=========================== Release 4.0.0-rc1 ==============================

2026-05-20  Razvan Crainea  <razvan@opensips.org>
        * [d7d905586d] :

        bin: fix packet size log format

        (cherry picked from commit ab8a84249c28a369d639fbd69bf693cd158819f1)


2026-05-20  Razvan Crainea  <razvan@opensips.org>
        * [510ce80f08] :

        build: use -Wno-atomic-alignment only for clang

        (cherry picked from commit fac6a9f17b9fa5f0a4db29971a3971e7faf7a432)


2026-05-20  Razvan Crainea  <razvan@opensips.org>
        * [f9ee95a8e9] :

        bin: use portable size print

        (cherry picked from commit 13827e1a941201bc41f79f7edabe1ad6f2a534a4)


2026-05-20  Razvan Crainea  <razvan@opensips.org>
        * [a6f2cf7b87] :

        rtpengine: properly reset pvar

        (cherry picked from commit d08cfc5104c0d85fb5ad5c0ca6424930d8595635)


2026-05-20  Razvan Crainea  <razvan@opensips.org>
        * [ed018c349b] :

        rtpengine: avoid looping when a server is enforced

        (cherry picked from commit 0665f671d811ab44559e1033651964286e6a6b08)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [4232171dfc] :

        compression: fix decompression bounds checks

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit e78608619b9ebe7454e0c9ce43e5d56762f9c47a)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [d2363d31dc] :

        proto_smpp: harden SMPP string bounds

        Reported-by: Haruto Kimura (Stella)
        Reported-by: jming912
        Fixes #3847
        Fixes #3848

        (cherry picked from commit ad715b5dc1d5e7aecf27e11839f99d510bdeaea6)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [d703b76c74] :

        usrloc: fix cachedb contact match key size

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 47e027c038d1c699bb1e5ed33731054f58aeffcc)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [00c434d32c] :

        bin: validate received packet bounds

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 76b61fefdb0ae125583030be5f999b74756a056c)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [ec9f4425e4] :

        pi_http: avoid POST argument OOB access

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 3ac1244805d96ab5e717a9c5e6c1c3af453efb18)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [a2f621c8a9] :

        sdp: bound parsed SDP line count

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 34d244171aa0aba7892c5567708cd4179aebb341)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [73230d7503] :

        registrar: dinamically grow temporary GRUU buffer

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 7a51936e08705eec202be5dced2ab3c22bc9fd14)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [d8ac1ba5b9] :

        aaa_diameter: bound accounting AVP collection

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 9c2c5ff8ecb3e43d2f0e495f26d62b99cd04b0fb)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [0a728fd6e8] :

        clusterer: bound topology packet counts

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 93c286af60ad8101d56198d5a0e4a6e6efbe5e52)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [5844e56613] :

        b2b_logic: stop oversized Replaces rewrite

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 381604899574713d1406210b1b066063a16216ee)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [61d6152d8a] :

        b2b_entities: bound generated RAck headers

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 7761e3c1e9039d1b6e37ed9c20ee74700a7137a9)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [626112c9aa] :

        topology_hiding: bound encoded contact lengths

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 4195754ca32c9d7e639a334d8d0550b3c30aa826)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [5589fb1cd9] :

        rr: bound maddr URI construction

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 02ca6f06492fa92d5ae7583908e84b682a0c34a3)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [06712cb5d9] :

        proto_hep: reject HEPv3 frames without payload

        Treat HEPv3 packets without a payload chunk as malformed before
        callbacks or SIP message parsing can consume the zero-initialized
        payload pointer and length. Also route UDP unpacking failures through
        the existing cleanup path.

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 8fd2109b06b9841627965c42852efdc47c8cf5b4)


2026-05-19  Razvan Crainea  <razvan@opensips.org>
        * [99669a9019] :

        proto_hep: validate HEPv3 chunk lengths

        Reject malformed HEPv3 packet and chunk lengths before parsing
        chunk-specific data. This prevents zero-length chunks from stalling the
        parser loop and avoids length underflow while walking the advertised
        packet body.

        Reported-by: Haruto Kimura (Stella)
        (cherry picked from commit 41756b8a77cdf69bc3aaeb8e88b734a7fa87a26e)


2026-05-19  Liviu Chircu  <liviu@opensips.org>
        * [9a8499142c] :

        Merge branch 'compression_overflow' of github.com:john08burke/opensips into john08burke-compression_overflow

        mc_compact() calculated the output size of preserved headers using the
        normalized parser fields: header name, ": ", body and CRLF.

        However, for preserved long-form headers, it wrote the original raw header
        span instead.  If the input header contained extra whitespace after the
        colon, such as "Supported:   100rel", the writer emitted more bytes than
        the size calculation reserved, causing a buffer overflow and later memory
        corruption.

        Always rebuild preserved headers from the same normalized fields used by
        the length calculation, instead of mixing normalized accounting with raw
        header copying.

        (cherry picked from commit d016658049fe5e2fa1061d16365507de0816fdce)


2026-05-17  OpenSIPS  <github@opensips.org>
        * [696753cc9f] :

        Rebuild documentation


2026-05-15  Liviu Chircu  <liviu@opensips.org>
        * [7b5745d62f] :

        usrloc cluster: Fix possible SHM memory leak

        Commit 343f452c15 included a possible memory leak whenever the
        .kv_storage field was already allocated in the urecord_t structure.

        (cherry picked from commit 1c505c5e3f61e173bb5a89bb316315173e6e6330)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [47bb121fb0] :

        xmpp: validate resolved IPv4 addresses

        (cherry picked from commit 15ed7355c6c888082d75fa08667c975a61459360)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [8c2614afec] :

        jabber: validate resolved address family

        (cherry picked from commit 4103862c7c9728f555f515b0628c3755e298bccc)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [4c98c4c2de] :

        rtpengine: allow IPv6 destinations in sockets

        (cherry picked from commit afec9c857e773c0707ceaa1bb13753de72639e71)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [91e13270ed] :

        presence: handle case when Content-Type is missing

        Also properly test the mime type, incorporating both type and subtype

        (cherry picked from commit a03b8a82e96d591adf4f8ef81978497e6036cbfd)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [73279c3fe9] :

        presence: make sure Content-Type is parsed

        (cherry picked from commit 5949135249019720b9078773bbf78f6317e3b8bf)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [80340bae31] :

        imc: centralize user body formatting

        (cherry picked from commit 3571c128760af9ac64065710c767ce7cda47a940)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [d3c4b6da76] :

        imc: reject oversized unknown command replies

        (cherry picked from commit 07d54dbc966347148e7ca5b86671843a01ff7f7d)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [1cef34147d] :

        imc: fix member list buffer overflow

        Build #list replies in an exact-sized pkg buffer instead of the fixed module buffer. Check length arithmetic before copying member URIs so large rooms cannot overflow the response body.

        (cherry picked from commit 76afe34203d571bb8709eeaca00ef9a300187617)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [33d11d70d9] :

        mem: drop unused q_malloc counter

        (cherry picked from commit e95fbffcec303891601607282d41dc3b9b890b14)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [ac5309d5b8] :

        sdp: reject malformed bandwidth lines

        (cherry picked from commit 38d0e6ea07c4f4441f00f4e3723432fe557f961d)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [e965dcf8f9] :

        presence: drop unused variable

        (cherry picked from commit f86942e32ca1986e622caf52cbf00f0abc3b22b9)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [dd86461b71] :

        presence: fix winfo  XML overflow on long URIs

        (cherry picked from commit eeb331cd57d096ad7c767d9c0ef25010d020941a)


2026-05-13  Tristan  <1075304+TristanInSec@users.noreply.github.com>
        * [5f103effaf] :

        core: enforce bounds checks on input-derived lengths (#3888)

        - transformations: account for base64 4/3 expansion in b64encode
          output length check
        - parser/parse_body: validate remaining buffer length before delimiter
          comparison in multipart boundary search
        - net/proto_tcp: validate Content-Length value before multiplication
          to prevent integer wraparound
        - sipmsgops: enforce header name length limit in sip_to_json
          conversion
        - msg_translator: validate total URI length in construct_uri before
          writing components

        (cherry picked from commit bd32a79eb38429995e30bf7c3859e3ed5b085c49)


2026-05-13  volga629-1  <59034879+volga629-1@users.noreply.github.com>
        * [c5af7f7f5b] :

        proto_smpp: bound sm_length against buffer overflow (#3891)

        Clamp attacker-controlled sm_length to MAX_SMS_CHARACTERS in
        parse_submit_or_deliver_body() and reject oversized or odd UCS2
        lengths in recv_smpp_msg() before they reach copy_fixed_str()
        or the GSM7/UCS2 decoders.

        Fixes a stack/heap buffer overflow reachable from a malicious
        SMSC peer sending submit_sm/deliver_sm with sm_length > 254.

        Signed-off-by: NetworkLab Dev <info@networklab.ca>
        (cherry picked from commit 6089db4ab94ba2ea09f8a88fd792c64949198ba4)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [feb57fa516] :

        opentelemetry: drop dependency of the pt.h module

        Close #3869

        (cherry picked from commit 5f106c47674b4a8f818adeb30f87034625fed51f)


2026-05-13  Razvan Crainea  <razvan@opensips.org>
        * [703e8b5264] :

        add inttypes format for i686 architectures

        (cherry picked from commit feccfa614f1059073eea4363bf6d7170906fe922)


2026-05-12  Peter Lemenkov  <lemenkov@gmail.com>
        * [c2e75946b9] :

        Fix format specifier warnings on 32-bit architectures (i686) (#3791)

        During compilation on i686 (32-bit) architecture with GCC 15, format
        specifier warnings appear due to type size differences between 32-bit
        and 64-bit platforms.

        ```
        server.c: In function 'on_frame_recv_callback':
        warning: format '%ld' expects argument of type 'long int', but argument 14
        has type 'size_t' {aka 'unsigned int'} [-Wformat=]
          638 |  LM_DBG("h2 header [%d], %p %ld\n", frame->hd.type, frame->headers.nva, frame->headers.nvlen);

        dm_impl.c: In function 'dm_avps2json':
        warning: format '%ld' expects argument of type 'long int', but argument 15
        has type 'int64_t' {aka 'long long int'} [-Wformat=]
          484 |  LM_DBG("%2d. got int64   AVP %s (%u), value: %ld\n", i, dm_avp.avp_name, h->avp_code, h->avp_value->i64);

        warning: format '%lu' expects argument of type 'long unsigned int', but argument 15
        has type 'uint64_t' {aka 'long long unsigned int'} [-Wformat=]
          494 |  LM_DBG("%2d. got uint64  AVP %s (%u), value: %lu\n", i, dm_avp.avp_name, h->avp_code, h->avp_value->u64);
        ```

        Type sizes differ between 32-bit and 64-bit architectures:

        **On x86_64 (64-bit):**
        - `size_t` = `unsigned long` (8 bytes)
        - `int64_t` = `long int` (8 bytes)

        **On i686 (32-bit):**
        - `size_t` = `unsigned int` (4 bytes)
        - `int64_t` = `long long int` (8 bytes)
        - `uint64_t` = `unsigned long long int` (8 bytes)

        Use portable C99 format specifiers that work correctly on all
        architectures:

        - `%zu` for `size_t` (modules/http2d/server.c line 638)
        - `%" PRId64` for `int64_t` (modules/aaa_diameter/dm_impl.c line 484)
        - `%" PRIu64` for `uint64_t` (modules/aaa_diameter/dm_impl.c line 494)

        Assisted-by: Claude (Anthropic) <https://claude.ai>

        Signed-off-by: Peter Lemenkov <lemenkov@gmail.com>
        (cherry picked from commit 672e4dd4d3338f4045fb8f914cf76b47d1a0a148)


2026-05-12  Razvan Crainea  <razvan@opensips.org>
        * [2c0e549f93] :

        b2b_entities: preserved leg index when answering call

        Introduced in 862fa537, when the `pass-legs-upstream` flag was used and
        the call was answered by any other leg but the first one, the index of
        the leg has to be "preserved", otherwise the subsequent requests will
        contain index 1, not the actual index.

        (cherry picked from commit 73ef9dda2611348466aea189d8f177b9e2337c0a)


2026-05-11  Razvan Crainea  <razvan@opensips.org>
        * [e0511d43c4] :

        github: bump actions versions to avoid deprecation

        (cherry picked from commit 0d62134d29cc0b12c32fd8ee687078af5b8cd838)


2026-05-11  Ovidiu Sas  <osas@voipembedded.com>
        * [3e99d46c96] :

        topology_hiding: fix crash when th_callid_loop_protection is disabled (#3881)

        (cherry picked from commit f98d0823408b6bf5d52085518eab1de6d2f11d13)


2026-05-11  Razvan Crainea  <razvan@opensips.org>
        * [baf0645ef5] :

        presence: remove deprecated xmlMemoryDump()

        (cherry picked from commit 7ea25d91355b165a7b08d68e99898ed506b9b69b)


2026-05-10  OpenSIPS  <github@opensips.org>
        * [205a9d7ba0] :

        Rebuild documentation


2026-05-07  Jarrod Baumann  <j@rrod.io>
        * [bfe3896b84] :

        cgrates: add missing { NULL, NULL } terminator to modparam deps array

        (cherry picked from commit 7358018a857cec0d35fccce9dceb8d735773f3ba)


2026-05-06  Liviu Chircu  <liviu@opensips.org>
        * [293d7e716f] :

        PN Support: Add few unit tests for t_wait_for_new_branches()

        (cherry picked from commit 5358eee98523c186d113e077661710e636eb6625)


2026-05-06  Liviu Chircu  <liviu@opensips.org>
        * [d17fb7df6c] :

        registrar: Fix unit tests on OpenSIPS 4.0+

        (cherry picked from commit 49a548536ffac9ca20fb89d0d962c24832052cb8)


2026-05-06  Liviu Chircu  <liviu@opensips.org>
        * [749bf9f305] :

        registrar: Improve error handling

        (cherry picked from commit 1875c584795952cbf9b2c4bf35777683e6ac0091)


2026-05-06  Liviu Chircu  <liviu@opensips.org>
        * [fb7e5c41db] :

        PN Support: Complete commit e7cf1d595

        The fix in e7cf1d595 was not complete, as we must add both PN, non-PN
        branches as well as any pre-existing append_branches() into the
        t_wait_for_new_branches() wait count, otherwise the UAC-side transaction
        could end prematurely, before the PN-branch gets a chance to deliver and
        connect the call.

        (cherry picked from commit 6b058932285bfe95ab440ea61b8a34e2d8d6d722)


2026-05-03  OpenSIPS  <github@opensips.org>
        * [f83e33adc2] :

        Rebuild documentation


2026-04-26  Ovidiu Sas  <osas@voipembedded.com>
        * [ee5c1a6cff] :

        dialog: fix documentation for load_dialog_ctx( dialog [, id_type] [, active_only])

        (cherry picked from commit eb4fba7af031714059b3f48c2713afeb535bf516)


2026-04-26  OpenSIPS  <github@opensips.org>
        * [6f34cbc4e3] :

        Rebuild documentation


2026-04-24  Liviu Chircu  <liviu@opensips.org>
        * [0760df09b9] :

        python: Improve compatibility with Debian 13

        The "python" binary is no longer provided by default -> adjust Makefile.

        (cherry picked from commit 70003cf10784a28f4fb18b6d446b30c6a07a8027)


2026-04-23  Liviu Chircu  <liviu@opensips.org>
        * [4bdab3954b] :

        aaa_diameter: fix reply cJSON ownership in dm_send_request() paths

        _dm_get_message_response() detached cond->rpl.json into a temporary
        reply object before wrapper cleanup ran.  Now, cleanup frees only
        cond->rpl.json, so the SHM-backed cJSON reply tree leaked.

        (cherry picked from commit 1e8001fa00247667b1a780345473ace416cb08a0)


2026-04-22  Liviu Chircu  <liviu@opensips.org>
        * [02b0ae7e59] :

        dialog: Document the new PRACK handling modparams

        (cherry picked from commit 34a0fc066769002b788ce814791ca0cd4110701c)


2026-04-22  Liviu Chircu  <liviu@opensips.org>
        * [855f3e1437] :

        TCP core: Add docs for tcp_close_conn() and MI tcp:close

        (cherry picked from commit a66a151826b7825ee1010b02cc3c8bfe768c3634)


=========================== Release 4.0.0-beta ==============================

2026-04-22  Liviu Chircu  <liviu at opensips dot org>
        * [11871c7449] :

        Bump version to 4.0.0-beta


2026-04-22  Liviu Chircu  <liviu at opensips dot org>
        * [a97d8b35d1] :

        Merge branch 'mr/feature-redis-unix-socket-lazy' of github.com:NormB/opensips into NormB-mr/feature-redis-unix-socket-lazy


2026-04-22  Liviu Chircu  <liviu at opensips dot org>
        * [624ef5b611] :

        Merge branch 'mr/feature-redis-cluster-management' of github.com:NormB/opensips into NormB-mr/feature-redis-cluster-management


2026-04-22  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [2b88be443f] :

        [opentelemetry] added proc_profiling modparam to enable PROC profiling too


2026-04-22  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [cc32efbec2] :

        [profiling] removed agressive debugging log

        To be used for devel only


2026-04-22  Liviu Chircu  <liviu at opensips dot org>
        * [6ff699d26b] :

        Merge branch 'mr/fix-redis-cluster-safety' of github.com:NormB/opensips into NormB-mr/fix-redis-cluster-safety


2026-04-22  rdondeti  <ravitez.dondeti at gmail dot com>
        * [1444c40a7d] :

        cachedb_redis: add ASK redirect handling for cluster resharding

        Add support for Redis ASK redirects during cluster resharding.  When
        a slot is being migrated between nodes, Redis returns an ASK response
        instead of MOVED.  Unlike MOVED (permanent redirect), ASK is a
        one-time redirect that requires sending the ASKING command to the
        target node before retrying the original query.

        The implementation:
         - Detects ASK responses alongside existing MOVED handling
         - Sends ASKING command to the target node before retrying
         - Reuses the MOVED redirect infrastructure (endpoint lookup,
           reconnection, retry logic)

        Also refactor parse_moved_reply() into parse_redirect_reply() that
        accepts the prefix as a parameter, with inline wrappers
        parse_moved_reply() and parse_ask_reply() for backward compatibility.

        Partially addresses #2811


2026-04-22  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [61ff46b005] :

        Merge pull request #3867 from wlp2s0/fix/drouting-weight-zero-random-selection

        drouting: fix random GW selection when all weights are zero

2026-04-22  Norm Brandinger  <n.brandinger at gmail dot com>
        * [f1fc0aa406] :

        cachedb_redis: add Redis cluster hash tag support to redisHash

        Fix redisHash() to extract hash tags per the Redis cluster spec
        and use the spec-mandated CRC16(key) mod 16384 bitmask.


2026-04-22  Razvan Crainea  <razvan at opensips dot org>
        * [e7d09a1933] :

        mi: create new tcp class for listing and terminating


2026-04-22  Razvan Crainea  <razvan at opensips dot org>
        * [7194f2fbf4] :

        net: list_tcp_conns dump TLS metadata

        Close #3677


2026-04-22  Razvan Crainea  <razvan at opensips dot org>
        * [3002f77e8b] :

        tls: cache some TLS information in shm


2026-04-22  Razvan Crainea  <razvan at opensips dot org>
        * [e8e1877e91] :

        net: list_tcp_conns add proto filter


2026-04-21  Ross Henderson  <rossmck at mac dot com>
        * [93680756b8] :

        tls_mgm: Don't require certificate for TLS clients

        (cherry picked from commit bf9f69f97a7629a078a01d9d14a26f100077daf8)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [3610069c06] :

        Add new "tcp_close_connection" script/MI function

        Takes either an "[proto:]ip:port" or a "tcp_conn_id" as 1st argument. If
        the protocol part is missing (e.g. only ip:port is supplied), all TCP
        protocols will be tried in order and have their connections matched,
        until a match is found.

        On a match, the function will proceed to force-close the respective
        connection, with no additional errors printed to the OpenSIPS log.


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [ad88fda211] :

        tls_mgm: Fix crash during OpenSIPS shutdown


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [a26565db25] :

        TCP: Fix occasional deadlock during a restart


2026-04-21  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [f4a32883ae] :

        [profiling] fix merge issue around new TCP code


2026-04-21  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [678d926925] :

        Merge remote-tracking branch 'origin/feature/proc_profiling'


2026-04-21  Norm Brandinger  <n.brandinger at gmail dot com>
        * [c01a8d7105] :

        dialog: support $DLG_dir in onreply_route via From-tag matching (#3817)

        When $DLG_dir is used in onreply_route, get_dlg_direction() returns
        DLG_DIR_NONE because ctx_lastdstleg is uninitialized in the reply
        processing context (it is only set after onreply_route completes,
        in the TMCB_RESPONSE_FWDED callback).

        Fall back to matching the reply's From-tag against the dialog's leg
        tags to determine direction:
          - From-tag matches caller leg  → upstream  (reply to caller)
          - From-tag matches callee leg  → downstream (reply to callee)

        All pointer dereferences are guarded against NULL to prevent any
        possibility of segfault on malformed or incomplete state.

        Fixes: https://github.com/OpenSIPS/opensips/issues/2132

2026-04-21  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [798290461c] :

        [profiling] added verbosity levels for profiling

        Also added extra_proc profiling (like mi_fifo, mi_datagram, rtpengine, rtpproxy, httpd)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [b0e3ee9f0f] :

        Merge branch 'feature/bw-sca-inbound'


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [620b7223bf] :

        presence_callinfo: Fix possible crash on shutdown

        ... in case "tm" happened to destroy after us and still run its
        callback.  Also locked the module ordering, to avoid future issues.

        (cherry picked from commit fe4b252d64353da8642024dc43af7c87933fbb0d)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [97cbd24ce9] :

        SCA: Fix issues with parsing Call-Info in SHM msg

        (cherry picked from commit e44b9268c7cdcd31aa2515849f476c6ffa4e4c41)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [ea3c1f47cd] :

        SCA: Add "held" advertising

        (cherry picked from commit cc69644be1fa4fba6451ef6c34533628a9ee0169)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [abc6191dd9] :

        presence_callinfo: Fix crash edge-case on dlgcb

        (cherry picked from commit 994520b7f72bcff77b90419ebc83380fe6c953f7)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [18f9cab8f5] :

        presence_callinfo: Add new SCA checking function

        The sca_engage() already contained these caller-side checks, but it's
        better to only have the checks as a separate function, leading to safer
        cfg scripts.

        (cherry picked from commit 697dd94ef886de7dd0c007c53c5ad8a4fb701e4d)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [3595af488d] :

        presence_callinfo: Several fixes/improvements

        (cherry picked from commit 9eb8aa218452c484b0f63f9f0dcd5ea10afa8930)


2026-04-21  Liviu Chircu  <liviu at opensips dot org>
        * [283b529ca7] :

        presence_callinfo: Add support for inbound SCA call flows

        The existing support only focused on outbound SCA, with line seizing,
        strict checks, etc.  But when a SCA line is dialed, per-branch control
        is needed in order to read the Call-Info indexes from the 180/200
        replies, or to avoid publishing "call-info" notifications on subsequent
        branches (e.g. resulted from serial forking).

        https://pubhub.devnetcloud.com/media/broadsoft-docs/docs/pdf/BW-SharedCallAppearanceInterfaceSpec-R230.pdf

        PAGE 55 OF 110

        (cherry picked from commit 42fc12eee191cfc61a355fa231ab4d5cf2447e90)


2026-04-21  Razvan Crainea  <razvan at opensips dot org>
        * [d771e81df0] :

        b2b_logic: provide custom max_duration at bridge time

        Many thanks to Erhan Onur Sendag(@ErhanOnur) for reporting and
        providing a patch for the first version and also to Norm Brandinger
        (@NormB) for providing the final patch!

        Close #3800


2026-04-21  Ovidiu Sas  <osas at voipembedded dot com>
        * [a4984bd283] :

        lib/dbg: enhance opensips debug capabilites with backtrace
         - sometimed the file/function/line is not enough to troubleshoot
         - a backtrace gives more details about the code path


2026-04-20  Razvan Crainea  <razvan at opensips dot org>
        * [8b48b3a086] :

        tls_wolfssl: fix older kernels that do not support AES_GCM_256


2026-04-20  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [46de525c93] :

        [profiling] added profiling support for the extra processes


2026-04-19  OpenSIPS  <github at opensips dot org>
        * [8b35c891d2] :

        Rebuild documentation


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [ce2c9642d8] :

        aaa_diameter: Fix possible PKG/SHM mixup across multiple threads

        Despite quite safe at a first glance, the following sequence is actually
        NOT safe to use in the modules/aaa_diameter multi-threaded codebase:

            cJSON_InitHooks(&shm_mem_hooks);
            ... perform lib/cJSON.c API operations ...
            cJSON_InitHooks(NULL);

        Example: the "diameter-peer" multi-threaded process (35 threads!)
        processes two dm_receive_msg() in parallel.  The 1st thread resets the
        "shm_mem_hooks" back to PKG using the NULL argument, while the 2nd
        thread still assumes they are set to SHM functions, and mixes up memory.


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [01489359c8] :

        aaa_diameter: Fix race condition with async dm_send_request()

        - Avoid reading the @dmsg after it has been put on the queue, as it
        might get freed meanwhile.

        * aaa_diameter: Fix race condition on pending async replies

        It was possible for the dm_send_request_async_tout() async timeout
        function to ran concurrently with a late Diameter server reply, leading
        to a use-after-free bug on the @cond struct.

        * Add refcounting to the "cond" object

        The SHM-stored @cond object is effectively referenced by two separate
        processes/threads, which run concurrently:
            - dm_send_request_async_tout(), the reactor async timeout callback
            - dm_receive_msg(), the libfdcore receiver thread(s)


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [6c7d6bf0ec] :

        Default use_domain to 1 in domain-aware modules

        Switch the default use_domain setting to 1 across the main domain-aware
        modules and update the corresponding XML docs.

        While this change has a large impact surface and is fully
        backwards-incompatible, it has been waiting for some time now:

        - user location setups most often use "use_domain = 1"
        - the majority of opensips.cfg documentation suggests "use_domain = 1"
        - newcoming opensips.cfg developers usually expect "use_domain = 1"
        - fixes the need to sync "use_domain = 1" across multiple modules
            (e.g. usrloc and auth_db)


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [c0ac5e3b2b] :

        Extra debug.


