=========================== Release 4.0.0-beta ============================== 2026-04-22 Liviu Chircu * [11871c7449] : Bump version to 4.0.0-beta 2026-04-22 Liviu Chircu * [a97d8b35d1] : Merge branch 'mr/feature-redis-unix-socket-lazy' of github.com:NormB/opensips into NormB-mr/feature-redis-unix-socket-lazy 2026-04-22 Liviu Chircu * [624ef5b611] : Merge branch 'mr/feature-redis-cluster-management' of github.com:NormB/opensips into NormB-mr/feature-redis-cluster-management 2026-04-22 Bogdan-Andrei Iancu * [2b88be443f] : [opentelemetry] added proc_profiling modparam to enable PROC profiling too 2026-04-22 Bogdan-Andrei Iancu * [cc32efbec2] : [profiling] removed agressive debugging log To be used for devel only 2026-04-22 Liviu Chircu * [6ff699d26b] : Merge branch 'mr/fix-redis-cluster-safety' of github.com:NormB/opensips into NormB-mr/fix-redis-cluster-safety 2026-04-22 rdondeti * [1444c40a7d] : cachedb_redis: add ASK redirect handling for cluster resharding Add support for Redis ASK redirects during cluster resharding. When a slot is being migrated between nodes, Redis returns an ASK response instead of MOVED. Unlike MOVED (permanent redirect), ASK is a one-time redirect that requires sending the ASKING command to the target node before retrying the original query. The implementation: - Detects ASK responses alongside existing MOVED handling - Sends ASKING command to the target node before retrying - Reuses the MOVED redirect infrastructure (endpoint lookup, reconnection, retry logic) Also refactor parse_moved_reply() into parse_redirect_reply() that accepts the prefix as a parameter, with inline wrappers parse_moved_reply() and parse_ask_reply() for backward compatibility. Partially addresses #2811 2026-04-22 Bogdan Andrei IANCU * [61ff46b005] : Merge pull request #3867 from wlp2s0/fix/drouting-weight-zero-random-selection drouting: fix random GW selection when all weights are zero 2026-04-22 Norm Brandinger * [f1fc0aa406] : cachedb_redis: add Redis cluster hash tag support to redisHash Fix redisHash() to extract hash tags per the Redis cluster spec and use the spec-mandated CRC16(key) mod 16384 bitmask. 2026-04-22 Razvan Crainea * [e7d09a1933] : mi: create new tcp class for listing and terminating 2026-04-22 Razvan Crainea * [7194f2fbf4] : net: list_tcp_conns dump TLS metadata Close #3677 2026-04-22 Razvan Crainea * [3002f77e8b] : tls: cache some TLS information in shm 2026-04-22 Razvan Crainea * [e8e1877e91] : net: list_tcp_conns add proto filter 2026-04-21 Ross Henderson * [93680756b8] : tls_mgm: Don't require certificate for TLS clients (cherry picked from commit bf9f69f97a7629a078a01d9d14a26f100077daf8) 2026-04-21 Liviu Chircu * [3610069c06] : Add new "tcp_close_connection" script/MI function Takes either an "[proto:]ip:port" or a "tcp_conn_id" as 1st argument. If the protocol part is missing (e.g. only ip:port is supplied), all TCP protocols will be tried in order and have their connections matched, until a match is found. On a match, the function will proceed to force-close the respective connection, with no additional errors printed to the OpenSIPS log. 2026-04-21 Liviu Chircu * [ad88fda211] : tls_mgm: Fix crash during OpenSIPS shutdown 2026-04-21 Liviu Chircu * [a26565db25] : TCP: Fix occasional deadlock during a restart 2026-04-21 Bogdan-Andrei Iancu * [f4a32883ae] : [profiling] fix merge issue around new TCP code 2026-04-21 Bogdan-Andrei Iancu * [678d926925] : Merge remote-tracking branch 'origin/feature/proc_profiling' 2026-04-21 Norm Brandinger * [c01a8d7105] : dialog: support $DLG_dir in onreply_route via From-tag matching (#3817) When $DLG_dir is used in onreply_route, get_dlg_direction() returns DLG_DIR_NONE because ctx_lastdstleg is uninitialized in the reply processing context (it is only set after onreply_route completes, in the TMCB_RESPONSE_FWDED callback). Fall back to matching the reply's From-tag against the dialog's leg tags to determine direction: - From-tag matches caller leg → upstream (reply to caller) - From-tag matches callee leg → downstream (reply to callee) All pointer dereferences are guarded against NULL to prevent any possibility of segfault on malformed or incomplete state. Fixes: https://github.com/OpenSIPS/opensips/issues/2132 2026-04-21 Bogdan-Andrei Iancu * [798290461c] : [profiling] added verbosity levels for profiling Also added extra_proc profiling (like mi_fifo, mi_datagram, rtpengine, rtpproxy, httpd) 2026-04-21 Liviu Chircu * [b0e3ee9f0f] : Merge branch 'feature/bw-sca-inbound' 2026-04-21 Liviu Chircu * [620b7223bf] : presence_callinfo: Fix possible crash on shutdown ... in case "tm" happened to destroy after us and still run its callback. Also locked the module ordering, to avoid future issues. (cherry picked from commit fe4b252d64353da8642024dc43af7c87933fbb0d) 2026-04-21 Liviu Chircu * [97cbd24ce9] : SCA: Fix issues with parsing Call-Info in SHM msg (cherry picked from commit e44b9268c7cdcd31aa2515849f476c6ffa4e4c41) 2026-04-21 Liviu Chircu * [ea3c1f47cd] : SCA: Add "held" advertising (cherry picked from commit cc69644be1fa4fba6451ef6c34533628a9ee0169) 2026-04-21 Liviu Chircu * [abc6191dd9] : presence_callinfo: Fix crash edge-case on dlgcb (cherry picked from commit 994520b7f72bcff77b90419ebc83380fe6c953f7) 2026-04-21 Liviu Chircu * [18f9cab8f5] : presence_callinfo: Add new SCA checking function The sca_engage() already contained these caller-side checks, but it's better to only have the checks as a separate function, leading to safer cfg scripts. (cherry picked from commit 697dd94ef886de7dd0c007c53c5ad8a4fb701e4d) 2026-04-21 Liviu Chircu * [3595af488d] : presence_callinfo: Several fixes/improvements (cherry picked from commit 9eb8aa218452c484b0f63f9f0dcd5ea10afa8930) 2026-04-21 Liviu Chircu * [283b529ca7] : presence_callinfo: Add support for inbound SCA call flows The existing support only focused on outbound SCA, with line seizing, strict checks, etc. But when a SCA line is dialed, per-branch control is needed in order to read the Call-Info indexes from the 180/200 replies, or to avoid publishing "call-info" notifications on subsequent branches (e.g. resulted from serial forking). https://pubhub.devnetcloud.com/media/broadsoft-docs/docs/pdf/BW-SharedCallAppearanceInterfaceSpec-R230.pdf PAGE 55 OF 110 (cherry picked from commit 42fc12eee191cfc61a355fa231ab4d5cf2447e90) 2026-04-21 Razvan Crainea * [d771e81df0] : b2b_logic: provide custom max_duration at bridge time Many thanks to Erhan Onur Sendag(@ErhanOnur) for reporting and providing a patch for the first version and also to Norm Brandinger (@NormB) for providing the final patch! Close #3800 2026-04-21 Ovidiu Sas * [a4984bd283] : lib/dbg: enhance opensips debug capabilites with backtrace - sometimed the file/function/line is not enough to troubleshoot - a backtrace gives more details about the code path 2026-04-20 Razvan Crainea * [8b48b3a086] : tls_wolfssl: fix older kernels that do not support AES_GCM_256 2026-04-20 Bogdan-Andrei Iancu * [46de525c93] : [profiling] added profiling support for the extra processes 2026-04-19 OpenSIPS * [8b35c891d2] : Rebuild documentation 2026-04-17 Liviu Chircu * [ce2c9642d8] : aaa_diameter: Fix possible PKG/SHM mixup across multiple threads Despite quite safe at a first glance, the following sequence is actually NOT safe to use in the modules/aaa_diameter multi-threaded codebase: cJSON_InitHooks(&shm_mem_hooks); ... perform lib/cJSON.c API operations ... cJSON_InitHooks(NULL); Example: the "diameter-peer" multi-threaded process (35 threads!) processes two dm_receive_msg() in parallel. The 1st thread resets the "shm_mem_hooks" back to PKG using the NULL argument, while the 2nd thread still assumes they are set to SHM functions, and mixes up memory. 2026-04-17 Liviu Chircu * [01489359c8] : aaa_diameter: Fix race condition with async dm_send_request() - Avoid reading the @dmsg after it has been put on the queue, as it might get freed meanwhile. * aaa_diameter: Fix race condition on pending async replies It was possible for the dm_send_request_async_tout() async timeout function to ran concurrently with a late Diameter server reply, leading to a use-after-free bug on the @cond struct. * Add refcounting to the "cond" object The SHM-stored @cond object is effectively referenced by two separate processes/threads, which run concurrently: - dm_send_request_async_tout(), the reactor async timeout callback - dm_receive_msg(), the libfdcore receiver thread(s) 2026-04-17 Liviu Chircu * [6c7d6bf0ec] : Default use_domain to 1 in domain-aware modules Switch the default use_domain setting to 1 across the main domain-aware modules and update the corresponding XML docs. While this change has a large impact surface and is fully backwards-incompatible, it has been waiting for some time now: - user location setups most often use "use_domain = 1" - the majority of opensips.cfg documentation suggests "use_domain = 1" - newcoming opensips.cfg developers usually expect "use_domain = 1" - fixes the need to sync "use_domain = 1" across multiple modules (e.g. usrloc and auth_db) 2026-04-17 Maksym Sobolyev * [c0ac5e3b2b] : Extra debug. 2026-04-17 Maksym Sobolyev * [5fb31e8759] : rtp.io: enable dialog and related modules in the CI build 2026-04-17 Maksym Sobolyev * [8fec385975] : rtpproxy: hook up notification socket into rtp.io automatically Do it when rtp.io is enabled. Start notification listener process always, turn it into dummy if rtp.io is not enabled and notification socket is not configured either. 2026-04-17 Maksym Sobolyev * [16819f4202] : rtp.io: integrate notification channel Allocate a single notification socketpair to be shared by all opensips workers, pass one side to the hosted rtpproxy process and provide API for the rtpproxy module to tap into the other end. 2026-04-17 Maksym Sobolyev * [d3731a519f] : rtpproxy: collect all notification configuration into one struct, use struct rtpp_sock to keep FD and type. 2026-04-17 Norm Brandinger * [c78b9e908b] : rtpengine: fix use-after-free of flags string in bencode dictionary (#3816) parse_flags() stores pointers into the pkg-allocated flags_nt.s buffer via bencode_str() and bencode_dictionary_add_len(), which hold references (not copies). The buffer was freed via pkg_free() before send_rtpe_command() serialized the dictionary, causing garbled output for key=value flags like media-address. Fix by deferring the free via bencode_buffer_destroy_add(), which ensures the buffer lives until bencode_buffer_free() is called after the command is sent. Fixes: https://github.com/OpenSIPS/opensips/issues/3784 2026-04-17 Razvan Crainea * [7d49a46731] : rtpproxy: move bind_local as an extra parameter to offer/answer 2026-04-17 Maksym Sobolyev * [152fd63324] : Add rtpp_bind_local support for the offer/answer/engage. (#3794) When this AVP is set, its value would be provided to the rtpproxy with "l" modifier, allowing proper address to be selected for the session. 2026-04-17 Razvan Crainea * [210225e66f] : Merge branch 'vladpaiu-wolfssl_ktls_support' 2026-04-17 Razvan Crainea * [7fbb519e8c] : tls_wolfssl: adapt to new TCP/TLS interface 2026-04-17 Norm Brandinger * [f8d4dbb654] : rtpengine: add bracket syntax for lists and dictionaries (#3818) Add support for bracket-delimited list and dictionary values in rtpengine flag strings, enabling access to ng protocol features that require nested parameters (sdp-media-remove, codec, sdp-attr). A value enclosed in [...] is parsed as a bencode list of space-separated items. If any top-level item contains "=", the value is parsed as a bencode dictionary instead. Brackets can be nested for multi-level structures such as: rtpengine_offer("codec=[transcode=[PCMA PCMU] strip=[EVS]]"); rtpengine_offer("sdp-media-remove=[video message image]"); Escape sequences (..) and (--) produce space and equals respectively, matching the rtpengine daemon convention. Parsing is done module-side into native bencode structures, compatible with all rtpengine daemon versions. Closes: https://github.com/OpenSIPS/opensips/issues/3591 Co-authored-by: Debian 2026-04-17 Norm Brandinger * [46555ae06c] : janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4) (#3840) * janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths The janus module uses cJSON_InitHooks() to route all cJSON allocations through OpenSIPS pkg_malloc. Three call sites had missing cleanup: - janus_ipc_send_request(): cJSON_Print() result was copied to shm via shm_nt_str_dup() but the pkg-allocated original was never freed. Also added a NULL check -- under pkg exhaustion cJSON_Print returns NULL and the subsequent strlen(NULL) causes a crash. - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed to janus_ipc_send_request() (which serializes it to shm) but cJSON_Delete() was never called afterward. Also added cleanup on the get_janus_connection_by_id() failure path. - janus_raise_event() and handle_janus_json_request(): added NULL checks after cJSON_Print(). Fixed missing pkg_free(full_json) on the shm_strdup() failure path in handle_janus_json_request(). Together these leak ~350 bytes of pkg memory per janus_send_request() call, leading to SIP worker pkg exhaustion and crash under sustained load. Fixes #3712 * janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4) The janus module WS client rejects any frame with FIN=0: "We do not support fragmemntation yet. Dropping..." This breaks with Janus Gateway when using indented JSON (the default) or when responses are large enough to exceed the transport frame size. Add RFC 6455 compliant fragment reassembly: - janus_ws_parse(): remove FIN=0 rejection, accept continuation frames (opcode 0x0), validate that control frames have FIN=1 (RFC 6455 5.5) - janus_ws_handle_frag(): new state machine for fragment accumulation. TEXT/BIN+FIN=0 starts accumulation, CONT+FIN=0 appends, CONT+FIN=1 delivers the reassembled message. Control frames pass through mid-fragment. Returns 0 (complete), 1 (read more), -1 (error). - janus_ws_frag_cleanup(): cleanup helper called from all error paths, CLOSE handler, reconnect, and after successful delivery. - janus_connection_read_data() and janus_connection_handler_id(): call janus_ws_handle_frag() before the opcode switch; reassembled messages use frag_buf instead of tcp.body. - janus_reconnects(): free frag_buf on connection teardown. Fragment state (frag_buf, frag_len, frag_size, frag_op) is per-connection on the con_req struct. All operations run in the single-threaded JANUS Manager reactor, so no additional locking is needed. Design choices: - 256KB reassembly limit (WS_MAX_FRAG_SIZE) for DoS protection - 2x initial alloc + doubling realloc strategy (O(log n) reallocs) - init_janus_ws_req intentionally preserves frag_* across frame resets - Parse failure on reassembled message is terminal (no retry) Tested with 100k fragmented messages (0 failures, flat pkg memory) and 30k concurrent messages across 8 producers, 6 connections, 4 workers. Fixes #3712 * janus: address review feedback on fragment handling - Remove msg_attempts reset in fragment accumulation path: conceptually wrong to signal "new message" when only a fragment was received, and the counter is not checked in the data path anyway. - Remove {} blocks around frag_ret usage: move variable declaration to function scope for clarity. 2026-04-17 Razvan Crainea * [ab967bd6f6] : event_rabbitmq: avoid double free on guest usage 2026-04-17 Norm Brandinger * [e41e4b19dd] : event_rabbitmq: fix dupl_string() NUL-inclusive len corrupting AMQP shortstr (#3834) dupl_string() incremented dst->len after NUL-terminating the unescaped string, causing .len to include the trailing NUL byte. This made amqp_basic_publish() encode exchange and routing-key shortstr fields with an extra 0x00, breaking broker routing. Remove the len++ and all downstream compensations (tls_dom_name.len--, and the - 1 adjustments in rmq_print() for address, exchange, routing key, and user). Also fix the un_escape() error path to free the already-allocated shm buffer, and fix the default-user allocation to explicitly NUL-terminate. Closes #3828 2026-04-17 Ravitez Dondeti * [180c04b029] : db_mysql: recover from ER_UNKNOWN_STMT_HANDLER (1243) (#3865) The prepared-statement execute wrapper treats MySQL error 1243 (ER_UNKNOWN_STMT_HANDLER) as a hard failure and skips the existing reconnect + re-prepare path. This surfaces in production when the backing database is replaced underneath a live client connection - for example during an AWS Aurora zero-downtime minor-version upgrade, which preserves the TCP connection but drops the server-side prepared-statement cache. The next stmt_execute returns 1243, OpenSIPS logs CRITICAL and the query fails instead of transparently recovering. Add the case to wrapper_single_mysql_stmt_execute so it funnels into the same switch_state_to_disconnected -> connect_with_retry -> re_init_statement recovery path that already handles CR_SERVER_GONE_ERROR and friends. ER_NEED_REPREPARE (1615) is intentionally not added: libmysqlclient auto-reprepare already handles that case. 1243 bypasses auto-reprepare because the server has no record of the handle at all. The companion prepare wrapper is not modified: it starts from a fresh mysql_stmt_init() handle that carries no server-side ID, so the server cannot return 1243 in response to a prepare request. Reported-by: Sasmita Panda 2026-04-17 Razvan Crainea * [355986c6c7] : b2b_logic: fix previous commit warnings 2026-04-17 Razvan Crainea * [9d0dea226d] : b2b: add support for pass-legs-upstream flag 2026-04-17 Razvan Crainea * [0af6b84480] : b2b_logic: add refer_id indication in NOTIFY messages 2026-04-17 Razvan Crainea * [b2f0c36440] : b2b: add custom_contact_header_params support 2026-04-17 Razvan Crainea * [51904c9aa0] : proto_tls: drop tls_async_handshake_timeout as no longer used 2026-04-17 Razvan Crainea * [48fd4b9945] : scripts: sync dbschema 2026-04-17 Razvan Crainea * [75ce0544b6] : net: drop parallel reads parameters 2026-04-17 Razvan Crainea * [0c878ffaff] : github: force radcli build 2026-04-17 Razvan Crainea * [368f442b51] : tls_openssl: declare n for openssl < 1.0.1 2026-04-17 Razvan Crainea * [4bf14df7fc] : tls_wolfssl: drop shared memory 2026-04-17 Razvan Crainea * [e51b8612bd] : tls_wolfssl: bump to 5.9.1 2026-04-17 Razvan Crainea * [01db8f8bbb] : tls_openssl: remove dangling mem&locks hooks 2026-04-17 Danielzt * [b61000b32e] : core: fix fd memory leak in reactor_proc_add_fd, causing too many open files (#3830) rtpproxy: Fix in timeout scenarios, leading crash due to memory leak and too many open files 2026-04-17 davidtrihy-genesys <116663213+davidtrihy-genesys at users.noreply.github dot com> * [4696cbec2a] : Compiling with DISABLE_NAGLE does not propogate tcp_proto_no and never sets TCP_NODELAY (#3859) (cherry picked from commit 1c90d5dbdfc1e3acdec0befb5106ae73db06a04e) 2026-04-17 OpenSIPS * [dff5e6c93b] : Rebuild documentation 2026-04-17 Liviu Chircu * [de76868fa3] : PN Support: Improve default handling for failed calls Avoid relying on the "fr_inv_timeout" by default in order to complete the transaction when the call is rejected (wait_for_new_branches...), as the default (120s) is quite high, and can lead to stalling INVITEs. 2026-04-17 Razvan Crainea * [f7d3fd351a] : net: drop useless check for active TCP workers 2026-04-17 Razvan Crainea * [89edb602a4] : net: turn off read head from TCP 2026-04-17 Razvan Crainea * [6ac72d787a] : net: dispatch the message to any available worker 2026-04-17 Razvan Crainea * [c574be9b42] : tls_openssl: fix misleading ident 2026-04-17 Razvan Crainea * [b6afd27ce5] : drop ssl_tweaks from all modules 2026-04-17 Razvan Crainea * [692ea1c6c2] : drop ssl_tweaks 2026-04-17 Razvan Crainea * [29d61fdac9] : net: handle shared queue for async messages 2026-04-17 Razvan Crainea * [076ee93150] : tls_mgm: expose certs info in workers 2026-04-17 Razvan Crainea * [b109ea253e] : proto_msrp: migrate module to new TCP interface 2026-04-17 Razvan Crainea * [0a491c0708] : proto_bin: migrate module to new TCP interface 2026-04-17 Razvan Crainea * [cce1a56779] : proto_smpp: migrate module to new TCP stack 2026-04-17 Razvan Crainea * [f199eccf09] : proto_hep: migrate hep to new TCP stack 2026-04-17 Razvan Crainea * [40f82fa804] : net: handle protocol parsing in the worker 2026-04-17 Razvan Crainea * [2df8a745dd] : net: handle proto_ws/wss communication 2026-04-17 Razvan Crainea * [ecd3dea95c] : net: clean connect 2026-04-17 Razvan Crainea * [c394746e62] : net: handle connect in main process 2026-04-17 Razvan Crainea * [296f496a41] : net: restore msg_max_read_timeout and cleanup dead code 2026-04-17 Razvan Crainea * [4d39ba83c1] : net: only increaase connection lifetime if write is success 2026-04-17 Razvan Crainea * [07df948690] : net: move req in thread memory 2026-04-17 Razvan Crainea * [097fbe0dd5] : net: make sure writes are never handled from workers 2026-04-17 Razvan Crainea * [40ccd35d17] : net: drop proc_id from tcp_connection 2026-04-17 Razvan Crainea * [8a9f450df2] : net: always send messages from main thread 2026-04-17 Razvan Crainea * [eb6c619e59] : net: all messages are sent as async chunks 2026-04-17 Razvan Crainea * [5e62d3837a] : refactor TCP/TLS code to have everything in a single process 2026-04-17 rdondeti * [39e5e02993] : httpd: harden MI/HTTP interface with safe default and Basic Auth Change the default 'ip' modparam from wildcard (0.0.0.0/::) to 127.0.0.1, preventing the management interface from being accidentally exposed to the network on fresh installations. Add HTTP Basic Authentication support via three new modparams: - auth_realm: the realm string for WWW-Authenticate challenges - auth_username: required username for HTTP access - auth_password: required password for HTTP access When both auth_username and auth_password are set, every HTTP request must present valid Basic Auth credentials. Requests with missing or incorrect credentials receive a 401 Unauthorized response. The authentication check runs once per request (on the first callback invocation, before allocating per-request state), avoiding redundant checks on subsequent MHD callbacks and preventing potential resource leaks during POST processing. The implementation uses libmicrohttpd's built-in Basic Auth API with version guards for MHD_free() (available since 0.9.56), falling back to free() on older versions. Closes #2939 2026-04-17 Liviu Chircu * [b3d0eb1f5f] : janus: Simplify prev commit 2453e8f78a2c 2026-04-17 Bogdan-Andrei Iancu * [06dd2c9877] : [sip_i] fix wrong ISUP msg type on 200 OK INVITE Credits go to @aldotms70 Closes #3857 2026-04-17 rdondeti * [af2460c2af] : janus: fix pkg memory leaks in populate_janus_handler_id() The janus module uses cJSON_InitHooks() to route cJSON allocations through pkg_malloc. In populate_janus_handler_id(), four calls to cJSON_Print(request) are embedded directly in LM_ERR() format arguments. The pkg-allocated return values are never stored or freed, leaking ~100-500 bytes per error path hit. Store the cJSON_Print() result, use it in the log message, and free it afterward. Also handle the case where cJSON_Print() returns NULL. This follows up on the janus leak fixes in commit f9fb3ea3e, which addressed similar leaks in janus_raise_event(), handle_janus_json_request(), and janus_ipc_send_request() but missed populate_janus_handler_id(). 