Re: [asterisk-users] Asterisk not following SDP port change
accept_multiple_sdp_answers=yes fixed it. It now follows SDP a total of 3 times in my tests. I had found this setting before posting. And had toggled it. But it didn't make any difference until defined in system (in addition to the endpoint itself). Thanks for your help! On Wed, Mar 3, 2021 at 5:21 PM Joshua C. Colp wrote: > On Wed, Mar 3, 2021 at 5:55 PM Nick Olsen wrote: > >> >> SDP for the first 183 >> Session Description Protocol >> Session Description Protocol Version (v): 0 >> Owner/Creator, Session Id (o): Sansay-VSXi 188 1 IN IP4 >> XX.XX.XX.12 >> Session Name (s): Session Controller >> Connection Information (c): IN IP4 XX.XX.XX.46 >> Time Description, active time (t): 0 0 >> Media Description, name and address (m): audio 14996 RTP/AVP >> 0 101 >> Media Attribute (a): rtpmap:0 PCMU/8000 >> Media Attribute (a): rtpmap:101 telephone-event/8000 >> Media Attribute (a): fmtp:101 0-15 >> Media Attribute (a): ptime:20 >> Media Attribute (a): sendrecv >> >> >> SDP for the 2nd 183 >> Session Description Protocol >> Session Description Protocol Version (v): 0 >> Owner/Creator, Session Id (o): Sansay-VSXi 188 1 IN IP4 >> XX.XX.XX.12 >> Session Name (s): Session Controller >> Connection Information (c): IN IP4 XX.XX.XX.46 >> Time Description, active time (t): 0 0 >> Media Description, name and address (m): audio 15104 RTP/AVP >> 0 101 >> Media Attribute (a): rtpmap:0 PCMU/8000 >> Media Attribute (a): rtpmap:101 telephone-event/8000 >> Media Attribute (a): fmtp:101 0-15 >> Media Attribute (a): ptime:20 >> Media Attribute (a): sendrecv >> >> SDP for the 200OK. >> Session Description Protocol >> Session Description Protocol Version (v): 0 >> Owner/Creator, Session Id (o): Sansay-VSXi 188 1 IN IP4 >> XX.XX.XX.12 >> Session Name (s): Session Controller >> Connection Information (c): IN IP4 XX.XX.XX.46 >> Time Description, active time (t): 0 0 >> Media Description, name and address (m): audio 15252 RTP/AVP >> 0 101 >> Media Attribute (a): rtpmap:0 PCMU/8000 >> Media Attribute (a): rtpmap:101 telephone-event/8000 >> Media Attribute (a): fmtp:101 0-15 >> Media Attribute (a): sendrecv >> Media Attribute (a): ptime:20 >> >> Still working on the logs, But gather anything from that so far? >> >> In this case, asterisk always sent to the first provided RTP port of >> 14996. >> > > One thing that does stand out is they aren't obeying the RFC, as the > version number in the o line should be incremented[1]. PJSIP is more > tolerant of that though I believe. It did jog my memory though on an > option[2][3] which may apply here. You'll want to set it both in system and > on the endpoint. > > [1] https://tools.ietf.org/html/rfc4566#page-11 > [2] > https://github.com/asterisk/asterisk/blob/master/configs/samples/pjsip.conf.sample#L1096 > [3] > https://github.com/asterisk/asterisk/blob/master/configs/samples/pjsip.conf.sample#L889 > > -- > Joshua C. Colp > Asterisk Technical Lead > Sangoma Technologies > Check us out at www.sangoma.com and www.asterisk.org > -- > _ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > Check out the new Asterisk community forum at: > https://community.asterisk.org/ > > New to Asterisk? Start here: > https://wiki.asterisk.org/wiki/display/AST/Getting+Started > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: >http://lists.digium.com/mailman/listinfo/asterisk-users -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] AST-2021-006: Crash when negotiating T.38 with a zero port
