Commit Graph

147 Commits

Author SHA1 Message Date
sthen
ca5de90dc7 unbreak with installed pwlib, spotted by naddy@
zap stray whitespace
2012-03-27 19:48:03 +00:00
sthen
da91aa04ce tweaks to the asterisk port; currently no effective change to the packages.
- remove unused non-working patches and framework for chan_h323;
this driver is deprecated upstream anyway.

- add patches to let the alternative chan_ooh323 addon module build.
currently unused in the port, 'make configure; cd $WRKSRC; gmake menuselect'
and enable it there if you want to play.

- sync unistim patch.

- mention the IMAP flavour in DESCR (and thus bump REVISION-main).
2012-03-23 22:42:25 +00:00
sthen
620492f011 Avoid a tight loop in asterisk's pbx_spool thread reported by drahn@ under
rthread. kern_time.c:itimerfix() requires the kevent interval timer to be
<= 100M seconds otherwise it passes an EINVAL back up, giving an error
return from kevent(). The initial timestamp is (INT_MAX-cur time) i.e.
around 800M so we hit this. Workaround by clamping tv_sec to 100M sec.
2012-03-17 23:08:20 +00:00
sthen
9e757c9c39 SECURITY update to asterisk 1.8.10.1
AST-2012-002: stack buffer overflow (remote unauthenticated sessions).
requires a dialplan using the Milliwatt application with the 'o' option,
and internal_timing off.  Affects all 1.4+ Asterisk versions.

AST-2012-003: stack buffer overflow (remote unauth'd sessions) in HTTP
manager interface; triggered by long digest authentication strings.
Code injection possibility.  Affects 1.8+.
2012-03-15 22:20:50 +00:00
sthen
6f8278e575 update to Asterisk 1.8.10.0
- includes the iLBC codec which now has a free copyright license; patent
licensing has a "no litigation" clause (see codecs/ilbc/LICENSE_ADDENDUM)
so mark as not permitted for CDs
2012-03-13 23:17:46 +00:00
sthen
4464cbf93d update to asterisk 1.8.9.3, fixes route-set regressions in SIP 2012-02-27 17:12:56 +00:00
sthen
bf263e5d77 update to asterisk 1.8.9.2
- fixes deadlock in chan_agent, crash in ParkAndAnnounce, and
SIP INFO DTMF handling for non-numeric codes
2012-02-16 21:25:08 +00:00
sthen
c05df36e0d update to asterisk 1.8.9.0, ok ajacoutot@
This release has many fixes including thread locking issues,
crashes, resource leaks and others.
2012-01-28 08:16:22 +00:00
sthen
88be277e07 Update to Asterisk 1.8.8.2. Fixes AST-2012-001, crash affecting
configurations with video disabled and the sRTP module loaded.