2026-04-17 rdondeti * [11bf3d19cd] : aaa_diameter: fix NULL deref in dm_receive_req() via init_str() cJSON_PrintUnformatted() can return NULL on allocation failure (using shm hooks). The return value is passed directly to init_str(), which calls strlen() on it, causing a crash. Replace the init_str() call with an explicit NULL check and manual assignment, following the existing error-handling pattern in the function (goto error, which properly cleans up via cJSON_Delete and cJSON_PurgeString). Found during a systematic audit of cJSON return value handling across modules, following the janus leak fixes in commit f9fb3ea3e. 2026-04-17 rdondeti * [ccd648b5ed] : rtpengine: fix NULL deref from unchecked cJSON_PrintUnformatted() In rtpengine_raise_event(), cJSON_PrintUnformatted() can return NULL on allocation failure. The return value is passed directly to strlen() and then to cJSON_PurgeString(), both of which will crash on a NULL pointer. Add a NULL check before using the return value, and skip the parameter on failure. Found during a systematic audit of cJSON return value handling across modules, following the janus leak fixes in commit f9fb3ea3e. 2026-04-17 rdondeti * [ecbfff3e73] : jsonrpc: fix NULL deref and object leak in jsonrpc_handle_cmd() cJSON_Print() can return NULL on allocation failure. The existing code passes the return value directly to strlen() without a NULL check, causing a crash on two separate code paths (error and result handling). Add NULL checks after both cJSON_Print() calls. Additionally, the cJSON tree allocated by cJSON_Parse() at the start of the function is never freed. Add cJSON_Delete(obj) to the cleanup path. Found during a systematic audit of cJSON return value handling across modules, following the janus leak fixes in commit f9fb3ea3e. 2026-04-17 rdondeti * [a246dd8f45] : cachedb_cassandra: fix NULL deref when cass_cluster_new() returns NULL cass_cluster_new() can return NULL on allocation failure. The existing code has a NULL check, but it comes after cass_cluster_set_credentials() already uses the pointer (when credentials are configured), so a NULL return causes a crash before the check is reached. Move the NULL check to immediately after cass_cluster_new(), before any use of the returned pointer. Found during a systematic audit of cachedb backends following the cachedb_redis NULL-deref fix in commit 8fb569cb3. 2026-04-17 rdondeti * [b75191c26d] : cachedb_memcached: fix NULL deref when memcached_create() returns NULL memcached_create(NULL) can return NULL on allocation failure. The existing code never checks the return value, so a NULL memc pointer falls through to memcached_server_push(NULL, ...) which dereferences the NULL pointer. Add an explicit NULL check after memcached_create(), following the existing error-handling pattern in the function (pkg_free + return 0). Found during a systematic audit of cachedb backends following the cachedb_redis NULL-deref fix in commit 8fb569cb3. 2026-04-17 Bogdan-Andrei Iancu * [ae90bd7942] : [tm] fix access to un-allocated branch Reported and fixed by @vladpaiu 2026-04-17 OpenSIPS * [82929a3e39] : Rebuild documentation 2026-04-17 Liviu Chircu * [8ba4c5fa80] : db_sqlite: Improve error handling * avoid dangling PS pointers * avoid leaking the PS object on NULL "result" 2026-04-17 Liviu Chircu * [309c7b3fab] : db_sqlite: Fix interaction with sql_cacher The .query API endpoint in db/db.h is meant to return 0 on success, yet the current implementation in db_sqlite was returning "number of rows" on success, leading to: ERROR:sql_cacher:load_entire_table: Failure to issue query to SQL DB... ERROR:sql_cacher:cache_init_load: Failed to cache the entire table... 2026-04-17 Razvan Crainea * [4e2220dfec] : stir_shaken: use a new bio for chain avoid using the same cbio, as it needs to be rewind to be read again in wolfssl; openssl handles this properly though 2026-04-17 Liviu Chircu * [06ee2f8e05] : dialog: fix multi-PRACK CSeq handling and uac-auth ACK CSeq regression * fix CSeq regression on the outbound leg, prioritize .last_gen_cseq * manual PRACK: fix matching for current leg (multi-180 scenario) * manual PRACK: add logic for early leg creation during onreply_route. This allows the leg to be correctly matched and have its CSeq set. * small fix: avoid overwriting .last_gen_cseq with smaller values 2026-04-17 Liviu Chircu * [b18f11a2ec] : menuconfig: Fix templates, use new create_dialog() flags 2026-04-17 OpenSIPS * [bbfbe7c713] : Rebuild documentation 2026-04-17 Razvan Crainea * [1bcda239fa] : rtp_relay: do not run indialog for non-SDP requests 2026-04-17 Liviu Chircu * [2db670579f] : script_helper: Fix build Move flags parser in a .h file, so script_helper sees it as well. 2026-04-17 Liviu Chircu * [f676d80f3a] : dialog PRACK: Add a couple knobs/settings for UAC-side control * auto_prack_hangup_on_failure (default: 0) -> enable strict UAC * auto_prack_fr_timeout (default: 2 sec) -> related to above 2026-04-17 Liviu Chircu * [cb2597577b] : dialog PRACK: Enhance auto-prack mode with failure handling 2026-04-17 Liviu Chircu * [06c9a9840c] : dialog: Change create_dialog() to use explicit flag names 2026-04-17 Liviu Chircu * [966e400c0f] : dialog PRACK: Fix outgoing CSeq with multiple PRACKs 2026-04-17 Liviu Chircu * [b0ce4342e0] : dialog: relax manual PRACK checks 2026-04-17 Liviu Chircu * [14833bd6df] : dialog PRACK: Fix issues during early-dialog * work around the fact that r_cseq, Contact, and route-set and not yet present in the dst_leg struct. So the use of send_leg_msg() and build_dialog_info() should be avoided here. * fix outbound ACK CSeq to match the INVITE, rather than +1 due to the in-between PRACK 2026-04-17 Liviu Chircu * [3f830ae4f9] : dialog: Add "auto-PRACK handling" flag to create_dialog() ("L" flag) Similar logic to the dlg_send_sequential() addition, but fully automated. 2026-04-17 Liviu Chircu * [6a7795161b] : dialog: Add PRACK support to dlg_send_sequential() * various validations of the current 101-199 provisional reply * takes the RSeq header and builds the RAck header into the PRACK 2026-04-17 Razvan Crainea * [4ed494651e] : dialog: updated documentation for new MI format 2026-04-17 Bogdan-Andrei Iancu * [fe34b4c729] : [tm] fix macros and indexing related to BRANCH_BITMASK 2026-04-17 Razvan Crainea * [fb017823be] : b2b_logic: turn of bridge initiator in case transfer fails 2026-04-17 OpenSIPS * [3c8e07b088] : Rebuild documentation 2026-04-17 Bogdan-Andrei Iancu * [90994adb00] : [nathelper] add functions to preserve the original private contact. The fix_nated_contact() take a flag in order to save the original private IP and port into the 'org' uri param (b64 encoded) The new restore_nated_ruri() function (upon routing sequential requests) extract the info from the 'org' RURI param and restores the private ip:port in RURI. The received RURI is pushed into DURI for routing purposes ;) Alternative to #3769 2026-04-17 Norm Brandinger * [4cf6962d29] : janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths The janus module uses cJSON_InitHooks() to route all cJSON allocations through OpenSIPS pkg_malloc. Three call sites had missing cleanup: - janus_ipc_send_request(): cJSON_Print() result was copied to shm via shm_nt_str_dup() but the pkg-allocated original was never freed. Also added a NULL check -- under pkg exhaustion cJSON_Print returns NULL and the subsequent strlen(NULL) causes a crash. - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed to janus_ipc_send_request() (which serializes it to shm) but cJSON_Delete() was never called afterward. Also added cleanup on the get_janus_connection_by_id() failure path. - janus_raise_event() and handle_janus_json_request(): added NULL checks after cJSON_Print(). Fixed missing pkg_free(full_json) on the shm_strdup() failure path in handle_janus_json_request(). Together these leak ~350 bytes of pkg memory per janus_send_request() call, leading to SIP worker pkg exhaustion and crash under sustained load. Fixes #3712 2026-04-17 Bogdan-Andrei Iancu * [a3c5221fa5] : [tm] fixed init of branch bitmask in timeout handler related to f0223cc93417cb848ab85c2ca2765d1a4958dcd1 2026-04-17 OpenSIPS * [8e174d2538] : Rebuild documentation 2026-04-17 Maksym Sobolyev * [2efb7e2fdd] : CI/rtp.io: handle "/" in branch names (i.e feature/xyz) correctly (#3844) Fixes: https://github.com/OpenSIPS/opensips/actions/runs/22914875002/job/66498568285#step:8:201 Display qemy version for debug. 2026-04-17 Razvan Crainea * [50624403f3] : pua_mi: fix migration to module:cmd 2026-04-17 Razvan Crainea * [a6071ba5e4] : mi: have which return all functions within a module 2026-04-17 Razvan Crainea * [3b3e1e1b11] : mi: document changes of new MI functions 2026-04-17 Razvan Crainea * [761c3f3673] : mi: add aliases for old MI commands 2026-04-17 Razvan Crainea * [3942a28ed2] : mi: refactor cmds names to contain the module Close #3838 2026-04-17 Bogdan-Andrei Iancu * [94fbaf65fe] : [socket bond] fix uninitialized sif in fix_bond_socket_list() on error case 2026-04-17 Bogdan-Andrei Iancu * [f41ac07bdc] : Expend socket_info to have an optional orig_name To be used when socket defined as interface (as "socket=udp:eth1") is expanded to multiple one-per IP interfaces 2026-04-17 Bogdan-Andrei Iancu * [74c2aa6b7b] : [bond sockets] added socket_belongs_to_bond() ... ... to check if a real socket belongs to a bond socket 2026-04-17 Bogdan-Andrei Iancu * [ee9ff321d6] : [bond sockets] varios fixes, working code 2026-04-17 Bogdan-Andrei Iancu * [dd4b4bf272] : Added the PROTO_BOND as token We need to be parsed and recognized as protocol 2026-04-17 Bogdan-Andrei Iancu * [1124903a4b] : [bond] added bond socket selection in get_send_socket 2026-04-17 Bogdan-Andrei Iancu * [b64bb19a17] : [net] init the BOND sockets 2026-04-17 Bogdan-Andrei Iancu * [eef0eff7af] : cfg: add bond socket_def grammar with list support 2026-04-17 Norm Brandinger * [1cc3490a86] : cachedb_redis: fix NULL deref when redisConnect returns NULL redisConnect() and redisConnectWithTimeout() can return NULL on allocation failure. The existing check only handles ctx->err != REDIS_OK (non-NULL ctx with error), so a NULL return falls through to redisSetTimeout(NULL, ...) which dereferences the NULL pointer. Add an explicit NULL check after the error-code check. Also change the warned flag from char to int to avoid undefined behavior on signed overflow after 127 connection-timeout warnings. 2026-04-17 Maksym Sobolyev * [5623d3d468] : CI/rtp.io: Increase timeout a bit (#3833) * CI/rtp.io: Increase timeout a bit To fix some timeout seen on linux/ppc64le: https://github.com/OpenSIPS/opensips/actions/runs/22627454288/job/65577262119 * CI: remove unused file and add rtp.io badge 2026-04-17 OpenSIPS * [af34f079b6] : Rebuild documentation 2026-04-17 Liviu Chircu * [45b1c2496f] : registrars: Accept Re-REGISTERs with equal CSeq New module setting for both registrar and mid-registrar which controls the policy on handling same Call-ID REGISTERs, with the same CSeq. modparam: allow_dup_cseq default: true Ultimately, this boils down to a trade-off between interoperability and RFC strictness. More info in the modparam documentation. 2026-04-17 Liviu Chircu * [3d5a4a5deb] : mid_registrar: Fix mem management bugs around "max contacts" * avoid UAF of the @uc pointer during iteration * fix logic so that the current @c cannot be freed by trim_contacts() itself, yet again leading to UAF type of bugs usrloc: Fix rare memleak edge-case 2026-04-17 Razvan Crainea * [7d9e20125d] : redhat: enable wolfssl stir shaken only for latest distros 2026-04-17 Razvan Crainea * [648e00609c] : packaging: remove bad copy & paste 2026-04-17 Liviu Chircu * [ea4be40918] : stir_shaken: Fix OpenSSL vs. WolfSSL detection This fixes the RedHat build, where there is no WolfSSL available. 2026-04-17 Razvan Crainea * [528dd48dc8] : build: stir_shaken should be used with openssl if wolfssl is not available 2026-04-17 Liviu Chircu * [0f1d512643] : stir_shaken: Improve compatibility with older WolfSSL libraries This patch avoids usage of newer API functions which are missing in both WolfSSL 4.3.0 (e.g. Ubuntu 20.04) and pre-1.1.0 OpenSSL, such as: - X509_STORE_set_verify_cb_func() - ECDSA_SIG_get0() - X509_get_ext_by_OBJ() 2026-04-17 Bogdan-Andrei Iancu * [1480b1faaa] : [tcp] fixed potential buffer overflow due to insane large Content-Len values Check and limit the Content-Lenght to the size of the reading buffer, makes no sense to accept anything higher. 2026-04-17 Maksym Sobolyev * [fdaa4ffdd0] : CI: tweak voiptests parameters. (#3832) Set MM_INIT_DELAY to give opensips/rtp.io some extra time to init. Ignore faulures of the time-sensitive tests that might fail under emulation. 2026-04-17 Liviu Chircu * [b738f3558c] : packaging: Align stir_shaken deps with wolfSSL 2026-04-17 Liviu Chircu * [2c7802db1b] : stir_shaken: Migrate to WolfSSL-compatible cryptography While stir_shaken only uses the "libcrypto" part of OpenSSL, the fact that the OpenSSL runtime can be shared across multiple modules (e.g. with proto_wss doing TLS connections) may induce unexpected crashes in the stir_shaken crypto workflows. This commit makes stir_shaken compatible with WolfSSL too, to become the new default crypto library, but *without* losing OpenSSL compatibility. To revert to OpenSSL based crypto, add this to Makefile.conf: DEFS+= -DSTIR_SHAKEN_OPENSSL 2026-04-17 Razvan Crainea * [28a4fb793b] : b2b_entities: make sure last_method is updated before req 2026-04-17 OpenSIPS * [e253c5985b] : Rebuild documentation 2026-04-17 Razvan Crainea * [2771bdb85e] : b2b_entities: convert ERR in DBG 2026-04-17 Razvan Crainea * [3ba640fdd0] : mi_xmlrpc_ng: rename to mi_xmlrpc 2026-04-17 Razvan Crainea * [9006f86951] : topology_hiding: add th_callid_loop_protection parameter 2026-04-17 Razvan Crainea * [5a4725df86] : drop various deprecated parameters 2026-04-17 vladpaiu * [24225f50b5] : Add support to extract RSA PUB key from e&n format ( JWK ) (#3827) 2026-04-17 Razvan Crainea * [56f104f437] : net: add af support in proxy_protocol 2026-04-17 Razvan Crainea * [d5fef5ae33] : proto_ws: add proxy_protocol support 2026-04-17 Remi Collet * [9c3db90e0e] : support for libmongc/libbson version 2 (#3829) 2026-04-17 Razvan Crainea * [3b74d8b32c] : net: implement proxy_protocol for outbound 2026-04-17 Razvan Crainea * [1105b89872] : net: check if socket support proxy protocol at parse time 2026-04-17 Razvan Crainea * [5640091bbc] : net: filter proxy_protocol per socket 2026-04-17 Razvan Crainea * [d34dac582e] : net: initial proxy_protocol implementation 2026-04-17 Norm Brandinger * [06caa49371] : tm: fix $rd reversion after chained async() resume When async() is called from a resume route (chained async), the FL_TM_FAKE_REQ check in t_handle_async() prevents update_cloned_msg_from_msg() from saving message state to the transaction's shm clone. This causes $rd, $du, and other msg fields modified in the resume route to revert to their previous values when the next async operation completes through the reactor path. Remove the FL_TM_FAKE_REQ guard from the conditional. The update_cloned_msg_from_msg() function already handles faked_req sources correctly: it defers freeing old shm lumps (lines 1325-1336 of sip_msg.c), and free_faked_req() completes the deferred cleanup. Fixes #3676 2026-04-17 OpenSIPS * [6342f1fd51] : Rebuild documentation 2026-04-17 Razvan Crainea * [f069c8a5ca] : readme: drop lgtm badges, as the service no longer exists 2026-04-17 Razvan Crainea * [7addd1892d] : builds: negate python version check 2026-04-17 Razvan Crainea * [defb356cd0] : regex: fix broken merge 2026-04-17 Razvan Crainea * [a8146eb262] : regex: fix stashed markers 2026-04-17 Razvan Crainea * [41e8e2d101] : regex: make module work with both pcre2 and pcre3, not just compile 2026-04-17 Liviu Chircu * [263d2274f8] : proto_wss: free ws_data on TLS domain lookup failure 2026-04-17 Razvan Crainea * [1256226b94] : auth_db: update docs for default empty credentials list 2026-04-17 Razvan Crainea * [a7b7409b75] : auth_db: remove RPID from default credentials list Completes commit b0023b417 Many thanks to Evgeniy (@gostkov on GitHub) for reporting this in #3813 2026-04-17 Razvan Crainea * [fb5bc02085] : tm: fix EXTRA_DEBUG logging for local cancel timer 2026-04-17 Razvan Crainea * [e43b06a1c4] : tm: fix uac usage with EXTRA_DEBUG 2026-04-17 Razvan Crainea * [a1be8e4bf2] : tm: create uac for locally generated transactions 2026-04-17 OpenSIPS * [2419b0b7fb] : Rebuild documentation 2026-04-17 Bogdan-Andrei Iancu * [1e4bd679f3] : [tm] fix reverted macro BRANCH_BM_NONE_SET Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758 2026-04-17 Bogdan-Andrei Iancu * [c9adf54997] : [tm] fix branch init after dynamic alloc Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758 2026-04-17 Bogdan-Andrei Iancu * [0a12d5a7af] : updated modules acessing transaction branches related to 7b83cabb916d5bf7ae2d0fc20978aac625872758. The access to a transaction branch is done via a macro in order to get on the right chunk of the branch. 2026-04-17 Bogdan-Andrei Iancu * [8fe8128190] : [tm] migrated to dynamic allocated branches per transaction This allow a really high number of branches per transaction (like the default is 256, but can be increased). The branches are dynamically allocated, on demand, so some transactions which are not subjet to forking (typically non-INVITE) may have the minimum of 4 branches, while the INVITE transaction, depending on the need can scale up to 256 2026-04-17 Bogdan-Andrei Iancu * [26297af3ea] : [tm] migrate the branch bitmask to array, to allow more than 64 branches (long long) branch_bm_t data type is an array of integers, currently limited to 256 branches (but can easily increased, by re-compiling) Added macros to operate with the bits in the bitmask Updated TM and all modules using TM branches 2026-04-17 Razvan Crainea * [8affe19ab1] : regex: allow pcre3 library 2026-04-17 Liviu Chircu * [4f14e20486] : rest_client: Fix async transfers with re-used TCP conns Fix the edge-case with async cURL where it re-uses an existing TCP connection. Here, the @connect variable holds a 0 value, thus the transfer runs in blocking mode unless we relax the condition. Patch provided by Nuno Almeida from Five9. 2026-04-17 Razvan Crainea * [0d23a4366e] : build: do not build opentelemetry by default 2026-04-17 Razvan Crainea * [0260266069] : event_rabbitmq: avoid using released memory Reset the `tmp.s` pointer when assigning it to a structure, to avoid freeing it when the `tmp` is reused. Many thanks to Andrey F(@kertor) for reporting it and Nick Altmann(@nikbyte) for fixing it. Close #3808 2026-04-17 Razvan Crainea * [5afb4eac24] : siprec: make sure there is a dlg/SDP to notify SRS with 2026-04-17 Razvan Crainea * [3c120dbbf3] : siprec: avoid accessing invalid dialog/rtp context reset dialog when it has been terminated - this prevents being accessed after the dialog was deleted. 2026-04-17 OpenSIPS * [2e6f2a4c8f] : Rebuild documentation 2026-04-17 Bogdan-Andrei Iancu * [36eea26e5c] : Fix missing include for sip_msg struct definition 2026-04-17 Bogdan-Andrei Iancu * [5cbe0ccc1d] : [uac_registrant] added docs for Status/Report Identifiers part 2026-04-17 Razvan Crainea * [4df609ba4d] : rate_cacher: fix c89 errors `for(int i` syntax is only allowed in c99 2026-04-17 Liviu Chircu * [35592dbc04] : mid_registrar: Fix the `tcp_persistent_flag` feature Make sure to NOT adjust the @e_max with -get_act_time(), similar to registrar codebase, to avoid setting MAX_INT on the TCP conn lifetime... 