Ubuntu
asterisk package

Merge lp:~ari-tczew/ubuntu/saucy/asterisk/lp-1205644 into lp:ubuntu/saucy/asterisk

Saucy (13.10)
lp-1205644
Merge into saucy

Proposed by Artur Rona on 2013-07-28

Status:

Merged

Merge reported by:

Artur Rona

Merged at revision:

not available

Proposed branch:

lp:~ari-tczew/ubuntu/saucy/asterisk/lp-1205644

Merge into:

lp:ubuntu/saucy/asterisk

Diff against target:

1735 lines (+1684/-2)

8 files modified

debian/changelog (+49/-0)
debian/patches/AST-2012-014 (+162/-0)
debian/patches/AST-2012-015 (+1012/-0)
debian/patches/AST-2013-002 (+55/-0)
debian/patches/AST-2013-003 (+370/-0)
debian/patches/armhf-fixes (+1/-2)
debian/patches/bluetooth_bind (+30/-0)
debian/patches/series (+5/-0)

To merge this branch:

bzr merge lp:~ari-tczew/ubuntu/saucy/asterisk/lp-1205644

Undecided

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Daniel Holbach (community)		2013-07-28	Approve on 2013-07-30
Review via email: mp+177296@code.launchpad.net

Revision history for this message

Daniel Holbach (dholbach) wrote on 2013-07-30:

Thanks. Uploaded.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Artur Rona

Ubuntu branches

Ubuntu
asterisk package

Merge lp:~ari-tczew/ubuntu/saucy/asterisk/lp-1205644 into lp:ubuntu/saucy/asterisk

