note that res-stir-shaken switched to use libjwt instead of providing a built-in JWT implementation. Signed-off-by: Daniel Golle --- net/asterisk/Makefile | 7 ++++--- net/asterisk/patches/100-build-reproducibly.patch | 4 ++-- net/asterisk/patches/130-eventfd.patch | 2 +- net/asterisk/patches/140-use-default-lua.patch | 2 +- net/asterisk/patches/180-app_queue_time_t.patch | 2 +- 5 files changed, 9 insertions(+), 8 deletions(-) diff --git a/net/asterisk/Makefile b/net/asterisk/Makefile index e5075caaa..f38c4ffd1 100644 --- a/net/asterisk/Makefile +++ b/net/asterisk/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=asterisk -PKG_VERSION:=20.5.2 +PKG_VERSION:=20.8.1 PKG_RELEASE:=1 PKG_CPE_ID:=cpe:/a:digium:asterisk PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases -PKG_HASH:=8f68e1789dfb8aa04b0eba87ea1d599a62e088ddd20926afc997f36b455e1859 +PKG_HASH:=fa498b6224e8c262de6840a67e00e3747e178fcefd9fb2595885d402ca3248f5 PKG_BUILD_DEPENDS:=libxml2/host @@ -583,6 +583,7 @@ CONFIGURE_ARGS+= \ --with-ilbc=internal \ --without-pjproject-bundled \ --with-libedit="$(STAGING_DIR)/usr" \ + $(if $(CONFIG_PACKAGE_$(PKG_NAME)-res-stir-shaken),--with-libjwt-bundled=yes,--with-libjwt-bundled=no) \ --with-libxml2 \ $(if $(CONFIG_ASTERISK_LIBXSLT_SUPPORT),--with-libxslt,--without-libxslt) \ $(if $(CONFIG_PACKAGE_$(PKG_NAME)-res-snmp),--with-netsnmp="$(STAGING_DIR)/usr",--without-netsnmp) \ @@ -1057,7 +1058,7 @@ $(eval $(call BuildAsteriskModule,res-stasis-playback,Stasis application playbac $(eval $(call BuildAsteriskModule,res-stasis-recording,Stasis application recording,Stasis application recording support.,+$(PKG_NAME)-res-stasis,,res_stasis_recording,,)) $(eval $(call BuildAsteriskModule,res-stasis-snoop,Stasis application snoop,Stasis application snoop support.,+$(PKG_NAME)-res-stasis-recording,,res_stasis_snoop,,)) $(eval $(call BuildAsteriskModule,res-statsd,statsd client,Statsd client support.,,statsd.conf,res_statsd,,)) -$(eval $(call BuildAsteriskModule,res-stir-shaken,STIR/SHAKEN resource module,STIR/SHAKEN resource module.,+$(PKG_NAME)-curl,stir_shaken.conf,res_stir_shaken,,)) +$(eval $(call BuildAsteriskModule,res-stir-shaken,STIR/SHAKEN resource module,STIR/SHAKEN resource module.,+$(PKG_NAME)-curl +libjwt,stir_shaken.conf,res_stir_shaken,,)) $(eval $(call BuildAsteriskModule,res-stun-monitor,STUN monitoring,STUN network monitor.,,res_stun_monitor.conf,res_stun_monitor,,)) $(eval $(call BuildAsteriskModule,res-timing-dahdi,DAHDI Timing Interface,DAHDI timing interface.,+$(PKG_NAME)-chan-dahdi,,res_timing_dahdi,,)) $(eval $(call BuildAsteriskModule,res-timing-pthread,pthread Timing Interface,pthread timing interface.,,,res_timing_pthread,,)) diff --git a/net/asterisk/patches/100-build-reproducibly.patch b/net/asterisk/patches/100-build-reproducibly.patch index f16421b4a..d667f3687 100644 --- a/net/asterisk/patches/100-build-reproducibly.patch +++ b/net/asterisk/patches/100-build-reproducibly.patch @@ -17,10 +17,10 @@ * build.h --- a/build_tools/make_xml_documentation +++ b/build_tools/make_xml_documentation -@@ -187,7 +187,7 @@ printf "Building Documentation For: " +@@ -193,7 +193,7 @@ printf "Building Documentation For: " for subdir in ${mod_subdirs} ; do printf "%s " "${subdir}" - subdir_path="${source_tree}/${subdir}" + subdir_path=$(make_absolute "$subdir") - for i in $(${FIND} "${subdir_path}" -name '*.c' -or -name '*.cc'); do + for i in $(${FIND} "${subdir_path}" -name '*.c' -or -name '*.cc' | LC_ALL=C sort); do if [ "${with_moduleinfo}" -eq "1" ] ; then diff --git a/net/asterisk/patches/130-eventfd.patch b/net/asterisk/patches/130-eventfd.patch index 60e7d26b4..81bd33230 100644 --- a/net/asterisk/patches/130-eventfd.patch +++ b/net/asterisk/patches/130-eventfd.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -1257,7 +1257,7 @@ if test "${ac_cv_have_variable_fdset}x" +@@ -1272,7 +1272,7 @@ if test "${ac_cv_have_variable_fdset}x" fi AC_MSG_CHECKING([if we have usable eventfd support]) diff --git a/net/asterisk/patches/140-use-default-lua.patch b/net/asterisk/patches/140-use-default-lua.patch index 006a07fff..3857d13c9 100644 --- a/net/asterisk/patches/140-use-default-lua.patch +++ b/net/asterisk/patches/140-use-default-lua.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -2608,7 +2608,7 @@ if test -z "$__opus_include" -o x"$__opu +@@ -2623,7 +2623,7 @@ if test -z "$__opus_include" -o x"$__opu fi AST_EXT_LIB_CHECK([OPUSFILE], [opusfile], [op_open_callbacks], [opus/opusfile.h], [], [$__opus_include]) diff --git a/net/asterisk/patches/180-app_queue_time_t.patch b/net/asterisk/patches/180-app_queue_time_t.patch index d582a3940..3e47c0f44 100644 --- a/net/asterisk/patches/180-app_queue_time_t.patch +++ b/net/asterisk/patches/180-app_queue_time_t.patch @@ -1,6 +1,6 @@ --- a/apps/app_queue.c +++ b/apps/app_queue.c -@@ -4614,8 +4614,12 @@ static int is_longest_waiting_caller(str +@@ -4625,8 +4625,12 @@ static int is_longest_waiting_caller(str * will be unused until the first caller is picked up. */ if (ch->start < caller->start && !ch->pending) {