[asterisk-bugs] [JIRA] (ASTERISK-28444) chan_pjsip: Peer IP for SSL handshake errors not logged
Asterisk Team (JIRA)
noreply at issues.asterisk.org
Thu Jul 18 06:24:49 CDT 2019
[ https://issues.asterisk.org/jira/browse/ASTERISK-28444?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Asterisk Team updated ASTERISK-28444:
-------------------------------------
Target Release Version/s: 16.5.0
> chan_pjsip: Peer IP for SSL handshake errors not logged
> -------------------------------------------------------
>
> Key: ASTERISK-28444
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-28444
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_pjsip
> Affects Versions: 16.2.1
> Environment: Debian Buster
> Reporter: Bernhard Schmidt
> Assignee: George Joseph
> Severity: Minor
> Labels: pjsip
> Target Release: 13.28.0, 16.5.0
>
>
> When there is a SSL handshake error pjproject logs the reason through the Asterisk console/log, i.e.
> {code}
> [2019-05-18 23:59:52] WARNING[21669] pjproject: SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <337260938> <SSL routines-tls_process_ske_dhe-dh key too small> len: 0
> {code}
> However, this does not include any indication for the peer that caused this issue (i.e. remote IP).
> With the upcoming changes in newer OpenSSL versions (deprecation of small DH keys, deprecation of TLS < 1.2, deprecation of ciphers) these errors frequently scroll by without a decent way to pinpoint them to a specific peer.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list