SECURITY:

Update to 1.2.9.1 which addresses a security vulnerability in the IAX2 channel driver (chan_iax2). The vulnerability affects all users with IAX2 clients that might be compromised or used by a malicious user, and can lead to denial of service attacks and random Asterisk server crashes via a relatively trivial exploit. From: maintainer Stuart Henderson <stu@spacehopper.org>
2006-06-12 19:04:10 +00:00 · 2006-06-12 19:04:10 +00:00 · ca6257ce12
commit ca6257ce12
parent 06de83c3cc
10 changed files with 77 additions and 119 deletions
--- a/telephony/asterisk/Makefile
+++ b/telephony/asterisk/Makefile
@ -1,8 +1,7 @@
-# $OpenBSD: Makefile,v 1.8 2006/02/15 06:11:39 sturm Exp $
+# $OpenBSD: Makefile,v 1.9 2006/06/12 19:04:10 naddy Exp $

 COMMENT=	"open source PBX"
-DISTNAME=	asterisk-1.2.4
-PKGNAME=	${DISTNAME}p0
+DISTNAME=	asterisk-1.2.9.1
 CATEGORIES=	telephony
 MASTER_SITES=	ftp://ftp.digium.com/pub/asterisk/

@ -29,7 +28,6 @@ post-install:
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/asterisk/agi
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/asterisk/default
 	${INSTALL_DATA_DIR} ${PREFIX}/share/examples/asterisk/openbsd
-	${INSTALL_DATA} ${FILESDIR}/BUGS.OpenBSD ${PREFIX}/share/doc/asterisk
 	${INSTALL_DATA} ${WRKSRC}/{BUGS,SECURITY} ${PREFIX}/share/doc/asterisk
 	${INSTALL_DATA} ${WRKSRC}/doc/README.* ${PREFIX}/share/doc/asterisk
 	${INSTALL_DATA} ${WRKSRC}/doc/*.txt ${PREFIX}/share/doc/asterisk
--- a/telephony/asterisk/distinfo
+++ b/telephony/asterisk/distinfo
@ -1,4 +1,4 @@
-MD5 (asterisk-1.2.4.tar.gz) = 14721abdc85fc3381db275b61dffce2d
-RMD160 (asterisk-1.2.4.tar.gz) = 826351d12a9ffb13f81d4605d80bbc07d678f5b2
-SHA1 (asterisk-1.2.4.tar.gz) = 557528a0a3d2c05245d1ef3d280ed441635f1958
-SIZE (asterisk-1.2.4.tar.gz) = 10536366
+MD5 (asterisk-1.2.9.1.tar.gz) = d98fc3dc5ee8df691ca2b0bd309bb251
+RMD160 (asterisk-1.2.9.1.tar.gz) = d512d3560812bc267a4d372cc96f989e26d7042a
+SHA1 (asterisk-1.2.9.1.tar.gz) = dbb3f84aa33856654bfc937dce853f524a5aa6d6
+SIZE (asterisk-1.2.9.1.tar.gz) = 10568287
--- a/telephony/asterisk/files/BUGS.OpenBSD
+++ b/telephony/asterisk/files/BUGS.OpenBSD
@ -1,35 +0,0 @@
-# $OpenBSD: BUGS.OpenBSD,v 1.1.1.1 2004/09/26 00:38:24 jolan Exp $
-# Author: Jolan Luff <jolan@openbsd.org>
-
-Asterisk has a few problems on OpenBSD.  Digium provides a bug tracker
-to report issues.  There is a general *BSD portability bug here:
-
-http://bugs.digium.com/bug_view_page.php?bug_id=0002393
-
-Specific bugs have been closed with people being told to re-submit under
-the general bug.  With that being said, here is a list of bugs that are
-currently affecting OpenBSD and are unfixed:
-
-1) "UDP checksum bad" messages flooding the console:
-
-   http://bugs.digium.com/bug_view_page.php?bug_id=0002112
-   http://bugs.digium.com/bug_view_page.php?bug_id=0002496
-
-   This is currently worked around in the port by simplying not printing
-   the messages.
-
-2) AGI STREAM FILE function will not have data available to send which
-   causes a timeout and hangup.
-
-3) Music On Hold problems:
-
-   http://bugs.digium.com/bug_view_page.php?bug_id=0002110
-   http://bugs.digium.com/bug_view_page.php?bug_id=0002167
-
-   MOH hasn't been tested on OpenBSD so please report success/failures.
-
-4) The channel driver may receive EAGAIN which will cause the
-   conversation to end.  Unfortunately, I have not been able to
-   reproduce this.  If you are affected by this, please contact me as I
-   have patches to try.
-
--- a/telephony/asterisk/files/musiconhold.conf.sample
+++ b/telephony/asterisk/files/musiconhold.conf.sample
@ -0,0 +1,32 @@
+; $OpenBSD: musiconhold.conf.sample,v 1.1 2006/06/12 19:04:10 naddy Exp $
+; Music on Hold -- Sample Configuration
+
+[default]
+mode=files
+directory=/usr/local/share/asterisk/moh-native
+
+;[native-random]
+;mode=files
+;directory=/usr/local/share/asterisk/moh-native
+;random=yes 	; Play the files in a random order
+
+;
+; This plays files directly from the specified directory, no external
+; processes are required. Files are played in normal sorting order
+; (same as a sorted directory listing), and no volume or other
+; sound adjustments are available. If the file is available in
+; the same format as the channel's codec, then it will be played
+; without transcoding (same as Playback would do in the dialplan).
+; Files can be present in as many formats as you wish, and the
+; 'best' format will be chosen at playback time.
+;
+; NOTE:
+; If you are not using "autoload" in modules.conf, then you
+; must ensure that the format modules for any formats you wish
+; to use are loaded _before_ res_musiconhold. If you do not do
+; this, res_musiconhold will skip the files it is not able to
+; understand when it loads.
+;
+; format_mp3 is in the asterisk-addons package;
+; format_wav supports 8KHz mono RIFF .wav files.
+;
--- a/telephony/asterisk/patches/patch-Makefile
+++ b/telephony/asterisk/patches/patch-Makefile
@ -1,6 +1,6 @@
-$OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
--- Makefile.orig	Mon Dec  5 06:47:51 2005
-+++ Makefile	Sat Feb 11 02:29:14 2006
+$OpenBSD: patch-Makefile,v 1.7 2006/06/12 19:04:10 naddy Exp $
+--- Makefile.orig	Sun Apr 30 15:27:56 2006
+++ Makefile	Thu Jun  1 02:36:38 2006
@@ -19,8 +19,8 @@
 # CROSS_COMPILE=/opt/montavista/pro/devkit/arm/xscale_be/bin/xscale_be-
 # CROSS_COMPILE_BIN=/opt/montavista/pro/devkit/arm/xscale_be/bin/
@ -12,7 +12,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 # CROSS_ARCH=Linux
 # CROSS_PROC=arm
 # SUB_PROC=xscale # or maverick
-@@ -44,8 +44,12 @@
+@@ -46,8 +46,12 @@
 #K6OPT  = -DK6OPT
 