2026-04-17 pavelkohout396 * [e81b42b1a9] : Fix SQL injection in auth_jwt module via unescaped tag claim (#3807) The jwt_db_authorize() function... The jwt_db_authorize() function in the auth_jwt module decodes JWT tokens without signature verification to extract the 'tag' claim, then interpolates this claim directly into a raw SQL query without escaping. An attacker can craft a malicious JWT with SQL injection payload in the tag claim (e.g., "' UNION SELECT 'admin','attacker_secret' --") to inject their own secret into the query result. Since the injected secret is then used to verify the JWT signature, the attacker can sign their token with this known secret and achieve authentication bypass. Reported-by: Pavel Kohout, Aisle Research, www.aisle.com 2026-04-17 Bogdan-Andrei Iancu * [798b69d091] : [b2b_entities] fix cseq to be used upon 200OK/CANCEL race When generating the ACK+BYE upon 200 OK (from callee) racing a CANCEL (from caller), take care and use the correct cdeq values from the 200 OK (the b2b entity is not properly updated anymore, as it is already terminated by the CANCEL) 2026-04-17 Vlad Paiu * [e14bdeefd0] : Fix compilation error due to missing limits.h for INT_MIN 2026-04-17 Vlad Paiu * [12dad50ad1] : Add status reports for registrant entries 2026-04-17 Vlad Paiu * [a572318288] : db_url param is optional for uac_registrant 2026-04-17 Vlad Paiu * [3b9f3f392d] : Add documentation 2026-04-17 Vlad Paiu * [1cbba51dba] : Add reregister_expiry_percentage parameter 2026-04-17 Vlad Paiu * [06820ca98c] : Don't let registrations expire ( if expires < timer_interal, do it now instead of waiting for next tick ) 2026-04-17 Vlad Paiu * [457bafd8c3] : Increase max number of MI params 2026-04-17 Vlad Paiu * [533ee2556e] : add linked list delete 2026-04-17 Vlad Paiu * [e64e80b9b6] : Add remaining events for states & refactor code 2026-04-17 Vlad Paiu * [c6632d8829] : Add E_REGISTRANT REGISTERING/AUTHENTICATING/REGISTERED 2026-04-17 Vlad Paiu * [670d48e7c0] : Add reg_delete and reg_upsert MI commands 2026-04-17 Ovidiu Sas * [9ca3d8a0a5] : trie: fix defaults for trie_table parameter 2026-04-17 OpenSIPS * [02af140de8] : Rebuild documentation 2026-04-17 Razvan Crainea * [4d77c7682e] : packaging: drop OPENTELEMTRY from default packages should only be built if opentelemetry profie is specified 2026-04-17 Razvan Crainea * [1598540074] : packaging: fix redhat spec 2026-04-17 Razvan Crainea * [6ee2e97ebf] : packaging: only build opentelemetry explicitely 2026-04-17 Razvan Crainea * [72f844315d] : aaa_diameter: proper handing of _dm_send_message error Avoid double free of the JSON message 2026-04-17 Razvan Crainea * [4f1f81c18f] : Add opentelemetry packaging 2026-04-17 Razvan Crainea * [7a57c869bf] : opentelemetry: add README for module 2026-04-17 Jason Shugart * [0a5d640f84] : Ignore extra headers in MSRP 2026-04-17 Vlad Paiu * [000c01d868] : Fixed lengths for service_name and exporter_endpoint params 2026-04-17 Your Name * [d8fdfc46f4] : Add opentelemetry to list of excluded modules from default compilation 2026-04-17 Your Name * [aedc85b5f3] : Add opentelemetry documentation 2026-04-17 Vlad Paiu * [98e73677f6] : Fix copyrights 2026-04-17 Vlad Paiu * [e3652da192] : Add otel_enable MI command to enable/disable opentelemetry tracing 2026-04-17 Vlad Paiu * [1f3031e325] : Add suport for async/resume jumps while maintaing spans 2026-04-17 Vlad Paiu * [5273e23554] : always use system lib 2026-04-17 Vlad Paiu * [b6ebb34377] : Initial POC 2026-04-17 Razvan Crainea * [1674259ec5] : b2b_entities: fix possible leak on error cases On some error cases, the serialization buffer was not released, leading to a leak in pkg memory. 2026-04-17 Peter Lemenkov * [e447cf6c1d] : Fix libbson deprecated API warning with version compatibility (#3792) During compilation of cachedb_mongodb module, numerous deprecation warnings appear on systems with mongo-c-driver >= 1.29.0: ``` Compiling cachedb_mongodb_dbase.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='cachedb_mongodb' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/json-c -I/usr/include/json-c -DJSON_PKG_MAJOR=0 -DJSON_PKG_MINOR=18 -DJSON_PKG_MICRO=0 -DUTF8PROC_EXPORTS -I/usr/include/libmongoc-1.0 -I/usr/include/libbson-1.0 -c cachedb_mongodb_dbase.c -o cachedb_mongodb_dbase.o cachedb_mongodb_dbase.c: In function ‘mongo_con_set’: cachedb_mongodb_dbase.c:315:9: warning: ‘bson_as_json’ is deprecated: Use bson_as_legacy_extended_json instead [-Wdeprecated-declarations] 315 | dbg_bson("query: ", query); | ^~~~~~~~ In file included from /usr/include/libmongoc-1.0/mongoc/mongoc.h:22, from /usr/include/libmongoc-1.0/mongoc.h:18, from cachedb_mongodb_dbase.h:30, from cachedb_mongodb_dbase.c:22: /usr/include/libbson-1.0/bson/bson.h:535:1: note: declared here 535 | bson_as_json (const bson_t *bson, size_t *length) BSON_GNUC_DEPRECATED_FOR (bson_as_legacy_extended_json); | ^~~~~~~~~~~~ ``` The MongoDB C driver (libbson) deprecated bson_as_json() in version 1.29.0 (October 2024) in favor of bson_as_legacy_extended_json() to clarify which JSON format is being produced (legacy vs. canonical extended JSON). We added compatibility macro at the top of cachedb_mongodb_dbase.c - for mongo-c-driver < 1.29.0, define bson_as_legacy_extended_json as an alias to bson_as_json, allowing the code to use the new API name while maintaining backward compatibility. This change maintains compatibility with all mongo-c-driver versions. The new function name is used on >= 1.29.0, while older versions transparently use the original bson_as_json() through the macro alias. No behavioral changes - the replacement is functionally identical and produces the same JSON output format. The new name simply makes it explicit that the legacy extended JSON format is being used. Note: mongo-c-driver 1.29.0 was released in October 2024. Many LTS distributions still ship earlier versions (e.g., RHEL 8/9, Ubuntu 20.04/22.04, Debian 11/12), making the compatibility macro necessary. Assisted-by: Claude (Anthropic) Signed-off-by: Peter Lemenkov 2026-04-17 Jasper Hafkenscheid * [22510e952f] : resolve: fix CNAME chain resolution with caching The DNS resolver now explicitly follows CNAME chains instead of relying on res_search() to handle them transparently. This fixes resolution failures when the DNS cache module is enabled, as cached CNAME responses need to be followed manually to reach the final A/AAAA records. Changes: - Add iterative CNAME chain following in own_gethostbyname2() - Limit chain depth to 10 to prevent infinite loops - Add debug logging for CNAME traversal 2026-04-17 James Sharp * [39ee6a7a76] : add limit for number of ratesheets during initial carrier creation 2026-04-17 James Sharp * [34c7caafbc] : First decently working attempt 2026-04-17 Bogdan-Andrei Iancu * [722f27fe52] : Discard forced socket if AF incompatible ... and force selection of a different outbound socket, based on protocol and AF Based on a report from Ihor Olkhovskyi 2026-04-17 OpenSIPS * [e94dc35a9d] : Rebuild documentation 2026-04-17 Bogdan Andrei IANCU * [74f46cff28] : Merge pull request #3804 from purecloudlabs/sipmsg_validate_all_contacts Sipmsg validate all contacts (cherry picked from commit 18fdeaf32bb12e31ceb7876726865faaa8c91c7f) 2026-04-17 Bogdan Andrei IANCU * [3fc5afe22c] : Merge pull request #3803 from purecloudlabs/dialog_contact_crash_fix Dialog module crash when Contact header is * (cherry picked from commit a3fcb81d6bbea42c88a2da51a4438a6f41e48a7f) 2026-04-17 Liviu Chircu * [01adf61bdf] : launch(): Fix edge-case with report_route $param(1) not set Some async functions (e.g. rest_post()) may report an ASYNC_SYNC status, when the operation completed inline. This case wasn't properly handled in the launch() support, as the report_route $param(1) was always NULL. Many thanks to Nuno Ferreira from Five9 for a full report and troubleshooting on this one! 2026-04-17 Bogdan-Andrei Iancu * [675c1a871e] : [TCP] fixed bad handling upon "max async postponed chunks" In such case, mark the conn as timed out, to force its sending back to TCP main for closing. Also fix some bad ref counting when handling bad cons in ASYNC WRITE. Add more hist logs to conn, to easy the debugging process. (cherry picked from commit 4afd1c8af1ca24ba642f5ad7ecd3d5b14eb7dafe) 2026-04-17 Liviu Chircu * [77fda00f97] : b2b_entities: Zero DB handles after module destroy Since B2B destroys before tm, this should help prevent some shutdown crashes in B2B due to cascaded module cleanups (e.g. tm cleanups going into dialog, siprec then back again into B2B). 2026-04-17 Liviu Chircu * [7ac577bc80] : Fix reply relaying after launch() from onreply_route This commit prevents SIP replies from being absorbed (bug?!) by OpenSIPS after a launch() operation from onreply_route, with no further replies to upstream side on that T. Follow-up on a711924f9, see tm/t_reply.c. Such launch() calls are completely decoupled from the T, do not interfere with the script logic and can safely be done in parallel. 2026-04-17 OpenSIPS * [4cb0b7435c] : Rebuild documentation 2026-04-17 Liviu Chircu * [ecd46bc66b] : auth: Add helpful logs on pv_xxx_auth() mis-usage Also, fix top-level rc from "-1" (invalid user? continue script?) into "0" (auto-reply SIP 500 error! halt script!) on such scripting errors. Fixes #3756 2026-04-17 Razvan Crainea * [4e079fa8aa] : build: export wolfssl flags 2026-04-17 Razvan Crainea * [344e169be5] : build: ignore tls_wolfssl errors for ubuntu 24.04 2026-04-17 Bogdan-Andrei Iancu * [1dd588427f] : [mi_datagram] turn the RX sockets to non-blocking As we have multiple procs reading from the same datagram sockets, we may end up with a mixing between the procs woken up by OS and the procs doing the reading. So some procs (even if were woken up) may have nothing to read. To be resilient, better do non-blocking reading and igonre the EAGAIN or EWOULDBLOCK. (cherry picked from commit 12e705e296470872899e848f030058e8bc052d11) 2026-04-17 Bogdan-Andrei Iancu * [37af7d1129] : [dialog] fixed potential double-free upon delayed delete If the dialog struct is removed from the timer list (and under processing by the timer), do not attempt to free it here, rather leave it alone, it will be freed by the timer (cherry picked from commit f5f11af9ac8bffd387120725cc9ea147ed08873c) 2026-04-17 Razvan Crainea * [e017f9f241] : auth_web3: fix c89 sytax errors 2026-04-17 OpenSIPS * [b692f2cf4e] : Rebuild documentation 2026-04-17 Razvan Crainea * [49d6a110b7] : auth_web3: make sure LIBS does not overwrite previous libs 2026-04-17 Razvan Crainea * [4f3cc7d5c2] : regex: make size_t prints portable 2026-04-17 Norm Brandinger * [b2e975540d] : rtpengine: add bracket syntax for lists and dictionaries (#3818) Add support for bracket-delimited list and dictionary values in rtpengine flag strings, enabling access to ng protocol features that require nested parameters (sdp-media-remove, codec, sdp-attr). A value enclosed in [...] is parsed as a bencode list of space-separated items. If any top-level item contains "=", the value is parsed as a bencode dictionary instead. Brackets can be nested for multi-level structures such as: rtpengine_offer("codec=[transcode=[PCMA PCMU] strip=[EVS]]"); rtpengine_offer("sdp-media-remove=[video message image]"); Escape sequences (..) and (--) produce space and equals respectively, matching the rtpengine daemon convention. Parsing is done module-side into native bencode structures, compatible with all rtpengine daemon versions. Closes: https://github.com/OpenSIPS/opensips/issues/3591 Co-authored-by: Debian 2026-04-17 Norm Brandinger * [0fd7bca921] : janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4) (#3840) * janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths The janus module uses cJSON_InitHooks() to route all cJSON allocations through OpenSIPS pkg_malloc. Three call sites had missing cleanup: - janus_ipc_send_request(): cJSON_Print() result was copied to shm via shm_nt_str_dup() but the pkg-allocated original was never freed. Also added a NULL check -- under pkg exhaustion cJSON_Print returns NULL and the subsequent strlen(NULL) causes a crash. - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed to janus_ipc_send_request() (which serializes it to shm) but cJSON_Delete() was never called afterward. Also added cleanup on the get_janus_connection_by_id() failure path. - janus_raise_event() and handle_janus_json_request(): added NULL checks after cJSON_Print(). Fixed missing pkg_free(full_json) on the shm_strdup() failure path in handle_janus_json_request(). Together these leak ~350 bytes of pkg memory per janus_send_request() call, leading to SIP worker pkg exhaustion and crash under sustained load. Fixes #3712 * janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4) The janus module WS client rejects any frame with FIN=0: "We do not support fragmemntation yet. Dropping..." This breaks with Janus Gateway when using indented JSON (the default) or when responses are large enough to exceed the transport frame size. Add RFC 6455 compliant fragment reassembly: - janus_ws_parse(): remove FIN=0 rejection, accept continuation frames (opcode 0x0), validate that control frames have FIN=1 (RFC 6455 5.5) - janus_ws_handle_frag(): new state machine for fragment accumulation. TEXT/BIN+FIN=0 starts accumulation, CONT+FIN=0 appends, CONT+FIN=1 delivers the reassembled message. Control frames pass through mid-fragment. Returns 0 (complete), 1 (read more), -1 (error). - janus_ws_frag_cleanup(): cleanup helper called from all error paths, CLOSE handler, reconnect, and after successful delivery. - janus_connection_read_data() and janus_connection_handler_id(): call janus_ws_handle_frag() before the opcode switch; reassembled messages use frag_buf instead of tcp.body. - janus_reconnects(): free frag_buf on connection teardown. Fragment state (frag_buf, frag_len, frag_size, frag_op) is per-connection on the con_req struct. All operations run in the single-threaded JANUS Manager reactor, so no additional locking is needed. Design choices: - 256KB reassembly limit (WS_MAX_FRAG_SIZE) for DoS protection - 2x initial alloc + doubling realloc strategy (O(log n) reallocs) - init_janus_ws_req intentionally preserves frag_* across frame resets - Parse failure on reassembled message is terminal (no retry) Tested with 100k fragmented messages (0 failures, flat pkg memory) and 30k concurrent messages across 8 producers, 6 connections, 4 workers. Fixes #3712 * janus: address review feedback on fragment handling - Remove msg_attempts reset in fragment accumulation path: conceptually wrong to signal "new message" when only a fragment was received, and the counter is not checked in the data path anyway. - Remove {} blocks around frag_ret usage: move variable declaration to function scope for clarity. 2026-04-17 Razvan Crainea * [22c93a9843] : event_rabbitmq: avoid double free on guest usage 2026-04-17 Norm Brandinger * [cc801a4e01] : event_rabbitmq: fix dupl_string() NUL-inclusive len corrupting AMQP shortstr (#3834) dupl_string() incremented dst->len after NUL-terminating the unescaped string, causing .len to include the trailing NUL byte. This made amqp_basic_publish() encode exchange and routing-key shortstr fields with an extra 0x00, breaking broker routing. Remove the len++ and all downstream compensations (tls_dom_name.len--, and the - 1 adjustments in rmq_print() for address, exchange, routing key, and user). Also fix the un_escape() error path to free the already-allocated shm buffer, and fix the default-user allocation to explicitly NUL-terminate. Closes #3828 2026-04-17 Ravitez Dondeti * [9453ee0941] : db_mysql: recover from ER_UNKNOWN_STMT_HANDLER (1243) (#3865) The prepared-statement execute wrapper treats MySQL error 1243 (ER_UNKNOWN_STMT_HANDLER) as a hard failure and skips the existing reconnect + re-prepare path. This surfaces in production when the backing database is replaced underneath a live client connection - for example during an AWS Aurora zero-downtime minor-version upgrade, which preserves the TCP connection but drops the server-side prepared-statement cache. The next stmt_execute returns 1243, OpenSIPS logs CRITICAL and the query fails instead of transparently recovering. Add the case to wrapper_single_mysql_stmt_execute so it funnels into the same switch_state_to_disconnected -> connect_with_retry -> re_init_statement recovery path that already handles CR_SERVER_GONE_ERROR and friends. ER_NEED_REPREPARE (1615) is intentionally not added: libmysqlclient auto-reprepare already handles that case. 1243 bypasses auto-reprepare because the server has no record of the handle at all. The companion prepare wrapper is not modified: it starts from a fresh mysql_stmt_init() handle that carries no server-side ID, so the server cannot return 1243 in response to a prepare request. Reported-by: Sasmita Panda 2026-04-17 Razvan Crainea * [4933cc43d0] : b2b_logic: fix previous commit warnings 2026-04-17 Razvan Crainea * [862fa537d7] : b2b: add support for pass-legs-upstream flag 2026-04-17 Razvan Crainea * [2810543bd2] : b2b_logic: add refer_id indication in NOTIFY messages 2026-04-17 Razvan Crainea * [ca3410f73c] : b2b: add custom_contact_header_params support 2026-04-17 Razvan Crainea * [f4da97b945] : proto_tls: drop tls_async_handshake_timeout as no longer used 2026-04-17 Razvan Crainea * [9f4b2930ed] : scripts: sync dbschema 2026-04-17 Razvan Crainea * [f8e7ec10e3] : net: drop parallel reads parameters 2026-04-15 Bogdan-Andrei Iancu * [335bd70788] : [dialog] added profiling on signaling API functions 2026-04-15 Bogdan-Andrei Iancu * [abe6e02bc3] : [profiling] profile on entry points in b2b_logic module ...when notifications from b2b_logic are received 2026-04-15 Bogdan-Andrei Iancu * [970626b4a8] : [profiling] support for b2b_entities profiling Profile on entry points (incoming requests and replies) and on API calls (which perform signaling) 2026-04-15 Bogdan-Andrei Iancu * [622ec3a999] : [profiling] use profiling whenever the important TM API funcs are called the functions : t_reply, t_reply_with_body, t_reply_unsafe, t_request_within, t_request_outside, t_request, t_cancel_trans 2026-04-15 Bogdan-Andrei Iancu * [fc6c47d055] : [tm] added proc profiling support Do profiling for the received_reply function which is directly called by core. Also added helper macro to wrap profiling functions around TM API calls. 2026-04-15 Bogdan-Andrei Iancu * [b6bac8ef64] : [profiling] added silent profiling for request pre script callbacks Silent means if no profiling is done inside a callback (further), to profiling for the overall callback is not reported 2026-04-15 Bogdan-Andrei Iancu * [ecb7ff1ab8] : [profiling] allow with_next also upper on the stack 2026-04-15 Bogdan-Andrei Iancu * [9243484e3b] : [profiling] complet profiling on UDP and TCP net processes 2026-04-15 Bogdan-Andrei Iancu * [e9d2579a7b] : [profiling] detailed profiling for all types of async resume 2026-04-15 Bogdan-Andrei Iancu * [2ffbe85c72] : [profiling] part of 33300cba06eeef7ebb37255097460906996b6cd6 2026-04-15 Bogdan-Andrei Iancu * [9bdd4813b7] : [profiling] added the sss_merge256() function 2026-04-15 Bogdan-Andrei Iancu * [4fb17ba4a7] : [profiling] extend async_ctx to keep the literal version of the resume function We need this info for profiling purposes 2026-04-15 Bogdan-Andrei Iancu * [2548c36b3b] : [profiling] added support for process profiling 2026-04-14 Razvan Crainea * [c2e1a2da45] : github: force radcli build 2026-04-14 Razvan Crainea * [b778ef53a6] : tls_openssl: declare n for openssl < 1.0.1 2026-04-14 Razvan Crainea * [bb4eee8df3] : tls_wolfssl: drop shared memory 2026-04-14 Razvan Crainea * [043ea760ea] : tls_wolfssl: bump to 5.9.1 2026-04-14 Razvan Crainea * [c51cdc8d9d] : tls_openssl: remove dangling mem&locks hooks 2026-04-14 Danielzt * [0296e26ffe] : core: fix fd memory leak in reactor_proc_add_fd, causing too many open files (#3830) rtpproxy: Fix in timeout scenarios, leading crash due to memory leak and too many open files 2026-04-14 davidtrihy-genesys <116663213+davidtrihy-genesys at users.noreply.github dot com> * [4e5775bd6b] : Compiling with DISABLE_NAGLE does not propogate tcp_proto_no and never sets TCP_NODELAY (#3859) (cherry picked from commit 1c90d5dbdfc1e3acdec0befb5106ae73db06a04e) 2026-04-12 OpenSIPS * [2c233db2a9] : Rebuild documentation 2026-04-10 Vlad Paiu * [89149094a7] : Add more details to the Spans, following the HTTP semantic convention more closely Report status of the routes to Opentelemetry Add local sip-spans.md documentation 2026-04-10 Vlad Paiu * [c1221207b8] : Get rid of initial testing HAVE_OPENTELEMETRY_CPP define 2026-04-08 Liviu Chircu * [45dcfd73a4] : PN Support: Improve default handling for failed calls Avoid relying on the "fr_inv_timeout" by default in order to complete the transaction when the call is rejected (wait_for_new_branches...), as the default (120s) is quite high, and can lead to stalling INVITEs. 