--- /dev/null
+This patch updates array limit checks and docs
+in pjsip_evsub_register_pkg() and pjsip_endpt_add_capability().
+
+Index: pjsip/include/pjsip/sip_endpoint.h
+===================================================================
+--- a/pjsip/include/pjsip/sip_endpoint.h (revision 5396)
++++ b/pjsip/include/pjsip/sip_endpoint.h (revision 5397)
+@@ -583,7 +583,8 @@
+ * @param hname If htype specifies PJSIP_H_OTHER, then the header name
+ * must be supplied in this argument. Otherwise the value
+ * must be set to NULL.
+- * @param count The number of tags in the array.
++ * @param count The number of tags in the array. The value must not
++ * be greater than PJSIP_GENERIC_ARRAY_MAX_COUNT.
+ * @param tags Array of tags describing the capabilities or extensions
+ * to be added to the appropriate header.
+ *
+Index: pjsip/include/pjsip-simple/evsub.h
+===================================================================
+--- a/pjsip/include/pjsip-simple/evsub.h (revision 5396)
++++ b/pjsip/include/pjsip-simple/evsub.h (revision 5397)
+@@ -246,7 +246,8 @@
+ * registered.
+ * @param event_name Event package identification.
+ * @param expires Default subscription expiration time, in seconds.
+- * @param accept_cnt Number of strings in Accept array.
++ * @param accept_cnt Number of strings in Accept array. The value must
++ * not be greater than PJSIP_GENERIC_ARRAY_MAX_COUNT.
+ * @param accept Array of Accept value.
+ *
+ * @return PJ_SUCCESS on success.
+Index: pjsip/src/pjsip/sip_endpoint.c
+===================================================================
+--- a/pjsip/src/pjsip/sip_endpoint.c (revision 5396)
++++ b/pjsip/src/pjsip/sip_endpoint.c (revision 5397)
+@@ -371,6 +371,7 @@
+
+ /* Check arguments. */
+ PJ_ASSERT_RETURN(endpt!=NULL && count>0 && tags, PJ_EINVAL);
++ PJ_ASSERT_RETURN(count <= PJSIP_GENERIC_ARRAY_MAX_COUNT, PJ_ETOOMANY);
+ PJ_ASSERT_RETURN(htype==PJSIP_H_ACCEPT ||
+ htype==PJSIP_H_ALLOW ||
+ htype==PJSIP_H_SUPPORTED,
+Index: pjsip/src/pjsip-simple/evsub.c
+===================================================================
+--- a/pjsip/src/pjsip-simple/evsub.c (revision 5396)
++++ b/pjsip/src/pjsip-simple/evsub.c (revision 5397)
+@@ -412,7 +412,9 @@
+ unsigned i;
+
+ PJ_ASSERT_RETURN(pkg_mod && event_name, PJ_EINVAL);
+- PJ_ASSERT_RETURN(accept_cnt < PJ_ARRAY_SIZE(pkg->pkg_accept->values),
++
++ /* Make sure accept_cnt < PJ_ARRAY_SIZE(pkg->pkg_accept->values) */
++ PJ_ASSERT_RETURN(accept_cnt <= PJSIP_GENERIC_ARRAY_MAX_COUNT,
+ PJ_ETOOMANY);
+
+ /* Make sure evsub module has been initialized */
--- /dev/null
+This patch fixes the issue in pjsip_tx_data_dec_ref()
+when tx_data_destroy can be called more than once,
+and checks if invalid value (e.g. NULL) is passed to.
