Commit Graph

36109 Commits

Author SHA1 Message Date
Andrey Volk 225a5e197e [Build-system] Migrate music/sounds from files.freeswitch.org to https://github.com/freeswitch/freeswitch-sounds/releases (#3062) 2026-06-30 23:33:14 +03:00
Andrey Volk b9c41705b7 [mod_codec2] Use pre-compiled libcodec2 package on Windows. (#3058) 2026-06-23 23:25:55 +03:00
Andrey Volk 390444bc42 [mod_sofia] Fix broken sip: prefix check in deflect handler (#3057) 2026-06-12 19:31:01 +03:00
Ahron Greenberg (agree) 174b16a3d1 [mod_amqp] prevent segfault on double connection close
When a command response publish failed, `mod_amqp_command_response` closed
the connection and cleared conn_active. The command thread teardown then
called mod_amqp_connection_close(NULL), causing a segfault.

Also fix amqp_error_string2() calls to pass status codes without erroneous negation.
2026-06-12 17:53:40 +03:00
Andrey Volk be554e4a08 [Core] switch_sockaddr_info_get() will not resolve if the hostname is an IP address. Add new switch_is_ip_address() API. Add a unit-test. (#3055) 2026-06-12 16:13:47 +03:00
Andrey Volk 2e9b721d43 [mod_v8] Use pre-compiled libnode 20.19.2 binary instead of custom v8-6.1 lib on Windows. (#3053) 2026-06-11 03:00:34 +03:00
Andrey Volk f31b902a0a [mod_v8] Use upstream libnode-dev instead of custom libv8-6.1-dev on Linux. Enable for ARM64 and armhf. (#3052) 2026-06-11 01:38:53 +03:00
Dmitry Verenitsin 153c3a5139 [mod_lua] Move SWIG wrapper patches into ".i" typemaps, drop hack.diff (#3043)
A swig 4.1 regeneration dropped several hand-patched wrapper edits.
Express them (and the rest) as SWIG typemaps in `freeswitch.i` so they
survive reswig. `make reswig` now produces the final wrapper directly;
`hack.diff` and its `patch` step are removed.

Restored regressions:
- `setLUA(L)` on returned `Session`: a hangup hook or input callback on
a script-created `freeswitch.Session()` no longer crashes the process
- binary-safe `Stream::read` (`lua_pushlstring`)

Also moved to typemaps:
- `Dbh`/`JSON` self-pointer guards (`%typemap(check)`), now covering
every wrapper including four the hand-patch missed
- type-table isolation (`#define SWIG_TYPE_TABLE mod_lua`)
2026-05-28 01:34:53 +03:00
Serhii Ivanov 077393376a [GHA] Add source tarball generation workflow (#3019)
* [GHA] Add source tarball generation workflow

* [GHA] Add manual dispatch with ref input and artifact upload to tarball workflow
2026-05-27 12:01:12 +03:00
Andrey Volk ac60d2f6ec version bump 2026-05-27 02:06:10 +03:00
Andrey Volk 0f25e294bc swigall (#3039) 2026-05-26 23:37:13 +03:00
Dmitry Verenitsin dc5c802627 [libesl] Fix build of tests (#3038) 2026-05-26 23:11:19 +03:00
Dmitry Verenitsin 22de26cc7c Merge commit from fork
* [libesl] Validate `Content-Length` in `esl_recv_event`.

`atol()` accepted negative values, allowing a remote ESL peer to cause
a one-byte heap underwrite (`Content-Length: -1`) or NULL-pointer
dereference (`Content-Length: -2`, since `esl_assert` compiles out
under `NDEBUG`). Reject negative and oversized values, and check
`malloc` failure instead of relying on `assert`.

Cap at `ESL_MAX_CONTENT_LENGTH` (16 MiB).