2026-04-08 mattia * [78e7361292] : drouting: fix random GW selection when all weights are zero When weight_sum is 0 (all remaining gateways have weight 0), the code was always selecting the first gateway (i = first) instead of randomly picking one among the equally-weighted candidates. Restore uniform random selection by computing: i = first + (unsigned int)((size - first) * ((double)rand() / ((double)RAND_MAX + 1.0))); The +1.0 on RAND_MAX prevents the index from going out of bounds (i.e. when rand() == RAND_MAX the result stays strictly below size-first). Closes: https://github.com/OpenSIPS/opensips/issues/3863 2026-04-08 Razvan Crainea * [5287467f7c] : net: drop useless check for active TCP workers 2026-04-08 Razvan Crainea * [a4ded4625f] : net: turn off read head from TCP 2026-04-08 Razvan Crainea * [35b4c5b4b4] : net: dispatch the message to any available worker 2026-04-08 Razvan Crainea * [b88d620dd8] : tls_openssl: fix misleading ident 2026-04-08 Razvan Crainea * [1b5bd641f5] : drop ssl_tweaks from all modules 2026-04-08 Razvan Crainea * [01d1bc0c14] : drop ssl_tweaks 2026-04-08 Razvan Crainea * [834299e654] : net: handle shared queue for async messages 2026-04-08 Razvan Crainea * [d88d5727a6] : tls_mgm: expose certs info in workers 2026-04-08 Razvan Crainea * [60835993a0] : proto_msrp: migrate module to new TCP interface 2026-04-08 Razvan Crainea * [9c0a2d11a5] : proto_bin: migrate module to new TCP interface 2026-04-08 Razvan Crainea * [6b2231a142] : proto_smpp: migrate module to new TCP stack 2026-04-08 Razvan Crainea * [02aeec116b] : proto_hep: migrate hep to new TCP stack 2026-04-08 Razvan Crainea * [dabc6b23a8] : net: handle protocol parsing in the worker 2026-04-08 Razvan Crainea * [7a56074f01] : net: handle proto_ws/wss communication 2026-04-08 Razvan Crainea * [aeb5315dfb] : net: clean connect 2026-04-08 Razvan Crainea * [e8fcefa91a] : net: handle connect in main process 2026-04-08 Razvan Crainea * [e42d67dffe] : net: restore msg_max_read_timeout and cleanup dead code 2026-04-08 Razvan Crainea * [4e2758f24e] : net: only increaase connection lifetime if write is success 2026-04-08 Razvan Crainea * [fc85674299] : net: move req in thread memory 2026-04-08 Razvan Crainea * [976d1dba66] : net: make sure writes are never handled from workers 2026-04-08 Razvan Crainea * [941fe27d1e] : net: drop proc_id from tcp_connection 2026-04-08 Razvan Crainea * [ccb7c630a4] : net: always send messages from main thread 2026-04-08 Razvan Crainea * [680bf28f6a] : net: all messages are sent as async chunks 2026-04-08 Razvan Crainea * [11aa15d1b9] : refactor TCP/TLS code to have everything in a single process 2026-04-07 Bogdan Andrei IANCU * [9efaa7aa11] : Merge pull request #3851 from dondetir/feature/mi-http-security-hardening httpd: harden MI/HTTP interface with safe default and Basic Auth 2026-04-07 Liviu Chircu * [89055ff3a2] : janus: Simplify prev commit 2453e8f78a2c 2026-04-07 Bogdan-Andrei Iancu * [bc5a87a28a] : [sip_i] fix wrong ISUP msg type on 200 OK INVITE Credits go to @aldotms70 Closes #3857 2026-04-07 rdondeti * [2453e8f78a] : janus: fix pkg memory leaks in populate_janus_handler_id() The janus module uses cJSON_InitHooks() to route cJSON allocations through pkg_malloc. In populate_janus_handler_id(), four calls to cJSON_Print(request) are embedded directly in LM_ERR() format arguments. The pkg-allocated return values are never stored or freed, leaking ~100-500 bytes per error path hit. Store the cJSON_Print() result, use it in the log message, and free it afterward. Also handle the case where cJSON_Print() returns NULL. This follows up on the janus leak fixes in commit f9fb3ea3e, which addressed similar leaks in janus_raise_event(), handle_janus_json_request(), and janus_ipc_send_request() but missed populate_janus_handler_id(). 2026-04-07 rdondeti * [c304b6ef00] : aaa_diameter: fix NULL deref in dm_receive_req() via init_str() cJSON_PrintUnformatted() can return NULL on allocation failure (using shm hooks). The return value is passed directly to init_str(), which calls strlen() on it, causing a crash. Replace the init_str() call with an explicit NULL check and manual assignment, following the existing error-handling pattern in the function (goto error, which properly cleans up via cJSON_Delete and cJSON_PurgeString). Found during a systematic audit of cJSON return value handling across modules, following the janus leak fixes in commit f9fb3ea3e. 2026-04-07 rdondeti * [cf5fb629cc] : rtpengine: fix NULL deref from unchecked cJSON_PrintUnformatted() In rtpengine_raise_event(), cJSON_PrintUnformatted() can return NULL on allocation failure. The return value is passed directly to strlen() and then to cJSON_PurgeString(), both of which will crash on a NULL pointer. Add a NULL check before using the return value, and skip the parameter on failure. Found during a systematic audit of cJSON return value handling across modules, following the janus leak fixes in commit f9fb3ea3e. 2026-04-07 rdondeti * [6fc6acac8e] : jsonrpc: fix NULL deref and object leak in jsonrpc_handle_cmd() cJSON_Print() can return NULL on allocation failure. The existing code passes the return value directly to strlen() without a NULL check, causing a crash on two separate code paths (error and result handling). Add NULL checks after both cJSON_Print() calls. Additionally, the cJSON tree allocated by cJSON_Parse() at the start of the function is never freed. Add cJSON_Delete(obj) to the cleanup path. Found during a systematic audit of cJSON return value handling across modules, following the janus leak fixes in commit f9fb3ea3e. 2026-04-07 rdondeti * [8f959e73c7] : cachedb_cassandra: fix NULL deref when cass_cluster_new() returns NULL cass_cluster_new() can return NULL on allocation failure. The existing code has a NULL check, but it comes after cass_cluster_set_credentials() already uses the pointer (when credentials are configured), so a NULL return causes a crash before the check is reached. Move the NULL check to immediately after cass_cluster_new(), before any use of the returned pointer. Found during a systematic audit of cachedb backends following the cachedb_redis NULL-deref fix in commit 8fb569cb3. 2026-04-07 rdondeti * [9fea57eeaf] : cachedb_memcached: fix NULL deref when memcached_create() returns NULL memcached_create(NULL) can return NULL on allocation failure. The existing code never checks the return value, so a NULL memc pointer falls through to memcached_server_push(NULL, ...) which dereferences the NULL pointer. Add an explicit NULL check after memcached_create(), following the existing error-handling pattern in the function (pkg_free + return 0). Found during a systematic audit of cachedb backends following the cachedb_redis NULL-deref fix in commit 8fb569cb3. 2026-04-06 Bogdan-Andrei Iancu * [82e242e30f] : [tm] fix access to un-allocated branch Reported and fixed by @vladpaiu 2026-04-05 OpenSIPS * [c0423d07a8] : Rebuild documentation 2026-04-02 Liviu Chircu * [bdd97c5047] : db_sqlite: Improve error handling * avoid dangling PS pointers * avoid leaking the PS object on NULL "result" 2026-04-01 Liviu Chircu * [5abc95adbb] : db_sqlite: Fix interaction with sql_cacher The .query API endpoint in db/db.h is meant to return 0 on success, yet the current implementation in db_sqlite was returning "number of rows" on success, leading to: ERROR:sql_cacher:load_entire_table: Failure to issue query to SQL DB... ERROR:sql_cacher:cache_init_load: Failed to cache the entire table... 2026-04-01 Norm Brandinger * [829d118e7e] : cachedb_redis: restore NULL check after redisConnect/redisConnectUnix If hiredis returns NULL (OOM), the previous `ctx && ctx->err` guard skipped the error branch and fell through to redisSetTimeout(ctx, ...), causing a NULL-pointer dereference. Split into separate !ctx and ctx->err checks so OOM is caught before any ctx dereference. Reported-by: dondetir 2026-04-01 Debian * [5de24f1379] : cachedb_redis: add Unix socket transport and lazy connection Add Unix domain socket support as an alternative to TCP connections: - New URL format: redis:group://localhost/?socket=/path/to/sock - REDIS_UNIX_SOCKET flag for connection and node identification - MI output includes transport type (tcp/unix) and socket_path - Unix socket path tracked in redis_con and cluster_node structs Add lazy connection establishment: - New lazy_connect module parameter (integer, default 0) - Defers Redis connection until first cache operation - Works for both TCP and Unix socket transport modes Test suite: - test_unix_socket.sh: 19 integration tests - test_lazy_connect.sh: 17 integration tests - Test stubs synced with production struct layout Depends on: MR B (feature/redis-cluster-management) 2026-04-01 Norm Brandinger * [67e4d3e445] : cachedb_redis: guard redisEnableKeepAliveWithInterval for hiredis < 1.0 redisEnableKeepAliveWithInterval() was added in hiredis 1.0.0. Ubuntu 20.04 ships hiredis 0.14, causing an implicit-function-declaration error with -Werror. Gate on HIREDIS_MAJOR >= 1, falling back to redisEnableKeepAlive() (no interval parameter) on older versions. 2026-04-01 Norm Brandinger * [58741ce3a2] : cachedb_redis: fix UNIT_TESTS build and remove committed binary Exclude standalone test binaries (test_hash, test_mi_counters, hash_under_test) from the UNIT_TESTS auto-discovery in Makefile.modules. These files have their own main() and are built via test/Makefile; pulling them into the module .so causes multiple-definition linker errors. Also remove the accidentally committed test/test_mi_counters ELF binary and add it to .gitignore alongside test_hash. Reported-by: dondetir 2026-04-01 Razvan Crainea * [885ceab248] : stir_shaken: use a new bio for chain avoid using the same cbio, as it needs to be rewind to be read again in wolfssl; openssl handles this properly though 2026-03-30 Liviu Chircu * [b2e3270679] : dialog: fix multi-PRACK CSeq handling and uac-auth ACK CSeq regression * fix CSeq regression on the outbound leg, prioritize .last_gen_cseq * manual PRACK: fix matching for current leg (multi-180 scenario) * manual PRACK: add logic for early leg creation during onreply_route. This allows the leg to be correctly matched and have its CSeq set. * small fix: avoid overwriting .last_gen_cseq with smaller values 2026-03-30 Liviu Chircu * [5d5fbed924] : menuconfig: Fix templates, use new create_dialog() flags 2026-03-30 Debian * [7b8fe71ffd] : cachedb_redis: add dynamic cluster topology management and observability Replace the static cluster topology (built once at startup, never refreshed) with runtime discovery and automatic refresh: Topology discovery and refresh: - Probe CLUSTER SHARDS (Redis 7+) with fallback to CLUSTER SLOTS (Redis 3+) for backward compatibility - O(1) slot_table[16384] lookup replaces per-query linked-list scan - Automatic topology refresh on MOVED redirect, connection failure, or query targeting an unmapped slot (rate-limited to 1/sec) - Dynamic node creation when MOVED points to an unknown endpoint - Stale node pruning during refresh with safe connection cleanup - Cap redirect loop at 5 max redirects to prevent worker hang on pathological cluster state Cluster observability via MI commands: - redis_cluster_info: full topology dump including per-node connection status, slot assignments, query/error/moved/ask counters, and last activity timestamp - redis_cluster_refresh: trigger manual topology refresh (bypasses rate limit) - redis_ping_nodes: per-node PING with microsecond latency reporting - All MI commands support optional group filter parameter Statistics: - redis_queries, redis_queries_failed, redis_moved, redis_ask, redis_topology_refreshes (module-level stat counters) - Per-node query, error, moved, ask counters in redis_cluster_info Hash slot correctness: - Hash tag {…} extraction per Redis Cluster specification - CRC16 modulo 16384 replaces bitwise AND with slots_assigned ASK redirect handling: - Detect ASK responses alongside existing MOVED handling - Send ASKING command to target node before retrying original query - Do not update slot map (ASK is a temporary mid-migration redirect) - Refactor parse_moved_reply into parse_redirect_reply with prefix parameter; inline wrappers for backward compatibility Connection reliability: - TCP keepalive via redis_keepalive parameter (default 10s) - Stack allocation for redis_moved structs (eliminates OOM paths) - NULL guards on malformed CLUSTER SHARDS/SLOTS reply elements - Integer overflow protection in slot and port parsing - NULL guards in MI command handlers for group_name/initial_url Documentation: - New section: Redis Cluster Support (topology discovery, automatic refresh, MOVED/ASK handling, hash tags) - MI command reference: redis_cluster_info, redis_cluster_refresh, redis_ping_nodes - Authentication URL format documentation (classic, ACL, no-auth) - New parameter: redis_keepalive Test suite (186 tests): - C unit tests: hash slot calculation (37), MI counter helpers (41) - Integration: topology startup (12), ASK redirect (16), topology refresh (13), MI commands (50), edge cases (16) - Trap EXIT handlers for safe cluster state restoration - python3 preflight checks for JSON-dependent tests Depends on: #3815 (hash tag + modulo fix), #3852 (ASK redirect) 2026-03-30 Debian * [e0ead4f57b] : cachedb_redis: fix safety issues in cluster redirect parsing Fix several correctness and safety issues in parse_moved_reply() and the MOVED redirect handler: - Add slot value overflow protection: return ERR_INVALID_SLOT when parsed slot exceeds 16383 during digit accumulation, preventing signed integer overflow on malformed MOVED replies. - Add port value overflow protection: return ERR_INVALID_PORT when parsed port exceeds 65535 during digit accumulation, complementing the existing post-loop range check and preventing signed integer overflow on malformed input. - Fix undefined behavior in the no-colon endpoint fallback path: replace comparison of potentially-NULL out->endpoint.s against end pointer with (p < end), which achieves the same logic using the scan position variable that is always valid. - Replace pkg_malloc heap allocation of redis_moved struct with stack allocation in the MOVED handler. The struct is small (~24 bytes) and never outlives the enclosing scope, making heap allocation unnecessary. This eliminates the OOM error path and two pkg_free() calls. 2026-03-29 rdondeti * [ed2c801d02] : httpd: harden MI/HTTP interface with safe default and Basic Auth Change the default 'ip' modparam from wildcard (0.0.0.0/::) to 127.0.0.1, preventing the management interface from being accidentally exposed to the network on fresh installations. Add HTTP Basic Authentication support via three new modparams: - auth_realm: the realm string for WWW-Authenticate challenges - auth_username: required username for HTTP access - auth_password: required password for HTTP access When both auth_username and auth_password are set, every HTTP request must present valid Basic Auth credentials. Requests with missing or incorrect credentials receive a 401 Unauthorized response. The authentication check runs once per request (on the first callback invocation, before allocating per-request state), avoiding redundant checks on subsequent MHD callbacks and preventing potential resource leaks during POST processing. The implementation uses libmicrohttpd's built-in Basic Auth API with version guards for MHD_free() (available since 0.9.56), falling back to free() on older versions. Closes #2939 2026-03-29 OpenSIPS * [4748fccce3] : Rebuild documentation 2026-03-27 Bogdan-Andrei Iancu * [4e3267f023] : [profiling] add usecs too and fix the status printing (for negative values) 2026-03-27 Bogdan-Andrei Iancu * [6ba881f55e] : [profiling] reset the EVI params which do not have value 2026-03-27 Bogdan-Andrei Iancu * [3eb9f3daeb] : [evi] added new function to reset a param value For pre-defined list of parameters, now you can reset a param value if you do not want to have it set during current usage. Also, the AVI core will not push (to be backends) the params without value (which were reset) 2026-03-27 Bogdan-Andrei Iancu * [1734d27d53] : added generic profiling API Reworked the existing script tracing API : * to support multiple consumers for the profiled data (so far we had only opentelemetry) * to be more generic (not only script oriented) for profiling data Also added: * process data for profiling (just defined, WIP) * event based consumer for the profiling data (via MI evi:subscribe) 2026-03-26 Razvan Crainea * [d816345da3] : rtp_relay: do not run indialog for non-SDP requests 2026-03-24 Liviu Chircu * [9833056757] : script_helper: Fix build Move flags parser in a .h file, so script_helper sees it as well. 2026-03-24 Liviu Chircu * [f2d2a0d8e8] : dialog PRACK: Add a couple knobs/settings for UAC-side control * auto_prack_hangup_on_failure (default: 0) -> enable strict UAC * auto_prack_fr_timeout (default: 2 sec) -> related to above 2026-03-24 Liviu Chircu * [fa2d3f2661] : dialog PRACK: Enhance auto-prack mode with failure handling 2026-03-24 Liviu Chircu * [90c7891253] : dialog: Change create_dialog() to use explicit flag names 2026-03-24 Liviu Chircu * [84ad6479ee] : dialog PRACK: Fix outgoing CSeq with multiple PRACKs 2026-03-24 Liviu Chircu * [0c684225d6] : dialog: relax manual PRACK checks 2026-03-24 Liviu Chircu * [8c84d4bc63] : dialog PRACK: Fix issues during early-dialog * work around the fact that r_cseq, Contact, and route-set and not yet present in the dst_leg struct. So the use of send_leg_msg() and build_dialog_info() should be avoided here. * fix outbound ACK CSeq to match the INVITE, rather than +1 due to the in-between PRACK 2026-03-24 Liviu Chircu * [371b0cc42e] : dialog: Add "auto-PRACK handling" flag to create_dialog() ("L" flag) Similar logic to the dlg_send_sequential() addition, but fully automated. 2026-03-24 Liviu Chircu * [6de2dbc2f8] : dialog: Add PRACK support to dlg_send_sequential() * various validations of the current 101-199 provisional reply * takes the RSeq header and builds the RAck header into the PRACK 2026-03-24 Razvan Crainea * [61d63cc107] : dialog: updated documentation for new MI format 2026-03-23 Bogdan-Andrei Iancu * [888d2184a8] : [tm] fix macros and indexing related to BRANCH_BITMASK 2026-03-23 Razvan Crainea * [381e725f67] : b2b_logic: turn of bridge initiator in case transfer fails 2026-03-22 OpenSIPS * [ff6f10dfb0] : Rebuild documentation 2026-03-19 Bogdan-Andrei Iancu * [a74fc46e5e] : [nathelper] add functions to preserve the original private contact. The fix_nated_contact() take a flag in order to save the original private IP and port into the 'org' uri param (b64 encoded) The new restore_nated_ruri() function (upon routing sequential requests) extract the info from the 'org' RURI param and restores the private ip:port in RURI. The received RURI is pushed into DURI for routing purposes ;) Alternative to #3769 2026-03-17 Norm Brandinger * [43b696d85e] : janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths The janus module uses cJSON_InitHooks() to route all cJSON allocations through OpenSIPS pkg_malloc. Three call sites had missing cleanup: - janus_ipc_send_request(): cJSON_Print() result was copied to shm via shm_nt_str_dup() but the pkg-allocated original was never freed. Also added a NULL check -- under pkg exhaustion cJSON_Print returns NULL and the subsequent strlen(NULL) causes a crash. - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed to janus_ipc_send_request() (which serializes it to shm) but cJSON_Delete() was never called afterward. Also added cleanup on the get_janus_connection_by_id() failure path. - janus_raise_event() and handle_janus_json_request(): added NULL checks after cJSON_Print(). Fixed missing pkg_free(full_json) on the shm_strdup() failure path in handle_janus_json_request(). Together these leak ~350 bytes of pkg memory per janus_send_request() call, leading to SIP worker pkg exhaustion and crash under sustained load. Fixes #3712 2026-03-16 Bogdan-Andrei Iancu * [b25788dabc] : [tm] fixed init of branch bitmask in timeout handler related to f0223cc93417cb848ab85c2ca2765d1a4958dcd1 2026-03-15 OpenSIPS * [65d4fda9b1] : Rebuild documentation 2026-03-12 Maksym Sobolyev * [ed9cff453e] : CI/rtp.io: handle "/" in branch names (i.e feature/xyz) correctly (#3844) Fixes: https://github.com/OpenSIPS/opensips/actions/runs/22914875002/job/66498568285#step:8:201 Display qemy version for debug. 2026-03-10 Razvan Crainea * [140b8acf90] : pua_mi: fix migration to module:cmd 2026-03-10 Razvan Crainea * [a899792ea8] : mi: have which return all functions within a module 2026-03-10 Razvan Crainea * [28d0b7b73f] : mi: document changes of new MI functions 2026-03-10 Razvan Crainea * [4171796759] : mi: add aliases for old MI commands 2026-03-10 Razvan Crainea * [6b10fb52c4] : mi: refactor cmds names to contain the module Close #3838 2026-03-10 Bogdan-Andrei Iancu * [f8ed5bbaeb] : Merge remote-tracking branch 'origin/feature/socket_bond' 2026-03-10 Bogdan Andrei IANCU * [f0f53a6150] : Merge pull request #3842 from NormB/fix/cachedb-redis-null-deref cachedb_redis: fix NULL deref when redisConnect returns NULL 2026-03-10 Maksym Sobolyev * [e912836d8b] : CI/rtp.io: Increase timeout a bit (#3833) * CI/rtp.io: Increase timeout a bit To fix some timeout seen on linux/ppc64le: https://github.com/OpenSIPS/opensips/actions/runs/22627454288/job/65577262119 * CI: remove unused file and add rtp.io badge 2026-03-09 Norm Brandinger * [8fb569cb37] : cachedb_redis: fix NULL deref when redisConnect returns NULL redisConnect() and redisConnectWithTimeout() can return NULL on allocation failure. The existing check only handles ctx->err != REDIS_OK (non-NULL ctx with error), so a NULL return falls through to redisSetTimeout(NULL, ...) which dereferences the NULL pointer. Add an explicit NULL check after the error-code check. Also change the warned flag from char to int to avoid undefined behavior on signed overflow after 127 connection-timeout warnings. 2026-03-09 Bogdan-Andrei Iancu * [08784c2fd8] : [socket bond] fix uninitialized sif in fix_bond_socket_list() on error case 2026-03-09 Bogdan-Andrei Iancu * [1bffb3b30e] : Expend socket_info to have an optional orig_name To be used when socket defined as interface (as "socket=udp:eth1") is expanded to multiple one-per IP interfaces 2026-03-08 OpenSIPS * [397a6b1156] : Rebuild documentation 2026-03-06 Liviu Chircu * [dda9010efb] : registrars: Accept Re-REGISTERs with equal CSeq New module setting for both registrar and mid-registrar which controls the policy on handling same Call-ID REGISTERs, with the same CSeq. modparam: allow_dup_cseq default: true Ultimately, this boils down to a trade-off between interoperability and RFC strictness. More info in the modparam documentation. 2026-03-06 Liviu Chircu * [2642e14fb1] : mid_registrar: Fix mem management bugs around "max contacts" * avoid UAF of the @uc pointer during iteration * fix logic so that the current @c cannot be freed by trim_contacts() itself, yet again leading to UAF type of bugs usrloc: Fix rare memleak edge-case 2026-03-06 Razvan Crainea * [92a7d9c489] : redhat: enable wolfssl stir shaken only for latest distros 2026-03-05 Bogdan-Andrei Iancu * [b69bcec7ca] : [bond sockets] added socket_belongs_to_bond() ... ... to check if a real socket belongs to a bond socket 2026-03-05 Bogdan-Andrei Iancu * [bc9ceda570] : [bond sockets] varios fixes, working code 2026-03-04 Bogdan-Andrei Iancu * [91fe7eeefb] : Added the PROTO_BOND as token We need to be parsed and recognized as protocol 2026-03-03 Bogdan-Andrei Iancu * [1259b223d0] : [bond] added bond socket selection in get_send_socket 2026-03-03 Bogdan-Andrei Iancu * [856a866675] : [net] init the BOND sockets 2026-03-03 Razvan Crainea * [61575574a5] : packaging: remove bad copy & paste 2026-03-03 Liviu Chircu * [3bc1375054] : stir_shaken: Fix OpenSSL vs. WolfSSL detection This fixes the RedHat build, where there is no WolfSSL available. 