+
+Index: pjsip/src/pjsip/sip_transport.c
+===================================================================
+--- a/pjsip/src/pjsip/sip_transport.c (revision 5399)
++++ b/pjsip/src/pjsip/sip_transport.c (revision 5400)
+@@ -491,8 +491,13 @@
+ */
+ PJ_DEF(pj_status_t) pjsip_tx_data_dec_ref( pjsip_tx_data *tdata )
+ {
+- pj_assert( pj_atomic_get(tdata->ref_cnt) > 0);
+- if (pj_atomic_dec_and_get(tdata->ref_cnt) <= 0) {
++ pj_atomic_value_t ref_cnt;
++
++ PJ_ASSERT_RETURN(tdata && tdata->ref_cnt, PJ_EINVAL);
++
++ ref_cnt = pj_atomic_dec_and_get(tdata->ref_cnt);
++ pj_assert( ref_cnt >= 0);
++ if (ref_cnt == 0) {
+ tx_data_destroy(tdata);
+ return PJSIP_EBUFDESTROYED;
+ } else {
--- /dev/null
+From 33fd755e819dc85a96718abc0ae26a9b46f14800 Mon Sep 17 00:00:00 2001
+From: nanang <nanang@localhost>
+Date: Thu, 28 Jul 2016 08:21:45 +0000
+Subject: [PATCH 2/3] Fix #1946: Avoid deinitialization of uninitialized client
+ auth session.
+
+---
+ pjsip/src/pjsip/sip_dialog.c | 18 ++++++------------
+ 1 file changed, 6 insertions(+), 12 deletions(-)
+
+diff --git a/pjsip/src/pjsip/sip_dialog.c b/pjsip/src/pjsip/sip_dialog.c
+index f03885d..421ddc4 100644
+--- a/pjsip/src/pjsip/sip_dialog.c
++++ b/pjsip/src/pjsip/sip_dialog.c
+@@ -92,6 +92,12 @@ static pj_status_t create_dialog( pjsip_user_agent *ua,
+ pj_list_init(&dlg->inv_hdr);
+ pj_list_init(&dlg->rem_cap_hdr);
+
++ /* Init client authentication session. */
++ status = pjsip_auth_clt_init(&dlg->auth_sess, dlg->endpt,
++ dlg->pool, 0);
++ if (status != PJ_SUCCESS)
++ goto on_error;
++
+ status = pj_mutex_create_recursive(pool, dlg->obj_name, &dlg->mutex_);
+ if (status != PJ_SUCCESS)
+ goto on_error;
+@@ -283,12 +289,6 @@ PJ_DEF(pj_status_t) pjsip_dlg_create_uac( pjsip_user_agent *ua,
+ /* Initial route set is empty. */
+ pj_list_init(&dlg->route_set);
+
+- /* Init client authentication session. */
+- status = pjsip_auth_clt_init(&dlg->auth_sess, dlg->endpt,
+- dlg->pool, 0);
+- if (status != PJ_SUCCESS)
+- goto on_error;
+-
+ /* Register this dialog to user agent. */
+ status = pjsip_ua_register_dlg( ua, dlg );
+ if (status != PJ_SUCCESS)
+@@ -506,12 +506,6 @@ pj_status_t create_uas_dialog( pjsip_user_agent *ua,
+ }
+ dlg->route_set_frozen = PJ_TRUE;
+
+- /* Init client authentication session. */
+- status = pjsip_auth_clt_init(&dlg->auth_sess, dlg->endpt,
+- dlg->pool, 0);
+- if (status != PJ_SUCCESS)
+- goto on_error;
+-
+ /* Increment the dialog's lock since tsx may cause the dialog to be
+ * destroyed prematurely (such as in case of transport error).
+ */
+--
+2.7.4
+
--- /dev/null
+When a transport error occured on an INVITE session
+the stack calls on_tsx_state_changed with new state
+PJSIP_INV_STATE_DISCONNECTED and immediately destroys
+the INVITE session.
+At the same time this INVITE session could being processed
+on another thread. This thread could use the session's
+memory pools which were already freed, so we get segfault.
+
+This patch adds a reference counter and new functions:
+pjsip_inv_add_ref and pjsip_inv_dec_ref.
+The INVITE session is destroyed only when the reference
+counter has reached zero.
+
+To avoid race condition an application should call
+pjsip_inv_add_ref/pjsip_inv_dec_ref.
+
+Index: pjsip/include/pjsip-ua/sip_inv.h
+===================================================================
+--- a/pjsip/include/pjsip-ua/sip_inv.h (revision 5434)
++++ b/pjsip/include/pjsip-ua/sip_inv.h (revision 5435)
+@@ -383,6 +383,11 @@
+ * Other applications that want to use these pools must understand
+ * that the flip-flop pool's lifetimes are synchronized to the
+ * SDP offer-answer negotiation.
