From 8ef219c850c6efdfe5278ebc3834dad360e1bb45 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Sun, 19 May 2024 09:05:42 +0200
Subject: [PATCH 1/2] pjproject: bump to 2.14.1

Pick patch from @dhewg so we keep pjproject in sync with the version
bundled with Asterisk.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 libs/pjproject/Makefile                       |  6 ++---
 .../patches/0001-change_linker.patch          |  4 +--
 libs/pjproject/patches/0004-config_site.patch | 12 +++++++--
 .../patches/0006-fix-pkg_config-file.patch    |  2 +-
 ...new-129fb323a66dd1fd16880fe5ba5e6a57.patch | 27 -------------------
 .../0020-log-dropped-packet-in-debug.patch    | 26 ------------------
 6 files changed, 16 insertions(+), 61 deletions(-)
 delete mode 100644 libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch
 delete mode 100644 libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch

diff --git a/libs/pjproject/Makefile b/libs/pjproject/Makefile
index 326708c3d..4ab736c0a 100644
--- a/libs/pjproject/Makefile
+++ b/libs/pjproject/Makefile
@@ -10,15 +10,15 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=pjproject
-PKG_VERSION:=2.13.1
-PKG_RELEASE:=2
+PKG_VERSION:=2.14.1
+PKG_RELEASE:=1
 PKG_CPE_ID:=cpe:/a:pjsip:pjsip
 
 # download "vX.Y.tar.gz" as "pjproject-vX.Y.tar.gz"
 PKG_SOURCE_URL_FILE:=$(PKG_VERSION).tar.gz
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_URL_FILE)
 PKG_SOURCE_URL:=https://github.com/pjsip/$(PKG_NAME)/archive/refs/tags
-PKG_HASH:=32a5ab5bfbb9752cb6a46627e4c410e61939c8dbbd833ac858473cfbd9fb9d7d
+PKG_HASH:=6140f7a97e318caa89c17e8d5468599671c6eed12d64a7c160dac879ba004c68
 PKG_INSTALL:=1
 