2026-03-03 Razvan Crainea * [47f2ee27e6] : build: stir_shaken should be used with openssl if wolfssl is not available 2026-03-03 Liviu Chircu * [6edc38a6c0] : stir_shaken: Improve compatibility with older WolfSSL libraries This patch avoids usage of newer API functions which are missing in both WolfSSL 4.3.0 (e.g. Ubuntu 20.04) and pre-1.1.0 OpenSSL, such as: - X509_STORE_set_verify_cb_func() - ECDSA_SIG_get0() - X509_get_ext_by_OBJ() 2026-03-03 Bogdan-Andrei Iancu * [09e787799c] : [tcp] fixed potential buffer overflow due to insane large Content-Len values Check and limit the Content-Lenght to the size of the reading buffer, makes no sense to accept anything higher. 2026-03-03 Bogdan-Andrei Iancu * [47a4eea404] : cfg: add bond socket_def grammar with list support 2026-03-03 Maksym Sobolyev * [80d10b5249] : CI: tweak voiptests parameters. (#3832) Set MM_INIT_DELAY to give opensips/rtp.io some extra time to init. Ignore faulures of the time-sensitive tests that might fail under emulation. 2026-03-02 Liviu Chircu * [e5e0aee568] : packaging: Align stir_shaken deps with wolfSSL 2026-03-02 Liviu Chircu * [4d012a6b39] : stir_shaken: Migrate to WolfSSL-compatible cryptography While stir_shaken only uses the "libcrypto" part of OpenSSL, the fact that the OpenSSL runtime can be shared across multiple modules (e.g. with proto_wss doing TLS connections) may induce unexpected crashes in the stir_shaken crypto workflows. This commit makes stir_shaken compatible with WolfSSL too, to become the new default crypto library, but *without* losing OpenSSL compatibility. To revert to OpenSSL based crypto, add this to Makefile.conf: DEFS+= -DSTIR_SHAKEN_OPENSSL 2026-03-02 Razvan Crainea * [b1482d8369] : b2b_entities: make sure last_method is updated before req 2026-03-01 OpenSIPS * [5640ccde73] : Rebuild documentation 2026-02-26 Razvan Crainea * [5964710b0a] : b2b_entities: convert ERR in DBG 2026-02-25 Razvan Crainea * [dd90854629] : mi_xmlrpc_ng: rename to mi_xmlrpc 2026-02-24 Razvan Crainea * [556c492f0e] : topology_hiding: add th_callid_loop_protection parameter 2026-02-24 Razvan Crainea * [eaec7f7650] : drop various deprecated parameters 2026-02-24 vladpaiu * [eb2af2d29e] : Add support to extract RSA PUB key from e&n format ( JWK ) (#3827) 2026-02-24 Razvan Crainea * [5ad483ca99] : net: add af support in proxy_protocol 2026-02-24 Razvan Crainea * [e8057020bd] : proto_ws: add proxy_protocol support 2026-02-24 Remi Collet * [55982fb456] : support for libmongc/libbson version 2 (#3829) 2026-02-24 Razvan Crainea * [9bab03218f] : net: implement proxy_protocol for outbound 2026-02-24 Razvan Crainea * [282c424066] : net: check if socket support proxy protocol at parse time 2026-02-24 Razvan Crainea * [40e9b70110] : net: filter proxy_protocol per socket 2026-02-24 Razvan Crainea * [e443372cce] : net: initial proxy_protocol implementation 2026-02-23 Bogdan Andrei IANCU * [2a1c511265] : Merge pull request #3821 from NormB/fix/tm-async-rd-reversion tm: fix $rd reversion after chained async() resume 2026-02-22 OpenSIPS * [60f57643aa] : Rebuild documentation 2026-02-19 Razvan Crainea * [4e3a0b7c3c] : readme: drop lgtm badges, as the service no longer exists 2026-02-19 Razvan Crainea * [aeb7e178d1] : builds: negate python version check 2026-02-19 Razvan Crainea * [b0c1bcafa2] : regex: fix broken merge 2026-02-19 Razvan Crainea * [41401cca3d] : regex: fix stashed markers 2026-02-19 Razvan Crainea * [bbc1a75d5b] : regex: make module work with both pcre2 and pcre3, not just compile 2026-02-18 Liviu Chircu * [2cde87bac5] : proto_wss: free ws_data on TLS domain lookup failure 2026-02-18 Razvan Crainea * [b779dc8433] : auth_db: update docs for default empty credentials list 2026-02-18 Razvan Crainea * [d4e23a69d6] : auth_db: remove RPID from default credentials list Completes commit b0023b417 Many thanks to Evgeniy (@gostkov on GitHub) for reporting this in #3813 2026-02-18 Razvan Crainea * [71541c911d] : tm: fix EXTRA_DEBUG logging for local cancel timer 2026-02-17 Razvan Crainea * [6020dc2e8d] : tm: fix uac usage with EXTRA_DEBUG 2026-02-16 Razvan Crainea * [7bda668b99] : tm: create uac for locally generated transactions 2026-02-15 OpenSIPS * [84b2b0c663] : Rebuild documentation 2026-02-13 Bogdan-Andrei Iancu * [0c886a8d37] : [tm] fix reverted macro BRANCH_BM_NONE_SET Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758 2026-02-13 Bogdan-Andrei Iancu * [d4ce9bbc62] : Merge branch 'feature/dynamic_branches' 2026-02-12 Razvan Crainea * [05ccaa2a03] : regex: allow pcre3 library 2026-02-11 Norm Brandinger * [4a5ac7124e] : tm: fix $rd reversion after chained async() resume When async() is called from a resume route (chained async), the FL_TM_FAKE_REQ check in t_handle_async() prevents update_cloned_msg_from_msg() from saving message state to the transaction's shm clone. This causes $rd, $du, and other msg fields modified in the resume route to revert to their previous values when the next async operation completes through the reactor path. Remove the FL_TM_FAKE_REQ guard from the conditional. The update_cloned_msg_from_msg() function already handles faked_req sources correctly: it defers freeing old shm lumps (lines 1325-1336 of sip_msg.c), and free_faked_req() completes the deferred cleanup. Fixes #3676 2026-02-10 Bogdan-Andrei Iancu * [a9c396daa6] : [tm] fix branch init after dynamic alloc Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758 2026-02-10 Bogdan-Andrei Iancu * [629851f5a8] : updated modules acessing transaction branches related to 7b83cabb916d5bf7ae2d0fc20978aac625872758. The access to a transaction branch is done via a macro in order to get on the right chunk of the branch. 2026-02-10 Bogdan-Andrei Iancu * [7b83cabb91] : [tm] migrated to dynamic allocated branches per transaction This allow a really high number of branches per transaction (like the default is 256, but can be increased). The branches are dynamically allocated, on demand, so some transactions which are not subjet to forking (typically non-INVITE) may have the minimum of 4 branches, while the INVITE transaction, depending on the need can scale up to 256 2026-02-10 Liviu Chircu * [aad6b85683] : rest_client: Fix async transfers with re-used TCP conns Fix the edge-case with async cURL where it re-uses an existing TCP connection. Here, the @connect variable holds a 0 value, thus the transfer runs in blocking mode unless we relax the condition. Patch provided by Nuno Almeida from Five9. 2026-02-10 Razvan Crainea * [dbfac4e6ab] : build: do not build opentelemetry by default 2026-02-10 Razvan Crainea * [5595a924bf] : event_rabbitmq: avoid using released memory Reset the `tmp.s` pointer when assigning it to a structure, to avoid freeing it when the `tmp` is reused. Many thanks to Andrey F(@kertor) for reporting it and Nick Altmann(@nikbyte) for fixing it. Close #3808 2026-02-09 Razvan Crainea * [8e948d26eb] : siprec: make sure there is a dlg/SDP to notify SRS with 2026-02-09 Razvan Crainea * [ee7435662c] : siprec: avoid accessing invalid dialog/rtp context reset dialog when it has been terminated - this prevents being accessed after the dialog was deleted. 2026-02-09 Bogdan-Andrei Iancu * [f0223cc934] : [tm] migrate the branch bitmask to array, to allow more than 64 branches (long long) branch_bm_t data type is an array of integers, currently limited to 256 branches (but can easily increased, by re-compiling) Added macros to operate with the bits in the bitmask Updated TM and all modules using TM branches 2026-02-08 OpenSIPS * [679156fc07] : Rebuild documentation 2026-02-05 Bogdan-Andrei Iancu * [8fb57749c1] : Fix missing include for sip_msg struct definition 2026-02-05 Bogdan-Andrei Iancu * [15f9e4d316] : [uac_registrant] added docs for Status/Report Identifiers part 2026-02-05 Razvan Crainea * [a947dbc439] : rate_cacher: fix c89 errors `for(int i` syntax is only allowed in c99 2026-02-02 Liviu Chircu * [7935e2e927] : mid_registrar: Fix the `tcp_persistent_flag` feature Make sure to NOT adjust the @e_max with -get_act_time(), similar to registrar codebase, to avoid setting MAX_INT on the TCP conn lifetime... 2026-02-02 pavelkohout396 * [3822d33c1c] : Fix SQL injection in auth_jwt module via unescaped tag claim (#3807) The jwt_db_authorize() function... The jwt_db_authorize() function in the auth_jwt module decodes JWT tokens without signature verification to extract the 'tag' claim, then interpolates this claim directly into a raw SQL query without escaping. An attacker can craft a malicious JWT with SQL injection payload in the tag claim (e.g., "' UNION SELECT 'admin','attacker_secret' --") to inject their own secret into the query result. Since the injected secret is then used to verify the JWT signature, the attacker can sign their token with this known secret and achieve authentication bypass. Reported-by: Pavel Kohout, Aisle Research, www.aisle.com 2026-02-02 Bogdan-Andrei Iancu * [a4e700d598] : [b2b_entities] fix cseq to be used upon 200OK/CANCEL race When generating the ACK+BYE upon 200 OK (from callee) racing a CANCEL (from caller), take care and use the correct cdeq values from the 200 OK (the b2b entity is not properly updated anymore, as it is already terminated by the CANCEL) 2026-02-02 Bogdan Andrei IANCU * [f48749ba8d] : Merge pull request #3783 from vladpaiu/registrant_reloads_eventing UAC_REGISTRANT module enhancements 2026-02-02 Bogdan Andrei IANCU * [556d22b3da] : Merge pull request #3806 from ovidiusas/master trie: fix defaults for trie_table parameter 2026-02-01 OpenSIPS * [705ae4a709] : Rebuild documentation 2026-01-30 Razvan Crainea * [6bcd50b628] : packaging: drop OPENTELEMTRY from default packages should only be built if opentelemetry profie is specified 2026-01-30 Razvan Crainea * [672789bb39] : packaging: fix redhat spec 2026-01-30 Razvan Crainea * [e63dac4300] : packaging: only build opentelemetry explicitely 2026-01-30 Razvan Crainea * [2ad991b638] : aaa_diameter: proper handing of _dm_send_message error Avoid double free of the JSON message 2026-01-30 Razvan Crainea * [7da8635fb3] : Add opentelemetry packaging 2026-01-30 Razvan Crainea * [0b83a5e6e2] : opentelemetry: add README for module 2026-01-29 Ovidiu Sas * [6f7ebfc0ea] : trie: fix defaults for trie_table parameter 2026-01-29 Bogdan Andrei IANCU * [1669166458] : Merge pull request #3716 from jasonshugart/master Ignore extra headers in MSRP 2026-01-28 Vlad Paiu * [11417bcd65] : Fix compilation error due to missing limits.h for INT_MIN 2026-01-28 Bogdan Andrei IANCU * [67ce6c252f] : Merge pull request #3795 from vladpaiu/opentelemetry_integration Add Opentelemetry module 2026-01-28 Vlad Paiu * [5ca1ffecc3] : Add status reports for registrant entries 2026-01-28 Vlad Paiu * [10e110f460] : db_url param is optional for uac_registrant 2026-01-28 Razvan Crainea * [f92c5f2e27] : b2b_entities: fix possible leak on error cases On some error cases, the serialization buffer was not released, leading to a leak in pkg memory. 2026-01-27 Peter Lemenkov * [dead516b7f] : Fix libbson deprecated API warning with version compatibility (#3792) During compilation of cachedb_mongodb module, numerous deprecation warnings appear on systems with mongo-c-driver >= 1.29.0: ``` Compiling cachedb_mongodb_dbase.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='cachedb_mongodb' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/json-c -I/usr/include/json-c -DJSON_PKG_MAJOR=0 -DJSON_PKG_MINOR=18 -DJSON_PKG_MICRO=0 -DUTF8PROC_EXPORTS -I/usr/include/libmongoc-1.0 -I/usr/include/libbson-1.0 -c cachedb_mongodb_dbase.c -o cachedb_mongodb_dbase.o cachedb_mongodb_dbase.c: In function ‘mongo_con_set’: cachedb_mongodb_dbase.c:315:9: warning: ‘bson_as_json’ is deprecated: Use bson_as_legacy_extended_json instead [-Wdeprecated-declarations] 315 | dbg_bson("query: ", query); | ^~~~~~~~ In file included from /usr/include/libmongoc-1.0/mongoc/mongoc.h:22, from /usr/include/libmongoc-1.0/mongoc.h:18, from cachedb_mongodb_dbase.h:30, from cachedb_mongodb_dbase.c:22: /usr/include/libbson-1.0/bson/bson.h:535:1: note: declared here 535 | bson_as_json (const bson_t *bson, size_t *length) BSON_GNUC_DEPRECATED_FOR (bson_as_legacy_extended_json); | ^~~~~~~~~~~~ ``` The MongoDB C driver (libbson) deprecated bson_as_json() in version 1.29.0 (October 2024) in favor of bson_as_legacy_extended_json() to clarify which JSON format is being produced (legacy vs. canonical extended JSON). We added compatibility macro at the top of cachedb_mongodb_dbase.c - for mongo-c-driver < 1.29.0, define bson_as_legacy_extended_json as an alias to bson_as_json, allowing the code to use the new API name while maintaining backward compatibility. This change maintains compatibility with all mongo-c-driver versions. The new function name is used on >= 1.29.0, while older versions transparently use the original bson_as_json() through the macro alias. No behavioral changes - the replacement is functionally identical and produces the same JSON output format. The new name simply makes it explicit that the legacy extended JSON format is being used. Note: mongo-c-driver 1.29.0 was released in October 2024. Many LTS distributions still ship earlier versions (e.g., RHEL 8/9, Ubuntu 20.04/22.04, Debian 11/12), making the compatibility macro necessary. Assisted-by: Claude (Anthropic) Signed-off-by: Peter Lemenkov 2026-01-27 Bogdan Andrei IANCU * [401957bd8d] : Merge pull request #3733 from hafkensite/feature/dns-cache-cname resolve: fix CNAME chain resolution with caching #3709 2026-01-27 Bogdan Andrei IANCU * [d48e69c2b2] : Merge pull request #3797 from osgjps/newratecache rate_cacher: Support multiple ratesheets per carrier 2026-01-26 Bogdan-Andrei Iancu * [b8e28c5294] : Discard forced socket if AF incompatible ... and force selection of a different outbound socket, based on protocol and AF Based on a report from Ihor Olkhovskyi 2026-01-25 OpenSIPS * [51613b4333] : Rebuild documentation 2026-01-23 Bogdan Andrei IANCU * [0494e71af0] : Merge pull request #3804 from purecloudlabs/sipmsg_validate_all_contacts Sipmsg validate all contacts (cherry picked from commit 18fdeaf32bb12e31ceb7876726865faaa8c91c7f) 2026-01-23 Bogdan Andrei IANCU * [f4c7e018e4] : Merge pull request #3803 from purecloudlabs/dialog_contact_crash_fix Dialog module crash when Contact header is * (cherry picked from commit a3fcb81d6bbea42c88a2da51a4438a6f41e48a7f) 2026-01-22 Liviu Chircu * [06e8aff5e2] : launch(): Fix edge-case with report_route $param(1) not set Some async functions (e.g. rest_post()) may report an ASYNC_SYNC status, when the operation completed inline. This case wasn't properly handled in the launch() support, as the report_route $param(1) was always NULL. Many thanks to Nuno Ferreira from Five9 for a full report and troubleshooting on this one! 2026-01-20 Bogdan-Andrei Iancu * [d18b30fddc] : [TCP] fixed bad handling upon "max async postponed chunks" In such case, mark the conn as timed out, to force its sending back to TCP main for closing. Also fix some bad ref counting when handling bad cons in ASYNC WRITE. Add more hist logs to conn, to easy the debugging process. (cherry picked from commit 4afd1c8af1ca24ba642f5ad7ecd3d5b14eb7dafe) 2026-01-20 Liviu Chircu * [c482249acf] : b2b_entities: Zero DB handles after module destroy Since B2B destroys before tm, this should help prevent some shutdown crashes in B2B due to cascaded module cleanups (e.g. tm cleanups going into dialog, siprec then back again into B2B). 2026-01-20 Liviu Chircu * [11e37d129e] : Fix reply relaying after launch() from onreply_route This commit prevents SIP replies from being absorbed (bug?!) by OpenSIPS after a launch() operation from onreply_route, with no further replies to upstream side on that T. Follow-up on a711924f9, see tm/t_reply.c. Such launch() calls are completely decoupled from the T, do not interfere with the script logic and can safely be done in parallel. 2026-01-13 Vlad Paiu * [468c862359] : Fixed lengths for service_name and exporter_endpoint params 2026-01-09 Your Name * [13937452ef] : Add opentelemetry to list of excluded modules from default compilation 2026-01-09 Your Name * [b3e1e78b13] : Add opentelemetry documentation 2026-01-08 Vlad Paiu * [4ec872e966] : Fix copyrights 2026-01-08 Vlad Paiu * [29e80a8642] : Add otel_enable MI command to enable/disable opentelemetry tracing 2026-01-08 Vlad Paiu * [141b2ea968] : Add suport for async/resume jumps while maintaing spans 2025-12-26 James Sharp * [2a3995d608] : add limit for number of ratesheets during initial carrier creation 2025-12-23 James Sharp * [9f989ce90b] : First decently working attempt 2025-12-21 OpenSIPS * [b7e02bb475] : Rebuild documentation 2025-12-18 Liviu Chircu * [dfd616bd16] : auth: Add helpful logs on pv_xxx_auth() mis-usage Also, fix top-level rc from "-1" (invalid user? continue script?) into "0" (auto-reply SIP 500 error! halt script!) on such scripting errors. Fixes #3756 2025-12-16 Razvan Crainea * [df520031c4] : build: export wolfssl flags 2025-12-16 Razvan Crainea * [4873cdeced] : build: ignore tls_wolfssl errors for ubuntu 24.04 2025-12-16 Vlad Paiu * [293ac08597] : always use system lib 2025-12-16 Vlad Paiu * [b0cb2e1ab1] : Initial POC 2025-12-16 Bogdan-Andrei Iancu * [946030d1b5] : [mi_datagram] turn the RX sockets to non-blocking As we have multiple procs reading from the same datagram sockets, we may end up with a mixing between the procs woken up by OS and the procs doing the reading. So some procs (even if were woken up) may have nothing to read. To be resilient, better do non-blocking reading and igonre the EAGAIN or EWOULDBLOCK. (cherry picked from commit 12e705e296470872899e848f030058e8bc052d11) 2025-12-16 Bogdan-Andrei Iancu * [02de797c16] : [dialog] fixed potential double-free upon delayed delete If the dialog struct is removed from the timer list (and under processing by the timer), do not attempt to free it here, rather leave it alone, it will be freed by the timer (cherry picked from commit f5f11af9ac8bffd387120725cc9ea147ed08873c) 2025-12-15 Razvan Crainea * [e6f2c17d4a] : auth_web3: fix c89 sytax errors 2025-12-14 OpenSIPS * [36d7f9ae27] : Rebuild documentation 2025-12-12 Razvan Crainea * [1172a39d64] : auth_web3: make sure LIBS does not overwrite previous libs 2025-12-12 Razvan Crainea * [a177253ea6] : regex: make size_t prints portable 2025-12-12 Vlad Paiu * [4435eef08f] : Add documentation 2025-12-12 Vlad Paiu * [5e45a18ecb] : Add reregister_expiry_percentage parameter 2025-12-12 Vlad Paiu * [7106cf43ee] : Don't let registrations expire ( if expires < timer_interal, do it now instead of waiting for next tick ) 2025-12-11 Vlad Paiu * [63a2b4990f] : Add KTLS support 2025-12-11 Razvan Crainea * [9f78fd0eb1] : modules: minimum match for revision control 2025-12-11 vladpaiu * [4b7746ae59] : Merge pull request #3780 from vladpaiu/fix_trie_column_name fix trie.enabled column name closes #3779 2025-12-11 Vlad Paiu * [ec816e49c2] : fix trie.enabled column name closes #3779 2025-12-10 Razvan Crainea * [e9d4081b4e] : auth_web3: make snprintf size_t fields portable Replace `%lx` with `%zx` 2025-12-10 Razvan Crainea * [2a8a298f7b] : build: python-dev-is-python3 should be available in 20.04 2025-12-10 Razvan Crainea * [c214f7f79e] : build: make sure the correct python dev is installed 2025-12-10 Razvan Crainea * [6da1f76b79] : build: restore libmysqlclient-dev removed in 1cb16e08 2025-12-10 Vlad Paiu * [d8b83e2e79] : Increase max number of MI params 2025-12-10 Vlad Paiu * [fff467a160] : add linked list delete 2025-12-10 Razvan Crainea * [99a2ecbe34] : auth_web3: add module in excluded 2025-12-09 Vlad Paiu * [3f85761ac5] : Add remaining events for states & refactor code 2025-12-09 Jupiter Tang <36952362 at qq dot com> * [f7721b185a] : keep original flags if pause or resume recording failed (#3764) 2025-12-09 Maksym Sobolyev * [e6caba06a8] : GitHub Actions(rtp.io): update clang version (#3768) 2025-12-09 Ryan Bullock * [5394154edd] : feat: Enable $uuid(version) for specific UUID generation (#3771) Co-authored-by: aider (gemini/gemini-2.5-pro) 2025-12-09 Razvan Crainea * [d94a4a606a] : b2b_logic: document the propagate-avps bridge flag 2025-12-09 Razvan Crainea * [b88203c1e8] : b2b_logic: also replicate in_sdp for created entity 2025-12-09 Razvan Crainea * [b1e3e2bf33] : Reapply "add auth_web3 module" This reverts commit 197adc02dae0741d5265cf08c2e14643f16aba59. 2025-12-09 Razvan Crainea * [fa9ca0f067] : Revert "auth_web3: prevent module from compiling" This reverts commit e53c4c25908c59862a91a5d51202a3a5b8f492d5. 2025-12-09 Bogdan-Andrei Iancu * [d20655d5c7] : [auth-web3] README re-generated 2025-12-09 Your Name * [b572d218ad] : docs(auth_web3): regenerate README from updated XML README now includes complete Multi-Network Configuration chapter 2025-12-09 Razvan Crainea * [433d33bc48] : auth_web3: prevent module from compiling 2025-12-09 Razvan Crainea * [8181d5a3ce] : Revert "add auth_web3 module" This reverts commit 7109f39a0f597b2d71f7369be5d41f12ef9d88e1. 