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [5fb31e8759] :

        rtp.io: enable dialog and related modules in the CI build


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [8fec385975] :

        rtpproxy: hook up notification socket into rtp.io automatically

        Do it when rtp.io is enabled.

        Start notification listener process always, turn it into dummy
        if rtp.io is not enabled and notification socket is not configured
        either.


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [16819f4202] :

        rtp.io: integrate notification channel

        Allocate a single notification socketpair to be shared by
        all opensips workers, pass one side to the hosted rtpproxy
        process and provide API for the rtpproxy module to tap into
        the other end.


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [d3731a519f] :

        rtpproxy: collect all notification configuration into one struct, use
        struct rtpp_sock to keep FD and type.


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [c78b9e908b] :

        rtpengine: fix use-after-free of flags string in bencode dictionary (#3816)

        parse_flags() stores pointers into the pkg-allocated flags_nt.s buffer
        via bencode_str() and bencode_dictionary_add_len(), which hold references
        (not copies). The buffer was freed via pkg_free() before
        send_rtpe_command() serialized the dictionary, causing garbled output
        for key=value flags like media-address.

        Fix by deferring the free via bencode_buffer_destroy_add(), which
        ensures the buffer lives until bencode_buffer_free() is called after
        the command is sent.

        Fixes: https://github.com/OpenSIPS/opensips/issues/3784

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [7d49a46731] :

        rtpproxy: move bind_local as an extra parameter to offer/answer


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [152fd63324] :

        Add rtpp_bind_local support for the offer/answer/engage. (#3794)

        When this AVP is set, its value would be provided to the rtpproxy
        with "l" modifier, allowing proper address to be selected for the
        session.

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [210225e66f] :

        Merge branch 'vladpaiu-wolfssl_ktls_support'


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [7fbb519e8c] :

        tls_wolfssl: adapt to new TCP/TLS interface


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [f8d4dbb654] :

        rtpengine: add bracket syntax for lists and dictionaries (#3818)

        Add support for bracket-delimited list and dictionary values in
        rtpengine flag strings, enabling access to ng protocol features
        that require nested parameters (sdp-media-remove, codec, sdp-attr).

        A value enclosed in [...] is parsed as a bencode list of
        space-separated items. If any top-level item contains "=", the
        value is parsed as a bencode dictionary instead. Brackets can
        be nested for multi-level structures such as:

          rtpengine_offer("codec=[transcode=[PCMA PCMU] strip=[EVS]]");
          rtpengine_offer("sdp-media-remove=[video message image]");

        Escape sequences (..) and (--) produce space and equals
        respectively, matching the rtpengine daemon convention.

        Parsing is done module-side into native bencode structures,
        compatible with all rtpengine daemon versions.

        Closes: https://github.com/OpenSIPS/opensips/issues/3591

        Co-authored-by: Debian <gator at opensips-1.goes dot com>

2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [46555ae06c] :

        janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4) (#3840)

        * janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths

        The janus module uses cJSON_InitHooks() to route all cJSON allocations
        through OpenSIPS pkg_malloc. Three call sites had missing cleanup:

        - janus_ipc_send_request(): cJSON_Print() result was copied to shm via
          shm_nt_str_dup() but the pkg-allocated original was never freed.
          Also added a NULL check -- under pkg exhaustion cJSON_Print returns
          NULL and the subsequent strlen(NULL) causes a crash.

        - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed
          to janus_ipc_send_request() (which serializes it to shm) but
          cJSON_Delete() was never called afterward. Also added cleanup on the
          get_janus_connection_by_id() failure path.

        - janus_raise_event() and handle_janus_json_request(): added NULL
          checks after cJSON_Print(). Fixed missing pkg_free(full_json) on
          the shm_strdup() failure path in handle_janus_json_request().

        Together these leak ~350 bytes of pkg memory per janus_send_request()
        call, leading to SIP worker pkg exhaustion and crash under sustained
        load.

        Fixes #3712

        * janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4)

        The janus module WS client rejects any frame with FIN=0:
          "We do not support fragmemntation yet. Dropping..."

        This breaks with Janus Gateway when using indented JSON (the default)
        or when responses are large enough to exceed the transport frame size.

        Add RFC 6455 compliant fragment reassembly:

        - janus_ws_parse(): remove FIN=0 rejection, accept continuation frames
          (opcode 0x0), validate that control frames have FIN=1 (RFC 6455 5.5)

        - janus_ws_handle_frag(): new state machine for fragment accumulation.
          TEXT/BIN+FIN=0 starts accumulation, CONT+FIN=0 appends, CONT+FIN=1
          delivers the reassembled message. Control frames pass through
          mid-fragment. Returns 0 (complete), 1 (read more), -1 (error).

        - janus_ws_frag_cleanup(): cleanup helper called from all error paths,
          CLOSE handler, reconnect, and after successful delivery.

        - janus_connection_read_data() and janus_connection_handler_id(): call
          janus_ws_handle_frag() before the opcode switch; reassembled messages
          use frag_buf instead of tcp.body.

        - janus_reconnects(): free frag_buf on connection teardown.

        Fragment state (frag_buf, frag_len, frag_size, frag_op) is per-connection
        on the con_req struct. All operations run in the single-threaded JANUS
        Manager reactor, so no additional locking is needed.

        Design choices:
        - 256KB reassembly limit (WS_MAX_FRAG_SIZE) for DoS protection
        - 2x initial alloc + doubling realloc strategy (O(log n) reallocs)
        - init_janus_ws_req intentionally preserves frag_* across frame resets
        - Parse failure on reassembled message is terminal (no retry)

        Tested with 100k fragmented messages (0 failures, flat pkg memory) and
        30k concurrent messages across 8 producers, 6 connections, 4 workers.

        Fixes #3712

        * janus: address review feedback on fragment handling

        - Remove msg_attempts reset in fragment accumulation path: conceptually
          wrong to signal "new message" when only a fragment was received, and
          the counter is not checked in the data path anyway.

        - Remove {} blocks around frag_ret usage: move variable declaration to
          function scope for clarity.

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [ab967bd6f6] :

        event_rabbitmq: avoid double free on guest usage


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [e41e4b19dd] :

        event_rabbitmq: fix dupl_string() NUL-inclusive len corrupting AMQP shortstr (#3834)

        dupl_string() incremented dst->len after NUL-terminating the unescaped
        string, causing .len to include the trailing NUL byte. This made
        amqp_basic_publish() encode exchange and routing-key shortstr fields
        with an extra 0x00, breaking broker routing.

        Remove the len++ and all downstream compensations (tls_dom_name.len--,
        and the - 1 adjustments in rmq_print() for address, exchange, routing
        key, and user). Also fix the un_escape() error path to free the
        already-allocated shm buffer, and fix the default-user allocation to
        explicitly NUL-terminate.

        Closes #3828

2026-04-17  Ravitez Dondeti  <dondetir at users.noreply.github dot com>
        * [180c04b029] :

        db_mysql: recover from ER_UNKNOWN_STMT_HANDLER (1243) (#3865)

        The prepared-statement execute wrapper treats MySQL error 1243
        (ER_UNKNOWN_STMT_HANDLER) as a hard failure and skips the existing
        reconnect + re-prepare path. This surfaces in production when the
        backing database is replaced underneath a live client connection -
        for example during an AWS Aurora zero-downtime minor-version upgrade,
        which preserves the TCP connection but drops the server-side
        prepared-statement cache. The next stmt_execute returns 1243, OpenSIPS
        logs CRITICAL and the query fails instead of transparently recovering.

        Add the case to wrapper_single_mysql_stmt_execute so it funnels into
        the same switch_state_to_disconnected -> connect_with_retry ->
        re_init_statement recovery path that already handles CR_SERVER_GONE_ERROR
        and friends.

        ER_NEED_REPREPARE (1615) is intentionally not added: libmysqlclient
        auto-reprepare already handles that case. 1243 bypasses auto-reprepare
        because the server has no record of the handle at all.

        The companion prepare wrapper is not modified: it starts from a fresh
        mysql_stmt_init() handle that carries no server-side ID, so the server
        cannot return 1243 in response to a prepare request.

        Reported-by: Sasmita Panda <spanda at 3clogic dot com>

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [355986c6c7] :

        b2b_logic: fix previous commit warnings


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [9d0dea226d] :

        b2b: add support for pass-legs-upstream flag


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [0af6b84480] :

        b2b_logic: add refer_id indication in NOTIFY messages


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [b2f0c36440] :

        b2b: add custom_contact_header_params support


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [51904c9aa0] :

        proto_tls: drop tls_async_handshake_timeout as no longer used


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [48fd4b9945] :

        scripts: sync dbschema


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [75ce0544b6] :

        net: drop parallel reads parameters


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [0c878ffaff] :

        github: force radcli build


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [368f442b51] :

        tls_openssl: declare n for openssl < 1.0.1


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4bf14df7fc] :

        tls_wolfssl: drop shared memory


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [e51b8612bd] :

        tls_wolfssl: bump to 5.9.1


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [01db8f8bbb] :

        tls_openssl: remove dangling mem&locks hooks


2026-04-17  Danielzt  <danielzt at users.noreply.github dot com>
        * [b61000b32e] :

        core: fix fd memory leak in reactor_proc_add_fd, causing too many open files (#3830)

        rtpproxy: Fix in timeout scenarios, leading crash due to memory leak and too many open files

2026-04-17  davidtrihy-genesys  <116663213+davidtrihy-genesys at users.noreply.github dot com>
        * [4696cbec2a] :

        Compiling with DISABLE_NAGLE does not propogate tcp_proto_no and never sets TCP_NODELAY (#3859)

        (cherry picked from commit 1c90d5dbdfc1e3acdec0befb5106ae73db06a04e)


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [dff5e6c93b] :

        Rebuild documentation


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [de76868fa3] :

        PN Support: Improve default handling for failed calls

        Avoid relying on the "fr_inv_timeout" by default in order to complete
        the transaction when the call is rejected (wait_for_new_branches...), as
        the default (120s) is quite high, and can lead to stalling INVITEs.


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [f7d3fd351a] :

        net: drop useless check for active TCP workers


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [89edb602a4] :

        net: turn off read head from TCP


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [6ac72d787a] :

        net: dispatch the message to any available worker


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [c574be9b42] :

        tls_openssl: fix misleading ident


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [b6afd27ce5] :

        drop ssl_tweaks from all modules


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [692ea1c6c2] :

        drop ssl_tweaks


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [29d61fdac9] :

        net: handle shared queue for async messages


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [076ee93150] :

        tls_mgm: expose certs info in workers


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [b109ea253e] :

        proto_msrp: migrate module to new TCP interface


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [0a491c0708] :

        proto_bin: migrate module to new TCP interface


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [cce1a56779] :

        proto_smpp: migrate module to new TCP stack


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [f199eccf09] :

        proto_hep: migrate hep to new TCP stack


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [40f82fa804] :

        net: handle protocol parsing in the worker


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [2df8a745dd] :

        net: handle proto_ws/wss communication


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [ecd3dea95c] :

        net: clean connect


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [c394746e62] :

        net: handle connect in main process


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [296f496a41] :

        net: restore msg_max_read_timeout and cleanup dead code


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4d39ba83c1] :

        net: only increaase connection lifetime if write is success


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [07df948690] :

        net: move req in thread memory


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [097fbe0dd5] :

        net: make sure writes are never handled from workers


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [40ccd35d17] :

        net: drop proc_id from tcp_connection


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [8a9f450df2] :

        net: always send messages from main thread


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [eb6c619e59] :

        net: all messages are sent as async chunks


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [5e62d3837a] :

        refactor TCP/TLS code to have everything in a single process


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [39e5e02993] :

        httpd: harden MI/HTTP interface with safe default and Basic Auth

        Change the default 'ip' modparam from wildcard (0.0.0.0/::) to
        127.0.0.1, preventing the management interface from being accidentally
        exposed to the network on fresh installations.

        Add HTTP Basic Authentication support via three new modparams:
          - auth_realm: the realm string for WWW-Authenticate challenges
          - auth_username: required username for HTTP access
          - auth_password: required password for HTTP access

        When both auth_username and auth_password are set, every HTTP
        request must present valid Basic Auth credentials.  Requests with
        missing or incorrect credentials receive a 401 Unauthorized response.

        The authentication check runs once per request (on the first callback
        invocation, before allocating per-request state), avoiding redundant
        checks on subsequent MHD callbacks and preventing potential resource
        leaks during POST processing.

        The implementation uses libmicrohttpd's built-in Basic Auth API with
        version guards for MHD_free() (available since 0.9.56), falling back
        to free() on older versions.

        Closes #2939


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [b3d0eb1f5f] :

        janus: Simplify prev commit 2453e8f78a2c


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [06dd2c9877] :

        [sip_i] fix wrong ISUP msg type on 200 OK INVITE

        Credits go to @aldotms70
        Closes #3857


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [af2460c2af] :

        janus: fix pkg memory leaks in populate_janus_handler_id()

        The janus module uses cJSON_InitHooks() to route cJSON allocations
        through pkg_malloc.  In populate_janus_handler_id(), four calls to
        cJSON_Print(request) are embedded directly in LM_ERR() format arguments.
        The pkg-allocated return values are never stored or freed, leaking
        ~100-500 bytes per error path hit.

        Store the cJSON_Print() result, use it in the log message, and free it
        afterward.  Also handle the case where cJSON_Print() returns NULL.

        This follows up on the janus leak fixes in commit f9fb3ea3e, which
        addressed similar leaks in janus_raise_event(),
        handle_janus_json_request(), and janus_ipc_send_request() but missed
        populate_janus_handler_id().


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [11bf3d19cd] :

        aaa_diameter: fix NULL deref in dm_receive_req() via init_str()

        cJSON_PrintUnformatted() can return NULL on allocation failure (using shm
        hooks).  The return value is passed directly to init_str(), which calls
        strlen() on it, causing a crash.

        Replace the init_str() call with an explicit NULL check and manual
        assignment, following the existing error-handling pattern in the function
        (goto error, which properly cleans up via cJSON_Delete and
        cJSON_PurgeString).

        Found during a systematic audit of cJSON return value handling across
        modules, following the janus leak fixes in commit f9fb3ea3e.


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [ccd648b5ed] :

        rtpengine: fix NULL deref from unchecked cJSON_PrintUnformatted()

        In rtpengine_raise_event(), cJSON_PrintUnformatted() can return NULL on
        allocation failure.  The return value is passed directly to strlen() and
        then to cJSON_PurgeString(), both of which will crash on a NULL pointer.

        Add a NULL check before using the return value, and skip the parameter
        on failure.

        Found during a systematic audit of cJSON return value handling across
        modules, following the janus leak fixes in commit f9fb3ea3e.


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [ecbfff3e73] :

        jsonrpc: fix NULL deref and object leak in jsonrpc_handle_cmd()

        cJSON_Print() can return NULL on allocation failure.  The existing code
        passes the return value directly to strlen() without a NULL check,
        causing a crash on two separate code paths (error and result handling).

        Add NULL checks after both cJSON_Print() calls.

        Additionally, the cJSON tree allocated by cJSON_Parse() at the start of
        the function is never freed.  Add cJSON_Delete(obj) to the cleanup path.

        Found during a systematic audit of cJSON return value handling across
        modules, following the janus leak fixes in commit f9fb3ea3e.


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [a246dd8f45] :

        cachedb_cassandra: fix NULL deref when cass_cluster_new() returns NULL

        cass_cluster_new() can return NULL on allocation failure.  The existing code
        has a NULL check, but it comes after cass_cluster_set_credentials() already
        uses the pointer (when credentials are configured), so a NULL return causes
        a crash before the check is reached.

        Move the NULL check to immediately after cass_cluster_new(), before any use
        of the returned pointer.

        Found during a systematic audit of cachedb backends following the
        cachedb_redis NULL-deref fix in commit 8fb569cb3.


2026-04-17  rdondeti  <ravitez.dondeti at gmail dot com>
        * [b75191c26d] :

        cachedb_memcached: fix NULL deref when memcached_create() returns NULL

        memcached_create(NULL) can return NULL on allocation failure.  The existing
        code never checks the return value, so a NULL memc pointer falls through to
        memcached_server_push(NULL, ...) which dereferences the NULL pointer.

        Add an explicit NULL check after memcached_create(), following the existing
        error-handling pattern in the function (pkg_free + return 0).

        Found during a systematic audit of cachedb backends following the
        cachedb_redis NULL-deref fix in commit 8fb569cb3.


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [ae90bd7942] :

        [tm] fix access to un-allocated branch

        Reported and fixed by @vladpaiu


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [82929a3e39] :

        Rebuild documentation


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [8ba4c5fa80] :

        db_sqlite: Improve error handling

        * avoid dangling PS pointers
        * avoid leaking the PS object on NULL "result"


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [309c7b3fab] :

        db_sqlite: Fix interaction with sql_cacher

        The .query API endpoint in db/db.h is meant to return 0 on success, yet
        the current implementation in db_sqlite was returning "number of rows"
        on success, leading to:

        ERROR:sql_cacher:load_entire_table: Failure to issue query to SQL DB...
        ERROR:sql_cacher:cache_init_load: Failed to cache the entire table...


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4e2220dfec] :

        stir_shaken: use a new bio for chain

        avoid using the same cbio, as it needs to be rewind to be read again in
        wolfssl; openssl handles this properly though


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [06ee2f8e05] :

        dialog: fix multi-PRACK CSeq handling and uac-auth ACK CSeq regression

        * fix CSeq regression on the outbound leg, prioritize .last_gen_cseq
        * manual PRACK: fix matching for current leg (multi-180 scenario)
        * manual PRACK: add logic for early leg creation during onreply_route.
            This allows the leg to be correctly matched and have its CSeq set.
        * small fix: avoid overwriting .last_gen_cseq with smaller values


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [b18f11a2ec] :

        menuconfig: Fix templates, use new create_dialog() flags


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [bbfbe7c713] :

        Rebuild documentation


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [1bcda239fa] :

        rtp_relay: do not run indialog for non-SDP requests


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [2db670579f] :

        script_helper: Fix build

        Move flags parser in a .h file, so script_helper sees it as well.


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [f676d80f3a] :

        dialog PRACK: Add a couple knobs/settings for UAC-side control

            * auto_prack_hangup_on_failure (default: 0) -> enable strict UAC
            * auto_prack_fr_timeout (default: 2 sec) -> related to above


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [cb2597577b] :

        dialog PRACK: Enhance auto-prack mode with failure handling


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [06c9a9840c] :

        dialog: Change create_dialog() to use explicit flag names


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [966e400c0f] :

        dialog PRACK: Fix outgoing CSeq with multiple PRACKs


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [b0ce4342e0] :

        dialog: relax manual PRACK checks


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [14833bd6df] :

        dialog PRACK: Fix issues during early-dialog

        * work around the fact that r_cseq, Contact, and route-set and not yet
          present in the dst_leg struct.  So the use of send_leg_msg() and
          build_dialog_info() should be avoided here.
        * fix outbound ACK CSeq to match the INVITE, rather than +1 due to
          the in-between PRACK


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [3f830ae4f9] :

        dialog: Add "auto-PRACK handling" flag to create_dialog() ("L" flag)

        Similar logic to the dlg_send_sequential() addition, but fully automated.


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [6a7795161b] :

        dialog: Add PRACK support to dlg_send_sequential()

        * various validations of the current 101-199 provisional reply
        * takes the RSeq header and builds the RAck header into the PRACK


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4ed494651e] :

        dialog: updated documentation for new MI format


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [fe34b4c729] :

        [tm] fix macros and indexing related to BRANCH_BITMASK


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [fb017823be] :

        b2b_logic: turn of bridge initiator in case transfer fails


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [3c8e07b088] :

        Rebuild documentation


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [90994adb00] :

        [nathelper] add functions to preserve the original private contact.

        The fix_nated_contact() take a flag in order to save the original private IP and port into the 'org' uri param (b64 encoded)
        The new restore_nated_ruri() function (upon routing sequential requests) extract the info from the 'org' RURI param and restores the private ip:port in RURI. The received RURI is pushed into DURI for routing purposes ;)

        Alternative to #3769


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [4cf6962d29] :

        janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths

        The janus module uses cJSON_InitHooks() to route all cJSON allocations
        through OpenSIPS pkg_malloc. Three call sites had missing cleanup:

        - janus_ipc_send_request(): cJSON_Print() result was copied to shm via
          shm_nt_str_dup() but the pkg-allocated original was never freed.
          Also added a NULL check -- under pkg exhaustion cJSON_Print returns
          NULL and the subsequent strlen(NULL) causes a crash.

        - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed
          to janus_ipc_send_request() (which serializes it to shm) but
          cJSON_Delete() was never called afterward. Also added cleanup on the
          get_janus_connection_by_id() failure path.

        - janus_raise_event() and handle_janus_json_request(): added NULL
          checks after cJSON_Print(). Fixed missing pkg_free(full_json) on
          the shm_strdup() failure path in handle_janus_json_request().

        Together these leak ~350 bytes of pkg memory per janus_send_request()
        call, leading to SIP worker pkg exhaustion and crash under sustained
        load.

        Fixes #3712


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [a3c5221fa5] :

        [tm] fixed init of branch bitmask in timeout handler

        related to f0223cc93417cb848ab85c2ca2765d1a4958dcd1


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [8e174d2538] :

        Rebuild documentation


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [2efb7e2fdd] :

        CI/rtp.io: handle "/" in branch names (i.e feature/xyz) correctly (#3844)

        Fixes:
          https://github.com/OpenSIPS/opensips/actions/runs/22914875002/job/66498568285#step:8:201

        Display qemy version for debug.

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [50624403f3] :

        pua_mi: fix migration to module:cmd


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [a6071ba5e4] :

        mi: have which return all functions within a module


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [3b3e1e1b11] :

        mi: document changes of new MI functions


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [761c3f3673] :

        mi: add aliases for old MI commands


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [3942a28ed2] :

        mi: refactor cmds names to contain the module

        Close #3838


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [94fbaf65fe] :

        [socket bond] fix uninitialized sif in fix_bond_socket_list() on error case


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [f41ac07bdc] :

        Expend socket_info to have an optional orig_name

        To be used when socket defined as interface (as "socket=udp:eth1") is expanded to multiple one-per IP interfaces


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [74c2aa6b7b] :

        [bond sockets] added socket_belongs_to_bond() ...

        ... to check if a real socket belongs to a bond socket


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [ee9ff321d6] :

        [bond sockets] varios fixes, working code


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [dd4b4bf272] :

        Added the PROTO_BOND as token

        We need to be parsed and recognized as protocol


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1124903a4b] :

        [bond] added bond socket selection in get_send_socket


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [b64bb19a17] :

        [net] init the BOND sockets


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [eef0eff7af] :

        cfg: add bond socket_def grammar with list support


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [1cc3490a86] :

        cachedb_redis: fix NULL deref when redisConnect returns NULL

        redisConnect() and redisConnectWithTimeout() can return NULL on allocation
        failure.  The existing check only handles ctx->err != REDIS_OK (non-NULL
        ctx with error), so a NULL return falls through to redisSetTimeout(NULL, ...)
        which dereferences the NULL pointer.

        Add an explicit NULL check after the error-code check.

        Also change the warned flag from char to int to avoid undefined behavior
        on signed overflow after 127 connection-timeout warnings.


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [5623d3d468] :

        CI/rtp.io: Increase timeout a bit (#3833)

        * CI/rtp.io: Increase timeout a bit

        To fix some timeout seen on linux/ppc64le:

          https://github.com/OpenSIPS/opensips/actions/runs/22627454288/job/65577262119

        * CI: remove unused file and add rtp.io badge

2026-04-17  OpenSIPS  <github at opensips dot org>
        * [af34f079b6] :

        Rebuild documentation


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [45b1c2496f] :

        registrars: Accept Re-REGISTERs with equal CSeq

        New module setting for both registrar and mid-registrar which controls
        the policy on handling same Call-ID REGISTERs, with the same CSeq.

            modparam: allow_dup_cseq
            default:  true

        Ultimately, this boils down to a trade-off between interoperability and
        RFC strictness.  More info in the modparam documentation.


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [3d5a4a5deb] :

        mid_registrar: Fix mem management bugs around "max contacts"

        * avoid UAF of the @uc pointer during iteration
        * fix logic so that the current @c cannot be freed by trim_contacts()
            itself, yet again leading to UAF type of bugs

        usrloc: Fix rare memleak edge-case


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [7d9e20125d] :

        redhat: enable wolfssl stir shaken only for latest distros


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [648e00609c] :

        packaging: remove bad copy & paste


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [ea4be40918] :

        stir_shaken: Fix OpenSSL vs. WolfSSL detection

        This fixes the RedHat build, where there is no WolfSSL available.


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [528dd48dc8] :

        build: stir_shaken should be used with openssl if wolfssl is not available


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [0f1d512643] :

        stir_shaken: Improve compatibility with older WolfSSL libraries

        This patch avoids usage of newer API functions which are missing in
        both WolfSSL 4.3.0 (e.g. Ubuntu 20.04) and pre-1.1.0 OpenSSL, such as:
          - X509_STORE_set_verify_cb_func()
          - ECDSA_SIG_get0()
          - X509_get_ext_by_OBJ()


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1480b1faaa] :

        [tcp] fixed potential buffer overflow due to insane large Content-Len values

        Check and limit the Content-Lenght to the size of the reading buffer, makes no sense to accept anything higher.


2026-04-17  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [fdaa4ffdd0] :

        CI: tweak voiptests parameters. (#3832)

        Set MM_INIT_DELAY to give opensips/rtp.io some extra time to
        init.

        Ignore faulures of the time-sensitive tests that might fail under
        emulation.

2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [b738f3558c] :

        packaging: Align stir_shaken deps with wolfSSL


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [2c7802db1b] :

        stir_shaken: Migrate to WolfSSL-compatible cryptography

        While stir_shaken only uses the "libcrypto" part of OpenSSL, the fact
        that the OpenSSL runtime can be shared across multiple modules (e.g.
        with proto_wss doing TLS connections) may induce unexpected crashes in
        the stir_shaken crypto workflows.

        This commit makes stir_shaken compatible with WolfSSL too, to become the
        new default crypto library, but *without* losing OpenSSL compatibility.

