res_pjsip: Remove ephemeral registered contacts on transport shutdown.
[asterisk/asterisk.git] / res / res_pjsip.c
index cdad365..ca0c301 100644 (file)
@@ -24,6 +24,7 @@
 #include <pjsip/sip_transaction.h>
 #include <pj/timer.h>
 #include <pjlib.h>
+#include <pjmedia/errno.h>
 
 #include "asterisk/res_pjsip.h"
 #include "res_pjsip/include/res_pjsip_private.h"
                                <configOption name="allow">
                                        <synopsis>Media Codec(s) to allow</synopsis>
                                </configOption>
+                               <configOption name="allow_overlap" default="yes">
+                                       <synopsis>Enable RFC3578 overlap dialing support.</synopsis>
+                               </configOption>
                                <configOption name="aors">
                                        <synopsis>AoR(s) to be used with the endpoint</synopsis>
                                        <description><para>
                                                This is a comma-delimited list of <replaceable>auth</replaceable> sections defined
                                                in <filename>pjsip.conf</filename> to be used to verify inbound connection attempts.
                                                </para><para>
-                                               Endpoints without an <literal>authentication</literal> object
-                                               configured will allow connections without vertification.
-                                       </para></description>
+                                               Endpoints without an authentication object
+                                               configured will allow connections without verification.</para>
+                                               <note><para>
+                                               Using the same auth section for inbound and outbound
+                                               authentication is not recommended.  There is a difference in
+                                               meaning for an empty realm setting between inbound and outbound
+                                               authentication uses.  See the auth realm description for details.
+                                               </para></note>
+                                       </description>
                                </configOption>
                                <configOption name="callerid">
                                        <synopsis>CallerID information for the endpoint</synopsis>
                                        <description>
                                                <para>Method used when updating connected line information.</para>
                                                <enumlist>
-                                                       <enum name="invite" />
+                                                       <enum name="invite">
+                                                       <para>When set to <literal>invite</literal>, check the remote's Allow header and
+                                                       if UPDATE is allowed, send UPDATE instead of INVITE to avoid SDP
+                                                       renegotiation.  If UPDATE is not Allowed, send INVITE.</para>
+                                                       </enum>
                                                        <enum name="reinvite">
                                                                <para>Alias for the <literal>invite</literal> value.</para>
                                                        </enum>
-                                                       <enum name="update" />
+                                                       <enum name="update">
+                                                       <para>If set to <literal>update</literal>, send UPDATE regardless of what the remote
+                                                       Allows. </para>
+                                                       </enum>
                                                </enumlist>
                                        </description>
                                </configOption>
                                                        <enum name="info">
                                                                <para>DTMF is sent as SIP INFO packets.</para>
                                                        </enum>
-                                                        <enum name="auto">
-                                                                <para>DTMF is sent as RFC 4733 if the other side supports it or as INBAND if not.</para>
-                                                        </enum>
-
+                                                       <enum name="auto">
+                                                               <para>DTMF is sent as RFC 4733 if the other side supports it or as INBAND if not.</para>
+                                                       </enum>
+                                                       <enum name="auto_info">
+                                                               <para>DTMF is sent as RFC 4733 if the other side supports it or as SIP INFO if not.</para>
+                                                       </enum>
                                                </enumlist>
                                        </description>
                                </configOption>
                                <configOption name="identify_by" default="username,location">
                                        <synopsis>Way(s) for Endpoint to be identified</synopsis>
                                        <description><para>
-                                               An endpoint can be identified in multiple ways. Currently, the only supported
-                                               option is <literal>username</literal>, which matches the endpoint based on the
-                                               username in the From header.
+                                               Endpoints and aors can be identified in multiple ways. Currently, the supported
+                                               options are <literal>username</literal>, which matches the endpoint or aor id based on
+                                               the username and domain in the From header (or To header for aors), and
+                                               <literal>auth_username</literal>, which matches the endpoint or aor id based on the
+                                               username and realm in the Authentication header.  In all cases, if an exact match
+                                               on both username and domain/realm fails, the match will be retried with just the username.
                                                </para>
+                                               <note><para>
+                                               Identification by auth_username has some security considerations because an
+                                               Authentication header is not present on the first message of a dialog when
+                                               digest authentication is used.  The client can't generate it until the server
+                                               sends the challenge in a 401 response.  Since Asterisk normally sends a security
+                                               event when an incoming request can't be matched to an endpoint, using auth_username
+                                               requires that the security event be deferred until a request is received with
+                                               the Authentication header and only generated if the username doesn't result in a
+                                               match.  This may result in a delay before an attack is recognized.  You can control
+                                               how many unmatched requests are received from a single ip address before a security
+                                               event is generated using the unidentified_request parameters in the "global"
+                                               configuration object.
+                                               </para></note>
                                                <note><para>Endpoints can also be identified by IP address; however, that method
                                                of identification is not handled by this configuration option. See the documentation
                                                for the <literal>identify</literal> configuration section for more details on that
-                                               method of endpoint identification. If this option is set to <literal>username</literal>
-                                               and an <literal>identify</literal> configuration section exists for the endpoint, then
-                                               the endpoint can be identified in multiple ways.</para></note>
+                                               method of endpoint identification. If this option is set and an <literal>identify</literal>
+                                               configuration section exists for the endpoint, then the endpoint can be identified in
+                                               multiple ways.</para></note>
                                                <enumlist>
                                                        <enum name="username" />
+                                                       <enum name="auth_username" />
                                                </enumlist>
                                        </description>
                                </configOption>
                                                configuration.
                                        </para></description>
                                </configOption>
+                               <configOption name="mwi_subscribe_replaces_unsolicited">
+                                       <synopsis>An MWI subscribe will replace sending unsolicited NOTIFYs</synopsis>
+                               </configOption>
+                               <configOption name="voicemail_extension">
+                                       <synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
+                               </configOption>
                                <configOption name="moh_suggest" default="default">
                                        <synopsis>Default Music On Hold class</synopsis>
                                </configOption>
                                <configOption name="outbound_auth">
-                                       <synopsis>Authentication object used for outbound requests</synopsis>
+                                       <synopsis>Authentication object(s) used for outbound requests</synopsis>
+                                       <description><para>
+                                               This is a comma-delimited list of <replaceable>auth</replaceable>
+                                               sections defined in <filename>pjsip.conf</filename> used to respond
+                                               to outbound connection authentication challenges.</para>
+                                               <note><para>
+                                               Using the same auth section for inbound and outbound
+                                               authentication is not recommended.  There is a difference in
+                                               meaning for an empty realm setting between inbound and outbound
+                                               authentication uses.  See the auth realm description for details.
+                                               </para></note>
+                                       </description>
                                </configOption>
                                <configOption name="outbound_proxy">
-                                       <synopsis>Proxy through which to send requests, a full SIP URI must be provided</synopsis>
+                                       <synopsis>Full SIP URI of the outbound proxy used to send requests</synopsis>
                                </configOption>
                                <configOption name="rewrite_contact">
                                        <synopsis>Allow Contact header to be rewritten with the source IP address-port</synopsis>
                                        <description><para>
-                                               On inbound SIP messages from this endpoint, the Contact header or an appropriate Record-Route
-                                               header will be changed to have the source IP address and port. This option does not affect
-                                               outbound messages sent to this endpoint.
+                                               On inbound SIP messages from this endpoint, the Contact header or an
+                                               appropriate Record-Route header will be changed to have the source IP
+                                               address and port.  This option does not affect outbound messages sent to
+                                               this endpoint.  This option helps servers communicate with endpoints
+                                               that are behind NATs.  This option also helps reuse reliable transport
+                                               connections such as TCP and TLS.
                                        </para></description>
                                </configOption>
                                <configOption name="rtp_ipv6" default="no">
                                <configOption name="g726_non_standard" default="no">
                                        <synopsis>Force g.726 to use AAL2 packing order when negotiating g.726 audio</synopsis>
                                        <description><para>
-                                                When set to "yes" and an endpoint negotiates g.726 audio then use g.726 for AAL2
-                                                packing order instead of what is recommended by RFC3551. Since this essentially
-                                                replaces the underlying 'g726' codec with 'g726aal2' then 'g726aal2' needs to be
-                                                specified in the endpoint's allowed codec list.
+                                               When set to "yes" and an endpoint negotiates g.726 audio then use g.726 for AAL2
+                                               packing order instead of what is recommended by RFC3551. Since this essentially
+                                               replaces the underlying 'g726' codec with 'g726aal2' then 'g726aal2' needs to be
+                                               specified in the endpoint's allowed codec list.
                                        </para></description>
                                </configOption>
                                <configOption name="inband_progress" default="no">
                                        <synopsis>Determines whether chan_pjsip will indicate ringing using inband
-                                           progress.</synopsis>
+                                               progress.</synopsis>
                                        <description><para>
                                                If set to <literal>yes</literal>, chan_pjsip will send a 183 Session Progress
                                                when told to indicate ringing and will immediately start sending ringing
                                                detected.
                                        </para></description>
                                </configOption>
+                               <configOption name="fax_detect_timeout">
+                                       <synopsis>How long into a call before fax_detect is disabled for the call</synopsis>
+                                       <description><para>
+                                               The option determines how many seconds into a call before the
+                                               fax_detect option is disabled for the call.  Setting the value
+                                               to zero disables the timeout.
+                                       </para></description>
+                               </configOption>
                                <configOption name="t38_udptl_nat" default="no">
                                        <synopsis>Whether NAT support is enabled on UDPTL sessions</synopsis>
                                        <description><para>
                                <configOption name="set_var">
                                        <synopsis>Variable set on a channel involving the endpoint.</synopsis>
                                        <description><para>
-                                               When a new channel is created using the endpoint set the specified
+                                               When a new channel is created using the endpoint set the specified
                                                variable(s) on that channel. For multiple channel variables specify
                                                multiple 'set_var'(s).
                                        </para></description>
                                                have this accountcode set on it.
                                        </para></description>
                                </configOption>
+                               <configOption name="preferred_codec_only" default="no">
+                                       <synopsis>Respond to a SIP invite with the single most preferred codec rather than advertising all joint codec capabilities. This limits the other side's codec choice to exactly what we prefer.</synopsis>
+                               </configOption>
                                <configOption name="rtp_keepalive">
                                        <synopsis>Number of seconds between RTP comfort noise keepalive packets.</synopsis>
                                        <description><para>
                                                channel is hung up. By default this option is set to 0, which means do not check.
                                        </para></description>
                                </configOption>
+                               <configOption name="acl">
+                                       <synopsis>List of IP ACL section names in acl.conf</synopsis>
+                                       <description><para>
+                                               This matches sections configured in <literal>acl.conf</literal>. The value is
+                                               defined as a list of comma-delimited section names.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="deny">
+                                       <synopsis>List of IP addresses to deny access from</synopsis>
+                                       <description><para>
+                                               The value is a comma-delimited list of IP addresses. IP addresses may
+                                               have a subnet mask appended. The subnet mask may be written in either