Commit message

Description of the change

Preview Diff

Subscribers

 === modified file 'debian/changelog'
 --- debian/changelog	2013-06-13 13:23:50 +0000
 +++ debian/changelog	2013-07-28 21:58:23 +0000
@@ -1,3 +1,52 @@
++asterisk (1:1.8.13.1~dfsg-3ubuntu1) saucy; urgency=low
++
++  * Merge from Debian unstable. (LP: #1205644) Remaining changes:
++    - debian/asterisk.init:
++      + chown /dev/dahdi
++    - debian/control, debian/rules:
++      + Enable Hardening Wrapper (PIE and BIND_NOW).
++      + Build against libical 1.0.
++    - debian/patches/armhf-fixes:
++      + Fix FTBFS on armhf.
++  * Fixed security issues:
++    - CVE-2012-5976 (LP: #1097687)
++    - CVE-2012-5977 (LP: #1097691)
++    - CVE-2013-2686
++    - CVE-2013-2264
++
++ -- Artur Rona <ari-tczew@tlen.pl>  Sat, 27 Jul 2013 14:56:17 +0200
++
++asterisk (1:1.8.13.1~dfsg-3) unstable; urgency=high
++
++  * Rewrtote sip.conf parts of AST-2012-014: dropped patches
++    fix-sip-tcp-no-FILE and fix-sip-tls-leak.
++  * Reverting other changes rejected by the release team: README.Debian,
++    powerpcspe and fix_xmpp_19532 dropped (#545272 and #701505 reopened).
++
++ -- Tzafrir Cohen <tzafrir@debian.org>  Tue, 09 Apr 2013 13:23:07 +0300
++
++asterisk (1:1.8.13.1~dfsg-2) unstable; urgency=high
++
++  * Patches backported from Asterisk 1.8.19.1 (Closes: #697230):
++    - Patch AST-2012-014 (CVE-2012-5976) - fixes Crashes due to large stack
++      allocations when using TCP.
++      The following two fixes were also pulled in order to easily apply it:
++      - Patch fix-sip-tcp-no-FILE - Switch to reading with a recv loop
++      - Patch fix-sip-tls-leak - Memory leak in the SIP TLS code
++    - Patch AST-2012-015 (CVE-2012-5977) - Denial of Service Through
++      Exploitation of Device State Caching
++  * Patch powerpcspe: Fix OSARCH for powerpcspe (Closes: #701505).
++  * README.Debian: document running the testsuite.
++  * Patch fix_xmpp_19532: fix a crash of the XMPP code (Closes: #545272).
++  * Patches backported from Asterisk 1.8.20.2 (Closes: #704114):
++    - Patch AST-2013-002 (CVE-2013-2686): Prevent DoS in HTTP server with
++      a large POST.
++    - Patch AST-2013-003 (CVE-2013-2264): Prevent username disclosure in
++      SIP channel driver.
++  * Patch bluetooth_bind - fix breakage of chan_mobile (Closes: #614786).
++
++ -- Tzafrir Cohen <tzafrir@debian.org>  Sat, 06 Apr 2013 14:15:41 +0300
++
  asterisk (1:1.8.13.1~dfsg-1ubuntu4) saucy; urgency=low
    * Build against libical 1.0
 === added file 'debian/patches/AST-2012-014'
 --- debian/patches/AST-2012-014	1970-01-01 00:00:00 +0000
 +++ debian/patches/AST-2012-014	2013-07-28 21:58:23 +0000
@@ -0,0 +1,162 @@
++From: Matthew Jordan <mjordan@digium.com>
++Date: Wed, 2 Jan 2013 15:16:10 +0000
++Subject: Resolve crashes due to large stack allocations when using TCP
++Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=378269
++CVE: CVE-2012-5976
++Bug: https://issues.asterisk.org/jira/browse/ASTERISK-20658
++
++Asterisk had several places where messages received over various network
++transports may be copied in a single stack allocation. In the case of TCP,
++since multiple packets in a stream may be concatenated together, this can
++lead to large allocations that overflow the stack.
++
++This patch modifies those portions of Asterisk using TCP to either
++favor heap allocations or use an upper bound to ensure that the stack will not
++overflow:
++ * For SIP, the allocation now has an upper limit
++ * For HTTP, the allocation is now a heap allocation instead of a stack
++   allocation
++ * For XMPP (in res_jabber), the allocation has been eliminated since it was
++   unnecesary.
++
++Note that the HTTP portion of this issue was independently found by Brandon
++Edwards of Exodus Intelligence.
++
++Reported by: wdoekes, Brandon Edwards
++Tested by: mmichelson, wdoekes
++See also: http://downloads.asterisk.org/pub/security/AST-2012-014.html
++
++---
++ channels/chan_sip.c        |   58 +++++++++++++++++++++++++++++++-------------
++ channels/sip/include/sip.h |    1 +
++ main/http.c                |   20 ++++++++++++---
++ res/res_jabber.c           |    5 ++--
++ 4 files changed, 60 insertions(+), 24 deletions(-)
++
++--- a/channels/chan_sip.c
+++++ b/channels/chan_sip.c
++@@ -2504,6 +2504,7 @@ static void *_sip_tcp_helper_thread(stru
++ 	int res, cl, timeout = -1, authenticated = 0, flags, after_poll = 0, need_poll = 1;
++ 	time_t start;
++ 	struct sip_request req = { 0, } , reqcpy = { 0, };
+++	size_t datalen;
++ 	struct sip_threadinfo *me = NULL;
++ 	char buf[1024] = "";
++ 	struct pollfd fds[2] = { { 0 }, { 0 }, };
++@@ -2640,8 +2641,9 @@ static void *_sip_tcp_helper_thread(stru
++ 			}
++ 			req.socket.fd = tcptls_session->fd;
++
+++			datalen = ast_str_strlen(req.data);
++ 			/* Read in headers one line at a time */
++-			while (ast_str_strlen(req.data) < 4 || strncmp(REQ_OFFSET_TO_STR(&req, data->used - 4), "\r\n\r\n", 4)) {
+++			while (datalen < 4 || strncmp(REQ_OFFSET_TO_STR(&req, data->used - 4), "\r\n\r\n", 4)) {
++ 				if (!tcptls_session->client && !authenticated ) {
++ 					if ((timeout = sip_check_authtimeout(start)) < 0) {
++ 						goto cleanup;
++@@ -2688,6 +2690,14 @@ static void *_sip_tcp_helper_thread(stru
++ 					 goto cleanup;
++ 				}
++ 				ast_str_append(&req.data, 0, "%s", buf);
+++				datalen = ast_str_strlen(req.data);
+++				if (datalen > SIP_MAX_PACKET_SIZE) {
+++					ast_log(LOG_WARNING, "Rejecting SIP %s packet from '%s' because way too large: %zu\n",
+++							tcptls_session->ssl ? "SSL" : "TCP",
+++							ast_sockaddr_stringify(&tcptls_session->remote_address),
+++							datalen);
+++					goto cleanup;
+++				}
++ 			}
++ 			copy_request(&reqcpy, &req);
++ 			parse_request(&reqcpy);
++--- a/channels/sip/include/sip.h
+++++ b/channels/sip/include/sip.h
++@@ -96,6 +96,7 @@
++
++ #define SIP_MAX_HEADERS           64     /*!< Max amount of SIP headers to read */
++ #define SIP_MAX_LINES             256    /*!< Max amount of lines in SIP attachment (like SDP) */
+++#define SIP_MAX_PACKET_SIZE       20480  /*!< Max SIP packet size */
++ #define SIP_MIN_PACKET            4096   /*!< Initialize size of memory to allocate for packets */
++ #define MAX_HISTORY_ENTRIES		  50	 /*!< Max entires in the history list for a sip_pvt */
++
++--- a/main/http.c
+++++ b/main/http.c
++@@ -622,6 +622,7 @@ struct ast_variable *ast_http_get_post_v
++ 	int content_length = 0;
++ 	struct ast_variable *v, *post_vars=NULL, *prev = NULL;
++ 	char *buf, *var, *val;
+++	int res;
++
++ 	for (v = headers; v; v = v->next) {
++ 		if (!strcasecmp(v->name, "Content-Type")) {
++@@ -634,21 +635,27 @@ struct ast_variable *ast_http_get_post_v
++
++ 	for (v = headers; v; v = v->next) {
++ 		if (!strcasecmp(v->name, "Content-Length")) {
++-			content_length = atoi(v->value) + 1;
+++			content_length = atoi(v->value);
++ 			break;
++ 		}
++ 	}
++
++-	if (!content_length) {
+++	if (content_length <= 0) {
++ 		return NULL;
++ 	}
++
++-	if (!(buf = alloca(content_length))) {
+++	buf = ast_malloc(content_length + 1);
+++	if (!buf) {
++ 		return NULL;
++ 	}
++-	if (!fgets(buf, content_length, ser->f)) {
++-		return NULL;
+++
+++	res = fread(buf, 1, content_length, ser->f);
+++	if (res < content_length) {
+++		/* Error, distinguishable by ferror() or feof(), but neither
+++		 * is good. */
+++		goto done;
++ 	}
+++	buf[content_length] = '\0';
++
++ 	while ((val = strsep(&buf, "&"))) {
++ 		var = strsep(&val, "=");
++@@ -667,6 +674,9 @@ struct ast_variable *ast_http_get_post_v
++ 			prev = v;
++ 		}
++ 	}
+++
+++done:
+++	ast_free(buf);
++ 	return post_vars;
++ }
++
++--- a/res/res_jabber.c
+++++ b/res/res_jabber.c
++@@ -768,7 +768,7 @@ static struct ast_custom_function jabber
++  */
++ static int acf_jabberreceive_read(struct ast_channel *chan, const char *name, char *data, char *buf, size_t buflen)
++ {
++-	char *aux = NULL, *parse = NULL;
+++	char *parse = NULL;
++ 	int timeout;
++ 	int jidlen, resourcelen;
++ 	struct timeval start;
++@@ -885,7 +885,7 @@ static int acf_jabberreceive_read(struct
++ 				continue;
++ 			}
++ 			found = 1;
++-			aux = ast_strdupa(tmp->message);
+++			ast_copy_string(buf, tmp->message, buflen);
++ 			AST_LIST_REMOVE_CURRENT(list);
++ 			aji_message_destroy(tmp);
++ 			break;
++@@ -910,7 +910,6 @@ static int acf_jabberreceive_read(struct
++ 		ast_log(LOG_NOTICE, "Timed out : no message received from %s\n", args.jid);
++ 		return -1;
++ 	}
++-	ast_copy_string(buf, aux, buflen);
++
++ 	return 0;
++ }
 === added file 'debian/patches/AST-2012-015'
 --- debian/patches/AST-2012-015	1970-01-01 00:00:00 +0000
 +++ debian/patches/AST-2012-015	2013-07-28 21:58:23 +0000
@@ -0,0 +1,1012 @@
++From: Matthew Jordan <mjordan@digium.com>
++Date: Wed, 2 Jan 2013 16:54:20 +0000
++Subject: Prevent exhaustion of system resources through exploitation of event cache
++CVE: CVE-2012-5977
++Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=378303
++Bug: https://issues.asterisk.org/jira/browse/ASTERISK-20175
++
++Asterisk maintains an internal cache for devices in the event subsystem. The
++device state cache holds the state of each device known to Asterisk, such that
++consumers of device state information can query for the last known state for
++a particular device, even if it is not part of an active call. The concept of
++a device in Asterisk can include entities that do not have a physical
++representation. One way that this occurred was when anonymous calls are allowed
++in Asterisk. A device was automatically created and stored in the cache for
++each anonymous call that occurred; this was possible in the SIP and IAX2
++channel drivers and through channel drivers that utilized the
++res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). These devices
++are never removed from the system, allowing anonymous calls to potentially
++exhaust a system's resources.
++
++This patch changes the event cache subsystem and device state management to
++no longer cache devices that are not associated with a physical entity.
++
++Reported by: Russell Bryant, Leif Madsen, Joshua Colp
++Tested by: kmoore
++See also: http://downloads.asterisk.org/pub/security/AST-2012-015.html
++
++---
++ apps/app_confbridge.c          |    4 +--
++ apps/app_meetme.c              |   16 +++++------
++ channels/chan_agent.c          |   12 ++++----
++ channels/chan_dahdi.c          |    7 +++--
++ channels/chan_iax2.c           |   31 +++++++++++---------
++ channels/chan_local.c          |    3 ++
++ channels/chan_sip.c            |   18 +++++++-----
++ channels/chan_skinny.c         |   16 +++++------
++ funcs/func_devstate.c          |    6 ++--
++ include/asterisk/channel.h     |    6 ++++
++ include/asterisk/devicestate.h |   16 +++++++++--
++ include/asterisk/event_defs.h  |    8 +++++-
++ main/channel.c                 |    5 ++--