        To revert to OpenSSL based crypto, add this to Makefile.conf:
            DEFS+= -DSTIR_SHAKEN_OPENSSL


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [28a4fb793b] :

        b2b_entities: make sure last_method is updated before req


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [e253c5985b] :

        Rebuild documentation


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [2771bdb85e] :

        b2b_entities: convert ERR in DBG


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [3ba640fdd0] :

        mi_xmlrpc_ng: rename to mi_xmlrpc


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [9006f86951] :

        topology_hiding: add th_callid_loop_protection parameter


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [5a4725df86] :

        drop various deprecated parameters


2026-04-17  vladpaiu  <vladpaiu at opensips dot org>
        * [24225f50b5] :

        Add support to extract RSA PUB key from e&n format ( JWK ) (#3827)



2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [56f104f437] :

        net: add af support in proxy_protocol


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [d5fef5ae33] :

        proto_ws: add proxy_protocol support


2026-04-17  Remi Collet  <remi at famillecollet dot com>
        * [9c3db90e0e] :

        support for libmongc/libbson version 2 (#3829)



2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [3b74d8b32c] :

        net: implement proxy_protocol for outbound


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [1105b89872] :

        net: check if socket support proxy protocol at parse time


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [5640091bbc] :

        net: filter proxy_protocol per socket


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [d34dac582e] :

        net: initial proxy_protocol implementation


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [06caa49371] :

        tm: fix $rd reversion after chained async() resume

        When async() is called from a resume route (chained async), the
        FL_TM_FAKE_REQ check in t_handle_async() prevents
        update_cloned_msg_from_msg() from saving message state to the
        transaction's shm clone. This causes $rd, $du, and other msg fields
        modified in the resume route to revert to their previous values when
        the next async operation completes through the reactor path.

        Remove the FL_TM_FAKE_REQ guard from the conditional. The
        update_cloned_msg_from_msg() function already handles faked_req
        sources correctly: it defers freeing old shm lumps (lines 1325-1336
        of sip_msg.c), and free_faked_req() completes the deferred cleanup.

        Fixes #3676


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [6342f1fd51] :

        Rebuild documentation


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [f069c8a5ca] :

        readme: drop lgtm badges, as the service no longer exists


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [7addd1892d] :

        builds: negate python version check


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [defb356cd0] :

        regex: fix broken merge


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [a8146eb262] :

        regex: fix stashed markers


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [41e8e2d101] :

        regex: make module work with both pcre2 and pcre3, not just compile


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [263d2274f8] :

        proto_wss: free ws_data on TLS domain lookup failure


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [1256226b94] :

        auth_db: update docs for default empty credentials list


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [a7b7409b75] :

        auth_db: remove RPID from default credentials list

        Completes commit b0023b417

        Many thanks to Evgeniy (@gostkov on GitHub) for reporting this in #3813


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [fb5bc02085] :

        tm: fix EXTRA_DEBUG logging for local cancel timer


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [e43b06a1c4] :

        tm: fix uac usage with EXTRA_DEBUG


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [a1be8e4bf2] :

        tm: create uac for locally generated transactions


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [2419b0b7fb] :

        Rebuild documentation


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1e4bd679f3] :

        [tm] fix reverted macro BRANCH_BM_NONE_SET

        Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [c9adf54997] :

        [tm] fix branch init after dynamic alloc

        Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [0a12d5a7af] :

        updated modules acessing transaction branches

        related to 7b83cabb916d5bf7ae2d0fc20978aac625872758. The access to a transaction branch is done via a macro in order to get on the right chunk of the branch.


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [8fe8128190] :

        [tm] migrated to dynamic allocated branches per transaction

        This allow a really high number of branches per transaction (like the default is 256, but can be increased). The branches are dynamically allocated, on demand, so some transactions which are not subjet to forking (typically non-INVITE) may have the minimum of 4 branches, while the INVITE transaction, depending on the need can scale up to 256


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [26297af3ea] :

        [tm] migrate the branch bitmask to array, to allow more than 64 branches (long long)

        branch_bm_t data type is an array of integers, currently limited to 256 branches (but can easily increased, by re-compiling)
        Added macros to operate with the bits in the bitmask
        Updated TM and all modules using TM branches


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [8affe19ab1] :

        regex: allow pcre3 library


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [4f14e20486] :

        rest_client: Fix async transfers with re-used TCP conns

        Fix the edge-case with async cURL where it re-uses an existing TCP
        connection.  Here, the @connect variable holds a 0 value, thus the
        transfer runs in blocking mode unless we relax the condition.

        Patch provided by Nuno Almeida from Five9.


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [0d23a4366e] :

        build: do not build opentelemetry by default


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [0260266069] :

        event_rabbitmq: avoid using released memory

        Reset the `tmp.s` pointer when assigning it to a structure, to avoid
        freeing it when the `tmp` is reused.

        Many thanks to Andrey F(@kertor) for reporting it and
        Nick Altmann(@nikbyte) for fixing it.

        Close #3808


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [5afb4eac24] :

        siprec: make sure there is a dlg/SDP to notify SRS with


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [3c120dbbf3] :

        siprec: avoid accessing invalid dialog/rtp context

        reset dialog when it has been terminated - this prevents being accessed
        after the dialog was deleted.


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [2e6f2a4c8f] :

        Rebuild documentation


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [36eea26e5c] :

        Fix missing include for sip_msg struct definition


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [5cbe0ccc1d] :

        [uac_registrant] added docs for Status/Report Identifiers part


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4df609ba4d] :

        rate_cacher: fix c89 errors

        `for(int i` syntax is only allowed in c99


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [35592dbc04] :

        mid_registrar: Fix the `tcp_persistent_flag` feature

        Make sure to NOT adjust the @e_max with -get_act_time(), similar to
        registrar codebase, to avoid setting MAX_INT on the TCP conn lifetime...


2026-04-17  pavelkohout396  <pav.kohout at gmail dot com>
        * [e81b42b1a9] :

        Fix SQL injection in auth_jwt module via unescaped tag claim (#3807)

        The jwt_db_authorize() function...
        The jwt_db_authorize() function in the auth_jwt module decodes JWT tokens
        without signature verification to extract the 'tag' claim, then interpolates
        this claim directly into a raw SQL query without escaping. An attacker can
        craft a malicious JWT with SQL injection payload in the tag claim (e.g.,
        "' UNION SELECT 'admin','attacker_secret' --") to inject their own secret
        into the query result. Since the injected secret is then used to verify the
        JWT signature, the attacker can sign their token with this known secret and
        achieve authentication bypass.

        Reported-by: Pavel Kohout, Aisle Research, www.aisle.com

2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [798b69d091] :

        [b2b_entities] fix cseq to be used upon 200OK/CANCEL race

        When generating the ACK+BYE upon 200 OK (from callee) racing a CANCEL (from caller), take care and use the correct cdeq values from the 200 OK (the b2b entity is not properly updated anymore, as it is already terminated by the CANCEL)


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [e14bdeefd0] :

        Fix compilation error due to missing limits.h for INT_MIN


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [12dad50ad1] :

        Add status reports for registrant entries


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [a572318288] :

        db_url param is optional for uac_registrant


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [3b9f3f392d] :

        Add documentation


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [1cbba51dba] :

        Add reregister_expiry_percentage parameter


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [06820ca98c] :

        Don't let registrations expire ( if expires < timer_interal, do it now instead of waiting for next tick )


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [457bafd8c3] :

        Increase max number of MI params


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [533ee2556e] :

        add linked list delete


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [e64e80b9b6] :

        Add remaining events for states & refactor code


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [c6632d8829] :

        Add E_REGISTRANT REGISTERING/AUTHENTICATING/REGISTERED


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [670d48e7c0] :

        Add reg_delete and reg_upsert MI commands


2026-04-17  Ovidiu Sas  <osas at voipembedded dot com>
        * [9ca3d8a0a5] :

        trie: fix defaults for trie_table parameter


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [02af140de8] :

        Rebuild documentation


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4d77c7682e] :

        packaging: drop OPENTELEMTRY from default packages

        should only be built if opentelemetry profie is specified


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [1598540074] :

        packaging: fix redhat spec


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [6ee2e97ebf] :

        packaging: only build opentelemetry explicitely


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [72f844315d] :

        aaa_diameter: proper handing of _dm_send_message error

        Avoid double free of the JSON message


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4f1f81c18f] :

        Add opentelemetry packaging


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [7a57c869bf] :

        opentelemetry: add README for module


2026-04-17  Jason Shugart  <jasonshugart at gmail dot com>
        * [0a5d640f84] :

        Ignore extra headers in MSRP


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [000c01d868] :

        Fixed lengths for service_name and exporter_endpoint params


2026-04-17  Your Name  <vladpaiu at opensips dot org>
        * [d8fdfc46f4] :

        Add opentelemetry to list of excluded modules from default compilation


2026-04-17  Your Name  <vladpaiu at opensips dot org>
        * [aedc85b5f3] :

        Add opentelemetry documentation


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [98e73677f6] :

        Fix copyrights


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [e3652da192] :

        Add otel_enable MI command to enable/disable opentelemetry tracing


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [1f3031e325] :

        Add suport for async/resume jumps while maintaing spans


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [5273e23554] :

        always use system lib


2026-04-17  Vlad Paiu  <vladpaiu at opensips dot org>
        * [b6ebb34377] :

        Initial POC


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [1674259ec5] :

        b2b_entities: fix possible leak on error cases

        On some error cases, the serialization buffer was not released, leading
        to a leak in pkg memory.


2026-04-17  Peter Lemenkov  <lemenkov at gmail dot com>
        * [e447cf6c1d] :

        Fix libbson deprecated API warning with version compatibility (#3792)

        During compilation of cachedb_mongodb module, numerous deprecation
        warnings appear on systems with mongo-c-driver >= 1.29.0:

        ```
        Compiling cachedb_mongodb_dbase.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='cachedb_mongodb' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/json-c -I/usr/include/json-c -DJSON_PKG_MAJOR=0 -DJSON_PKG_MINOR=18 -DJSON_PKG_MICRO=0 -DUTF8PROC_EXPORTS -I/usr/include/libmongoc-1.0 -I/usr/include/libbson-1.0 -c cachedb_mongodb_dbase.c -o cachedb_mongodb_dbase.o
        cachedb_mongodb_dbase.c: In function ‘mongo_con_set’:
        cachedb_mongodb_dbase.c:315:9: warning: ‘bson_as_json’ is deprecated: Use bson_as_legacy_extended_json instead [-Wdeprecated-declarations]
          315 |         dbg_bson("query: ", query);
              |         ^~~~~~~~
        In file included from /usr/include/libmongoc-1.0/mongoc/mongoc.h:22,
                         from /usr/include/libmongoc-1.0/mongoc.h:18,
                         from cachedb_mongodb_dbase.h:30,
                         from cachedb_mongodb_dbase.c:22:
        /usr/include/libbson-1.0/bson/bson.h:535:1: note: declared here
          535 | bson_as_json (const bson_t *bson, size_t *length) BSON_GNUC_DEPRECATED_FOR (bson_as_legacy_extended_json);
              | ^~~~~~~~~~~~
        ```

        The MongoDB C driver (libbson) deprecated bson_as_json() in version
        1.29.0 (October 2024) in favor of bson_as_legacy_extended_json() to
        clarify which JSON format is being produced (legacy vs. canonical
        extended JSON).

        We added compatibility macro at the top of cachedb_mongodb_dbase.c - for
        mongo-c-driver < 1.29.0, define bson_as_legacy_extended_json as an alias
        to bson_as_json, allowing the code to use the new API name while
        maintaining backward compatibility.

        This change maintains compatibility with all mongo-c-driver versions.
        The new function name is used on >= 1.29.0, while older versions
        transparently use the original bson_as_json() through the macro alias.

        No behavioral changes - the replacement is functionally identical and
        produces the same JSON output format. The new name simply makes it
        explicit that the legacy extended JSON format is being used.

        Note: mongo-c-driver 1.29.0 was released in October 2024. Many LTS
        distributions still ship earlier versions (e.g., RHEL 8/9, Ubuntu
        20.04/22.04, Debian 11/12), making the compatibility macro necessary.


        Assisted-by: Claude (Anthropic) <https://claude.ai>

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

2026-04-17  Jasper Hafkenscheid  <jasper.hafkenscheid at voys dot nl>
        * [22510e952f] :

        resolve: fix CNAME chain resolution with caching

        The DNS resolver now explicitly follows CNAME chains instead of relying
        on res_search() to handle them transparently. This fixes resolution
        failures when the DNS cache module is enabled, as cached CNAME responses
        need to be followed manually to reach the final A/AAAA records.

        Changes:
        - Add iterative CNAME chain following in own_gethostbyname2()
        - Limit chain depth to 10 to prevent infinite loops
        - Add debug logging for CNAME traversal


2026-04-17  James Sharp  <james at fivecats dot org>
        * [39ee6a7a76] :

        add limit for number of ratesheets during initial carrier creation


2026-04-17  James Sharp  <james at fivecats dot org>
        * [34c7caafbc] :

        First decently working attempt


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [722f27fe52] :

        Discard forced socket if AF incompatible

        ... and force selection of a different outbound socket, based on protocol and AF
        Based on a report from Ihor Olkhovskyi


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [e94dc35a9d] :

        Rebuild documentation


2026-04-17  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [74f46cff28] :

        Merge pull request #3804 from purecloudlabs/sipmsg_validate_all_contacts

        Sipmsg validate all contacts

        (cherry picked from commit 18fdeaf32bb12e31ceb7876726865faaa8c91c7f)


2026-04-17  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [3fc5afe22c] :

        Merge pull request #3803 from purecloudlabs/dialog_contact_crash_fix

        Dialog module crash when Contact header is *

        (cherry picked from commit a3fcb81d6bbea42c88a2da51a4438a6f41e48a7f)


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [01adf61bdf] :

        launch(): Fix edge-case with report_route $param(1) not set

        Some async functions (e.g. rest_post()) may report an ASYNC_SYNC status,
        when the operation completed inline.  This case wasn't properly handled
        in the launch() support, as the report_route $param(1) was always NULL.

        Many thanks to Nuno Ferreira from Five9 for a full report and
        troubleshooting on this one!


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [675c1a871e] :

        [TCP] fixed bad handling upon "max async postponed chunks"

        In such case, mark the conn as timed out, to force its sending back to TCP main for closing.
        Also fix some bad ref counting when handling bad cons in ASYNC WRITE.
        Add more hist logs to conn, to easy the debugging process.

        (cherry picked from commit 4afd1c8af1ca24ba642f5ad7ecd3d5b14eb7dafe)


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [77fda00f97] :

        b2b_entities: Zero DB handles after module destroy

        Since B2B destroys before tm, this should help prevent some shutdown
        crashes in B2B due to cascaded module cleanups (e.g. tm cleanups going
        into dialog, siprec then back again into B2B).


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [7ac577bc80] :

        Fix reply relaying after launch() from onreply_route

        This commit prevents SIP replies from being absorbed (bug?!) by OpenSIPS
        after a launch() operation from onreply_route, with no further replies
        to upstream side on that T.  Follow-up on a711924f9, see tm/t_reply.c.

        Such launch() calls are completely decoupled from the T, do not
        interfere with the script logic and can safely be done in parallel.


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [4cb0b7435c] :

        Rebuild documentation


2026-04-17  Liviu Chircu  <liviu at opensips dot org>
        * [ecd46bc66b] :

        auth: Add helpful logs on pv_xxx_auth() mis-usage

        Also, fix top-level rc from "-1" (invalid user? continue script?) into
        "0" (auto-reply SIP 500 error! halt script!) on such scripting errors.

        Fixes #3756


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4e079fa8aa] :

        build: export wolfssl flags


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [344e169be5] :

        build: ignore tls_wolfssl errors for ubuntu 24.04


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1dd588427f] :

        [mi_datagram] turn the RX sockets to non-blocking

        As we have multiple procs reading from the same datagram sockets, we may end up with a mixing between the procs woken up by OS and the procs doing the reading. So some procs (even if were woken up) may have nothing to read.
        To be resilient, better do non-blocking reading and igonre the EAGAIN or EWOULDBLOCK.

        (cherry picked from commit 12e705e296470872899e848f030058e8bc052d11)


2026-04-17  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [37af7d1129] :

        [dialog] fixed potential double-free upon delayed delete

        If the dialog struct is removed from the timer list (and under processing by the timer), do not attempt to free it here, rather leave it alone, it will be freed by the timer

        (cherry picked from commit f5f11af9ac8bffd387120725cc9ea147ed08873c)


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [e017f9f241] :

        auth_web3: fix c89 sytax errors


2026-04-17  OpenSIPS  <github at opensips dot org>
        * [b692f2cf4e] :

        Rebuild documentation


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [49d6a110b7] :

        auth_web3: make sure LIBS does not overwrite previous libs


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4f3cc7d5c2] :

        regex: make size_t prints portable


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [b2e975540d] :

        rtpengine: add bracket syntax for lists and dictionaries (#3818)

        Add support for bracket-delimited list and dictionary values in
        rtpengine flag strings, enabling access to ng protocol features
        that require nested parameters (sdp-media-remove, codec, sdp-attr).

        A value enclosed in [...] is parsed as a bencode list of
        space-separated items. If any top-level item contains "=", the
        value is parsed as a bencode dictionary instead. Brackets can
        be nested for multi-level structures such as:

          rtpengine_offer("codec=[transcode=[PCMA PCMU] strip=[EVS]]");
          rtpengine_offer("sdp-media-remove=[video message image]");

        Escape sequences (..) and (--) produce space and equals
        respectively, matching the rtpengine daemon convention.

        Parsing is done module-side into native bencode structures,
        compatible with all rtpengine daemon versions.

        Closes: https://github.com/OpenSIPS/opensips/issues/3591

        Co-authored-by: Debian <gator at opensips-1.goes dot com>

2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [0fd7bca921] :

        janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4) (#3840)

        * janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths

        The janus module uses cJSON_InitHooks() to route all cJSON allocations
        through OpenSIPS pkg_malloc. Three call sites had missing cleanup:

        - janus_ipc_send_request(): cJSON_Print() result was copied to shm via
          shm_nt_str_dup() but the pkg-allocated original was never freed.
          Also added a NULL check -- under pkg exhaustion cJSON_Print returns
          NULL and the subsequent strlen(NULL) causes a crash.

        - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed
          to janus_ipc_send_request() (which serializes it to shm) but
          cJSON_Delete() was never called afterward. Also added cleanup on the
          get_janus_connection_by_id() failure path.

        - janus_raise_event() and handle_janus_json_request(): added NULL
          checks after cJSON_Print(). Fixed missing pkg_free(full_json) on
          the shm_strdup() failure path in handle_janus_json_request().

        Together these leak ~350 bytes of pkg memory per janus_send_request()
        call, leading to SIP worker pkg exhaustion and crash under sustained
        load.

        Fixes #3712

        * janus: add WebSocket fragment reassembly (RFC 6455 Section 5.4)

        The janus module WS client rejects any frame with FIN=0:
          "We do not support fragmemntation yet. Dropping..."

        This breaks with Janus Gateway when using indented JSON (the default)
        or when responses are large enough to exceed the transport frame size.

        Add RFC 6455 compliant fragment reassembly:

        - janus_ws_parse(): remove FIN=0 rejection, accept continuation frames
          (opcode 0x0), validate that control frames have FIN=1 (RFC 6455 5.5)

        - janus_ws_handle_frag(): new state machine for fragment accumulation.
          TEXT/BIN+FIN=0 starts accumulation, CONT+FIN=0 appends, CONT+FIN=1
          delivers the reassembled message. Control frames pass through
          mid-fragment. Returns 0 (complete), 1 (read more), -1 (error).

        - janus_ws_frag_cleanup(): cleanup helper called from all error paths,
          CLOSE handler, reconnect, and after successful delivery.

        - janus_connection_read_data() and janus_connection_handler_id(): call
          janus_ws_handle_frag() before the opcode switch; reassembled messages
          use frag_buf instead of tcp.body.

        - janus_reconnects(): free frag_buf on connection teardown.

        Fragment state (frag_buf, frag_len, frag_size, frag_op) is per-connection
        on the con_req struct. All operations run in the single-threaded JANUS
        Manager reactor, so no additional locking is needed.

        Design choices:
        - 256KB reassembly limit (WS_MAX_FRAG_SIZE) for DoS protection
        - 2x initial alloc + doubling realloc strategy (O(log n) reallocs)
        - init_janus_ws_req intentionally preserves frag_* across frame resets
        - Parse failure on reassembled message is terminal (no retry)

        Tested with 100k fragmented messages (0 failures, flat pkg memory) and
        30k concurrent messages across 8 producers, 6 connections, 4 workers.

        Fixes #3712

        * janus: address review feedback on fragment handling

        - Remove msg_attempts reset in fragment accumulation path: conceptually
          wrong to signal "new message" when only a fragment was received, and
          the counter is not checked in the data path anyway.

        - Remove {} blocks around frag_ret usage: move variable declaration to
          function scope for clarity.

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [22c93a9843] :

        event_rabbitmq: avoid double free on guest usage


2026-04-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [cc801a4e01] :

        event_rabbitmq: fix dupl_string() NUL-inclusive len corrupting AMQP shortstr (#3834)

        dupl_string() incremented dst->len after NUL-terminating the unescaped
        string, causing .len to include the trailing NUL byte. This made
        amqp_basic_publish() encode exchange and routing-key shortstr fields
        with an extra 0x00, breaking broker routing.

        Remove the len++ and all downstream compensations (tls_dom_name.len--,
        and the - 1 adjustments in rmq_print() for address, exchange, routing
        key, and user). Also fix the un_escape() error path to free the
        already-allocated shm buffer, and fix the default-user allocation to
        explicitly NUL-terminate.

        Closes #3828

2026-04-17  Ravitez Dondeti  <dondetir at users.noreply.github dot com>
        * [9453ee0941] :

        db_mysql: recover from ER_UNKNOWN_STMT_HANDLER (1243) (#3865)

        The prepared-statement execute wrapper treats MySQL error 1243
        (ER_UNKNOWN_STMT_HANDLER) as a hard failure and skips the existing
        reconnect + re-prepare path. This surfaces in production when the
        backing database is replaced underneath a live client connection -
        for example during an AWS Aurora zero-downtime minor-version upgrade,
        which preserves the TCP connection but drops the server-side
        prepared-statement cache. The next stmt_execute returns 1243, OpenSIPS
        logs CRITICAL and the query fails instead of transparently recovering.

        Add the case to wrapper_single_mysql_stmt_execute so it funnels into
        the same switch_state_to_disconnected -> connect_with_retry ->
        re_init_statement recovery path that already handles CR_SERVER_GONE_ERROR
        and friends.

        ER_NEED_REPREPARE (1615) is intentionally not added: libmysqlclient
        auto-reprepare already handles that case. 1243 bypasses auto-reprepare
        because the server has no record of the handle at all.

        The companion prepare wrapper is not modified: it starts from a fresh
        mysql_stmt_init() handle that carries no server-side ID, so the server
        cannot return 1243 in response to a prepare request.

        Reported-by: Sasmita Panda <spanda at 3clogic dot com>

2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [4933cc43d0] :

        b2b_logic: fix previous commit warnings


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [862fa537d7] :

        b2b: add support for pass-legs-upstream flag


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [2810543bd2] :

        b2b_logic: add refer_id indication in NOTIFY messages


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [ca3410f73c] :

        b2b: add custom_contact_header_params support


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [f4da97b945] :

        proto_tls: drop tls_async_handshake_timeout as no longer used


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [9f4b2930ed] :

        scripts: sync dbschema


2026-04-17  Razvan Crainea  <razvan at opensips dot org>
        * [f8e7ec10e3] :

        net: drop parallel reads parameters


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [335bd70788] :

        [dialog] added profiling on signaling API functions


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [abe6e02bc3] :

        [profiling] profile on entry points in b2b_logic module

        ...when notifications from b2b_logic are received


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [970626b4a8] :

        [profiling] support for b2b_entities profiling

        Profile on entry points (incoming requests and replies) and on API calls (which perform signaling)


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [622ec3a999] :

        [profiling] use profiling whenever the important TM API funcs are called

        the functions : t_reply, t_reply_with_body, t_reply_unsafe, t_request_within, t_request_outside, t_request, t_cancel_trans


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [fc6c47d055] :

        [tm] added proc profiling support

        Do profiling for the received_reply function which is directly called by core.
        Also added helper macro to wrap profiling functions around TM API calls.


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [b6bac8ef64] :

        [profiling] added silent profiling for request pre script callbacks

        Silent means if no profiling is done inside a callback (further), to profiling for the overall callback is not reported


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [ecb7ff1ab8] :

        [profiling] allow with_next also upper on the stack


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [9243484e3b] :

        [profiling] complet profiling on UDP and TCP net processes


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [e9d2579a7b] :

        [profiling] detailed profiling for all types of async resume


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [2ffbe85c72] :

        [profiling] part of 33300cba06eeef7ebb37255097460906996b6cd6


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [9bdd4813b7] :

        [profiling] added the sss_merge256() function


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [4fb17ba4a7] :

        [profiling] extend async_ctx to keep the literal version of the resume function

        We need this info for profiling purposes


2026-04-15  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [2548c36b3b] :

        [profiling] added support for process profiling


2026-04-14  Razvan Crainea  <razvan at opensips dot org>
        * [c2e1a2da45] :

        github: force radcli build


2026-04-14  Razvan Crainea  <razvan at opensips dot org>
        * [b778ef53a6] :

        tls_openssl: declare n for openssl < 1.0.1


2026-04-14  Razvan Crainea  <razvan at opensips dot org>
        * [bb4eee8df3] :

        tls_wolfssl: drop shared memory


2026-04-14  Razvan Crainea  <razvan at opensips dot org>
        * [043ea760ea] :

        tls_wolfssl: bump to 5.9.1


2026-04-14  Razvan Crainea  <razvan at opensips dot org>
        * [c51cdc8d9d] :

        tls_openssl: remove dangling mem&locks hooks


2026-04-14  Danielzt  <danielzt at users.noreply.github dot com>
        * [0296e26ffe] :

        core: fix fd memory leak in reactor_proc_add_fd, causing too many open files (#3830)

        rtpproxy: Fix in timeout scenarios, leading crash due to memory leak and too many open files

2026-04-14  davidtrihy-genesys  <116663213+davidtrihy-genesys at users.noreply.github dot com>
        * [4e5775bd6b] :

        Compiling with DISABLE_NAGLE does not propogate tcp_proto_no and never sets TCP_NODELAY (#3859)

        (cherry picked from commit 1c90d5dbdfc1e3acdec0befb5106ae73db06a04e)


2026-04-12  OpenSIPS  <github at opensips dot org>
        * [2c233db2a9] :

        Rebuild documentation


2026-04-10  Vlad Paiu  <vladpaiu at opensips dot org>
        * [89149094a7] :

        Add more details to the Spans, following the HTTP semantic convention more closely
        Report status of the routes to Opentelemetry
        Add local sip-spans.md documentation


2026-04-10  Vlad Paiu  <vladpaiu at opensips dot org>
        * [c1221207b8] :

        Get rid of initial testing HAVE_OPENTELEMETRY_CPP define


2026-04-08  Liviu Chircu  <liviu at opensips dot org>
        * [45dcfd73a4] :

        PN Support: Improve default handling for failed calls

        Avoid relying on the "fr_inv_timeout" by default in order to complete
        the transaction when the call is rejected (wait_for_new_branches...), as
        the default (120s) is quite high, and can lead to stalling INVITEs.