+                                               CIDR or dotted-decimal notation. Separate the IP address and subnet
+                                               mask with a slash ('/')
+                                       </para></description>
+                               </configOption>
+                               <configOption name="permit">
+                                       <synopsis>List of IP addresses to permit access from</synopsis>
+                                       <description><para>
+                                               The value is a comma-delimited list of IP addresses. IP addresses may
+                                               have a subnet mask appended. The subnet mask may be written in either
+                                               CIDR or dotted-decimal notation. Separate the IP address and subnet
+                                               mask with a slash ('/')
+                                       </para></description>
+                               </configOption>
+                               <configOption name="contact_acl">
+                                       <synopsis>List of Contact ACL section names in acl.conf</synopsis>
+                                       <description><para>
+                                               This matches sections configured in <literal>acl.conf</literal>. The value is
+                                               defined as a list of comma-delimited section names.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="contact_deny">
+                                       <synopsis>List of Contact header addresses to deny</synopsis>
+                                       <description><para>
+                                               The value is a comma-delimited list of IP addresses. IP addresses may
+                                               have a subnet mask appended. The subnet mask may be written in either
+                                               CIDR or dotted-decimal notation. Separate the IP address and subnet
+                                               mask with a slash ('/')
+                                       </para></description>
+                               </configOption>
+                               <configOption name="contact_permit">
+                                       <synopsis>List of Contact header addresses to permit</synopsis>
+                                       <description><para>
+                                               The value is a comma-delimited list of IP addresses. IP addresses may
+                                               have a subnet mask appended. The subnet mask may be written in either
+                                               CIDR or dotted-decimal notation. Separate the IP address and subnet
+                                               mask with a slash ('/')
+                                       </para></description>
+                               </configOption>
+                               <configOption name="subscribe_context">
+                                       <synopsis>Context for incoming MESSAGE requests.</synopsis>
+                                       <description><para>
+                                               If specified, incoming SUBSCRIBE requests will be searched for the matching
+                                               extension in the indicated context.
+                                               If no <replaceable>subscribe_context</replaceable> is specified,
+                                               then the <replaceable>context</replaceable> setting is used.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="contact_user" default="">
+                                       <synopsis>Force the user on the outgoing Contact header to this value.</synopsis>
+                                       <description><para>
+                                               On outbound requests, force the user portion of the Contact header to this value.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="asymmetric_rtp_codec" default="no">
+                                       <synopsis>Allow the sending and receiving RTP codec to differ</synopsis>
+                                       <description><para>
+                                               When set to "yes" the codec in use for sending will be allowed to differ from
+                                               that of the received one. PJSIP will not automatically switch the sending one
+                                               to the receiving one.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="rtcp_mux" default="no">
+                                       <synopsis>Enable RFC 5761 RTCP multiplexing on the RTP port</synopsis>
+                                       <description><para>
+                                               With this option enabled, Asterisk will attempt to negotiate the use of the "rtcp-mux"
+                                               attribute on all media streams. This will result in RTP and RTCP being sent and received
+                                               on the same port. This shifts the demultiplexing logic to the application rather than
+                                               the transport layer. This option is useful when interoperating with WebRTC endpoints
+                                               since they mandate this option's use.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="refer_blind_progress" default="yes">
+                                       <synopsis>Whether to notifies all the progress details on blind transfer</synopsis>
+                                       <description><para>
+                                               Some SIP phones (Mitel/Aastra, Snom) expect a sip/frag "200 OK"
+                                               after REFER has been accepted. If set to <literal>no</literal> then asterisk
+                                               will not send the progress details, but immediately will send "200 OK".
+                                       </para></description>
+                               </configOption>
+                               <configOption name="notify_early_inuse_ringing" default="no">
+                                       <synopsis>Whether to notifies dialog-info 'early' on InUse&amp;Ringing state</synopsis>
+                                       <description><para>
+                                               Control whether dialog-info subscriptions get 'early' state
+                                               on Ringing when already INUSE.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="max_audio_streams" default="1">
+                                       <synopsis>The maximum number of allowed audio streams for the endpoint</synopsis>
+                                       <description><para>
+                                               This option enforces a limit on the maximum simultaneous negotiated audio
+                                               streams allowed for the endpoint.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="max_video_streams" default="1">
+                                       <synopsis>The maximum number of allowed video streams for the endpoint</synopsis>
+                                       <description><para>
+                                               This option enforces a limit on the maximum simultaneous negotiated video
+                                               streams allowed for the endpoint.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="bundle" default="no">
+                                       <synopsis>Enable RTP bundling</synopsis>
+                                       <description><para>
+                                               With this option enabled, Asterisk will attempt to negotiate the use of bundle.
+                                               If negotiated this will result in multiple RTP streams being carried over the same
+                                               underlying transport. Note that enabling bundle will also enable the rtcp_mux option.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="webrtc" default="no">
+                                       <synopsis>Defaults and enables some options that are relevant to WebRTC</synopsis>
+                                       <description><para>
+                                               When set to "yes" this also enables the following values that are needed in
+                                               order for basic WebRTC support to work: rtcp_mux, use_avpf, ice_support, and
+                                               use_received_transport. The following configuration settings also get defaulted
+                                               as follows:</para>
+                                               <para>media_encryption=dtls</para>
+                                               <para>dtls_verify=fingerprint</para>
+                                               <para>dtls_setup=actpass</para>
+                                       </description>
+                               </configOption>
                        </configObject>
                        <configObject name="auth">
                                <synopsis>Authentication type</synopsis>
                                        <synopsis>PlainText password used for authentication.</synopsis>
                                        <description><para>Only used when auth_type is <literal>userpass</literal>.</para></description>
                                </configOption>
-                               <configOption name="realm" default="asterisk">
+                               <configOption name="realm">
                                        <synopsis>SIP realm for endpoint</synopsis>
+                                       <description><para>
+                                               The treatment of this value depends upon how the authentication
+                                               object is used.
+                                               </para><para>
+                                               When used as an inbound authentication object, the realm is sent
+                                               as part of the challenge so the peer can know which key to use
+                                               when responding.  An empty value will use the
+                                               <replaceable>global</replaceable> section's
+                                               <literal>default_realm</literal> value when issuing a challenge.
+                                               </para><para>
+                                               When used as an outbound authentication object, the realm is
+                                               matched with the received challenge realm to determine which
+                                               authentication object to use when responding to the challenge.  An
+                                               empty value matches any challenging realm when determining
+                                               which authentication object matches a received challenge.
+                                               </para>
+                                               <note><para>
+                                               Using the same auth section for inbound and outbound
+                                               authentication is not recommended.  There is a difference in
+                                               meaning for an empty realm setting between inbound and outbound
+                                               authentication uses.</para></note>
+                                       </description>
                                </configOption>
                                <configOption name="type">
                                        <synopsis>Must be 'auth'</synopsis>
                                                Value is in milliseconds; default is 100 ms.</para>
                                        </description>
                                </configOption>
+                               <configOption name="allow_reload" default="no">
+                                       <synopsis>Allow this transport to be reloaded.</synopsis>
+                                       <description>
+                                               <para>Allow this transport to be reloaded when res_pjsip is reloaded.
+                                               This option defaults to "no" because reloading a transport may disrupt
+                                               in-progress calls.</para>
+                                       </description>
+                               </configOption>
+                               <configOption name="symmetric_transport" default="no">
+                                       <synopsis>Use the same transport for outgoing reqests as incoming ones.</synopsis>
+                                       <description>
+                                               <para>When a request from a dynamic contact
+                                                       comes in on a transport with this option set to 'yes',
+                                                       the transport name will be saved and used for subsequent
+                                                       outgoing requests like OPTIONS, NOTIFY and INVITE.  It's
+                                                       saved as a contact uri parameter named 'x-ast-txp' and will
+                                                       display with the contact uri in CLI, AMI, and ARI output.
+                                                       On the outgoing request, if a transport wasn't explicitly
+                                                       set on the endpoint AND the request URI is not a hostname,
+                                                       the saved transport will be used and the 'x-ast-txp'
+                                                       parameter stripped from the outgoing packet.
+                                               </para>
+                                       </description>
+                               </configOption>
                        </configObject>
                        <configObject name="contact">
                                <synopsis>A way of creating an aliased name to a SIP URI</synopsis>
                                                If <literal>0</literal> no timeout. Time in fractional seconds.
                                        </para></description>
                                </configOption>
+                               <configOption name="authenticate_qualify" default="no">
+                                       <synopsis>Authenticates a qualify request if needed</synopsis>
+                                       <description><para>
+                                               If true and a qualify request receives a challenge or authenticate response
+                                               authentication is attempted before declaring the contact available.
+                                       </para></description>
+                               </configOption>
                                <configOption name="outbound_proxy">
                                        <synopsis>Outbound proxy used when sending OPTIONS request</synopsis>
                                        <description><para>
                                                REGISTER requests and is not intended to be configured manually.
                                        </para></description>
                                </configOption>
+                               <configOption name="endpoint">
+                                       <synopsis>Endpoint name</synopsis>
+                                       <description><para>
+                                               The name of the endpoint this contact belongs to
+                                       </para></description>
+                               </configOption>
+                               <configOption name="reg_server">
+                                       <synopsis>Asterisk Server name</synopsis>
+                                       <description><para>
+                                               Asterisk Server name on which SIP endpoint registered.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="via_addr">
+                                       <synopsis>IP-address of the last Via header from registration.</synopsis>
+                                       <description><para>
+                                               The last Via header should contain the address of UA which sent the request.
+                                               The IP-address of the last Via header is automatically stored based on data present
+                                               in incoming SIP REGISTER requests and is not intended to be configured manually.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="via_port">
+                                       <synopsis>IP-port of the last Via header from registration.</synopsis>
+                                       <description><para>
+                                               The IP-port of the last Via header is automatically stored based on data present
+                                               in incoming SIP REGISTER requests and is not intended to be configured manually.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="call_id">
+                                       <synopsis>Call-ID header from registration.</synopsis>
+                                       <description><para>
+                                               The Call-ID header is automatically stored based on data present
+                                               in incoming SIP REGISTER requests and is not intended to be configured manually.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="prune_on_boot">
+                                       <synopsis>A contact that cannot survive a restart/boot.</synopsis>
+                                       <description><para>
+                                               The option is set if the incoming SIP REGISTER contact is rewritten
+                                               on a reliable transport and is not intended to be configured manually.
+                                       </para></description>
+                               </configOption>
                        </configObject>
                        <configObject name="aor">
                                <synopsis>The configuration for a location of an endpoint</synopsis>
                                                endpoint configuration section to enable unsolicited MWI NOTIFYs to the endpoint.
                                        </para></description>
                                </configOption>
+                               <configOption name="voicemail_extension">
+                                       <synopsis>The voicemail extension to send in the NOTIFY Message-Account header</synopsis>
+                               </configOption>
                                <configOption name="maximum_expiration" default="7200">
                                        <synopsis>Maximum time to keep an AoR</synopsis>
                                        <description><para>