++ main/devicestate.c             |   51 +++++++++++++++++++++------------
++ main/event.c                   |    1 +
++ main/features.c                |    2 +-
++ res/res_calendar.c             |    8 +++---
++ res/res_jabber.c               |   61 ++++++++++++++++++++++++++++++----------
++ 18 files changed, 177 insertions(+), 94 deletions(-)
++
++--- a/apps/app_confbridge.c
+++++ b/apps/app_confbridge.c
++@@ -486,7 +486,7 @@ static struct conference_bridge *join_co
++
++ 	/* Set the device state for this conference */
++ 	if (conference_bridge->users == 1) {
++-		ast_devstate_changed(AST_DEVICE_INUSE, "confbridge:%s", conference_bridge->name);
+++		ast_devstate_changed(AST_DEVICE_INUSE, AST_DEVSTATE_CACHABLE, "confbridge:%s", conference_bridge->name);
++ 	}
++
++ 	/* If the caller is a marked user or is waiting for a marked user to enter pass 'em off, otherwise pass them off to do regular joining stuff */
++@@ -568,7 +568,7 @@ static void  leave_conference_bridge(str
++ 		}
++ 	} else {
++ 		/* Set device state to "not in use" */
++-		ast_devstate_changed(AST_DEVICE_NOT_INUSE, "confbridge:%s", conference_bridge->name);
+++		ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "confbridge:%s", conference_bridge->name);
++
++ 		ao2_unlink(conference_bridges, conference_bridge);
++ 	}
++--- a/apps/app_meetme.c
+++++ b/apps/app_meetme.c
++@@ -2489,7 +2489,7 @@ static int conf_run(struct ast_channel *
++
++ 	/* This device changed state now - if this is the first user */
++ 	if (conf->users == 1)
++-		ast_devstate_changed(AST_DEVICE_INUSE, "meetme:%s", conf->confno);
+++		ast_devstate_changed(AST_DEVICE_INUSE, (conf->isdynamic ? AST_DEVSTATE_NOT_CACHABLE : AST_DEVSTATE_CACHABLE), "meetme:%s", conf->confno);
++
++ 	ast_mutex_unlock(&conf->playlock);
++
++@@ -3783,7 +3783,7 @@ bailoutandtrynormal:
++
++ 		/* Change any states */
++ 		if (!conf->users) {
++-			ast_devstate_changed(AST_DEVICE_NOT_INUSE, "meetme:%s", conf->confno);
+++			ast_devstate_changed(AST_DEVICE_NOT_INUSE, (conf->isdynamic ? AST_DEVSTATE_NOT_CACHABLE : AST_DEVSTATE_CACHABLE), "meetme:%s", conf->confno);
++ 		}
++
++ 		/* Return the number of seconds the user was in the conf */
++@@ -5199,8 +5199,8 @@ static void sla_change_trunk_state(const
++ 				|| trunk_ref == exclude)
++ 				continue;
++ 			trunk_ref->state = state;
++-			ast_devstate_changed(sla_state_to_devstate(state),
++-				"SLA:%s_%s", station->name, trunk->name);
+++			ast_devstate_changed(sla_state_to_devstate(state), AST_DEVSTATE_CACHABLE,
+++					     "SLA:%s_%s", station->name, trunk->name);
++ 			break;
++ 		}
++ 	}
++@@ -5698,8 +5698,8 @@ static void sla_handle_hold_event(struct
++ {
++ 	ast_atomic_fetchadd_int((int *) &event->trunk_ref->trunk->hold_stations, 1);
++ 	event->trunk_ref->state = SLA_TRUNK_STATE_ONHOLD_BYME;
++-	ast_devstate_changed(AST_DEVICE_ONHOLD, "SLA:%s_%s",
++-		event->station->name, event->trunk_ref->trunk->name);
+++	ast_devstate_changed(AST_DEVICE_ONHOLD, AST_DEVSTATE_CACHABLE, "SLA:%s_%s",
+++			     event->station->name, event->trunk_ref->trunk->name);
++ 	sla_change_trunk_state(event->trunk_ref->trunk, SLA_TRUNK_STATE_ONHOLD,
++ 		INACTIVE_TRUNK_REFS, event->trunk_ref);
++
++@@ -6208,8 +6208,8 @@ static int sla_station_exec(struct ast_c
++ 			sla_change_trunk_state(trunk_ref->trunk, SLA_TRUNK_STATE_UP, ALL_TRUNK_REFS, NULL);
++ 		else {
++ 			trunk_ref->state = SLA_TRUNK_STATE_UP;
++-			ast_devstate_changed(AST_DEVICE_INUSE,
++-				"SLA:%s_%s", station->name, trunk_ref->trunk->name);
+++			ast_devstate_changed(AST_DEVICE_INUSE, AST_DEVSTATE_CACHABLE,
+++					     "SLA:%s_%s", station->name, trunk_ref->trunk->name);
++ 		}
++ 	} else if (trunk_ref->state == SLA_TRUNK_STATE_RINGING) {
++ 		struct sla_ringing_trunk *ringing_trunk;
++--- a/channels/chan_agent.c
+++++ b/channels/chan_agent.c
++@@ -611,7 +611,7 @@ static struct ast_frame *agent_read(stru
++ 		if (p->chan) {
++ 			p->chan->_bridge = NULL;
++ 			p->chan = NULL;
++-			ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "Agent/%s", p->agent);
+++			ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "Agent/%s", p->agent);
++ 			p->acknowledged = 0;
++ 		}
++ 	} else {
++@@ -866,7 +866,7 @@ static int agent_call(struct ast_channel
++ 	} else {
++ 		/* Agent hung-up */
++ 		p->chan = NULL;
++-		ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "Agent/%s", p->agent);
+++		ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "Agent/%s", p->agent);
++ 	}
++
++ 	if (!res) {
++@@ -985,7 +985,7 @@ static int agent_hangup(struct ast_chann
++ 	if (!p->loginstart) {
++ 		p->logincallerid[0] = '\0';
++ 	} else {
++-		ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Agent/%s", p->agent);
+++		ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Agent/%s", p->agent);
++ 	}
++
++ 	if (p->abouttograb) {
++@@ -2128,7 +2128,7 @@ static int login_exec(struct ast_channel
++ 						}
++ 						ast_mutex_unlock(&p->lock);
++ 						AST_LIST_UNLOCK(&agents);
++-						ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Agent/%s", p->agent);
+++						ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Agent/%s", p->agent);
++ 						while (res >= 0) {
++ 							ast_mutex_lock(&p->lock);
++ 							if (p->deferlogoff && p->chan) {
++@@ -2149,7 +2149,7 @@ static int login_exec(struct ast_channel
++ 								if (ast_tvdiff_ms(ast_tvnow(), p->lastdisc) > 0) {
++ 									ast_debug(1, "Wrapup time for %s expired!\n", p->agent);
++ 									p->lastdisc = ast_tv(0, 0);
++-									ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Agent/%s", p->agent);
+++									ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Agent/%s", p->agent);
++ 									if (p->ackcall) {
++ 										check_beep(p, 0);
++ 									} else {
++@@ -2209,7 +2209,7 @@ static int login_exec(struct ast_channel
++ 						ast_queue_log("NONE", chan->uniqueid, agent, "AGENTLOGOFF", "%s|%ld", chan->name, logintime);
++ 						ast_verb(2, "Agent '%s' logged out\n", p->agent);
++ 						/* If there is no owner, go ahead and kill it now */
++-						ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "Agent/%s", p->agent);
+++						ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "Agent/%s", p->agent);
++ 						if (p->dead && !p->owner) {
++ 							ast_mutex_destroy(&p->lock);
++ 							ast_cond_destroy(&p->app_complete_cond);
++--- a/channels/chan_dahdi.c
+++++ b/channels/chan_dahdi.c
++@@ -3312,7 +3312,7 @@ static void dahdi_pri_update_span_devsta
++ 	}
++ 	if (pri->congestion_devstate != new_state) {
++ 		pri->congestion_devstate = new_state;
++-		ast_devstate_changed(AST_DEVICE_UNKNOWN, "DAHDI/I%d/congestion", pri->span);
+++		ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_NOT_CACHABLE, "DAHDI/I%d/congestion", pri->span);
++ 	}
++ #if defined(THRESHOLD_DEVSTATE_PLACEHOLDER)
++ 	/* Update the span threshold device state and report any change. */
++@@ -3328,7 +3328,7 @@ static void dahdi_pri_update_span_devsta
++ 	}
++ 	if (pri->threshold_devstate != new_state) {
++ 		pri->threshold_devstate = new_state;
++-		ast_devstate_changed(AST_DEVICE_UNKNOWN, "DAHDI/I%d/threshold", pri->span);
+++		ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_NOT_CACHABLE, "DAHDI/I%d/threshold", pri->span);
++ 	}
++ #endif	/* defined(THRESHOLD_DEVSTATE_PLACEHOLDER) */
++ }
++@@ -9757,7 +9757,8 @@ static struct ast_channel *dahdi_new(str
++ 	if (dashptr) {
++ 		*dashptr = '\0';
++ 	}
++-	ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, device_name);
+++	tmp->flags |= AST_FLAG_DISABLE_DEVSTATE_CACHE;
+++	ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, AST_DEVSTATE_NOT_CACHABLE, device_name);
++
++ 	for (v = i->vars ; v ; v = v->next)
++ 		pbx_builtin_setvar_helper(tmp, v->name, v->value);
++--- a/channels/chan_iax2.c
+++++ b/channels/chan_iax2.c
++@@ -5728,7 +5728,7 @@ static int iax2_getpeertrunk(struct sock
++ }
++
++ /*! \brief  Create new call, interface with the PBX core */
++-static struct ast_channel *ast_iax2_new(int callno, int state, format_t capability, const char *linkedid)
+++static struct ast_channel *ast_iax2_new(int callno, int state, format_t capability, const char *linkedid, unsigned int cachable)
++ {
++ 	struct ast_channel *tmp;
++ 	struct chan_iax2_pvt *i;
++@@ -5797,6 +5797,10 @@ static struct ast_channel *ast_iax2_new(
++ 	i->owner = tmp;
++ 	i->capability = capability;
++
+++	if (!cachable) {
+++		tmp->flags |= AST_FLAG_DISABLE_DEVSTATE_CACHE;
+++	}
+++
++ 	/* Set inherited variables */
++ 	if (i->vars) {
++ 		for (v = i->vars ; v ; v = v->next)
++@@ -8085,7 +8089,7 @@ static int register_verify(int callno, s
++ 		/* if challenge has been sent, but no challenge response if given, reject. */
++ 		goto return_unref;
++ 	}
++-	ast_devstate_changed(AST_DEVICE_UNKNOWN, "IAX2/%s", p->name); /* Activate notification */
+++	ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "IAX2/%s", p->name); /* Activate notification */
++
++ 	/* either Authentication has taken place, or a REGAUTH must be sent before verifying registration */
++ 	res = 0;
++@@ -8639,7 +8643,7 @@ static void __expire_registry(const void
++ 	if (!ast_test_flag64(peer, IAX_TEMPONLY))
++ 		ast_db_del("IAX/Registry", peer->name);
++ 	register_peer_exten(peer, 0);
++-	ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "IAX2/%s", peer->name); /* Activate notification */
+++	ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "IAX2/%s", peer->name); /* Activate notification */
++ 	if (iax2_regfunk)
++ 		iax2_regfunk(peer->name, 0);
++
++@@ -8693,7 +8697,7 @@ static void reg_source_db(struct iax2_pe
++ 		}
++ 	}
++
++-	ast_devstate_changed(AST_DEVICE_UNKNOWN, "IAX2/%s", p->name); /* Activate notification */
+++	ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "IAX2/%s", p->name); /* Activate notification */
++
++ 	p->expire = iax2_sched_add(sched, (p->expiry + 10) * 1000, expire_registry, peer_ref(p));
++ 	if (p->expire == -1) {
++@@ -8770,14 +8774,14 @@ static int update_registry(struct sockad
++ 					    ast_test_flag(&iaxs[callno]->state, IAX_STATE_AUTHENTICATED) ? "AUTHENTICATED" : "UNAUTHENTICATED", ast_inet_ntoa(sin->sin_addr), ntohs(sin->sin_port));
++ 			manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: IAX2\r\nPeer: IAX2/%s\r\nPeerStatus: Registered\r\n", p->name);
++ 			register_peer_exten(p, 1);
++-			ast_devstate_changed(AST_DEVICE_UNKNOWN, "IAX2/%s", p->name); /* Activate notification */
+++			ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "IAX2/%s", p->name); /* Activate notification */
++ 		} else if (!ast_test_flag64(p, IAX_TEMPONLY)) {
++ 			ast_verb(3, "Unregistered IAX2 '%s' (%s)\n", p->name,
++ 					    ast_test_flag(&iaxs[callno]->state, IAX_STATE_AUTHENTICATED) ? "AUTHENTICATED" : "UNAUTHENTICATED");
++ 			manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: IAX2\r\nPeer: IAX2/%s\r\nPeerStatus: Unregistered\r\n", p->name);
++ 			register_peer_exten(p, 0);
++ 			ast_db_del("IAX/Registry", p->name);
