[asterisk-bugs] [JIRA] (ASTERISK-25320) chan_sip.c: sip_report_security_event searches for wrong or non existent peer on invite
Kevin Harwell (JIRA)
noreply at issues.asterisk.org
Wed Aug 12 12:52:33 CDT 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-25320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Harwell updated ASTERISK-25320:
-------------------------------------
Status: Open (was: Triage)
> chan_sip.c: sip_report_security_event searches for wrong or non existent peer on invite
> ---------------------------------------------------------------------------------------
>
> Key: ASTERISK-25320
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25320
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/Security Framework
> Reporter: Kevin Harwell
> Assignee: Kevin Harwell
> Severity: Minor
>
> In chan_sip, after handling an incoming invite a security event is raised describing authorization (success, failure, etc...). However, it is doing a lookup of the peer by extension. This is fine for register messages, but in the case of an invite it may search and find the wrong peer, or a non existent one (for instance, in the case of call pickup). If the peers are configured through realtime this may also cause an unnecessary database lookup when caching is enabled.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list