[asterisk-bugs] [JIRA] (ASTERISK-27472) 401 Unauthorized from INVITE not generating security event
Joshua Colp (JIRA)
noreply at issues.asterisk.org
Fri Dec 22 08:21:42 CST 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-27472?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joshua Colp updated ASTERISK-27472:
-----------------------------------
Assignee: Michelle Dupuis
Status: Waiting for Feedback (was: Triage)
The message you are referring to is a challenge for authentication and not a failure itself. The closest security event type would be AST_SECURITY_EVENT_CHAL_SENT which is purely informational, and indeed it is not implemented by chan_sip. If they attempted authentication using the challenge and that failed a security event would get raised. Since this was merely a challenge I don't see this as a critical severity that it is missing.
Raising this would be a useful improvement though. Is this something you would be interested in doing?
> 401 Unauthorized from INVITE not generating security event
> ----------------------------------------------------------
>
> Key: ASTERISK-27472
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-27472
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/General, Channels/chan_sip/Security Framework
> Affects Versions: 13.7.2
> Environment: CentOS 7
> Reporter: Michelle Dupuis
> Assignee: Michelle Dupuis
> Severity: Minor
>
> Using 'set sip debug on' I can watch the SIP traffic to/from the PBX. I also have another monitor open showing security events from the AMI. I can confirm that failed registration attempts correctly raising security events, but one type of failed SIP transaction is showing 401 Unauthorized in the CLI, but NO security event in the AMI. See Notes below for an example SIP trace that is NOT raising a security event.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list