* [libesl] Add test_recv_event.
2026-05-26 22:28:23 +03:00
Dmitry Verenitsin 02ac36bb11 Merge commit from fork
Lower `CJSON_NESTING_LIMIT` from upstream default 1000 to 64 via
`SWITCH_AM_CFLAGS` / `SWITCH_AM_CXXFLAGS`. The mutually recursive
`parse_value`/`parse_array`/`parse_object` chain in cJSON consumes
~2 stack frames per nesting level, which can overflow worker
threads running on `SWITCH_THREAD_STACKSIZE` (240 KB).
2026-05-26 22:27:05 +03:00
Dmitry Verenitsin 74d320834b Merge commit from fork
In `check_auth()` the userauth branch committed request `userVariables`,
`JPFLAG_RESUME_CALL`, identity fields, `<user><params>`/`<variables>`,
`dialplan`, and `context` to `jsock` *before* the password compare. On
mismatch only `jsock->uid` was reverted; the rest persisted on the
socket and leaked into outbound/inbound INVITE setup and `jsapi`/event
publishes.

Restructure so the gate runs first: pre-scan `<user><params>` into
locals, compare, and on mismatch return FALSE with no `jsock` writes.
Identity/vars commits and `<user><params>`/`<variables>` persistence
move past the gate. Blind-reg short-circuit and
`req_params`/`x_user` ownership preserved on every exit; success-path
writes are bit-for-bit equivalent.

Side cleanups:
- "Login sucessful" → "Login successful" typo;
- success log WARNING → NOTICE;
- the spurious WARNING "Login sucessful" no longer fires on bad-password
attempts that located the user in the directory;
2026-05-26 22:26:29 +03:00
Dmitry Verenitsin 693f7dc6aa Merge commit from fork
`process_jrpc()` called `set_session_id()` before `check_auth()`, so an
unauthenticated client could insert its jsock into `jsock_hash` under a
foreign `sessid` and have `attach_jsock()` evict the prior owner
(`verto.punt` + `detach_calls()` + `drop=1`) with no identity check.

Move the bind past the auth gate; `JPFLAG_INIT` now means "jsock is
bound", not "first frame seen". Additionally, `attach_jsock()` refuses
the bind when prior and new jsock are authed under different `uid`s,
replying `CODE_AUTH_FAILED` "Session in use". Same-uid reconnect and
no-auth profile binds are unchanged.
2026-05-26 22:24:48 +03:00
Dmitry Verenitsin 67b62fb969 Merge commit from fork
Unchecked `atoi()` on declared payload size let a client
request up to `INT_MAX`, forcing the server to write ~20 GB
per request via the download phase. Short `#` frames also
triggered OOB reads on `s[1..3]`.

- Gate `#` branch on `JPFLAG_AUTHED`.
- Cap declared size at 10 MiB (`VERTO_SPEED_TEST_MAX_SIZE`).
- Replace `atoi()` with bounded `strtol()`.
- Require `bytes >= 4` before indexing `s[1..3]`.
2026-05-26 22:23:35 +03:00
Dmitry Verenitsin 33ee3663bb Merge commit from fork
Cap `Content-Length` at `HTTP_POST_MAX_BODY` (10 MiB) and size the
allocation to the actual body length (`content_length + 1` for
the trailing NUL).

Also fix `WS_BLOCK` units — `kws_raw_read` takes ms, set to 10000.
2026-05-26 22:02:42 +03:00
MarioG-X e3dc9950fd [GHA] Update ffmpeg and libpq in macos.yml
ffmpeg@5 changed to ffmpeg@7
Note: tested ffmpeg@8 but it causes missing ft2build.h in truetype include library.

libpq@16 changed to libpq@18

Co-authored-by: Andrey Volk <andywolk@gmail.com>
2026-05-26 19:29:55 +03:00
Dmitry Verenitsin bf9c95e890 [core] Use switch_stun_ipv6_t for STUN IPv6 write paths. (#3037)
Route IPv6 writes in `switch_stun_packet_attribute_add_binded_address`
and `switch_stun_packet_attribute_add_xor_binded_address` through
`switch_stun_ipv6_t` (16-byte `address[]`) instead of `switch_stun_ip_t`
(4-byte `uint32_t address`).

Add IPv4/IPv6 unit tests for both encoders.