2026-04-08  mattia  <me at mattiacampagna dot com>
        * [78e7361292] :

        drouting: fix random GW selection when all weights are zero

        When weight_sum is 0 (all remaining gateways have weight 0), the code
        was always selecting the first gateway (i = first) instead of randomly
        picking one among the equally-weighted candidates.

        Restore uniform random selection by computing:
          i = first + (unsigned int)((size - first) * ((double)rand() / ((double)RAND_MAX + 1.0)));

        The +1.0 on RAND_MAX prevents the index from going out of bounds (i.e.
        when rand() == RAND_MAX the result stays strictly below size-first).

        Closes: https://github.com/OpenSIPS/opensips/issues/3863


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [5287467f7c] :

        net: drop useless check for active TCP workers


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [a4ded4625f] :

        net: turn off read head from TCP


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [35b4c5b4b4] :

        net: dispatch the message to any available worker


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [b88d620dd8] :

        tls_openssl: fix misleading ident


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [1b5bd641f5] :

        drop ssl_tweaks from all modules


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [01d1bc0c14] :

        drop ssl_tweaks


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [834299e654] :

        net: handle shared queue for async messages


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [d88d5727a6] :

        tls_mgm: expose certs info in workers


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [60835993a0] :

        proto_msrp: migrate module to new TCP interface


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [9c0a2d11a5] :

        proto_bin: migrate module to new TCP interface


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [6b2231a142] :

        proto_smpp: migrate module to new TCP stack


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [02aeec116b] :

        proto_hep: migrate hep to new TCP stack


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [dabc6b23a8] :

        net: handle protocol parsing in the worker


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [7a56074f01] :

        net: handle proto_ws/wss communication


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [aeb5315dfb] :

        net: clean connect


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [e8fcefa91a] :

        net: handle connect in main process


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [e42d67dffe] :

        net: restore msg_max_read_timeout and cleanup dead code


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [4e2758f24e] :

        net: only increaase connection lifetime if write is success


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [fc85674299] :

        net: move req in thread memory


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [976d1dba66] :

        net: make sure writes are never handled from workers


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [941fe27d1e] :

        net: drop proc_id from tcp_connection


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [ccb7c630a4] :

        net: always send messages from main thread


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [680bf28f6a] :

        net: all messages are sent as async chunks


2026-04-08  Razvan Crainea  <razvan at opensips dot org>
        * [11aa15d1b9] :

        refactor TCP/TLS code to have everything in a single process


2026-04-07  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [9efaa7aa11] :

        Merge pull request #3851 from dondetir/feature/mi-http-security-hardening

        httpd: harden MI/HTTP interface with safe default and Basic Auth

2026-04-07  Liviu Chircu  <liviu at opensips dot org>
        * [89055ff3a2] :

        janus: Simplify prev commit 2453e8f78a2c


2026-04-07  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [bc5a87a28a] :

        [sip_i] fix wrong ISUP msg type on 200 OK INVITE

        Credits go to @aldotms70
        Closes #3857


2026-04-07  rdondeti  <ravitez.dondeti at gmail dot com>
        * [2453e8f78a] :

        janus: fix pkg memory leaks in populate_janus_handler_id()

        The janus module uses cJSON_InitHooks() to route cJSON allocations
        through pkg_malloc.  In populate_janus_handler_id(), four calls to
        cJSON_Print(request) are embedded directly in LM_ERR() format arguments.
        The pkg-allocated return values are never stored or freed, leaking
        ~100-500 bytes per error path hit.

        Store the cJSON_Print() result, use it in the log message, and free it
        afterward.  Also handle the case where cJSON_Print() returns NULL.

        This follows up on the janus leak fixes in commit f9fb3ea3e, which
        addressed similar leaks in janus_raise_event(),
        handle_janus_json_request(), and janus_ipc_send_request() but missed
        populate_janus_handler_id().


2026-04-07  rdondeti  <ravitez.dondeti at gmail dot com>
        * [c304b6ef00] :

        aaa_diameter: fix NULL deref in dm_receive_req() via init_str()

        cJSON_PrintUnformatted() can return NULL on allocation failure (using shm
        hooks).  The return value is passed directly to init_str(), which calls
        strlen() on it, causing a crash.

        Replace the init_str() call with an explicit NULL check and manual
        assignment, following the existing error-handling pattern in the function
        (goto error, which properly cleans up via cJSON_Delete and
        cJSON_PurgeString).

        Found during a systematic audit of cJSON return value handling across
        modules, following the janus leak fixes in commit f9fb3ea3e.


2026-04-07  rdondeti  <ravitez.dondeti at gmail dot com>
        * [cf5fb629cc] :

        rtpengine: fix NULL deref from unchecked cJSON_PrintUnformatted()

        In rtpengine_raise_event(), cJSON_PrintUnformatted() can return NULL on
        allocation failure.  The return value is passed directly to strlen() and
        then to cJSON_PurgeString(), both of which will crash on a NULL pointer.

        Add a NULL check before using the return value, and skip the parameter
        on failure.

        Found during a systematic audit of cJSON return value handling across
        modules, following the janus leak fixes in commit f9fb3ea3e.


2026-04-07  rdondeti  <ravitez.dondeti at gmail dot com>
        * [6fc6acac8e] :

        jsonrpc: fix NULL deref and object leak in jsonrpc_handle_cmd()

        cJSON_Print() can return NULL on allocation failure.  The existing code
        passes the return value directly to strlen() without a NULL check,
        causing a crash on two separate code paths (error and result handling).

        Add NULL checks after both cJSON_Print() calls.

        Additionally, the cJSON tree allocated by cJSON_Parse() at the start of
        the function is never freed.  Add cJSON_Delete(obj) to the cleanup path.

        Found during a systematic audit of cJSON return value handling across
        modules, following the janus leak fixes in commit f9fb3ea3e.


2026-04-07  rdondeti  <ravitez.dondeti at gmail dot com>
        * [8f959e73c7] :

        cachedb_cassandra: fix NULL deref when cass_cluster_new() returns NULL

        cass_cluster_new() can return NULL on allocation failure.  The existing code
        has a NULL check, but it comes after cass_cluster_set_credentials() already
        uses the pointer (when credentials are configured), so a NULL return causes
        a crash before the check is reached.

        Move the NULL check to immediately after cass_cluster_new(), before any use
        of the returned pointer.

        Found during a systematic audit of cachedb backends following the
        cachedb_redis NULL-deref fix in commit 8fb569cb3.


2026-04-07  rdondeti  <ravitez.dondeti at gmail dot com>
        * [9fea57eeaf] :

        cachedb_memcached: fix NULL deref when memcached_create() returns NULL

        memcached_create(NULL) can return NULL on allocation failure.  The existing
        code never checks the return value, so a NULL memc pointer falls through to
        memcached_server_push(NULL, ...) which dereferences the NULL pointer.

        Add an explicit NULL check after memcached_create(), following the existing
        error-handling pattern in the function (pkg_free + return 0).

        Found during a systematic audit of cachedb backends following the
        cachedb_redis NULL-deref fix in commit 8fb569cb3.


2026-04-06  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [82e242e30f] :

        [tm] fix access to un-allocated branch

        Reported and fixed by @vladpaiu


2026-04-05  OpenSIPS  <github at opensips dot org>
        * [c0423d07a8] :

        Rebuild documentation


2026-04-02  Liviu Chircu  <liviu at opensips dot org>
        * [bdd97c5047] :

        db_sqlite: Improve error handling

        * avoid dangling PS pointers
        * avoid leaking the PS object on NULL "result"


2026-04-01  Liviu Chircu  <liviu at opensips dot org>
        * [5abc95adbb] :

        db_sqlite: Fix interaction with sql_cacher

        The .query API endpoint in db/db.h is meant to return 0 on success, yet
        the current implementation in db_sqlite was returning "number of rows"
        on success, leading to:

        ERROR:sql_cacher:load_entire_table: Failure to issue query to SQL DB...
        ERROR:sql_cacher:cache_init_load: Failed to cache the entire table...


2026-04-01  Norm Brandinger  <n.brandinger at gmail dot com>
        * [829d118e7e] :

        cachedb_redis: restore NULL check after redisConnect/redisConnectUnix

        If hiredis returns NULL (OOM), the previous `ctx && ctx->err` guard
        skipped the error branch and fell through to redisSetTimeout(ctx, ...),
        causing a NULL-pointer dereference. Split into separate !ctx and
        ctx->err checks so OOM is caught before any ctx dereference.

        Reported-by: dondetir <dondetir at users.noreply.github dot com>


2026-04-01  Debian  <gator at opensips-1.goes dot com>
        * [5de24f1379] :

        cachedb_redis: add Unix socket transport and lazy connection

        Add Unix domain socket support as an alternative to TCP connections:
        - New URL format: redis:group://localhost/?socket=/path/to/sock
        - REDIS_UNIX_SOCKET flag for connection and node identification
        - MI output includes transport type (tcp/unix) and socket_path
        - Unix socket path tracked in redis_con and cluster_node structs

        Add lazy connection establishment:
        - New lazy_connect module parameter (integer, default 0)
        - Defers Redis connection until first cache operation
        - Works for both TCP and Unix socket transport modes

        Test suite:
        - test_unix_socket.sh: 19 integration tests
        - test_lazy_connect.sh: 17 integration tests
        - Test stubs synced with production struct layout

        Depends on: MR B (feature/redis-cluster-management)


2026-04-01  Norm Brandinger  <n.brandinger at gmail dot com>
        * [67e4d3e445] :

        cachedb_redis: guard redisEnableKeepAliveWithInterval for hiredis < 1.0

        redisEnableKeepAliveWithInterval() was added in hiredis 1.0.0.
        Ubuntu 20.04 ships hiredis 0.14, causing an implicit-function-declaration
        error with -Werror. Gate on HIREDIS_MAJOR >= 1, falling back to
        redisEnableKeepAlive() (no interval parameter) on older versions.


2026-04-01  Norm Brandinger  <n.brandinger at gmail dot com>
        * [58741ce3a2] :

        cachedb_redis: fix UNIT_TESTS build and remove committed binary

        Exclude standalone test binaries (test_hash, test_mi_counters,
        hash_under_test) from the UNIT_TESTS auto-discovery in Makefile.modules.
        These files have their own main() and are built via test/Makefile;
        pulling them into the module .so causes multiple-definition linker
        errors.

        Also remove the accidentally committed test/test_mi_counters ELF
        binary and add it to .gitignore alongside test_hash.

        Reported-by: dondetir <dondetir at users.noreply.github dot com>


2026-04-01  Razvan Crainea  <razvan at opensips dot org>
        * [885ceab248] :

        stir_shaken: use a new bio for chain

        avoid using the same cbio, as it needs to be rewind to be read again in
        wolfssl; openssl handles this properly though


2026-03-30  Liviu Chircu  <liviu at opensips dot org>
        * [b2e3270679] :

        dialog: fix multi-PRACK CSeq handling and uac-auth ACK CSeq regression

        * fix CSeq regression on the outbound leg, prioritize .last_gen_cseq
        * manual PRACK: fix matching for current leg (multi-180 scenario)
        * manual PRACK: add logic for early leg creation during onreply_route.
            This allows the leg to be correctly matched and have its CSeq set.
        * small fix: avoid overwriting .last_gen_cseq with smaller values


2026-03-30  Liviu Chircu  <liviu at opensips dot org>
        * [5d5fbed924] :

        menuconfig: Fix templates, use new create_dialog() flags


2026-03-30  Debian  <gator at opensips-1.goes dot com>
        * [7b8fe71ffd] :

        cachedb_redis: add dynamic cluster topology management and observability

        Replace the static cluster topology (built once at startup, never
        refreshed) with runtime discovery and automatic refresh:

        Topology discovery and refresh:
        - Probe CLUSTER SHARDS (Redis 7+) with fallback to CLUSTER SLOTS
          (Redis 3+) for backward compatibility
        - O(1) slot_table[16384] lookup replaces per-query linked-list scan
        - Automatic topology refresh on MOVED redirect, connection failure,
          or query targeting an unmapped slot (rate-limited to 1/sec)
        - Dynamic node creation when MOVED points to an unknown endpoint
        - Stale node pruning during refresh with safe connection cleanup
        - Cap redirect loop at 5 max redirects to prevent worker hang on
          pathological cluster state

        Cluster observability via MI commands:
        - redis_cluster_info: full topology dump including per-node connection
          status, slot assignments, query/error/moved/ask counters, and
          last activity timestamp
        - redis_cluster_refresh: trigger manual topology refresh (bypasses
          rate limit)
        - redis_ping_nodes: per-node PING with microsecond latency reporting
        - All MI commands support optional group filter parameter

        Statistics:
        - redis_queries, redis_queries_failed, redis_moved, redis_ask,
          redis_topology_refreshes (module-level stat counters)
        - Per-node query, error, moved, ask counters in redis_cluster_info

        Hash slot correctness:
        - Hash tag {…} extraction per Redis Cluster specification
        - CRC16 modulo 16384 replaces bitwise AND with slots_assigned

        ASK redirect handling:
        - Detect ASK responses alongside existing MOVED handling
        - Send ASKING command to target node before retrying original query
        - Do not update slot map (ASK is a temporary mid-migration redirect)
        - Refactor parse_moved_reply into parse_redirect_reply with prefix
          parameter; inline wrappers for backward compatibility

        Connection reliability:
        - TCP keepalive via redis_keepalive parameter (default 10s)
        - Stack allocation for redis_moved structs (eliminates OOM paths)
        - NULL guards on malformed CLUSTER SHARDS/SLOTS reply elements
        - Integer overflow protection in slot and port parsing
        - NULL guards in MI command handlers for group_name/initial_url

        Documentation:
        - New section: Redis Cluster Support (topology discovery, automatic
          refresh, MOVED/ASK handling, hash tags)
        - MI command reference: redis_cluster_info, redis_cluster_refresh,
          redis_ping_nodes
        - Authentication URL format documentation (classic, ACL, no-auth)
        - New parameter: redis_keepalive

        Test suite (186 tests):
        - C unit tests: hash slot calculation (37), MI counter helpers (41)
        - Integration: topology startup (12), ASK redirect (16), topology
          refresh (13), MI commands (50), edge cases (16)
        - Trap EXIT handlers for safe cluster state restoration
        - python3 preflight checks for JSON-dependent tests

        Depends on: #3815 (hash tag + modulo fix), #3852 (ASK redirect)


2026-03-30  Debian  <gator at opensips-1.goes dot com>
        * [e0ead4f57b] :

        cachedb_redis: fix safety issues in cluster redirect parsing

        Fix several correctness and safety issues in parse_moved_reply()
        and the MOVED redirect handler:

        - Add slot value overflow protection: return ERR_INVALID_SLOT
          when parsed slot exceeds 16383 during digit accumulation,
          preventing signed integer overflow on malformed MOVED replies.

        - Add port value overflow protection: return ERR_INVALID_PORT
          when parsed port exceeds 65535 during digit accumulation,
          complementing the existing post-loop range check and preventing
          signed integer overflow on malformed input.

        - Fix undefined behavior in the no-colon endpoint fallback path:
          replace comparison of potentially-NULL out->endpoint.s against
          end pointer with (p < end), which achieves the same logic using
          the scan position variable that is always valid.

        - Replace pkg_malloc heap allocation of redis_moved struct with
          stack allocation in the MOVED handler. The struct is small
          (~24 bytes) and never outlives the enclosing scope, making heap
          allocation unnecessary. This eliminates the OOM error path and
          two pkg_free() calls.


2026-03-29  rdondeti  <ravitez.dondeti at gmail dot com>
        * [ed2c801d02] :

        httpd: harden MI/HTTP interface with safe default and Basic Auth

        Change the default 'ip' modparam from wildcard (0.0.0.0/::) to
        127.0.0.1, preventing the management interface from being accidentally
        exposed to the network on fresh installations.

        Add HTTP Basic Authentication support via three new modparams:
          - auth_realm: the realm string for WWW-Authenticate challenges
          - auth_username: required username for HTTP access
          - auth_password: required password for HTTP access

        When both auth_username and auth_password are set, every HTTP
        request must present valid Basic Auth credentials.  Requests with
        missing or incorrect credentials receive a 401 Unauthorized response.

        The authentication check runs once per request (on the first callback
        invocation, before allocating per-request state), avoiding redundant
        checks on subsequent MHD callbacks and preventing potential resource
        leaks during POST processing.

        The implementation uses libmicrohttpd's built-in Basic Auth API with
        version guards for MHD_free() (available since 0.9.56), falling back
        to free() on older versions.

        Closes #2939


2026-03-29  OpenSIPS  <github at opensips dot org>
        * [4748fccce3] :

        Rebuild documentation


2026-03-27  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [4e3267f023] :

        [profiling] add usecs too and fix the status printing (for negative values)


2026-03-27  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [6ba881f55e] :

        [profiling] reset the EVI params which do not have value


2026-03-27  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [3eb9f3daeb] :

        [evi] added new function to reset a param value

        For pre-defined list of parameters, now you can reset a param value if you do not want to have it set during current usage.
        Also, the AVI core will not push (to be backends) the params without value (which were reset)


2026-03-27  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1734d27d53] :

        added generic profiling API

        Reworked the existing script tracing API :
        * to support multiple consumers for the profiled data (so far we had only opentelemetry)
        * to be more generic (not only script oriented) for profiling data

        Also added:
        * process data for profiling (just defined, WIP)
        * event based consumer for the profiling data (via MI evi:subscribe)


2026-03-26  Razvan Crainea  <razvan at opensips dot org>
        * [d816345da3] :

        rtp_relay: do not run indialog for non-SDP requests


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [9833056757] :

        script_helper: Fix build

        Move flags parser in a .h file, so script_helper sees it as well.


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [f2d2a0d8e8] :

        dialog PRACK: Add a couple knobs/settings for UAC-side control

            * auto_prack_hangup_on_failure (default: 0) -> enable strict UAC
            * auto_prack_fr_timeout (default: 2 sec) -> related to above


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [fa2d3f2661] :

        dialog PRACK: Enhance auto-prack mode with failure handling


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [90c7891253] :

        dialog: Change create_dialog() to use explicit flag names


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [84ad6479ee] :

        dialog PRACK: Fix outgoing CSeq with multiple PRACKs


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [0c684225d6] :

        dialog: relax manual PRACK checks


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [8c84d4bc63] :

        dialog PRACK: Fix issues during early-dialog

        * work around the fact that r_cseq, Contact, and route-set and not yet
          present in the dst_leg struct.  So the use of send_leg_msg() and
          build_dialog_info() should be avoided here.
        * fix outbound ACK CSeq to match the INVITE, rather than +1 due to
          the in-between PRACK


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [371b0cc42e] :

        dialog: Add "auto-PRACK handling" flag to create_dialog() ("L" flag)

        Similar logic to the dlg_send_sequential() addition, but fully automated.


2026-03-24  Liviu Chircu  <liviu at opensips dot org>
        * [6de2dbc2f8] :

        dialog: Add PRACK support to dlg_send_sequential()

        * various validations of the current 101-199 provisional reply
        * takes the RSeq header and builds the RAck header into the PRACK


2026-03-24  Razvan Crainea  <razvan at opensips dot org>
        * [61d63cc107] :

        dialog: updated documentation for new MI format


2026-03-23  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [888d2184a8] :

        [tm] fix macros and indexing related to BRANCH_BITMASK


2026-03-23  Razvan Crainea  <razvan at opensips dot org>
        * [381e725f67] :

        b2b_logic: turn of bridge initiator in case transfer fails


2026-03-22  OpenSIPS  <github at opensips dot org>
        * [ff6f10dfb0] :

        Rebuild documentation


2026-03-19  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [a74fc46e5e] :

        [nathelper] add functions to preserve the original private contact.

        The fix_nated_contact() take a flag in order to save the original private IP and port into the 'org' uri param (b64 encoded)
        The new restore_nated_ruri() function (upon routing sequential requests) extract the info from the 'org' RURI param and restores the private ip:port in RURI. The received RURI is pushed into DURI for routing purposes ;)

        Alternative to #3769


2026-03-17  Norm Brandinger  <n.brandinger at gmail dot com>
        * [43b696d85e] :

        janus: fix pkg memory leaks in cJSON_Print/cJSON_Parse paths

        The janus module uses cJSON_InitHooks() to route all cJSON allocations
        through OpenSIPS pkg_malloc. Three call sites had missing cleanup:

        - janus_ipc_send_request(): cJSON_Print() result was copied to shm via
          shm_nt_str_dup() but the pkg-allocated original was never freed.
          Also added a NULL check -- under pkg exhaustion cJSON_Print returns
          NULL and the subsequent strlen(NULL) causes a crash.

        - w_janus_send_request(): the cJSON tree from cJSON_Parse() was passed
          to janus_ipc_send_request() (which serializes it to shm) but
          cJSON_Delete() was never called afterward. Also added cleanup on the
          get_janus_connection_by_id() failure path.

        - janus_raise_event() and handle_janus_json_request(): added NULL
          checks after cJSON_Print(). Fixed missing pkg_free(full_json) on
          the shm_strdup() failure path in handle_janus_json_request().

        Together these leak ~350 bytes of pkg memory per janus_send_request()
        call, leading to SIP worker pkg exhaustion and crash under sustained
        load.

        Fixes #3712


2026-03-16  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [b25788dabc] :

        [tm] fixed init of branch bitmask in timeout handler

        related to f0223cc93417cb848ab85c2ca2765d1a4958dcd1


2026-03-15  OpenSIPS  <github at opensips dot org>
        * [65d4fda9b1] :

        Rebuild documentation


2026-03-12  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [ed9cff453e] :

        CI/rtp.io: handle "/" in branch names (i.e feature/xyz) correctly (#3844)

        Fixes:
          https://github.com/OpenSIPS/opensips/actions/runs/22914875002/job/66498568285#step:8:201

        Display qemy version for debug.

2026-03-10  Razvan Crainea  <razvan at opensips dot org>
        * [140b8acf90] :

        pua_mi: fix migration to module:cmd


2026-03-10  Razvan Crainea  <razvan at opensips dot org>
        * [a899792ea8] :

        mi: have which return all functions within a module


2026-03-10  Razvan Crainea  <razvan at opensips dot org>
        * [28d0b7b73f] :

        mi: document changes of new MI functions


2026-03-10  Razvan Crainea  <razvan at opensips dot org>
        * [4171796759] :

        mi: add aliases for old MI commands


2026-03-10  Razvan Crainea  <razvan at opensips dot org>
        * [6b10fb52c4] :

        mi: refactor cmds names to contain the module

        Close #3838


2026-03-10  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [f8ed5bbaeb] :

        Merge remote-tracking branch 'origin/feature/socket_bond'


2026-03-10  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [f0f53a6150] :

        Merge pull request #3842 from NormB/fix/cachedb-redis-null-deref

        cachedb_redis: fix NULL deref when redisConnect returns NULL

2026-03-10  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [e912836d8b] :

        CI/rtp.io: Increase timeout a bit (#3833)

        * CI/rtp.io: Increase timeout a bit

        To fix some timeout seen on linux/ppc64le:

          https://github.com/OpenSIPS/opensips/actions/runs/22627454288/job/65577262119

        * CI: remove unused file and add rtp.io badge

2026-03-09  Norm Brandinger  <n.brandinger at gmail dot com>
        * [8fb569cb37] :

        cachedb_redis: fix NULL deref when redisConnect returns NULL

        redisConnect() and redisConnectWithTimeout() can return NULL on allocation
        failure.  The existing check only handles ctx->err != REDIS_OK (non-NULL
        ctx with error), so a NULL return falls through to redisSetTimeout(NULL, ...)
        which dereferences the NULL pointer.

        Add an explicit NULL check after the error-code check.

        Also change the warned flag from char to int to avoid undefined behavior
        on signed overflow after 127 connection-timeout warnings.


2026-03-09  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [08784c2fd8] :

        [socket bond] fix uninitialized sif in fix_bond_socket_list() on error case


2026-03-09  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1bffb3b30e] :

        Expend socket_info to have an optional orig_name

        To be used when socket defined as interface (as "socket=udp:eth1") is expanded to multiple one-per IP interfaces


2026-03-08  OpenSIPS  <github at opensips dot org>
        * [397a6b1156] :

        Rebuild documentation


2026-03-06  Liviu Chircu  <liviu at opensips dot org>
        * [dda9010efb] :

        registrars: Accept Re-REGISTERs with equal CSeq

        New module setting for both registrar and mid-registrar which controls
        the policy on handling same Call-ID REGISTERs, with the same CSeq.

            modparam: allow_dup_cseq
            default:  true

        Ultimately, this boils down to a trade-off between interoperability and
        RFC strictness.  More info in the modparam documentation.


2026-03-06  Liviu Chircu  <liviu at opensips dot org>
        * [2642e14fb1] :

        mid_registrar: Fix mem management bugs around "max contacts"

        * avoid UAF of the @uc pointer during iteration
        * fix logic so that the current @c cannot be freed by trim_contacts()
            itself, yet again leading to UAF type of bugs

        usrloc: Fix rare memleak edge-case


2026-03-06  Razvan Crainea  <razvan at opensips dot org>
        * [92a7d9c489] :

        redhat: enable wolfssl stir shaken only for latest distros


2026-03-05  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [b69bcec7ca] :

        [bond sockets] added socket_belongs_to_bond() ...

        ... to check if a real socket belongs to a bond socket


2026-03-05  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [bc9ceda570] :

        [bond sockets] varios fixes, working code


2026-03-04  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [91fe7eeefb] :

        Added the PROTO_BOND as token

        We need to be parsed and recognized as protocol


2026-03-03  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1259b223d0] :

        [bond] added bond socket selection in get_send_socket


2026-03-03  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [856a866675] :

        [net] init the BOND sockets


2026-03-03  Razvan Crainea  <razvan at opensips dot org>
        * [61575574a5] :

        packaging: remove bad copy & paste


2026-03-03  Liviu Chircu  <liviu at opensips dot org>
        * [3bc1375054] :

        stir_shaken: Fix OpenSSL vs. WolfSSL detection

        This fixes the RedHat build, where there is no WolfSSL available.


