[asterisk-bugs] [JIRA] (ASTERISK-28444) chan_pjsip: Peer IP for SSL handshake errors not logged
Bernhard Schmidt (JIRA)
noreply at issues.asterisk.org
Tue Jun 11 16:32:47 CDT 2019
Bernhard Schmidt created ASTERISK-28444:
-------------------------------------------
Summary: chan_pjsip: Peer IP for SSL handshake errors not logged
Key: ASTERISK-28444
URL: https://issues.asterisk.org/jira/browse/ASTERISK-28444
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Channels/chan_pjsip
Affects Versions: 16.2.1
Environment: Debian Buster
Reporter: Bernhard Schmidt
Severity: Minor
When there is a SSL handshake error pjproject logs the reason through the Asterisk console/log, i.e.
{code}
[2019-05-18 23:59:52] WARNING[21669] pjproject: SSL SSL_ERROR_SSL (Handshake): Level: 0 err: <337260938> <SSL routines-tls_process_ske_dhe-dh key too small> len: 0
{code}
However, this does not include any indication for the peer that caused this issue (i.e. remote IP).
With the upcoming changes in newer OpenSSL versions (deprecation of small DH keys, deprecation of TLS < 1.2, deprecation of ciphers) these errors frequently scroll by without a decent way to pinpoint them to a specific peer.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list