2025-12-09 Razvan Crainea * [4264a0bc0d] : auth_web3: update README 2025-12-09 dirkbro * [3e87218b01] : b2b_logic: fix duplicate out_sdp serialization When packing B2B entities for cluster replication in b2bl_entity_pack(), the out_sdp field is currently serialized twice: // Around line 133 (packing) if (event_type == B2B_EVENT_CREATE) { ... bin_push_str(storage, &entity->hdrs); bin_push_str(storage, &entity->out_sdp); // First time bin_push_str(storage, &entity->dlginfo->callid); bin_push_str(storage, &entity->dlginfo->fromtag); bin_push_str(storage, &entity->dlginfo->totag); } bin_push_str(storage, &entity->out_sdp); // Second time - remove this However, in receive_entity_create(), out_sdp is deserialized only once, with the expected sequence being: // Around line 344 (unpacking) bin_pop_str(storage, &hdrs); bin_pop_str(storage, &sdp); ... bin_pop_str(storage, &dlginfo.callid); bin_pop_str(storage, &dlginfo.fromtag); bin_pop_str(storage, &dlginfo.totag); Because the pack side writes out_sdp twice but the unpack side reads it only once, the binary stream becomes misaligned and all subsequent fields are read from the wrong offset. In clustered deployments this corrupts the reconstructed entity, including entity->no, which leads to errors such as: ERROR:b2b_logic:receive_entity_create: Bad entity bridge no [21349] for tuple [549.0] 2025-12-09 Ovidiu Sas * [ebedd16027] : ib2b_logic: save AVPs while bridging calls (#3776) * ib2b_logic: save AVPs while bridging calls - required to authenticate bridged calls * b2b_logic: new "propagate_avps" flag for b2b_bridge() - when set, it will propagate AVPs to the INVITE transaction 2025-12-09 Razvan Crainea * [f5ecbfa7d2] : Reapply "add auth_web3 module" This reverts commit 197adc02dae0741d5265cf08c2e14643f16aba59. 2025-12-09 Razvan Crainea * [337fc670d8] : Revert "auth_web3: prevent module from compiling" This reverts commit e53c4c25908c59862a91a5d51202a3a5b8f492d5. 2025-12-09 Bogdan-Andrei Iancu * [feaf41d672] : [auth-web3] README re-generated 2025-12-09 Bogdan Andrei IANCU * [14f69be23e] : Merge pull request #3778 from OfficeRon/dev/auth_web3-fixes fix(auth_web3): fix compilation and consolidate documentation 2025-12-08 Vlad Paiu * [3852ef0c86] : Add E_REGISTRANT REGISTERING/AUTHENTICATING/REGISTERED 2025-12-08 Your Name * [442f5d73d9] : docs(auth_web3): regenerate README from updated XML README now includes complete Multi-Network Configuration chapter 2025-12-08 Your Name * [b51e0be6c5] : docs(auth_web3): consolidate documentation into XML - Add ens_rpc_url and ens_registry_address parameters to auth_web3_params.xml - Add comprehensive Multi-Network Configuration chapter to auth_web3.xml - Document dual-network mode (ENS on Ethereum, auth on Oasis) - Include production, testing, and development configuration examples - Document ENS resolution process and troubleshooting - Remove README.md and NETWORK_CONFIGURATION.md (content now in XML) All documentation is now in XML format which will be properly propagated across tars, debian repos, and RPM packages. 2025-12-08 Your Name * [962bc2529d] : fix(auth_web3): remove redundant bind_web3_auth declaration Remove duplicate declaration since it's now properly declared in api.h 2025-12-08 Your Name * [91ea77e103] : fix(auth_web3): add missing api.h header file Add web3_auth_api_t structure definition and bind_web3_auth function declaration to fix compilation errors. The api.h file was empty causing the module to fail compilation when building packages. 2025-12-07 OpenSIPS * [06203ceba7] : Rebuild documentation 2025-12-05 Ovidiu Sas * [c836166fae] : b2b_entities: save AVPs while sending in-dialog requests (#3775) - required for in-dialog authentication w/ AVPs 2025-12-05 Razvan Crainea * [e53c4c2590] : auth_web3: prevent module from compiling 2025-12-05 Razvan Crainea * [197adc02da] : Revert "add auth_web3 module" This reverts commit 7109f39a0f597b2d71f7369be5d41f12ef9d88e1. 2025-12-05 Razvan Crainea * [7109f39a0f] : add auth_web3 module 2025-12-05 Razvan Crainea * [67483a5a27] : dialplan: make module work with both pcre2 and pcre3 libs 2025-12-04 Bogdan-Andrei Iancu * [a7610841b9] : [b2b_entities] avoid 487 Request Terminated over a previous final reply If a final 200 OK reply was already sent, do not sent the 487 Request Terminated, but rather release the transaction (to stop retrasnmissions) (cherry picked from commit 203d8c9582d4adc2a009ab0de23b04c0a9037f9f) 2025-12-04 Bogdan-Andrei Iancu * [308c6e4c94] : [auth_web3] generated README file 2025-12-03 Razvan Crainea * [b5d00aac20] : proto_ipsec: fix several typos 2025-12-03 Bogdan Andrei IANCU * [99c92ee995] : Merge pull request #3743 from OfficeRon/feature/auth_web3_module Feature/auth web3 module 2025-12-02 Razvan Crainea * [c51e2dd028] : debian: fully replace libcurl4 gnutls with openssl 2025-12-02 Razvan Crainea * [7d9aadc01e] : debian: replace libcurl4 gnutls with openssl The reason is that librkafka depends on libcurl4-openssl-dev, which conflicts with libcurl4-gnutls-dev 2025-12-02 Vlad Paiu * [534d8271b5] : Add reg_delete and reg_upsert MI commands 2025-12-02 Razvan Crainea * [7e6f7a695c] : Merge branch 'SteveAyre-feature/libpcre2' 2025-12-02 Razvan Crainea * [30825e4e08] : dialplan: fix copying subst's out vector 2025-12-02 OpenSIPS * [661b89b630] : Rebuild documentation 2025-12-02 Jupiter Tang <36952362 at qq dot com> * [d623d9efdb] : fix memory leak in tls_mgm (#3765) * fix SHM memory leak on the TLS domain match filter strings 2025-12-02 Jupiter Tang <36952362 at qq dot com> * [567dcf93ee] : Opensips crash after siprec recording finished (#3751) * fix double free if register failed * should not src_clean_session(ss) after stop the recording to avoid double free 2025-12-02 Peter Lemenkov * [938be06e06] : Remove unnecessary -j invocation (#3745) During parallel builds (make -j), numerous warnings appear for each module: ``` make[1]: warning: -j0 forced in submake: resetting jobserver mode. ``` Root cause: Lines 205 and 225 in the main Makefile explicitly pass `-j` (without a value) to submake invocations: ``` $(MAKE) -j -C $$r ; ``` When `-j` is specified without a number, it defaults to `-j0` (unlimited parallel jobs). This breaks GNU Make's jobserver coordination between the parent make process and submakes, resulting in the warning. Why this flag is redundant: When a user runs `make -jN` at the top level, GNU Make automatically manages parallelism across all recursive $(MAKE) invocations through its jobserver mechanism. Submakes inherit the parent's jobserver and participate in the same job pool without needing explicit `-j` flags. By adding `-j` in submakes, we: - Break jobserver coordination (triggering warnings) - Risk spawning unlimited jobs (potential system overload) - Override the user's intended parallelism level Performance impact: NONE Removing these `-j` flags does NOT slow down builds. The parallelism behavior remains unchanged: - `make -j4` → builds 4 jobs in parallel (before AND after this fix) - `make -j8` → builds 8 jobs in parallel (before AND after this fix) - `make` → builds sequentially (before AND after this fix) The only difference is that jobserver coordination now works correctly, eliminating the warnings without affecting build performance. Note: The FASTER variable and alternate build path remain unchanged to preserve compatibility with existing build scripts used by distribution packages (Debian, Arch). Assisted-by: Claude (Anthropic) Signed-off-by: Peter Lemenkov 2025-12-02 Ovidiu Sas * [b50b89b01e] : b2b_entities: enable in-dialog authentication (#3762) * b2b_entities: do not hardcode entity type when sending in dialog requests * b2b_entities: attempt auth only if uac_auth module is loaded and dlg state is B2B_NEW * b2b_entities: new function: b2b_send_indlg_auth_req() * b2b_entities: enable reINVITE authentication 2025-12-02 Patrice Fournier * [5449b3a324] : Fix memory leaks in stir_shaken module The stir_shaken module would leak memory any time a signature was added to a reply instead of the request or returned in a variable. This commit makes sure the Identity header lump does not get duplicated and freed only once. Also fixed possible memory leaks in case of issues while adding a date header to a request without one. 2025-12-02 Peter Lemenkov * [601d4fab3b] : Fix const-correctness warnings with libxml2 error handling Multiple warnings appear during compilation of modules using libxml2: ``` Compiling presentity.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -I/usr/include/libxml2 -c presentity.c -o presentity.o presentity.c: In function ‘dialog_fix_remote_target’: presentity.c:246:27: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 246 | xml_error = xmlGetLastError(); | ^ ... Compiling notify_body.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence_xml' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify_body.c -o notify_body.o notify_body.c: In function ‘dialog_offline_body’: notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:100:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 100 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c: In function ‘presence_offline_body’: notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:154:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 154 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:189:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 189 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:197:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 197 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:206:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 206 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:216:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 216 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ ... Compiling notify.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='pua_bla' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify.c -o notify.o notify.c: In function ‘bla_body_is_valid’: notify.c:49:25: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 49 | xml_err = xmlGetLastError(); | ^ ``` Libxml2's xmlGetLastError() returns 'const xmlError*' to indicate that the error structure is owned by the library and should not be modified. The code was assigning this to non-const pointers, discarding the const qualifier. Signed-off-by: Peter Lemenkov Assisted-by: Claude (Anthropic) 2025-12-02 Peter Lemenkov * [5e28162c18] : Fix libdl linking typo to eliminate build warnings During compilation, the following annoying warnings appear during linking: ``` gcc -shared -fPIC -DPIC -Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-O2 -Wl,-E db_http.o http_dbase.o ssl_tweaks.o -ldl -lresolv -pthread -lcurl -dl -Bsymbolic -o db_http.so lto1: warning: unrecognized gcc debugging option: l lto1: warning: unrecognized gcc debugging option: l ``` They seems harmless but really noisy so after a little research I've found that they were caused by the following lines in a several Makefiles: ``` LIBS += -dl -Bsymbolic ``` These were adeed in a few commits, such as 149e69e3f67 and a3e87277f27. Apparently the idea was to link against libdl e.g. `LIBS += -ldl`. Although in most cases libdl is linked by default and there is no strict requirement to specifically mention it (that's probably why nobody saw it) it's better to link it explicitly to make the original intention more clear. Signed-off-by: Peter Lemenkov 2025-12-02 OpenSIPS * [c168be5d55] : Rebuild documentation 2025-12-02 Razvan Crainea * [1f90bfae58] : aaa_diameter: fix len for hexstring AVPs encoding When provided from script, make sure we do not halve the length, as it has already been done in the `hex2string` function 2025-12-02 Vlad Paiu * [3687bfe656] : Reduce verbosity of libcurl and send errors to stderr 2025-12-02 OpenSIPS * [3726ef858b] : Rebuild documentation 2025-12-02 andingv <74421031+andingv at users.noreply.github dot com> * [7ee7df33a8] : b2b_logic: fix column indexes for the update of b2b legs (#3758) 2025-12-02 Ovidiu Sas * [c3e7c101ea] : event_rabbitmq: complete code optimization (#3755) - change signature for rmq_basic_server_publish() - remove redundant rmq_basic_publish() 2025-12-02 Liviu Chircu * [3189b42341] : Event route: Avoid double async dispatching This patch makes it so an event route raised within an async context (e.g. a clusterer SYNC packet which is processed via async dispatch) shall no longer trigger yet another async dispatch, as it is effectively a waste of resources. The 2nd async dispatch will no longer offer any throughput or performance benefit -- we are already using all workers. The core problem here was that the @ipc_shared_pipe unnamed pipe has a default internal buffer of 64K by default, past which the writing (i.e. the async job deliveries) become blocking. And with each job taking up 24 bytes... there is space for only ~2700 jobs. Now, try sync'ing 30.000 usrloc contacts on startup and also run a double-async-dispatched E_UL_CONTACT_INSERT event_route, all pushing jobs into the same pipe, and you have a stuck OpenSIPS. 2025-12-02 OpenSIPS * [6eb8243f30] : Rebuild documentation 2025-12-02 Ovidiu Sas * [8da9bf3526] : event_rabbitmq: optimize code and remove duplicate code (#3754) * event_rabbitmq: fix amqp_set_sockfd() param * event_rabbitmq: Use RMQ_DEFAULT_FRAMES instead of RMQ_DEFAULT_MAX * event_rabbitmq: rework rmq_reconnect() signature * event_rabbitmq: rework rmq_server_reconnect() signature * event_rabbitmq: remove rmq_reconnect() 2025-12-02 Bogdan-Andrei Iancu * [7b7be1c821] : [parser] restore the setting of via2, needed for stateless reply routing Regresion from da7da69519b959e7395dad586ff50264b63ccd7f 2025-12-02 OpenSIPS * [f9c3f7247d] : Rebuild documentation 2025-12-02 Liviu Chircu * [690b8df03a] : Add command-line option `i` (ignore module revision checks) The purpose of the new "-i" cmdline option is to speed up development workflows, especially when the developer knows that the module interfacing APIs and data structures did not change, after a git sync. Default behavior is un-changed: module revision checks are ON 2025-12-02 Razvan Crainea * [bc20f2f38a] : rtp_relay: fix overwriting peer's leg 2025-12-02 Ovidiu Sas * [0d8087a87b] : event_rabbitmq: restore event functionality (#3738) * event_rabbitmq: restore event functionality * event_rabbitmq: fix server reconnect 2025-12-02 Jupiter Tang <36952362 at qq dot com> * [471f6097f4] : Fix SIPREC crash issue (#3748) 2025-12-02 Peter Lemenkov * [ade09044ec] : Fix curl type warnings: use long instead of int Multiple warnings appear during compilation of modules using libcurl: ``` gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='rest_client' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c rest_methods.c -o rest_methods.o rest_methods.c: In function ‘init_transfer’: rest_methods.c:408:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 408 | w_curl_easy_setopt(handle, CURLOPT_HTTP_VERSION, curl_http_version); | ^ rest_methods.c:422:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 422 | w_curl_easy_setopt(handle, CURLOPT_VERBOSE, 1); | ^ rest_methods.c:424:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 424 | w_curl_easy_setopt(handle, CURLOPT_FAILONERROR, 0); | ^ rest_methods.c: In function ‘set_upload_opts’: rest_methods.c:480:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 480 | w_curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, body->len); | ^ rest_methods.c: In function ‘rest_sync_transfer’: rest_methods.c:714:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 714 | set_post_opts(sync_handle, ctype, body); | ^ rest_methods.c: In function ‘start_async_http_req’: rest_methods.c:847:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 847 | set_post_opts(handle, req_ctype, req_body); | ^ rest_methods.c:918:25: warning: call to ‘Wcurl_easy_getinfo_err_long’ declared with attribute warning: curl_easy_getinfo expects a pointer to long [-Wattribute-warning] 918 | curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &http_rc); | ^ ``` Let's ensure we pass a literals and variables with a proper type. Signed-off-by: Peter Lemenkov 2025-12-02 OpenSIPS * [915fe3ea13] : Rebuild documentation 2025-12-02 Razvan Crainea * [3f050ce732] : b2b_entities: fix crash while debugging client's dlg Client's dlg is released when a 200 OK is received - thus, when printing something after the request is out, if a 200 OK is received, the log might no longer be available - this patch fixes this concurrency issue. 2025-12-02 Liviu Chircu * [941559618c] : Fix HP_MALLOC issue in prev commit 2025-12-02 Liviu Chircu * [c37bffe157] : Mitigate dprint() deadlocks with dbg allocators Only concerns F_MALLOC_DBG, HP_MALLOC_DBG and F_PARALLEL_MALLOC_DBG allocators, and reduces the chance of a self-deadlock in LIBC whenever an OpenSIPS worker crashes inside any kind of dprint() statement. Related to #3742 2025-12-02 Razvan Crainea * [c447e6fdeb] : siprec: xml escape callid and group's name Many thanks to @SteveAyre for reporting it! Fixes #3723 2025-12-02 Razvan Crainea * [b97c9c06b8] : siprec: drop useless code 2025-12-02 OpenSIPS * [26940aad51] : Rebuild documentation 2025-12-02 Razvan Crainea * [0d28ccb72f] : tm: register context functions before initializing Fixes bug introduced by 1bd9e8bb, where context initialization failed because it was not registered after variables had been parsed. The commit ensures that when the variables are initialized, the context functions exist. Many thanks to Nick Altmann for reporting it! 2025-12-02 Razvan Crainea * [b5c2236848] : event_rabbitmq: fix exchange parsing Many thanks to Ovidiu Sas (@ovidiusas) for brainstorimg 2025-12-02 Ovidiu Sas * [ea7b3f656c] : event_rabbitmq: proper initialization for rabbitmq connection (#3725) 2025-12-02 Liviu Chircu * [954bf0043c] : cachedb.h: Fix broken capability enum (since 41aea5fda) Fixes #3728 2025-12-02 Razvan Crainea * [63483095b2] : pvar: init buffers before initializing modules 2025-12-02 Bogdan-Andrei Iancu * [358196f6eb] : [event_routing] fix timeout for sync wait_for_event() 2025-12-02 OpenSIPS * [47b2806d18] : Rebuild documentation 2025-12-02 Razvan Crainea * [717e8a3751] : callops: add headers params to call_hold/call_unhold MI cmds 2025-12-02 Razvan Crainea * [033eafae52] : callops: add leg parameter to call_hold/call_unhold MI cmd 2025-12-02 Liviu Chircu * [dc43a9b311] : SDP ops: Do not crash in failure_route (part 1) For now, clear all SDP changes when cloning the SIP message into SHM. This fixes issues when using $sdp variable and failure_route within the same SIP message processing. 2025-12-02 Bogdan-Andrei Iancu * [313ba6c4f7] : [presence] fix bogus array size for events to be clustered. The badly allocated size could generate an overflow for the newly added events. Credits got to @razvancrainea for spotting the issue 2025-12-02 OpenSIPS * [2674e9cf7a] : Rebuild documentation 2025-12-02 Liviu Chircu * [6a41c4ce57] : clusterer: Avoid use of VLA, to make Clang happy 2025-12-02 Liviu Chircu * [c572dc6ad9] : clusterer/ratelimit: Document the new Bridge-Replication feature 2025-12-02 Liviu Chircu * [344688c198] : ratelimit/clusterer: Add "Cluster-Bridge Replication" feature This patch extends both clusterer and ratelimit with an optional mechanism to replicate pipes between different clusters, possibly over larger-latency, inter-DC WAN links. This helps improve the scalability of the default, full-mesh pipe replication strategy. A new table has been added, named "clusterer_bridge", which contains directed replication channels between different clusters. The origination node is decided using a shared tag, one for each WAN link. Before: DC #1 DC #2 WAN link A ─────────── C │ \ / │ │ \ / │ │ X │ 8 inter-DC replication channels │ / \ │ (AC,AD,BC,BD,CA,CB,DA,DB) │ / \ │ B ─────────── D WAN link cluster_id: 1 After: 2 inter-DC DC #1 WAN link DC #2 replications ( A <-----> B ) <--------> ( C <------> D ) (AC,DB) cluster_id: 1 cluster_id: 2 sender: wan1 shtag sender: wan1 shtag Credits to SIPNav for sponsoring this work! 2025-12-02 Ken Rice * [a3ae498d87] : Makefile tweaks to avoid $(shell ...) expansions from failing Fixes #3717 2025-12-02 Razvan Crainea * [98b2950a81] : json: use non-slashes representation only with json-c >= 0.13 2025-12-02 Razvan Crainea * [b24787683a] : pike: guard from 0-length IPs crashes 2025-12-02 Razvan Crainea * [c1ffaa0b9a] : receive: restore static info about errored messages 2025-12-02 Razvan Crainea * [e6956ce40e] : dialog: add active_only parameter to load_dialog_ctx The new parameter makes the function to return only active dialogs - dialogs that are in state <= 4 2025-12-02 OpenSIPS * [62b1c0de5c] : Rebuild documentation 2025-12-02 Darius Stefan * [d162b6cae4] : json: add a new pseudo-variable - json_compact_noescape - add this pv to support printing in compact form, but without escaping slashes 2025-12-02 Bogdan-Andrei Iancu * [607198877d] : [tm] fix crash on stats update when stats are disabled Do proper testing on enabled/disabled status of the stats Closes #3718 Reported by @juliansanter-konverto and @MrM0bi (cherry picked from commit b415545a5844b4e4155c8c197bf27f578e3f0a77) 2025-12-02 Razvan Crainea * [200d44426a] : mpath: support comma separated values 2025-11-30 OpenSIPS * [4cdf9f48b9] : Rebuild documentation 2025-11-28 Jupiter Tang <36952362 at qq dot com> * [9d4afd42ca] : fix memory leak in tls_mgm (#3765) * fix SHM memory leak on the TLS domain match filter strings 2025-11-25 Jupiter Tang <36952362 at qq dot com> * [71933b2821] : Opensips crash after siprec recording finished (#3751) * fix double free if register failed * should not src_clean_session(ss) after stop the recording to avoid double free 2025-11-25 Peter Lemenkov * [27e429319c] : Remove unnecessary -j invocation (#3745) During parallel builds (make -j), numerous warnings appear for each module: ``` make[1]: warning: -j0 forced in submake: resetting jobserver mode. ``` Root cause: Lines 205 and 225 in the main Makefile explicitly pass `-j` (without a value) to submake invocations: ``` $(MAKE) -j -C $$r ; ``` When `-j` is specified without a number, it defaults to `-j0` (unlimited parallel jobs). This breaks GNU Make's jobserver coordination between the parent