++-			ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "IAX2/%s", p->name); /* Activate notification */
+++			ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "IAX2/%s", p->name); /* Activate notification */
++ 		}
++ 		/* Update the host */
++ 		/* Verify that the host is really there */
++@@ -10278,7 +10282,8 @@ static int socket_process(struct iax2_th
++ 		    (f.frametype == AST_FRAME_IAX)) {
++ 			if (ast_test_flag64(iaxs[fr->callno], IAX_DELAYPBXSTART)) {
++ 				ast_clear_flag64(iaxs[fr->callno], IAX_DELAYPBXSTART);
++-				if (!ast_iax2_new(fr->callno, AST_STATE_RING, iaxs[fr->callno]->chosenformat, NULL)) {
+++				if (!ast_iax2_new(fr->callno, AST_STATE_RING, iaxs[fr->callno]->chosenformat, NULL,
+++						  ast_test_flag(&iaxs[fr->callno]->state, IAX_STATE_AUTHENTICATED))) {
++ 					ast_variables_destroy(ies.vars);
++ 					ast_mutex_unlock(&iaxsl[fr->callno]);
++ 					return 1;
++@@ -10911,13 +10916,13 @@ static int socket_process(struct iax2_th
++ 						if (iaxs[fr->callno]->pingtime <= peer->maxms) {
++ 							ast_log(LOG_NOTICE, "Peer '%s' is now REACHABLE! Time: %d\n", peer->name, iaxs[fr->callno]->pingtime);
++ 							manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: IAX2\r\nPeer: IAX2/%s\r\nPeerStatus: Reachable\r\nTime: %d\r\n", peer->name, iaxs[fr->callno]->pingtime);
++-							ast_devstate_changed(AST_DEVICE_NOT_INUSE, "IAX2/%s", peer->name); /* Activate notification */
+++							ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "IAX2/%s", peer->name); /* Activate notification */
++ 						}
++ 					} else if ((peer->historicms > 0) && (peer->historicms <= peer->maxms)) {
++ 						if (iaxs[fr->callno]->pingtime > peer->maxms) {
++ 							ast_log(LOG_NOTICE, "Peer '%s' is now TOO LAGGED (%d ms)!\n", peer->name, iaxs[fr->callno]->pingtime);
++ 							manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: IAX2\r\nPeer: IAX2/%s\r\nPeerStatus: Lagged\r\nTime: %d\r\n", peer->name, iaxs[fr->callno]->pingtime);
++-							ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "IAX2/%s", peer->name); /* Activate notification */
+++							ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "IAX2/%s", peer->name); /* Activate notification */
++ 						}
++ 					}
++ 					peer->lastms = iaxs[fr->callno]->pingtime;
++@@ -11159,7 +11164,7 @@ static int socket_process(struct iax2_th
++ 											using_prefs);
++
++ 							ast_set_flag(&iaxs[fr->callno]->state, IAX_STATE_STARTED);
++-							if (!(c = ast_iax2_new(fr->callno, AST_STATE_RING, format, NULL)))
+++							if (!(c = ast_iax2_new(fr->callno, AST_STATE_RING, format, NULL, 1)))
++ 								iax2_destroy(fr->callno);
++ 							else if (ies.vars) {
++ 								struct ast_datastore *variablestore;
++@@ -11230,7 +11235,7 @@ immediatedial:
++ 							ast_getformatname_multiple(tmp, sizeof(tmp), iaxs[fr->callno]->peerformat));
++ 						ast_set_flag(&iaxs[fr->callno]->state, IAX_STATE_STARTED);
++ 						send_command(iaxs[fr->callno], AST_FRAME_CONTROL, AST_CONTROL_PROGRESS, 0, NULL, 0, -1);
++-						if (!(c = ast_iax2_new(fr->callno, AST_STATE_RING, iaxs[fr->callno]->peerformat, NULL)))
+++						if (!(c = ast_iax2_new(fr->callno, AST_STATE_RING, iaxs[fr->callno]->peerformat, NULL, 1)))
++ 							iax2_destroy(fr->callno);
++ 						else if (ies.vars) {
++ 							struct ast_datastore *variablestore;
++@@ -11982,7 +11987,7 @@ static void __iax2_poke_noanswer(const v
++ 	if (peer->lastms > -1) {
++ 		ast_log(LOG_NOTICE, "Peer '%s' is now UNREACHABLE! Time: %d\n", peer->name, peer->lastms);
++ 		manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: IAX2\r\nPeer: IAX2/%s\r\nPeerStatus: Unreachable\r\nTime: %d\r\n", peer->name, peer->lastms);
++-		ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "IAX2/%s", peer->name); /* Activate notification */
+++		ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "IAX2/%s", peer->name); /* Activate notification */
++ 	}
++ 	if ((callno = peer->callno) > 0) {
++ 		ast_mutex_lock(&iaxsl[callno]);
++@@ -12150,7 +12155,7 @@ static struct ast_channel *iax2_request(
++ 	if (cai.found)
++ 		ast_string_field_set(iaxs[callno], host, pds.peer);
++
++-	c = ast_iax2_new(callno, AST_STATE_DOWN, cai.capability, requestor ? requestor->linkedid : NULL);
+++	c = ast_iax2_new(callno, AST_STATE_DOWN, cai.capability, requestor ? requestor->linkedid : NULL, cai.found);
++
++ 	ast_mutex_unlock(&iaxsl[callno]);
++
++--- a/channels/chan_local.c
+++++ b/channels/chan_local.c
++@@ -1143,6 +1143,9 @@ static struct ast_channel *local_new(str
++ 	tmp->tech_pvt = p;
++ 	tmp2->tech_pvt = p;
++
+++	tmp->flags |= AST_FLAG_DISABLE_DEVSTATE_CACHE;
+++	tmp2->flags |= AST_FLAG_DISABLE_DEVSTATE_CACHE;
+++
++ 	p->owner = tmp;
++ 	p->chan = tmp2;
++ 	p->u_owner = ast_module_user_add(p->owner);
++--- a/channels/chan_sip.c
+++++ b/channels/chan_sip.c
++@@ -6312,7 +6312,7 @@ static int update_call_counter(struct si
++ 	}
++
++ 	if (p) {
++-		ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", p->name);
+++		ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "SIP/%s", p->name);
++ 		unref_peer(p, "update_call_counter: unref_peer from call counter");
++ 	}
++ 	return 0;
++@@ -7510,6 +7510,9 @@ static struct ast_channel *sip_new(struc
++ 	if (i->rtp)
++ 		ast_jb_configure(tmp, &global_jbconf);
++
+++	if (!i->relatedpeer) {
+++		tmp->flags |= AST_FLAG_DISABLE_DEVSTATE_CACHE;
+++	}
++ 	/* Set channel variables for this call from configuration */
++ 	for (v = i->chanvars ; v ; v = v->next) {
++ 		char valuebuf[1024];
++@@ -14021,7 +14024,7 @@ static int expire_register(const void *d
++
++ 	manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: SIP\r\nPeer: SIP/%s\r\nPeerStatus: Unregistered\r\nCause: Expired\r\n", peer->name);
++ 	register_peer_exten(peer, FALSE);	/* Remove regexten */
++-	ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", peer->name);
+++	ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "SIP/%s", peer->name);
++
++ 	/* Do we need to release this peer from memory?
++ 		Only for realtime peers and autocreated peers
++@@ -14803,8 +14806,9 @@ static void sip_peer_hold(struct sip_pvt
++ 	ast_atomic_fetchadd_int(&p->relatedpeer->onHold, (hold ? +1 : -1));
++
++ 	/* Request device state update */
++-	ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", p->relatedpeer->name);
++-
+++	ast_devstate_changed(AST_DEVICE_UNKNOWN, (p->owner->flags & AST_FLAG_DISABLE_DEVSTATE_CACHE ? AST_DEVSTATE_NOT_CACHABLE : AST_DEVSTATE_CACHABLE),
+++			     "SIP/%s", p->relatedpeer->name);
+++
++ 	return;
++ }
++
++@@ -15208,7 +15212,7 @@ static enum check_auth_result register_v
++ 		}
++ 	}
++ 	if (!res) {
++-		ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", peer->name);
+++		ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "SIP/%s", peer->name);
++ 	}
++ 	if (res < 0) {
++ 		switch (res) {
++@@ -21122,7 +21126,7 @@ static void handle_response_peerpoke(str
++
++ 		ast_log(LOG_NOTICE, "Peer '%s' is now %s. (%dms / %dms)\n",
++ 			peer->name, s, pingtime, peer->maxms);
++-		ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", peer->name);
+++		ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "SIP/%s", peer->name);
++ 		if (sip_cfg.peer_rtupdate) {
++ 			ast_update_realtime(ast_check_realtime("sipregs") ? "sipregs" : "sippeers", "name", peer->name, "lastms", str_lastms, SENTINEL);
++ 		}
++@@ -26540,7 +26544,7 @@ static int sip_poke_noanswer(const void
++ 	/* Don't send a devstate change if nothing changed. */
++ 	if (peer->lastms > -1) {
++ 		peer->lastms = -1;
++-		ast_devstate_changed(AST_DEVICE_UNKNOWN, "SIP/%s", peer->name);
+++		ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "SIP/%s", peer->name);
++ 	}
++
++ 	/* Try again quickly */
++--- a/channels/chan_skinny.c
+++++ b/channels/chan_skinny.c
++@@ -1925,7 +1925,7 @@ static int skinny_register(struct skinny
++ 					register_exten(l);
++ 					/* initialize MWI on line and device */
++ 					mwi_event_cb(0, l);
++-					ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Skinny/%s@%s", l->name, d->name);
+++					ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++ 				}
++ 				--instance;
++ 			}
++@@ -1963,7 +1963,7 @@ static int skinny_unregister(struct skin
++ 				l->instance = 0;
++ 				manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "ChannelType: Skinny\r\nPeer: Skinny/%s@%s\r\nPeerStatus: Unregistered\r\n", l->name, d->name);
++ 				unregister_exten(l);
++-				ast_devstate_changed(AST_DEVICE_UNAVAILABLE, "Skinny/%s@%s", l->name, d->name);
+++				ast_devstate_changed(AST_DEVICE_UNAVAILABLE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++ 			}
++ 		}
++ 	}
++@@ -5321,7 +5321,7 @@ static int handle_stimulus_message(struc
++ 			ast_verb(1, "RECEIVED UNKNOWN STIMULUS:  %d(%d/%d)\n", event, instance, callreference);
++ 		break;
++ 	}
++-	ast_devstate_changed(AST_DEVICE_UNKNOWN, "Skinny/%s@%s", l->name, d->name);
+++	ast_devstate_changed(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++
++ 	return 1;
++ }
++@@ -5372,7 +5372,7 @@ static int handle_offhook_message(struct
++ 	transmit_ringer_mode(d, SKINNY_RING_OFF);
++ 	l->hookstate = SKINNY_OFFHOOK;
++
++-	ast_devstate_changed(AST_DEVICE_INUSE, "Skinny/%s@%s", l->name, d->name);
+++	ast_devstate_changed(AST_DEVICE_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++
++ 	if (sub && sub->onhold) {
++ 		return 1;
++@@ -5448,7 +5448,7 @@ static int handle_onhook_message(struct
++ 		return 0;
++ 	}
++
++-	ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Skinny/%s@%s", l->name, d->name);
+++	ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++
++ 	if (sub->onhold) {
++ 		return 0;
++@@ -5834,7 +5834,7 @@ static int handle_soft_key_event_message
++ 		return 0;
++ 	}
++
++-	ast_devstate_changed(AST_DEVICE_INUSE, "Skinny/%s@%s", l->name, d->name);
+++	ast_devstate_changed(AST_DEVICE_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++
++ 	switch(event) {
++ 	case SOFTKEY_NONE:
++@@ -6049,7 +6049,7 @@ static int handle_soft_key_event_message
++ 				transmit_callstate(d, l->instance, sub->callid, l->hookstate);
++ 			}
++
++-			ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Skinny/%s@%s", l->name, d->name);
+++			ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++ 			if (skinnydebug)
++ 				ast_verb(1, "Skinny %s@%s went on hook\n", l->name, d->name);
++ 			if (l->transfer && sub->xferor && sub->owner->_state >= AST_STATE_RING) {
++@@ -6073,7 +6073,7 @@ static int handle_soft_key_event_message
++ 				}
++ 			}
++ 			if ((l->hookstate == SKINNY_ONHOOK) && (AST_LIST_NEXT(sub, list) && !AST_LIST_NEXT(sub, list)->rtp)) {
++-				ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Skinny/%s@%s", l->name, d->name);
+++				ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Skinny/%s@%s", l->name, d->name);
++ 			}
++ 		}
++ 		break;
++--- a/funcs/func_devstate.c
+++++ b/funcs/func_devstate.c
++@@ -132,7 +132,7 @@ static int devstate_write(struct ast_cha
