31 #include "asterisk/res_pjsip.h"
34 static enum ast_transport security_event_get_transport(pjsip_rx_data *rdata)
36 if (rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_UDP ||
37 rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_UDP6) {
38 return AST_TRANSPORT_UDP;
39 }
else if (rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TCP ||
40 rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TCP6) {
41 return AST_TRANSPORT_TCP;
42 }
else if (rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TLS ||
43 rdata->tp_info.transport->key.type == PJSIP_TRANSPORT_TLS6) {
44 return AST_TRANSPORT_TLS;
45 }
else if (!strcasecmp(rdata->tp_info.transport->type_name,
"WS")) {
46 return AST_TRANSPORT_WS;
47 }
else if (!strcasecmp(rdata->tp_info.transport->type_name,
"WSS")) {
48 return AST_TRANSPORT_WSS;
54 static void security_event_populate(pjsip_rx_data *rdata,
char *call_id,
size_t call_id_size,
struct ast_sockaddr *local,
struct ast_sockaddr *remote)
56 char host[NI_MAXHOST];
58 ast_copy_pj_str(call_id, &rdata->msg_info.cid->id, call_id_size);
60 ast_copy_pj_str(host, &rdata->tp_info.transport->local_name.host,
sizeof(host));
77 enum ast_transport transport = security_event_get_transport(rdata);
78 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
84 .common.service =
"PJSIP",
85 .common.account_id = name,
86 .common.local_addr = {
88 .transport = transport,
90 .common.remote_addr = {
92 .transport = transport,
94 .common.session_id = call_id,
97 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
104 enum ast_transport transport = security_event_get_transport(rdata);
105 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
111 .common.service =
"PJSIP",
112 .common.account_id = get_account_id(endpoint),
113 .common.local_addr = {
115 .transport = transport,
117 .common.remote_addr = {
119 .transport = transport,
121 .common.session_id = call_id,
125 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
132 pjsip_authorization_hdr *auth = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_AUTHORIZATION, NULL);
133 enum ast_transport transport = security_event_get_transport(rdata);
134 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
135 char nonce[64] =
"", response[256] =
"";
141 .common.service =
"PJSIP",
142 .common.account_id = get_account_id(endpoint),
143 .common.local_addr = {
145 .transport = transport,
147 .common.remote_addr = {
149 .transport = transport,
151 .common.session_id = call_id,
155 .expected_response =
"",
158 if (auth && !pj_strcmp2(&auth->scheme,
"Digest")) {
159 ast_copy_pj_str(nonce, &auth->credential.digest.nonce,
sizeof(nonce));
160 ast_copy_pj_str(
response, &auth->credential.digest.response,
sizeof(
response));
163 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
170 pjsip_authorization_hdr *auth = pjsip_msg_find_hdr(rdata->msg_info.msg, PJSIP_H_AUTHORIZATION, NULL);
171 enum ast_transport transport = security_event_get_transport(rdata);
172 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
178 .common.service =
"PJSIP",
179 .common.account_id = get_account_id(endpoint),
180 .common.local_addr = {
182 .transport = transport,
184 .common.remote_addr = {
186 .transport = transport,
188 .common.session_id = call_id,
189 .using_password = auth ? 1 : 0,
192 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
199 pjsip_www_authenticate_hdr *auth = pjsip_msg_find_hdr(tdata->msg, PJSIP_H_WWW_AUTHENTICATE, NULL);
200 enum ast_transport transport = security_event_get_transport(rdata);
201 char nonce[64] =
"", call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
207 .common.service =
"PJSIP",
208 .common.account_id = get_account_id(endpoint),
209 .common.local_addr = {
211 .transport = transport,
213 .common.remote_addr = {
215 .transport = transport,
217 .common.session_id = call_id,
221 if (auth && !pj_strcmp2(&auth->scheme,
"digest")) {
222 ast_copy_pj_str(nonce, &auth->challenge.digest.nonce,
sizeof(nonce));
225 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
231 const char* req_type)
233 enum ast_transport transport = security_event_get_transport(rdata);
234 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
240 .common.service =
"PJSIP",
241 .common.account_id = get_account_id(endpoint),
242 .common.local_addr = {
244 .transport = transport,
246 .common.remote_addr = {
248 .transport = transport,
250 .common.session_id = call_id,
251 .request_type = req_type
254 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
261 enum ast_transport transport = security_event_get_transport(rdata);
262 char call_id[pj_strlen(&rdata->msg_info.cid->id) + 1];
268 .common.service =
"PJSIP",
269 .common.account_id = get_account_id(endpoint),
270 .common.local_addr = {
272 .transport = transport,
274 .common.remote_addr = {
276 .transport = transport,
278 .common.session_id = call_id
281 security_event_populate(rdata, call_id,
sizeof(call_id), &local, &remote);
void ast_sip_report_auth_failed_challenge_response(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when a challenge response has failed.
int ast_security_event_report(const struct ast_security_event_common *sec)
Report a security event.
struct ast_security_event_common common
Common security event descriptor elements.
enum ast_security_event_type event_type
The security event sub-type.
Security Event Reporting API.
Asterisk main include file. File version handling, generic pbx functions.
FYI FWIW, Successful authentication has occurred.
int ast_sockaddr_parse(struct ast_sockaddr *addr, const char *str, int flags)
Parse an IPv4 or IPv6 address string.
#define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION
Event descriptor version.
void ast_sip_report_auth_success(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when authentication succeeds.
An attempt at challenge/response auth failed.
#define AST_SECURITY_EVENT_CHAL_SENT_VERSION
Event descriptor version.
Request denied because we don't support it.
Checking against an IP access control list failed.
struct ast_security_event_common common
Common security event descriptor elements.
A challenge was sent out.
const char * response
Response received.
void ast_sip_report_req_no_support(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, const char *req_type)
Send a security event notification for when a request is not supported.
struct ast_security_event_common common
Common security event descriptor elements.
#define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION
Event descriptor version.
Socket address structure.
void ast_sip_report_auth_challenge_sent(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, pjsip_tx_data *tdata)
Send a security event notification for when an authentication challenge is sent.
Successful authentication.
#define AST_SECURITY_EVENT_FAILED_ACL_VERSION
Event descriptor version.
const char * ast_sorcery_object_get_id(const void *object)
Get the unique identifier of a sorcery object.
Challenge was sent out, informational.
struct ast_security_event_common common
Common security event descriptor elements.
An entity with which Asterisk communicates.
#define AST_SECURITY_EVENT_MEM_LIMIT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION
Event descriptor version.
Request denied because of a memory limit.
#define ast_sockaddr_set_port(addr, port)
Sets the port number of a socket address.
struct ast_security_event_common common
Common security event descriptor elements.
An attempt at challenge/response authentication failed.
void ast_sip_report_failed_acl(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata, const char *name)
Send a security event notification for when an ACL check fails.
struct ast_security_event_common common
Common security event descriptor elements.
Invalid account ID specified (invalid username, for example)
struct ast_security_event_common common
Common security event descriptor elements.
void ast_sip_report_mem_limit(struct ast_sip_endpoint *endpoint, pjsip_rx_data *rdata)
Send a security event notification for when a memory limit is hit.
void ast_sip_report_invalid_endpoint(const char *name, pjsip_rx_data *rdata)
Send a security event notification for when an invalid endpoint is requested.
#define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION
Event descriptor version.
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
A request was made that we understand, but do not support.