diff options
author | Corey Farrell <git@cfware.com> | 2016-10-06 02:29:21 -0400 |
---|---|---|
committer | Corey Farrell <git@cfware.com> | 2017-12-15 10:32:12 -0500 |
commit | e3bd95f55cfc3e4b131c4bd8f9464d7d67bb4cb2 (patch) | |
tree | b098498d993e2db128a618f0a5d61128a2f1b3c3 | |
parent | 7377927b18118fcf5307e565daa3cb8dd819e26e (diff) |
chan_sip: Add security event for calls to invalid extension.
Log a message to security events when an INVITE is received to an
invalid extension.
ASTERISK-25869 #close
Change-Id: I0da40cd7c2206c825c2f0d4e172275df331fcc8f
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | channels/chan_sip.c | 1 |
2 files changed, 6 insertions, 0 deletions
@@ -21,6 +21,11 @@ Core Asterisk is compiled with the LOW_MEMORY compile time option enabled because the cache code does not exist. +chan_sip +------------------ + * Calls to invalid extensions are now reported as an ACL failure security event + "no_extension_match". + res_pjsip ------------------ * The "identify_by" on endpoints can now be set to "ip" to restrict an endpoint diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 9add42564..522e9d1d6 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -26405,6 +26405,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, str ast_log(LOG_NOTICE, "Call from '%s' (%s) to extension" " '%s' rejected because extension not found in context '%s'.\n", S_OR(p->username, p->peername), ast_sockaddr_stringify(&p->recv), decoded_exten, p->context); + sip_report_failed_acl(p, "no_extension_match"); } break; case SIP_GET_DEST_REFUSED: |