++
++ 	ast_db_put(astdb_family, data, value);
++
++-	ast_devstate_changed(state_val, "Custom:%s", data);
+++	ast_devstate_changed(state_val, AST_DEVSTATE_CACHABLE, "Custom:%s", data);
++
++ 	return 0;
++ }
++@@ -294,7 +294,7 @@ static char *handle_cli_devstate_change(
++
++ 	ast_db_put(astdb_family, dev, state);
++
++-	ast_devstate_changed(state_val, "Custom:%s", dev);
+++	ast_devstate_changed(state_val, AST_DEVSTATE_CACHABLE, "Custom:%s", dev);
++
++ 	return CLI_SUCCESS;
++ }
++@@ -340,7 +340,7 @@ static int load_module(void)
++ 		if (dev_name <= (const char *) 1)
++ 			continue;
++ 		ast_devstate_changed(ast_devstate_val(db_entry->data),
++-			"Custom:%s\n", dev_name);
+++			AST_DEVSTATE_CACHABLE, "Custom:%s\n", dev_name);
++ 	}
++ 	ast_db_freetree(db_tree);
++ 	db_tree = NULL;
++--- a/include/asterisk/channel.h
+++++ b/include/asterisk/channel.h
++@@ -936,6 +936,12 @@ enum {
++ 	 *  some non-traditional dialplans (like AGI) to continue to function.
++ 	 */
++ 	AST_FLAG_DISABLE_WORKAROUNDS = (1 << 20),
+++	/*! Disable device state event caching.  This allows allows channel
+++	 * drivers to selectively prevent device state events from being cached
+++	 * by certain channels such as anonymous calls which have no persistent
+++	 * represenatation that can be tracked.
+++	 */
+++	AST_FLAG_DISABLE_DEVSTATE_CACHE = (1 << 21),
++ };
++
++ /*! \brief ast_bridge_config flags */
++--- a/include/asterisk/devicestate.h
+++++ b/include/asterisk/devicestate.h
++@@ -61,6 +61,14 @@ enum ast_device_state {
++ 	AST_DEVICE_TOTAL,        /*/ Total num of device states, used for testing */
++ };
++
+++/*! \brief Device State Cachability
+++ *  \note This is used to define the cachability of a device state when set.
+++ */
+++enum ast_devstate_cache {
+++	AST_DEVSTATE_NOT_CACHABLE,  /*!< This device state is not cachable */
+++	AST_DEVSTATE_CACHABLE,      /*!< This device state is cachable */
+++};
+++
++ /*! \brief Devicestate provider call back */
++ typedef enum ast_device_state (*ast_devstate_prov_cb_type)(const char *data);
++
++@@ -129,6 +137,7 @@ enum ast_device_state ast_device_state(c
++  * \brief Tells Asterisk the State for Device is changed
++  *
++  * \param state the new state of the device
+++ * \param cachable whether this device state is cachable
++  * \param fmt device name like a dial string with format parameters
++  *
++  * The new state of the device will be sent off to any subscribers
++@@ -138,13 +147,14 @@ enum ast_device_state ast_device_state(c
++  * \retval 0 on success
++  * \retval -1 on failure
++  */
++-int ast_devstate_changed(enum ast_device_state state, const char *fmt, ...)
++-	__attribute__((format(printf, 2, 3)));
+++int ast_devstate_changed(enum ast_device_state state, enum ast_devstate_cache cachable, const char *fmt, ...)
+++	__attribute__((format(printf, 3, 4)));
++
++ /*!
++  * \brief Tells Asterisk the State for Device is changed
++  *
++  * \param state the new state of the device
+++ * \param cachable whether this device state is cachable
++  * \param device device name like a dial string with format parameters
++  *
++  * The new state of the device will be sent off to any subscribers
++@@ -154,7 +164,7 @@ int ast_devstate_changed(enum ast_device
++  * \retval 0 on success
++  * \retval -1 on failure
++  */
++-int ast_devstate_changed_literal(enum ast_device_state state, const char *device);
+++int ast_devstate_changed_literal(enum ast_device_state state, enum ast_devstate_cache cachable, const char *device);
++
++ /*!
++  * \brief Tells Asterisk the State for Device is changed.
++--- a/include/asterisk/event_defs.h
+++++ b/include/asterisk/event_defs.h
++@@ -283,8 +283,14 @@ enum ast_event_ie_type {
++ 	AST_EVENT_IE_CHALLENGE           = 0x0032,
++ 	AST_EVENT_IE_RESPONSE            = 0x0033,
++ 	AST_EVENT_IE_EXPECTED_RESPONSE   = 0x0034,
+++	/*!
+++	 * \brief Event non-cachability flag
+++	 * Used by: All events
+++	 * Payload type: UINT
+++	 */
+++	AST_EVENT_IE_CACHABLE            = 0x0035,
++ 	/*! \brief Must be the last IE value +1 */
++-	AST_EVENT_IE_TOTAL               = 0x0035,
+++	AST_EVENT_IE_TOTAL               = 0x0036,
++ };
++
++ /*!
++--- a/main/channel.c
+++++ b/main/channel.c
++@@ -285,6 +285,7 @@ static void channel_data_add_flags(struc
++ 	ast_data_add_bool(tree, "BRIDGE_HANGUP_RUN", ast_test_flag(chan, AST_FLAG_BRIDGE_HANGUP_RUN));
++ 	ast_data_add_bool(tree, "BRIDGE_HANGUP_DONT", ast_test_flag(chan, AST_FLAG_BRIDGE_HANGUP_DONT));
++ 	ast_data_add_bool(tree, "DISABLE_WORKAROUNDS", ast_test_flag(chan, AST_FLAG_DISABLE_WORKAROUNDS));
+++	ast_data_add_bool(tree, "DISABLE_DEVSTATE_CACHE", ast_test_flag(chan, AST_FLAG_DISABLE_DEVSTATE_CACHE));
++ }
++
++ #if defined(KEEP_TILL_CHANNEL_PARTY_NUMBER_INFO_NEEDED)
++@@ -2477,7 +2478,7 @@ static void ast_channel_destructor(void
++ 		 * instance is dead, we don't know the state of all other possible
++ 		 * instances.
++ 		 */
++-		ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, device_name);
+++		ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, (chan->flags & AST_FLAG_DISABLE_DEVSTATE_CACHE ? AST_DEVSTATE_NOT_CACHABLE : AST_DEVSTATE_CACHABLE), device_name);
++ 	}
++ }
++
++@@ -6918,7 +6919,7 @@ int ast_setstate(struct ast_channel *cha
++ 	/* We have to pass AST_DEVICE_UNKNOWN here because it is entirely possible that the channel driver
++ 	 * for this channel is using the callback method for device state. If we pass in an actual state here
++ 	 * we override what they are saying the state is and things go amuck. */
++-	ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, name);
+++	ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, (chan->flags & AST_FLAG_DISABLE_DEVSTATE_CACHE ? AST_DEVSTATE_NOT_CACHABLE : AST_DEVSTATE_CACHABLE), name);
++
++ 	/* setstate used to conditionally report Newchannel; this is no more */
++ 	ast_manager_event(chan, EVENT_FLAG_CALL, "Newstate",
++--- a/main/devicestate.c
+++++ b/main/devicestate.c
++@@ -170,6 +170,7 @@ static AST_RWLIST_HEAD_STATIC(devstate_p
++
++ struct state_change {
++ 	AST_LIST_ENTRY(state_change) list;
+++	enum ast_devstate_cache cachable;
++ 	char device[1];
++ };
++
++@@ -187,6 +188,7 @@ struct devstate_change {
++ 	AST_LIST_ENTRY(devstate_change) entry;
++ 	uint32_t state;
++ 	struct ast_eid eid;
+++	enum ast_devstate_cache cachable;
++ 	char device[1];
++ };
++
++@@ -422,7 +424,7 @@ static int getproviderstate(const char *
++ 	return res;
++ }
++
++-static void devstate_event(const char *device, enum ast_device_state state)
+++static void devstate_event(const char *device, enum ast_device_state state, int cachable)
++ {
++ 	struct ast_event *event;
++ 	enum ast_event_type event_type;
++@@ -438,18 +440,23 @@ static void devstate_event(const char *d
++ 	ast_debug(3, "device '%s' state '%d'\n", device, state);
++
++ 	if (!(event = ast_event_new(event_type,
++-			AST_EVENT_IE_DEVICE, AST_EVENT_IE_PLTYPE_STR, device,
++-			AST_EVENT_IE_STATE, AST_EVENT_IE_PLTYPE_UINT, state,
++-			AST_EVENT_IE_END))) {
+++				    AST_EVENT_IE_DEVICE, AST_EVENT_IE_PLTYPE_STR, device,
+++				    AST_EVENT_IE_STATE, AST_EVENT_IE_PLTYPE_UINT, state,
+++				    AST_EVENT_IE_CACHABLE, AST_EVENT_IE_PLTYPE_UINT, cachable,
+++				    AST_EVENT_IE_END))) {
++ 		return;
++ 	}
++
++-	ast_event_queue_and_cache(event);
+++	if (cachable) {
+++		ast_event_queue_and_cache(event);
+++	} else {
+++		ast_event_queue(event);
+++	}
++ }
++
++ /*! Called by the state change thread to find out what the state is, and then
++  *  to queue up the state change event */
++-static void do_state_change(const char *device)
+++static void do_state_change(const char *device, int cachable)
++ {
++ 	enum ast_device_state state;
++
++@@ -457,10 +464,10 @@ static void do_state_change(const char *
++
++ 	ast_debug(3, "Changing state for %s - state %d (%s)\n", device, state, ast_devstate2str(state));
++
++-	devstate_event(device, state);
+++	devstate_event(device, state, cachable);
++ }
++
++-int ast_devstate_changed_literal(enum ast_device_state state, const char *device)
+++int ast_devstate_changed_literal(enum ast_device_state state, enum ast_devstate_cache cachable, const char *device)
++ {
++ 	struct state_change *change;
++
++@@ -481,14 +488,15 @@ int ast_devstate_changed_literal(enum as
++ 	 */
++
++ 	if (state != AST_DEVICE_UNKNOWN) {
++-		devstate_event(device, state);
+++		devstate_event(device, state, cachable);
++ 	} else if (change_thread == AST_PTHREADT_NULL || !(change = ast_calloc(1, sizeof(*change) + strlen(device)))) {
++ 		/* we could not allocate a change struct, or */
++ 		/* there is no background thread, so process the change now */
++-		do_state_change(device);
+++		do_state_change(device, cachable);
++ 	} else {
++ 		/* queue the change */
++ 		strcpy(change->device, device);
+++		change->cachable = cachable;
++ 		AST_LIST_LOCK(&state_changes);
++ 		AST_LIST_INSERT_TAIL(&state_changes, change, list);
++ 		ast_cond_signal(&change_pending);
++@@ -500,10 +508,10 @@ int ast_devstate_changed_literal(enum as
++
++ int ast_device_state_changed_literal(const char *dev)
++ {
++-	return ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, dev);
+++	return ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, dev);
++ }
++
++-int ast_devstate_changed(enum ast_device_state state, const char *fmt, ...)
+++int ast_devstate_changed(enum ast_device_state state, enum ast_devstate_cache cachable, const char *fmt, ...)
++ {
++ 	char buf[AST_MAX_EXTENSION];
++ 	va_list ap;
++@@ -512,7 +520,7 @@ int ast_devstate_changed(enum ast_device
++ 	vsnprintf(buf, sizeof(buf), fmt, ap);
++ 	va_end(ap);
++
++-	return ast_devstate_changed_literal(state, buf);
+++	return ast_devstate_changed_literal(state, cachable, buf);
++ }
++
++ int ast_device_state_changed(const char *fmt, ...)
++@@ -524,7 +532,7 @@ int ast_device_state_changed(const char
++ 	vsnprintf(buf, sizeof(buf), fmt, ap);
++ 	va_end(ap);
++
++-	return ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, buf);
+++	return ast_devstate_changed_literal(AST_DEVICE_UNKNOWN, AST_DEVSTATE_CACHABLE, buf);
++ }
++
++ /*! \brief Go through the dev state change queue and update changes in the dev state thread */
++@@ -544,7 +552,7 @@ static void *do_devstate_changes(void *d
++ 		/* Process each state change */
++ 		while ((current = next)) {
++ 			next = AST_LIST_NEXT(current, list);
++-			do_state_change(current->device);
+++			do_state_change(current->device, current->cachable);
++ 			ast_free(current);
++ 		}
++ 	}
++@@ -588,7 +596,7 @@ static void devstate_cache_cb(const stru
++ 	collection->num_states++;
++ }
++
++-static void process_collection(const char *device, struct change_collection *collection)
+++static void process_collection(const char *device, enum ast_devstate_cache cachable, struct change_collection *collection)
++ {
++ 	int i;
++ 	struct ast_devstate_aggregate agg;
++@@ -639,7 +647,11 @@ static void process_collection(const cha