 #Tell gcc to optimize the code
@ -25,7 +25,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 
 #Overwite config files on "make samples"
 OVERWRITE=y
-@@ -83,7 +87,11 @@
+@@ -85,7 +89,11 @@
 
 # Where to install asterisk after compiling
 # Default -> leave empty
@ -37,7 +37,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 
 # Staging directory
 # Files are copied here temporarily during the install process
-@@ -105,7 +113,7 @@
+@@ -107,7 +115,7 @@
 # Don't use together with -DBUSYDETECT_TONEONLY
 BUSYDETECT+= #-DBUSYDETECT_COMPARE_TONE_AND_SILENCE
 
@ -46,7 +46,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
   ASTLIBDIR=$(INSTALL_PREFIX)/usr/lib/asterisk
   ASTVARLIBDIR=$(INSTALL_PREFIX)/var/lib/asterisk
   ASTETCDIR=$(INSTALL_PREFIX)/etc/asterisk
-@@ -119,7 +127,25 @@
+@@ -121,7 +129,25 @@
   ASTMANDIR=$(INSTALL_PREFIX)/usr/share/man
   MODULES_DIR=$(ASTLIBDIR)/modules
   AGI_DIR=$(ASTVARLIBDIR)/agi-bin
@ -73,7 +73,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
   ASTLIBDIR=$(INSTALL_PREFIX)/opt/asterisk/lib
   ASTVARLIBDIR=$(INSTALL_PREFIX)/var/opt/asterisk/lib
   ASTETCDIR=$(INSTALL_PREFIX)/etc/opt/asterisk
-@@ -160,6 +186,8 @@
+@@ -162,6 +188,8 @@
 # The file, /etc/asterisk.makeopts will also be included, but can be overridden
 # by the file in your home directory.
 