++ *
++ * The lifetime of this session is controlled by the reference counter in this
++ * structure, which is manipulated by calling #pjsip_inv_add_ref and
++ * #pjsip_inv_dec_ref. When the reference counter has reached zero, then
++ * this session will be destroyed.
+ */
+ struct pjsip_inv_session
+ {
+@@ -412,6 +417,7 @@
+ struct pjsip_timer *timer; /**< Session Timers. */
+ pj_bool_t following_fork; /**< Internal, following
+ forked media? */
++ pj_atomic_t *ref_cnt; /**< Reference counter. */
+ };
+
+
+@@ -631,6 +637,30 @@
+
+
+ /**
++ * Add reference counter to the INVITE session. The reference counter controls
++ * the life time of the session, ie. when the counter reaches zero, then it
++ * will be destroyed.
++ *
++ * @param inv The INVITE session.
++ * @return PJ_SUCCESS if the INVITE session reference counter
++ * was increased.
++ */
++PJ_DECL(pj_status_t) pjsip_inv_add_ref( pjsip_inv_session *inv );
++
++/**
++ * Decrement reference counter of the INVITE session.
++ * When the session is no longer used, it will be destroyed and
++ * caller is informed with PJ_EGONE return status.
++ *
++ * @param inv The INVITE session.
++ * @return PJ_SUCCESS if the INVITE session reference counter
++ * was decreased. A status PJ_EGONE will be returned to
++ * inform that session is destroyed.
++ */
++PJ_DECL(pj_status_t) pjsip_inv_dec_ref( pjsip_inv_session *inv );
++
++
++/**
+ * Forcefully terminate and destroy INVITE session, regardless of
+ * the state of the session. Note that this function should only be used
+ * when there is failure in the INVITE session creation. After the
+Index: pjsip/src/pjsip-ua/sip_inv.c
+===================================================================
+--- a/pjsip/src/pjsip-ua/sip_inv.c (revision 5434)
++++ b/pjsip/src/pjsip-ua/sip_inv.c (revision 5435)
+@@ -195,6 +195,65 @@
+ }
+
+ /*
++ * Add reference to INVITE session.
++ */
++PJ_DEF(pj_status_t) pjsip_inv_add_ref( pjsip_inv_session *inv )
++{
++ PJ_ASSERT_RETURN(inv && inv->ref_cnt, PJ_EINVAL);
++
++ pj_atomic_inc(inv->ref_cnt);
++
++ return PJ_SUCCESS;
++}
++
++static void inv_session_destroy(pjsip_inv_session *inv)
++{
++ if (inv->last_ack) {
++ pjsip_tx_data_dec_ref(inv->last_ack);
++ inv->last_ack = NULL;
++ }
++ if (inv->invite_req) {
++ pjsip_tx_data_dec_ref(inv->invite_req);
++ inv->invite_req = NULL;
++ }
++ if (inv->pending_bye) {
++ pjsip_tx_data_dec_ref(inv->pending_bye);
++ inv->pending_bye = NULL;
++ }
++ pjsip_100rel_end_session(inv);
++ pjsip_timer_end_session(inv);
++ pjsip_dlg_dec_session(inv->dlg, &mod_inv.mod);
++
++ /* Release the flip-flop pools */
++ pj_pool_release(inv->pool_prov);
++ inv->pool_prov = NULL;
++ pj_pool_release(inv->pool_active);
++ inv->pool_active = NULL;
++
++ pj_atomic_destroy(inv->ref_cnt);
++ inv->ref_cnt = NULL;
++}
++
++/*
++ * Decrease INVITE session reference, destroy it when the reference count
++ * reaches zero.
++ */
++PJ_DEF(pj_status_t) pjsip_inv_dec_ref( pjsip_inv_session *inv )
++{
++ pj_atomic_value_t ref_cnt;
++
++ PJ_ASSERT_RETURN(inv && inv->ref_cnt, PJ_EINVAL);
++
++ ref_cnt = pj_atomic_dec_and_get(inv->ref_cnt);
++ pj_assert( ref_cnt >= 0);
++ if (ref_cnt == 0) {
++ inv_session_destroy(inv);
++ return PJ_EGONE;
++ }
++ return PJ_SUCCESS;
++}
++
++/*
+ * Set session state.