++ 		return;
++ 	}
++
++-	ast_event_queue_and_cache(event);
+++	if (cachable) {
+++		ast_event_queue_and_cache(event);
+++	} else {
+++		ast_event_queue(event);
+++	}
++ }
++
++ static void handle_devstate_change(struct devstate_change *sc)
++@@ -665,7 +677,7 @@ static void handle_devstate_change(struc
++ 	/* Populate the collection of device states from the cache */
++ 	ast_event_dump_cache(tmp_sub);
++
++-	process_collection(sc->device, &collection);
+++	process_collection(sc->device, sc->cachable, &collection);
++
++ 	ast_event_sub_destroy(tmp_sub);
++ }
++@@ -694,10 +706,12 @@ static void devstate_change_collector_cb
++ 	const char *device;
++ 	const struct ast_eid *eid;
++ 	uint32_t state;
+++	enum ast_devstate_cache cachable = AST_DEVSTATE_CACHABLE;
++
++ 	device = ast_event_get_ie_str(event, AST_EVENT_IE_DEVICE);
++ 	eid = ast_event_get_ie_raw(event, AST_EVENT_IE_EID);
++ 	state = ast_event_get_ie_uint(event, AST_EVENT_IE_STATE);
+++	cachable = ast_event_get_ie_uint(event, AST_EVENT_IE_CACHABLE);
++
++ 	if (ast_strlen_zero(device) || !eid) {
++ 		ast_log(LOG_ERROR, "Invalid device state change event received\n");
++@@ -710,6 +724,7 @@ static void devstate_change_collector_cb
++ 	strcpy(sc->device, device);
++ 	sc->eid = *eid;
++ 	sc->state = state;
+++	sc->cachable = cachable;
++
++ 	ast_mutex_lock(&devstate_collector.lock);
++ 	AST_LIST_INSERT_TAIL(&devstate_collector.devstate_change_q, sc, entry);
++--- a/main/event.c
+++++ b/main/event.c
++@@ -264,6 +264,7 @@ static const struct ie_map {
++ 	[AST_EVENT_IE_CHALLENGE]           = { AST_EVENT_IE_PLTYPE_STR,  "Challenge" },
++ 	[AST_EVENT_IE_RESPONSE]            = { AST_EVENT_IE_PLTYPE_STR,  "Response" },
++ 	[AST_EVENT_IE_EXPECTED_RESPONSE]   = { AST_EVENT_IE_PLTYPE_STR,  "ExpectedResponse" },
+++	[AST_EVENT_IE_CACHABLE]            = { AST_EVENT_IE_PLTYPE_UINT,  "Cachable" },
++ };
++
++ const char *ast_event_get_type_name(const struct ast_event *event)
++--- a/main/features.c
+++++ b/main/features.c
++@@ -1061,7 +1061,7 @@ static void notify_metermaids(const char
++ 	ast_debug(4, "Notification of state change to metermaids %s@%s\n to state '%s'",
++ 		exten, context, ast_devstate2str(state));
++
++-	ast_devstate_changed(state, "park:%s@%s", exten, context);
+++	ast_devstate_changed(state, AST_DEVSTATE_CACHABLE, "park:%s@%s", exten, context);
++ }
++
++ /*! \brief metermaids callback from devicestate.c */
++--- a/res/res_calendar.c
+++++ b/res/res_calendar.c
++@@ -571,9 +571,9 @@ static struct ast_calendar_event *destro
++ 	 * but haven't hit the end event yet, go ahead and set the devicestate to the current busy status */
++ 	if (event->bs_start_sched < 0 && event->bs_end_sched >= 0) {
++ 		if (!calendar_is_busy(event->owner)) {
++-			ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Calendar:%s", event->owner->name);
+++			ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Calendar:%s", event->owner->name);
++ 		} else {
++-			ast_devstate_changed(AST_DEVICE_BUSY, "Calendar:%s", event->owner->name);
+++			ast_devstate_changed(AST_DEVICE_BUSY, AST_DEVSTATE_CACHABLE, "Calendar:%s", event->owner->name);
++ 		}
++ 	}
++
++@@ -814,9 +814,9 @@ static int calendar_devstate_change(cons
++ 	/* We can have overlapping events, so ignore the event->busy_state and check busy state
++ 	 * based on all events in the calendar */
++ 	if (!calendar_is_busy(event->owner)) {
++-		ast_devstate_changed(AST_DEVICE_NOT_INUSE, "Calendar:%s", event->owner->name);
+++		ast_devstate_changed(AST_DEVICE_NOT_INUSE, AST_DEVSTATE_CACHABLE, "Calendar:%s", event->owner->name);
++ 	} else {
++-		ast_devstate_changed(AST_DEVICE_BUSY, "Calendar:%s", event->owner->name);
+++		ast_devstate_changed(AST_DEVICE_BUSY, AST_DEVSTATE_CACHABLE, "Calendar:%s", event->owner->name);
++ 	}
++
++ 	event = ast_calendar_unref_event(event);
++--- a/res/res_jabber.c
+++++ b/res/res_jabber.c
++@@ -350,7 +350,7 @@ static char *aji_cli_create_leafnode(str
++ static void aji_create_affiliations(struct aji_client *client, const char *node);
++ static iks* aji_pubsub_iq_create(struct aji_client *client, const char *type);
++ static void aji_publish_device_state(struct aji_client *client, const char * device,
++-	const char *device_state);
+++				     const char *device_state, unsigned int cachable);
++ static int aji_handle_pubsub_error(void *data, ikspak *pak);
++ static int aji_handle_pubsub_event(void *data, ikspak *pak);
++ static void aji_pubsub_subscribe(struct aji_client *client, const char *node);
++@@ -364,7 +364,7 @@ static void aji_publish_mwi(struct aji_c
++ static void aji_devstate_cb(const struct ast_event *ast_event, void *data);
++ static void aji_mwi_cb(const struct ast_event *ast_event, void *data);
++ static iks* aji_build_publish_skeleton(struct aji_client *client, const char *node,
++-	const char *event_type);
+++				       const char *event_type, unsigned int cachable);
++ /* No transports in this version */
++ /*
++ static int aji_create_transport(char *label, struct aji_client *client);
++@@ -3198,6 +3198,7 @@ static void aji_devstate_cb(const struct
++ {
++ 	const char *device;
++ 	const char *device_state;
+++	unsigned int cachable;
++ 	struct aji_client *client;
++ 	if (ast_eid_cmp(&ast_eid_default, ast_event_get_ie_raw(ast_event, AST_EVENT_IE_EID)))
++ 	{
++@@ -3209,7 +3210,8 @@ static void aji_devstate_cb(const struct
++ 	client = ASTOBJ_REF((struct aji_client *) data);
++ 	device = ast_event_get_ie_str(ast_event, AST_EVENT_IE_DEVICE);
++ 	device_state = ast_devstate_str(ast_event_get_ie_uint(ast_event, AST_EVENT_IE_STATE));
++-	aji_publish_device_state(client, device, device_state);
+++	cachable = ast_event_get_ie_uint(ast_event, AST_EVENT_IE_CACHABLE);
+++	aji_publish_device_state(client, device, device_state, cachable);
++ 	ASTOBJ_UNREF(client, ast_aji_client_destroy);
++ }
++
++@@ -3249,11 +3251,13 @@ static void aji_init_event_distribution(
++  */
++ static int aji_handle_pubsub_event(void *data, ikspak *pak)
++ {
++-	char *item_id, *device_state, *context;
+++	char *item_id, *device_state, *context, *cachable_str;
++ 	int oldmsgs, newmsgs;
++ 	iks *item, *item_content;
++ 	struct ast_eid pubsub_eid;
++ 	struct ast_event *event;
+++	unsigned int cachable = AST_DEVSTATE_CACHABLE;
+++
++ 	item = iks_find(iks_find(iks_find(pak->x, "event"), "items"), "item");
++ 	if (!item) {
++ 		ast_log(LOG_ERROR, "Could not parse incoming PubSub event\n");
++@@ -3268,11 +3272,14 @@ static int aji_handle_pubsub_event(void
++ 	}
++ 	if (!strcasecmp(iks_name(item_content), "state")) {
++ 		device_state = iks_find_cdata(item, "state");
+++		if ((cachable_str = iks_find_cdata(item, "cachable"))) {
+++			sscanf(cachable_str, "%30d", &cachable);
+++		}
++ 		if (!(event = ast_event_new(AST_EVENT_DEVICE_STATE_CHANGE,
++-			AST_EVENT_IE_DEVICE, AST_EVENT_IE_PLTYPE_STR, item_id, AST_EVENT_IE_STATE,
++-			AST_EVENT_IE_PLTYPE_UINT, ast_devstate_val(device_state), AST_EVENT_IE_EID,
++-			AST_EVENT_IE_PLTYPE_RAW, &pubsub_eid, sizeof(pubsub_eid),
++-			AST_EVENT_IE_END))) {
+++					    AST_EVENT_IE_DEVICE, AST_EVENT_IE_PLTYPE_STR, item_id, AST_EVENT_IE_STATE,
+++					    AST_EVENT_IE_PLTYPE_UINT, ast_devstate_val(device_state), AST_EVENT_IE_EID,
+++					    AST_EVENT_IE_PLTYPE_RAW, &pubsub_eid, sizeof(pubsub_eid),
+++					    AST_EVENT_IE_END))) {
++ 			return IKS_FILTER_EAT;
++ 		}
++ 	} else if (!strcasecmp(iks_name(item_content), "mailbox")) {
++@@ -3292,7 +3299,13 @@ static int aji_handle_pubsub_event(void
++ 			iks_name(item_content));
++ 		return IKS_FILTER_EAT;
++ 	}
++-	ast_event_queue_and_cache(event);
+++
+++	if (cachable == AST_DEVSTATE_CACHABLE) {
+++		ast_event_queue_and_cache(event);
+++	} else {
+++		ast_event_queue(event);
+++	}
+++
++ 	return IKS_FILTER_EAT;
++ }
++
++@@ -3367,7 +3380,7 @@ static void aji_pubsub_subscribe(struct
++  * \return iks *
++  */
++ static iks* aji_build_publish_skeleton(struct aji_client *client, const char *node,
++-	const char *event_type)
+++				       const char *event_type, unsigned int cachable)
++ {
++ 	iks *request = aji_pubsub_iq_create(client, "set");
++ 	iks *pubsub, *publish, *item;
++@@ -3381,8 +3394,24 @@ static iks* aji_build_publish_skeleton(s
++ 	}
++ 	item = iks_insert(publish, "item");
++ 	iks_insert_attrib(item, "id", node);
++-	return item;
++
+++	if (cachable == AST_DEVSTATE_NOT_CACHABLE) {
+++		iks *options, *x, *field_form_type, *field_persist;
+++
+++		options = iks_insert(pubsub, "publish-options");
+++		x = iks_insert(options, "x");
+++		iks_insert_attrib(x, "xmlns", "jabber:x:data");
+++		iks_insert_attrib(x, "type", "submit");
+++		field_form_type = iks_insert(x, "field");
+++		iks_insert_attrib(field_form_type, "var", "FORM_TYPE");
+++		iks_insert_attrib(field_form_type, "type", "hidden");
+++		iks_insert_cdata(iks_insert(field_form_type, "value"), "http://jabber.org/protocol/pubsub#publish-options", 0);
+++		field_persist = iks_insert(x, "field");
+++		iks_insert_attrib(field_persist, "var", "pubsub#persist_items");
+++		iks_insert_cdata(iks_insert(field_persist, "value"), "0", 1);
+++	}
+++
+++	return item;
++ }
++
++ /*!
++@@ -3393,11 +3422,11 @@ static iks* aji_build_publish_skeleton(s
++  * \return void
++  */
++ static void aji_publish_device_state(struct aji_client *client, const char *device,
++-	const char *device_state)
+++				     const char *device_state, unsigned int cachable)
++ {
++-	iks *request = aji_build_publish_skeleton(client, device, "device_state");
+++	iks *request = aji_build_publish_skeleton(client, device, "device_state", cachable);
++ 	iks *state;
++-	char eid_str[20];
+++	char eid_str[20], cachable_str[2];
++ 	if (ast_test_flag(&pubsubflags, AJI_PUBSUB_AUTOCREATE)) {
++ 		if (ast_test_flag(&pubsubflags, AJI_XEP0248)) {
++ 			aji_create_pubsub_node(client, "leaf", device, "device_state");
++@@ -3409,6 +3438,8 @@ static void aji_publish_device_state(str
++ 	state = iks_insert(request, "state");
++ 	iks_insert_attrib(state, "xmlns", "http://asterisk.org");
++ 	iks_insert_attrib(state, "eid", eid_str);
+++	snprintf(cachable_str, sizeof(cachable_str), "%u", cachable);
+++	iks_insert_attrib(state, "cachable", cachable_str);
++ 	iks_insert_cdata(state, device_state, strlen(device_state));
++ 	ast_aji_send(client, iks_root(request));
++ 	iks_delete(request);
++@@ -3428,7 +3459,7 @@ static void aji_publish_mwi(struct aji_c
++ 	char eid_str[20];
++ 	iks *mailbox_node, *request;
++ 	snprintf(full_mailbox, sizeof(full_mailbox), "%s@%s", mailbox, context);
++-	request = aji_build_publish_skeleton(client, full_mailbox, "message_waiting");
+++	request = aji_build_publish_skeleton(client, full_mailbox, "message_waiting", 1);
++ 	ast_eid_to_str(eid_str, sizeof(eid_str), &ast_eid_default);
++ 	mailbox_node = iks_insert(request, "mailbox");
++ 	iks_insert_attrib(mailbox_node, "xmlns", "http://asterisk.org");
 === added file 'debian/patches/AST-2013-002'
