375 static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256;
385 static int append_event_str_single(
struct ast_str **str,
struct ast_json *json,
402 static int append_event_str_from_json(
struct ast_str **str,
struct ast_json *json,
412 if (append_event_str_single(str, json, ies[i].ie_type)) {
435 if (append_event_str_from_json(&str, json,
437 ast_log(AST_LOG_ERROR,
"Failed to issue a security event to AMI: "
438 "error occurred when adding required event fields.\n");
442 if (append_event_str_from_json(&str, json,
444 ast_log(AST_LOG_ERROR,
"Failed to issue a security event to AMI: "
445 "error occurred when adding optional event fields.\n");
467 return security_event_to_ami_blob(payload->json);
472 .to_ami = security_event_to_ami,
475 static void security_stasis_cleanup(
void)
477 ao2_cleanup(security_topic);
478 security_topic = NULL;
488 if (!security_topic) {
500 static const struct {
504 #define MAX_SECURITY_IES 12
507 #undef MAX_SECURITY_IES
510 #define SEC_EVT_FIELD(e, field) (offsetof(struct ast_security_event_##e, field))
517 { AST_EVENT_IE_EVENT_TV, 0 },
518 { AST_EVENT_IE_SEVERITY, 0 },
519 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
520 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
521 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
522 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
523 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
524 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
528 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
529 { AST_EVENT_IE_ACL_NAME, SEC_EVT_FIELD(failed_acl, acl_name) },
530 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
536 .name =
"InvalidAccountID",
540 { AST_EVENT_IE_EVENT_TV, 0 },
541 { AST_EVENT_IE_SEVERITY, 0 },
542 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
543 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
544 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
545 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
546 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
547 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
551 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
552 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
558 .name =
"SessionLimit",
562 { AST_EVENT_IE_EVENT_TV, 0 },
563 { AST_EVENT_IE_SEVERITY, 0 },
564 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
565 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
566 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
567 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
568 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
569 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
573 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
574 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
580 .name =
"MemoryLimit",
584 { AST_EVENT_IE_EVENT_TV, 0 },
585 { AST_EVENT_IE_SEVERITY, 0 },
586 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
587 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
588 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
589 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
590 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
591 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
595 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
596 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
602 .name =
"LoadAverageLimit",
606 { AST_EVENT_IE_EVENT_TV, 0 },
607 { AST_EVENT_IE_SEVERITY, 0 },
608 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
609 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
610 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
611 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
612 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
613 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
617 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
618 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
624 .name =
"RequestNotSupported",
628 { AST_EVENT_IE_EVENT_TV, 0 },
629 { AST_EVENT_IE_SEVERITY, 0 },
630 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
631 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
632 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
633 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
634 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
635 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
636 { AST_EVENT_IE_REQUEST_TYPE, SEC_EVT_FIELD(req_no_support, request_type) },
640 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
641 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
647 .name =
"RequestNotAllowed",
651 { AST_EVENT_IE_EVENT_TV, 0 },
652 { AST_EVENT_IE_SEVERITY, 0 },
653 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
654 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
655 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
656 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
657 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
658 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
659 { AST_EVENT_IE_REQUEST_TYPE, SEC_EVT_FIELD(req_not_allowed, request_type) },
663 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
664 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
665 { AST_EVENT_IE_REQUEST_PARAMS, SEC_EVT_FIELD(req_not_allowed, request_params) },
671 .name =
"AuthMethodNotAllowed",
675 { AST_EVENT_IE_EVENT_TV, 0 },
676 { AST_EVENT_IE_SEVERITY, 0 },
677 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
678 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
679 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
680 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
681 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
682 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
683 { AST_EVENT_IE_AUTH_METHOD, SEC_EVT_FIELD(auth_method_not_allowed, auth_method) },
687 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
688 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
694 .name =
"RequestBadFormat",
698 { AST_EVENT_IE_EVENT_TV, 0 },
699 { AST_EVENT_IE_SEVERITY, 0 },
700 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
701 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
702 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
703 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
704 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
705 { AST_EVENT_IE_REQUEST_TYPE, SEC_EVT_FIELD(req_bad_format, request_type) },
709 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
710 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
711 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
712 { AST_EVENT_IE_REQUEST_PARAMS, SEC_EVT_FIELD(req_bad_format, request_params) },
718 .name =
"SuccessfulAuth",
722 { AST_EVENT_IE_EVENT_TV, 0 },
723 { AST_EVENT_IE_SEVERITY, 0 },
724 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