make process and submakes, resulting in the warning. Why this flag is redundant: When a user runs `make -jN` at the top level, GNU Make automatically manages parallelism across all recursive $(MAKE) invocations through its jobserver mechanism. Submakes inherit the parent's jobserver and participate in the same job pool without needing explicit `-j` flags. By adding `-j` in submakes, we: - Break jobserver coordination (triggering warnings) - Risk spawning unlimited jobs (potential system overload) - Override the user's intended parallelism level Performance impact: NONE Removing these `-j` flags does NOT slow down builds. The parallelism behavior remains unchanged: - `make -j4` → builds 4 jobs in parallel (before AND after this fix) - `make -j8` → builds 8 jobs in parallel (before AND after this fix) - `make` → builds sequentially (before AND after this fix) The only difference is that jobserver coordination now works correctly, eliminating the warnings without affecting build performance. Note: The FASTER variable and alternate build path remain unchanged to preserve compatibility with existing build scripts used by distribution packages (Debian, Arch). Assisted-by: Claude (Anthropic) Signed-off-by: Peter Lemenkov 2025-11-25 Ovidiu Sas * [dee0a54d61] : b2b_entities: enable in-dialog authentication (#3762) * b2b_entities: do not hardcode entity type when sending in dialog requests * b2b_entities: attempt auth only if uac_auth module is loaded and dlg state is B2B_NEW * b2b_entities: new function: b2b_send_indlg_auth_req() * b2b_entities: enable reINVITE authentication 2025-11-25 Liviu Chircu * [e7dc1e4802] : Merge pull request #3761 from pfournier/stir-shaken-memory-leaks Fix memory leaks in stir_shaken module 2025-11-24 Bogdan Andrei IANCU * [e3bec7e266] : Merge pull request #3747 from lemenkov/constify_libxml2_api Fix const-correctness warnings with libxml2 error handling 2025-11-24 Bogdan Andrei IANCU * [6d784ce450] : Merge pull request #3744 from lemenkov/libdl_link_typo Fix libdl linking typo to eliminate build warnings 2025-11-23 OpenSIPS * [dfcb6992c1] : Rebuild documentation 2025-11-20 Patrice Fournier * [1b3c725377] : Fix memory leaks in stir_shaken module The stir_shaken module would leak memory any time a signature was added to a reply instead of the request or returned in a variable. This commit makes sure the Identity header lump does not get duplicated and freed only once. Also fixed possible memory leaks in case of issues while adding a date header to a request without one. 2025-11-18 Razvan Crainea * [7586056843] : aaa_diameter: fix len for hexstring AVPs encoding When provided from script, make sure we do not halve the length, as it has already been done in the `hex2string` function 2025-11-18 Liviu Chircu * [6f93a2d0c3] : Merge pull request #3757 from vladpaiu/rest_verbosity Reduce verbosity of libcurl and send errors to stderr 2025-11-16 OpenSIPS * [b937a91853] : Rebuild documentation 2025-11-14 andingv <74421031+andingv at users.noreply.github dot com> * [905c17a732] : b2b_logic: fix column indexes for the update of b2b legs (#3758) 2025-11-14 Vlad Paiu * [f1ca60be4d] : Reduce verbosity of libcurl and send errors to stderr 2025-11-12 Ovidiu Sas * [ddfb39fc8e] : event_rabbitmq: complete code optimization (#3755) - change signature for rmq_basic_server_publish() - remove redundant rmq_basic_publish() 2025-11-11 Liviu Chircu * [5c8d133be1] : Event route: Avoid double async dispatching This patch makes it so an event route raised within an async context (e.g. a clusterer SYNC packet which is processed via async dispatch) shall no longer trigger yet another async dispatch, as it is effectively a waste of resources. The 2nd async dispatch will no longer offer any throughput or performance benefit -- we are already using all workers. The core problem here was that the @ipc_shared_pipe unnamed pipe has a default internal buffer of 64K by default, past which the writing (i.e. the async job deliveries) become blocking. And with each job taking up 24 bytes... there is space for only ~2700 jobs. Now, try sync'ing 30.000 usrloc contacts on startup and also run a double-async-dispatched E_UL_CONTACT_INSERT event_route, all pushing jobs into the same pipe, and you have a stuck OpenSIPS. 2025-11-09 OpenSIPS * [e2c244ed0b] : Rebuild documentation 2025-11-07 Ovidiu Sas * [feaa1d1def] : event_rabbitmq: optimize code and remove duplicate code (#3754) * event_rabbitmq: fix amqp_set_sockfd() param * event_rabbitmq: Use RMQ_DEFAULT_FRAMES instead of RMQ_DEFAULT_MAX * event_rabbitmq: rework rmq_reconnect() signature * event_rabbitmq: rework rmq_server_reconnect() signature * event_rabbitmq: remove rmq_reconnect() 2025-11-05 Bogdan-Andrei Iancu * [26f2c7ee13] : [parser] restore the setting of via2, needed for stateless reply routing Regresion from da7da69519b959e7395dad586ff50264b63ccd7f 2025-11-02 OpenSIPS * [faefd3fb2f] : Rebuild documentation 2025-10-30 Liviu Chircu * [5b37b6d71d] : Add command-line option `i` (ignore module revision checks) The purpose of the new "-i" cmdline option is to speed up development workflows, especially when the developer knows that the module interfacing APIs and data structures did not change, after a git sync. Default behavior is un-changed: module revision checks are ON 2025-10-28 Razvan Crainea * [12939ed244] : rtp_relay: fix overwriting peer's leg 2025-10-28 Ovidiu Sas * [33843ab483] : event_rabbitmq: restore event functionality (#3738) * event_rabbitmq: restore event functionality * event_rabbitmq: fix server reconnect 2025-10-28 Jupiter Tang <36952362 at qq dot com> * [33f99bf142] : Fix SIPREC crash issue (#3748) 2025-10-27 Liviu Chircu * [6babb16f01] : Merge pull request #3746 from lemenkov/curl_wrong_types Fix curl type warnings: use long instead of int 2025-10-26 OpenSIPS * [565ba3ccca] : Rebuild documentation 2025-10-25 Peter Lemenkov * [64a9340a26] : Fix const-correctness warnings with libxml2 error handling Multiple warnings appear during compilation of modules using libxml2: ``` Compiling presentity.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -I/usr/include/libxml2 -c presentity.c -o presentity.o presentity.c: In function ‘dialog_fix_remote_target’: presentity.c:246:27: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 246 | xml_error = xmlGetLastError(); | ^ ... Compiling notify_body.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence_xml' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify_body.c -o notify_body.o notify_body.c: In function ‘dialog_offline_body’: notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:100:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 100 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c: In function ‘presence_offline_body’: notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:154:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 154 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:189:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 189 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:197:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 197 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:206:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 206 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 48 | (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error" | ^ notify_body.c:216:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’ 216 | GET_LAST_XML_ERROR(xml_error, err_msg); | ^~~~~~~~~~~~~~~~~~ ... Compiling notify.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='pua_bla' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify.c -o notify.o notify.c: In function ‘bla_body_is_valid’: notify.c:49:25: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 49 | xml_err = xmlGetLastError(); | ^ ``` Libxml2's xmlGetLastError() returns 'const xmlError*' to indicate that the error structure is owned by the library and should not be modified. The code was assigning this to non-const pointers, discarding the const qualifier. Signed-off-by: Peter Lemenkov Assisted-by: Claude (Anthropic) 2025-10-25 Peter Lemenkov * [2a03d51f74] : Fix curl type warnings: use long instead of int Multiple warnings appear during compilation of modules using libcurl: ``` gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='rest_client' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c rest_methods.c -o rest_methods.o rest_methods.c: In function ‘init_transfer’: rest_methods.c:408:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 408 | w_curl_easy_setopt(handle, CURLOPT_HTTP_VERSION, curl_http_version); | ^ rest_methods.c:422:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 422 | w_curl_easy_setopt(handle, CURLOPT_VERBOSE, 1); | ^ rest_methods.c:424:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 424 | w_curl_easy_setopt(handle, CURLOPT_FAILONERROR, 0); | ^ rest_methods.c: In function ‘set_upload_opts’: rest_methods.c:480:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 480 | w_curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, body->len); | ^ rest_methods.c: In function ‘rest_sync_transfer’: rest_methods.c:714:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 714 | set_post_opts(sync_handle, ctype, body); | ^ rest_methods.c: In function ‘start_async_http_req’: rest_methods.c:847:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning] 847 | set_post_opts(handle, req_ctype, req_body); | ^ rest_methods.c:918:25: warning: call to ‘Wcurl_easy_getinfo_err_long’ declared with attribute warning: curl_easy_getinfo expects a pointer to long [-Wattribute-warning] 918 | curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &http_rc); | ^ ``` Let's ensure we pass a literals and variables with a proper type. Signed-off-by: Peter Lemenkov 2025-10-24 Peter Lemenkov * [354ba017ae] : Fix libdl linking typo to eliminate build warnings During compilation, the following annoying warnings appear during linking: ``` gcc -shared -fPIC -DPIC -Wl,-z,relro -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-O2 -Wl,-E db_http.o http_dbase.o ssl_tweaks.o -ldl -lresolv -pthread -lcurl -dl -Bsymbolic -o db_http.so lto1: warning: unrecognized gcc debugging option: l lto1: warning: unrecognized gcc debugging option: l ``` They seems harmless but really noisy so after a little research I've found that they were caused by the following lines in a several Makefiles: ``` LIBS += -dl -Bsymbolic ``` These were adeed in a few commits, such as 149e69e3f67 and a3e87277f27. Apparently the idea was to link against libdl e.g. `LIBS += -ldl`. Although in most cases libdl is linked by default and there is no strict requirement to specifically mention it (that's probably why nobody saw it) it's better to link it explicitly to make the original intention more clear. Signed-off-by: Peter Lemenkov 2025-10-24 Razvan Crainea * [ab7295aa53] : b2b_entities: fix crash while debugging client's dlg Client's dlg is released when a 200 OK is received - thus, when printing something after the request is out, if a 200 OK is received, the log might no longer be available - this patch fixes this concurrency issue. 2025-10-22 Your Name * [0c0bb9389e] : fix(copyright): corrected copyright of the module and cleared up confusion about if the module is for opensips or kamailio - Change all copyright headers from Jonathan Kandel to Cellact B.V. - Update all Kamailio references to OpenSIPS throughout codebase - Remove build artifacts (.d, .o, .so files) and .history directory - Ensure module is clearly positioned as OpenSIPS module, not Kamailio port Addresses OpenSIPS reviewer feedback about copyright ownership and project focus. 2025-10-22 Liviu Chircu * [1377c59e1a] : Fix HP_MALLOC issue in prev commit 2025-10-21 Liviu Chircu * [6c914e388b] : Mitigate dprint() deadlocks with dbg allocators Only concerns F_MALLOC_DBG, HP_MALLOC_DBG and F_PARALLEL_MALLOC_DBG allocators, and reduces the chance of a self-deadlock in LIBC whenever an OpenSIPS worker crashes inside any kind of dprint() statement. Related to #3742 2025-10-20 Razvan Crainea * [8993236b02] : siprec: xml escape callid and group's name Many thanks to @SteveAyre for reporting it! Fixes #3723 2025-10-20 Razvan Crainea * [493249201f] : siprec: drop useless code 2025-10-13 Your Name * [b89f30c51c] : feat(auth_web3): add Web3 authentication module - Implements ENS-based authentication using Ethereum Name Service - Integrates with Oasis Sapphire blockchain for digest verification - Supports both WWW-Authenticate and Proxy-Authenticate flows - Compatible with standard SIP digest authentication - Includes comprehensive documentation and examples Author: Ron Terman Organization: Cellact B.V. Features: - web3_www_authenticate() and web3_proxy_authenticate() functions - ENS name resolution to wallet addresses - Blockchain digest verification via smart contracts - Support for Oasis Sapphire testnet and mainnet - Complete DocBook documentation Dependencies: - libcurl for HTTP RPC calls - OpenSSL for cryptographic operations Tested with OpenSIPS 3.2+ on REGISTER and INVITE authentication flows. 2025-10-13 Your Name * [193c21a025] : feat(auth_web3): add Web3 authentication module - Implements ENS-based authentication using Ethereum Name Service - Integrates with Oasis Sapphire blockchain for digest verification - Supports both WWW-Authenticate and Proxy-Authenticate flows - Compatible with standard SIP digest authentication - Includes comprehensive documentation and examples Author: Ron Terman Organization: Cellact B.V. Features: - web3_www_authenticate() and web3_proxy_authenticate() functions - ENS name resolution to wallet addresses - Blockchain digest verification via smart contracts - Support for Oasis Sapphire testnet and mainnet - Complete DocBook documentation Dependencies: - libcurl for HTTP RPC calls - OpenSSL for cryptographic operations Tested with OpenSIPS 3.2+ on REGISTER and INVITE authentication flows. 2025-10-12 OpenSIPS * [f7a53fb3e4] : Rebuild documentation 2025-10-09 Razvan Crainea * [8bb39a2679] : tm: register context functions before initializing Fixes bug introduced by 1bd9e8bb, where context initialization failed because it was not registered after variables had been parsed. The commit ensures that when the variables are initialized, the context functions exist. Many thanks to Nick Altmann for reporting it! 2025-10-09 Razvan Crainea * [758667b68b] : event_rabbitmq: fix exchange parsing Many thanks to Ovidiu Sas (@ovidiusas) for brainstorimg 2025-10-09 Ovidiu Sas * [7d998c6e53] : event_rabbitmq: proper initialization for rabbitmq connection (#3725) 2025-10-07 Liviu Chircu * [d1bb4267d0] : cachedb.h: Fix broken capability enum (since 41aea5fda) Fixes #3728 2025-10-07 Razvan Crainea * [1bd9e8bb20] : pvar: init buffers before initializing modules 2025-10-06 Bogdan-Andrei Iancu * [1631575161] : [event_routing] fix timeout for sync wait_for_event() 2025-10-06 Jasper Hafkenscheid * [6c911c3105] : resolve: fix CNAME chain resolution with caching The DNS resolver now explicitly follows CNAME chains instead of relying on res_search() to handle them transparently. This fixes resolution failures when the DNS cache module is enabled, as cached CNAME responses need to be followed manually to reach the final A/AAAA records. Changes: - Add iterative CNAME chain following in own_gethostbyname2() - Limit chain depth to 10 to prevent infinite loops - Add debug logging for CNAME traversal 2025-10-05 OpenSIPS * [2b7062281d] : Rebuild documentation 2025-10-03 Razvan Crainea * [4e2b5a9839] : callops: add headers params to call_hold/call_unhold MI cmds 2025-10-03 Razvan Crainea * [b15b461703] : callops: add leg parameter to call_hold/call_unhold MI cmd 2025-10-02 Liviu Chircu * [275237dcf4] : SDP ops: Do not crash in failure_route (part 1) For now, clear all SDP changes when cloning the SIP message into SHM. This fixes issues when using $sdp variable and failure_route within the same SIP message processing. 2025-09-30 Bogdan-Andrei Iancu * [c7f99eef73] : [presence] fix bogus array size for events to be clustered. The badly allocated size could generate an overflow for the newly added events. Credits got to @razvancrainea for spotting the issue 2025-09-28 OpenSIPS * [d5c3ef8e5c] : Rebuild documentation 2025-09-25 Liviu Chircu * [9f9465399e] : clusterer: Avoid use of VLA, to make Clang happy 2025-09-25 Liviu Chircu * [5449f356fb] : Merge branch 'feature/ratelimit-bridge-repl' 2025-09-25 Liviu Chircu * [0419e8ac4d] : clusterer/ratelimit: Document the new Bridge-Replication feature 2025-09-25 Liviu Chircu * [71b47fa2bb] : ratelimit/clusterer: Add "Cluster-Bridge Replication" feature This patch extends both clusterer and ratelimit with an optional mechanism to replicate pipes between different clusters, possibly over larger-latency, inter-DC WAN links. This helps improve the scalability of the default, full-mesh pipe replication strategy. A new table has been added, named "clusterer_bridge", which contains directed replication channels between different clusters. The origination node is decided using a shared tag, one for each WAN link. Before: DC #1 DC #2 WAN link A ─────────── C │ \ / │ │ \ / │ │ X │ 8 inter-DC replication channels │ / \ │ (AC,AD,BC,BD,CA,CB,DA,DB) │ / \ │ B ─────────── D WAN link cluster_id: 1 After: 2 inter-DC DC #1 WAN link DC #2 replications ( A <-----> B ) <--------> ( C <------> D ) (AC,DB) cluster_id: 1 cluster_id: 2 sender: wan1 shtag sender: wan1 shtag Credits to SIPNav for sponsoring this work! 2025-09-24 Ken Rice * [9ce51e3744] : Makefile tweaks to avoid $(shell ...) expansions from failing Fixes #3717 2025-09-23 Razvan Crainea * [7a00c4684f] : json: use non-slashes representation only with json-c >= 0.13 2025-09-23 Razvan Crainea * [69abc4f9fb] : pike: guard from 0-length IPs crashes 2025-09-23 Razvan Crainea * [f62135500e] : receive: restore static info about errored messages 2025-09-23 Razvan Crainea * [f2183ed40f] : dialog: add active_only parameter to load_dialog_ctx The new parameter makes the function to return only active dialogs - dialogs that are in state <= 4 2025-09-21 OpenSIPS * [7fb9e11d99] : Rebuild documentation 2025-09-18 Liviu Chircu * [3a2eed050c] : Merge pull request #3722 from dariusstefan/master json: add a new pseudo-variable - json_compact_noescape 2025-09-18 Darius Stefan * [cbe3dc33ee] : json: add a new pseudo-variable - json_compact_noescape - add this pv to support printing in compact form, but without escaping slashes 2025-09-18 Steve Ayre * [6082b43fa8] : create pcre2 compile context once instead of for each compile 2025-09-18 Steve Ayre * [c58e3af0cc] : update dialplan module for pcre2 2025-09-18 Bogdan-Andrei Iancu * [25f065b2c2] : [tm] fix crash on stats update when stats are disabled Do proper testing on enabled/disabled status of the stats Closes #3718 Reported by @juliansanter-konverto and @MrM0bi (cherry picked from commit b415545a5844b4e4155c8c197bf27f578e3f0a77) 2025-09-18 Razvan Crainea * [2b50cbb583] : mpath: support comma separated values 2025-09-17 Steve Ayre * [3cc28d166b] : update regex module for pcre2 2025-09-17 Steve Ayre * [1cb16e082e] : require libpcre2 2025-09-17 Liviu Chircu * [561a15515f] : stun: Fix regression in 'use_listeners_as_primary' feature In commit 8e6000d5f0d8d, it was missed that FD_SET(fd_x...) calls are idempotent, while reactor_add_reader(fd_x...) calls are not. So when you perform them multiple times (which the 'use_listeners_as_primary' feature MAY do), OpenSIPS startup would now ERROR and abort. Many thanks to Bernard Buitenhuis for an accurate report and sponsoring the fix! 2025-09-17 Razvan Crainea * [a6b6e0431d] : utils/wireshark/dissector: fix clusterer parsing 2025-09-16 Liviu Chircu * [a23ba7903f] : permissions: Small bugfix in DB schema It seems bitmask values of 128 could not be stored in the table (e.g. IPv6 addresses, not subnets), as TINYINT (char) can only support the [-128, 127) interval. As a fix, we silently bump the column to SMALLINT (2 bytes), solving the issue but also not causing any breakage when pulling new packages (e.g. no table version update, so we can backport this). 2025-09-16 Liviu Chircu * [8b1806ec66] : permissions: Fix incorrect match of IPv4 addr against IPv6 matchnet()'s possible rcs were not fully handled (here, the -1 case). Many thanks to Bernard Buitenhuis for reporting the issue. 2025-09-14 OpenSIPS * [4bf044ab5f] : Rebuild documentation 2025-09-12 Liviu Chircu * [4b13a13300] : DB version check: Minor improvements * improve error reporting when table is not present in 'version': "invalid version 0 for table clusterer found, expected 4" (???) vs. "'clusterer' entry not found in version table, expected ver 4" * add a way of checking if the table does not exist, programmatically 2025-09-12 Razvan Crainea * [bbfa2b0c19] : siprec: make timeout handling more robust Make sure we are not trying to access the RTP context that has been destroyed along with the dialog moving in state 5. 2025-09-12 Razvan Crainea * [c5fd8adfcc] : siprec: do not try to engage siprec if media not established 2025-09-09 Jason Shugart * [40109f40c8] : Ignore extra headers in MSRP 2025-09-08 Liviu Chircu * [20b0ba813a] : SDP ops: Fix edge-case with missing ending LF OpenSIPS no longer throws an error on SDP bodies with missing line-termination sequence on the very last line. According to SDP ABNF specs, this is bad syntax, but we accept it and move on. Moreover, assuming the SDP is dirty (at least one edit), the output SDP ($sdp) will always be normalized to include the ending LF sequence. 