 --- debian/patches/AST-2013-002	1970-01-01 00:00:00 +0000
 +++ debian/patches/AST-2013-002	2013-07-28 21:58:23 +0000
@@ -0,0 +1,55 @@
++From: Matthew Jordan <mjordan@digium.com>
++Date: Wed, 27 Mar 2013 14:35:11 +0000
++Subject: AST-2013-002: Prevent denial of service in HTTP server
++Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=383976
++Bug: https://issues.asterisk.org/jira/browse/ASTERISK-20967
++CVE: CVE-2013-2686
++
++AST-2012-014, fixed in January of this year, contained a fix for Asterisk's
++HTTP server for a remotely-triggered crash. While the fix put in place fixed
++the possibility for the crash to be triggered, a denial of service vector still
++exists with that solution if an attacker sends one or more HTTP POST requests
++with very large Content-Length values. This patch resolves this by capping
++the Content-Length at 1024 bytes. Any attempt to send an HTTP POST with
++Content-Length greater than this cap will not result in any memory allocation.
++The POST will be responded to with an HTTP 413 "Request Entity Too Large"
++response.
++
++This issue was reported by Christoph Hebeisen of TELUS Security Labs
++
++See Also: http://downloads.asterisk.org/pub/security/AST-2013-002.html
++
++---
++ main/http.c |    9 +++++++++
++ 1 file changed, 9 insertions(+)
++
++diff --git a/main/http.c b/main/http.c
++index 1b5f2b6..4b73acb 100644
++--- a/main/http.c
+++++ b/main/http.c
++@@ -612,6 +612,8 @@ static void http_decode(char *s)
++ 	ast_uri_decode(s);
++ }
++
+++#define MAX_POST_CONTENT 1025
+++
++ /*
++  * get post variables from client Request Entity-Body, if content type is
++  * application/x-www-form-urlencoded
++@@ -644,6 +646,13 @@ struct ast_variable *ast_http_get_post_vars(
++ 		return NULL;
++ 	}
++
+++	if (content_length > MAX_POST_CONTENT - 1) {
+++		ast_log(LOG_WARNING, "Excessively long HTTP content. %d is greater than our max of %d\n",
+++				content_length, MAX_POST_CONTENT);
+++		ast_http_send(ser, AST_HTTP_POST, 413, "Request Entity Too Large", NULL, NULL, 0, 0);
+++		return NULL;
+++	}
+++
++ 	buf = ast_malloc(content_length + 1);
++ 	if (!buf) {
++ 		return NULL;
++--
++1.7.10.4
++
 === added file 'debian/patches/AST-2013-003'
 --- debian/patches/AST-2013-003	1970-01-01 00:00:00 +0000
 +++ debian/patches/AST-2013-003	2013-07-28 21:58:23 +0000
@@ -0,0 +1,370 @@
++From: Matthew Jordan <mjordan@digium.com>
++Date: Wed, 27 Mar 2013 14:53:13 +0000
++Subject: AST-2013-003: Prevent username disclosure in SIP channel driver
++Bug: https://issues.asterisk.org/jira/browse/ASTERISK-21013
++Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=383981
++CVE: CVE-2013-2264
++
++When authenticating a SIP request with alwaysauthreject enabled, allowguest
++disabled, and autocreatepeer disabled, Asterisk discloses whether a user
++exists for INVITE, SUBSCRIBE, and REGISTER transactions in multiple ways. The
++information is disclosed when:
++ * A "407 Proxy Authentication Required" response is sent instead of a
++   "401 Unauthorized" response
++ * The presence or absence of additional tags occurs at the end of "403
++   Forbidden" (such as "(Bad Auth)")
++ * A "401 Unauthorized" response is sent instead of "403 Forbidden" response
++   after a retransmission
++ * Retransmission are sent when a matching peer did not exist, but not when a
++   matching peer did exist.
++
++This patch resolves these various vectors by ensuring that the responses sent
++in all scenarios is the same, regardless of the presence of a matching peer.
++
++This issue was reported by Walter Doekes, OSSO B.V. A substantial portion of
++the testing and the solution to this problem was done by Walter as well - a
++huge thanks to his tireless efforts in finding all the ways in which this
++setting didn't work, providing automated tests, and working with Kinsey on
++getting this fixed.
++
++Patch slightly adapted due to irrelevant changes in r367362.
++
++See Also: http://downloads.asterisk.org/pub/security/AST-2013-003.html
++
++---
++ channels/chan_sip.c        |  128 ++++++++++++++++++++++++++++----------------
++ channels/sip/include/sip.h |    1 -
++ 2 files changed, 83 insertions(+), 46 deletions(-)
++
++--- a/channels/chan_sip.c
+++++ b/channels/chan_sip.c
++@@ -1110,6 +1110,11 @@ static struct ao2_container *threadt;
++ static struct ao2_container *peers;
++ static struct ao2_container *peers_by_ip;
++
+++/*! \brief  A bogus peer, to be used when authentication should fail */
+++static struct sip_peer *bogus_peer;
+++/*! \brief  We can recognise the bogus peer by this invalid MD5 hash */
+++#define BOGUS_PEER_MD5SECRET "intentionally_invalid_md5_string"
+++
++ /*! \brief  The register list: Other SIP proxies we register with and receive calls from */
++ static struct ast_register_list {
++ 	ASTOBJ_CONTAINER_COMPONENTS(struct sip_registry);
++@@ -1250,7 +1255,7 @@ static int transmit_response_with_unsupp
++ static int transmit_response_with_auth(struct sip_pvt *p, const char *msg, const struct sip_request *req, const char *rand, enum xmittype reliable, const char *header, int stale);
++ static int transmit_provisional_response(struct sip_pvt *p, const char *msg, const struct sip_request *req, int with_sdp);
++ static int transmit_response_with_allow(struct sip_pvt *p, const char *msg, const struct sip_request *req, enum xmittype reliable);
++-static void transmit_fake_auth_response(struct sip_pvt *p, int sipmethod, struct sip_request *req, enum xmittype reliable);
+++static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable);
++ static int transmit_request(struct sip_pvt *p, int sipmethod, uint32_t seqno, enum xmittype reliable, int newbranch);
++ static int transmit_request_with_auth(struct sip_pvt *p, int sipmethod, uint32_t seqno, enum xmittype reliable, int newbranch);
++ static int transmit_publish(struct sip_epa_entry *epa_entry, enum sip_publish_type publish_type, const char * const explicit_uri);
++@@ -14621,6 +14626,7 @@ static enum check_auth_result check_auth
++ 	char a1_hash[256];
++ 	char resp_hash[256]="";
++ 	char *c;
+++	int is_bogus_peer = 0;
++ 	int  wrongnonce = FALSE;
++ 	int  good_response;
++ 	const char *usednonce = p->randdata;
++@@ -14715,8 +14721,14 @@ static enum check_auth_result check_auth
++ 		}
++ 	}
++
+++	/* We cannot rely on the bogus_peer having a bad md5 value. Someone could
+++	 * use it to construct valid auth. */
+++	if (md5secret && strcmp(md5secret, BOGUS_PEER_MD5SECRET) == 0) {
+++		is_bogus_peer = 1;
+++	}
+++
++ 	/* Verify that digest username matches  the username we auth as */
++-	if (strcmp(username, keys[K_USER].s)) {
+++	if (strcmp(username, keys[K_USER].s) && !is_bogus_peer) {
++ 		ast_log(LOG_WARNING, "username mismatch, have <%s>, digest has <%s>\n",
++ 			username, keys[K_USER].s);
++ 		/* Oops, we're trying something here */
++@@ -14755,7 +14767,8 @@ static enum check_auth_result check_auth
++ 	}
++
++ 	good_response = keys[K_RESP].s &&
++-			!strncasecmp(keys[K_RESP].s, resp_hash, strlen(resp_hash));
+++			!strncasecmp(keys[K_RESP].s, resp_hash, strlen(resp_hash)) &&
+++			!is_bogus_peer; /* lastly, check that the peer isn't the fake peer */
++ 	if (wrongnonce) {
++ 		if (good_response) {
++ 			if (sipdebug)
++@@ -14899,7 +14912,7 @@ static int cb_extensionstate(char *conte
++ /*! \brief Send a fake 401 Unauthorized response when the administrator
++   wants to hide the names of local devices  from fishers
++  */
++-static void transmit_fake_auth_response(struct sip_pvt *p, int sipmethod, struct sip_request *req, enum xmittype reliable)
+++static void transmit_fake_auth_response(struct sip_pvt *p, struct sip_request *req, enum xmittype reliable)
++ {
++ 	/* We have to emulate EXACTLY what we'd get with a good peer
++ 	 * and a bad password, or else we leak information. */
++@@ -14938,13 +14951,13 @@ static void transmit_fake_auth_response(
++ 	}
++
++ 	if (!(buf = ast_str_thread_get(&check_auth_buf, CHECK_AUTH_BUF_INITLEN))) {
++-		transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+++		__transmit_response(p, "403 Forbidden", &p->initreq, reliable);
++ 		return;
++ 	}
++
++ 	/* Make a copy of the response and parse it */
++ 	if (ast_str_set(&buf, 0, "%s", authtoken) == AST_DYNSTR_BUILD_FAILED) {
++-		transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+++		__transmit_response(p, "403 Forbidden", &p->initreq, reliable);
++ 		return;
++ 	}
++
++@@ -14982,7 +14995,7 @@ static void transmit_fake_auth_response(
++ 		/* Schedule auto destroy in 32 seconds */
++ 		sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
++ 	} else {
++-		transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+++		__transmit_response(p, "403 Forbidden", &p->initreq, reliable);
++ 	}
++ }
++
++@@ -15077,7 +15090,7 @@ static enum check_auth_result register_v
++ 	if (!AST_LIST_EMPTY(&domain_list)) {
++ 		if (!check_sip_domain(domain, NULL, 0)) {
++ 			if (sip_cfg.alwaysauthreject) {
++-				transmit_fake_auth_response(p, SIP_REGISTER, &p->initreq, XMIT_UNRELIABLE);
+++				transmit_fake_auth_response(p, &p->initreq, XMIT_UNRELIABLE);
++ 			} else {
++ 				transmit_response(p, "404 Not found (unknown domain)", &p->initreq);
++ 			}
++@@ -15104,6 +15117,13 @@ static enum check_auth_result register_v
++ 	}
++ 	peer = find_peer(name, NULL, TRUE, FINDPEERS, FALSE, 0);
++
+++	/* If we don't want username disclosure, use the bogus_peer when a user
+++	 * is not found. */
+++	if (!peer && sip_cfg.alwaysauthreject && !sip_cfg.autocreatepeer) {
+++		peer = bogus_peer;
+++		ref_peer(peer, "register_verify: ref the bogus_peer");
+++	}
+++
++ 	if (!(peer && ast_apply_ha(peer->ha, addr))) {
++ 		/* Peer fails ACL check */
++ 		if (peer) {
++@@ -15183,7 +15203,7 @@ static enum check_auth_result register_v
++ 			switch (parse_register_contact(p, peer, req)) {
++ 			case PARSE_REGISTER_DENIED:
++ 				ast_log(LOG_WARNING, "Registration denied because of contact ACL\n");
++-				transmit_response_with_date(p, "403 Forbidden (ACL)", req);
+++				transmit_response_with_date(p, "403 Forbidden", req);
++ 				peer->lastmsgssent = -1;
++ 				res = 0;
++ 				break;
++@@ -15218,7 +15238,7 @@ static enum check_auth_result register_v
++ 		switch (res) {
++ 		case AUTH_SECRET_FAILED:
++ 			/* Wrong password in authentication. Go away, don't try again until you fixed it */
++-			transmit_response(p, "403 Forbidden (Bad auth)", &p->initreq);
+++			transmit_response(p, "403 Forbidden", &p->initreq);
++ 			if (global_authfailureevents) {
++ 				const char *peer_addr = ast_strdupa(ast_sockaddr_stringify_addr(addr));
++ 				const char *peer_port = ast_strdupa(ast_sockaddr_stringify_port(addr));
++@@ -15241,7 +15261,7 @@ static enum check_auth_result register_v
++ 		case AUTH_PEER_NOT_DYNAMIC:
++ 		case AUTH_ACL_FAILED:
++ 			if (sip_cfg.alwaysauthreject) {
++-				transmit_fake_auth_response(p, SIP_REGISTER, &p->initreq, XMIT_UNRELIABLE);