Asterisk Project Security Advisory - AST-2021-006 ProductAsterisk SummaryCrash when negotiating T.38 with a zero port Nature of Advisory Remote Crash SusceptibilityRemote Authenticated Sessions Severity Minor Exploits KnownNo Reported On February 20, 2021 Reported By Gregory Massel Posted On Last Updated OnFebruary 25, 2021 Advisory Contact bford AT sangoma DOT com CVE Name CVE-2019-15297 Description When Asterisk sends a re-invite initiating T.38 faxing and the endpoint responds with a m=image line and zero port, a crash will occur in Asterisk. This is a reoccurrence of AST-2019-004. Modules Affected res_pjsip_t38.c Resolution If T.38 faxing is not required then setting ât38_udptlâ on the endpoint to ânoâ disables this functionality. This option is ânoâ by default. If T.38 faxing is required, then Asterisk should be upgraded to a fixed version. Affected Versions ProductRelease Series Asterisk Open Source 16.x16.16.1 Asterisk Open Source 17.x17.9.2 Asterisk Open Source 18.x18.2.1 Certified Asterisk16.x16.8-cert6 Corrected In Product Release Asterisk Open Source 16.16.2, 17.9.3, 18.2.2 Certified Asterisk 16.8-cert7 Patches Patch URL Revision https://downloads.digium.com/pub/security/AST-2021-006-16.diff Asterisk 16 https://downloads.digium.com/pub/security/AST-2021-006-17.diff Asterisk 17 https://downloads.digium.com/pub/security/AST-2021-006-18.diff Asterisk 18 https://downloads.digium.com/pub/security/AST-2021-006-16.8.diff Certified Asterisk 16.8 Links https://issues.asterisk.org/jira/browse/ASTERISK-29203 https://downloads.asterisk.org/pub/security/AST-2021-006.html Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at https://downloads.digium.com/pub/security/AST-2021-006.pdf and https://downloads.digium.com/pub/security/AST-2021-006.html Revision History Date EditorRevisions Made February 25, 2021 Ben Ford Initial revision Asterisk Project Security Advisory - AST-2021-006 Copyright © 02/25/2021 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form. -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New
[asterisk-users] Asterisk 16.16.2, 17.9.3, 18.2.2 and 16.8-cert7 Now Available (Security)
The Asterisk Development Team would like to announce security releases for Asterisk 16, 17 and 18, and Certified Asterisk 16.8. The available releases are released as versions 16.16.2, 17.9.3, 18.2.2 and 16.8-cert7. These releases are available for immediate download at https://downloads.asterisk.org/pub/telephony/asterisk/releases https://downloads.asterisk.org/pub/telephony/certified-asterisk/releases The following security vulnerabilities were resolved in these versions: * AST-2021-006: Crash when negotiating T.38 with a zero port When Asterisk sends a re-invite initiating T.38 faxing and the endpoint responds with a m=image line and zero port, a crash will occur in Asterisk. This is a reoccurrence of AST-2019-004. For a full list of changes in the current releases, please see the ChangeLogs: https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-16.16.2 https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-17.9.3 https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-18.2.2 https://downloads.asterisk.org/pub/telephony/certified-asterisk/releases/ChangeLog-certified-16.8-cert7 The security advisory is available at: https://downloads.asterisk.org/pub/security/AST-2021-006.pdf Thank you for your continued support of Asterisk!-- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Read remote Media IP address
On Thu, Mar 4, 2021 at 3:16 AM wrote: > For regulatory reasons, I need to store the media IP address of the caller. > All callers listen to a message and the call disconnects. > Also, I want to store in my CDR its own SIP IP address, in either pjsip or > chan_sip, i.e., where I am listening, or maybe the IP address where each > call is received at. > Or maybe the name of the context. > Is there a way to read this information from an internal variable? > The CHANNEL dialplan function[1] provides access to various details about the channel. The specific format depends on the channel driver in use. [1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+18+Function_CHANNEL -- Joshua C. Colp Asterisk Technical Lead Sangoma Technologies Check us out at www.sangoma.com and www.asterisk.org -- _ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- Check out the new Asterisk community forum at: https://community.asterisk.org/ New to Asterisk? Start here: https://wiki.asterisk.org/wiki/display/AST/Getting+Started asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