                                <configOption name="keep_alive_interval" default="0">
                                        <synopsis>The interval (in seconds) to send keepalives to active connection-oriented transports.</synopsis>
                                </configOption>
+                               <configOption name="contact_expiration_check_interval" default="30">
+                                       <synopsis>The interval (in seconds) to check for expired contacts.</synopsis>
+                               </configOption>
+                               <configOption name="disable_multi_domain" default="no">
+                                       <synopsis>Disable Multi Domain support</synopsis>
+                                       <description><para>
+                                               If disabled it can improve realtime performace by reducing number of database requsts.
+                                       </para></description>
+                               </configOption>
                                <configOption name="max_initial_qualify_time" default="0">
                                        <synopsis>The maximum amount of time from startup that qualifies should be attempted on all contacts.
                                        If greater than the qualify_frequency for an aor, qualify_frequency will be used instead.</synopsis>
                                </configOption>
+                               <configOption name="unidentified_request_period" default="5">
+                                       <synopsis>The number of seconds over which to accumulate unidentified requests.</synopsis>
+                                       <description><para>
+                                       If <literal>unidentified_request_count</literal> unidentified requests are received
+                                       during <literal>unidentified_request_period</literal>, a security event will be generated.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="unidentified_request_count" default="5">
+                                       <synopsis>The number of unidentified requests from a single IP to allow.</synopsis>
+                                       <description><para>
+                                       If <literal>unidentified_request_count</literal> unidentified requests are received
+                                       during <literal>unidentified_request_period</literal>, a security event will be generated.
+                                       </para></description>
+                               </configOption>
+                               <configOption name="unidentified_request_prune_interval" default="30">
+                                       <synopsis>The interval at which unidentified requests are older than
+                                       twice the unidentified_request_period are pruned.</synopsis>
+                               </configOption>
                                <configOption name="type">
                                        <synopsis>Must be of type 'global'.</synopsis>
                                </configOption>
                                        <synopsis>Value used in User-Agent header for SIP requests and Server header for SIP responses.</synopsis>
                                </configOption>
                                <configOption name="regcontext" default="">
-                                        <synopsis>When set, Asterisk will dynamically create and destroy a NoOp priority 1 extension for a given
-                                       peer who registers or unregisters with us.</synopsis>
-                                </configOption>
+                                       <synopsis>When set, Asterisk will dynamically create and destroy a NoOp priority 1 extension for a given
+                                               peer who registers or unregisters with us.</synopsis>
+                               </configOption>
                                <configOption name="default_outbound_endpoint" default="default_outbound_endpoint">
                                        <synopsis>Endpoint to use when sending an outbound request to a URI without a specified endpoint.</synopsis>
                                </configOption>
+                               <configOption name="default_voicemail_extension">
+                                       <synopsis>The voicemail extension to send in the NOTIFY Message-Account header if not specified on endpoint or aor</synopsis>
+                               </configOption>
                                <configOption name="debug" default="no">
                                        <synopsis>Enable/Disable SIP debug logging.  Valid options include yes|no or
-                                        a host address</synopsis>
+                                               a host address</synopsis>
                                </configOption>
                                <configOption name="endpoint_identifier_order" default="ip,username,anonymous">
                                        <synopsis>The order by which endpoint identifiers are processed and checked.
-                                        Identifier names are usually derived from and can be found in the endpoint
-                                        identifier module itself (res_pjsip_endpoint_identifier_*)</synopsis>
+                                               Identifier names are usually derived from and can be found in the endpoint
+                                               identifier module itself (res_pjsip_endpoint_identifier_*).
+                                               You can use the CLI command "pjsip show identifiers" to see the
+                                               identifiers currently available.</synopsis>
+                                       <description>
+                                               <note><para>
+                                               One of the identifiers is "auth_username" which matches on the username in
+                                               an Authentication header.  This method has some security considerations because an
+                                               Authentication header is not present on the first message of a dialog when
+                                               digest authentication is used.  The client can't generate it until the server
+                                               sends the challenge in a 401 response.  Since Asterisk normally sends a security
+                                               event when an incoming request can't be matched to an endpoint, using auth_username
+                                               requires that the security event be deferred until a request is received with
+                                               the Authentication header and only generated if the username doesn't result in a
+                                               match.  This may result in a delay before an attack is recognized.  You can control
+                                               how many unmatched requests are received from a single ip address before a security
+                                               event is generated using the unidentified_request parameters.
+                                               </para></note>
+                                       </description>
                                </configOption>
                                <configOption name="default_from_user" default="asterisk">
                                        <synopsis>When Asterisk generates an outgoing SIP request, the From header username will be
-                                        set to this value if there is no better option (such as CallerID) to be
-                                        used.</synopsis>
+                                               set to this value if there is no better option (such as CallerID) to be
+                                               used.</synopsis>
+                               </configOption>
+                               <configOption name="default_realm" default="asterisk">
+                                       <synopsis>When Asterisk generates a challenge, the digest realm will be
+                                               set to this value if there is no better option (such as auth/realm) to be
+                                               used.</synopsis>
+                               </configOption>
+                               <configOption name="mwi_tps_queue_high" default="500">
+                                       <synopsis>MWI taskprocessor high water alert trigger level.</synopsis>
+                                       <description>
+                                               <para>On a heavily loaded system you may need to adjust the
+                                               taskprocessor queue limits.  If any taskprocessor queue size
+                                               reaches its high water level then pjsip will stop processing
+                                               new requests until the alert is cleared.  The alert clears
+                                               when all alerting taskprocessor queues have dropped to their
+                                               low water clear level.
+                                               </para>
+                                       </description>
+                               </configOption>
+                               <configOption name="mwi_tps_queue_low" default="-1">
+                                       <synopsis>MWI taskprocessor low water clear alert level.</synopsis>
+                                       <description>
+                                               <para>On a heavily loaded system you may need to adjust the
+                                               taskprocessor queue limits.  If any taskprocessor queue size
+                                               reaches its high water level then pjsip will stop processing
+                                               new requests until the alert is cleared.  The alert clears
+                                               when all alerting taskprocessor queues have dropped to their
+                                               low water clear level.
+                                               </para>
+                                               <note><para>Set to -1 for the low water level to be 90% of
+                                               the high water level.</para></note>
+                                       </description>
+                               </configOption>
+                               <configOption name="mwi_disable_initial_unsolicited" default="no">
+                                       <synopsis>Enable/Disable sending unsolicited MWI to all endpoints on startup.</synopsis>
+                                       <description>
+                                               <para>When the initial unsolicited MWI notification are
+                                               enabled on startup then the initial notifications
+                                               get sent at startup.  If you have a lot of endpoints
+                                               (thousands) that use unsolicited MWI then you may
+                                               want to consider disabling the initial startup
+                                               notifications.
+                                               </para>
+                                               <para>When the initial unsolicited MWI notifications are
+                                               disabled on startup then the notifications will start
+                                               on the endpoint's next contact update.
+                                               </para>
+                                       </description>
+                               </configOption>
+                               <configOption name="ignore_uri_user_options">
+                                       <synopsis>Enable/Disable ignoring SIP URI user field options.</synopsis>
+                                       <description>
+                                               <para>If you have this option enabled and there are semicolons
+                                               in the user field of a SIP URI then the field is truncated
+                                               at the first semicolon.  This effectively makes the semicolon
+                                               a non-usable character for PJSIP endpoint names, extensions,
+                                               and AORs.  This can be useful for improving compatability with
+                                               an ITSP that likes to use user options for whatever reason.
+                                               </para>
+                                               <example title="Sample SIP URI">
+                                                       sip:1235557890;phone-context=national@x.x.x.x;user=phone
+                                               </example>
+                                               <example title="Sample SIP URI user field">
+                                                       1235557890;phone-context=national
+                                               </example>
+                                               <example title="Sample SIP URI user field truncated">
+                                                       1235557890
+                                               </example>
+                                               <note><para>The caller-id and redirecting number strings
+                                               obtained from incoming SIP URI user fields are always truncated
+                                               at the first semicolon.</para></note>
+                                       </description>
                                </configOption>
                        </configObject>
                </configFile>
                                <parameter name="Accountcode">
                                        <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='endpoint']/configOption[@name='accountcode']/synopsis/node())"/></para>
                                </parameter>
+                               <parameter name="PreferredCodecOnly">
+                                       <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='endpoint']/configOption[@name='preferred_codec_only']/synopsis/node())"/></para>
+                               </parameter>
                                <parameter name="DeviceState">
                                        <para>The aggregate device state for this endpoint.</para>
                                </parameter>
                                <parameter name="ActiveChannels">
                                        <para>The number of active channels associated with this endpoint.</para>
                                </parameter>
+                               <parameter name="SubscribeContext">
+                                       <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='endpoint']/configOption[@name='subscribe_context']/synopsis/node())"/></para>
+                               </parameter>
+                               <parameter name="Allowoverlap">
+                                       <para><xi:include xpointer="xpointer(/docs/configInfo[@name='res_pjsip']/configFile[@name='pjsip.conf']/configObject[@name='endpoint']/configOption[@name='allow_overlap']/synopsis/node())"/></para>
+                               </parameter>
                        </syntax>
                </managerEventInstance>
        </managerEvent>
                                <parameter name="EndpointName">
                                        <para>The name of the endpoint associated with this information.</para>
                                </parameter>
+                               <parameter name="UserAgent">
+                                       <para>Content of the User-Agent header in REGISTER request</para>
+                               </parameter>
+                               <parameter name="RegExpire">
+                                       <para>Absolute time that this contact is no longer valid after</para>
+                               </parameter>
+                               <parameter name="ViaAddress">
+                                       <para>IP address:port of the last Via header in REGISTER request.
+                                       Will only appear in the event if available.</para>
+                               </parameter>
+                               <parameter name="CallID">
+                                       <para>Content of the Call-ID header in REGISTER request.
+                                       Will only appear in the event if available.</para>
+                               </parameter>
+                               <parameter name="ID">
+                                       <para>The sorcery ID of the contact.</para>
+                               </parameter>
+                               <parameter name="AuthenticateQualify">
+                                       <para>A boolean indicating whether a qualify should be authenticated.</para>
+                               </parameter>
+                               <parameter name="OutboundProxy">
+                                       <para>The contact's outbound proxy.</para>
+                               </parameter>
+                               <parameter name="Path">
+                                       <para>The Path header received on the REGISTER.</para>
+                               </parameter>
+                               <parameter name="QualifyFrequency">
+                                       <para>The interval in seconds at which the contact will be qualified.</para>
+                               </parameter>
+                               <parameter name="QualifyTimeout">
+                                       <para>The elapsed time in decimal seconds after which an OPTIONS
+                                       message is sent before the contact is considered unavailable.</para>
+                               </parameter>
                        </syntax>
                </managerEventInstance>
        </managerEvent>
                        Provides a listing of all endpoints.  For each endpoint an <literal>EndpointList</literal> event
                        is raised that contains relevant attributes and status information.  Once all
                        endpoints have been listed an <literal>EndpointListComplete</literal> event is issued.
-                        </para>
+                       </para>
                </description>
                <responses>
                        <list-elements>
                        <literal>IdentifyDetail</literal>.  Some events may be listed multiple times if multiple objects are
                        associated (for instance AoRs).  Once all detail events have been raised a final
                        <literal>EndpointDetailComplete</literal> event is issued.
-                        </para>
+                       </para>
                </description>
                <responses>
                        <list-elements>
@@ -1935,13 +2391,13 @@ static struct ast_threadpool *sip_threadpool;
 static pj_sockaddr host_ip_ipv4;
 