+ */
+ static void inv_set_state(pjsip_inv_session *inv, pjsip_inv_state state,
+@@ -261,27 +320,7 @@
+ if (inv->state == PJSIP_INV_STATE_DISCONNECTED &&
+ prev_state != PJSIP_INV_STATE_DISCONNECTED)
+ {
+- if (inv->last_ack) {
+- pjsip_tx_data_dec_ref(inv->last_ack);
+- inv->last_ack = NULL;
+- }
+- if (inv->invite_req) {
+- pjsip_tx_data_dec_ref(inv->invite_req);
+- inv->invite_req = NULL;
+- }
+- if (inv->pending_bye) {
+- pjsip_tx_data_dec_ref(inv->pending_bye);
+- inv->pending_bye = NULL;
+- }
+- pjsip_100rel_end_session(inv);
+- pjsip_timer_end_session(inv);
+- pjsip_dlg_dec_session(inv->dlg, &mod_inv.mod);
+-
+- /* Release the flip-flop pools */
+- pj_pool_release(inv->pool_prov);
+- inv->pool_prov = NULL;
+- pj_pool_release(inv->pool_active);
+- inv->pool_active = NULL;
++ pjsip_inv_dec_ref(inv);
+ }
+ }
+
+@@ -838,6 +877,12 @@
+ inv = PJ_POOL_ZALLOC_T(dlg->pool, pjsip_inv_session);
+ pj_assert(inv != NULL);
+
++ status = pj_atomic_create(dlg->pool, 0, &inv->ref_cnt);
++ if (status != PJ_SUCCESS) {
++ pjsip_dlg_dec_lock(dlg);
++ return status;
++ }
++
+ inv->pool = dlg->pool;
+ inv->role = PJSIP_ROLE_UAC;
+ inv->state = PJSIP_INV_STATE_NULL;
+@@ -881,6 +926,7 @@
+ pjsip_100rel_attach(inv);
+
+ /* Done */
++ pjsip_inv_add_ref(inv);
+ *p_inv = inv;
+
+ pjsip_dlg_dec_lock(dlg);
+@@ -1471,6 +1517,12 @@
+ inv = PJ_POOL_ZALLOC_T(dlg->pool, pjsip_inv_session);
+ pj_assert(inv != NULL);
+
++ status = pj_atomic_create(dlg->pool, 0, &inv->ref_cnt);
++ if (status != PJ_SUCCESS) {
++ pjsip_dlg_dec_lock(dlg);
++ return status;
++ }
++
+ inv->pool = dlg->pool;
+ inv->role = PJSIP_ROLE_UAS;
+ inv->state = PJSIP_INV_STATE_NULL;
+@@ -1540,6 +1592,7 @@
+ }
+
+ /* Done */
++ pjsip_inv_add_ref(inv);
+ pjsip_dlg_dec_lock(dlg);
+ *p_inv = inv;
+
--- /dev/null
+--- a/pjlib/src/pj/sock_bsd.c
++++ b/pjlib/src/pj/sock_bsd.c
+@@ -539,6 +539,10 @@
+ pj_sock_setsockopt(*sock, pj_SOL_SOCKET(), pj_SO_NOSIGPIPE(),
+ &val, sizeof(val));
+ }
++ if (af != PJ_AF_INET) { /* Linux Kernel 2.4.21; June 2003 */
++ pj_sock_setsockopt(*sock, PJ_SOL_IPV6, IPV6_V6ONLY,
++ &val, sizeof(val));
++ }
+ #if defined(PJ_IPHONE_OS_HAS_MULTITASKING_SUPPORT) && \
+ PJ_IPHONE_OS_HAS_MULTITASKING_SUPPORT!=0
+ if (type == pj_SOCK_DGRAM()) {
--- /dev/null
+From a5efddbe9151e9ad99279e59566c86f8bc27d3a9 Mon Sep 17 00:00:00 2001
+From: George Joseph <gjoseph@digium.com>
+Date: Wed, 7 Sep 2016 13:10:57 -0600
+Subject: [PATCH] resolver.c: Prevent SERVFAIL from marking name server bad
+
+A name server that returns "Server Failure" is indicating only that
+the server couldn't process that particular request. We should NOT
+assume that the name server is incapable of serving other requests.
