diff options
author | Corey Farrell <git@cfware.com> | 2016-10-06 02:29:21 -0400 |
---|---|---|
committer | Corey Farrell <git@cfware.com> | 2017-12-15 10:32:04 -0500 |
commit | fc43371c0eb01c340f8020767c48f8a1cf71752d (patch) | |
tree | b8ea3f1e26e501581e8d71b9bc95996d23e82204 | |
parent | 76deae295f9d2d3a317eee3c4596fdcc5af794f8 (diff) |
chan_sip: Add security event for calls to invalid extension.
Log a message to security events when an INVITE is received to an
invalid extension.
ASTERISK-25869 #close
Change-Id: I0da40cd7c2206c825c2f0d4e172275df331fcc8f
-rw-r--r-- | CHANGES | 5 | ||||
-rw-r--r-- | channels/chan_sip.c | 1 |
2 files changed, 6 insertions, 0 deletions
@@ -21,6 +21,11 @@ Core Asterisk is compiled with the LOW_MEMORY compile time option enabled because the cache code does not exist. +chan_sip +------------------ + * Calls to invalid extensions are now reported as an ACL failure security event + "no_extension_match". + res_rtp_asterisk ------------------ * The X.509 certificate used for DTLS negotation can now be automatically diff --git a/channels/chan_sip.c b/channels/chan_sip.c index 4bae39da0..b0573002b 100644 --- a/channels/chan_sip.c +++ b/channels/chan_sip.c @@ -26460,6 +26460,7 @@ static int handle_request_invite(struct sip_pvt *p, struct sip_request *req, str ast_log(LOG_NOTICE, "Call from '%s' (%s) to extension" " '%s' rejected because extension not found in context '%s'.\n", S_OR(p->username, p->peername), ast_sockaddr_stringify(&p->recv), decoded_exten, p->context); + sip_report_failed_acl(p, "no_extension_match"); } break; case SIP_GET_DEST_REFUSED: |