 /*! Local host address for IPv4 (string form) */
-static char host_ip_ipv4_string[PJ_INET6_ADDRSTRLEN + 2];
+static char host_ip_ipv4_string[PJ_INET6_ADDRSTRLEN];
 
 /*! Local host address for IPv6 */
 static pj_sockaddr host_ip_ipv6;
 
 /*! Local host address for IPv6 (string form) */
-static char host_ip_ipv6_string[PJ_INET6_ADDRSTRLEN + 2];
+static char host_ip_ipv6_string[PJ_INET6_ADDRSTRLEN];
 
 static int register_service_noref(void *data)
 {
@@ -2052,7 +2508,7 @@ enum ast_sip_check_auth_result ast_sip_check_authentication(struct ast_sip_endpo
 {
        if (!registered_authenticator) {
                ast_log(LOG_WARNING, "No SIP authenticator registered. Assuming authentication is successful\n");
-               return 0;
+               return AST_SIP_AUTHENTICATION_SUCCESS;
        }
        return registered_authenticator->check_authentication(endpoint, rdata, tdata);
 }
@@ -2397,12 +2853,59 @@ pjsip_endpoint *ast_sip_get_pjsip_endpoint(void)
        return ast_pjsip_endpoint;
 }
 
-static int sip_dialog_create_from(pj_pool_t *pool, pj_str_t *from, const char *user, const char *domain, const pj_str_t *target, pjsip_tpselector *selector)
+int ast_sip_get_transport_name(const struct ast_sip_endpoint *endpoint,
+       pjsip_sip_uri *sip_uri, char *buf, size_t buf_len)
+{
+       char *host = NULL;
+       static const pj_str_t x_name = { AST_SIP_X_AST_TXP, AST_SIP_X_AST_TXP_LEN };
+       pjsip_param *x_transport;
+
+       if (!ast_strlen_zero(endpoint->transport)) {
+               ast_copy_string(buf, endpoint->transport, buf_len);
+               return 0;
+       }
+
+       x_transport = pjsip_param_find(&sip_uri->other_param, &x_name);
+       if (!x_transport) {
+               return -1;
+       }
+
+       /* Only use x_transport if the uri host is an ip (4 or 6) address */
+       host = ast_alloca(sip_uri->host.slen + 1);
+       ast_copy_pj_str(host, &sip_uri->host, sip_uri->host.slen + 1);
+       if (!ast_sockaddr_parse(NULL, host, PARSE_PORT_FORBID)) {
+               return -1;
+       }
+
+       ast_copy_pj_str(buf, &x_transport->value, buf_len);
+
+       return 0;
+}
+
+int ast_sip_dlg_set_transport(const struct ast_sip_endpoint *endpoint, pjsip_dialog *dlg,
+       pjsip_tpselector *selector)
+{
+       pjsip_sip_uri *uri;
+       pjsip_tpselector sel = { .type = PJSIP_TPSELECTOR_NONE, };
+
+       uri = pjsip_uri_get_uri(dlg->target);
+       if (!selector) {
+               selector = &sel;
+       }
+
+       ast_sip_set_tpselector_from_ep_or_uri(endpoint, uri, selector);
+       pjsip_dlg_set_transport(dlg, selector);
+
+       return 0;
+}
+
+static int sip_dialog_create_from(pj_pool_t *pool, pj_str_t *from, const char *user,
+       const char *domain, const pj_str_t *target, pjsip_tpselector *selector)
 {
        pj_str_t tmp, local_addr;
        pjsip_uri *uri;
        pjsip_sip_uri *sip_uri;
-       pjsip_transport_type_e type = PJSIP_TRANSPORT_UNSPECIFIED;
+       pjsip_transport_type_e type;
        int local_port;
        char default_user[PJSIP_MAX_URL_SIZE];
 
@@ -2422,21 +2925,21 @@ static int sip_dialog_create_from(pj_pool_t *pool, pj_str_t *from, const char *u
        sip_uri = pjsip_uri_get_uri(uri);
 
        /* Determine the transport type to use */
+       type = pjsip_transport_get_type_from_name(&sip_uri->transport_param);
        if (PJSIP_URI_SCHEME_IS_SIPS(sip_uri)) {
-               type = PJSIP_TRANSPORT_TLS;
+               if (type == PJSIP_TRANSPORT_UNSPECIFIED
+                       || !(pjsip_transport_get_flag_from_type(type) & PJSIP_TRANSPORT_SECURE)) {
+                       type = PJSIP_TRANSPORT_TLS;
+               }
        } else if (!sip_uri->transport_param.slen) {
                type = PJSIP_TRANSPORT_UDP;
-       } else {
-               type = pjsip_transport_get_type_from_name(&sip_uri->transport_param);
-       }
-
-       if (type == PJSIP_TRANSPORT_UNSPECIFIED) {
+       } else if (type == PJSIP_TRANSPORT_UNSPECIFIED) {
                return -1;
        }
 
        /* If the host is IPv6 turn the transport into an IPv6 version */
-       if (pj_strchr(&sip_uri->host, ':') && type < PJSIP_TRANSPORT_START_OTHER) {
-               type = (pjsip_transport_type_e)(((int)type) + PJSIP_TRANSPORT_IPV6);
+       if (pj_strchr(&sip_uri->host, ':')) {
+               type |= PJSIP_TRANSPORT_IPV6;
        }
 
        if (!ast_strlen_zero(domain)) {
@@ -2460,8 +2963,8 @@ static int sip_dialog_create_from(pj_pool_t *pool, pj_str_t *from, const char *u
        }
 
        /* If IPv6 was specified in the transport, set the proper type */
-       if (pj_strchr(&local_addr, ':') && type < PJSIP_TRANSPORT_START_OTHER) {
-               type = (pjsip_transport_type_e)(((int)type) + PJSIP_TRANSPORT_IPV6);
+       if (pj_strchr(&local_addr, ':')) {
+               type |= PJSIP_TRANSPORT_IPV6;
        }
 
        from->ptr = pj_pool_alloc(pool, PJSIP_MAX_URL_SIZE);
@@ -2479,29 +2982,23 @@ static int sip_dialog_create_from(pj_pool_t *pool, pj_str_t *from, const char *u
        return 0;
 }
 
-static int sip_get_tpselector_from_endpoint(const struct ast_sip_endpoint *endpoint, pjsip_tpselector *selector)
+int ast_sip_set_tpselector_from_transport(const struct ast_sip_transport *transport, pjsip_tpselector *selector)
 {
-       RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
-       const char *transport_name = endpoint->transport;
-
-       if (ast_strlen_zero(transport_name)) {
-               return 0;
-       }
-
-       transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_name);
+       RAII_VAR(struct ast_sip_transport_state *, transport_state, NULL, ao2_cleanup);
 
-       if (!transport || !transport->state) {
-               ast_log(LOG_ERROR, "Unable to retrieve PJSIP transport '%s' for endpoint '%s'\n",
-                       transport_name, ast_sorcery_object_get_id(endpoint));
+       transport_state = ast_sip_get_transport_state(ast_sorcery_object_get_id(transport));
+       if (!transport_state) {
+               ast_log(LOG_ERROR, "Unable to retrieve PJSIP transport state for '%s'\n",
+                       ast_sorcery_object_get_id(transport));
                return -1;
        }
 
-       if (transport->state->transport) {
+       if (transport_state->transport) {
                selector->type = PJSIP_TPSELECTOR_TRANSPORT;
-               selector->u.transport = transport->state->transport;
-       } else if (transport->state->factory) {
+               selector->u.transport = transport_state->transport;
+       } else if (transport_state->factory) {
                selector->type = PJSIP_TPSELECTOR_LISTENER;
-               selector->u.listener = transport->state->factory;
+               selector->u.listener = transport_state->factory;
        } else if (transport->type == AST_TRANSPORT_WS || transport->type == AST_TRANSPORT_WSS) {
                /* The WebSocket transport has no factory as it can not create outgoing connections, so
                 * even if an endpoint is locked to a WebSocket transport we let the PJSIP logic
@@ -2515,13 +3012,43 @@ static int sip_get_tpselector_from_endpoint(const struct ast_sip_endpoint *endpo
        return 0;
 }
 
+int ast_sip_set_tpselector_from_transport_name(const char *transport_name, pjsip_tpselector *selector)
+{
+       RAII_VAR(struct ast_sip_transport *, transport, NULL, ao2_cleanup);
+
+       if (ast_strlen_zero(transport_name)) {
+               return 0;
+       }
+
+       transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport", transport_name);
+       if (!transport) {
+               ast_log(LOG_ERROR, "Unable to retrieve PJSIP transport '%s'\n",
+                       transport_name);
+               return -1;
+       }
+
+       return ast_sip_set_tpselector_from_transport(transport, selector);
+}
+
+int ast_sip_set_tpselector_from_ep_or_uri(const struct ast_sip_endpoint *endpoint,
+       pjsip_sip_uri *sip_uri, pjsip_tpselector *selector)
+{
+       char transport_name[128];
+
+       if (ast_sip_get_transport_name(endpoint, sip_uri, transport_name, sizeof(transport_name))) {
+               return 0;
+       }
+
+       return ast_sip_set_tpselector_from_transport_name(transport_name, selector);
+}
+
 void ast_sip_add_usereqphone(const struct ast_sip_endpoint *endpoint, pj_pool_t *pool, pjsip_uri *uri)
 {
        pjsip_sip_uri *sip_uri;
        int i = 0;
        pjsip_param *param;
-       const pj_str_t STR_USER = { "user", 4 };
-       const pj_str_t STR_PHONE = { "phone", 5 };
+       static const pj_str_t STR_USER = { "user", 4 };
+       static const pj_str_t STR_PHONE = { "phone", 5 };
 
        if (!endpoint || !endpoint->usereqphone || (!PJSIP_URI_SCHEME_IS_SIP(uri) && !PJSIP_URI_SCHEME_IS_SIPS(uri))) {
                return;
@@ -2554,7 +3081,8 @@ void ast_sip_add_usereqphone(const struct ast_sip_endpoint *endpoint, pj_pool_t
        pj_list_insert_before(&sip_uri->other_param, param);
 }
 