@ -82,7 +82,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 ifneq ($(wildcard /etc/asterisk.makeopts),)
   include /etc/asterisk.makeopts
 endif
-@@ -167,6 +195,7 @@
+@@ -169,6 +197,7 @@
 ifneq ($(wildcard ~/.asterisk.makeopts),)
   include ~/.asterisk.makeopts
 endif
@ -90,22 +90,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 
 ifeq ($(OSARCH),Linux)
   ifeq ($(CROSS_COMPILE),)
-@@ -209,6 +238,14 @@
-   MPG123TARG=linux
- endif
- 
-+ifeq ($(OSARCH),OpenBSD)
-+  PROC?=$(shell uname -m)
-+
-+  ifeq ($(PROC),arm)
-+    OPTIONS+=-fsigned-char
-+  endif
-+endif
-+
- PWD=$(shell pwd)
- GREP=grep
- 
-@@ -227,8 +264,10 @@
+@@ -229,8 +258,10 @@
   ASTCFLAGS+=-I$(CROSS_COMPILE_TARGET)/usr/local/include -L$(CROSS_COMPILE_TARGET)/usr/local/lib
 endif
 
@ -118,7 +103,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 endif
 
 ifeq ($(PROC),ppc)
-@@ -410,6 +449,7 @@
+@@ -412,6 +443,7 @@
 INSTALL=install
 
 _all: all
@ -126,7 +111,7 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 	@echo " +--------- Asterisk Build Complete ---------+"  
 	@echo " + Asterisk has successfully been built, but +"  
 	@echo " + cannot be run before being installed by   +"  
-@@ -417,6 +457,7 @@
+@@ -419,6 +451,7 @@
 	@echo " +                                           +"
 	@echo " +               $(MAKE) install                +"  
 	@echo " +-------------------------------------------+"  
@ -134,20 +119,19 @@ $OpenBSD: patch-Makefile,v 1.6 2006/02/15 06:11:39 sturm Exp $
 
 all: cleantest depend asterisk subdirs 
 
-@@ -666,6 +707,8 @@
- 	fi 
- 	( cd $(DESTDIR)$(ASTVARLIBDIR)/sounds  ; ln -s $(ASTSPOOLDIR)/voicemail . )
- 	if [ -f mpg123-0.59r/mpg123 ]; then $(MAKE) -C mpg123-0.59r install; fi
-+# OpenBSD packaging has own message-at-actual-install-time
+@@ -694,6 +727,7 @@
+ 	@if [ -x /usr/sbin/asterisk-post-install ]; then \
+ 		/usr/sbin/asterisk-post-install $(DESTDIR) . ; \
+ 	fi
 +ifneq (${OSARCH},OpenBSD)
 	@echo " +---- Asterisk Installation Complete -------+"  
 	@echo " +                                           +"
 	@echo " +    YOU MUST READ THE SECURITY DOCUMENT    +"
-@@ -687,6 +730,7 @@
+@@ -715,6 +749,7 @@
 	@echo " + **Note** This requires that you have      +"
 	@echo " + doxygen installed on your local system    +"
 	@echo " +-------------------------------------------+"
 +endif
 	@$(MAKE) -s oldmodcheck
 