Funnily enough this didn't affect the port until about an hour
ago when sRTP was enabled.
2012-01-20 00:18:02 +00:00
sthen
71655c85d3 - Build Asterisk with sRTP support.
- Remove DESCR parts and PFRAG relating to currently-disabled H.323 support.
2012-01-19 21:49:56 +00:00
sthen
2c805d3efc update to Asterisk 1.8.8.1; fixes a regression introduced in 1.8.8.0
with local bridged calls (various effects especially coming off hold or
with moh in some instances).
2011-12-30 22:24:35 +00:00
sthen
f3ee3a920c update Asterisk to 1.8.8.0
- various fixes, including a range of possible deadlocks
2011-12-16 14:50:09 +00:00
sthen
7656ea11a2 security update to asterisk 1.8.7.2; null pointer deref with crafted SIP
packets when "automon" is enabled in features.conf. AST-2011-014
2011-12-09 00:22:43 +00:00
jasper
cee63e4c5f - regen WANTLIB 2011-11-02 08:32:17 +00:00
sthen
e310870aa6 SECURITY update to Asterisk 1.8.7.1, trivial remote crash in SIP affecting
all previous 1.8.x versions (uninitialized variable).
2011-10-17 19:35:55 +00:00
espie
f49ad17ddb use bsd.port.arch.mk 2011-10-17 10:03:51 +00:00
sthen
9d14ebbfb3 update to asterisk 1.8.7.0 2011-09-24 13:47:42 +00:00
naddy
aabf2d2b28 honor CFLAGS and don't force -Os or -O; ok sthen@ 2011-09-16 12:49:21 +00:00
espie
46d3548829 normalize pkgpath 2011-09-16 11:41:38 +00:00
sthen
7ab1f5f5cf update to asterisk 1.8.6.0 2011-09-09 15:29:21 +00:00
sthen
12c1d6ee3a regen patch to avoid a cvs keyword 2011-07-20 07:06:00 +00:00
sthen
64aa216876 update to asterisk 1.8.5.0, chan_unistim parts from & ok ian@ 2011-07-12 19:54:39 +00:00
ajacoutot
422ec7e715 libiconv MODULE. 2011-07-07 01:19:02 +00:00
sthen
3e3639224e security update to asterisk 1.8.4.4: fix a case where invalid username
was distinguishable from incorrect password.
2011-06-29 01:15:04 +00:00
sthen
0de3a685c1 - add commented-out example settings for configuring a server behind nat
- be explicit in sample config that people should use strong secrets
2011-06-27 21:15:14 +00:00
sthen
2219c0a40e Your regularly scheduled security update to asterisk-1.8.4.3
AST-2011-008: If a remote user sends a SIP packet containing a null,
Asterisk assumes available data extends past the null to the
end of the packet when the buffer is actually truncated when
copied. This causes SIP header parsing to modify data past
the end of the buffer altering unrelated memory structures.
This vulnerability does not affect TCP/TLS connections.
-- Resolved in 1.6.2.18.1 and 1.8.4.3

AST-2011-009: A remote user sending a SIP packet containing a Contact header
with a missing left angle bracket (<) causes Asterisk to
access a null pointer.
-- Resolved in 1.8.4.3

AST-2011-010: A memory address was inadvertently transmitted over the
network via IAX2 via an option control frame and the remote party would try
to access it.
-- Resolved in 1.4.41.1, 1.6.2.18.1, and 1.8.4.3
2011-06-24 13:50:09 +00:00
sthen
bac6270c37 Fix asterisk build on a clean box; there is a bogus dependency on libltdl
recorded in asterisk's menuselect system, knocking out ODBC build if not
present (though this is only done, afaict, due to a missing dependency
in a unixodbc package on some linux version), so add libltdl as a
BUILD_DEPENDS.

Doesn't affect the packages, other than -odbc wasn't built before
unless you had libltdl installed, so no bump.
2011-06-03 16:08:01 +00:00
sthen
3dd23e0aae SECURITY update to asterisk-1.8.4.2; CVE-2011-2216:
Null pointer deref in SIP if malformed Contact headers are present.
2011-06-02 20:10:01 +00:00
ajacoutot
f982995f2b Add a consistent header that substitutes FULLPKGNAME for the READMEs.
ok jasper@ sthen@
2011-06-02 13:41:36 +00:00
sthen
365584e13e Bugfix update of Asterisk to 1.8.4.1
- Fix compliance with RFC 3261 section 18.2.2. (aka Cisco phone fix)
- Resolve a change in IPv6 header parsing due to the Cisco phone fix issue.
- Resolve potential crash when using SIP TLS support.
- Improve reliability when using SIP TLS.
2011-05-25 20:11:02 +00:00
sthen
5cdba91893 update to 1.8.4 2011-05-11 15:07:14 +00:00
sthen
562c2bd78d - switch to correct 1.8.3.3 tarball now it's available (vs. 1.8.3.2+patchset)
- bump -main as some rcs id's built into files changed
2011-04-27 17:42:02 +00:00
sthen
d575b9875b SECURITY update to 1.8.3.3
- AST-2011-006, shell access via remote authenticated manager
sessions (logged-in manager users can execute shell commands via
the manager interface without having the "system" privilege that
should be required)

- AST-2011-005, DoS with remote unauthenticated sessions (add limits
to prevent unauthenticated users from tying up all available FDs for
the manager interface, SIP-over-TCP, Skinny and the built in HTTP
server).