+
+Here's the scenario we've been encountering...
+
+* 2 local name servers configured in resolv.conf.
+* An OPTIONS request causes a request for A and AAAA records to go out
+ to both nameservers.
+* The A responses both come back successfully resolved.
+* Because of an issue at some upstream nameserver, the AAAA responses
+ for that particular query come back as "SERVFAIL" from both local
+ name servers.
+* Both local servers are marked as bad and no further queries can be
+ sent until the 60 second ttl expires. Only previously cached results
+ can be used.
+* In this case, 60 seconds is just enough time for another OPTIONS
+ request to go out to the same host so the cycle repeats.
+
+We could set the bad ttl really low but that also affects REFUSED and
+NOTAUTH which probably DO signal a real server issue. Besides, even
+a really low bad ttl would be an issue on a pbx.
+---
+ pjlib-util/src/pjlib-util/resolver.c | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/pjlib-util/src/pjlib-util/resolver.c b/pjlib-util/src/pjlib-util/resolver.c
+index d277e4f..540f88f 100644
+--- a/pjlib-util/src/pjlib-util/resolver.c
++++ b/pjlib-util/src/pjlib-util/resolver.c
+@@ -1384,8 +1384,7 @@ static void report_nameserver_status(pj_dns_resolver *resolver,
+ q_id = (pj_uint32_t)-1;
+ }
+
+- if (!pkt || rcode == PJ_DNS_RCODE_SERVFAIL ||
+- rcode == PJ_DNS_RCODE_REFUSED ||
++ if (!pkt || rcode == PJ_DNS_RCODE_REFUSED ||
+ rcode == PJ_DNS_RCODE_NOTAUTH)
+ {
+ is_good = PJ_FALSE;
+--
+2.7.4
+
--- /dev/null
+From 9e67e0d5c3fdc747530a956038b374fca4748b76 Mon Sep 17 00:00:00 2001
+From: riza <riza@localhost>
+Date: Thu, 13 Oct 2016 09:02:50 +0000
+Subject: [PATCH 1/4] Re #1969: Fix crash on using an already destroyed SSL
+ socket.
+
+---
+ pjlib/src/pj/ssl_sock_ossl.c | 66 ++++++++++++++++++++++++++++----------------
+ 1 file changed, 42 insertions(+), 24 deletions(-)
+
+diff --git a/pjlib/src/pj/ssl_sock_ossl.c b/pjlib/src/pj/ssl_sock_ossl.c
+index fa0db2d..ceab67a 100644
+--- a/pjlib/src/pj/ssl_sock_ossl.c
++++ b/pjlib/src/pj/ssl_sock_ossl.c
+@@ -822,7 +822,10 @@ static void close_sockets(pj_ssl_sock_t *ssock)
+ pj_lock_acquire(ssock->write_mutex);
+ asock = ssock->asock;
+ if (asock) {
+- ssock->asock = NULL;
++ // Don't set ssock->asock to NULL, as it may trigger assertion in
++ // send operation. This should be safe as active socket will simply
++ // return PJ_EINVALIDOP on any operation if it is already closed.
++ //ssock->asock = NULL;
+ ssock->sock = PJ_INVALID_SOCKET;
+ }
+ sock = ssock->sock;
+@@ -841,9 +844,9 @@ static void close_sockets(pj_ssl_sock_t *ssock)
+ /* Reset SSL socket state */
+ static void reset_ssl_sock_state(pj_ssl_sock_t *ssock)
+ {
++ pj_lock_acquire(ssock->write_mutex);
+ ssock->ssl_state = SSL_STATE_NULL;
+-
+- destroy_ssl(ssock);
++ pj_lock_release(ssock->write_mutex);
+
+ close_sockets(ssock);
+
+@@ -1612,6 +1615,21 @@ static pj_status_t do_handshake(pj_ssl_sock_t *ssock)
+ return PJ_EPENDING;
+ }
+
++static void ssl_on_destroy(void *arg)
++{
++ pj_pool_t *pool = NULL;
++ pj_ssl_sock_t *ssock = (pj_ssl_sock_t*)arg;
++
++ destroy_ssl(ssock);
++
++ pj_lock_destroy(ssock->write_mutex);
++
++ pool = ssock->pool;
++ ssock->pool = NULL;
++ if (pool)
++ pj_pool_release(pool);
++}
++
+
+ /*
+ *******************************************************************
+@@ -1830,7 +1848,7 @@ static pj_bool_t asock_on_accept_complete (pj_activesock_t *asock,
+
+ /* Create new SSL socket instance */
+ status = pj_ssl_sock_create(ssock_parent->pool,
+- &ssock_parent->newsock_param, &ssock);
++ &ssock_parent->newsock_param, &ssock);
+ if (status != PJ_SUCCESS)
+ goto on_return;
+
+@@ -1906,12 +1924,10 @@ static pj_bool_t asock_on_accept_complete (pj_activesock_t *asock,
+ if (status != PJ_SUCCESS)
+ goto on_return;
+
+- /* Temporarily add ref the group lock until active socket creation,
+- * to make sure that group lock is destroyed if the active socket
+- * creation fails.
