sip5060.net / en es
Add new DigestStream class, capable of MD5, SHA1, SHA256, SHA512 and SHA512/256 hash algorithms -all algorithms support with OpenSSL, only MD5 and SHA1 support without OpenSSL -deprecate MD5Stream and SHA1Stream classes -update all uses MD5Stream and SHA1Stream to use new DigestStream -will leave deprecated classes in rutil for now, to give users a chance to transition to new DigestStream class -rename SHA1 class to Sha1 to avoid conflict with new DigestBuffer enum for DigestType
Support Public IP/Port use in transport RecordRoutes - make sure we recognize custom/public address/port used in Route headers as belonging to us (Proxy::isMyUri), by checking inbound route headers against our configured RecordRoute's -small optimization to DialogUsageManager::sendUsingOutboundIfAppropriate, put cheaper check first
- do normal preload process when using WinSecurity.cxx, so that domain certificates can be loaded
Merge pull request #453 from szokovacs/DNSReturnAllResults Expose ARES_FLAG_NOCHECKRESP ares flag in resip
Added comment explaing the effect of the new flag
repro: RFC5626 Outbound fix to not remove contact registration on locally generated 408 timeouts Locally generated 408 timeouts are now ignored to prevent premature registration teardown. We only remove contacts on hard transport failures (local 503 or 430/410 responses), ensuring that transient network or app-layer lag doesn't wipe our registration database while the RFC 5626 Flow is still physically established.
Merge pull request #454 from szokovacs/changenameservers expose already existing possibility to change the DNS servers to the …
- sdpcontainer::Sdp - add get mediaLineAtIndex api - sdpcontainer::SdpMediaLine - add more crypto type definitions
-CMake: build resipmedia by default, add separate flag so not dependant on recon being enabled
- complete move of sdpcontainer to resipmedia - complete rename of SdpHelperResip to SdpHelper
Move SdpContainer used in recon to resipmedia library for use in other projects
- small cleanup of TlsConnection handshake error logs - previous text was misleading (missing client cert it not necessarily a problem)
resolve conflict between TFM and ARES
still
typo fix
following up missing ExternalDns change
expose already existing possibility to change the DNS servers to the DnsStub API
Expose ARES_FLAG_NOCHECKRESP ares flag in resip It can be used to force ares to use the hosts file as a fallback when the DNS lookup fails
Expand WinSecurity constructors to allow setting of defaultPrivateKeyPassPhrase and DHParamsFilename
Merge pull request #438 from Lastique/feature/add_sip_headers_iteration Add support for iteration over SIP headers
- log filename in exception in Data::fromFile
Merge pull request #452 from mykhailopopivniak/fqdn_log_init rutil/Log: Selectively enable FQDN resolution upon Logger initialization
rutil/Log: Selectively enable FQDN resolution upon Logger initialization FQDN resolution uses `getaddrinfo` with `AI_CANONNAME` and may cause DNS lookup in some cases. If the DNS server is slow or unresponsive, the logger initialization hangs until the system network timeout occurs. Disable FQDN resolution and use local hostname `mHostname` for JSON CEE logging by default. A new compilation option `USE_FQDN_FOR_JSON_CEE_HOSTNAME` is introduced to re-enable FQDN resolution upon Logger initialization if required.
Allow remote support for Session Timers to be determined in Supported or Requires headers - InviteSession - add tracking of peer RequiresOptionTags and add getPeerRequiresOptionsTags method - rename timerOptionSupported to sessionTimerSupportedLocalAndPeer for clarity - define const Token for Symbols::Timer so we don't need to create one on every use - add session timer headers to response even if far end doesn't support (non OPTIONs responses only)
-when a new StatisticsManager poll interval is set, ensure we recalculate nNextPoll, so we don't need to wait for the previous amount of time to pass before taking effect
-fix CMakeLists.txt OpenSSL library linking using Nuget on VisualStudio/Windows
- repro: fix windows build when %temp% dir has spaces in it
- recon: ensure BridgeMixerWeights are recalculated when setting record channel number
- add change missing from last commit - add repro.config and MOHParkServer.config to source listings
Merge branch 'master' of https://github.com/resiprocate/resiprocate
Deprecate old Pidf.hxx/cxx in favor of the newer and more flexible GenericPidfContents class - update resip stacks internal uses of Pidf to GenericPidfContents - remove Pidf.hxx/cxx and tests from build - leave files in place (for now) to allow use if still needed - fixes ContentsFactory ambiguity over which Contents class to use when parsing
Merge pull request #449 from Lastique/feature/fix_cxx20_comparison_ambiguity Fix potential ambiguity of the comparison operator for `BranchParameter`
Merge pull request #448 from Lastique/feature/fix_cxx20_implicit_this_captures Fix deprecated implicit this captures and dangling pointer captures
Merge pull request #447 from Lastique/feature/fix_cxx20_different_enums_warnings Fix C++20 warnings about operations on enums of different types
Merge pull request #446 from Lastique/feature/fix_cxx20_volatile_ops Remove operations on volatile variables
Merge pull request #444 from Lastique/patch-1 Fix `weak_bind` constructor definition
Fix potential ambiguity of the comparison operator for BranchParameter. C++20 introduces support for comparison operator rewriting. In particular, the compiler is now able to synthesize comparison operators with swapped arguments, so e.g. for operator==(A, B) it would synthesize operator==(B, A). This poses a problem for BranchParameter::operator==, which is declared non-const and accepts a const BranchParameter& argument. The above rewriting would synthesize a different operator== that is marked as const but accepts a non-const BranchParameter& argument. Invoking comparison between two non-const BranchParameter objects would therefore be ambiguous as the original and the synthesized overloads would both equally match. Gcc 14 gratiously accepts such code, albeit with a warning, but other compilers may reject it. Fix this by marking the operator== as const.