2026-03-03  Razvan Crainea  <razvan at opensips dot org>
        * [47f2ee27e6] :

        build: stir_shaken should be used with openssl if wolfssl is not available


2026-03-03  Liviu Chircu  <liviu at opensips dot org>
        * [6edc38a6c0] :

        stir_shaken: Improve compatibility with older WolfSSL libraries

        This patch avoids usage of newer API functions which are missing in
        both WolfSSL 4.3.0 (e.g. Ubuntu 20.04) and pre-1.1.0 OpenSSL, such as:
          - X509_STORE_set_verify_cb_func()
          - ECDSA_SIG_get0()
          - X509_get_ext_by_OBJ()


2026-03-03  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [09e787799c] :

        [tcp] fixed potential buffer overflow due to insane large Content-Len values

        Check and limit the Content-Lenght to the size of the reading buffer, makes no sense to accept anything higher.


2026-03-03  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [47a4eea404] :

        cfg: add bond socket_def grammar with list support


2026-03-03  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [80d10b5249] :

        CI: tweak voiptests parameters. (#3832)

        Set MM_INIT_DELAY to give opensips/rtp.io some extra time to
        init.

        Ignore faulures of the time-sensitive tests that might fail under
        emulation.

2026-03-02  Liviu Chircu  <liviu at opensips dot org>
        * [e5e0aee568] :

        packaging: Align stir_shaken deps with wolfSSL


2026-03-02  Liviu Chircu  <liviu at opensips dot org>
        * [4d012a6b39] :

        stir_shaken: Migrate to WolfSSL-compatible cryptography

        While stir_shaken only uses the "libcrypto" part of OpenSSL, the fact
        that the OpenSSL runtime can be shared across multiple modules (e.g.
        with proto_wss doing TLS connections) may induce unexpected crashes in
        the stir_shaken crypto workflows.

        This commit makes stir_shaken compatible with WolfSSL too, to become the
        new default crypto library, but *without* losing OpenSSL compatibility.

        To revert to OpenSSL based crypto, add this to Makefile.conf:
            DEFS+= -DSTIR_SHAKEN_OPENSSL


2026-03-02  Razvan Crainea  <razvan at opensips dot org>
        * [b1482d8369] :

        b2b_entities: make sure last_method is updated before req


2026-03-01  OpenSIPS  <github at opensips dot org>
        * [5640ccde73] :

        Rebuild documentation


2026-02-26  Razvan Crainea  <razvan at opensips dot org>
        * [5964710b0a] :

        b2b_entities: convert ERR in DBG


2026-02-25  Razvan Crainea  <razvan at opensips dot org>
        * [dd90854629] :

        mi_xmlrpc_ng: rename to mi_xmlrpc


2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [556c492f0e] :

        topology_hiding: add th_callid_loop_protection parameter


2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [eaec7f7650] :

        drop various deprecated parameters


2026-02-24  vladpaiu  <vladpaiu at opensips dot org>
        * [eb2af2d29e] :

        Add support to extract RSA PUB key from e&n format ( JWK ) (#3827)



2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [5ad483ca99] :

        net: add af support in proxy_protocol


2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [e8057020bd] :

        proto_ws: add proxy_protocol support


2026-02-24  Remi Collet  <remi at famillecollet dot com>
        * [55982fb456] :

        support for libmongc/libbson version 2 (#3829)



2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [9bab03218f] :

        net: implement proxy_protocol for outbound


2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [282c424066] :

        net: check if socket support proxy protocol at parse time


2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [40e9b70110] :

        net: filter proxy_protocol per socket


2026-02-24  Razvan Crainea  <razvan at opensips dot org>
        * [e443372cce] :

        net: initial proxy_protocol implementation


2026-02-23  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [2a1c511265] :

        Merge pull request #3821 from NormB/fix/tm-async-rd-reversion

        tm: fix $rd reversion after chained async() resume

2026-02-22  OpenSIPS  <github at opensips dot org>
        * [60f57643aa] :

        Rebuild documentation


2026-02-19  Razvan Crainea  <razvan at opensips dot org>
        * [4e3a0b7c3c] :

        readme: drop lgtm badges, as the service no longer exists


2026-02-19  Razvan Crainea  <razvan at opensips dot org>
        * [aeb7e178d1] :

        builds: negate python version check


2026-02-19  Razvan Crainea  <razvan at opensips dot org>
        * [b0c1bcafa2] :

        regex: fix broken merge


2026-02-19  Razvan Crainea  <razvan at opensips dot org>
        * [41401cca3d] :

        regex: fix stashed markers


2026-02-19  Razvan Crainea  <razvan at opensips dot org>
        * [bbc1a75d5b] :

        regex: make module work with both pcre2 and pcre3, not just compile


2026-02-18  Liviu Chircu  <liviu at opensips dot org>
        * [2cde87bac5] :

        proto_wss: free ws_data on TLS domain lookup failure


2026-02-18  Razvan Crainea  <razvan at opensips dot org>
        * [b779dc8433] :

        auth_db: update docs for default empty credentials list


2026-02-18  Razvan Crainea  <razvan at opensips dot org>
        * [d4e23a69d6] :

        auth_db: remove RPID from default credentials list

        Completes commit b0023b417

        Many thanks to Evgeniy (@gostkov on GitHub) for reporting this in #3813


2026-02-18  Razvan Crainea  <razvan at opensips dot org>
        * [71541c911d] :

        tm: fix EXTRA_DEBUG logging for local cancel timer


2026-02-17  Razvan Crainea  <razvan at opensips dot org>
        * [6020dc2e8d] :

        tm: fix uac usage with EXTRA_DEBUG


2026-02-16  Razvan Crainea  <razvan at opensips dot org>
        * [7bda668b99] :

        tm: create uac for locally generated transactions


2026-02-15  OpenSIPS  <github at opensips dot org>
        * [84b2b0c663] :

        Rebuild documentation


2026-02-13  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [0c886a8d37] :

        [tm] fix reverted macro BRANCH_BM_NONE_SET

        Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758


2026-02-13  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [d4ce9bbc62] :

        Merge branch 'feature/dynamic_branches'


2026-02-12  Razvan Crainea  <razvan at opensips dot org>
        * [05ccaa2a03] :

        regex: allow pcre3 library


2026-02-11  Norm Brandinger  <n.brandinger at gmail dot com>
        * [4a5ac7124e] :

        tm: fix $rd reversion after chained async() resume

        When async() is called from a resume route (chained async), the
        FL_TM_FAKE_REQ check in t_handle_async() prevents
        update_cloned_msg_from_msg() from saving message state to the
        transaction's shm clone. This causes $rd, $du, and other msg fields
        modified in the resume route to revert to their previous values when
        the next async operation completes through the reactor path.

        Remove the FL_TM_FAKE_REQ guard from the conditional. The
        update_cloned_msg_from_msg() function already handles faked_req
        sources correctly: it defers freeing old shm lumps (lines 1325-1336
        of sip_msg.c), and free_faked_req() completes the deferred cleanup.

        Fixes #3676


2026-02-10  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [a9c396daa6] :

        [tm] fix branch init after dynamic alloc

        Related to 7b83cabb916d5bf7ae2d0fc20978aac625872758


2026-02-10  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [629851f5a8] :

        updated modules acessing transaction branches

        related to 7b83cabb916d5bf7ae2d0fc20978aac625872758. The access to a transaction branch is done via a macro in order to get on the right chunk of the branch.


2026-02-10  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [7b83cabb91] :

        [tm] migrated to dynamic allocated branches per transaction

        This allow a really high number of branches per transaction (like the default is 256, but can be increased). The branches are dynamically allocated, on demand, so some transactions which are not subjet to forking (typically non-INVITE) may have the minimum of 4 branches, while the INVITE transaction, depending on the need can scale up to 256


2026-02-10  Liviu Chircu  <liviu at opensips dot org>
        * [aad6b85683] :

        rest_client: Fix async transfers with re-used TCP conns

        Fix the edge-case with async cURL where it re-uses an existing TCP
        connection.  Here, the @connect variable holds a 0 value, thus the
        transfer runs in blocking mode unless we relax the condition.

        Patch provided by Nuno Almeida from Five9.


2026-02-10  Razvan Crainea  <razvan at opensips dot org>
        * [dbfac4e6ab] :

        build: do not build opentelemetry by default


2026-02-10  Razvan Crainea  <razvan at opensips dot org>
        * [5595a924bf] :

        event_rabbitmq: avoid using released memory

        Reset the `tmp.s` pointer when assigning it to a structure, to avoid
        freeing it when the `tmp` is reused.

        Many thanks to Andrey F(@kertor) for reporting it and
        Nick Altmann(@nikbyte) for fixing it.

        Close #3808


2026-02-09  Razvan Crainea  <razvan at opensips dot org>
        * [8e948d26eb] :

        siprec: make sure there is a dlg/SDP to notify SRS with


2026-02-09  Razvan Crainea  <razvan at opensips dot org>
        * [ee7435662c] :

        siprec: avoid accessing invalid dialog/rtp context

        reset dialog when it has been terminated - this prevents being accessed
        after the dialog was deleted.


2026-02-09  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [f0223cc934] :

        [tm] migrate the branch bitmask to array, to allow more than 64 branches (long long)

        branch_bm_t data type is an array of integers, currently limited to 256 branches (but can easily increased, by re-compiling)
        Added macros to operate with the bits in the bitmask
        Updated TM and all modules using TM branches


2026-02-08  OpenSIPS  <github at opensips dot org>
        * [679156fc07] :

        Rebuild documentation


2026-02-05  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [8fb57749c1] :

        Fix missing include for sip_msg struct definition


2026-02-05  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [15f9e4d316] :

        [uac_registrant] added docs for Status/Report Identifiers part


2026-02-05  Razvan Crainea  <razvan at opensips dot org>
        * [a947dbc439] :

        rate_cacher: fix c89 errors

        `for(int i` syntax is only allowed in c99


2026-02-02  Liviu Chircu  <liviu at opensips dot org>
        * [7935e2e927] :

        mid_registrar: Fix the `tcp_persistent_flag` feature

        Make sure to NOT adjust the @e_max with -get_act_time(), similar to
        registrar codebase, to avoid setting MAX_INT on the TCP conn lifetime...


2026-02-02  pavelkohout396  <pav.kohout at gmail dot com>
        * [3822d33c1c] :

        Fix SQL injection in auth_jwt module via unescaped tag claim (#3807)

        The jwt_db_authorize() function...
        The jwt_db_authorize() function in the auth_jwt module decodes JWT tokens
        without signature verification to extract the 'tag' claim, then interpolates
        this claim directly into a raw SQL query without escaping. An attacker can
        craft a malicious JWT with SQL injection payload in the tag claim (e.g.,
        "' UNION SELECT 'admin','attacker_secret' --") to inject their own secret
        into the query result. Since the injected secret is then used to verify the
        JWT signature, the attacker can sign their token with this known secret and
        achieve authentication bypass.

        Reported-by: Pavel Kohout, Aisle Research, www.aisle.com

2026-02-02  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [a4e700d598] :

        [b2b_entities] fix cseq to be used upon 200OK/CANCEL race

        When generating the ACK+BYE upon 200 OK (from callee) racing a CANCEL (from caller), take care and use the correct cdeq values from the 200 OK (the b2b entity is not properly updated anymore, as it is already terminated by the CANCEL)


2026-02-02  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [f48749ba8d] :

        Merge pull request #3783 from vladpaiu/registrant_reloads_eventing

        UAC_REGISTRANT module enhancements

2026-02-02  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [556d22b3da] :

        Merge pull request #3806 from ovidiusas/master

        trie: fix defaults for trie_table parameter

2026-02-01  OpenSIPS  <github at opensips dot org>
        * [705ae4a709] :

        Rebuild documentation


2026-01-30  Razvan Crainea  <razvan at opensips dot org>
        * [6bcd50b628] :

        packaging: drop OPENTELEMTRY from default packages

        should only be built if opentelemetry profie is specified


2026-01-30  Razvan Crainea  <razvan at opensips dot org>
        * [672789bb39] :

        packaging: fix redhat spec


2026-01-30  Razvan Crainea  <razvan at opensips dot org>
        * [e63dac4300] :

        packaging: only build opentelemetry explicitely


2026-01-30  Razvan Crainea  <razvan at opensips dot org>
        * [2ad991b638] :

        aaa_diameter: proper handing of _dm_send_message error

        Avoid double free of the JSON message


2026-01-30  Razvan Crainea  <razvan at opensips dot org>
        * [7da8635fb3] :

        Add opentelemetry packaging


2026-01-30  Razvan Crainea  <razvan at opensips dot org>
        * [0b83a5e6e2] :

        opentelemetry: add README for module


2026-01-29  Ovidiu Sas  <osas at voipembedded dot com>
        * [6f7ebfc0ea] :

        trie: fix defaults for trie_table parameter


2026-01-29  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [1669166458] :

        Merge pull request #3716 from jasonshugart/master

        Ignore extra headers in MSRP

2026-01-28  Vlad Paiu  <vladpaiu at opensips dot org>
        * [11417bcd65] :

        Fix compilation error due to missing limits.h for INT_MIN


2026-01-28  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [67ce6c252f] :

        Merge pull request #3795 from vladpaiu/opentelemetry_integration

        Add Opentelemetry module

2026-01-28  Vlad Paiu  <vladpaiu at opensips dot org>
        * [5ca1ffecc3] :

        Add status reports for registrant entries


2026-01-28  Vlad Paiu  <vladpaiu at opensips dot org>
        * [10e110f460] :

        db_url param is optional for uac_registrant


2026-01-28  Razvan Crainea  <razvan at opensips dot org>
        * [f92c5f2e27] :

        b2b_entities: fix possible leak on error cases

        On some error cases, the serialization buffer was not released, leading
        to a leak in pkg memory.


2026-01-27  Peter Lemenkov  <lemenkov at gmail dot com>
        * [dead516b7f] :

        Fix libbson deprecated API warning with version compatibility (#3792)

        During compilation of cachedb_mongodb module, numerous deprecation
        warnings appear on systems with mongo-c-driver >= 1.29.0:

        ```
        Compiling cachedb_mongodb_dbase.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='cachedb_mongodb' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/json-c -I/usr/include/json-c -DJSON_PKG_MAJOR=0 -DJSON_PKG_MINOR=18 -DJSON_PKG_MICRO=0 -DUTF8PROC_EXPORTS -I/usr/include/libmongoc-1.0 -I/usr/include/libbson-1.0 -c cachedb_mongodb_dbase.c -o cachedb_mongodb_dbase.o
        cachedb_mongodb_dbase.c: In function ‘mongo_con_set’:
        cachedb_mongodb_dbase.c:315:9: warning: ‘bson_as_json’ is deprecated: Use bson_as_legacy_extended_json instead [-Wdeprecated-declarations]
          315 |         dbg_bson("query: ", query);
              |         ^~~~~~~~
        In file included from /usr/include/libmongoc-1.0/mongoc/mongoc.h:22,
                         from /usr/include/libmongoc-1.0/mongoc.h:18,
                         from cachedb_mongodb_dbase.h:30,
                         from cachedb_mongodb_dbase.c:22:
        /usr/include/libbson-1.0/bson/bson.h:535:1: note: declared here
          535 | bson_as_json (const bson_t *bson, size_t *length) BSON_GNUC_DEPRECATED_FOR (bson_as_legacy_extended_json);
              | ^~~~~~~~~~~~
        ```

        The MongoDB C driver (libbson) deprecated bson_as_json() in version
        1.29.0 (October 2024) in favor of bson_as_legacy_extended_json() to
        clarify which JSON format is being produced (legacy vs. canonical
        extended JSON).

        We added compatibility macro at the top of cachedb_mongodb_dbase.c - for
        mongo-c-driver < 1.29.0, define bson_as_legacy_extended_json as an alias
        to bson_as_json, allowing the code to use the new API name while
        maintaining backward compatibility.

        This change maintains compatibility with all mongo-c-driver versions.
        The new function name is used on >= 1.29.0, while older versions
        transparently use the original bson_as_json() through the macro alias.

        No behavioral changes - the replacement is functionally identical and
        produces the same JSON output format. The new name simply makes it
        explicit that the legacy extended JSON format is being used.

        Note: mongo-c-driver 1.29.0 was released in October 2024. Many LTS
        distributions still ship earlier versions (e.g., RHEL 8/9, Ubuntu
        20.04/22.04, Debian 11/12), making the compatibility macro necessary.


        Assisted-by: Claude (Anthropic) <https://claude.ai>

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

2026-01-27  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [401957bd8d] :

        Merge pull request #3733 from hafkensite/feature/dns-cache-cname

        resolve: fix CNAME chain resolution with caching #3709

2026-01-27  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [d48e69c2b2] :

        Merge pull request #3797 from osgjps/newratecache

        rate_cacher: Support multiple ratesheets per carrier

2026-01-26  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [b8e28c5294] :

        Discard forced socket if AF incompatible

        ... and force selection of a different outbound socket, based on protocol and AF
        Based on a report from Ihor Olkhovskyi


2026-01-25  OpenSIPS  <github at opensips dot org>
        * [51613b4333] :

        Rebuild documentation


2026-01-23  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [0494e71af0] :

        Merge pull request #3804 from purecloudlabs/sipmsg_validate_all_contacts

        Sipmsg validate all contacts

        (cherry picked from commit 18fdeaf32bb12e31ceb7876726865faaa8c91c7f)


2026-01-23  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [f4c7e018e4] :

        Merge pull request #3803 from purecloudlabs/dialog_contact_crash_fix

        Dialog module crash when Contact header is *

        (cherry picked from commit a3fcb81d6bbea42c88a2da51a4438a6f41e48a7f)


2026-01-22  Liviu Chircu  <liviu at opensips dot org>
        * [06e8aff5e2] :

        launch(): Fix edge-case with report_route $param(1) not set

        Some async functions (e.g. rest_post()) may report an ASYNC_SYNC status,
        when the operation completed inline.  This case wasn't properly handled
        in the launch() support, as the report_route $param(1) was always NULL.

        Many thanks to Nuno Ferreira from Five9 for a full report and
        troubleshooting on this one!


2026-01-20  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [d18b30fddc] :

        [TCP] fixed bad handling upon "max async postponed chunks"

        In such case, mark the conn as timed out, to force its sending back to TCP main for closing.
        Also fix some bad ref counting when handling bad cons in ASYNC WRITE.
        Add more hist logs to conn, to easy the debugging process.

        (cherry picked from commit 4afd1c8af1ca24ba642f5ad7ecd3d5b14eb7dafe)


2026-01-20  Liviu Chircu  <liviu at opensips dot org>
        * [c482249acf] :

        b2b_entities: Zero DB handles after module destroy

        Since B2B destroys before tm, this should help prevent some shutdown
        crashes in B2B due to cascaded module cleanups (e.g. tm cleanups going
        into dialog, siprec then back again into B2B).


2026-01-20  Liviu Chircu  <liviu at opensips dot org>
        * [11e37d129e] :

        Fix reply relaying after launch() from onreply_route

        This commit prevents SIP replies from being absorbed (bug?!) by OpenSIPS
        after a launch() operation from onreply_route, with no further replies
        to upstream side on that T.  Follow-up on a711924f9, see tm/t_reply.c.

        Such launch() calls are completely decoupled from the T, do not
        interfere with the script logic and can safely be done in parallel.


2026-01-13  Vlad Paiu  <vladpaiu at opensips dot org>
        * [468c862359] :

        Fixed lengths for service_name and exporter_endpoint params


2026-01-09  Your Name  <vladpaiu at opensips dot org>
        * [13937452ef] :

        Add opentelemetry to list of excluded modules from default compilation


2026-01-09  Your Name  <vladpaiu at opensips dot org>
        * [b3e1e78b13] :

        Add opentelemetry documentation


2026-01-08  Vlad Paiu  <vladpaiu at opensips dot org>
        * [4ec872e966] :

        Fix copyrights


2026-01-08  Vlad Paiu  <vladpaiu at opensips dot org>
        * [29e80a8642] :

        Add otel_enable MI command to enable/disable opentelemetry tracing


2026-01-08  Vlad Paiu  <vladpaiu at opensips dot org>
        * [141b2ea968] :

        Add suport for async/resume jumps while maintaing spans


2025-12-26  James Sharp  <james at fivecats dot org>
        * [2a3995d608] :

        add limit for number of ratesheets during initial carrier creation


2025-12-23  James Sharp  <james at fivecats dot org>
        * [9f989ce90b] :

        First decently working attempt


2025-12-21  OpenSIPS  <github at opensips dot org>
        * [b7e02bb475] :

        Rebuild documentation


2025-12-18  Liviu Chircu  <liviu at opensips dot org>
        * [dfd616bd16] :

        auth: Add helpful logs on pv_xxx_auth() mis-usage

        Also, fix top-level rc from "-1" (invalid user? continue script?) into
        "0" (auto-reply SIP 500 error! halt script!) on such scripting errors.

        Fixes #3756


2025-12-16  Razvan Crainea  <razvan at opensips dot org>
        * [df520031c4] :

        build: export wolfssl flags


2025-12-16  Razvan Crainea  <razvan at opensips dot org>
        * [4873cdeced] :

        build: ignore tls_wolfssl errors for ubuntu 24.04


2025-12-16  Vlad Paiu  <vladpaiu at opensips dot org>
        * [293ac08597] :

        always use system lib


2025-12-16  Vlad Paiu  <vladpaiu at opensips dot org>
        * [b0cb2e1ab1] :

        Initial POC


2025-12-16  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [946030d1b5] :

        [mi_datagram] turn the RX sockets to non-blocking

        As we have multiple procs reading from the same datagram sockets, we may end up with a mixing between the procs woken up by OS and the procs doing the reading. So some procs (even if were woken up) may have nothing to read.
        To be resilient, better do non-blocking reading and igonre the EAGAIN or EWOULDBLOCK.

        (cherry picked from commit 12e705e296470872899e848f030058e8bc052d11)


2025-12-16  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [02de797c16] :

        [dialog] fixed potential double-free upon delayed delete

        If the dialog struct is removed from the timer list (and under processing by the timer), do not attempt to free it here, rather leave it alone, it will be freed by the timer

        (cherry picked from commit f5f11af9ac8bffd387120725cc9ea147ed08873c)


2025-12-15  Razvan Crainea  <razvan at opensips dot org>
        * [e6f2c17d4a] :

        auth_web3: fix c89 sytax errors


2025-12-14  OpenSIPS  <github at opensips dot org>
        * [36d7f9ae27] :

        Rebuild documentation


2025-12-12  Razvan Crainea  <razvan at opensips dot org>
        * [1172a39d64] :

        auth_web3: make sure LIBS does not overwrite previous libs


2025-12-12  Razvan Crainea  <razvan at opensips dot org>
        * [a177253ea6] :

        regex: make size_t prints portable


2025-12-12  Vlad Paiu  <vladpaiu at opensips dot org>
        * [4435eef08f] :

        Add documentation


2025-12-12  Vlad Paiu  <vladpaiu at opensips dot org>
        * [5e45a18ecb] :

        Add reregister_expiry_percentage parameter


2025-12-12  Vlad Paiu  <vladpaiu at opensips dot org>
        * [7106cf43ee] :

        Don't let registrations expire ( if expires < timer_interal, do it now instead of waiting for next tick )


2025-12-11  Vlad Paiu  <vladpaiu at opensips dot org>
        * [63a2b4990f] :

        Add KTLS support


2025-12-11  Razvan Crainea  <razvan at opensips dot org>
        * [9f78fd0eb1] :

        modules: minimum match for revision control


2025-12-11  vladpaiu  <vladpaiu at opensips dot org>
        * [4b7746ae59] :

        Merge pull request #3780 from vladpaiu/fix_trie_column_name

        fix trie.enabled column name
        closes #3779

2025-12-11  Vlad Paiu  <vladpaiu at opensips dot org>
        * [ec816e49c2] :

        fix trie.enabled column name

        closes #3779


2025-12-10  Razvan Crainea  <razvan at opensips dot org>
        * [e9d4081b4e] :

        auth_web3: make snprintf size_t fields portable

        Replace `%lx` with `%zx`


2025-12-10  Razvan Crainea  <razvan at opensips dot org>
        * [2a8a298f7b] :

        build: python-dev-is-python3 should be available in 20.04


2025-12-10  Razvan Crainea  <razvan at opensips dot org>
        * [c214f7f79e] :

        build: make sure the correct python dev is installed


2025-12-10  Razvan Crainea  <razvan at opensips dot org>
        * [6da1f76b79] :

        build: restore libmysqlclient-dev removed in 1cb16e08


2025-12-10  Vlad Paiu  <vladpaiu at opensips dot org>
        * [d8b83e2e79] :

        Increase max number of MI params


2025-12-10  Vlad Paiu  <vladpaiu at opensips dot org>
        * [fff467a160] :

        add linked list delete


2025-12-10  Razvan Crainea  <razvan at opensips dot org>
        * [99a2ecbe34] :

        auth_web3: add module in excluded


2025-12-09  Vlad Paiu  <vladpaiu at opensips dot org>
        * [3f85761ac5] :

        Add remaining events for states & refactor code


2025-12-09  Jupiter Tang  <36952362 at qq dot com>
        * [f7721b185a] :

        keep original flags if pause or resume recording failed (#3764)



2025-12-09  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [e6caba06a8] :

        GitHub Actions(rtp.io): update clang version (#3768)



2025-12-09  Ryan Bullock  <ryan at piratel dot com>
        * [5394154edd] :

        feat: Enable $uuid(version) for specific UUID generation (#3771)

        Co-authored-by: aider (gemini/gemini-2.5-pro) <aider at aider dot chat>

2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [d94a4a606a] :

        b2b_logic: document the propagate-avps bridge flag


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [b88203c1e8] :

        b2b_logic: also replicate in_sdp for created entity


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [b1e3e2bf33] :

        Reapply "add auth_web3 module"

        This reverts commit 197adc02dae0741d5265cf08c2e14643f16aba59.


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [fa9ca0f067] :

        Revert "auth_web3: prevent module from compiling"

        This reverts commit e53c4c25908c59862a91a5d51202a3a5b8f492d5.