 PKG_LICENSE:=GPL-2.0
diff --git a/libs/pjproject/patches/0001-change_linker.patch b/libs/pjproject/patches/0001-change_linker.patch
index 5fd150304..64cf81bb6 100644
--- a/libs/pjproject/patches/0001-change_linker.patch
+++ b/libs/pjproject/patches/0001-change_linker.patch
@@ -1,7 +1,7 @@
 --- a/build/cc-auto.mak.in
 +++ b/build/cc-auto.mak.in
-@@ -2,7 +2,7 @@ export CC = @CC@ -c
- export CXX = @CXX@ -c
+@@ -2,7 +2,7 @@ export CC = @CC@
+ export CXX = @CXX@
  export AR = @AR@
  export AR_FLAGS = @AR_FLAGS@
 -export LD = @LD@
diff --git a/libs/pjproject/patches/0004-config_site.patch b/libs/pjproject/patches/0004-config_site.patch
index d9d67aecf..4b5c37316 100644
--- a/libs/pjproject/patches/0004-config_site.patch
+++ b/libs/pjproject/patches/0004-config_site.patch
@@ -1,6 +1,6 @@
 --- /dev/null
 +++ b/pjlib/include/pj/config_site.h
-@@ -0,0 +1,91 @@
+@@ -0,0 +1,99 @@
 +/*
 + * Asterisk config_site.h
 + */
@@ -28,6 +28,15 @@
 +#define PJ_IOQUEUE_HAS_SAFE_UNREG 1
 +#define PJ_IOQUEUE_MAX_EVENTS_IN_SINGLE_POLL (16)
 +
++/*
++ * Increase the number of socket options available. This adjustment is necessary
++ * to accommodate additional TCP keepalive settings required for optimizing SIP
++ * transport stability, especially in environments prone to connection timeouts.
++ * The default limit is insufficient when configuring all desired keepalive
++ * parameters along with standard socket options.
++ */
++#define PJ_MAX_SOCKOPT_PARAMS 5
++
 +#define PJ_SCANNER_USE_BITWISE	0
 +#define PJ_OS_HAS_CHECK_STACK	0
 +
@@ -91,4 +100,3 @@
 + * and subscriptions as well as the global pjproject endpoint,
 + * we don't want to increase it too much.
 + */
-+#define PJSIP_MAX_MODULE 38
diff --git a/libs/pjproject/patches/0006-fix-pkg_config-file.patch b/libs/pjproject/patches/0006-fix-pkg_config-file.patch
index 90f1d225c..f352ac858 100644
--- a/libs/pjproject/patches/0006-fix-pkg_config-file.patch
+++ b/libs/pjproject/patches/0006-fix-pkg_config-file.patch
@@ -13,7 +13,7 @@
  Description: Multimedia communication library
 --- a/build.mak.in
 +++ b/build.mak.in
-@@ -352,6 +352,6 @@ export PJ_LIBXX_FILES := $(APP_LIBXX_FIL
+@@ -351,6 +351,6 @@ export PJ_LIBXX_FILES := $(APP_LIBXX_FIL
  export PJ_INSTALL_DIR := @prefix@
  export PJ_INSTALL_INC_DIR := @includedir@
  export PJ_INSTALL_LIB_DIR := @libdir@
diff --git a/libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch b/libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch
deleted file mode 100644
index 36eacfcb0..000000000
--- a/libs/pjproject/patches/0010-Make-sure-that-NOTIFY-tdata-is-set-before-sending-it_new-129fb323a66dd1fd16880fe5ba5e6a57.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From ac685b30c17be461b2bf5b46a772ed9742b8e985 Mon Sep 17 00:00:00 2001
-From: Riza Sulistyo <trengginas@users.noreply.github.com>
-Date: Thu, 9 Feb 2023 13:19:23 +0700
-Subject: [PATCH] Make sure that NOTIFY tdata is set before sending it.
-
----
- pjsip/src/pjsip-simple/evsub.c | 9 ++++++---
- 1 file changed, 6 insertions(+), 3 deletions(-)
-
---- a/pjsip/src/pjsip-simple/evsub.c
-+++ b/pjsip/src/pjsip-simple/evsub.c
-@@ -2224,9 +2224,12 @@ static void on_tsx_state_uas( pjsip_evsu
-         /* Send the pending NOTIFY sent by app from inside
-          * on_rx_refresh() callback.
-          */
--        pj_assert(sub->pending_notify);
--        status = pjsip_evsub_send_request(sub, sub->pending_notify);
--        sub->pending_notify = NULL;
-+        //pj_assert(sub->pending_notify);
-+        /* Make sure that pending_notify is set. */
-+        if (sub->pending_notify) {
-+            status = pjsip_evsub_send_request(sub, sub->pending_notify);
-+            sub->pending_notify = NULL;
-+        }
- 
-     } else if (pjsip_method_cmp(&tsx->method, &pjsip_notify_method)==0) {
- 
diff --git a/libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch b/libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch
deleted file mode 100644
index e625f2e18..000000000
--- a/libs/pjproject/patches/0020-log-dropped-packet-in-debug.patch
+++ /dev/null
@@ -1,26 +0,0 @@
---- a/pjsip/src/pjsip/sip_transport.c
-+++ b/pjsip/src/pjsip/sip_transport.c
-@@ -2088,15 +2088,17 @@ PJ_DEF(pj_ssize_t) pjsip_tpmgr_receive_p
-              * which were sent to keep NAT bindings.
-              */
-             if (tmp.slen) {
--                PJ_LOG(1, (THIS_FILE, 
--                      "Error processing %d bytes packet from %s %s:%d %.*s:\n"
--                      "%.*s\n"
--                      "-- end of packet.",
-+                PJ_LOG(2, (THIS_FILE,
-+                      "Dropping %d bytes packet from %s %s:%d %.*s\n",
-                       msg_fragment_size,
-                       rdata->tp_info.transport->type_name,
--                      rdata->pkt_info.src_name, 
-+                      rdata->pkt_info.src_name,
-                       rdata->pkt_info.src_port,
--                      (int)tmp.slen, tmp.ptr,
-+                      (int)tmp.slen, tmp.ptr));
-+                PJ_LOG(4, (THIS_FILE,
-+                      "Dropped packet:"
-+                      "%.*s\n"
-+                      "-- end of packet.",
-                       (int)msg_fragment_size,
-                       rdata->msg_info.msg_buf));
-             }