2025-09-07 OpenSIPS * [14f1f74710] : Rebuild documentation 2025-09-05 Liviu Chircu * [020ea0de75] : SDP ops: Add "\n" line-ending tests; Fix "$sdp = NULL;" The "$sdp = NULL;" statement wasn't fully working as expected, as subsequent operations would still pick up some left-over SDP data. 2025-09-05 Razvan Crainea * [22b5a6b415] : dialog: avoid creating dialog multiple times if deleted When an update command is received, the dialog is searched: before this commit, if the dialog was not found, `dlg` was returned as `null`, and a new dialog, **with the same coordinates** was created. This commit makes sure that the dialog is no longer created if already in deleted state, thus avoiding creating the dialog multiple times with the same coordinates. 2025-09-02 Razvan Crainea * [380c06446e] : b2b_logic: avoid crash when copying sdp to deleted entity 2025-09-02 Razvan Crainea * [09983273ea] : exec: close all fds before exec This prevents external processes from accessing (a lot of) OpenSIPS file descriptors. 2025-09-02 Razvan Crainea * [a1ef1d828a] : aaa_diameter: add support for time AVPs 2025-09-01 Razvan Crainea * [2702eade95] : python: fix Makefile lib name and includes 2025-09-01 Razvan Crainea * [998cb26cfa] : packaging/debian: fix 4.0 changelog 2025-08-31 OpenSIPS * [617d333903] : Rebuild documentation 2025-08-28 Razvan Crainea * [cc11d0aaff] : b2b_sdp_demux: Fix leak in b2b server key creation Many thanks to Nuno Ferreira from Five9 for spotting, reporting and fixing this. 2025-08-26 Peter Lemenkov * [af67945a87] : Make GCC happy by addressing its warnings about possibly uninitialized variables (#3690) * Possible free of unitialized variable It is possible that we can jump to `error` where we free `nt_name` right before initialization. So better to initialize it first. ``` Compiling app_opensips/avps.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='aaa_diameter' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c app_opensips/avps.c -o app_opensips/avps.o app_opensips/avps.c: In function ‘parse_attr_def’: app_opensips/avps.c:732:9: warning: ‘nt_name’ may be used uninitialized [-Wmaybe-uninitialized] 732 | free(nt_name); | ^~~~~~~~~~~~~ app_opensips/avps.c:564:22: note: ‘nt_name’ was declared here 564 | char *name, *nt_name, *newp, *p = line, *end = p + len; | ^~~~~~~ ``` Signed-off-by: Peter Lemenkov * Possible use of unitialized variable Variable `old_state` can be used w/o being initialized. This patch fixed it. ``` Compiling sharing_tags.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='clusterer' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c sharing_tags.c -o sharing_tags.o sharing_tags.c: In function ‘shtag_activate’: sharing_tags.c:746:49: warning: ‘old_state’ may be used uninitialized [-Wmaybe-uninitialized] 746 | if (ret==SHTAG_STATE_ACTIVE && old_state!=SHTAG_STATE_ACTIVE) { sharing_tags.c:685:18: note: ‘old_state’ was declared here 685 | int ret, old_state; | ^~~~~~~~~ ``` Signed-off-by: Peter Lemenkov * Make GCC happy GCC erroneously believes that `job_data` may be used uninitialized. Let's help him understand the situation better. ``` Compiling kafka_producer.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='event_kafka' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -DWITH_GZFILEOP -c kafka_producer.c -o kafka_producer.o kafka_producer.c: In function ‘kafka_report_status’: kafka_producer.c:422:57: warning: ‘job_data’ may be used uninitialized [-Wmaybe-uninitialized] 422 | if (p->job->type == KAFKA_JOB_SCRIPT && job_data->report_rt) | ~~~~~~~~^~~~~~~~~~~ kafka_producer.c:382:28: note: ‘job_data’ was declared here 382 | script_job_data_t *job_data; | ^~~~~~~~ ``` Signed-off-by: Peter Lemenkov * Make GCC happy GCC erroneously believes that `hdrs` may be used uninitialized. Let's help him understand the situation better. ``` Compiling http2d.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='http2d' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include -c http2d.c -o http2d.o http2d.c: In function ‘h2_send_response’: http2d.c:267:25: warning: ‘hdrs’ may be used uninitialized [-Wmaybe-uninitialized] 267 | for (it = hdrs->child; it; it = it->next, nh++, r->hdrs_len++) { | ~~~^~~~~~~~~~~~~ http2d.c:138:16: note: ‘hdrs’ was declared here 138 | cJSON *hdrs, *it; | ^~~~ ``` Signed-off-by: Peter Lemenkov --------- Signed-off-by: Peter Lemenkov 2025-08-26 Razvan Crainea * [c25a8fff73] : Avoid crashes in case variable are NULL Completes #3690 2025-08-26 Peter Lemenkov * [19e2fac6f8] : Make GCC happy GCC erroneously believes that `hdrs` may be used uninitialized. Let's help him understand the situation better. ``` Compiling http2d.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='http2d' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include -c http2d.c -o http2d.o http2d.c: In function ‘h2_send_response’: http2d.c:267:25: warning: ‘hdrs’ may be used uninitialized [-Wmaybe-uninitialized] 267 | for (it = hdrs->child; it; it = it->next, nh++, r->hdrs_len++) { | ~~~^~~~~~~~~~~~~ http2d.c:138:16: note: ‘hdrs’ was declared here 138 | cJSON *hdrs, *it; | ^~~~ ``` Signed-off-by: Peter Lemenkov 2025-08-26 Peter Lemenkov * [9472e64813] : Make GCC happy GCC erroneously believes that `job_data` may be used uninitialized. Let's help him understand the situation better. ``` Compiling kafka_producer.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='event_kafka' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -DWITH_GZFILEOP -c kafka_producer.c -o kafka_producer.o kafka_producer.c: In function ‘kafka_report_status’: kafka_producer.c:422:57: warning: ‘job_data’ may be used uninitialized [-Wmaybe-uninitialized] 422 | if (p->job->type == KAFKA_JOB_SCRIPT && job_data->report_rt) | ~~~~~~~~^~~~~~~~~~~ kafka_producer.c:382:28: note: ‘job_data’ was declared here 382 | script_job_data_t *job_data; | ^~~~~~~~ ``` Signed-off-by: Peter Lemenkov 2025-08-26 Peter Lemenkov * [1c31a680e3] : Possible use of unitialized variable Variable `old_state` can be used w/o being initialized. This patch fixed it. ``` Compiling sharing_tags.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='clusterer' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c sharing_tags.c -o sharing_tags.o sharing_tags.c: In function ‘shtag_activate’: sharing_tags.c:746:49: warning: ‘old_state’ may be used uninitialized [-Wmaybe-uninitialized] 746 | if (ret==SHTAG_STATE_ACTIVE && old_state!=SHTAG_STATE_ACTIVE) { sharing_tags.c:685:18: note: ‘old_state’ was declared here 685 | int ret, old_state; | ^~~~~~~~~ ``` Signed-off-by: Peter Lemenkov 2025-08-26 Peter Lemenkov * [233769bc12] : Possible free of unitialized variable It is possible that we can jump to `error` where we free `nt_name` right before initialization. So better to initialize it first. ``` Compiling app_opensips/avps.c gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='aaa_diameter' -DPKG_MALLOC -DSHM_MMAP -DUSE_MCAST -DDISABLE_NAGLE -DSTATISTICS -DHAVE_RESOLV_RES -DF_MALLOC -DQ_MALLOC -DHP_MALLOC -DDBG_MALLOC -DF_PARALLEL_MALLOC -DHAVE_STDATOMIC -DHAVE_GENERICS -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"' -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c app_opensips/avps.c -o app_opensips/avps.o app_opensips/avps.c: In function ‘parse_attr_def’: app_opensips/avps.c:732:9: warning: ‘nt_name’ may be used uninitialized [-Wmaybe-uninitialized] 732 | free(nt_name); | ^~~~~~~~~~~~~ app_opensips/avps.c:564:22: note: ‘nt_name’ was declared here 564 | char *name, *nt_name, *newp, *p = line, *end = p + len; | ^~~~~~~ ``` Signed-off-by: Peter Lemenkov 2025-08-26 Bogdan Andrei IANCU * [be32acabdf] : Merge pull request #3693 from lemenkov/type_mismatch Fix various function or variable type mismatch 2025-08-26 Peter Lemenkov * [5a986df0d0] : Replace distutils completely (#3697) The package distutils was deprecated in Python 3.10 and removed in 3.12. Let's switch to modern alternative. Also remove one extra shell call. Signed-off-by: Peter Lemenkov 2025-08-24 OpenSIPS * [0f63d11efe] : Rebuild documentation 2025-08-21 Razvan Crainea * [7fcf09dbd2] : mem: allow using system allocator without debugging 2025-08-20 Liviu Chircu * [5de8ddd71b] : call_center: Check "cc_calls" against the "realtime" DB URL Per documentation: "To be more specific, the only runtime table we have so far is the "cc_calls" table." (cherry picked from commit 69ad46c9f8e0931f965f39f65031510b0aedf0ea) 2025-08-20 Razvan Crainea * [65fc660cea] : transformations: re.subst may contain whitespaces 2025-08-20 Razvan Crainea * [8dc91ddd68] : mi_datagram: use default buf size as constant define Prevents compile warning on older compilers (ubuntu bionic, redhat 7) 2025-08-18 Razvan Crainea * [ab3ffa1d16] : rtpengine: reload servers under lock This prevents a crash running the child_init in the same time with a reload Many thanks go to ConnexCS for reporting and testing the fix! 2025-08-18 Razvan Crainea * [d355468a64] : dialog: provide type of failed replicated packet 2025-08-17 OpenSIPS * [a6ce0ae564] : Rebuild documentation 2025-08-13 Bence Szigeti * [ca7d6e5e04] : Make MI Datagram buffer size configurable (#3706) 2025-08-10 OpenSIPS * [22ab4c856f] : Rebuild documentation 2025-08-06 Razvan Crainea * [9b8c8edda4] : rtp_relay: rework failed rtp_relay_update requests handling 2025-08-03 OpenSIPS * [b4b1ecf1d0] : Rebuild documentation 2025-07-30 Liviu Chircu * [fb222f3d18] : aaa_diameter: Improve debug log 2025-07-29 Razvan Crainea * [9f3b78a1ab] : proto_ipsec: fix documentation xml typo 2025-07-28 Liviu Chircu * [b84307cd8f] : Merge pull request #3692 from dariusstefan/master aaa_diameter: update docs based on `ba06123` 2025-07-27 OpenSIPS * [05a19baa0b] : Rebuild documentation 2025-07-25 Darius Stefan * [f0b1336e9c] : aaa_diameter: update docs based on `ba06123` 2025-07-25 Razvan Crainea * [8662ce2df4] : aaa_diameter: provide tunable size for json logs 2025-07-25 Peter Lemenkov * [aae9a1e746] : Fix variable type mismatch ``` ebr_data.c:53:12: warning: type of ‘ebr_ipc_type’ does not match original declaration [-Wlto-type-mismatch] 53 | extern int ebr_ipc_type; | ^ event_routing.c:65:18: note: type ‘ipc_handler_type’ should match type ‘int’ 65 | ipc_handler_type ebr_ipc_type; | ^ event_routing.c:65:18: note: ‘ebr_ipc_type’ was previously declared here event_routing.c:65:18: note: code may be misoptimized unless ‘-fno-strict-aliasing’ is used ``` Signed-off-by: Peter Lemenkov 2025-07-25 Peter Lemenkov * [7b787f8495] : Fix function type mismatch Now it matches the documentation. ``` domain.h:41:5: warning: type of ‘is_uri_host_local’ does not match original declaration [-Wlto-type-mismatch] 41 | int is_uri_host_local(struct sip_msg* _msg, char* _s1, char* _s2); | ^ domain.c:235:5: note: type mismatch in parameter 3 235 | int is_uri_host_local(struct sip_msg* _msg, pv_spec_t* _s1) | ^ domain.c:235:5: note: ‘is_uri_host_local’ was previously declared here domain.h:35:5: warning: type of ‘is_from_local’ does not match original declaration [-Wlto-type-mismatch] 35 | int is_from_local(struct sip_msg* _msg, char* _s1, char* _s2); | ^ domain.c:219:5: note: type mismatch in parameter 3 219 | int is_from_local(struct sip_msg* _msg, pv_spec_t* _s1) | ^ domain.c:219:5: note: ‘is_from_local’ was previously declared here ``` Signed-off-by: Peter Lemenkov 2025-07-25 Peter Lemenkov * [8d5d213ac5] : Fix function type mismatch Now it matches the documentation. ``` authorize.h:31:5: warning: type of ‘jwt_db_authorize’ does not match original declaration [-Wlto-type-mismatch] 31 | int jwt_db_authorize(struct sip_msg* _msg, str* jwt_token, pv_spec_t* auth_user); | ^ authorize.c:56:5: note: type mismatch in parameter 4 56 | int jwt_db_authorize(struct sip_msg* _msg, str* jwt_token, | ^ authorize.c:56:5: note: ‘jwt_db_authorize’ was previously declared here ``` Signed-off-by: Peter Lemenkov 2025-07-23 Liviu Chircu * [7545056fec] : Bump development version 2025-07-23 Razvan Crainea * [bebda2e5a6] : db_unixodbc: explicit add $(LOCALBASE)/include/odbc This fixes compile on FreeBSD. Close #3689 2025-07-23 Razvan Crainea * [7bb7900d4a] : rtp_relay: let tm manage ref counting for failed sessions Close #3623 Close #3539 2025-07-23 Razvan Crainea * [0dad823138] : net: init all protos, but bind TCP only in main 2025-07-22 Bogdan Andrei IANCU * [64a18da003] : Merge pull request #3688 from vladpaiu/fix_async_lock_replies run reply async resume callback under reply lock, as it might make changes to AVPs 2025-07-22 Liviu Chircu * [ead9d4a991] : Merge pull request #3685 from asolovjov/increase_forced_binding_len registrar: increase MAX_FORCED_BINDING_LEN in save function 2025-07-21 Razvan Crainea * [528f06be27] : rtpengine: guard from NULL msg Thanks to @goharahmed for his report. Close #3652 2025-07-21 Razvan Crainea * [e34c7ba19f] : mi_script: fix documentation typos Many thangs to @QuincyGao on GitHub for reporting them. Close #3683 2025-07-20 OpenSIPS * [91f860be04] : Rebuild documentation 2025-07-18 Vlad Paiu * [4e19188ecd] : run reply async resume callback under reply lock, as it might make changes to AVPs 2025-07-15 Artiom Druz <38580109+Shkiperon at users.noreply.github dot com> * [e7d40c5c77] : Added menuconfig options to disable event_sqs and rtp.io module builds (#3678) 2025-07-15 Razvan Crainea * [b5a8aa872d] : rtpengine: document extra failover cases (commit a1ba145) 2025-07-15 Steven Ayre * [a1ba145adb] : add support for resource limit error messages from rtpengine (#3682) support LOAD_LIMIT_CPU, LOAD_LIMIT_LOAD, LOAD_LIMIT_BW from rtpengine ```const char magic_load_limit_strings[__LOAD_LIMIT_MAX][64] = { [LOAD_LIMIT_MAX_SESSIONS] = "Parallel session limit reached", [LOAD_LIMIT_CPU] = "CPU usage limit exceeded", [LOAD_LIMIT_LOAD] = "Load limit exceeded", [LOAD_LIMIT_BW] = "Bandwidth limit exceeded", };``` Co-authored-by: Steve Ayre 2025-07-13 OpenSIPS * [fdbc2e2b93] : Rebuild documentation 2025-07-11 Andrej Solovjov * [6416b57089] : registrar: increase MAX_FORCED_BINDING_LEN in save function Sometimes the SIP Contact header field URI can be larger than 256 chars. For example, 'pn-provider', 'pn-prid' and 'pn-param' should be in the URI if SIP UA requests push notifications and they can be quite long. 2025-07-09 Razvan Crainea * [fba5079da4] : auth_aka: fix SIP-Authorization header build Before this commit, the RAND||AUTS would have been built in a buffer that would have been destroyed afterwards. 2025-07-07 Ibrahim Shahzad <48486042+IbrahimShahzad at users.noreply.github dot com> * [d49884f305] : fix for transaction reset for reply (#3680) 2025-07-06 OpenSIPS * [3c789cedc2] : Rebuild documentation 2025-07-01 Liviu Chircu * [e144adc85d] : core: Minor code refactoring Skip unnecessary @md assignments, space out the code for readability. Related to #3675 2025-07-01 Liviu Chircu * [eb3e892baf] : Merge pull request #3675 from sippy/pr_add_minit core: split DEP_REVERSE_INIT into _MINIT and _CINIT parts 2025-07-01 Larry Laffer * [d449aabc29] : [aaa_diameter] Ignore unknown AVPS in Diameter Replies (#3655) * Ignore unknown AVPs in replies * Clarify Log 2025-06-29 OpenSIPS * [9f46d71e94] : Rebuild documentation 2025-06-27 Razvan Crainea * [12ed692ecd] : rtp_relay: do not enforce from_tag for delete command 2025-06-25 Bogdan Andrei IANCU * [fde3ff3e37] : Merge pull request #3634 from jes/proto-tls-fd Stop leaving sockets in CLOSE_WAIT on failed TLS connections 2025-06-25 Bogdan-Andrei Iancu * [f560625e1a] : [tm] remove some devel related DBG message 2025-06-25 Bogdan-Andrei Iancu * [e86b121b9b] : [dispatcher] fix resetting the persistent_state for default partition The modparam (as per docs) must change the default partition settings only Fixes #3635, reported by @nikbyte 2025-06-24 Razvan Crainea * [0cad84b878] : permissions: remove unused variable 2025-06-24 Bogdan-Andrei Iancu * [d14b435906] : [permissions] fix allow_uri() URI parameter The parameter is a string, not pvar, so does not need to be evaluated Fixes #3645 Reported by @gostkov 2025-06-23 Maksym Sobolyev * [c8770b66f3] : core: split DEP_REVERSE_INIT into _MINIT and _CINIT parts Add DEP_REVERSE_CINIT and DEP_REVERSE_MINIT dependency flags allowing to reverse mod_init() and child_init() init order independently. Make DEP_REVERSE_INIT be (DEP_REVERSE_CINIT|DEP_REVERSE_MINIT). 2025-06-22 OpenSIPS * [07de05e1c0] : Rebuild documentation 2025-06-20 Razvan Crainea * [30c5fdfd86] : cgrates: make sure ctx is released on backup node when cgrates ctx is being replicated, we need to release it when the dialog is destroyed, otherwise it will leak. Many thanks for @NicoFrLy on GitHub for reporting it. Close #3656 2025-06-20 Bogdan-Andrei Iancu * [5d599a8557] : [proto_tls] fix HEP leak upon failed TLS accepts Be sure and flush all pending HEP (tracing) messages on a TLS conn, even if the SSL negociation failed. Closes #3496. 2025-06-20 vladpaiu * [00305a4edf] : Disable TLS tickets for 1.2 and 1.3 in order to support reconnects after OpenSIPS restarts (#3673) 2025-06-19 Bogdan Andrei IANCU * [0c54ee7df9] : Merge pull request #3654 from 36952362/master Resolve the issue of incomplete transmission of large SIP message over TLS protocol 2025-06-19 jupiter <36952362 at qq dot com> * [f93daaf034] : adjust pending data in async mode logic 2025-06-18 Bogdan Andrei IANCU * [38efd080d3] : Merge pull request #3664 from 36952362/tcp_connection Resolve the issue of inaccurate tcp_connections_no 2025-06-18 jupiter <36952362 at qq dot com> * [cee5f5b2e7] : the access to ->async->pending should be under lock 2025-06-18 jupiter <36952362 at qq dot com> * [fb9bc44379] : do not tcp_connections_no for non TCP MAIN procs 2025-06-17 Razvan Crainea * [cdd4725444] : rtp*: guard from empty to_tag 2025-06-16 Bogdan Andrei IANCU * [12085550c5] : Merge pull request #3670 from purecloudlabs/hotfix/permission-module-issues `permissions`: Stabilize the new storage backend 2025-06-16 Bogdan Andrei IANCU * [03719466e1] : Merge pull request #3672 from jes/dnscache-fix Fix buffer overflow in dnscache (#3669) 2025-06-16 Bogdan Andrei IANCU * [45f498b18f] : Merge pull request #3666 from NormB/NormB-clusterer-doc Update clusterer_admin.xml 2025-06-16 Razvan Crainea * [352d8d56e6] : event_routing: avoid shm leak on error 2025-06-16 Bogdan-Andrei Iancu * [be61940db5] : Remove wrapping for exclude_modules line This is not supported by the menuconfig tool Reported by @rrb3942, closes #3658 2025-06-16 Razvan Crainea * [d2c682cbf6] : dialog: replicate cseq changes on every reqlayed request 2025-06-15 OpenSIPS * [dd9400f4e6] : Rebuild documentation 2025-06-12 James Stanley * [c585e06592] : Fix buffer overflow in dnscache (#3669) `addr_no` and `alias_no` are calculated based on whichever is smaller out of the actual number of addresses/aliases, and `MAXADDRS-1`/`MAXALIASES-1`. But then the code inserted all of the actual number of addresses/aliases anyway, which makes for a potential buffer overflow, and corrupted deserialisation later. 2025-06-10 Bence Szigeti * [06cdb055e7] : `permissions`: Add extra check on address 2025-06-10 Bence Szigeti * [491c4b1426] : `permissions`: Fix error handling 2025-06-10 Bence Szigeti * [3514850737] : `permissions`: Fix invalid pointer access 2025-06-10 Razvan Crainea * [4ccf042ceb] : b2b_logic: add $b2b_logic.peer variable 2025-06-10 Razvan Crainea * [1fff680f0c] : b2b_logic: reverse peer when entity not specified completes/fixes commit f2ef8d391b 2025-06-10 Razvan Crainea * [a7197f867d] : b2b_logic: determine entity type if not explicit 2025-06-10 Razvan Crainea * [6da409d4c8] : siprec: docs clarify when recoring is started Thanks to Walter Schober on mailing list for reporing the inconsistency 2025-06-08 OpenSIPS * [517e08e1a8] : Rebuild documentation 2025-06-06 Bogdan-Andrei Iancu * [69a785e112] : [event_routing] added new sync wait_for_event() function This is exeactly the same as the async function, but does inline blocking/waiting until the event is received. The function is very useful in script routes that does not have async support 2025-06-06 Norm Brandinger * [98347446b8] : Update sockets_mgm_admin.xml (#3667) 2025-06-05 Norm Brandinger * [882eebb765] : Update clusterer_admin.xml 2025-06-04 Bogdan Andrei IANCU * [224beb4924] : Merge pull request #3661 from NormB/patch-1 Documentation spelling update 2025-06-04 Norm Brandinger * [b759b2ab63] : Merge branch 'OpenSIPS:master' into patch-1 2025-06-04 Norm Brandinger * [b02b1badcf] : Update sockets_mgm_admin.xml 2025-06-04 jupiter <36952362 at qq dot com> * [8e2ce2f984] : Resolve the issue of inaccurate tcp_connections_no 2025-06-03 Razvan Crainea * [4754e12bbc] : b2b_logic: fix typo on tuple error 2025-06-03 Bogdan-Andrei Iancu * [a1caf3b621] : [domain] updated docs Added new "subdomain_col" mod param 2025-06-02 Norm Brandinger * [02fea4606e] : Update README 2025-06-01 OpenSIPS * [fd3a22c92c] : Rebuild documentation 2025-05-30 Bogdan Andrei IANCU * [ad540e9c98] : Merge pull request #3653 from ovidiusas/master domain: accept BIGINT type for accept_subdomain column 2025-05-29 Razvan Crainea * [f7109b1df1] : cachedb_redis: fix c99 requirements 2025-05-25 Liviu Chircu * [b108c1cd07] : SDP variables: Integrate into SIP msg processing Initial SDP operations integration, relaying seems to work as expected. 2025-05-25 Liviu Chircu * [5afd61a37c] : SDP variables: Rework to allow PV as indexes (stream/line/token) 2025-05-25 Liviu Chircu * [da64ab99cc] : SDP variables: Add test suites for $sdp.stream and $sdp.session 2025-05-25 Liviu Chircu * [63c76aaeec] : "assert" cfg statement: Few improvements * make the 2nd param (assert description) optional * add file/line to the error log, as a replacement for lack of param #2 2025-05-25 OpenSIPS * [de35f7ce6d] : Rebuild documentation 2025-05-24 Razvan Crainea * [78a49b1e7b] : domain: usr correct table version and bump it properly 2025-05-23 Ovidiu Sas * [7e208af970] : domain: accept BIGINT type for accept_subdomain column 2025-05-23 Liviu Chircu * [9561fe4836] : $sdp.line: Minimize SDP buffer rebuilds during READ/WRITE ops 2025-05-23 Liviu Chircu * [4902037a7c] : SDP variables: Add test suite for $sdp and $sdp.line 2025-05-21 Liviu Chircu * [39cd732faa] : Bump development version