Co-authored-by: Andrey Volk <andywolk@gmail.com>
2026-05-26 18:11:11 +03:00
Dmitry Verenitsin 9da537a19f [mod_sofia] Add SIP 603+ detection and passthrough control. Add unit-tests. (#3035)
Implement SIP 603+ (ATIS-1000099) support for FCC analytics-based call blocking compliance.

Detection:
- Detect incoming 603+ responses by checking "Network Blocked" phrase
and "v=analytics1;" in the `Reason` header text
- Set `sip_603plus_reason` channel variable on both legs for CDR visibility

Passthrough control:
- `sip_603plus_passthrough=true`: forward 603+ phrase and Reason header
- `sip_603plus_passthrough=false`: strip `Reason` header, send clean `603 Decline`
- Not set: existing behavior preserved
- Works independently of `disable_q850_reason` for selective forwarding
2026-05-26 17:33:23 +03:00
Dmitry Verenitsin bcd9d82630 [mod_sofia] capture SIP reason header on INVITE failure (#3036)
Co-authored-by: Chris Rienzo <chris@signalwire.com>
2026-05-26 16:42:52 +03:00
Andrey Volk 2bd6f0116b [mod_sofia] Reload certificates on the fly without disconnects using reloadcert API. (#3034) 2026-05-26 01:12:37 +03:00
Andrey Volk b5c3c86aa0 [mod_commands, mod_verto] Add new reloadcert API and let mod_verto reload certificates on the fly without disconnects. (#3033) 2026-05-26 00:25:56 +03:00
Dmitry Verenitsin 325bb3a606 [core] Fix segments count check in clean_uri(). Add unit-test. (#3032) 2026-05-26 00:16:40 +03:00
Dmitry Verenitsin 08c3fffa7c [mod_sofia] Fix use-after-free in dispatch event thread. (#3031)
`sofia_process_dispatch_event_in_thread` allocated `td` from a memory pool,
then `sofia_msg_thread_run_once` destroyed that same pool after processing
the event — leaving `td` dangling when the thread pool worker accessed it.

Allocate `td` with `switch_zmalloc` (`td->alloc = 1`) so the worker frees it
safely after the function returns. Remove the now-unused `pool` field from
`sofia_dispatch_event_t`.
2026-05-26 00:15:19 +03:00
Dmitry Verenitsin 56cc958b28 [core] Fix use-after-free in session thread pool worker. (#3030)
`switch_core_session_thread_pool_launch()` allocated the thread data (`td`)
from the session pool. However, `switch_core_session_thread()` destroys
the session pool before returning, leaving td as a dangling pointer.
The worker then accesses `td->running` and `td->pool` — a use-after-free
that crashes under memory pressure when the freed pool is reused.

