with something like 'deny 0.0.0.0/0' then this affects you. workaround:
'deny 0.0.0.0/0.0.0.0'
- fix fullpkgpath's for the subpackages, they were including the flavour
and shouldn't have - fixes problems with dpb3 found by naddy. add @pkgpath
markers relating to this fix.
ok naddy@
(reminder, ports is not fully open, do not commit without specific permission)
crash in SIP (and only this, thanks to Asterisk developers for pushing
security fixes separately from other changes).
Does not affect Asterisk 1.4 in -stable (it's in the T.38 support,
which was added in 1.6).
ok ajacoutot@
breaking cd /usr/ports && SUBDIR=some/path make something for
category makefiles. While there, also put spaces around += uniformously.
okay naddy@, jasper@
This also has a small change in CDR generation, it's been well tested
upstream but still this can be a touchy area to change, so it's
going in now so the first OpenBSD release with Asterisk 1.6
packages has the change already made.
ok ajacoutot@
from overriding supplied AUTOfoo_VERSION variables) instead of the
custom Makefile target to run autoconf.
No package change -> no bump. Discussed with fgsch in relation
to 1.6, but it makes sense here too.
AstManProxy is a multi-threaded proxy server for the Asterisk
Manager Interface. As well as straight proxying, it can also
translate between AMI and HTTP (with output in plaintext, XML,
or CSV formats). SSL is also available (for both AMI and HTTP).
"echo -e" -> "printf"
"exit -1" -> "exit 255"
- some of the patches had hand-rolled chunks to replace /bin/bash
with /bin/sh near a CVS keyword; remove these and replace with a
pre-configure target making it easier to update-patches
- change sample config to disable hardcoded escape sequences for
colours by default
- bump PKGNAME-main
Fixes sscanf without size bounds. The biggest problem affects SIP in
Asterisk 1.6.1+ (i.e. not OpenBSD ports/packages) but the update makes
sense anyway...
just disable by setting the default FLAVOR; the asterisk,h323 entry
in ../Makefile picked it up. the unused pkg/*-speex files don't hurt,
so keep them around. bump PKGNAME (most likely gratuitous, but it's
cheap).
It is completely unmaintained, barely working and prevent from updating the
whole VoIP gang (ptlib, h323plus, opal, gnugk, ekiga) which I'm working on.
some more work still to do but most things should run ok, and it's easier
to handle that in-tree.
KAMAILIO (OpenSER) is a mature and flexible open source SIP server (RFC3261).
It can be used on systems with limitted resources as well as on carrier grade
servers, scaling to up to thousands call setups per second. It is written in
pure C for Unix/Linux-like systems with architecture specific optimizations to
offer high performances. It is customizable, being able to feature as fast load
balancer; SIP server flavours: registrar, location server, proxy server,
redirect server; gateway to SMS/XMPP; or advanced VoIP application server.
where the "pedantic" option is enabled (disabled by default).
Backported rather than updated until I sort out the H323 autoconf
breakage in newer versions.
users with access to the IAX port can use it to verify validity of usernames.
No other code changes in this version.
While there, remove spurious @user from PLIST.
- add -fPIC unconditionally (requested by naddy@) by adding it to
unix.mak (in pwlib) which get sourced by the other ports
feedback from and ok naddy@, thanks!
introduced in 1.4.21 by correcting the order of lock and unlock
in a deadlock avoidance macro... No other changes. Not security,
but if you're running 1.4.21, you definitely want this.
- regen PLIST to remove @bin from a symlink.
split in two: add pkgspec, bump -speex package version
- adjust FULLPKGNAME handling so overrides can be shown clearly
at the top of the Makefile
- add space before assignment operator "FULLPKGNAME$i=" to avoid
potential ambiguity with bad values of $i
speex problem reported by jolan@, thanks!