From 11353e1a17761ee1b29488da008e05fe81d3e174 Mon Sep 17 00:00:00 2001
From: Daniel Golle <daniel@makrotopia.org>
Date: Sat, 22 Jun 2024 15:40:52 +0100
Subject: [PATCH 2/2] asterisk: update to version 20.8.1

Update to most recent LTS release addressing multiple security and
stability issues.

Complete changelog:
https://github.com/asterisk/asterisk/compare/20.5.2...20.8.1

Note that res-stir-shaken switched to use libjwt instead of providing
a built-in JWT implementation.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
---
 net/asterisk/Makefile                             | 7 ++++---
 net/asterisk/patches/100-build-reproducibly.patch | 4 ++--
 net/asterisk/patches/130-eventfd.patch            | 2 +-
 net/asterisk/patches/140-use-default-lua.patch    | 2 +-
 net/asterisk/patches/180-app_queue_time_t.patch   | 2 +-
 5 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/net/asterisk/Makefile b/net/asterisk/Makefile
index e5075caaa..f38c4ffd1 100644
--- a/net/asterisk/Makefile
+++ b/net/asterisk/Makefile
@@ -8,13 +8,13 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=asterisk
-PKG_VERSION:=20.5.2
+PKG_VERSION:=20.8.1
 PKG_RELEASE:=1
 PKG_CPE_ID:=cpe:/a:digium:asterisk
 
 PKG_SOURCE:=asterisk-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://downloads.asterisk.org/pub/telephony/asterisk/releases
-PKG_HASH:=8f68e1789dfb8aa04b0eba87ea1d599a62e088ddd20926afc997f36b455e1859
+PKG_HASH:=fa498b6224e8c262de6840a67e00e3747e178fcefd9fb2595885d402ca3248f5
 
