Asterisk - The Open Source Telephony Project  21.4.1
Macros | Enumerations | Functions | Variables
main/security_events.c File Reference

Security Event Reporting Helpers. More...

#include "asterisk.h"
#include "asterisk/utils.h"
#include "asterisk/strings.h"
#include "asterisk/network.h"
#include "asterisk/event.h"
#include "asterisk/security_events.h"
#include "asterisk/netsock2.h"
#include "asterisk/stasis.h"
#include "asterisk/json.h"
#include "asterisk/astobj2.h"

Go to the source code of this file.

Macros

#define MAX_SECURITY_IES   12
 
#define SEC_EVT_FIELD(e, field)   (offsetof(struct ast_security_event_##e, field))
 

Enumerations

enum  ie_required { NOT_REQUIRED, REQUIRED, NOT_REQUIRED, REQUIRED }
 

Functions

static int add_ip_json_object (struct ast_json *json, enum ast_event_ie_type ie_type, const struct ast_security_event_ip_addr *addr)
 
static int add_json_object (struct ast_json *json, const struct ast_security_event_common *sec, const struct ast_security_event_ie_type *ie_type, enum ie_required req)
 
static struct ast_jsonalloc_security_event_json_object (const struct ast_security_event_common *sec)
 
static int append_event_str_from_json (struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies)
 
static int append_event_str_single (struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type)
 
const char * ast_security_event_get_name (const enum ast_security_event_type event_type)
 Get the name of a security event sub-type. More...
 
const struct ast_security_event_ie_typeast_security_event_get_optional_ies (const enum ast_security_event_type event_type)
 Get the list of optional IEs for a given security event sub-type. More...
 
const struct ast_security_event_ie_typeast_security_event_get_required_ies (const enum ast_security_event_type event_type)
 Get the list of required IEs for a given security event sub-type. More...
 
int ast_security_event_report (const struct ast_security_event_common *sec)
 Report a security event. More...
 
const char * ast_security_event_severity_get_name (const enum ast_security_event_severity severity)
 Get the name of a security event severity. More...
 
int ast_security_stasis_init (void)
 initializes stasis topic/event types for ast_security_topic and ast_security_event_type More...
 
struct stasis_topicast_security_topic (void)
 A stasis_topic which publishes messages for security related issues. More...
 
static int check_event_type (const enum ast_security_event_type event_type)
 
static int handle_security_event (const struct ast_security_event_common *sec)
 
static struct ast_manager_event_blobsecurity_event_to_ami (struct stasis_message *message)
 
static struct ast_manager_event_blobsecurity_event_to_ami_blob (struct ast_json *json)
 
static void security_stasis_cleanup (void)
 
 STASIS_MESSAGE_TYPE_DEFN (ast_security_event_type,.to_ami=security_event_to_ami,)
 Message type for security events.
 

Variables

struct {
   const char *   name
 
   struct ast_security_event_ie_type   optional_ies [MAX_SECURITY_IES]
 
   struct ast_security_event_ie_type   required_ies [MAX_SECURITY_IES]
 
   enum ast_security_event_severity   severity
 
   uint32_t   version
 
sec_events [AST_SECURITY_EVENT_NUM_TYPES]
 
static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
 
static struct stasis_topicsecurity_topic
 Security Topic.
 
struct {
   enum ast_security_event_severity   severity
 
   const char *   str
 
severities []
 

Detailed Description

Security Event Reporting Helpers.

Author
Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com

Definition in file main/security_events.c.

Function Documentation

const char* ast_security_event_get_name ( const enum ast_security_event_type  event_type)

Get the name of a security event sub-type.

Parameters
[in]event_typesecurity event sub-type
Return values
NULLif event_type is invalid
non-NULLthe name of the security event type
Since
1.8

Definition at line 895 of file main/security_events.c.

Referenced by ast_security_event_report().

896 {
897  if (check_event_type(event_type)) {
898  return NULL;
899  }
900 
901  return sec_events[event_type].name;
902 }
const struct ast_security_event_ie_type* ast_security_event_get_optional_ies ( const enum ast_security_event_type  event_type)

Get the list of optional IEs for a given security event sub-type.

Parameters
[in]event_typesecurity event sub-type
Return values
NULLinvalid event_type
non-NULLAn array terminated with the value AST_EVENT_IE_END
Since
1.8

Definition at line 914 of file main/security_events.c.

916 {
917  if (check_event_type(event_type)) {
918  return NULL;
919  }
920 
921  return sec_events[event_type].optional_ies;
922 }
const struct ast_security_event_ie_type* ast_security_event_get_required_ies ( const enum ast_security_event_type  event_type)

Get the list of required IEs for a given security event sub-type.