(updating by way of upstream patch file, the full tar.gz isn't
available yet).
2011-04-21 22:28:40 +00:00
ajacoutot
a2d7a47da4 Fix build after gnutls update.
ok jasper@ landry@
2011-04-15 16:13:23 +00:00
ian
0bc7d2e694 Unbreak chan_unistim, bump. OK sthen@ (maintainer) 2011-04-09 19:16:51 +00:00
sthen
9abb8cd3fa use correct autoconf 2011-03-24 22:40:51 +00:00
ajacoutot
4f1d224b85 Make use of rcexec in rc_start().
ok sthen@ (maintainer)
2011-03-20 15:37:06 +00:00
sthen
6ddd29dca2 update to 1.8.3.2, rerelease due to a problem with one of the fixes in 1.8.3.1. 2011-03-17 21:38:09 +00:00
sthen
0cd58fd2e9 update to 1.8.3.1; fixes AST-2011-003 and AST-2011-004:
unchecked return codes (fdopen, fwrite) causing null pointer
deref / resource exhaustion.

http://downloads.asterisk.org/pub/security/AST-2011-003.html
http://downloads.asterisk.org/pub/security/AST-2011-004.html
2011-03-16 23:27:11 +00:00
ajacoutot
564c909458 Remove now uneeded redirection. 2011-03-09 18:51:48 +00:00
sthen
31288ac0e2 bugfix update to 1.8.3 2011-03-02 13:28:24 +00:00
sthen
a75f35b7f4 SECURITY update to 1.8.2.4 fixes AST-2011-002 buffer overflow
Workaround: add "t38pt_udptl = no" to the general section in sip.conf
(chan_ooh323 is also affected but we don't build that).
2011-03-02 12:53:11 +00:00
sthen
9613b75ab6 SECURITY update (for real this time) to 1.8.2.2; no other changes.
"Due to a failed merge, Asterisk 1.8.2.1 which should have included
the security fix did not. Asterisk 1.8.2.2 contains the the changes
which should have been included in Asterisk 1.8.2.1."  ok ajacoutot@
2011-01-20 21:44:54 +00:00
sthen
9412bacbc5 Cherrypicked diff from svn; fix the internal implementation of htonll/ntohll
which was incorrect and would cause IAX interoperation to break. ok jasper@
2011-01-20 16:26:26 +00:00
sthen
aef236cbb8 SECURITY update to asterisk 1.8.2.1, fixes AST-2011-001 "an issue
when forming an outgoing SIP request while in pedantic mode, which
can cause a stack buffer to be made to overflow if supplied with
carefully crafted caller ID information"

http://downloads.asterisk.org/pub/security/AST-2011-001.html

This is also a major version update to the long-term support
1.8 branch, previous versions of this diff have been tested by
various ports@ readers, thanks for testing.

Please review /usr/local/share/doc/asterisk/UPGRADE.txt
(also note that memory use has increased).

ok ajacoutot@ jasper@
2011-01-19 11:25:16 +00:00
fgsch
e1d81e418e Add rc script taken from the 1.8 update diff sent to ports@ by sthen@.
sthen@ ok.
2011-01-04 22:35:46 +00:00
espie
811d94d9d6 new depends 2010-11-20 19:56:47 +00:00
sthen
462a21e673 update Asterisk to 1.6.2.14 2010-11-16 21:58:52 +00:00
espie
709b054ab9 USE_GROFF=Yes 2010-10-19 07:43:00 +00:00
sthen
858dc57b21 - update Asterisk to 1.6.2.13
- upstream have prevented chan_h323 from building with pwlib>=1.19.0
as it segfaults at startup; disable the h323 flavour for now.
2010-09-19 21:14:05 +00:00