 PKG_BUILD_DEPENDS:=libxml2/host
 
@@ -583,6 +583,7 @@ CONFIGURE_ARGS+= \
 	--with-ilbc=internal \
 	--without-pjproject-bundled \
 	--with-libedit="$(STAGING_DIR)/usr" \
+	$(if $(CONFIG_PACKAGE_$(PKG_NAME)-res-stir-shaken),--with-libjwt-bundled=yes,--with-libjwt-bundled=no) \
 	--with-libxml2 \
 	$(if $(CONFIG_ASTERISK_LIBXSLT_SUPPORT),--with-libxslt,--without-libxslt) \
 	$(if $(CONFIG_PACKAGE_$(PKG_NAME)-res-snmp),--with-netsnmp="$(STAGING_DIR)/usr",--without-netsnmp) \
@@ -1057,7 +1058,7 @@ $(eval $(call BuildAsteriskModule,res-stasis-playback,Stasis application playbac
 $(eval $(call BuildAsteriskModule,res-stasis-recording,Stasis application recording,Stasis application recording support.,+$(PKG_NAME)-res-stasis,,res_stasis_recording,,))
 $(eval $(call BuildAsteriskModule,res-stasis-snoop,Stasis application snoop,Stasis application snoop support.,+$(PKG_NAME)-res-stasis-recording,,res_stasis_snoop,,))
 $(eval $(call BuildAsteriskModule,res-statsd,statsd client,Statsd client support.,,statsd.conf,res_statsd,,))
-$(eval $(call BuildAsteriskModule,res-stir-shaken,STIR/SHAKEN resource module,STIR/SHAKEN resource module.,+$(PKG_NAME)-curl,stir_shaken.conf,res_stir_shaken,,))
+$(eval $(call BuildAsteriskModule,res-stir-shaken,STIR/SHAKEN resource module,STIR/SHAKEN resource module.,+$(PKG_NAME)-curl +libjwt,stir_shaken.conf,res_stir_shaken,,))
 $(eval $(call BuildAsteriskModule,res-stun-monitor,STUN monitoring,STUN network monitor.,,res_stun_monitor.conf,res_stun_monitor,,))
 $(eval $(call BuildAsteriskModule,res-timing-dahdi,DAHDI Timing Interface,DAHDI timing interface.,+$(PKG_NAME)-chan-dahdi,,res_timing_dahdi,,))
 $(eval $(call BuildAsteriskModule,res-timing-pthread,pthread Timing Interface,pthread timing interface.,,,res_timing_pthread,,))
diff --git a/net/asterisk/patches/100-build-reproducibly.patch b/net/asterisk/patches/100-build-reproducibly.patch
index f16421b4a..d667f3687 100644
--- a/net/asterisk/patches/100-build-reproducibly.patch
+++ b/net/asterisk/patches/100-build-reproducibly.patch
@@ -17,10 +17,10 @@
   * build.h
 --- a/build_tools/make_xml_documentation
 +++ b/build_tools/make_xml_documentation
-@@ -187,7 +187,7 @@ printf "Building Documentation For: "
+@@ -193,7 +193,7 @@ printf "Building Documentation For: "
  for subdir in ${mod_subdirs} ; do
  	printf "%s " "${subdir}"
- 	subdir_path="${source_tree}/${subdir}"
+ 	subdir_path=$(make_absolute "$subdir")
 -	for i in $(${FIND} "${subdir_path}" -name '*.c' -or -name '*.cc'); do
 +	for i in $(${FIND} "${subdir_path}" -name '*.c' -or -name '*.cc' | LC_ALL=C sort); do
  		if [ "${with_moduleinfo}" -eq "1" ] ; then
diff --git a/net/asterisk/patches/130-eventfd.patch b/net/asterisk/patches/130-eventfd.patch
index 60e7d26b4..81bd33230 100644
--- a/net/asterisk/patches/130-eventfd.patch
+++ b/net/asterisk/patches/130-eventfd.patch
@@ -1,6 +1,6 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -1257,7 +1257,7 @@ if test "${ac_cv_have_variable_fdset}x"
+@@ -1272,7 +1272,7 @@ if test "${ac_cv_have_variable_fdset}x"
  fi
  
  AC_MSG_CHECKING([if we have usable eventfd support])
diff --git a/net/asterisk/patches/140-use-default-lua.patch b/net/asterisk/patches/140-use-default-lua.patch
index 006a07fff..3857d13c9 100644
--- a/net/asterisk/patches/140-use-default-lua.patch
+++ b/net/asterisk/patches/140-use-default-lua.patch
@@ -1,6 +1,6 @@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -2608,7 +2608,7 @@ if test -z "$__opus_include" -o x"$__opu
+@@ -2623,7 +2623,7 @@ if test -z "$__opus_include" -o x"$__opu
  fi
  AST_EXT_LIB_CHECK([OPUSFILE], [opusfile], [op_open_callbacks], [opus/opusfile.h], [], [$__opus_include])
  
diff --git a/net/asterisk/patches/180-app_queue_time_t.patch b/net/asterisk/patches/180-app_queue_time_t.patch
index d582a3940..3e47c0f44 100644
--- a/net/asterisk/patches/180-app_queue_time_t.patch
+++ b/net/asterisk/patches/180-app_queue_time_t.patch
@@ -1,6 +1,6 @@
 --- a/apps/app_queue.c
 +++ b/apps/app_queue.c
-@@ -4614,8 +4614,12 @@ static int is_longest_waiting_caller(str
+@@ -4625,8 +4625,12 @@ static int is_longest_waiting_caller(str
  					 * will be unused until the first caller is picked up.
  					 */
  					if (ch->start < caller->start && !ch->pending) {