Allocate `td` with `switch_zmalloc()` and set `td->alloc = 1` so the worker frees it
after the task completes. This ensures `td` outlives the session pool
destruction.
2026-05-26 00:13:29 +03:00
Dmitry Verenitsin c25af8dd81 [mod_erlang_event] Fix correctness, OTP compatibility, and memory issues
Changes:
- Snapshot `erl_errno` after `ei_xreceive_msg_tmo()` — outbound `ei_*` calls in the same loop iteration clobber the thread-local errno before the listener checks it, causing wrong exit decisions and misleading logs.
- Fix `switch_size_t ` cast of `int` in `ei_link`* — `(switch_size_t *)&index` reads/writes 8 bytes through a 4-byte `int` on LP64. Use a real `switch_size_t` local.
- Dispatch `ERL_NEWER_REFERENCE_EXT` — newer OTP encodes refs with this tag; spawn replies from modern nodes were silently dropped to the default branch.
- Handle `ERL_EXIT2` — processes killed via `erlang:exit/2` arrive with this tag, not `ERL_EXIT`. Without it, sessions stayed attached to dead Erlang pids.
- Modernize `-spec` syntax in `freeswitch.erl` — old `-spec(F/N :: (...))` form was removed in OTP 21+; module no longer compiled.
- Fix multiple memory issues:
  - `ei_hash_ref()`: replace unbounded `sprintf` with `snprintf` + shared `EI_HASH_REF_LEN`.
  - `handle_msg_sendevent` / `handle_msg_sendmsg`: free the heap `value` on `ei_decode_string` failure; remove dead `if (!fail)` branches.
  - `listener_main_loop`: free `buf`/`rbuf` on the two `handle_msg` early-exit paths.
  - `erlang_sendmsg_function` app: move `ei_x_new_with_version` past arg validation and add `ei_x_free` at the end.
2026-05-26 00:12:08 +03:00
Andrey Volk 1544dfb755 [Core, modules] Fix various dead assignments. 2026-05-25 23:56:13 +03:00
Gustavo Almeida 7d35ea2986 [mod_sofia] Fix handling of sip-options-respond-503-on-busy profile parameter 2026-05-25 21:15:13 +03:00
Niall Dooley 90da63c0d1 [mod_commands] Fix reloadacl description 2026-05-25 21:11:10 +03:00
Andrey Volk 4bc49f57b7 [Build-System] Update libks requirements to 2.0.11 (#3025) 2026-05-20 23:18:38 +03:00
Andrey Volk 7fbfe11d01 version bump 2026-05-08 02:26:52 +03:00
Serhii Ivanov f40469efcc [GHA] Use release libs for trixie releases (#3016) 2026-05-08 00:53:07 +03:00
Andrey Volk 1eff3afde1 swigall (#3015) 2026-05-07 21:52:56 +03:00
Andrey Volk 1e1cecd474 Merge commit from fork 2026-05-07 20:20:52 +03:00
Andrey Volk 2a7100053a Merge commit from fork 2026-05-07 20:18:11 +03:00
Andrey Volk ce12717ad7 Merge commit from fork
Co-authored-by: Jakub Karolczyk <jakub.karolczyk@signalwire.com>
2026-05-07 20:14:34 +03:00
Serhii Ivanov 1a97ed38e6 [GHA] Treat v1.11 as a release branch (#2873)
* [GHA] Add `v1.11` branch target
* [GHA] Treat `v1.11` as a release branch

---------

Co-authored-by: Andrey Volk <andywolk@gmail.com>
2026-05-07 18:19:08 +03:00
praveen-kd-23 8babcee3ea [Core] Fix DTLS Peer Certificate verification 2026-04-02 18:03:28 +03:00
Andrey Volk 14b8295dbc [mod_cdr_mongodb] Remove from tree (#2992) 2026-03-06 01:26:20 +03:00
Andrey Volk 88fa1f95ca [libesl] Fix heap buffer overflow in esl_buffer_write (#2979) 2026-01-16 23:10:23 +03:00
Andrey Volk 418edb8e2b [Build-System] Use unique .orig.tar.xz filenames across different Debian distributions. Update Debian distributions since stable is Trixie now. Use codename instead of suite when generating the distribution field in .changes files. (#2953) 2025-11-21 17:47:45 +03:00
Serhii Ivanov 4c93f3ce2b [UTILS] Add additional token prefix (#2950) 2025-11-19 01:37:49 +03:00
Ahron Greenberg (agree) 2062d2c483 [mod_curl] Add curl exit code to response 2025-11-15 00:47:08 +03:00
Andrey Volk 02549c10d9 [mod_dialplan_xml] Fix double free after upgrade to pcre2. (#2946) 2025-11-13 17:42:04 +03:00
Andrey Volk 9b0bbeaac9 [Build-System] Update OpenSSL to v3.4.3, bump libks to 2.0.7 on Windows. (#2934) 2025-10-16 21:47:51 +03:00
Jakub Karolczyk caa50b6c4f Merge pull request #2915 from signalwire/fix_missing_ice_mutex
[core] Fix - add missing ice_mutex to protect dtls
2025-09-15 17:24:48 +01:00
Jakub Karolczyk 1585ca7aaf [core] Fix - add missing ice_mutex to protect dtls 2025-09-15 16:59:30 +01:00
Jakub Karolczyk aede363606 Merge pull request #2914 from signalwire/fix_old_port_log 2025-09-14 16:55:16 +01:00