2025-12-09  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [d20655d5c7] :

        [auth-web3] README re-generated


2025-12-09  Your Name  <ron at cellact dot nl>
        * [b572d218ad] :

        docs(auth_web3): regenerate README from updated XML

        README now includes complete Multi-Network Configuration chapter


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [433d33bc48] :

        auth_web3: prevent module from compiling


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [8181d5a3ce] :

        Revert "add auth_web3 module"

        This reverts commit 7109f39a0f597b2d71f7369be5d41f12ef9d88e1.


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [4264a0bc0d] :

        auth_web3: update README


2025-12-09  dirkbro  <dirkbrouwers at hotmail dot com>
        * [3e87218b01] :

        b2b_logic: fix duplicate out_sdp serialization

        When packing B2B entities for cluster replication in
        b2bl_entity_pack(), the out_sdp field is currently serialized twice:
        // Around line 133 (packing)
        	if (event_type == B2B_EVENT_CREATE) {

        		...

        		bin_push_str(storage, &entity->hdrs);
        		bin_push_str(storage, &entity->out_sdp);       // First time

        		bin_push_str(storage, &entity->dlginfo->callid);
        		bin_push_str(storage, &entity->dlginfo->fromtag);
        		bin_push_str(storage, &entity->dlginfo->totag);
        	}

        	bin_push_str(storage, &entity->out_sdp);      // Second time - remove this

        However, in receive_entity_create(), out_sdp is deserialized only once, with the expected sequence being:

        // Around line 344 (unpacking)
        	bin_pop_str(storage, &hdrs);
        	bin_pop_str(storage, &sdp);

        	...

        	bin_pop_str(storage, &dlginfo.callid);
        	bin_pop_str(storage, &dlginfo.fromtag);
        	bin_pop_str(storage, &dlginfo.totag);

        Because the pack side writes out_sdp twice but the unpack side reads it only once, the binary stream becomes misaligned and all subsequent fields are read from the wrong offset. In clustered deployments this
        corrupts the reconstructed entity, including entity->no, which leads to
        errors such as:

          ERROR:b2b_logic:receive_entity_create: Bad entity bridge no [21349]
          for tuple [549.0]

2025-12-09  Ovidiu Sas  <osas at voipembedded dot com>
        * [ebedd16027] :

        ib2b_logic: save AVPs while bridging calls (#3776)

        * ib2b_logic: save AVPs while bridging calls

         - required to authenticate bridged calls

        * b2b_logic: new "propagate_avps" flag for b2b_bridge()

         - when set, it will propagate AVPs to the INVITE transaction

2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [f5ecbfa7d2] :

        Reapply "add auth_web3 module"

        This reverts commit 197adc02dae0741d5265cf08c2e14643f16aba59.


2025-12-09  Razvan Crainea  <razvan at opensips dot org>
        * [337fc670d8] :

        Revert "auth_web3: prevent module from compiling"

        This reverts commit e53c4c25908c59862a91a5d51202a3a5b8f492d5.


2025-12-09  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [feaf41d672] :

        [auth-web3] README re-generated


2025-12-09  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [14f69be23e] :

        Merge pull request #3778 from OfficeRon/dev/auth_web3-fixes

        fix(auth_web3): fix compilation and consolidate documentation

2025-12-08  Vlad Paiu  <vladpaiu at opensips dot org>
        * [3852ef0c86] :

        Add E_REGISTRANT REGISTERING/AUTHENTICATING/REGISTERED


2025-12-08  Your Name  <ron at cellact dot nl>
        * [442f5d73d9] :

        docs(auth_web3): regenerate README from updated XML

        README now includes complete Multi-Network Configuration chapter


2025-12-08  Your Name  <ron at cellact dot nl>
        * [b51e0be6c5] :

        docs(auth_web3): consolidate documentation into XML

        - Add ens_rpc_url and ens_registry_address parameters to auth_web3_params.xml
        - Add comprehensive Multi-Network Configuration chapter to auth_web3.xml
        - Document dual-network mode (ENS on Ethereum, auth on Oasis)
        - Include production, testing, and development configuration examples
        - Document ENS resolution process and troubleshooting
        - Remove README.md and NETWORK_CONFIGURATION.md (content now in XML)

        All documentation is now in XML format which will be properly
        propagated across tars, debian repos, and RPM packages.


2025-12-08  Your Name  <ron at cellact dot nl>
        * [962bc2529d] :

        fix(auth_web3): remove redundant bind_web3_auth declaration

        Remove duplicate declaration since it's now properly declared in api.h


2025-12-08  Your Name  <ron at cellact dot nl>
        * [91ea77e103] :

        fix(auth_web3): add missing api.h header file

        Add web3_auth_api_t structure definition and bind_web3_auth function
        declaration to fix compilation errors. The api.h file was empty causing
        the module to fail compilation when building packages.


2025-12-07  OpenSIPS  <github at opensips dot org>
        * [06203ceba7] :

        Rebuild documentation


2025-12-05  Ovidiu Sas  <osas at voipembedded dot com>
        * [c836166fae] :

        b2b_entities: save AVPs while sending in-dialog requests (#3775)

        - required for in-dialog authentication w/ AVPs

2025-12-05  Razvan Crainea  <razvan at opensips dot org>
        * [e53c4c2590] :

        auth_web3: prevent module from compiling


2025-12-05  Razvan Crainea  <razvan at opensips dot org>
        * [197adc02da] :

        Revert "add auth_web3 module"

        This reverts commit 7109f39a0f597b2d71f7369be5d41f12ef9d88e1.


2025-12-05  Razvan Crainea  <razvan at opensips dot org>
        * [7109f39a0f] :

        add auth_web3 module


2025-12-05  Razvan Crainea  <razvan at opensips dot org>
        * [67483a5a27] :

        dialplan: make module work with both pcre2 and pcre3 libs


2025-12-04  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [a7610841b9] :

        [b2b_entities] avoid 487 Request Terminated over a previous final reply

        If a final 200 OK reply was already sent, do not sent the 487 Request Terminated, but rather release the transaction (to stop retrasnmissions)

        (cherry picked from commit 203d8c9582d4adc2a009ab0de23b04c0a9037f9f)


2025-12-04  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [308c6e4c94] :

        [auth_web3] generated README file


2025-12-03  Razvan Crainea  <razvan at opensips dot org>
        * [b5d00aac20] :

        proto_ipsec: fix several typos


2025-12-03  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [99c92ee995] :

        Merge pull request #3743 from OfficeRon/feature/auth_web3_module

        Feature/auth web3 module

2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [c51e2dd028] :

        debian: fully replace libcurl4 gnutls with openssl


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [7d9aadc01e] :

        debian: replace libcurl4 gnutls with openssl

        The reason is that librkafka depends on libcurl4-openssl-dev, which
        conflicts with libcurl4-gnutls-dev


2025-12-02  Vlad Paiu  <vladpaiu at opensips dot org>
        * [534d8271b5] :

        Add reg_delete and reg_upsert MI commands


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [7e6f7a695c] :

        Merge branch 'SteveAyre-feature/libpcre2'


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [30825e4e08] :

        dialplan: fix copying subst's out vector


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [661b89b630] :

        Rebuild documentation


2025-12-02  Jupiter Tang  <36952362 at qq dot com>
        * [d623d9efdb] :

        fix memory leak in tls_mgm (#3765)

        * fix SHM memory leak on the TLS domain match filter strings

2025-12-02  Jupiter Tang  <36952362 at qq dot com>
        * [567dcf93ee] :

        Opensips crash after siprec recording finished (#3751)

        * fix double free if register failed

        * should not src_clean_session(ss) after stop the recording to avoid double free

2025-12-02  Peter Lemenkov  <lemenkov at gmail dot com>
        * [938be06e06] :

        Remove unnecessary -j invocation (#3745)

        During parallel builds (make -j), numerous warnings appear for each module:

        ```
        make[1]: warning: -j0 forced in submake: resetting jobserver mode.
        ```

        Root cause: Lines 205 and 225 in the main Makefile explicitly pass `-j`
        (without a value) to submake invocations:

        ```
        $(MAKE) -j -C $$r ;
        ```

        When `-j` is specified without a number, it defaults to `-j0` (unlimited
        parallel jobs). This breaks GNU Make's jobserver coordination between the
        parent make process and submakes, resulting in the warning.

        Why this flag is redundant:

        When a user runs `make -jN` at the top level, GNU Make automatically
        manages parallelism across all recursive $(MAKE) invocations through its
        jobserver mechanism. Submakes inherit the parent's jobserver and
        participate in the same job pool without needing explicit `-j` flags.

        By adding `-j` in submakes, we:

        - Break jobserver coordination (triggering warnings)
        - Risk spawning unlimited jobs (potential system overload)
        - Override the user's intended parallelism level

        Performance impact: NONE

        Removing these `-j` flags does NOT slow down builds. The parallelism
        behavior remains unchanged:

        - `make -j4` → builds 4 jobs in parallel (before AND after this fix)
        - `make -j8` → builds 8 jobs in parallel (before AND after this fix)
        - `make` → builds sequentially (before AND after this fix)

        The only difference is that jobserver coordination now works correctly,
        eliminating the warnings without affecting build performance.

        Note: The FASTER variable and alternate build path remain unchanged to
        preserve compatibility with existing build scripts used by distribution
        packages (Debian, Arch).


        Assisted-by: Claude (Anthropic) <https://claude.ai>

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

2025-12-02  Ovidiu Sas  <osas at voipembedded dot com>
        * [b50b89b01e] :

        b2b_entities: enable in-dialog authentication (#3762)

        * b2b_entities: do not hardcode entity type when sending in dialog requests

        * b2b_entities: attempt auth only if uac_auth module is loaded and dlg state is B2B_NEW

        * b2b_entities: new function: b2b_send_indlg_auth_req()

        * b2b_entities: enable reINVITE authentication

2025-12-02  Patrice Fournier  <patrice.fournier at t38fax dot com>
        * [5449b3a324] :

        Fix memory leaks in stir_shaken module

        The stir_shaken module would leak memory any time a signature was added
        to a reply instead of the request or returned in a variable. This commit
        makes sure the Identity header lump does not get duplicated and freed
        only once. Also fixed possible memory leaks in case of issues while
        adding a date header to a request without one.


2025-12-02  Peter Lemenkov  <lemenkov at gmail dot com>
        * [601d4fab3b] :

        Fix const-correctness warnings with libxml2 error handling

        Multiple warnings appear during compilation of modules using libxml2:

        ```
        Compiling presentity.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -I/usr/include/libxml2 -c presentity.c -o presentity.o
        presentity.c: In function ‘dialog_fix_remote_target’:
        presentity.c:246:27: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
          246 |                 xml_error = xmlGetLastError();
              |                           ^
        ...
        Compiling notify_body.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence_xml' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify_body.c -o notify_body.o
        notify_body.c: In function ‘dialog_offline_body’:
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:100:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          100 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c: In function ‘presence_offline_body’:
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:154:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          154 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:189:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          189 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:197:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          197 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:206:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          206 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:216:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          216 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        ...
        Compiling notify.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='pua_bla' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify.c -o notify.o
        notify.c: In function ‘bla_body_is_valid’:
        notify.c:49:25: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           49 |                 xml_err = xmlGetLastError();
              |                         ^
        ```

        Libxml2's xmlGetLastError() returns 'const xmlError*' to indicate that
        the error structure is owned by the library and should not be modified.
        The code was assigning this to non-const pointers, discarding the const
        qualifier.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>
        Assisted-by: Claude (Anthropic) <https://claude.ai>


2025-12-02  Peter Lemenkov  <lemenkov at gmail dot com>
        * [5e28162c18] :

        Fix libdl linking typo to eliminate build warnings

        During compilation, the following annoying warnings appear during
        linking:

        ```
        gcc -shared -fPIC -DPIC -Wl,-z,relro -Wl,--as-needed  -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes   -Wl,-O2 -Wl,-E   db_http.o http_dbase.o ssl_tweaks.o   -ldl -lresolv -pthread -lcurl -dl -Bsymbolic  -o db_http.so
        lto1: warning: unrecognized gcc debugging option: l
        lto1: warning: unrecognized gcc debugging option: l
        ```

        They seems harmless but really noisy so after a little research I've
        found that they were caused by the following lines in a several
        Makefiles:

        ```
        LIBS += -dl -Bsymbolic
        ```

        These were adeed in a few commits, such as 149e69e3f67 and a3e87277f27.
        Apparently the idea was to link against libdl e.g. `LIBS += -ldl`.

        Although in most cases libdl is linked by default and there is no strict
        requirement to specifically mention it (that's probably why nobody saw
        it) it's better to link it explicitly to make the original intention
        more clear.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [c168be5d55] :

        Rebuild documentation


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [1f90bfae58] :

        aaa_diameter: fix len for hexstring AVPs encoding

        When provided from script, make sure we do not halve the length, as it
        has already been done in the `hex2string` function


2025-12-02  Vlad Paiu  <vladpaiu at opensips dot org>
        * [3687bfe656] :

        Reduce verbosity of libcurl and send errors to stderr


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [3726ef858b] :

        Rebuild documentation


2025-12-02  andingv  <74421031+andingv at users.noreply.github dot com>
        * [7ee7df33a8] :

        b2b_logic: fix column indexes for the update of b2b legs (#3758)



2025-12-02  Ovidiu Sas  <osas at voipembedded dot com>
        * [c3e7c101ea] :

        event_rabbitmq: complete code optimization (#3755)

        - change signature for rmq_basic_server_publish()
         - remove redundant rmq_basic_publish()

2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [3189b42341] :

        Event route: Avoid double async dispatching

        This patch makes it so an event route raised within an async context
        (e.g. a clusterer SYNC packet which is processed via async dispatch)
        shall no longer trigger yet another async dispatch, as it is effectively
        a waste of resources.  The 2nd async dispatch will no longer offer any
        throughput or performance benefit -- we are already using all workers.

        The core problem here was that the @ipc_shared_pipe unnamed pipe has a
        default internal buffer of 64K by default, past which the writing
        (i.e. the async job deliveries) become blocking.  And with each job
        taking up 24 bytes... there is space for only ~2700 jobs.  Now, try
        sync'ing 30.000 usrloc contacts on startup and also run a
        double-async-dispatched E_UL_CONTACT_INSERT event_route, all pushing
        jobs into the same pipe, and you have a stuck OpenSIPS.


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [6eb8243f30] :

        Rebuild documentation


2025-12-02  Ovidiu Sas  <osas at voipembedded dot com>
        * [8da9bf3526] :

        event_rabbitmq: optimize code and remove duplicate code (#3754)

        * event_rabbitmq: fix amqp_set_sockfd() param

        * event_rabbitmq: Use RMQ_DEFAULT_FRAMES instead of RMQ_DEFAULT_MAX

        * event_rabbitmq: rework rmq_reconnect() signature

        * event_rabbitmq: rework rmq_server_reconnect() signature

        * event_rabbitmq: remove rmq_reconnect()

2025-12-02  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [7b7be1c821] :

        [parser] restore the setting of via2, needed for stateless reply routing

        Regresion from da7da69519b959e7395dad586ff50264b63ccd7f


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [f9c3f7247d] :

        Rebuild documentation


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [690b8df03a] :

        Add command-line option `i` (ignore module revision checks)

        The purpose of the new "-i" cmdline option is to speed up development
        workflows, especially when the developer knows that the module
        interfacing APIs and data structures did not change, after a git sync.

        Default behavior is un-changed: module revision checks are ON


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [bc20f2f38a] :

        rtp_relay: fix overwriting peer's leg


2025-12-02  Ovidiu Sas  <osas at voipembedded dot com>
        * [0d8087a87b] :

        event_rabbitmq: restore event functionality (#3738)

        * event_rabbitmq: restore event functionality

        * event_rabbitmq: fix server reconnect

2025-12-02  Jupiter Tang  <36952362 at qq dot com>
        * [471f6097f4] :

        Fix SIPREC crash issue (#3748)



2025-12-02  Peter Lemenkov  <lemenkov at gmail dot com>
        * [ade09044ec] :

        Fix curl type warnings: use long instead of int

        Multiple warnings appear during compilation of modules using libcurl:

        ```
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='rest_client' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c rest_methods.c -o rest_methods.o
        rest_methods.c: In function ‘init_transfer’:
        rest_methods.c:408:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          408 |                 w_curl_easy_setopt(handle, CURLOPT_HTTP_VERSION, curl_http_version);
              |                 ^
        rest_methods.c:422:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          422 |         w_curl_easy_setopt(handle, CURLOPT_VERBOSE, 1);
              |         ^
        rest_methods.c:424:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          424 |         w_curl_easy_setopt(handle, CURLOPT_FAILONERROR, 0);
              |         ^
        rest_methods.c: In function ‘set_upload_opts’:
        rest_methods.c:480:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          480 |         w_curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, body->len);
              |         ^
        rest_methods.c: In function ‘rest_sync_transfer’:
        rest_methods.c:714:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          714 |                 set_post_opts(sync_handle, ctype, body);
              |                 ^
        rest_methods.c: In function ‘start_async_http_req’:
        rest_methods.c:847:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          847 |                 set_post_opts(handle, req_ctype, req_body);
              |                 ^
        rest_methods.c:918:25: warning: call to ‘Wcurl_easy_getinfo_err_long’ declared with attribute warning: curl_easy_getinfo expects a pointer to long [-Wattribute-warning]
          918 |                         curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &http_rc);
              |                         ^
        ```

        Let's ensure we pass a literals and variables with a proper type.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [915fe3ea13] :

        Rebuild documentation


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [3f050ce732] :

        b2b_entities: fix crash while debugging client's dlg

        Client's dlg is released when a 200 OK is received - thus, when printing
        something after the request is out, if a 200 OK is received, the log
        might no longer be available - this patch fixes this concurrency issue.


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [941559618c] :

        Fix HP_MALLOC issue in prev commit


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [c37bffe157] :

        Mitigate dprint() deadlocks with dbg allocators

        Only concerns F_MALLOC_DBG, HP_MALLOC_DBG and F_PARALLEL_MALLOC_DBG
        allocators, and reduces the chance of a self-deadlock in LIBC whenever
        an OpenSIPS worker crashes inside any kind of dprint() statement.

        Related to #3742


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [c447e6fdeb] :

        siprec: xml escape callid and group's name

        Many thanks to @SteveAyre for reporting it!
        Fixes #3723


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [b97c9c06b8] :

        siprec: drop useless code


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [26940aad51] :

        Rebuild documentation


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [0d28ccb72f] :

        tm: register context functions before initializing

        Fixes bug introduced by 1bd9e8bb, where context initialization failed
        because it was not registered after variables had been parsed. The
        commit ensures that when the variables are initialized, the context
        functions exist.

        Many thanks to Nick Altmann for reporting it!


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [b5c2236848] :

        event_rabbitmq: fix exchange parsing

        Many thanks to Ovidiu Sas (@ovidiusas) for brainstorimg


2025-12-02  Ovidiu Sas  <osas at voipembedded dot com>
        * [ea7b3f656c] :

        event_rabbitmq: proper initialization for rabbitmq connection (#3725)



2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [954bf0043c] :

        cachedb.h: Fix broken capability enum (since 41aea5fda)

        Fixes #3728


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [63483095b2] :

        pvar: init buffers before initializing modules


2025-12-02  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [358196f6eb] :

        [event_routing] fix timeout for sync wait_for_event()


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [47b2806d18] :

        Rebuild documentation


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [717e8a3751] :

        callops: add headers params to call_hold/call_unhold MI cmds


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [033eafae52] :

        callops: add leg parameter to call_hold/call_unhold MI cmd


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [dc43a9b311] :

        SDP ops: Do not crash in failure_route (part 1)

        For now, clear all SDP changes when cloning the SIP message into SHM.
        This fixes issues when using $sdp variable and failure_route within the
        same SIP message processing.


2025-12-02  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [313ba6c4f7] :

        [presence] fix bogus array size for events to be clustered.

        The badly allocated size could generate an overflow for the newly added events.
        Credits got to @razvancrainea for spotting the issue


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [2674e9cf7a] :

        Rebuild documentation


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [6a41c4ce57] :

        clusterer: Avoid use of VLA, to make Clang happy


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [c572dc6ad9] :

        clusterer/ratelimit: Document the new Bridge-Replication feature


2025-12-02  Liviu Chircu  <liviu at opensips dot org>
        * [344688c198] :

        ratelimit/clusterer: Add "Cluster-Bridge Replication" feature

        This patch extends both clusterer and ratelimit with an optional
        mechanism to replicate pipes between different clusters, possibly over
        larger-latency, inter-DC WAN links.  This helps improve the scalability
        of the default, full-mesh pipe replication strategy.

        A new table has been added, named "clusterer_bridge", which contains
        directed replication channels between different clusters.  The
        origination node is decided using a shared tag, one for each WAN link.

          Before:
             DC #1         DC #2
                   WAN link
               A ─────────── C
               │ \        /  │
               │   \   /     │
               │      X      │            8 inter-DC replication channels
               │    /   \    │               (AC,AD,BC,BD,CA,CB,DA,DB)
               │  /       \  │
               B ─────────── D
                   WAN link
                cluster_id: 1

          After:                                                2 inter-DC
                  DC #1       WAN link        DC #2            replications
             ( A <-----> B ) <--------> ( C <------> D )         (AC,DB)
              cluster_id: 1               cluster_id: 2
            sender: wan1 shtag          sender: wan1 shtag

        Credits to SIPNav for sponsoring this work!


2025-12-02  Ken Rice  <krice at sipnavigator dot com>
        * [a3ae498d87] :

        Makefile tweaks to avoid $(shell ...) expansions from failing

        Fixes #3717


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [98b2950a81] :

        json: use non-slashes representation only with json-c >= 0.13


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [b24787683a] :

        pike: guard from 0-length IPs crashes


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [c1ffaa0b9a] :

        receive: restore static info about errored messages


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [e6956ce40e] :

        dialog: add active_only parameter to load_dialog_ctx

        The new parameter makes the function to return only active dialogs -
        dialogs that are in state <= 4


2025-12-02  OpenSIPS  <github at opensips dot org>
        * [62b1c0de5c] :

        Rebuild documentation


2025-12-02  Darius Stefan  <darius.stefan at opensips dot org>
        * [d162b6cae4] :

        json: add a new pseudo-variable - json_compact_noescape

        - add this pv to support printing in compact form, but without escaping slashes


2025-12-02  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [607198877d] :

        [tm] fix crash on stats update when stats are disabled

        Do proper testing on enabled/disabled status of the stats
        Closes #3718
        Reported by @juliansanter-konverto and @MrM0bi

        (cherry picked from commit b415545a5844b4e4155c8c197bf27f578e3f0a77)


2025-12-02  Razvan Crainea  <razvan at opensips dot org>
        * [200d44426a] :

        mpath: support comma separated values


2025-11-30  OpenSIPS  <github at opensips dot org>
        * [4cdf9f48b9] :

        Rebuild documentation


2025-11-28  Jupiter Tang  <36952362 at qq dot com>
        * [9d4afd42ca] :

        fix memory leak in tls_mgm (#3765)

        * fix SHM memory leak on the TLS domain match filter strings

2025-11-25  Jupiter Tang  <36952362 at qq dot com>
        * [71933b2821] :

        Opensips crash after siprec recording finished (#3751)

        * fix double free if register failed

        * should not src_clean_session(ss) after stop the recording to avoid double free

2025-11-25  Peter Lemenkov  <lemenkov at gmail dot com>
        * [27e429319c] :

        Remove unnecessary -j invocation (#3745)

        During parallel builds (make -j), numerous warnings appear for each module:

        ```
        make[1]: warning: -j0 forced in submake: resetting jobserver mode.
        ```

        Root cause: Lines 205 and 225 in the main Makefile explicitly pass `-j`
        (without a value) to submake invocations:

        ```
        $(MAKE) -j -C $$r ;
        ```

        When `-j` is specified without a number, it defaults to `-j0` (unlimited
        parallel jobs). This breaks GNU Make's jobserver coordination between the
        parent make process and submakes, resulting in the warning.

        Why this flag is redundant:

        When a user runs `make -jN` at the top level, GNU Make automatically
        manages parallelism across all recursive $(MAKE) invocations through its
        jobserver mechanism. Submakes inherit the parent's jobserver and
        participate in the same job pool without needing explicit `-j` flags.

        By adding `-j` in submakes, we:

        - Break jobserver coordination (triggering warnings)
        - Risk spawning unlimited jobs (potential system overload)
        - Override the user's intended parallelism level

        Performance impact: NONE

        Removing these `-j` flags does NOT slow down builds. The parallelism
        behavior remains unchanged:

        - `make -j4` → builds 4 jobs in parallel (before AND after this fix)
        - `make -j8` → builds 8 jobs in parallel (before AND after this fix)
        - `make` → builds sequentially (before AND after this fix)

        The only difference is that jobserver coordination now works correctly,
        eliminating the warnings without affecting build performance.

        Note: The FASTER variable and alternate build path remain unchanged to
        preserve compatibility with existing build scripts used by distribution
        packages (Debian, Arch).


        Assisted-by: Claude (Anthropic) <https://claude.ai>

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

2025-11-25  Ovidiu Sas  <osas at voipembedded dot com>
        * [dee0a54d61] :

        b2b_entities: enable in-dialog authentication (#3762)

        * b2b_entities: do not hardcode entity type when sending in dialog requests

        * b2b_entities: attempt auth only if uac_auth module is loaded and dlg state is B2B_NEW

        * b2b_entities: new function: b2b_send_indlg_auth_req()

        * b2b_entities: enable reINVITE authentication

2025-11-25  Liviu Chircu  <liviu at opensips dot org>
        * [e7dc1e4802] :

        Merge pull request #3761 from pfournier/stir-shaken-memory-leaks

        Fix memory leaks in stir_shaken module

2025-11-24  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [e3bec7e266] :

        Merge pull request #3747 from lemenkov/constify_libxml2_api

        Fix const-correctness warnings with libxml2 error handling

2025-11-24  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [6d784ce450] :

        Merge pull request #3744 from lemenkov/libdl_link_typo

        Fix libdl linking typo to eliminate build warnings

2025-11-23  OpenSIPS  <github at opensips dot org>
        * [dfcb6992c1] :

        Rebuild documentation


2025-11-20  Patrice Fournier  <patrice.fournier at t38fax dot com>
        * [1b3c725377] :

        Fix memory leaks in stir_shaken module

        The stir_shaken module would leak memory any time a signature was added
        to a reply instead of the request or returned in a variable. This commit
        makes sure the Identity header lump does not get duplicated and freed
        only once. Also fixed possible memory leaks in case of issues while
        adding a date header to a request without one.