725 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
726 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
727 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
728 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
729 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
730 { AST_EVENT_IE_USING_PASSWORD, SEC_EVT_FIELD(successful_auth, using_password) },
734 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
735 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
741 .name =
"UnexpectedAddress",
745 { AST_EVENT_IE_EVENT_TV, 0 },
746 { AST_EVENT_IE_SEVERITY, 0 },
747 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
748 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
749 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
750 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
751 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
752 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
753 { AST_EVENT_IE_EXPECTED_ADDR, SEC_EVT_FIELD(unexpected_addr, expected_addr) },
757 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
758 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
764 .name =
"ChallengeResponseFailed",
768 { AST_EVENT_IE_EVENT_TV, 0 },
769 { AST_EVENT_IE_SEVERITY, 0 },
770 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
771 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
772 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
773 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
774 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
775 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
776 { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(chal_resp_failed, challenge) },
777 { AST_EVENT_IE_RESPONSE, SEC_EVT_FIELD(chal_resp_failed, response) },
778 { AST_EVENT_IE_EXPECTED_RESPONSE, SEC_EVT_FIELD(chal_resp_failed, expected_response) },
782 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
783 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
789 .name =
"InvalidPassword",
793 { AST_EVENT_IE_EVENT_TV, 0 },
794 { AST_EVENT_IE_SEVERITY, 0 },
795 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
796 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
797 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
798 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
799 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
800 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
804 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
805 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
806 { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(inval_password, challenge) },
807 { AST_EVENT_IE_RECEIVED_CHALLENGE, SEC_EVT_FIELD(inval_password, received_challenge) },
808 { AST_EVENT_IE_RECEIVED_HASH, SEC_EVT_FIELD(inval_password, received_hash) },
814 .name =
"ChallengeSent",
818 { AST_EVENT_IE_EVENT_TV, 0 },
819 { AST_EVENT_IE_SEVERITY, 0 },
820 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
821 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
822 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
823 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
824 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
825 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
826 { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(chal_sent, challenge) },
830 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
831 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
837 .name =
"InvalidTransport",
841 { AST_EVENT_IE_EVENT_TV, 0 },
842 { AST_EVENT_IE_SEVERITY, 0 },
843 { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) },
844 { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) },
845 { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) },
846 { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
847 { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
848 { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
849 { AST_EVENT_IE_ATTEMPTED_TRANSPORT, SEC_EVT_FIELD(inval_transport, transport) },
853 { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
854 { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
863 static const struct {
876 for (i = 0; i < ARRAY_LEN(severities); i++) {
877 if (severities[i].severity == severity) {
878 return severities[i].str;
888 ast_log(LOG_ERROR,
"Invalid security event type %u\n", event_type);
897 if (check_event_type(event_type)) {
901 return sec_events[event_type].name;
907 if (check_event_type(event_type)) {
911 return sec_events[event_type].required_ies;
917 if (check_event_type(event_type)) {
921 return sec_events[event_type].optional_ies;
947 switch (ie_type->ie_type) {
948 case AST_EVENT_IE_SERVICE:
949 case AST_EVENT_IE_ACCOUNT_ID:
950 case AST_EVENT_IE_SESSION_ID:
951 case AST_EVENT_IE_MODULE:
952 case AST_EVENT_IE_ACL_NAME:
953 case AST_EVENT_IE_REQUEST_TYPE:
954 case AST_EVENT_IE_REQUEST_PARAMS:
955 case AST_EVENT_IE_AUTH_METHOD:
956 case AST_EVENT_IE_CHALLENGE:
957 case AST_EVENT_IE_RESPONSE:
958 case AST_EVENT_IE_EXPECTED_RESPONSE:
959 case AST_EVENT_IE_RECEIVED_CHALLENGE:
960 case AST_EVENT_IE_RECEIVED_HASH:
961 case AST_EVENT_IE_ATTEMPTED_TRANSPORT:
966 str = *((
const char **)(((
const char *) sec) + ie_type->
offset));
969 ast_log(LOG_WARNING,
"Required IE '%d' (%s) for security event "
970 "type '%u' (%s) not present\n", ie_type->ie_type,
990 case AST_EVENT_IE_EVENT_VERSION:
991 case AST_EVENT_IE_USING_PASSWORD:
995 val = *((
const uint32_t *)(((
const char *) sec) + ie_type->
offset));
1006 case AST_EVENT_IE_LOCAL_ADDR:
1007 case AST_EVENT_IE_REMOTE_ADDR:
1008 case AST_EVENT_IE_EXPECTED_ADDR:
1014 if (req && !addr->addr) {
1015 ast_log(LOG_WARNING,
"Required IE '%d' (%s) for security event "
1016 "type '%u' (%s) not present\n", ie_type->ie_type,
1023 res = add_ip_json_object(json, ie_type->ie_type, addr);
1028 case AST_EVENT_IE_SESSION_TV:
1030 const struct timeval *tval;
1032 tval = *((
const struct timeval **)(((
const char *) sec) + ie_type->
offset));
1035 ast_log(LOG_WARNING,
"Required IE '%d' (%s) for security event "
1036 "type '%u' (%s) not present\n", ie_type->ie_type,
1053 case AST_EVENT_IE_EVENT_TV:
1054 case AST_EVENT_IE_SEVERITY:
1058 ast_log(LOG_WARNING,
"Unhandled IE type '%d' (%s), this security event "
1059 "will be missing data.\n", ie_type->ie_type,
1070 const char *severity_str;
1105 severity_str =
S_OR(
1131 json_object = alloc_security_event_json_object(sec);
1139 if (add_json_object(json_object, sec, ies + i, REQUIRED)) {
1147 if (add_json_object(json_object, sec, ies + i, NOT_REQUIRED)) {
1174 ast_log(LOG_ERROR,
"Invalid security event type\n");
1179 ast_log(LOG_WARNING,
"Security event type %u not handled\n",
1185 ast_log(LOG_WARNING,
"Security event %u version mismatch\n",
1190 if (handle_security_event(sec)) {
1191 ast_log(LOG_ERROR,
"Failed to issue security event of type %s.\n",
Struct containing info for an AMI event to send out.