+- */
+ pj_grp_lock_add_ref(glock);
+ asock_cfg.grp_lock = ssock->param.grp_lock = glock;
++ pj_grp_lock_add_handler(ssock->param.grp_lock, ssock->pool, ssock,
++ ssl_on_destroy);
+ }
+
+ pj_bzero(&asock_cb, sizeof(asock_cb));
+@@ -1927,11 +1943,6 @@ static pj_bool_t asock_on_accept_complete (pj_activesock_t *asock,
+ ssock,
+ &ssock->asock);
+
+- /* This will destroy the group lock if active socket creation fails */
+- if (asock_cfg.grp_lock) {
+- pj_grp_lock_dec_ref(asock_cfg.grp_lock);
+- }
+-
+ if (status != PJ_SUCCESS)
+ goto on_return;
+
+@@ -2251,17 +2262,26 @@ PJ_DEF(pj_status_t) pj_ssl_sock_create (pj_pool_t *pool,
+ /* Create secure socket mutex */
+ status = pj_lock_create_recursive_mutex(pool, pool->obj_name,
+ &ssock->write_mutex);
+- if (status != PJ_SUCCESS)
++ if (status != PJ_SUCCESS) {
++ pj_pool_release(pool);
+ return status;
++ }
+
+ /* Init secure socket param */
+ pj_ssl_sock_param_copy(pool, &ssock->param, param);
++
++ if (ssock->param.grp_lock) {
++ pj_grp_lock_add_ref(ssock->param.grp_lock);
++ pj_grp_lock_add_handler(ssock->param.grp_lock, pool, ssock,
++ ssl_on_destroy);
++ }
++
+ ssock->param.read_buffer_size = ((ssock->param.read_buffer_size+7)>>3)<<3;
+ if (!ssock->param.timer_heap) {
+ PJ_LOG(3,(ssock->pool->obj_name, "Warning: timer heap is not "
+ "available. It is recommended to supply one to avoid "
+- "a race condition if more than one worker threads "
+- "are used."));
++ "a race condition if more than one worker threads "
++ "are used."));
+ }
+
+ /* Finally */
+@@ -2277,8 +2297,6 @@ PJ_DEF(pj_status_t) pj_ssl_sock_create (pj_pool_t *pool,
+ */
+ PJ_DEF(pj_status_t) pj_ssl_sock_close(pj_ssl_sock_t *ssock)
+ {
+- pj_pool_t *pool;
+-
+ PJ_ASSERT_RETURN(ssock, PJ_EINVAL);
+
+ if (!ssock->pool)
+@@ -2290,12 +2308,11 @@ PJ_DEF(pj_status_t) pj_ssl_sock_close(pj_ssl_sock_t *ssock)
+ }
+
+ reset_ssl_sock_state(ssock);
+- pj_lock_destroy(ssock->write_mutex);
+-
+- pool = ssock->pool;
+- ssock->pool = NULL;
+- if (pool)
+- pj_pool_release(pool);
++ if (ssock->param.grp_lock) {
++ pj_grp_lock_dec_ref(ssock->param.grp_lock);
++ } else {
++ ssl_on_destroy(ssock);
++ }
+
+ return PJ_SUCCESS;
+ }
+@@ -2782,6 +2799,7 @@ pj_ssl_sock_start_accept2(pj_ssl_sock_t *ssock,
+
+ /* Start accepting */
+ pj_ssl_sock_param_copy(pool, &ssock->newsock_param, newsock_param);
++ ssock->newsock_param.grp_lock = NULL;
+ status = pj_activesock_start_accept(ssock->asock, pool);
+ if (status != PJ_SUCCESS)
+ goto on_error;
+--
+2.7.4
+
* compile if you set it to greater than FD_SETSIZE.