Fix deprecated implicit this captures and dangling pointer captures. C++20 deprecates implicit capture of this pointer by the [=] capture clause. Compilers generate warnings about this. Explicitly specify this, where needed. Furthermore, in a few methods of TurnAsyncSocket, raw pointers were captured in the callbacks passed to asio::dispatch. Since asio::dispatch may post the callback to the IO thread, the captured pointer could become dangling when the callback was invoked. Avoid this by capturing Data instead. To avoid an extra copy, move the captured Data object into the TurnAsyncSocket class members when the callback is invoked.
Fix C++20 warnings about operations on enums of different types. C++20 deprecates support for bitwise operations where the two arguments have different enum types. Compilers generate warnings about this. In Headers.cxx, commaHandling is used in bitwise operations with ParserCategory::CommasAllowedOutputMulti. Since commaHandling is defined as an unnamed enum in each class derived from ParserCategory, each constant constitutes a distinct enum type. To avoid the warnings, name the enum in ParserCategory and use that name to define commaHandling constants. In DumFeatureChain.cxx and DialogUsageManager.cxx, DumFeature::ProcessingResult bit masks are tested using DumFeature::ProcessingResultMask bits, which are two different enums. To avoid the warnings, cast the enums to unsigned int (since these are bit masks).
Remove operations on volatile variables. C++20 deprecates operations other than reads and writes performed on volatile variables. Compilers generate warnings about this. In the Log class, touchCount was marked as volatile in attempt to emulate atomics in C++03 (which was incorrect; atomicity was not guaranteed). Replace it with std::atomic. Also change it to unsigned int to increase chances of native support for atomic operations rather than emulation. In testRandomThread, the volatile variables need not be marked as such as the compiler is required to reload these variables across wait() calls since a wait call unlocks and locks the mutex, which implies release and acquire fences.
Fix weak_bind constructor definition. The constructor name should not include template parameters. Otherwise, it causes compilation errors with gcc 13.3 in C++20 mode.
- ConnectionManager::gc safe guard against underflows in flowtimer connection cleanup logic
Merge branch 'master' of https://github.com/resiprocate/resiprocate
Protect against time calcuation underflows in ConnectionManager::gc - misc: remove mostly useless log statement in Helper::getSdp
TLS Handshake Fixes - don't assume OpenSSL Ex Data index 0 is available - query OpenSSL for available index - use more modern and overflow safe API's in verifyCallback for extracting the certificate subject name
Make RRDecorator logic safer - add error log to RRDecorator::rollbackMessage if expected condition on mAddedRecordRoute is not true - SipMessage - check mIsDecorated directly in rollbackOutboundDecorators to help avoid coding errors - SipMessage::clearOutboundDecorators now rolls back decorators if needed before clearing them, which will also ensure mIsDecorated is reset to false
Disable stream player in SipXMediaResourceParticipant.cxx. Stream Player is not supported in sipX, no one should use it.
- improve logging in ConnectionBase by logging out mWho tuple
-ignore coverity intermediate directory
Merge pull request #443 from mykhailopopivniak/str-view-config-fix build: expose `config.h` to library users
build: expose `config.h` to library users `config.h` defines macros required for correct compilation of Resiprocate-related classes. For example, it controls `std::string_view` support, but the header was not previously installed, preventing users from including it. This change installs the file so that client projects can use the same configuration as the library.
Merge pull request #440 from fnMrRice/master - fix MSVC compile warning C4819 - fix the git command execution error when the build directory is not under the source directory
fix the git command execution error when the build directory is not under the source directory
fix MSVC compile warning C4819
Merge pull request #437 from Lastique/feature/remove_strncasecmp Remove custom definition of `strncasecmp`
Merge pull request #436 from Lastique/feature/fix_cctype_usage Fix usage of `<cctype>` functions
Remove custom definition of strncasecmp. The custom definition had non-standard signature and could conflict with the same-named function in libc. It also incorrectly used tolower().
Fix usage of <cctype> functions. Functions defined in <cctype> have undefined behavior if a negative value is passed on input. Input values must always be converted to unsigned integers. Also, added missing includes.
Merge pull request #433 from Lastique/feature/use_crypto_rng_in_security Use crypto RNG when generating certificates and nonce
Merge pull request #435 from Lastique/feature/tls_tweaks TLS tweaks - Disables TLS compression by default, as it has security vulnerability. - Corrects logging. - Fixes potential use of undefined client verification mode in TlsConnection in release builds. Known Vulnerabilities CRIME attack (2012) Exploits TLS/SSL compression (or SPDY/HTTP compression) to leak secrets like cookies. By observing changes in ciphertext length when chosen plaintext is injected, an attacker can recover secret data. This is why most browsers and servers disabled TLS-level compression shortly after CRIME was disclosed. BREACH attack (2013) Targets HTTP response compression (not TLS compression, but similar principle). Exploits dynamic content compression (gzip/deflate) at the HTTP layer. Can leak CSRF tokens and other secrets. OpenSSL Status TLS compression support exists in older OpenSSL, but it’s disabled by default in modern versions. If enabled, it introduces the CRIME risk. Best practice: Do not use TLS compression at all. Use only application-level compression (if needed) and ensure it’s applied carefully, not across attacker-controlled and secret data in the same stream.