Parameters
[in]event_typesecurity event sub-type
Return values
NULLinvalid event_type
non-NULLAn array terminated with the value AST_EVENT_IE_END
Since
1.8

Definition at line 904 of file main/security_events.c.

906 {
907  if (check_event_type(event_type)) {
908  return NULL;
909  }
910 
911  return sec_events[event_type].required_ies;
912 }
int ast_security_event_report ( const struct ast_security_event_common sec)

Report a security event.

Parameters
[in]secsecurity event data. Callers of this function should never declare an instance of ast_security_event_common directly. The argument should be an instance of a specific security event descriptor which has ast_security_event_common at the very beginning.
Return values
0success
non-zerofailure

Definition at line 1171 of file main/security_events.c.

References ast_security_event_get_name(), AST_SECURITY_EVENT_NUM_TYPES, ast_security_event_common::event_type, and ast_security_event_common::version.

Referenced by ast_sip_report_auth_challenge_sent(), ast_sip_report_auth_failed_challenge_response(), ast_sip_report_auth_success(), ast_sip_report_failed_acl(), ast_sip_report_invalid_endpoint(), ast_sip_report_mem_limit(), and ast_sip_report_req_no_support().

1172 {
1173  if ((unsigned int)sec->event_type >= AST_SECURITY_EVENT_NUM_TYPES) {
1174  ast_log(LOG_ERROR, "Invalid security event type\n");
1175  return -1;
1176  }
1177 
1178  if (!sec_events[sec->event_type].name) {
1179  ast_log(LOG_WARNING, "Security event type %u not handled\n",
1180  sec->event_type);
1181  return -1;
1182  }
1183 
1184  if (sec->version != sec_events[sec->event_type].version) {
1185  ast_log(LOG_WARNING, "Security event %u version mismatch\n",
1186  sec->event_type);
1187  return -1;
1188  }
1189 
1190  if (handle_security_event(sec)) {
1191  ast_log(LOG_ERROR, "Failed to issue security event of type %s.\n",
1193  }
1194 
1195  return 0;
1196 }
enum ast_security_event_type event_type
The security event sub-type.
uint32_t version
security event version
This must stay at the end.
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
const char* ast_security_event_severity_get_name ( const enum ast_security_event_severity  severity)

Get the name of a security event severity.

Parameters
[in]severitysecurity event severity
Return values
NULLif severity is invalid
non-NULLthe name of the security event severity
Since
1.8

Definition at line 871 of file main/security_events.c.

873 {
874  unsigned int i;
875 
876  for (i = 0; i < ARRAY_LEN(severities); i++) {
877  if (severities[i].severity == severity) {
878  return severities[i].str;
879  }
880  }
881 
882  return NULL;
883 }
int ast_security_stasis_init ( void  )

initializes stasis topic/event types for ast_security_topic and ast_security_event_type

Since
12
Return values
0on success
-1on failure

Definition at line 483 of file main/security_events.c.

References ast_register_cleanup(), STASIS_MESSAGE_TYPE_INIT, and stasis_topic_create().

484 {
485  ast_register_cleanup(security_stasis_cleanup);
486 
487  security_topic = stasis_topic_create("security:all");
488  if (!security_topic) {
489  return -1;
490  }
491 
493  return -1;
494  }
495 
496 
497  return 0;
498 }
ast_security_event_type
Security event types.
static struct stasis_topic * security_topic
Security Topic.
#define STASIS_MESSAGE_TYPE_INIT(name)
Boiler-plate messaging macro for initializing message types.
Definition: stasis.h:1493
int ast_register_cleanup(void(*func)(void))
Register a function to be executed before Asterisk gracefully exits.
Definition: clicompat.c:19
struct stasis_topic * stasis_topic_create(const char *name)
Create a new topic.
Definition: stasis.c:617
struct stasis_topic* ast_security_topic ( void  )

A stasis_topic which publishes messages for security related issues.

Since
12
Returns
stasis_topic for security related issues.
Return values
NULLon error

Definition at line 380 of file main/security_events.c.

References security_topic.

Referenced by manager_subscriptions_init(), and rtp_reload().

381 {
382  return security_topic;
383 }
static struct stasis_topic * security_topic
Security Topic.

Variable Documentation

const { ... } severities[]
Initial value:
= {
{ AST_SECURITY_EVENT_SEVERITY_INFO, "Informational" },
}
Informational event, not something that has gone wrong.