*/
#include <sys/select.h>
+#ifdef PJ_HAS_LINUX_EPOLL
+#define PJ_IOQUEUE_MAX_HANDLES (5000)
+#else
#define PJ_IOQUEUE_MAX_HANDLES (FD_SETSIZE)
-
-/* Set for maximum server performance.
- * In tests, setting these parameters reduced
- * CPU load by approximately 25% for the same number
- * of calls per second. Your results will vary,
- * of course.
- */
+#endif
+#define PJ_IOQUEUE_HAS_SAFE_UNREG 1
+#define PJ_IOQUEUE_MAX_EVENTS_IN_SINGLE_POLL (16)
+
#define PJ_SCANNER_USE_BITWISE 0
#define PJ_OS_HAS_CHECK_STACK 0
#define PJ_LOG_MAX_LEVEL 3
-#define PJ_ENABLE_EXTRA_CHECK 0
+#define PJ_ENABLE_EXTRA_CHECK 1
#define PJSIP_MAX_TSX_COUNT ((64*1024)-1)
#define PJSIP_MAX_DIALOG_COUNT ((64*1024)-1)
#define PJSIP_UDP_SO_SNDBUF_SIZE (512*1024)
#define PJSIP_SAFE_MODULE 0
#define PJ_HAS_STRICMP_ALNUM 0
#define PJ_HASH_USE_OWN_TOLOWER 1
-#define PJSIP_UNESCAPE_IN_PLACE 1
+/*
+ It is imperative that PJSIP_UNESCAPE_IN_PLACE remain 0 or undefined.
+ Enabling it will result in SEGFAULTS when URIs containing escape sequences are encountered.
+*/
+#undef PJSIP_UNESCAPE_IN_PLACE
+#define PJSIP_MAX_PKT_LEN 6000
+
#undef PJ_TODO
#define PJ_TODO(x)
+
+/* Defaults too low for WebRTC */
+#define PJ_ICE_MAX_CAND 32
+#define PJ_ICE_MAX_CHECKS (PJ_ICE_MAX_CAND * 2)
Summary: PJSIP - free and open source multimedia communication library
Name: pjproject
Version: 2.5.5
-Release: 1
+Release: 2
License: GPL v2+
Group: Libraries
Source0: http://www.pjsip.org/release/%{version}/%{name}-%{version}.tar.bz2
# Source0-md5: 183f7144b9aa238884243c0fc52ece36
Source1: config_site.h
Patch0: %{name}-ilbc-link.patch
+# patches from Asterisk
+Patch100: 0001-r5397-pjsip_generic_array_max_count.patch
+Patch101: 0001-r5400-pjsip_tx_data_dec_ref.patch
+Patch102: 0002-Fix-1946-Avoid-deinitialization-of-uninitialized-cli.patch
+Patch103: 0002-r5435-add-pjsip_inv_session-ref_cnt.patch
+Patch104: 0003-r5403-pjsip_IPV6_V6ONLY.patch
+Patch105: 0004-resolver.c-Prevent-SERVFAIL-from-marking-name-server.patch
+Patch106: 0005-Re-1969-Fix-crash-on-using-an-already-destroyed-SSL-.patch
URL: http://www.pjsip.org/
%{?with_video:BuildRequires: SDL2-devel}
BuildRequires: SILK_SDK-devel
%setup -q
%patch0 -p1
+%patch100 -p1
+%patch101 -p1
+%patch102 -p1
+%patch103 -p1
+%patch104 -p1
+%patch105 -p1
+%patch106 -p1
+
cp -p %{SOURCE1} pjlib/include/pj/config_site.h
%build
projects / packages / pjproject.git / commitdiff