+++				transmit_fake_auth_response(p, &p->initreq, XMIT_UNRELIABLE);
++ 				if (global_authfailureevents) {
++ 					const char *peer_addr = ast_strdupa(ast_sockaddr_stringify_addr(addr));
++ 					const char *peer_port = ast_strdupa(ast_sockaddr_stringify_port(addr));
++@@ -16242,7 +16262,19 @@ static enum check_auth_result check_peer
++ 			ast_verbose("No matching peer for '%s' from '%s'\n",
++ 				of, ast_sockaddr_stringify(&p->recv));
++ 		}
++-		return AUTH_DONT_KNOW;
+++
+++		/* If you don't mind, we can return 404s for devices that do
+++		 * not exist: username disclosure. If we allow guests, there
+++		 * is no way around that. */
+++		if (sip_cfg.allowguest || !sip_cfg.alwaysauthreject) {
+++			return AUTH_DONT_KNOW;
+++		}
+++
+++		/* If you do mind, we use a peer that will never authenticate.
+++		 * This ensures that we follow the same code path as regular
+++		 * auth: less chance for username disclosure. */
+++		peer = bogus_peer;
+++		ref_peer(peer, "ref_peer: check_peer_ok: must ref bogus_peer so unreffing it does not fail");
++ 	}
++
++ 	if (!ast_apply_ha(peer->ha, addr)) {
++@@ -16250,9 +16282,10 @@ static enum check_auth_result check_peer
++ 		unref_peer(peer, "unref_peer: check_peer_ok: from find_peer call, early return of AUTH_ACL_FAILED");
++ 		return AUTH_ACL_FAILED;
++ 	}
++-	if (debug)
+++	if (debug && peer != bogus_peer) {
++ 		ast_verbose("Found peer '%s' for '%s' from %s\n",
++ 			peer->name, of, ast_sockaddr_stringify(&p->recv));
+++	}
++
++ 	/* XXX what about p->prefs = peer->prefs; ? */
++ 	/* Set Frame packetization */
++@@ -16517,8 +16550,6 @@ static enum check_auth_result check_user
++ 		} else {
++ 			res = AUTH_RTP_FAILED;
++ 		}
++-	} else if (sip_cfg.alwaysauthreject) {
++-		res = AUTH_FAKE_AUTH; /* reject with fake authorization request */
++ 	} else {
++ 		res = AUTH_SECRET_FAILED; /* we don't want any guests, authentication will fail */
++ 	}
++@@ -22225,13 +22256,8 @@ static int handle_request_options(struct
++ 			return 0;
++ 		}
++ 		if (res < 0) { /* Something failed in authentication */
++-			if (res == AUTH_FAKE_AUTH) {
++-				ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", get_header(req, "From"));
++-				transmit_fake_auth_response(p, SIP_OPTIONS, req, XMIT_UNRELIABLE);
++-			} else {
++-				ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
++-				transmit_response(p, "403 Forbidden", req);
++-			}
+++			ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
+++			transmit_response(p, "403 Forbidden", req);
++ 			sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
++ 			return 0;
++ 		}
++@@ -22896,13 +22922,8 @@ static int handle_request_invite(struct
++ 			goto request_invite_cleanup;
++ 		}
++ 		if (res < 0) { /* Something failed in authentication */
++-			if (res == AUTH_FAKE_AUTH) {
++-				ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", get_header(req, "From"));
++-				transmit_fake_auth_response(p, SIP_INVITE, req, XMIT_RELIABLE);
++-			} else {
++-				ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
++-				transmit_response_reliable(p, "403 Forbidden", req);
++-			}
+++			ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
+++			transmit_response_reliable(p, "403 Forbidden", req);
++ 			p->invitestate = INV_COMPLETED;
++ 			sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
++ 			res = 0;
++@@ -24712,18 +24733,13 @@ static int handle_request_publish(struct
++ 		return -1;
++ 	}
++
++-	auth_result = check_user(p, req, SIP_PUBLISH, uri, XMIT_RELIABLE, addr);
+++	auth_result = check_user(p, req, SIP_PUBLISH, uri, XMIT_UNRELIABLE, addr);
++ 	if (auth_result == AUTH_CHALLENGE_SENT) {
++ 		p->lastinvite = seqno;
++ 		return 0;
++ 	} else if (auth_result < 0) {
++-		if (auth_result == AUTH_FAKE_AUTH) {
++-			ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", get_header(req, "From"));
++-			transmit_fake_auth_response(p, SIP_INVITE, req, XMIT_RELIABLE);
++-		} else {
++-			ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
++-			transmit_response_reliable(p, "403 Forbidden", req);
++-		}
+++		ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
+++		transmit_response(p, "403 Forbidden", req);
++ 		sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
++ 		ast_string_field_set(p, theirtag, NULL);
++ 		return 0;
++@@ -24938,19 +24954,14 @@ static int handle_request_subscribe(stru
++ 	 * use if !req->ignore, because then we'll end up sending
++ 	 * a 200 OK if someone retransmits without sending auth */
++ 	if (p->subscribed == NONE || resubscribe) {
++-		res = check_user_full(p, req, SIP_SUBSCRIBE, e, 0, addr, &authpeer);
+++		res = check_user_full(p, req, SIP_SUBSCRIBE, e, XMIT_UNRELIABLE, addr, &authpeer);
++
++ 		/* if an authentication response was sent, we are done here */
++ 		if (res == AUTH_CHALLENGE_SENT)	/* authpeer = NULL here */
++ 			return 0;
++ 		if (res != AUTH_SUCCESSFUL) {
++-			if (res == AUTH_FAKE_AUTH) {
++-				ast_log(LOG_NOTICE, "Sending fake auth rejection for device %s\n", get_header(req, "From"));
++-				transmit_fake_auth_response(p, SIP_SUBSCRIBE, req, XMIT_UNRELIABLE);
++-			} else {
++-				ast_log(LOG_NOTICE, "Failed to authenticate device %s for SUBSCRIBE\n", get_header(req, "From"));
++-				transmit_response_reliable(p, "403 Forbidden", req);
++-			}
+++			ast_log(LOG_NOTICE, "Failed to authenticate device %s\n", get_header(req, "From"));
+++			transmit_response(p, "403 Forbidden", req);
++
++ 			pvt_set_needdestroy(p, "authentication failed");
++ 			return 0;
++@@ -29988,6 +29999,7 @@ static int sip_do_reload(enum channelrel
++ /*! \brief Force reload of module from cli */
++ static char *sip_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
++ {
+++	static struct sip_peer *tmp_peer, *new_peer;
++
++ 	switch (cmd) {
++ 	case CLI_INIT:
++@@ -30010,6 +30022,18 @@ static char *sip_reload(struct ast_cli_e
++ 	ast_mutex_unlock(&sip_reload_lock);
++ 	restart_monitor();
++
+++	tmp_peer = bogus_peer;
+++	/* Create new bogus peer possibly with new global settings. */
+++	if ((new_peer = temp_peer("(bogus_peer)"))) {
+++		ast_string_field_set(new_peer, md5secret, BOGUS_PEER_MD5SECRET);
+++		ast_clear_flag(&new_peer->flags[0], SIP_INSECURE);
+++		bogus_peer = new_peer;
+++		ao2_t_ref(tmp_peer, -1, "unref the old bogus_peer during reload");
+++	} else {
+++		ast_log(LOG_ERROR, "Could not update the fake authentication peer.\n");
+++		/* You probably have bigger (memory?) issues to worry about though.. */
+++	}
+++
++ 	return CLI_SUCCESS;
++ }
++
++@@ -31130,6 +31154,17 @@ static int load_module(void)
++ 		return AST_MODULE_LOAD_DECLINE;
++ 	}
++
+++	/* Initialize bogus peer. Can be done first after reload_config() */
+++	if (!(bogus_peer = temp_peer("(bogus_peer)"))) {
+++		ast_log(LOG_ERROR, "Unable to create bogus_peer for authentication\n");
+++		io_context_destroy(io);
+++		sched_context_destroy(sched);
+++		return AST_MODULE_LOAD_FAILURE;
+++	}
+++	/* Make sure the auth will always fail. */
+++	ast_string_field_set(bogus_peer, md5secret, BOGUS_PEER_MD5SECRET);
+++	ast_clear_flag(&bogus_peer->flags[0], SIP_INSECURE);
+++
++ 	/* Prepare the version that does not require DTMF BEGIN frames.
++ 	 * We need to use tricks such as memcpy and casts because the variable
++ 	 * has const fields.
++@@ -31140,6 +31175,7 @@ static int load_module(void)
++ 	/* Make sure we can register our sip channel type */
++ 	if (ast_channel_register(&sip_tech)) {
++ 		ast_log(LOG_ERROR, "Unable to register channel type 'SIP'\n");
+++		ao2_t_ref(bogus_peer, -1, "unref the bogus_peer");
++ 		io_context_destroy(io);
++ 		sched_context_destroy(sched);
++ 		return AST_MODULE_LOAD_FAILURE;
++@@ -31378,6 +31414,8 @@ static int unload_module(void)
++ 		ast_debug(2, "TCP/TLS thread container did not become empty :(\n");
++ 	}
++
+++	ao2_t_ref(bogus_peer, -1, "unref the bogus_peer");
+++
++ 	ao2_t_ref(peers, -1, "unref the peers table");
++ 	ao2_t_ref(peers_by_ip, -1, "unref the peers_by_ip table");
++ 	ao2_t_ref(dialogs, -1, "unref the dialogs table");
++--- a/channels/sip/include/sip.h
+++++ b/channels/sip/include/sip.h
++@@ -470,7 +470,6 @@ enum check_auth_result {
++ 	AUTH_SECRET_FAILED = -1,
++ 	AUTH_USERNAME_MISMATCH = -2,
++ 	AUTH_NOT_FOUND = -3,	/*!< returned by register_verify */
++-	AUTH_FAKE_AUTH = -4,
++ 	AUTH_UNKNOWN_DOMAIN = -5,
++ 	AUTH_PEER_NOT_DYNAMIC = -6,
++ 	AUTH_ACL_FAILED = -7,
 === modified file 'debian/patches/armhf-fixes'
 --- debian/patches/armhf-fixes	2012-04-24 22:15:54 +0000
 +++ debian/patches/armhf-fixes	2013-07-28 21:58:23 +0000
@@ -1,6 +1,5 @@
  Author: Adam Conrad <adconrad@ubuntu.com>
--
--Fix a few places where armhf is misdetected.
++Description: Fix a few places where armhf is misdetected. Flatten linux-gnueabihf in configure to linux-gnu, in the same way that's already done for linux-gnueabi.
  --- x/configure.ac	2012-01-12 08:24:38.000000000 -0700
  +++ x/configure.ac	2012-01-12 08:59:45.647736713 -0700
 === added file 'debian/patches/bluetooth_bind'
 --- debian/patches/bluetooth_bind	1970-01-01 00:00:00 +0000
 +++ debian/patches/bluetooth_bind	2013-07-28 21:58:23 +0000
@@ -0,0 +1,30 @@
++From: Matthew Jordan <mjordan@digium.com>
++Date: Thu, 17 Jan 2013 02:28:31 +0000
++Subject: Fix issue where chan_mobile fails to bind to first available port
++Bug: https://issues.asterisk.org/jira/browse/ASTERISK-16357
++Origin: http://svnview.digium.com/svn/asterisk?view=rev&rev=379342
++
++Per the bluez API, in order to bind to the first available port, the rc_channel
++field of the socket addressing structure used to bind the socket should be set
++to 0. Previously, Asterisk had set the rc_channel field set to 1, causing it
++to connect to whatever happens to be on port 1.
++
++We could probably not explicitly set rc_channel to 0 since we memset the struct
++earlier, but explicitly setting it will hopefully prevent someone from coming
++in and setting it to some explicit port in the future.
++
++---
++ addons/chan_mobile.c |    2 +-
++ 1 file changed, 1 insertion(+), 1 deletion(-)
++
++--- a/addons/chan_mobile.c
+++++ b/addons/chan_mobile.c
++@@ -1370,7 +1370,7 @@ static int rfcomm_connect(bdaddr_t src,
++ 	memset(&addr, 0, sizeof(addr));
++ 	addr.rc_family = AF_BLUETOOTH;
++ 	bacpy(&addr.rc_bdaddr, &src);
++-	addr.rc_channel = (uint8_t) 1;
+++	addr.rc_channel = (uint8_t) 0;
++ 	if (bind(s, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
++ 		ast_debug(1, "bind() failed (%d).\n", errno);
++ 		close(s);
 === modified file 'debian/patches/series'
 --- debian/patches/series	2012-09-08 12:38:06 +0000
 +++ debian/patches/series	2013-07-28 21:58:23 +0000
@@ -29,3 +29,8 @@
  AST-2012-012
  AST-2012-013
++AST-2012-014
++AST-2012-015
++AST-2013-002
++AST-2013-003
++bluetooth_bind

Ubuntuasterisk package

Merge lp:~ari-tczew/ubuntu/saucy/asterisk/lp-1205644 into lp:ubuntu/saucy/asterisk

Commit message

Description of the change

Preview Diff

Subscribers

Ubuntu
asterisk package