2025-11-18  Razvan Crainea  <razvan at opensips dot org>
        * [7586056843] :

        aaa_diameter: fix len for hexstring AVPs encoding

        When provided from script, make sure we do not halve the length, as it
        has already been done in the `hex2string` function


2025-11-18  Liviu Chircu  <liviu at opensips dot org>
        * [6f93a2d0c3] :

        Merge pull request #3757 from vladpaiu/rest_verbosity

        Reduce verbosity of libcurl and send errors to stderr

2025-11-16  OpenSIPS  <github at opensips dot org>
        * [b937a91853] :

        Rebuild documentation


2025-11-14  andingv  <74421031+andingv at users.noreply.github dot com>
        * [905c17a732] :

        b2b_logic: fix column indexes for the update of b2b legs (#3758)



2025-11-14  Vlad Paiu  <vladpaiu at opensips dot org>
        * [f1ca60be4d] :

        Reduce verbosity of libcurl and send errors to stderr


2025-11-12  Ovidiu Sas  <osas at voipembedded dot com>
        * [ddfb39fc8e] :

        event_rabbitmq: complete code optimization (#3755)

        - change signature for rmq_basic_server_publish()
         - remove redundant rmq_basic_publish()

2025-11-11  Liviu Chircu  <liviu at opensips dot org>
        * [5c8d133be1] :

        Event route: Avoid double async dispatching

        This patch makes it so an event route raised within an async context
        (e.g. a clusterer SYNC packet which is processed via async dispatch)
        shall no longer trigger yet another async dispatch, as it is effectively
        a waste of resources.  The 2nd async dispatch will no longer offer any
        throughput or performance benefit -- we are already using all workers.

        The core problem here was that the @ipc_shared_pipe unnamed pipe has a
        default internal buffer of 64K by default, past which the writing
        (i.e. the async job deliveries) become blocking.  And with each job
        taking up 24 bytes... there is space for only ~2700 jobs.  Now, try
        sync'ing 30.000 usrloc contacts on startup and also run a
        double-async-dispatched E_UL_CONTACT_INSERT event_route, all pushing
        jobs into the same pipe, and you have a stuck OpenSIPS.


2025-11-09  OpenSIPS  <github at opensips dot org>
        * [e2c244ed0b] :

        Rebuild documentation


2025-11-07  Ovidiu Sas  <osas at voipembedded dot com>
        * [feaa1d1def] :

        event_rabbitmq: optimize code and remove duplicate code (#3754)

        * event_rabbitmq: fix amqp_set_sockfd() param

        * event_rabbitmq: Use RMQ_DEFAULT_FRAMES instead of RMQ_DEFAULT_MAX

        * event_rabbitmq: rework rmq_reconnect() signature

        * event_rabbitmq: rework rmq_server_reconnect() signature

        * event_rabbitmq: remove rmq_reconnect()

2025-11-05  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [26f2c7ee13] :

        [parser] restore the setting of via2, needed for stateless reply routing

        Regresion from da7da69519b959e7395dad586ff50264b63ccd7f


2025-11-02  OpenSIPS  <github at opensips dot org>
        * [faefd3fb2f] :

        Rebuild documentation


2025-10-30  Liviu Chircu  <liviu at opensips dot org>
        * [5b37b6d71d] :

        Add command-line option `i` (ignore module revision checks)

        The purpose of the new "-i" cmdline option is to speed up development
        workflows, especially when the developer knows that the module
        interfacing APIs and data structures did not change, after a git sync.

        Default behavior is un-changed: module revision checks are ON


2025-10-28  Razvan Crainea  <razvan at opensips dot org>
        * [12939ed244] :

        rtp_relay: fix overwriting peer's leg


2025-10-28  Ovidiu Sas  <osas at voipembedded dot com>
        * [33843ab483] :

        event_rabbitmq: restore event functionality (#3738)

        * event_rabbitmq: restore event functionality

        * event_rabbitmq: fix server reconnect

2025-10-28  Jupiter Tang  <36952362 at qq dot com>
        * [33f99bf142] :

        Fix SIPREC crash issue (#3748)



2025-10-27  Liviu Chircu  <liviu at opensips dot org>
        * [6babb16f01] :

        Merge pull request #3746 from lemenkov/curl_wrong_types

        Fix curl type warnings: use long instead of int

2025-10-26  OpenSIPS  <github at opensips dot org>
        * [565ba3ccca] :

        Rebuild documentation


2025-10-25  Peter Lemenkov  <lemenkov at gmail dot com>
        * [64a9340a26] :

        Fix const-correctness warnings with libxml2 error handling

        Multiple warnings appear during compilation of modules using libxml2:

        ```
        Compiling presentity.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -I/usr/include/libxml2 -c presentity.c -o presentity.o
        presentity.c: In function ‘dialog_fix_remote_target’:
        presentity.c:246:27: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
          246 |                 xml_error = xmlGetLastError();
              |                           ^
        ...
        Compiling notify_body.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='presence_xml' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify_body.c -o notify_body.o
        notify_body.c: In function ‘dialog_offline_body’:
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:100:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          100 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c: In function ‘presence_offline_body’:
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:154:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          154 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:189:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          189 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:197:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          197 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:206:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          206 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        notify_body.c:48:13: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           48 |         (e) = xmlGetLastError(); (msg) = (e) ? (e)->message : "unknown error"
              |             ^
        notify_body.c:216:17: note: in expansion of macro ‘GET_LAST_XML_ERROR’
          216 |                 GET_LAST_XML_ERROR(xml_error, err_msg);
              |                 ^~~~~~~~~~~~~~~~~~
        ...
        Compiling notify.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='pua_bla' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include/libxml2 -c notify.c -o notify.o
        notify.c: In function ‘bla_body_is_valid’:
        notify.c:49:25: warning: assignment discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
           49 |                 xml_err = xmlGetLastError();
              |                         ^
        ```

        Libxml2's xmlGetLastError() returns 'const xmlError*' to indicate that
        the error structure is owned by the library and should not be modified.
        The code was assigning this to non-const pointers, discarding the const
        qualifier.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>
        Assisted-by: Claude (Anthropic) <https://claude.ai>


2025-10-25  Peter Lemenkov  <lemenkov at gmail dot com>
        * [2a03d51f74] :

        Fix curl type warnings: use long instead of int

        Multiple warnings appear during compilation of modules using libcurl:

        ```
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='rest_client' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.2"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"994bcd690"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c rest_methods.c -o rest_methods.o
        rest_methods.c: In function ‘init_transfer’:
        rest_methods.c:408:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          408 |                 w_curl_easy_setopt(handle, CURLOPT_HTTP_VERSION, curl_http_version);
              |                 ^
        rest_methods.c:422:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          422 |         w_curl_easy_setopt(handle, CURLOPT_VERBOSE, 1);
              |         ^
        rest_methods.c:424:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          424 |         w_curl_easy_setopt(handle, CURLOPT_FAILONERROR, 0);
              |         ^
        rest_methods.c: In function ‘set_upload_opts’:
        rest_methods.c:480:9: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          480 |         w_curl_easy_setopt(handle, CURLOPT_POSTFIELDSIZE, body->len);
              |         ^
        rest_methods.c: In function ‘rest_sync_transfer’:
        rest_methods.c:714:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          714 |                 set_post_opts(sync_handle, ctype, body);
              |                 ^
        rest_methods.c: In function ‘start_async_http_req’:
        rest_methods.c:847:17: warning: call to ‘Wcurl_easy_setopt_err_long’ declared with attribute warning: curl_easy_setopt expects a long argument [-Wattribute-warning]
          847 |                 set_post_opts(handle, req_ctype, req_body);
              |                 ^
        rest_methods.c:918:25: warning: call to ‘Wcurl_easy_getinfo_err_long’ declared with attribute warning: curl_easy_getinfo expects a pointer to long [-Wattribute-warning]
          918 |                         curl_easy_getinfo(handle, CURLINFO_RESPONSE_CODE, &http_rc);
              |                         ^
        ```

        Let's ensure we pass a literals and variables with a proper type.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-10-24  Peter Lemenkov  <lemenkov at gmail dot com>
        * [354ba017ae] :

        Fix libdl linking typo to eliminate build warnings

        During compilation, the following annoying warnings appear during
        linking:

        ```
        gcc -shared -fPIC -DPIC -Wl,-z,relro -Wl,--as-needed  -Wl,-z,pack-relative-relocs -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-hardened-ld-errors -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes   -Wl,-O2 -Wl,-E   db_http.o http_dbase.o ssl_tweaks.o   -ldl -lresolv -pthread -lcurl -dl -Bsymbolic  -o db_http.so
        lto1: warning: unrecognized gcc debugging option: l
        lto1: warning: unrecognized gcc debugging option: l
        ```

        They seems harmless but really noisy so after a little research I've
        found that they were caused by the following lines in a several
        Makefiles:

        ```
        LIBS += -dl -Bsymbolic
        ```

        These were adeed in a few commits, such as 149e69e3f67 and a3e87277f27.
        Apparently the idea was to link against libdl e.g. `LIBS += -ldl`.

        Although in most cases libdl is linked by default and there is no strict
        requirement to specifically mention it (that's probably why nobody saw
        it) it's better to link it explicitly to make the original intention
        more clear.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-10-24  Razvan Crainea  <razvan at opensips dot org>
        * [ab7295aa53] :

        b2b_entities: fix crash while debugging client's dlg

        Client's dlg is released when a 200 OK is received - thus, when printing
        something after the request is out, if a 200 OK is received, the log
        might no longer be available - this patch fixes this concurrency issue.


2025-10-22  Your Name  <ron at cellact dot nl>
        * [0c0bb9389e] :

        fix(copyright): corrected copyright of the module and cleared up confusion about if the module is for opensips or kamailio

        - Change all copyright headers from Jonathan Kandel to Cellact B.V.
        - Update all Kamailio references to OpenSIPS throughout codebase
        - Remove build artifacts (.d, .o, .so files) and .history directory
        - Ensure module is clearly positioned as OpenSIPS module, not Kamailio port

        Addresses OpenSIPS reviewer feedback about copyright ownership and project focus.


2025-10-22  Liviu Chircu  <liviu at opensips dot org>
        * [1377c59e1a] :

        Fix HP_MALLOC issue in prev commit


2025-10-21  Liviu Chircu  <liviu at opensips dot org>
        * [6c914e388b] :

        Mitigate dprint() deadlocks with dbg allocators

        Only concerns F_MALLOC_DBG, HP_MALLOC_DBG and F_PARALLEL_MALLOC_DBG
        allocators, and reduces the chance of a self-deadlock in LIBC whenever
        an OpenSIPS worker crashes inside any kind of dprint() statement.

        Related to #3742


2025-10-20  Razvan Crainea  <razvan at opensips dot org>
        * [8993236b02] :

        siprec: xml escape callid and group's name

        Many thanks to @SteveAyre for reporting it!
        Fixes #3723


2025-10-20  Razvan Crainea  <razvan at opensips dot org>
        * [493249201f] :

        siprec: drop useless code


2025-10-13  Your Name  <ron at cellact dot nl>
        * [b89f30c51c] :

        feat(auth_web3): add Web3 authentication module

        - Implements ENS-based authentication using Ethereum Name Service
        - Integrates with Oasis Sapphire blockchain for digest verification
        - Supports both WWW-Authenticate and Proxy-Authenticate flows
        - Compatible with standard SIP digest authentication
        - Includes comprehensive documentation and examples

        Author: Ron Terman <ron at cellact dot com>
        Organization: Cellact B.V.

        Features:
        - web3_www_authenticate() and web3_proxy_authenticate() functions
        - ENS name resolution to wallet addresses
        - Blockchain digest verification via smart contracts
        - Support for Oasis Sapphire testnet and mainnet
        - Complete DocBook documentation

        Dependencies:
        - libcurl for HTTP RPC calls
        - OpenSSL for cryptographic operations

        Tested with OpenSIPS 3.2+ on REGISTER and INVITE authentication flows.


2025-10-13  Your Name  <ron at cellact dot nl>
        * [193c21a025] :

        feat(auth_web3): add Web3 authentication module

        - Implements ENS-based authentication using Ethereum Name Service
        - Integrates with Oasis Sapphire blockchain for digest verification
        - Supports both WWW-Authenticate and Proxy-Authenticate flows
        - Compatible with standard SIP digest authentication
        - Includes comprehensive documentation and examples

        Author: Ron Terman <ron at cellact dot com>
        Organization: Cellact B.V.

        Features:
        - web3_www_authenticate() and web3_proxy_authenticate() functions
        - ENS name resolution to wallet addresses
        - Blockchain digest verification via smart contracts
        - Support for Oasis Sapphire testnet and mainnet
        - Complete DocBook documentation

        Dependencies:
        - libcurl for HTTP RPC calls
        - OpenSSL for cryptographic operations

        Tested with OpenSIPS 3.2+ on REGISTER and INVITE authentication flows.


2025-10-12  OpenSIPS  <github at opensips dot org>
        * [f7a53fb3e4] :

        Rebuild documentation


2025-10-09  Razvan Crainea  <razvan at opensips dot org>
        * [8bb39a2679] :

        tm: register context functions before initializing

        Fixes bug introduced by 1bd9e8bb, where context initialization failed
        because it was not registered after variables had been parsed. The
        commit ensures that when the variables are initialized, the context
        functions exist.

        Many thanks to Nick Altmann for reporting it!


2025-10-09  Razvan Crainea  <razvan at opensips dot org>
        * [758667b68b] :

        event_rabbitmq: fix exchange parsing

        Many thanks to Ovidiu Sas (@ovidiusas) for brainstorimg


2025-10-09  Ovidiu Sas  <osas at voipembedded dot com>
        * [7d998c6e53] :

        event_rabbitmq: proper initialization for rabbitmq connection (#3725)



2025-10-07  Liviu Chircu  <liviu at opensips dot org>
        * [d1bb4267d0] :

        cachedb.h: Fix broken capability enum (since 41aea5fda)

        Fixes #3728


2025-10-07  Razvan Crainea  <razvan at opensips dot org>
        * [1bd9e8bb20] :

        pvar: init buffers before initializing modules


2025-10-06  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [1631575161] :

        [event_routing] fix timeout for sync wait_for_event()


2025-10-06  Jasper Hafkenscheid  <jasper.hafkenscheid at voys dot nl>
        * [6c911c3105] :

        resolve: fix CNAME chain resolution with caching

        The DNS resolver now explicitly follows CNAME chains instead of relying
        on res_search() to handle them transparently. This fixes resolution
        failures when the DNS cache module is enabled, as cached CNAME responses
        need to be followed manually to reach the final A/AAAA records.

        Changes:
        - Add iterative CNAME chain following in own_gethostbyname2()
        - Limit chain depth to 10 to prevent infinite loops
        - Add debug logging for CNAME traversal


2025-10-05  OpenSIPS  <github at opensips dot org>
        * [2b7062281d] :

        Rebuild documentation


2025-10-03  Razvan Crainea  <razvan at opensips dot org>
        * [4e2b5a9839] :

        callops: add headers params to call_hold/call_unhold MI cmds


2025-10-03  Razvan Crainea  <razvan at opensips dot org>
        * [b15b461703] :

        callops: add leg parameter to call_hold/call_unhold MI cmd


2025-10-02  Liviu Chircu  <liviu at opensips dot org>
        * [275237dcf4] :

        SDP ops: Do not crash in failure_route (part 1)

        For now, clear all SDP changes when cloning the SIP message into SHM.
        This fixes issues when using $sdp variable and failure_route within the
        same SIP message processing.


2025-09-30  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [c7f99eef73] :

        [presence] fix bogus array size for events to be clustered.

        The badly allocated size could generate an overflow for the newly added events.
        Credits got to @razvancrainea for spotting the issue


2025-09-28  OpenSIPS  <github at opensips dot org>
        * [d5c3ef8e5c] :

        Rebuild documentation


2025-09-25  Liviu Chircu  <liviu at opensips dot org>
        * [9f9465399e] :

        clusterer: Avoid use of VLA, to make Clang happy


2025-09-25  Liviu Chircu  <liviu at opensips dot org>
        * [5449f356fb] :

        Merge branch 'feature/ratelimit-bridge-repl'


2025-09-25  Liviu Chircu  <liviu at opensips dot org>
        * [0419e8ac4d] :

        clusterer/ratelimit: Document the new Bridge-Replication feature


2025-09-25  Liviu Chircu  <liviu at opensips dot org>
        * [71b47fa2bb] :

        ratelimit/clusterer: Add "Cluster-Bridge Replication" feature

        This patch extends both clusterer and ratelimit with an optional
        mechanism to replicate pipes between different clusters, possibly over
        larger-latency, inter-DC WAN links.  This helps improve the scalability
        of the default, full-mesh pipe replication strategy.

        A new table has been added, named "clusterer_bridge", which contains
        directed replication channels between different clusters.  The
        origination node is decided using a shared tag, one for each WAN link.

          Before:
             DC #1         DC #2
                   WAN link
               A ─────────── C
               │ \        /  │
               │   \   /     │
               │      X      │            8 inter-DC replication channels
               │    /   \    │               (AC,AD,BC,BD,CA,CB,DA,DB)
               │  /       \  │
               B ─────────── D
                   WAN link
                cluster_id: 1

          After:                                                2 inter-DC
                  DC #1       WAN link        DC #2            replications
             ( A <-----> B ) <--------> ( C <------> D )         (AC,DB)
              cluster_id: 1               cluster_id: 2
            sender: wan1 shtag          sender: wan1 shtag

        Credits to SIPNav for sponsoring this work!


2025-09-24  Ken Rice  <krice at sipnavigator dot com>
        * [9ce51e3744] :

        Makefile tweaks to avoid $(shell ...) expansions from failing

        Fixes #3717


2025-09-23  Razvan Crainea  <razvan at opensips dot org>
        * [7a00c4684f] :

        json: use non-slashes representation only with json-c >= 0.13


2025-09-23  Razvan Crainea  <razvan at opensips dot org>
        * [69abc4f9fb] :

        pike: guard from 0-length IPs crashes


2025-09-23  Razvan Crainea  <razvan at opensips dot org>
        * [f62135500e] :

        receive: restore static info about errored messages


2025-09-23  Razvan Crainea  <razvan at opensips dot org>
        * [f2183ed40f] :

        dialog: add active_only parameter to load_dialog_ctx

        The new parameter makes the function to return only active dialogs -
        dialogs that are in state <= 4


2025-09-21  OpenSIPS  <github at opensips dot org>
        * [7fb9e11d99] :

        Rebuild documentation


2025-09-18  Liviu Chircu  <liviu at opensips dot org>
        * [3a2eed050c] :

        Merge pull request #3722 from dariusstefan/master

        json: add a new pseudo-variable - json_compact_noescape

2025-09-18  Darius Stefan  <darius.stefan at opensips dot org>
        * [cbe3dc33ee] :

        json: add a new pseudo-variable - json_compact_noescape

        - add this pv to support printing in compact form, but without escaping slashes


2025-09-18  Steve Ayre  <steven.ayre at dubber dot net>
        * [6082b43fa8] :

        create pcre2 compile context once instead of for each compile


2025-09-18  Steve Ayre  <steven.ayre at dubber dot net>
        * [c58e3af0cc] :

        update dialplan module for pcre2


2025-09-18  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [25f065b2c2] :

        [tm] fix crash on stats update when stats are disabled

        Do proper testing on enabled/disabled status of the stats
        Closes #3718
        Reported by @juliansanter-konverto and @MrM0bi

        (cherry picked from commit b415545a5844b4e4155c8c197bf27f578e3f0a77)


2025-09-18  Razvan Crainea  <razvan at opensips dot org>
        * [2b50cbb583] :

        mpath: support comma separated values


2025-09-17  Steve Ayre  <steven.ayre at dubber dot net>
        * [3cc28d166b] :

        update regex module for pcre2


2025-09-17  Steve Ayre  <steven.ayre at dubber dot net>
        * [1cb16e082e] :

        require libpcre2


2025-09-17  Liviu Chircu  <liviu at opensips dot org>
        * [561a15515f] :

        stun: Fix regression in 'use_listeners_as_primary' feature

        In commit 8e6000d5f0d8d, it was missed that FD_SET(fd_x...) calls are
        idempotent, while reactor_add_reader(fd_x...) calls are not. So when you
        perform them multiple times (which the 'use_listeners_as_primary'
        feature MAY do), OpenSIPS startup would now ERROR and abort.

        Many thanks to Bernard Buitenhuis for an accurate report and sponsoring
        the fix!


2025-09-17  Razvan Crainea  <razvan at opensips dot org>
        * [a6b6e0431d] :

        utils/wireshark/dissector: fix clusterer parsing


2025-09-16  Liviu Chircu  <liviu at opensips dot org>
        * [a23ba7903f] :

        permissions: Small bugfix in DB schema

        It seems bitmask values of 128 could not be stored in the table (e.g.
        IPv6 addresses, not subnets), as TINYINT (char) can only support the
        [-128, 127) interval.

        As a fix, we silently bump the column to SMALLINT (2 bytes), solving the
        issue but also not causing any breakage when pulling new packages
        (e.g. no table version update, so we can backport this).


2025-09-16  Liviu Chircu  <liviu at opensips dot org>
        * [8b1806ec66] :

        permissions: Fix incorrect match of IPv4 addr against IPv6

        matchnet()'s possible rcs were not fully handled (here, the -1 case).

        Many thanks to Bernard Buitenhuis for reporting the issue.


2025-09-14  OpenSIPS  <github at opensips dot org>
        * [4bf044ab5f] :

        Rebuild documentation


2025-09-12  Liviu Chircu  <liviu at opensips dot org>
        * [4b13a13300] :

        DB version check: Minor improvements

        * improve error reporting when table is not present in 'version':
            "invalid version 0 for table clusterer found, expected 4"  (???)
               vs.
            "'clusterer' entry not found in version table, expected ver 4"

        * add a way of checking if the table does not exist, programmatically


2025-09-12  Razvan Crainea  <razvan at opensips dot org>
        * [bbfa2b0c19] :

        siprec: make timeout handling more robust

        Make sure we are not trying to access the RTP context that has been
        destroyed along with the dialog moving in state 5.


2025-09-12  Razvan Crainea  <razvan at opensips dot org>
        * [c5fd8adfcc] :

        siprec: do not try to engage siprec if media not established


2025-09-09  Jason Shugart  <jasonshugart at gmail dot com>
        * [40109f40c8] :

        Ignore extra headers in MSRP


2025-09-08  Liviu Chircu  <liviu at opensips dot org>
        * [20b0ba813a] :

        SDP ops: Fix edge-case with missing ending LF

        OpenSIPS no longer throws an error on SDP bodies with missing
        line-termination sequence on the very last line.  According to SDP ABNF
        specs, this is bad syntax, but we accept it and move on.

        Moreover, assuming the SDP is dirty (at least one edit), the output SDP
        ($sdp) will always be normalized to include the ending LF sequence.


2025-09-07  OpenSIPS  <github at opensips dot org>
        * [14f1f74710] :

        Rebuild documentation


2025-09-05  Liviu Chircu  <liviu at opensips dot org>
        * [020ea0de75] :

        SDP ops: Add "\n" line-ending tests; Fix "$sdp = NULL;"

        The "$sdp = NULL;" statement wasn't fully working as expected, as
        subsequent operations would still pick up some left-over SDP data.


2025-09-05  Razvan Crainea  <razvan at opensips dot org>
        * [22b5a6b415] :

        dialog: avoid creating dialog multiple times if deleted

        When an update command is received, the dialog is searched: before this
        commit, if the dialog was not found, `dlg` was returned as `null`, and a
        new dialog, **with the same coordinates** was created.
        This commit makes sure that the dialog is no longer created if already
        in deleted state, thus avoiding creating the dialog multiple times with
        the same coordinates.


2025-09-02  Razvan Crainea  <razvan at opensips dot org>
        * [380c06446e] :

        b2b_logic: avoid crash when copying sdp to deleted entity


2025-09-02  Razvan Crainea  <razvan at opensips dot org>
        * [09983273ea] :

        exec: close all fds before exec

        This prevents external processes from accessing (a lot of) OpenSIPS file
        descriptors.


2025-09-02  Razvan Crainea  <razvan at opensips dot org>
        * [a1ef1d828a] :

        aaa_diameter: add support for time AVPs


2025-09-01  Razvan Crainea  <razvan at opensips dot org>
        * [2702eade95] :

        python: fix Makefile lib name and includes


2025-09-01  Razvan Crainea  <razvan at opensips dot org>
        * [998cb26cfa] :

        packaging/debian: fix 4.0 changelog


2025-08-31  OpenSIPS  <github at opensips dot org>
        * [617d333903] :

        Rebuild documentation


2025-08-28  Razvan Crainea  <razvan at opensips dot org>
        * [cc11d0aaff] :

        b2b_sdp_demux: Fix leak in b2b server key creation

        Many thanks to Nuno Ferreira from Five9 for spotting, reporting and
        fixing this.


2025-08-26  Peter Lemenkov  <lemenkov at gmail dot com>
        * [af67945a87] :

        Make GCC happy by addressing its warnings about possibly uninitialized variables (#3690)

        * Possible free of unitialized variable

        It is possible that we can jump to `error` where we free `nt_name` right
        before initialization. So better to initialize it first.

        ```
        Compiling app_opensips/avps.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='aaa_diameter' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c app_opensips/avps.c -o app_opensips/avps.o
        app_opensips/avps.c: In function ‘parse_attr_def’:
        app_opensips/avps.c:732:9: warning: ‘nt_name’ may be used uninitialized [-Wmaybe-uninitialized]
          732 |         free(nt_name);
              |         ^~~~~~~~~~~~~
        app_opensips/avps.c:564:22: note: ‘nt_name’ was declared here
          564 |         char *name, *nt_name, *newp, *p = line, *end = p + len;
              |                      ^~~~~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

        * Possible use of unitialized variable

        Variable `old_state` can be used w/o being initialized. This patch fixed
        it.

        ```
        Compiling sharing_tags.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='clusterer' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c sharing_tags.c -o sharing_tags.o
        sharing_tags.c: In function ‘shtag_activate’:
        sharing_tags.c:746:49: warning: ‘old_state’ may be used uninitialized [-Wmaybe-uninitialized]
          746 |         if (ret==SHTAG_STATE_ACTIVE && old_state!=SHTAG_STATE_ACTIVE) {
        sharing_tags.c:685:18: note: ‘old_state’ was declared here
          685 |         int ret, old_state;
              |                  ^~~~~~~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

        * Make GCC happy

        GCC erroneously believes that `job_data` may be used uninitialized.
        Let's help him understand the situation better.