- NEWMODS=$(notdir $(wildcard */*.so))
+ upgrade: all bininstall
--- a/telephony/asterisk/patches/patch-cdr_Makefile
+++ b/telephony/asterisk/patches/patch-cdr_Makefile
@ -1,14 +1,14 @@
-$OpenBSD: patch-cdr_Makefile,v 1.2 2006/02/02 03:41:36 todd Exp $
--- cdr/Makefile.orig	Tue Nov 29 13:24:39 2005
-+++ cdr/Makefile	Wed Dec 28 13:30:25 2005
-@@ -30,21 +30,26 @@ endif
+$OpenBSD: patch-cdr_Makefile,v 1.3 2006/06/12 19:04:10 naddy Exp $
+--- cdr/Makefile.orig	Sun Apr 30 15:27:56 2006
+++ cdr/Makefile	Thu Jun  1 02:33:19 2006
+@@ -30,21 +30,26 @@
 #A ultrasparc cpu is really v9 but the stock debian stable 3.0 gcc doesn.t support it.
 #So we go lowest common available by gcc and go a step down, still a step up from
 #the default as we now have a better instruction set to work with. - Belgarath
 +ifneq (${OSARCH},OpenBSD)
 ifeq ($(PROC),sparc64)
  PROC=ultrasparc
-   CFLAGS += -mtune=$(PROC) -O3 -pipe -fomit-frame-pointer -mcpu=v8
+   CFLAGS += -mtune=$(PROC) -pipe -fomit-frame-pointer -mcpu=v8
 endif
 +endif
 
@ -25,10 +25,10 @@ $OpenBSD: patch-cdr_Makefile,v 1.2 2006/02/02 03:41:36 todd Exp $
 # FreeTDS stuff...
 #
 +ifneq (${OSARCH},OpenBSD)
- ifneq ($(wildcard $(CROSS_COMPILE_TARGET)/usr/include/tds.h)$(wildcard $(CROSS_COMPILE_TARGET)/usr/local/include/tds.h),)
-   ifeq ($(shell grep -s TDS_VERSION_NO $(CROSS_COMPILE_TARGET)/usr/include/tdsver.h $(CROSS_COMPILE_TARGET)/usr/local/include/tdsver.h | grep -c 0.63),1)
+ ifneq ($(wildcard $(CROSS_COMPILE_TARGET)/usr/include/tds.h)$(wildcard $(CROSS_COMPILE_TARGET)/usr/local/include/tds.h)$(wildcard $(CROSS_COMPILE_TARGET)/usr/include/freetds/tds.h),)
+   ifeq ($(shell grep -s TDS_VERSION_NO $(CROSS_COMPILE_TARGET)/usr/include/tdsver.h $(CROSS_COMPILE_TARGET)/usr/local/include/tdsver.h $(CROSS_COMPILE_TARGET)/usr/include/freetds/tdsver.h | grep -c 0.63),1)
     CFLAGS += -DFREETDS_0_63
-@@ -57,13 +62,16 @@ ifneq ($(wildcard $(CROSS_COMPILE_TARGET
+@@ -57,13 +62,16 @@
   endif
   MODS+=cdr_tds.so
 endif
@ -45,7 +45,7 @@ $OpenBSD: patch-cdr_Makefile,v 1.2 2006/02/02 03:41:36 todd Exp $
 
 MLFLAGS=
 
-@@ -103,8 +111,10 @@ endif
+@@ -103,8 +111,10 @@
 #
 # SQLite stuff...
 #
--- a/telephony/asterisk/patches/patch-channels_Makefile
+++ b/telephony/asterisk/patches/patch-channels_Makefile
@ -1,6 +1,6 @@
-$OpenBSD: patch-channels_Makefile,v 1.1 2006/02/02 03:41:36 todd Exp $
--- channels/Makefile.orig	Thu Jan 26 18:02:51 2006
-+++ channels/Makefile	Thu Jan 26 18:02:53 2006
+$OpenBSD: patch-channels_Makefile,v 1.2 2006/06/12 19:04:10 naddy Exp $
+--- channels/Makefile.orig	Sun Apr 30 15:27:56 2006
+++ channels/Makefile	Thu Jun  1 02:29:34 2006
@@ -42,9 +42,11 @@
 CYG_CHAN_AGENT=-lres_monitor.so
 endif
@ -8,7 +8,7 @@ $OpenBSD: patch-channels_Makefile,v 1.1 2006/02/02 03:41:36 todd Exp $
 +ifneq (${OSARCH},OpenBSD)
 ifeq ($(PROC),sparc64)
   PROC=ultrasparc
-   CFLAGS += -mtune=$(PROC) -O3 -pipe -fomit-frame-pointer -mcpu=v8
+   CFLAGS += -mtune=$(PROC) -pipe -fomit-frame-pointer -mcpu=v8
 +endif
 endif
 