-pjsip_dialog *ast_sip_create_dialog_uac(const struct ast_sip_endpoint *endpoint, const char *uri, const char *request_user)
+pjsip_dialog *ast_sip_create_dialog_uac(const struct ast_sip_endpoint *endpoint,
+       const char *uri, const char *request_user)
 {
        char enclosed_uri[PJSIP_MAX_URL_SIZE];
        pj_str_t local_uri = { "sip:temp@temp", 13 }, remote_uri, target_uri;
@@ -2572,18 +3100,20 @@ pjsip_dialog *ast_sip_create_dialog_uac(const struct ast_sip_endpoint *endpoint,
        res = pjsip_dlg_create_uac(pjsip_ua_instance(), &local_uri, NULL, &remote_uri, &target_uri, &dlg);
        if (res != PJ_SUCCESS) {
                if (res == PJSIP_EINVALIDURI) {
-                       ast_log(LOG_ERROR, "Could not create dialog to endpoint '%s' as URI '%s' is not valid\n",
+                       ast_log(LOG_ERROR,
+                               "Endpoint '%s': Could not create dialog to invalid URI '%s'.  Is endpoint registered and reachable?\n",
                                ast_sorcery_object_get_id(endpoint), uri);
                }
                return NULL;
        }
 
-       if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
-               pjsip_dlg_terminate(dlg);
-               return NULL;
-       }
+       /* We have to temporarily bump up the sess_count here so the dialog is not prematurely destroyed */
+       dlg->sess_count++;
+
+       ast_sip_dlg_set_transport(endpoint, dlg, &selector);
 
        if (sip_dialog_create_from(dlg->pool, &local_uri, endpoint->fromuser, endpoint->fromdomain, &remote_uri, &selector)) {
+               dlg->sess_count--;
                pjsip_dlg_terminate(dlg);
                return NULL;
        }
@@ -2591,8 +3121,24 @@ pjsip_dialog *ast_sip_create_dialog_uac(const struct ast_sip_endpoint *endpoint,
        /* Update the dialog with the new local URI, we do it afterwards so we can use the dialog pool for construction */
        pj_strdup_with_null(dlg->pool, &dlg->local.info_str, &local_uri);
        dlg->local.info->uri = pjsip_parse_uri(dlg->pool, dlg->local.info_str.ptr, dlg->local.info_str.slen, 0);
+       if (!dlg->local.info->uri) {
+               ast_log(LOG_ERROR,
+                       "Could not parse URI '%s' for endpoint '%s'\n",
+                       dlg->local.info_str.ptr, ast_sorcery_object_get_id(endpoint));
+               dlg->sess_count--;
+               pjsip_dlg_terminate(dlg);
+               return NULL;
+       }
+
        dlg->local.contact = pjsip_parse_hdr(dlg->pool, &HCONTACT, local_uri.ptr, local_uri.slen, NULL);
 
+       if (!ast_strlen_zero(endpoint->contact_user)) {
+               pjsip_sip_uri *sip_uri;
+
+               sip_uri = pjsip_uri_get_uri(dlg->local.contact->uri);
+               pj_strdup2(dlg->pool, &sip_uri->user, endpoint->contact_user);
+       }
+
        /* If a request user has been specified and we are permitted to change it, do so */
        if (!ast_strlen_zero(request_user)) {
                pjsip_sip_uri *sip_uri;
@@ -2611,11 +3157,6 @@ pjsip_dialog *ast_sip_create_dialog_uac(const struct ast_sip_endpoint *endpoint,
        ast_sip_add_usereqphone(endpoint, dlg->pool, dlg->target);
        ast_sip_add_usereqphone(endpoint, dlg->pool, dlg->remote.info->uri);
 
-       /* We have to temporarily bump up the sess_count here so the dialog is not prematurely destroyed */
-       dlg->sess_count++;
-
-       pjsip_dlg_set_transport(dlg, &selector);
-
        if (!ast_strlen_zero(outbound_proxy)) {
                pjsip_route_hdr route_set, *route;
                static const pj_str_t ROUTE_HNAME = { "Route", 5 };
@@ -2684,10 +3225,13 @@ pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint,
        pjsip_transport_type_e type = rdata->tp_info.transport->key.type;
        pjsip_tpselector selector = { .type = PJSIP_TPSELECTOR_NONE, };
        pjsip_transport *transport;
+       pjsip_contact_hdr *contact_hdr;
 
        ast_assert(status != NULL);
 
-       if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
+       contact_hdr = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL);
+       if (ast_sip_set_tpselector_from_ep_or_uri(endpoint, pjsip_uri_get_uri(contact_hdr->uri),
+               &selector)) {
                return NULL;
        }
 
@@ -2733,8 +3277,8 @@ pjsip_dialog *ast_sip_create_dialog_uas(const struct ast_sip_endpoint *endpoint,
        return dlg;
 }
 
-int ast_sip_create_rdata(pjsip_rx_data *rdata, char *packet, const char *src_name, int src_port,
-       char *transport_type, const char *local_name, int local_port)
+int ast_sip_create_rdata_with_contact(pjsip_rx_data *rdata, char *packet, const char *src_name, int src_port,
+       char *transport_type, const char *local_name, int local_port, const char *contact)
 {
        pj_str_t tmp;
 
@@ -2758,6 +3302,16 @@ int ast_sip_create_rdata(pjsip_rx_data *rdata, char *packet, const char *src_nam
                return -1;
        }
 
+       if (!ast_strlen_zero(contact)) {
+               pjsip_contact_hdr *contact_hdr;
+
+               contact_hdr = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_CONTACT, NULL);
+               if (contact_hdr) {
+                       contact_hdr->uri = pjsip_parse_uri(rdata->tp_info.pool, (char *)contact,
+                               strlen(contact), PJSIP_PARSE_URI_AS_NAMEADDR);
+               }
+       }
+
        pj_strdup2(rdata->tp_info.pool, &rdata->msg_info.via->recvd_param, rdata->pkt_info.src_name);
        rdata->msg_info.via->rport_param = -1;
 
@@ -2769,6 +3323,13 @@ int ast_sip_create_rdata(pjsip_rx_data *rdata, char *packet, const char *src_nam
        return 0;
 }
 
+int ast_sip_create_rdata(pjsip_rx_data *rdata, char *packet, const char *src_name, int src_port,
+       char *transport_type, const char *local_name, int local_port)
+{
+       return ast_sip_create_rdata_with_contact(rdata, packet, src_name, src_port, transport_type,
+               local_name, local_port, NULL);
+}
+
 /* PJSIP doesn't know about the INFO method, so we have to define it ourselves */
 static const pjsip_method info_method = {PJSIP_OTHER_METHOD, {"INFO", 4} };
 static const pjsip_method message_method = {PJSIP_OTHER_METHOD, {"MESSAGE", 7} };
@@ -2828,6 +3389,7 @@ static int create_out_of_dialog_request(const pjsip_method *method, struct ast_s
        pj_pool_t *pool;
        pjsip_tpselector selector = { .type = PJSIP_TPSELECTOR_NONE, };
        pjsip_uri *sip_uri;
+       const char *fromuser;
 
        if (ast_strlen_zero(uri)) {
                if (!endpoint && (!contact || ast_strlen_zero(contact->uri))) {
@@ -2849,14 +3411,6 @@ static int create_out_of_dialog_request(const pjsip_method *method, struct ast_s
                pj_cstr(&remote_uri, uri);
        }
 
-       if (endpoint) {
-               if (sip_get_tpselector_from_endpoint(endpoint, &selector)) {
-                       ast_log(LOG_ERROR, "Unable to retrieve PJSIP transport selector for endpoint %s\n",
-                               ast_sorcery_object_get_id(endpoint));
-                       return -1;
-               }
-       }
-
        pool = pjsip_endpt_create_pool(ast_sip_get_pjsip_endpoint(), "Outbound request", 256, 256);
 
        if (!pool) {
@@ -2874,7 +3428,10 @@ static int create_out_of_dialog_request(const pjsip_method *method, struct ast_s
                return -1;
        }
 
-       if (sip_dialog_create_from(pool, &from, endpoint ? endpoint->fromuser : NULL,
+       ast_sip_set_tpselector_from_ep_or_uri(endpoint, pjsip_uri_get_uri(sip_uri), &selector);
+
+       fromuser = endpoint ? (!ast_strlen_zero(endpoint->fromuser) ? endpoint->fromuser : ast_sorcery_object_get_id(endpoint)) : NULL;
+       if (sip_dialog_create_from(pool, &from, fromuser,
                                endpoint ? endpoint->fromdomain : NULL, &remote_uri, &selector)) {
                ast_log(LOG_ERROR, "Unable to create From header for %.*s request to endpoint %s\n",
                                (int) pj_strlen(&method->name), pj_strbuf(&method->name),
@@ -2892,6 +3449,21 @@ static int create_out_of_dialog_request(const pjsip_method *method, struct ast_s
                return -1;
        }
 
+       pjsip_tx_data_set_transport(*tdata, &selector);
+
+       if (endpoint && !ast_strlen_zero(endpoint->contact_user)){
+               pjsip_contact_hdr *contact_hdr;
+               pjsip_sip_uri *contact_uri;
+               static const pj_str_t HCONTACT = { "Contact", 7 };
+               static const pj_str_t HCONTACTSHORT = { "m", 1 };
+
+               contact_hdr = pjsip_msg_find_hdr_by_names((*tdata)->msg, &HCONTACT, &HCONTACTSHORT, NULL);
+               if (contact_hdr) {
+                       contact_uri = pjsip_uri_get_uri(contact_hdr->uri);
+                       pj_strdup2(pool, &contact_uri->user, endpoint->contact_user);
+               }
+       }
+
        /* Add the user=phone parameter if applicable */
        ast_sip_add_usereqphone(endpoint, (*tdata)->pool, (*tdata)->msg->line.req.uri);
 
