BUG: Conference Bridge Pin Retry Limit?

My conference bridges presently loop indefinitely on invalid pin because of what looks like a bug in the code generation… notice how it increments PINCOUNT, makes sure it hasn’t exceeded 3, but in the end loops back an resets PINCOUNT to 0 again.

exten => 4373,n(READPIN),Set(PINCOUNT=0)
exten => 4373,n,Read(PIN,enter-conf-pin-number,,,,)
.
.
exten => 4373,n,Set(PINCOUNT=$[${PINCOUNT}+1])
exten => 4373,n,GotoIf($[${PINCOUNT}>3]?h,1)
exten => 4373,n,Playback(conf-invalidpin)
exten => 4373,n,Goto(READPIN)

This is FreePBX Distro 6.12.65-28. This is not the code I see being generated in other systems so I’m not sure why mine is like this?

So, it’s generating exactly what would be expected given /var/www/html/admin/modules/conferences/functions.inc.php, so that calls into question the version of this file?

//No pins set so ask the user now
$ext->add($contextname, $roomnum, 'READPIN', new ext_setvar('PINCOUNT','0'));
$ext->add($contextname, $roomnum, '', new ext_read('PIN','enter-conf-pin-number'));

// userpin -- must do always, otherwise if there is just an adminpin
// there would be no way to get to the conference !
$ext->add($contextname, $roomnum, '', new ext_gotoif('$[x${PIN} = x${DB(CONFERENCE/'.$roomnum.'/userpin)}]','USER'));
// admin pin -- exists
$ext->add($contextname, $roomnum, '', new ext_gotoif('$[x${PIN} = x${DB(CONFERENCE/'.$roomnum.'/adminpin)}]','ADMIN'));

// pin invalid
$ext->add($contextname, $roomnum, '', new ext_setvar('PINCOUNT','$[${PINCOUNT}+1]'));
$ext->add($contextname, $roomnum, '', new ext_gotoif('$[${PINCOUNT}>3]', "h,1"));
$ext->add($contextname, $roomnum, '', new ext_playback('conf-invalidpin'));
$ext->add($contextname, $roomnum, '', new ext_goto('READPIN'));

Actually, it looks like a recent bug in commit ec75713620b833dcb363d715884226dd4e50fd81.

FREEPBX-8539 move Conference settings from MySQL to Asterisk DB

-					$ext->add($contextname, $roomnum, 'READPIN', new ext_read('PIN','enter-conf-pin-number'));
+					//No pins set so ask the user now
+					$ext->add($contextname, $roomnum, 'READPIN', new ext_setvar('PINCOUNT','0'));
+					$ext->add($contextname, $roomnum, '', new ext_read('PIN','enter-conf-pin-number'));

Needless to say, this is a problem because without a limit people can run up your Toll Free bill and hack your conference bridge pin… which is how I noticed it!

See FREEPBX-9850

I’d recomend this as a fix:

288c288
<                                       $ext->add($contextname, $roomnum, 'RETRYPIN', new ext_read('PIN','enter-conf-pin-number'));
---
>                                       $ext->add($contextname, $roomnum, '', new ext_read('PIN','enter-conf-pin-number'));
300c300
<                                       $ext->add($contextname, $roomnum, '', new ext_goto('RETRYPIN'));
---
>                                       $ext->add($contextname, $roomnum, '', new ext_goto('READPIN'));

This has been addressed in conferences v13.0.4 and conferences v12.0.16