--- a/telephony/asterisk/patches/patch-channels_chan_iax2_c
+++ b/telephony/asterisk/patches/patch-channels_chan_iax2_c
@ -1,21 +0,0 @@
-$OpenBSD: patch-channels_chan_iax2_c,v 1.1 2006/02/15 06:11:40 sturm Exp $
--- channels/chan_iax2.c.orig	Thu Feb  9 15:17:15 2006
-+++ channels/chan_iax2.c	Thu Feb  9 15:17:33 2006
-@@ -5277,7 +5277,7 @@
- 	
- 	memset(&ied, 0, sizeof(ied));
- 	if (ies->apparent_addr)
-		memcpy(&new, ies->apparent_addr, sizeof(new));
-+		bcopy(ies->apparent_addr, &new, sizeof(new));
- 	if (ies->callno)
- 		newcall = ies->callno;
- 	if (!newcall || !new.sin_addr.s_addr || !new.sin_port) {
-@@ -5427,7 +5427,7 @@
- 
- 	memset(&us, 0, sizeof(us));
- 	if (ies->apparent_addr)
-		memcpy(&us, ies->apparent_addr, sizeof(us));
-+		bcopy(ies->apparent_addr, &us, sizeof(us));
- 	if (ies->username)
- 		ast_copy_string(peer, ies->username, sizeof(peer));
- 	if (ies->refresh)
--- a/telephony/asterisk/patches/patch-db1-ast_Makefile
+++ b/telephony/asterisk/patches/patch-db1-ast_Makefile
@ -1,14 +1,14 @@
-$OpenBSD: patch-db1-ast_Makefile,v 1.1 2006/02/02 03:41:36 todd Exp $
--- db1-ast/Makefile.orig	Thu Jan 26 18:03:04 2006
-+++ db1-ast/Makefile	Thu Jan 26 18:03:15 2006
+$OpenBSD: patch-db1-ast_Makefile,v 1.2 2006/06/12 19:04:10 naddy Exp $
+--- db1-ast/Makefile.orig	Sun Apr 30 15:27:56 2006
+++ db1-ast/Makefile	Thu Jun  1 02:34:47 2006
@@ -8,9 +8,11 @@
 SOVER=2
 endif
 #Added support for UltraSparc - Belgarath
-+ifneq (${OSARCH},OpenBSD)
+ifneq ($(OSTYPE),OpenBSD)
 ifeq ($(ARCH),sparc64)
 PROC=ultrasparc
- CFLAGS += -mtune=$(PROC) -O3 -pipe -fomit-frame-pointer -mcpu=v8
+ CFLAGS += -mtune=$(PROC) -pipe -fomit-frame-pointer -mcpu=v8
 +endif
 endif
 
--- a/telephony/asterisk/pkg/PLIST
+++ b/telephony/asterisk/pkg/PLIST
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST,v 1.5 2006/02/02 03:41:37 todd Exp $
+@comment $OpenBSD: PLIST,v 1.6 2006/06/12 19:04:10 naddy Exp $
@newgroup _asterisk:545
@newuser _asterisk:545:_asterisk:daemon:asterisk user:/nonexistent:/sbin/nologin
 include/asterisk/
@ -456,10 +456,8 @@ share/asterisk/sounds/vm-unknown-caller.gsm
 share/asterisk/sounds/vm-whichbox.gsm
 share/asterisk/sounds/vm-youhave.gsm
 %%SHARED%%
-share/asterisk/sounds/voicemail
 share/doc/asterisk/
 share/doc/asterisk/BUGS
-share/doc/asterisk/BUGS.OpenBSD
 share/doc/asterisk/README.ael
 share/doc/asterisk/README.asterisk.conf
 share/doc/asterisk/README.backtrace
@ -559,6 +557,8 @@ share/examples/asterisk/openbsd/logger.conf.sample
@sample ${SYSCONFDIR}/asterisk/logger.conf
 share/examples/asterisk/openbsd/modules.conf.sample
@sample ${SYSCONFDIR}/asterisk/modules.conf
+share/examples/asterisk/openbsd/musiconhold.conf.sample
+@sample ${SYSCONFDIR}/asterisk/musiconhold.conf
 share/examples/asterisk/openbsd/sip.conf.sample
@sample ${SYSCONFDIR}/asterisk/sip.conf
 share/examples/asterisk/openbsd/voicemail.conf.sample