@@ -2920,6 +3492,8 @@ int ast_sip_create_request(const char *method, struct pjsip_dialog *dlg,
 {
        const pjsip_method *pmethod = get_pjsip_method(method);
 
+       ast_assert(endpoint != NULL);
+
        if (!pmethod) {
                ast_log(LOG_WARNING, "Unknown method '%s'. Cannot send request\n", method);
                return -1;
@@ -3041,6 +3615,8 @@ struct send_request_wrapper {
        void (*callback)(void *token, pjsip_event *e);
        /*! Non-zero when the callback is called. */
        unsigned int cb_called;
+       /*! Non-zero if endpt_send_request_cb() was called. */
+       unsigned int send_cb_called;
        /*! Timeout timer. */
        pj_timer_entry *timeout_timer;
        /*! Original timeout. */
@@ -3056,9 +3632,16 @@ struct send_request_wrapper {
 static void endpt_send_request_cb(void *token, pjsip_event *e)
 {
        struct send_request_wrapper *req_wrapper = token;
+       unsigned int cb_called;
 
-       if (e->body.tsx_state.type == PJSIP_EVENT_TIMER) {
-               ast_debug(2, "%p: PJSIP tsx timer expired\n", req_wrapper);
+       /*
+        * Needed because we cannot otherwise tell if this callback was
+        * called when pjsip_endpt_send_request() returns error.
+        */
+       req_wrapper->send_cb_called = 1;
+
+       if (e->body.tsx_state.type == PJSIP_EVENT_TIMER) {
+               ast_debug(2, "%p: PJSIP tsx timer expired\n", req_wrapper);
 
                if (req_wrapper->timeout_timer
                        && req_wrapper->timeout_timer->id != TIMEOUT_TIMER2) {
@@ -3085,7 +3668,6 @@ static void endpt_send_request_cb(void *token, pjsip_event *e)
                timers_cancelled = pj_timer_heap_cancel_if_active(
                        pjsip_endpt_get_timer_heap(ast_sip_get_pjsip_endpoint()),
                        req_wrapper->timeout_timer, TIMER_INACTIVE);
-
                if (timers_cancelled > 0) {
                        /* If the timer was cancelled the callback will never run so
                         * clean up its reference to the wrapper.
@@ -3093,25 +3675,27 @@ static void endpt_send_request_cb(void *token, pjsip_event *e)
                        ast_debug(3, "%p: Timer cancelled\n", req_wrapper);
                        ao2_ref(req_wrapper, -1);
                } else {
-                       /* If it wasn't cancelled, it MAY be in the callback already
-                        * waiting on the lock so set the id to INACTIVE so
-                        * when the callback comes out of the lock, it knows to not
-                        * proceed.
+                       /*
+                        * If it wasn't cancelled, it MAY be in the callback already
+                        * waiting on the lock.  When we release the lock, it will
+                        * now know not to proceed.
                         */
                        ast_debug(3, "%p: Timer already expired\n", req_wrapper);
-                       req_wrapper->timeout_timer->id = TIMER_INACTIVE;
                }
        }
 
+       cb_called = req_wrapper->cb_called;
+       req_wrapper->cb_called = 1;
+       ao2_unlock(req_wrapper);
+
        /* It's possible that our own timer expired and called the callbacks
         * so no need to call them again.
         */
-       if (!req_wrapper->cb_called && req_wrapper->callback) {
+       if (!cb_called && req_wrapper->callback) {
                req_wrapper->callback(req_wrapper->token, e);
-               req_wrapper->cb_called = 1;
                ast_debug(2, "%p: Callbacks executed\n", req_wrapper);
        }
-       ao2_unlock(req_wrapper);
+
        ao2_ref(req_wrapper, -1);
 }
 
@@ -3122,15 +3706,16 @@ static void endpt_send_request_cb(void *token, pjsip_event *e)
  */
 static void send_request_timer_callback(pj_timer_heap_t *theap, pj_timer_entry *entry)
 {
-       pjsip_event event;
        struct send_request_wrapper *req_wrapper = entry->user_data;
+       unsigned int cb_called;
 
        ast_debug(2, "%p: Internal tsx timer expired after %d msec\n",
                req_wrapper, req_wrapper->timeout);
 
        ao2_lock(req_wrapper);
-       /* If the id is not TIMEOUT_TIMER2 then the timer was cancelled above
-        * while the lock was being held so just clean up.
+       /*
+        * If the id is not TIMEOUT_TIMER2 then the timer was cancelled
+        * before we got the lock or it was already handled so just clean up.
         */
        if (entry->id != TIMEOUT_TIMER2) {
                ao2_unlock(req_wrapper);
@@ -3138,20 +3723,24 @@ static void send_request_timer_callback(pj_timer_heap_t *theap, pj_timer_entry *
                ao2_ref(req_wrapper, -1);
                return;
        }
+       entry->id = TIMER_INACTIVE;
 
        ast_debug(3, "%p: Timer handled here\n", req_wrapper);
 
-       PJSIP_EVENT_INIT_TX_MSG(event, req_wrapper->tdata);
-       event.body.tsx_state.type = PJSIP_EVENT_TIMER;
-       entry->id = TIMER_INACTIVE;
+       cb_called = req_wrapper->cb_called;
+       req_wrapper->cb_called = 1;
+       ao2_unlock(req_wrapper);
+
+       if (!cb_called && req_wrapper->callback) {
+               pjsip_event event;
+
+               PJSIP_EVENT_INIT_TX_MSG(event, req_wrapper->tdata);
+               event.body.tsx_state.type = PJSIP_EVENT_TIMER;
 
-       if (!req_wrapper->cb_called && req_wrapper->callback) {
                req_wrapper->callback(req_wrapper->token, &event);
-               req_wrapper->cb_called = 1;
                ast_debug(2, "%p: Callbacks executed\n", req_wrapper);
        }
 
-       ao2_unlock(req_wrapper);
        ao2_ref(req_wrapper, -1);
 }
 
@@ -3170,6 +3759,12 @@ static pj_status_t endpt_send_request(struct ast_sip_endpoint *endpoint,
        pj_status_t ret_val;
        pjsip_endpoint *endpt = ast_sip_get_pjsip_endpoint();
 
+       if (!cb && token) {
+               /* Silly.  Without a callback we cannot do anything with token. */
+               pjsip_tx_data_dec_ref(tdata);
+               return PJ_EINVAL;
+       }
+
        /* Create wrapper to detect if the callback was actually called on an error. */
        req_wrapper = ao2_alloc(sizeof(*req_wrapper), send_request_wrapper_destructor);
        if (!req_wrapper) {
@@ -3187,8 +3782,6 @@ static pj_status_t endpt_send_request(struct ast_sip_endpoint *endpoint,
        /* Add a reference to tdata.  The wrapper destructor cleans it up. */
        pjsip_tx_data_add_ref(tdata);
 
-       ao2_lock(req_wrapper);
-
        if (timeout > 0) {
                pj_time_val timeout_timer_val = { timeout / 1000, timeout % 1000 };
 
@@ -3197,38 +3790,37 @@ static pj_status_t endpt_send_request(struct ast_sip_endpoint *endpoint,
                ast_debug(2, "%p: Set timer to %d msec\n", req_wrapper, timeout);
 
                pj_timer_entry_init(req_wrapper->timeout_timer, TIMEOUT_TIMER2,
-                       req_wrapper, &send_request_timer_callback);
-
-               pj_timer_heap_cancel_if_active(pjsip_endpt_get_timer_heap(endpt),
-                       req_wrapper->timeout_timer, TIMER_INACTIVE);
+                       req_wrapper, send_request_timer_callback);
 
                /* We need to insure that the wrapper and tdata are available if/when the
                 * timer callback is executed.
                 */
                ao2_ref(req_wrapper, +1);
-               pj_timer_heap_schedule(pjsip_endpt_get_timer_heap(endpt),
+               ret_val = pj_timer_heap_schedule(pjsip_endpt_get_timer_heap(endpt),
                        req_wrapper->timeout_timer, &timeout_timer_val);
-
-               req_wrapper->timeout_timer->id = TIMEOUT_TIMER2;
-       } else {
-               req_wrapper->timeout_timer = NULL;
+               if (ret_val != PJ_SUCCESS) {
+                       ast_log(LOG_ERROR,
+                               "Failed to set timer.  Not sending %.*s request to endpoint %s.\n",
+                               (int) pj_strlen(&tdata->msg->line.req.method.name),
+                               pj_strbuf(&tdata->msg->line.req.method.name),
+                               endpoint ? ast_sorcery_object_get_id(endpoint) : "<unknown>");
+                       ao2_t_ref(req_wrapper, -2, "Drop timer and routine ref");
+                       pjsip_tx_data_dec_ref(tdata);
+                       return ret_val;
+               }
        }
 
        /* We need to insure that the wrapper and tdata are available when the
         * transaction callback is executed.
         */
        ao2_ref(req_wrapper, +1);
-
        ret_val = pjsip_endpt_send_request(endpt, tdata, -1, req_wrapper, endpt_send_request_cb);
        if (ret_val != PJ_SUCCESS) {
                char errmsg[PJ_ERR_MSG_SIZE];
 
-               if (timeout > 0) {
-                       int timers_cancelled = pj_timer_heap_cancel_if_active(pjsip_endpt_get_timer_heap(endpt),
-                               req_wrapper->timeout_timer, TIMER_INACTIVE);
-                       if (timers_cancelled > 0) {
-                               ao2_ref(req_wrapper, -1);
-                       }
+               if (!req_wrapper->send_cb_called) {
+                       /* endpt_send_request_cb is not expected to ever be called now. */
+                       ao2_ref(req_wrapper, -1);
                }
 
                /* Complain of failure to send the request. */
@@ -3238,20 +3830,44 @@ static pj_status_t endpt_send_request(struct ast_sip_endpoint *endpoint,
                        pj_strbuf(&tdata->msg->line.req.method.name),
                        endpoint ? ast_sorcery_object_get_id(endpoint) : "<unknown>");
 
