The hash changed because the libressl team updated their tool,
changing the copyright in the tarball
Change-Id: I0fcf3d65d5058a5fdfdc161aa427758ca20e9a2f
Accounts can see their certificates expire. When it's the case, a
migration is needed. However, several regressions can happen, because
this behaviour can be tricky to test correctly. In this patch, a
test is added to validate that the migration is done whenever the
certificate expires.
+ OpenDHT needs to be bumped in order to be able to change the validity
period of a certificate.
+ In ArchiveAccountManager, a method is added to change the validity
of a certificate in the chain.
+ This patch also fixes a crash when a migration occurs directly on
the archive (info_ was null causing a segfault).
+ Finally, cleanup some signatures unused in JamiAccount.
GitLab: #684 (this is some preparative work)
Change-Id: I901bc67fd63ce2ab26ded64662f8333d3a0eed50
This fix ut_media_encoder
Also avoid crash when outputCtx_ is nullptr and the format is unrecognised.
Change-Id: I6df5a2e229e0313ea2b3c34b37f9f2900058c75f
Introduce 2 main changes to the TCP patch:
- limit the number of connection retries.
- use a higher Ta for TCP connection retry (500 ms)
Gitlab: #634
Change-Id: I2281addf072c6f0e9ff2fc0457e08a590af1e178
When requesting destruction of ice session and stream
transport instances from PJNATH, some operation will be
done asynchronously through scheduled timers. If not
properly handled, the timer heap will still contain
timer entries when the timer heap and the IO queueu are
destroyed.
Now, the timer heap is given more time to flush the
remaining timer entries before the IO queue and the
timer heap are destructed.
The timer heap may still contain timer entries if
PJNATH does not process all the timers within the
givent max time (currently set to 3s).
Gitlab: #637
Change-Id: I5ef2fe9d824e8b57191a51fac8f9e53e0e626fcd
This patch introduces many changes that prevent various crashes
and assertion failures.
In PJNATH source code:
- Avoid duplication when adding host candidates.
- Prtoect ICE context (lock) in TCP callbacks
- Correctly set local and remote addres in STUN request
In jami source code:
- Check that the address is valid before using PJSIP
helpers
Gitlab: #617
Change-Id: I317d748db8d1f93dda6d5f510a2fae909a04704c
* contrib/src/main.mak (TARBALLS_DEFAULT): New variable.
(TARBALLS): Define in terms of the above.
(FLOCK, FLOCK_PREFIX): New variables.
(download): Use $(FLOCK_PREFIX), which may be empty when flock is not
available and a default TARBALLS location is used.
Change-Id: I95ca0ec0cdd893fc50f3924619cc87fe8cd6a5b7
This reverts commit 5e45336840.
Reason for revert: Cause crash due to re-ordering the checklist while some checks are in progress
The resort of is causing inconstitency between the checks. The current uses
the list index as the ID for the STUN request. When the STUN response
(for this request) is received, the ID is used as is to retrieve the
check in the check list.
If the list is re-ordered (when receiving an new incoming check), before
the STUN response is received and processed, the ID of STUN request will
point to a different check on reception of the STUN response.
This a temporary revert until a more robust solution to the ordering
issue is found.
Change-Id: I912a9861118461ff7f6296f61c53531fa2b9384e
There is an issue with the nomination of triggered checks in ICE
that causes ICE negotiation to conclude on sub-optimal pairs.
The issue was reported, and acknolegded by PJSIP maintainers.
This patch will fix the issue.
Gitlab: #622
Change-Id: I4bed7191692051d6215fbde8ee2ca9f94b76e0f9
Use a higher Ta value (50ms instead of 20ms) as
recommended by newer ICE spec (RFC-8445).
This will reduce bandwith usage (peaks) needed for the connectivity
checks as described in RFC-8445.
Gitlab: #605
Change-Id: I6a228a47d5f6cf574003d1354c4410294aedf95a
Resort the check list when new prflx candidates are discovered,
to avoid the nomination of candidates pairs with less priority.
Gitlab: #617
Change-Id: I93559facd8b6ce99708ccf1311925837d9cd119d
Variables `stun_sock->*_nb` are initialized to -1 and incremented by 1 for each
new socket. Thus, the `<=` comparison operator should be used for iteration
instead of `<`.
Gitlab: #613
Change-Id: I3c6971f533ead466b25381f3d4edbc4dc1827950
This is to prevent resource contention on shared file systems such as
NFS.
* contrib/src/main.mak (download) <wget>: Guard with flock.
<curl>: Likewise.
<fetch> Likewise, and properly quote shell arguments.
(download_git): Likewise.
Change-Id: I8e2139d780a34ad054cfa8e188c6cbaf94df0609
ubuntu 20.04 uses msgpack 3.0.1-3, however daemon doesn't seems
to build (msgpack_pack not found). This fix the build for ubuntu 20.04
Change-Id: I84d50b94b2e7b40d9cd8a599dd5d7da8c2ac4194
rfc6544 rebase introduced an error where no_pending_check was
wrong causing the on_ice_complete to never be called if all
candidates failed.
GitLab: #597
Change-Id: Idca5f9bb2b03d9ae4687cef64df96cef6509b15d
Note:
Merged upstream (so deleted):
0010-fix-pkgconfig.patch
0014-Add-new-compile-time-setting-PJ_ICE_ST_USE_TURN_PERM.patch
0015-update-local-preference-for-peer-reflexive-candidate.patch
0016-use-addrinfo-instead-CFHOST.patch
0017-CVE-2020-15260.patch
0018-CVE-2021-21375.patch
Merged for 2.12:
0019-ignore-down-interfaces.patch
0020-ignore-addresses-for-RFC7335.patch
Also, fix the assertion in ice_transport.cpp cause
user_mapping_cnt can be equals to PJ_ICE_MAX_COMP.
Change-Id: If6fee261e89c34640519a6b61e94391b57363a22
GitLab: #509
From https://datatracker.ietf.org/doc/html/rfc7335#section-4
" As defined in [RFC6333], this subnet
is only present between the B4 and the Address Family Transition
Router (AFTR) and never emits packets from this prefix "on the wire".
464XLAT has the same need for a non-routed IPv4 prefix, and this same
need may be common for other similar solutions"
Meaning that this candidate can be ignored. This is the second part of:
GitLab: #539
Change-Id: I52a906bc4ae5a1b1062cf6fe21dec216329c1d14
