sip5060.net / en es
Allow remote support for Session Timers to be determined in Supported or Requires headers - InviteSession - add tracking of peer RequiresOptionTags and add getPeerRequiresOptionsTags method - rename timerOptionSupported to sessionTimerSupportedLocalAndPeer for clarity - define const Token for Symbols::Timer so we don't need to create one on every use - add session timer headers to response even if far end doesn't support (non OPTIONs responses only)
-when a new StatisticsManager poll interval is set, ensure we recalculate nNextPoll, so we don't need to wait for the previous amount of time to pass before taking effect
-fix CMakeLists.txt OpenSSL library linking using Nuget on VisualStudio/Windows
- repro: fix windows build when %temp% dir has spaces in it
- recon: ensure BridgeMixerWeights are recalculated when setting record channel number
- add change missing from last commit - add repro.config and MOHParkServer.config to source listings
Merge branch 'master' of https://github.com/resiprocate/resiprocate
Deprecate old Pidf.hxx/cxx in favor of the newer and more flexible GenericPidfContents class - update resip stacks internal uses of Pidf to GenericPidfContents - remove Pidf.hxx/cxx and tests from build - leave files in place (for now) to allow use if still needed - fixes ContentsFactory ambiguity over which Contents class to use when parsing
Merge pull request #449 from Lastique/feature/fix_cxx20_comparison_ambiguity Fix potential ambiguity of the comparison operator for `BranchParameter`
Merge pull request #448 from Lastique/feature/fix_cxx20_implicit_this_captures Fix deprecated implicit this captures and dangling pointer captures
Merge pull request #447 from Lastique/feature/fix_cxx20_different_enums_warnings Fix C++20 warnings about operations on enums of different types
Merge pull request #446 from Lastique/feature/fix_cxx20_volatile_ops Remove operations on volatile variables
Merge pull request #444 from Lastique/patch-1 Fix `weak_bind` constructor definition
Fix potential ambiguity of the comparison operator for BranchParameter. C++20 introduces support for comparison operator rewriting. In particular, the compiler is now able to synthesize comparison operators with swapped arguments, so e.g. for operator==(A, B) it would synthesize operator==(B, A). This poses a problem for BranchParameter::operator==, which is declared non-const and accepts a const BranchParameter& argument. The above rewriting would synthesize a different operator== that is marked as const but accepts a non-const BranchParameter& argument. Invoking comparison between two non-const BranchParameter objects would therefore be ambiguous as the original and the synthesized overloads would both equally match. Gcc 14 gratiously accepts such code, albeit with a warning, but other compilers may reject it. Fix this by marking the operator== as const.
Fix deprecated implicit this captures and dangling pointer captures. C++20 deprecates implicit capture of this pointer by the [=] capture clause. Compilers generate warnings about this. Explicitly specify this, where needed. Furthermore, in a few methods of TurnAsyncSocket, raw pointers were captured in the callbacks passed to asio::dispatch. Since asio::dispatch may post the callback to the IO thread, the captured pointer could become dangling when the callback was invoked. Avoid this by capturing Data instead. To avoid an extra copy, move the captured Data object into the TurnAsyncSocket class members when the callback is invoked.
Fix C++20 warnings about operations on enums of different types. C++20 deprecates support for bitwise operations where the two arguments have different enum types. Compilers generate warnings about this. In Headers.cxx, commaHandling is used in bitwise operations with ParserCategory::CommasAllowedOutputMulti. Since commaHandling is defined as an unnamed enum in each class derived from ParserCategory, each constant constitutes a distinct enum type. To avoid the warnings, name the enum in ParserCategory and use that name to define commaHandling constants. In DumFeatureChain.cxx and DialogUsageManager.cxx, DumFeature::ProcessingResult bit masks are tested using DumFeature::ProcessingResultMask bits, which are two different enums. To avoid the warnings, cast the enums to unsigned int (since these are bit masks).
Remove operations on volatile variables. C++20 deprecates operations other than reads and writes performed on volatile variables. Compilers generate warnings about this. In the Log class, touchCount was marked as volatile in attempt to emulate atomics in C++03 (which was incorrect; atomicity was not guaranteed). Replace it with std::atomic. Also change it to unsigned int to increase chances of native support for atomic operations rather than emulation. In testRandomThread, the volatile variables need not be marked as such as the compiler is required to reload these variables across wait() calls since a wait call unlocks and locks the mutex, which implies release and acquire fences.
Fix weak_bind constructor definition. The constructor name should not include template parameters. Otherwise, it causes compilation errors with gcc 13.3 in C++20 mode.
- ConnectionManager::gc safe guard against underflows in flowtimer connection cleanup logic
Merge branch 'master' of https://github.com/resiprocate/resiprocate
Protect against time calcuation underflows in ConnectionManager::gc - misc: remove mostly useless log statement in Helper::getSdp
TLS Handshake Fixes - don't assume OpenSSL Ex Data index 0 is available - query OpenSSL for available index - use more modern and overflow safe API's in verifyCallback for extracting the certificate subject name
Make RRDecorator logic safer - add error log to RRDecorator::rollbackMessage if expected condition on mAddedRecordRoute is not true - SipMessage - check mIsDecorated directly in rollbackOutboundDecorators to help avoid coding errors - SipMessage::clearOutboundDecorators now rolls back decorators if needed before clearing them, which will also ensure mIsDecorated is reset to false
Disable stream player in SipXMediaResourceParticipant.cxx. Stream Player is not supported in sipX, no one should use it.