-               /* Was the callback called? */
-               if (req_wrapper->cb_called) {
+               if (timeout > 0) {
+                       int timers_cancelled;
+
+                       ao2_lock(req_wrapper);
+                       timers_cancelled = pj_timer_heap_cancel_if_active(
+                               pjsip_endpt_get_timer_heap(endpt),
+                               req_wrapper->timeout_timer, TIMER_INACTIVE);
+                       if (timers_cancelled > 0) {
+                               ao2_ref(req_wrapper, -1);
+                       }
+
+                       /* Was the callback called? */
+                       if (req_wrapper->cb_called) {
+                               /*
+                                * Yes so we cannot report any error.  The callback
+                                * has already freed any resources associated with
+                                * token.
+                                */
+                               ret_val = PJ_SUCCESS;
+                       } else {
+                               /*
+                                * No so we claim it is called so our caller can free
+                                * any resources associated with token because of
+                                * failure.
+                                */
+                               req_wrapper->cb_called = 1;
+                       }
+                       ao2_unlock(req_wrapper);
+               } else if (req_wrapper->cb_called) {
                        /*
-                        * Yes so we cannot report any error.  The callback
-                        * has already freed any resources associated with
+                        * We cannot report any error.  The callback has
+                        * already freed any resources associated with
                         * token.
                         */
                        ret_val = PJ_SUCCESS;
-               } else {
-                       /* No and it is not expected to ever be called. */
-                       ao2_ref(req_wrapper, -1);
                }
        }
-       ao2_unlock(req_wrapper);
+
        ao2_ref(req_wrapper, -1);
        return ret_val;
 }
@@ -3260,7 +3876,7 @@ int ast_sip_failover_request(pjsip_tx_data *tdata)
 {
        pjsip_via_hdr *via;
 
-       if (tdata->dest_info.cur_addr == tdata->dest_info.addr.count - 1) {
+       if (!tdata->dest_info.addr.count || (tdata->dest_info.cur_addr == tdata->dest_info.addr.count - 1)) {
                /* No more addresses to try */
                return 0;
        }
@@ -3327,46 +3943,48 @@ static void send_request_cb(void *token, pjsip_event *e)
        pjsip_rx_data *challenge;
        struct ast_sip_supplement *supplement;
 
-       switch(e->body.tsx_state.type) {
-       case PJSIP_EVENT_TRANSPORT_ERROR:
-       case PJSIP_EVENT_TIMER:
-               /*
-                * Check the request status on transport error or timeout. A transport
-                * error can occur when a TCP socket closes and that can be the result
-                * of a 503. Also we may need to failover on a timeout (408).
-                */
-               if (check_request_status(req_data, e)) {
-                       return;
-               }
-               break;
-       case PJSIP_EVENT_RX_MSG:
-               challenge = e->body.tsx_state.src.rdata;
-
-               /*
-                * Call any supplements that want to know about a response
-                * with any received data.
-                */
-               AST_RWLIST_RDLOCK(&supplements);
-               AST_LIST_TRAVERSE(&supplements, supplement, next) {
-                       if (supplement->incoming_response
-                               && does_method_match(&challenge->msg_info.cseq->method.name,
-                                       supplement->method)) {
-                               supplement->incoming_response(req_data->endpoint, challenge);
+       if (e->type == PJSIP_EVENT_TSX_STATE) {
+               switch(e->body.tsx_state.type) {
+               case PJSIP_EVENT_TRANSPORT_ERROR:
+               case PJSIP_EVENT_TIMER:
+                       /*
+                        * Check the request status on transport error or timeout. A transport
+                        * error can occur when a TCP socket closes and that can be the result
+                        * of a 503. Also we may need to failover on a timeout (408).
+                        */
+                       if (check_request_status(req_data, e)) {
+                               return;
                        }
-               }
-               AST_RWLIST_UNLOCK(&supplements);
+                       break;
+               case PJSIP_EVENT_RX_MSG:
+                       challenge = e->body.tsx_state.src.rdata;
 
-               if (check_request_status(req_data, e)) {
                        /*
-                        * Request with challenge response or failover sent.
-                        * Passed our req_data ref to the new request.
+                        * Call any supplements that want to know about a response
+                        * with any received data.
                         */
-                       return;
+                       AST_RWLIST_RDLOCK(&supplements);
+                       AST_LIST_TRAVERSE(&supplements, supplement, next) {
+                               if (supplement->incoming_response
+                                       && does_method_match(&challenge->msg_info.cseq->method.name,
+                                               supplement->method)) {
+                                       supplement->incoming_response(req_data->endpoint, challenge);
+                               }
+                       }
+                       AST_RWLIST_UNLOCK(&supplements);
+
+                       if (check_request_status(req_data, e)) {
+                               /*
+                                * Request with challenge response or failover sent.
+                                * Passed our req_data ref to the new request.
+                                */
+                               return;
+                       }
+                       break;
+               default:
+                       ast_log(LOG_ERROR, "Unexpected PJSIP event %u\n", e->body.tsx_state.type);
+                       break;
                }
-               break;
-       default:
-               ast_log(LOG_ERROR, "Unexpected PJSIP event %u\n", e->body.tsx_state.type);
-               break;
        }
 
        if (req_data->callback) {
@@ -3576,11 +4194,7 @@ int ast_sip_push_task(struct ast_taskprocessor *serializer, int (*sip_task)(void
                serializer = serializer_pool[pos];
        }
 
-       if (serializer) {
-               return ast_taskprocessor_push(serializer, sip_task, task_data);
-       } else {
-               return ast_threadpool_push(sip_threadpool, sip_task, task_data);
-       }
+       return ast_taskprocessor_push(serializer, sip_task, task_data);
 }
 
 struct sync_task_data {
@@ -3652,6 +4266,18 @@ void ast_copy_pj_str(char *dest, const pj_str_t *src, size_t size)
        dest[chars_to_copy] = '\0';
 }
 
+int ast_copy_pj_str2(char **dest, const pj_str_t *src)
+{
+       int res = ast_asprintf(dest, "%.*s", (int)pj_strlen(src), pj_strbuf(src));
+
+       if (res < 0) {
+               *dest = NULL;
+       }
+
+       return res;
+}
+
+
 int ast_sip_is_content_type(pjsip_media_type *content_type, char *type, char *subtype)
 {
        pjsip_media_type compare;
@@ -3867,6 +4493,89 @@ const char *ast_sip_get_host_ip_string(int af)
        return NULL;
 }
 
+int ast_sip_dtmf_to_str(const enum ast_sip_dtmf_mode dtmf,
+                       char *buf, size_t buf_len)
+{
+       switch (dtmf) {
+       case AST_SIP_DTMF_NONE:
+               ast_copy_string(buf, "none", buf_len);
+               break;
+       case AST_SIP_DTMF_RFC_4733:
+               ast_copy_string(buf, "rfc4733", buf_len);
+               break;
+       case AST_SIP_DTMF_INBAND:
+               ast_copy_string(buf, "inband", buf_len);
+               break;
+       case AST_SIP_DTMF_INFO:
+               ast_copy_string(buf, "info", buf_len);
+               break;
+       case AST_SIP_DTMF_AUTO:
+               ast_copy_string(buf, "auto", buf_len);
+               break;
+       case AST_SIP_DTMF_AUTO_INFO:
+               ast_copy_string(buf, "auto_info", buf_len);
+               break;
+       default:
+               buf[0] = '\0';
+               return -1;
+       }
+       return 0;
+}
+
+int ast_sip_str_to_dtmf(const char * dtmf_mode)
+{
+       int result = -1;
+
+       if (!strcasecmp(dtmf_mode, "info")) {
+               result = AST_SIP_DTMF_INFO;
+       } else if (!strcasecmp(dtmf_mode, "rfc4733")) {
+               result = AST_SIP_DTMF_RFC_4733;
+       } else if (!strcasecmp(dtmf_mode, "inband")) {
+               result = AST_SIP_DTMF_INBAND;
+       } else if (!strcasecmp(dtmf_mode, "none")) {
+               result = AST_SIP_DTMF_NONE;
+       } else if (!strcasecmp(dtmf_mode, "auto")) {
+               result = AST_SIP_DTMF_AUTO;
+       } else if (!strcasecmp(dtmf_mode, "auto_info")) {
+               result = AST_SIP_DTMF_AUTO_INFO;
+       }
+
+       return result;
+}
+
+/*!
+ * \brief Set name and number information on an identity header.
+ *
+ * \param pool Memory pool to use for string duplication
+ * \param id_hdr A From, P-Asserted-Identity, or Remote-Party-ID header to modify
+ * \param id The identity information to apply to the header
+ */
+void ast_sip_modify_id_header(pj_pool_t *pool, pjsip_fromto_hdr *id_hdr, const struct ast_party_id *id)
+{
+       pjsip_name_addr *id_name_addr;
+       pjsip_sip_uri *id_uri;
+
+       id_name_addr = (pjsip_name_addr *) id_hdr->uri;
+       id_uri = pjsip_uri_get_uri(id_name_addr->uri);
+
+       if (id->name.valid) {
+               if (!ast_strlen_zero(id->name.str)) {
+                       int name_buf_len = strlen(id->name.str) * 2 + 1;
+                       char *name_buf = ast_alloca(name_buf_len);
+
+                       ast_escape_quoted(id->name.str, name_buf, name_buf_len);
+                       pj_strdup2(pool, &id_name_addr->display, name_buf);
+               } else {
+                       pj_strdup2(pool, &id_name_addr->display, NULL);
+               }
+       }
+
+       if (id->number.valid) {
+               pj_strdup2(pool, &id_uri->user, id->number.str);
+       }
+}
+
+
 static void remove_request_headers(pjsip_endpoint *endpt)
 {
        const pjsip_hdr *request_headers = pjsip_endpt_get_request_headers(endpt);
@@ -3884,6 +4593,7 @@ long ast_sip_threadpool_queue_size(void)
        return ast_threadpool_queue_size(sip_threadpool);
 }
 
+#ifdef TEST_FRAMEWORK
 AST_TEST_DEFINE(xml_sanitization_end_null)
 {
        char sanitized[8];
@@ -3934,6 +4644,7 @@ AST_TEST_DEFINE(xml_sanitization_exceeds_buffer)
 
        return AST_TEST_PASS;
 }
+#endif
 
 /*!
  * \internal
@@ -3947,31 +4658,62 @@ static int reload_configuration_task(void *obj)
        return 0;
 }
 
-static int load_module(void)
+static int unload_pjsip(void *data)
 {
-       /* The third parameter is just copied from
-        * example code from PJLIB. This can be adjusted
-        * if necessary.
+       /*
+        * These calls need the pjsip endpoint and serializer to clean up.
+        * If they're not set, then there's nothing to clean up anyway.
         */
-       pj_status_t status;
-       struct ast_threadpool_options options;
+       if (ast_pjsip_endpoint && serializer_pool[0]) {
+               ast_res_pjsip_cleanup_options_handling();
+               ast_res_pjsip_cleanup_message_ip_updater();
+               ast_sip_destroy_distributor();
+               ast_res_pjsip_destroy_configuration();
+               ast_sip_destroy_system();
+               ast_sip_destroy_global_headers();
+               internal_sip_unregister_service(&supplement_module);
+               ast_sip_destroy_transport_events();
+       }
 