SpanDSP is a library of DSP functions for telephony, in the 8000 sample
per second world of E1s, T1s, and higher order PCM channels. It contains
low level functions, such as basic filters. It also contains higher
level functions, such as cadenced supervisory tone detection, and a
complete software FAX machine. The software has been designed to avoid
intellectual property issues, using mature techniques where all relevant
patents have expired. See the file DueDiligence for important
information about these intellectual property issues.
from Brad; tested with his work-in-progress CallWeaver.
IAXmodem is a software modem written in C that uses an IAX channel
(commonly provided by an Asterisk PBX system) instead of a traditional
phone line and uses a DSP library instead of DSP hardware chipsets.
IAXmodem was originally conceived to function as a fax modem usable
with HylaFAX, and it does that well. However IAXmodem also has been
known to function with mgetty+sendfax and efax.
.. much cleanup from my earlier verisions, thanks brad@
in RTP codec payload type handling) and AST-2008-003 (SIP channel
can make a call into the context specified in the general section
of sip.conf). Affects all Asterisk users with SIP enabled.
This is a security update only, no changes other than these fixes.
pjsua is an open source command line SIP user agent that is used as
the reference implementation for PJSIP and PJMEDIA. It has many
features, such as:
* Mutiple identities/account registrations
* Concurrent calls and conference (unlimited number, but only up
to 254 sources can be mixed to a single destination)
* Call features: call hold, call transfer (attended or unattended,
with or without refersub).
* SIP Presence/SIMPLE with PIDF and XPIDF support. PUBLISH support.
* Instant messaging and message composing indication
* DTMF digits transmission/receipt (RFC 2833)
* WAV file playing, streaming, and recording.
* Accoustic echo cancellation (AEC).
* Auto-answer, auto-play file, auto-loop RTP
* Support SIP UDP, TCP, and TLS transports. Support for DNS SRV
resolution.
* NAT traversal with rport and STUN.
* Tone generation.
* Codecs: PCMA, PCMU, GSM, Speex (including wideband/16KHz and
ultra-wideband/32KHz), L16 (8-48KHz, mono or stereo), and iLBC.
* Adaptive jitter buffer, adaptive silence detection, and packet
lost concealment audio features.
With lots of testing and help from todd@, sthen@, jakemsr@, jolan@ and
Benny Prijono.
ok todd@ sthen@
fixes an overflow in IMAP voicemail storage reachable by anyone who can
send email to a VM box accessed from the phone. AST-2007-022, found by
sprintf audit.
ok ian@
Net::SIP consists of packages for handling SIP packets, for transport
of packets, for processing packets and on top of all that a simplified
layer for common tasks.
ok sturm@
Ohphone is a fully functional H.323 endpoint command line application
that can be used to listen for incoming H.323 calls, or to initiate a
call to a remote host. It includes a simple menu that allows
interactive control of functions, as well as allowing control of most
dialing and answer functions via a phone handset.
ok kili@
Update to 1.2.9.1 which addresses a security vulnerability in the IAX2
channel driver (chan_iax2). The vulnerability affects all users with
IAX2 clients that might be compromised or used by a malicious user, and
can lead to denial of service attacks and random Asterisk server crashes
via a relatively trivial exploit.
From: maintainer Stuart Henderson <stu@spacehopper.org>
Siproxd is a proxy/masquerading daemon for the SIP protocol. It
handles registrations of SIP clients on a private IP network and
performs rewriting of the SIP message bodies to make SIP connections
work via an masquerading firewall (NAT). It allows SIP software
clients (like kphone, linphone) or SIP hardware clients (Voice over
IP phones which are SIP-compatible, such as those from Cisco,
Grandstream or Snom) to work behind an IP masquerading firewall or
NAT router.
from markus@
oSIP provides a SIP stack with a limited set of features common to
any kind of SIP Agents. Thus oSIP is not oriented towards any
particular implementations and can be used for implementing SIP
End-Point, Proxy or any kind of more specific SIP Agent such as
B2BUA.
from markus@