        ```
        Compiling kafka_producer.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='event_kafka' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -DWITH_GZFILEOP -c kafka_producer.c -o kafka_producer.o
        kafka_producer.c: In function ‘kafka_report_status’:
        kafka_producer.c:422:57: warning: ‘job_data’ may be used uninitialized [-Wmaybe-uninitialized]
          422 |         if (p->job->type == KAFKA_JOB_SCRIPT && job_data->report_rt)
              |                                                 ~~~~~~~~^~~~~~~~~~~
        kafka_producer.c:382:28: note: ‘job_data’ was declared here
          382 |         script_job_data_t *job_data;
              |                            ^~~~~~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

        * Make GCC happy

        GCC erroneously believes that `hdrs` may be used uninitialized. Let's
        help him understand the situation better.

        ```
        Compiling http2d.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='http2d' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include -c http2d.c -o http2d.o
        http2d.c: In function ‘h2_send_response’:
        http2d.c:267:25: warning: ‘hdrs’ may be used uninitialized [-Wmaybe-uninitialized]
          267 |                 for (it = hdrs->child; it; it = it->next, nh++, r->hdrs_len++) {
              |                      ~~~^~~~~~~~~~~~~
        http2d.c:138:16: note: ‘hdrs’ was declared here
          138 |         cJSON *hdrs, *it;
              |                ^~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

        ---------

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

2025-08-26  Razvan Crainea  <razvan at opensips dot org>
        * [c25a8fff73] :

        Avoid crashes in case variable are NULL

        Completes #3690


2025-08-26  Peter Lemenkov  <lemenkov at gmail dot com>
        * [19e2fac6f8] :

        Make GCC happy

        GCC erroneously believes that `hdrs` may be used uninitialized. Let's
        help him understand the situation better.

        ```
        Compiling http2d.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='http2d' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -I/usr/include -c http2d.c -o http2d.o
        http2d.c: In function ‘h2_send_response’:
        http2d.c:267:25: warning: ‘hdrs’ may be used uninitialized [-Wmaybe-uninitialized]
          267 |                 for (it = hdrs->child; it; it = it->next, nh++, r->hdrs_len++) {
              |                      ~~~^~~~~~~~~~~~~
        http2d.c:138:16: note: ‘hdrs’ was declared here
          138 |         cJSON *hdrs, *it;
              |                ^~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-08-26  Peter Lemenkov  <lemenkov at gmail dot com>
        * [9472e64813] :

        Make GCC happy

        GCC erroneously believes that `job_data` may be used uninitialized.
        Let's help him understand the situation better.

        ```
        Compiling kafka_producer.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='event_kafka' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -DWITH_GZFILEOP -c kafka_producer.c -o kafka_producer.o
        kafka_producer.c: In function ‘kafka_report_status’:
        kafka_producer.c:422:57: warning: ‘job_data’ may be used uninitialized [-Wmaybe-uninitialized]
          422 |         if (p->job->type == KAFKA_JOB_SCRIPT && job_data->report_rt)
              |                                                 ~~~~~~~~^~~~~~~~~~~
        kafka_producer.c:382:28: note: ‘job_data’ was declared here
          382 |         script_job_data_t *job_data;
              |                            ^~~~~~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-08-26  Peter Lemenkov  <lemenkov at gmail dot com>
        * [1c31a680e3] :

        Possible use of unitialized variable

        Variable `old_state` can be used w/o being initialized. This patch fixed
        it.

        ```
        Compiling sharing_tags.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='clusterer' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c sharing_tags.c -o sharing_tags.o
        sharing_tags.c: In function ‘shtag_activate’:
        sharing_tags.c:746:49: warning: ‘old_state’ may be used uninitialized [-Wmaybe-uninitialized]
          746 |         if (ret==SHTAG_STATE_ACTIVE && old_state!=SHTAG_STATE_ACTIVE) {
        sharing_tags.c:685:18: note: ‘old_state’ was declared here
          685 |         int ret, old_state;
              |                  ^~~~~~~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-08-26  Peter Lemenkov  <lemenkov at gmail dot com>
        * [233769bc12] :

        Possible free of unitialized variable

        It is possible that we can jump to `error` where we free `nt_name` right
        before initialization. So better to initialize it first.

        ```
        Compiling app_opensips/avps.c
        gcc -fPIC -DPIC -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DMOD_NAME='aaa_diameter' -DPKG_MALLOC  -DSHM_MMAP  -DUSE_MCAST  -DDISABLE_NAGLE  -DSTATISTICS  -DHAVE_RESOLV_RES  -DF_MALLOC  -DQ_MALLOC  -DHP_MALLOC  -DDBG_MALLOC  -DF_PARALLEL_MALLOC  -DHAVE_STDATOMIC -DHAVE_GENERICS  -DNAME='"opensips"' -DVERSION='"3.6.0"' -DARCH='"x86_64"' -DOS='"linux"' -DCOMPILER='"gcc 15"' -D__CPU_x86_64 -D__OS_linux -D__SMP_yes -DCFG_DIR='"/etc/opensips/"'  -DVERSIONTYPE='"git"' -DTHISREVISION='"07da80880"' -DFAST_LOCK -DADAPTIVE_WAIT -DADAPTIVE_WAIT_LOOPS=1024 -DHAVE_GETHOSTBYNAME2 -DHAVE_UNION_SEMUN -DHAVE_MSG_NOSIGNAL -DHAVE_MSGHDR_MSG_CONTROL -DHAVE_ALLOCA_H -DHAVE_TIMEGM -DHAVE_EPOLL -DHAVE_SIGIO_RT -DHAVE_SELECT -c app_opensips/avps.c -o app_opensips/avps.o
        app_opensips/avps.c: In function ‘parse_attr_def’:
        app_opensips/avps.c:732:9: warning: ‘nt_name’ may be used uninitialized [-Wmaybe-uninitialized]
          732 |         free(nt_name);
              |         ^~~~~~~~~~~~~
        app_opensips/avps.c:564:22: note: ‘nt_name’ was declared here
          564 |         char *name, *nt_name, *newp, *p = line, *end = p + len;
              |                      ^~~~~~~
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-08-26  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [be32acabdf] :

        Merge pull request #3693 from lemenkov/type_mismatch

        Fix various function or variable type mismatch

2025-08-26  Peter Lemenkov  <lemenkov at gmail dot com>
        * [5a986df0d0] :

        Replace distutils completely (#3697)

        The package distutils was deprecated in Python 3.10 and removed in 3.12.
        Let's switch to modern alternative. Also remove one extra shell call.

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>

2025-08-24  OpenSIPS  <github at opensips dot org>
        * [0f63d11efe] :

        Rebuild documentation


2025-08-21  Razvan Crainea  <razvan at opensips dot org>
        * [7fcf09dbd2] :

        mem: allow using system allocator without debugging


2025-08-20  Liviu Chircu  <liviu at opensips dot org>
        * [5de8ddd71b] :

        call_center: Check "cc_calls" against the "realtime" DB URL

        Per documentation: "To be more specific, the only runtime table we have
        so far is the "cc_calls" table."

        (cherry picked from commit 69ad46c9f8e0931f965f39f65031510b0aedf0ea)


2025-08-20  Razvan Crainea  <razvan at opensips dot org>
        * [65fc660cea] :

        transformations: re.subst may contain whitespaces


2025-08-20  Razvan Crainea  <razvan at opensips dot org>
        * [8dc91ddd68] :

        mi_datagram: use default buf size as constant define

        Prevents compile warning on older compilers (ubuntu bionic, redhat 7)


2025-08-18  Razvan Crainea  <razvan at opensips dot org>
        * [ab3ffa1d16] :

        rtpengine: reload servers under lock

        This prevents a crash running the child_init in the same time with a reload

        Many thanks go to ConnexCS for reporting and testing the fix!


2025-08-18  Razvan Crainea  <razvan at opensips dot org>
        * [d355468a64] :

        dialog: provide type of failed replicated packet


2025-08-17  OpenSIPS  <github at opensips dot org>
        * [a6ce0ae564] :

        Rebuild documentation


2025-08-13  Bence Szigeti  <bence.szigeti at gohyda dot com>
        * [ca7d6e5e04] :

        Make MI Datagram buffer size configurable (#3706)



2025-08-10  OpenSIPS  <github at opensips dot org>
        * [22ab4c856f] :

        Rebuild documentation


2025-08-06  Razvan Crainea  <razvan at opensips dot org>
        * [9b8c8edda4] :

        rtp_relay: rework failed rtp_relay_update requests handling


2025-08-03  OpenSIPS  <github at opensips dot org>
        * [b4b1ecf1d0] :

        Rebuild documentation


2025-07-30  Liviu Chircu  <liviu at opensips dot org>
        * [fb222f3d18] :

        aaa_diameter: Improve debug log


2025-07-29  Razvan Crainea  <razvan at opensips dot org>
        * [9f3b78a1ab] :

        proto_ipsec: fix documentation xml typo


2025-07-28  Liviu Chircu  <liviu at opensips dot org>
        * [b84307cd8f] :

        Merge pull request #3692 from dariusstefan/master

        aaa_diameter: update docs based on `ba06123`

2025-07-27  OpenSIPS  <github at opensips dot org>
        * [05a19baa0b] :

        Rebuild documentation


2025-07-25  Darius Stefan  <darius.stefan at opensips dot org>
        * [f0b1336e9c] :

        aaa_diameter: update docs based on `ba06123`


2025-07-25  Razvan Crainea  <razvan at opensips dot org>
        * [8662ce2df4] :

        aaa_diameter: provide tunable size for json logs


2025-07-25  Peter Lemenkov  <lemenkov at gmail dot com>
        * [aae9a1e746] :

        Fix variable type mismatch

        ```
        ebr_data.c:53:12: warning: type of ‘ebr_ipc_type’ does not match original declaration [-Wlto-type-mismatch]
           53 | extern int ebr_ipc_type;
              |            ^
        event_routing.c:65:18: note: type ‘ipc_handler_type’ should match type ‘int’
           65 | ipc_handler_type ebr_ipc_type;
              |                  ^
        event_routing.c:65:18: note: ‘ebr_ipc_type’ was previously declared here
        event_routing.c:65:18: note: code may be misoptimized unless ‘-fno-strict-aliasing’ is used
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-07-25  Peter Lemenkov  <lemenkov at gmail dot com>
        * [7b787f8495] :

        Fix function type mismatch

        Now it matches the documentation.

        ```
        domain.h:41:5: warning: type of ‘is_uri_host_local’ does not match original declaration [-Wlto-type-mismatch]
           41 | int is_uri_host_local(struct sip_msg* _msg, char* _s1, char* _s2);
              |     ^
        domain.c:235:5: note: type mismatch in parameter 3
          235 | int is_uri_host_local(struct sip_msg* _msg, pv_spec_t* _s1)
              |     ^
        domain.c:235:5: note: ‘is_uri_host_local’ was previously declared here
        domain.h:35:5: warning: type of ‘is_from_local’ does not match original declaration [-Wlto-type-mismatch]
           35 | int is_from_local(struct sip_msg* _msg, char* _s1, char* _s2);
              |     ^
        domain.c:219:5: note: type mismatch in parameter 3
          219 | int is_from_local(struct sip_msg* _msg, pv_spec_t* _s1)
              |     ^
        domain.c:219:5: note: ‘is_from_local’ was previously declared here
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-07-25  Peter Lemenkov  <lemenkov at gmail dot com>
        * [8d5d213ac5] :

        Fix function type mismatch

        Now it matches the documentation.

        ```
        authorize.h:31:5: warning: type of ‘jwt_db_authorize’ does not match original declaration [-Wlto-type-mismatch]
           31 | int jwt_db_authorize(struct sip_msg* _msg, str* jwt_token, pv_spec_t* auth_user);
              |     ^
        authorize.c:56:5: note: type mismatch in parameter 4
           56 | int jwt_db_authorize(struct sip_msg* _msg, str* jwt_token,
              |     ^
        authorize.c:56:5: note: ‘jwt_db_authorize’ was previously declared here
        ```

        Signed-off-by: Peter Lemenkov <lemenkov at gmail dot com>


2025-07-23  Liviu Chircu  <liviu at opensips dot org>
        * [7545056fec] :

        Bump development version


2025-07-23  Razvan Crainea  <razvan at opensips dot org>
        * [bebda2e5a6] :

        db_unixodbc: explicit add $(LOCALBASE)/include/odbc

        This fixes compile on FreeBSD.
        Close #3689


2025-07-23  Razvan Crainea  <razvan at opensips dot org>
        * [7bb7900d4a] :

        rtp_relay: let tm manage ref counting for failed sessions

        Close #3623
        Close #3539


2025-07-23  Razvan Crainea  <razvan at opensips dot org>
        * [0dad823138] :

        net: init all protos, but bind TCP only in main


2025-07-22  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [64a18da003] :

        Merge pull request #3688 from vladpaiu/fix_async_lock_replies

        run reply async resume callback under reply lock, as it might make changes to AVPs

2025-07-22  Liviu Chircu  <liviu at opensips dot org>
        * [ead9d4a991] :

        Merge pull request #3685 from asolovjov/increase_forced_binding_len

        registrar: increase MAX_FORCED_BINDING_LEN in save function

2025-07-21  Razvan Crainea  <razvan at opensips dot org>
        * [528f06be27] :

        rtpengine: guard from NULL msg

        Thanks to @goharahmed for his report. Close #3652


2025-07-21  Razvan Crainea  <razvan at opensips dot org>
        * [e34c7ba19f] :

        mi_script: fix documentation typos

        Many thangs to @QuincyGao on GitHub for reporting them.
        Close #3683


2025-07-20  OpenSIPS  <github at opensips dot org>
        * [91f860be04] :

        Rebuild documentation


2025-07-18  Vlad Paiu  <vladpaiu at opensips dot org>
        * [4e19188ecd] :

        run reply async resume callback under reply lock, as it might make changes to AVPs


2025-07-15  Artiom Druz  <38580109+Shkiperon at users.noreply.github dot com>
        * [e7d40c5c77] :

        Added menuconfig options to disable event_sqs and rtp.io module builds (#3678)



2025-07-15  Razvan Crainea  <razvan at opensips dot org>
        * [b5a8aa872d] :

        rtpengine: document extra failover cases (commit a1ba145)


2025-07-15  Steven Ayre  <steveayre at gmail dot com>
        * [a1ba145adb] :

        add support for resource limit error messages from rtpengine (#3682)

        support LOAD_LIMIT_CPU, LOAD_LIMIT_LOAD, LOAD_LIMIT_BW from rtpengine

        ```const char magic_load_limit_strings[__LOAD_LIMIT_MAX][64] = {
                [LOAD_LIMIT_MAX_SESSIONS] = "Parallel session limit reached",
                [LOAD_LIMIT_CPU] = "CPU usage limit exceeded",
                [LOAD_LIMIT_LOAD] = "Load limit exceeded",
                [LOAD_LIMIT_BW] = "Bandwidth limit exceeded",
        };```

        Co-authored-by: Steve Ayre <steven.ayre at dubber dot net>

2025-07-13  OpenSIPS  <github at opensips dot org>
        * [fdbc2e2b93] :

        Rebuild documentation


2025-07-11  Andrej Solovjov  <solovjov at kompaas dot tech>
        * [6416b57089] :

        registrar: increase MAX_FORCED_BINDING_LEN in save function

        Sometimes the SIP Contact header field URI can be larger than 256 chars.
        For example, 'pn-provider', 'pn-prid' and 'pn-param' should be in the
        URI if SIP UA requests push notifications and they can be quite long.


2025-07-09  Razvan Crainea  <razvan at opensips dot org>
        * [fba5079da4] :

        auth_aka: fix SIP-Authorization header build

        Before this commit, the RAND||AUTS would have been built in a buffer
        that would have been destroyed afterwards.


2025-07-07  Ibrahim Shahzad  <48486042+IbrahimShahzad at users.noreply.github dot com>
        * [d49884f305] :

        fix for transaction reset for reply (#3680)



2025-07-06  OpenSIPS  <github at opensips dot org>
        * [3c789cedc2] :

        Rebuild documentation


2025-07-01  Liviu Chircu  <liviu at opensips dot org>
        * [e144adc85d] :

        core: Minor code refactoring

        Skip unnecessary @md assignments, space out the code for readability.

        Related to #3675


2025-07-01  Liviu Chircu  <liviu at opensips dot org>
        * [eb3e892baf] :

        Merge pull request #3675 from sippy/pr_add_minit

        core: split DEP_REVERSE_INIT into _MINIT and _CINIT parts

2025-07-01  Larry Laffer  <larrylaffer130 at gmail dot com>
        * [d449aabc29] :

        [aaa_diameter] Ignore unknown AVPS in Diameter Replies (#3655)

        * Ignore unknown AVPs in replies

        * Clarify Log

2025-06-29  OpenSIPS  <github at opensips dot org>
        * [9f46d71e94] :

        Rebuild documentation


2025-06-27  Razvan Crainea  <razvan at opensips dot org>
        * [12ed692ecd] :

        rtp_relay: do not enforce from_tag for delete command


2025-06-25  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [fde3ff3e37] :

        Merge pull request #3634 from jes/proto-tls-fd

        Stop leaving sockets in CLOSE_WAIT on failed TLS connections

2025-06-25  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [f560625e1a] :

        [tm] remove some devel related DBG message


2025-06-25  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [e86b121b9b] :

        [dispatcher] fix resetting the persistent_state for default partition

        The modparam (as per docs) must change the default partition settings only
        Fixes #3635, reported by @nikbyte


2025-06-24  Razvan Crainea  <razvan at opensips dot org>
        * [0cad84b878] :

        permissions: remove unused variable


2025-06-24  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [d14b435906] :

        [permissions] fix allow_uri() URI parameter

        The parameter is a string, not pvar, so does not need to be evaluated
        Fixes #3645
        Reported by @gostkov


2025-06-23  Maksym Sobolyev  <sobomax at sippysoft dot com>
        * [c8770b66f3] :

        core: split DEP_REVERSE_INIT into _MINIT and _CINIT parts

        Add DEP_REVERSE_CINIT and DEP_REVERSE_MINIT dependency flags
        allowing to reverse mod_init() and child_init() init order
        independently.

        Make DEP_REVERSE_INIT be (DEP_REVERSE_CINIT|DEP_REVERSE_MINIT).


2025-06-22  OpenSIPS  <github at opensips dot org>
        * [07de05e1c0] :

        Rebuild documentation


2025-06-20  Razvan Crainea  <razvan at opensips dot org>
        * [30c5fdfd86] :

        cgrates: make sure ctx is released on backup node

        when cgrates ctx is being replicated, we need to release it when the
        dialog is destroyed, otherwise it will leak.

        Many thanks for @NicoFrLy on GitHub for reporting it.
        Close #3656


2025-06-20  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [5d599a8557] :

        [proto_tls] fix HEP leak upon failed TLS accepts

        Be sure and flush all pending HEP (tracing) messages on a TLS conn, even if the SSL negociation failed.
        Closes #3496.


2025-06-20  vladpaiu  <vladpaiu at opensips dot org>
        * [00305a4edf] :

        Disable TLS tickets for 1.2 and 1.3 in order to support reconnects after OpenSIPS restarts (#3673)



2025-06-19  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [0c54ee7df9] :

        Merge pull request #3654 from 36952362/master

        Resolve the issue of incomplete transmission of large SIP message over TLS protocol

2025-06-19  jupiter  <36952362 at qq dot com>
        * [f93daaf034] :

        adjust pending data in async mode logic


2025-06-18  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [38efd080d3] :

        Merge pull request #3664 from 36952362/tcp_connection

        Resolve the issue of inaccurate tcp_connections_no

2025-06-18  jupiter  <36952362 at qq dot com>
        * [cee5f5b2e7] :

        the access to ->async->pending should be under lock


2025-06-18  jupiter  <36952362 at qq dot com>
        * [fb9bc44379] :

        do not tcp_connections_no for non TCP MAIN procs


2025-06-17  Razvan Crainea  <razvan at opensips dot org>
        * [cdd4725444] :

        rtp*: guard from empty to_tag


2025-06-16  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [12085550c5] :

        Merge pull request #3670 from purecloudlabs/hotfix/permission-module-issues

        `permissions`: Stabilize the new storage backend

2025-06-16  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [03719466e1] :

        Merge pull request #3672 from jes/dnscache-fix

        Fix buffer overflow in dnscache (#3669)

2025-06-16  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [45f498b18f] :

        Merge pull request #3666 from NormB/NormB-clusterer-doc

        Update clusterer_admin.xml

2025-06-16  Razvan Crainea  <razvan at opensips dot org>
        * [352d8d56e6] :

        event_routing: avoid shm leak on error


2025-06-16  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [be61940db5] :

        Remove wrapping for exclude_modules line

        This is not supported by the menuconfig tool
        Reported by @rrb3942, closes #3658


2025-06-16  Razvan Crainea  <razvan at opensips dot org>
        * [d2c682cbf6] :

        dialog: replicate cseq changes on every reqlayed request


2025-06-15  OpenSIPS  <github at opensips dot org>
        * [dd9400f4e6] :

        Rebuild documentation


2025-06-12  James Stanley  <james at incoherency.co dot uk>
        * [c585e06592] :

        Fix buffer overflow in dnscache (#3669)

        `addr_no` and `alias_no` are calculated based on whichever is
        smaller out of the actual number of addresses/aliases, and
        `MAXADDRS-1`/`MAXALIASES-1`.

        But then the code inserted all of the actual number of
        addresses/aliases anyway, which makes for a potential buffer
        overflow, and corrupted deserialisation later.


2025-06-10  Bence Szigeti  <bence.szigeti at gohyda dot com>
        * [06cdb055e7] :

        `permissions`: Add extra check on address


2025-06-10  Bence Szigeti  <bence.szigeti at gohyda dot com>
        * [491c4b1426] :

        `permissions`: Fix error handling


2025-06-10  Bence Szigeti  <bence.szigeti at gohyda dot com>
        * [3514850737] :

        `permissions`: Fix invalid pointer access


2025-06-10  Razvan Crainea  <razvan at opensips dot org>
        * [4ccf042ceb] :

        b2b_logic: add $b2b_logic.peer variable


2025-06-10  Razvan Crainea  <razvan at opensips dot org>
        * [1fff680f0c] :

        b2b_logic: reverse peer when entity not specified

        completes/fixes commit f2ef8d391b


2025-06-10  Razvan Crainea  <razvan at opensips dot org>
        * [a7197f867d] :

        b2b_logic: determine entity type if not explicit


2025-06-10  Razvan Crainea  <razvan at opensips dot org>
        * [6da409d4c8] :

        siprec: docs clarify when recoring is started

        Thanks to Walter Schober on mailing list for reporing the inconsistency


2025-06-08  OpenSIPS  <github at opensips dot org>
        * [517e08e1a8] :

        Rebuild documentation


2025-06-06  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [69a785e112] :

        [event_routing] added new sync wait_for_event() function

        This is exeactly the same as the async function, but does inline blocking/waiting until the event is received.
        The function is very useful in script routes that does not have async support


2025-06-06  Norm Brandinger  <nbrandinger at planet dot net>
        * [98347446b8] :

        Update sockets_mgm_admin.xml (#3667)



2025-06-05  Norm Brandinger  <nbrandinger at planet dot net>
        * [882eebb765] :

        Update clusterer_admin.xml

2025-06-04  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [224beb4924] :

        Merge pull request #3661 from NormB/patch-1

        Documentation spelling update

2025-06-04  Norm Brandinger  <n.brandinger at gmail dot com>
        * [b759b2ab63] :

        Merge branch 'OpenSIPS:master' into patch-1


2025-06-04  Norm Brandinger  <nbrandinger at planet dot net>
        * [b02b1badcf] :

        Update sockets_mgm_admin.xml

2025-06-04  jupiter  <36952362 at qq dot com>
        * [8e2ce2f984] :

        Resolve the issue of inaccurate tcp_connections_no


2025-06-03  Razvan Crainea  <razvan at opensips dot org>
        * [4754e12bbc] :

        b2b_logic: fix typo on tuple error


2025-06-03  Bogdan-Andrei Iancu  <bogdan at opensips dot org>
        * [a1caf3b621] :

        [domain] updated docs

        Added new "subdomain_col" mod param


2025-06-02  Norm Brandinger  <nbrandinger at planet dot net>
        * [02fea4606e] :

        Update README

2025-06-01  OpenSIPS  <github at opensips dot org>
        * [fd3a22c92c] :

        Rebuild documentation


2025-05-30  Bogdan Andrei IANCU  <bogdan at opensips dot org>
        * [ad540e9c98] :

        Merge pull request #3653 from ovidiusas/master

        domain: accept BIGINT type for accept_subdomain column

2025-05-29  Razvan Crainea  <razvan at opensips dot org>
        * [f7109b1df1] :

        cachedb_redis: fix c99 requirements


2025-05-25  Liviu Chircu  <liviu at opensips dot org>
        * [b108c1cd07] :

        SDP variables: Integrate into SIP msg processing

        Initial SDP operations integration, relaying seems to work as expected.


2025-05-25  Liviu Chircu  <liviu at opensips dot org>
        * [5afd61a37c] :

        SDP variables: Rework to allow PV as indexes (stream/line/token)


2025-05-25  Liviu Chircu  <liviu at opensips dot org>
        * [da64ab99cc] :

        SDP variables: Add test suites for $sdp.stream and $sdp.session


2025-05-25  Liviu Chircu  <liviu at opensips dot org>
        * [63c76aaeec] :

        "assert" cfg statement: Few improvements

        * make the 2nd param (assert description) optional
        * add file/line to the error log, as a replacement for lack of param #2


2025-05-25  OpenSIPS  <github at opensips dot org>
        * [de35f7ce6d] :

        Rebuild documentation


2025-05-24  Razvan Crainea  <razvan at opensips dot org>
        * [78a49b1e7b] :

        domain: usr correct table version and bump it properly


2025-05-23  Ovidiu Sas  <osas at voipembedded dot com>
        * [7e208af970] :

        domain: accept BIGINT type for accept_subdomain column


2025-05-23  Liviu Chircu  <liviu at opensips dot org>
        * [9561fe4836] :

        $sdp.line: Minimize SDP buffer rebuilds during READ/WRITE ops


2025-05-23  Liviu Chircu  <liviu at opensips dot org>
        * [4902037a7c] :

        SDP variables: Add test suite for $sdp and $sdp.line


2025-05-21  Liviu Chircu  <liviu at opensips dot org>
        * [39cd732faa] :

        Bump development version