-       CHECK_PJPROJECT_MODULE_LOADED();
+       if (monitor_thread) {
+               stop_monitor_thread();
+               monitor_thread = NULL;
+       }
 
-       if (pj_init() != PJ_SUCCESS) {
-               return AST_MODULE_LOAD_DECLINE;
+       if (memory_pool) {
+               /* This mimics the behavior of pj_pool_safe_release
+                * which was introduced in pjproject 2.6.
+                */
+               pj_pool_t *temp_pool = memory_pool;
+
+               memory_pool = NULL;
+               pj_pool_release(temp_pool);
        }
 
-       if (pjlib_util_init() != PJ_SUCCESS) {
-               pj_shutdown();
-               return AST_MODULE_LOAD_DECLINE;
+       ast_pjsip_endpoint = NULL;
+
+       if (caching_pool.lock) {
+               pj_caching_pool_destroy(&caching_pool);
        }
 
+       pj_shutdown();
+
+       return 0;
+}
+
+static int load_pjsip(void)
+{
+       const unsigned int flags = 0; /* no port, no brackets */
+       pj_status_t status;
+
+       /* The third parameter is just copied from
+        * example code from PJLIB. This can be adjusted
+        * if necessary.
+        */
        pj_caching_pool_init(&caching_pool, NULL, 1024 * 1024);
        if (pjsip_endpt_create(&caching_pool.factory, "SIP", &ast_pjsip_endpoint) != PJ_SUCCESS) {
                ast_log(LOG_ERROR, "Failed to create PJSIP endpoint structure. Aborting load\n");
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
        /* PJSIP will automatically try to add a Max-Forwards header. Since we want to control that,
@@ -3982,88 +4724,110 @@ static int load_module(void)
        memory_pool = pj_pool_create(&caching_pool.factory, "SIP", 1024, 1024, NULL);
        if (!memory_pool) {
                ast_log(LOG_ERROR, "Failed to create memory pool for SIP. Aborting load\n");
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
        if (!pj_gethostip(pj_AF_INET(), &host_ip_ipv4)) {
-               pj_sockaddr_print(&host_ip_ipv4, host_ip_ipv4_string, sizeof(host_ip_ipv4_string), 2);
+               pj_sockaddr_print(&host_ip_ipv4, host_ip_ipv4_string, sizeof(host_ip_ipv4_string), flags);
                ast_verb(3, "Local IPv4 address determined to be: %s\n", host_ip_ipv4_string);
        }
 
        if (!pj_gethostip(pj_AF_INET6(), &host_ip_ipv6)) {
-               pj_sockaddr_print(&host_ip_ipv6, host_ip_ipv6_string, sizeof(host_ip_ipv6_string), 2);
+               pj_sockaddr_print(&host_ip_ipv6, host_ip_ipv6_string, sizeof(host_ip_ipv6_string), flags);
                ast_verb(3, "Local IPv6 address determined to be: %s\n", host_ip_ipv6_string);
        }
 
+       pjsip_tsx_layer_init_module(ast_pjsip_endpoint);
+       pjsip_ua_init_module(ast_pjsip_endpoint, NULL);
+
+       monitor_continue = 1;
+       status = pj_thread_create(memory_pool, "SIP", (pj_thread_proc *) &monitor_thread_exec,
+                       NULL, PJ_THREAD_DEFAULT_STACK_SIZE * 2, 0, &monitor_thread);
+       if (status != PJ_SUCCESS) {
+               ast_log(LOG_ERROR, "Failed to start SIP monitor thread. Aborting load\n");
+               goto error;
+       }
+
+       return AST_MODULE_LOAD_SUCCESS;
+
+error:
+       return AST_MODULE_LOAD_DECLINE;
+}
+
+/*
+ * This is a place holder function to ensure that pjmedia_strerr() is at
+ * least directly referenced by this module to ensure that the loader
+ * linker will link to the function.  If a module only indirectly
+ * references a function from another module, such as a callback parameter
+ * to a function, the loader linker has been known to miss the link.
+ */
+void never_called_res_pjsip(void);
+void never_called_res_pjsip(void)
+{
+       pjmedia_strerror(0, NULL, 0);
+}
+
+static int load_module(void)
+{
+       struct ast_threadpool_options options;
+
+       CHECK_PJPROJECT_MODULE_LOADED();
+
+       /* pjproject and config_system need to be initialized before all else */
+       if (pj_init() != PJ_SUCCESS) {
+               return AST_MODULE_LOAD_DECLINE;
+       }
+
+       if (pjlib_util_init() != PJ_SUCCESS) {
+               goto error;
+       }
+
+       /* Register PJMEDIA error codes for SDP parsing errors */
+       if (pj_register_strerror(PJMEDIA_ERRNO_START, PJ_ERRNO_SPACE_SIZE, pjmedia_strerror)
+               != PJ_SUCCESS) {
+               ast_log(LOG_WARNING, "Failed to register pjmedia error codes.  Codes will not be decoded.\n");
+       }
+
        if (ast_sip_initialize_system()) {
                ast_log(LOG_ERROR, "Failed to initialize SIP 'system' configuration section. Aborting load\n");
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
+       /* The serializer needs threadpool and threadpool needs pjproject to be initialized so it's next */
        sip_get_threadpool_options(&options);
        options.thread_start = sip_thread_start;
        sip_threadpool = ast_threadpool_create("SIP", NULL, &options);
        if (!sip_threadpool) {
-               ast_log(LOG_ERROR, "Failed to create SIP threadpool. Aborting load\n");
-               ast_sip_destroy_system();
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
        if (serializer_pool_setup()) {
                ast_log(LOG_ERROR, "Failed to create SIP serializer pool. Aborting load\n");
-               ast_threadpool_shutdown(sip_threadpool);
-               ast_sip_destroy_system();
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
-       pjsip_tsx_layer_init_module(ast_pjsip_endpoint);
-       pjsip_ua_init_module(ast_pjsip_endpoint, NULL);
+       if (ast_sip_initialize_scheduler()) {
+               ast_log(LOG_ERROR, "Failed to start scheduler. Aborting load\n");
+               goto error;
+       }
 
-       monitor_continue = 1;
-       status = pj_thread_create(memory_pool, "SIP", (pj_thread_proc *) &monitor_thread_exec,
-                       NULL, PJ_THREAD_DEFAULT_STACK_SIZE * 2, 0, &monitor_thread);
-       if (status != PJ_SUCCESS) {
-               ast_log(LOG_ERROR, "Failed to start SIP monitor thread. Aborting load\n");
-               ast_sip_destroy_system();
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+       /* Now load all the pjproject infrastructure. */
+       if (load_pjsip()) {
+               goto error;
        }
 
+       if (ast_sip_initialize_transport_events()) {
+               ast_log(LOG_ERROR, "Failed to initialize SIP transport monitor. Aborting load\n");
+               goto error;
+       }
+
+       ast_sip_initialize_dns();
+
        ast_sip_initialize_global_headers();
 
        if (ast_res_pjsip_initialize_configuration()) {
                ast_log(LOG_ERROR, "Failed to initialize SIP configuration. Aborting load\n");
-               ast_sip_destroy_global_headers();
-               stop_monitor_thread();
-               ast_sip_destroy_system();
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
        ast_sip_initialize_resolver();
@@ -4071,34 +4835,21 @@ static int load_module(void)
 
        if (ast_sip_initialize_distributor()) {
                ast_log(LOG_ERROR, "Failed to register distributor module. Aborting load\n");
-               ast_res_pjsip_destroy_configuration();
-               ast_sip_destroy_global_headers();
-               stop_monitor_thread();
-               ast_sip_destroy_system();
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
        if (internal_sip_register_service(&supplement_module)) {
                ast_log(LOG_ERROR, "Failed to initialize supplement hooks. Aborting load\n");
-               ast_sip_destroy_distributor();
-               ast_res_pjsip_destroy_configuration();
-               ast_sip_destroy_global_headers();
-               stop_monitor_thread();
-               ast_sip_destroy_system();
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-               pjsip_endpt_destroy(ast_pjsip_endpoint);
-               ast_pjsip_endpoint = NULL;
-               pj_caching_pool_destroy(&caching_pool);
-               return AST_MODULE_LOAD_DECLINE;
+               goto error;
        }
 
        ast_res_pjsip_init_options_handling(0);
+
+       if (ast_res_pjsip_init_message_ip_updater()) {
+               ast_log(LOG_ERROR, "Failed to initialize message IP updating. Aborting load\n");
+               goto error;
+       }
+
        ast_cli_register_multiple(cli_commands, ARRAY_LEN(cli_commands));
 
        AST_TEST_REGISTER(xml_sanitization_end_null);
@@ -4107,6 +4858,16 @@ static int load_module(void)
        ast_pjproject_ref();
 
        return AST_MODULE_LOAD_SUCCESS;
+
+error:
+       unload_pjsip(NULL);
+
+       /* These functions all check for NULLs and are safe to call at any time */
+       ast_sip_destroy_scheduler();
+       serializer_pool_shutdown();
+       ast_threadpool_shutdown(sip_threadpool);
+
+       return AST_MODULE_LOAD_DECLINE;
 }
 
 static int reload_module(void)
@@ -4123,42 +4884,20 @@ static int reload_module(void)
        return 0;
 }
 
-static int unload_pjsip(void *data)
-{
-       ast_cli_unregister_multiple(cli_commands, ARRAY_LEN(cli_commands));
-       ast_res_pjsip_cleanup_options_handling();
-       ast_sip_destroy_distributor();
-       ast_res_pjsip_destroy_configuration();
-       ast_sip_destroy_system();
-       ast_sip_destroy_global_headers();
-       internal_sip_unregister_service(&supplement_module);
-       if (monitor_thread) {
-               stop_monitor_thread();
-       }
-       if (memory_pool) {
-               pj_pool_release(memory_pool);
-               memory_pool = NULL;
-       }
-       ast_pjsip_endpoint = NULL;
-       pj_caching_pool_destroy(&caching_pool);
-       pj_shutdown();
-       return 0;
-}
-
 static int unload_module(void)
 {
        AST_TEST_UNREGISTER(xml_sanitization_end_null);
        AST_TEST_UNREGISTER(xml_sanitization_exceeds_buffer);
+       ast_cli_unregister_multiple(cli_commands, ARRAY_LEN(cli_commands));
 
        /* The thread this is called from cannot call PJSIP/PJLIB functions,
         * so we have to push the work to the threadpool to handle
         */
        ast_sip_push_task_synchronous(NULL, unload_pjsip, NULL);
-
+       ast_sip_destroy_scheduler();
        serializer_pool_shutdown();
        ast_threadpool_shutdown(sip_threadpool);
 
-       ast_sip_destroy_cli();
        ast_pjproject_unref();
 
        return 0;