[Asterisk-code-review] res pjsip: Endpoint IP Access Controls (asterisk[13])
Joshua Colp
asteriskteam at digium.com
Thu May 12 09:17:03 CDT 2016
Joshua Colp has posted comments on this change.
Change subject: res_pjsip: Endpoint IP Access Controls
......................................................................
Patch Set 4:
(1 comment)
https://gerrit.asterisk.org/#/c/2551/4/res/res_pjsip/pjsip_distributor.c
File res/res_pjsip/pjsip_distributor.c:
PS4, Line 518: if (endpoint!=artificial_endpoint) {
: log_failed_request(rdata, "Failed to authenticate");
: ast_sip_report_auth_failed_challenge_response(endpoint, rdata);
: }
: pjsip_endpt_send_response2(ast_sip_get_pjsip_endpoint(), rdata, tdata, NULL, NULL);
: return PJ_TRUE;
: case AST_SIP_AUTHENTICATION_ERROR:
: if (endpoint!=artificial_endpoint) {
: log_failed_request(rdata, "Error to authenticate");
: ast_sip_report_auth_failed_challenge_response(endpoint, rdata);
: }
> What exactly do not you like about these changes?
In your previous patch you changed the behavior so that the log and security event only occurred if a legit endpoint was used. This differed from the existing behavior and would make it so if your system was being scanned you may not even know about it.
--
To view, visit https://gerrit.asterisk.org/2551
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I456dea3909d929d413864fb347d28578415ebf02
Gerrit-PatchSet: 4
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Alexei Gradinari <alex2grad at gmail.com>
Gerrit-Reviewer: Alexei Gradinari <alex2grad at gmail.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Matt Jordan <mjordan at digium.com>
Gerrit-HasComments: Yes
More information about the asterisk-code-review
mailing list