- improve logging in ConnectionBase by logging out mWho tuple
-ignore coverity intermediate directory
Merge pull request #443 from mykhailopopivniak/str-view-config-fix build: expose `config.h` to library users
build: expose `config.h` to library users `config.h` defines macros required for correct compilation of Resiprocate-related classes. For example, it controls `std::string_view` support, but the header was not previously installed, preventing users from including it. This change installs the file so that client projects can use the same configuration as the library.
Merge pull request #440 from fnMrRice/master - fix MSVC compile warning C4819 - fix the git command execution error when the build directory is not under the source directory
fix the git command execution error when the build directory is not under the source directory
fix MSVC compile warning C4819
Merge pull request #437 from Lastique/feature/remove_strncasecmp Remove custom definition of `strncasecmp`
Merge pull request #436 from Lastique/feature/fix_cctype_usage Fix usage of `<cctype>` functions
Remove custom definition of strncasecmp. The custom definition had non-standard signature and could conflict with the same-named function in libc. It also incorrectly used tolower().
Fix usage of <cctype> functions. Functions defined in <cctype> have undefined behavior if a negative value is passed on input. Input values must always be converted to unsigned integers. Also, added missing includes.
Merge pull request #433 from Lastique/feature/use_crypto_rng_in_security Use crypto RNG when generating certificates and nonce
Merge pull request #435 from Lastique/feature/tls_tweaks TLS tweaks - Disables TLS compression by default, as it has security vulnerability. - Corrects logging. - Fixes potential use of undefined client verification mode in TlsConnection in release builds. Known Vulnerabilities CRIME attack (2012) Exploits TLS/SSL compression (or SPDY/HTTP compression) to leak secrets like cookies. By observing changes in ciphertext length when chosen plaintext is injected, an attacker can recover secret data. This is why most browsers and servers disabled TLS-level compression shortly after CRIME was disclosed. BREACH attack (2013) Targets HTTP response compression (not TLS compression, but similar principle). Exploits dynamic content compression (gzip/deflate) at the HTTP layer. Can leak CSRF tokens and other secrets. OpenSSL Status TLS compression support exists in older OpenSSL, but it’s disabled by default in modern versions. If enabled, it introduces the CRIME risk. Best practice: Do not use TLS compression at all. Use only application-level compression (if needed) and ensure it’s applied carefully, not across attacker-controlled and secret data in the same stream.
Merge pull request #434 from Lastique/feature/log_transaction_state Log transaction state when receiving incoming messages
Avoid using undefined client verification mode in TLS connection. In release builds, if TlsBaseTransport::getClientVerificationMode() returns an unexpected value, SSL_set_verify gets called with an undefined client verification mode. Use SSL_VERIFY_PEER as the default in this case.
Corrected logging.
Disable TLS compression by default. Add SSL_OP_NO_COMPRESSION to the default TLS context options. TLS compression is vulnerable to the CRIME attack and is removed from TLS 1.3, but still supported by the previous versions.
Log transaction state when receiving incoming messages. This allows for associating incoming messages with the receiving transaction state and viewing the current state of the transaction. This simplifies problem diagnostics.
Use crypto RNG when generating certificates and nonce. This improves uniqueness of the generated certificates and nonce, which improves security.
Merge pull request #430 from Lastique/feature/log_parsing_errors Log message parsing context in case of SIP message parsing errors
Merge pull request #429 from Lastique/feature/options_refresh Add support for session refresh using OPTIONS
Add support for session refresh using OPTIONS. When a SIP endpoint does not support timers extension (RFC4028) but supports OPTIONS request (which it should, as this is one of the basic requests defined in RFC3261), using OPTIONS instead of re-INVITE to perform session refresh can be beneficial. OPTIONS is much more lightweight as it doesn't update SDP, which in some cases may disrupt media exchange. Note that OPTIONS can be sent in- or out-of-dialog. In this implementation we are sending in-dialog OPTIONS to verify that this dialog is still active.
Merge pull request #427 from Lastique/feature/fix_stats_log_level Reduce log level of stats messages
Log message parsing context in case of SIP message parsing errors. This simplifies debugging in case of receiving malformed SIP messages.
Merge pull request #428 from Lastique/feature/data_noexcept_move Mark `Data` move constructor/assignment/takeBuf as `noexcept`
Mark Data move constructor/assignment/takeBuf as noexcept. Noexcept markup improves efficiency when Data objects are stored in containers, such as std::vector.
Reduce log level of stats messages. Stats messages do not indicate a problem and therefore should not be logged at warning level.
Update local ASIO drop from v1.18.1 to v1.36.0 -fix up 2 recon/sipXtapi source files for newer asio APIs
Merge pull request #426 from Lastique/feature/asio_1_34_compat Update for Asio 1.34 and later compatibility
Merge pull request #425 from Lastique/feature/remove_ndebug_for_tests Remove `NDEBUG` for tests
Merge pull request #424 from Lastique/feature/fix_tests_with_ndebug Fix test crashes in release builds
Manually add Jacob Butch to AUTHORS file, since he missing from the git logs
Update for Asio 1.34 and later compatibility. This updates usage of Asio for compatibility with version 1.34 and newer, where a number of previously deprecated APIs were removed.
Remove NDEBUG for tests. A great deal of checks in tests are performed using asserts, which get stripped in release builds, when NDEBUG is defined. To facilitate testing release builds, undefine NDEBUG for all tests. Refs https://github.com/resiprocate/resiprocate/issues/423.
Fix test crashes in release builds. Tests testSipMessage and testPubDocument execute essential operations as part of their assert() expressions. In release builds, when NDEBUG is defined, asserts are stripped, which makes the following code invalid. Move essential operations out of assert expressions. Refs https://github.com/resiprocate/resiprocate/issues/423.
Merge pull request #421 from 3cx/no-inherit-handles do not inherit transport handles