ast_security_event_severity
the severity of a security event
An attempt at basic password authentication failed.
struct ast_json * ast_json_ref(struct ast_json *value)
Increase refcount on value.
enum ast_security_event_type event_type
The security event sub-type.
Security Event Reporting API.
Asterisk main include file. File version handling, generic pbx functions.
ast_security_event_type
Security event types.
FYI FWIW, Successful authentication has occurred.
String manipulation functions.
struct ast_json_payload * ast_json_payload_create(struct ast_json *json)
Create an ao2 object to pass json blobs as data payloads for stasis.
#define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION
Event descriptor version.
void ast_json_unref(struct ast_json *value)
Decrease refcount on value. If refcount reaches zero, value is freed.
static struct stasis_topic * security_topic
Security Topic.
#define STASIS_MESSAGE_TYPE_INIT(name)
Boiler-plate messaging macro for initializing message types.
Stasis Message Bus API. See Stasis Message Bus API for detailed documentation.
const char * service
Service that generated the event.
char * ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
#define AST_SECURITY_EVENT_CHAL_SENT_VERSION
Event descriptor version.
#define STASIS_MESSAGE_TYPE_CLEANUP(name)
Boiler-plate messaging macro for cleaning up message types.
struct stasis_message_type * stasis_message_type(const struct stasis_message *msg)
Get the message type for a stasis_message.
struct ast_json * ast_json_stringf(const char *format,...)
Create a JSON string, printf style.
size_t offset
For internal usage.
The attempted authentication method is not allowed.
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
struct timeval ast_tvnow(void)
Returns current timeval. Meant to replace calls to gettimeofday().
const char * ast_security_event_severity_get_name(const enum ast_security_event_severity severity)
Get the name of a security event severity.
Common structure elements.
A request was made that is not allowed.
#define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION
Event descriptor version.
An unexpected source address was seen for a session in progress.
uint32_t version
security event version
#define AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION
Event descriptor version.
struct ast_manager_event_blob * ast_manager_event_blob_create(int event_flags, const char *manager_event, const char *extra_fields_fmt,...)
Construct a ast_manager_event_blob.
Informational event, not something that has gone wrong.
int ast_json_object_set(struct ast_json *object, const char *key, struct ast_json *value)
Set a field in a JSON object.
const struct ast_security_event_ie_type * ast_security_event_get_required_ies(const enum ast_security_event_type event_type)
Get the list of required IEs for a given security event sub-type.
ast_event_ie_type
Event Information Element types.
STASIS_MESSAGE_TYPE_DEFN(ast_security_event_type,.to_ami=security_event_to_ami,)
Message type for security events.
Asterisk JSON abstraction layer.
int ast_register_cleanup(void(*func)(void))
Register a function to be executed before Asterisk gracefully exits.
struct ast_json * ast_json_string_create(const char *value)
Construct a JSON string from value.
Request received with bad formatting.
#define AST_SECURITY_EVENT_FAILED_ACL_VERSION
Event descriptor version.
const char * ast_json_string_get(const struct ast_json *string)
Get the value of a JSON string.
Challenge was sent out, informational.
struct stasis_topic * stasis_topic_create(const char *name)
Create a new topic.
#define AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_MEM_LIMIT_VERSION
Event descriptor version.
struct ast_json * ast_json_timeval(const struct timeval tv, const char *zone)
Construct a timeval as JSON.
Wrapper for network related headers, masking differences between various operating systems...
#define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION
Event descriptor version.
Support for dynamic strings.
void * stasis_message_data(const struct stasis_message *msg)
Get the data contained in a message.
struct stasis_message * stasis_message_create(struct stasis_message_type *type, void *data)
Create a new message.
int ast_security_stasis_init(void)
initializes stasis topic/event types for ast_security_topic and ast_security_event_type ...
Load Average limit reached.
An attempt at challenge/response authentication failed.
int ast_security_event_report(const struct ast_security_event_common *sec)
Report a security event.
void stasis_publish(struct stasis_topic *topic, struct stasis_message *message)
Publish a message to a topic's subscribers.
const struct ast_security_event_ie_type * ast_security_event_get_optional_ies(const enum ast_security_event_type event_type)
Get the list of optional IEs for a given security event sub-type.
This must stay at the end.
#define AST_SECURITY_EVENT_LOAD_AVG_VERSION
Event descriptor version.
struct ast_json * ast_json_object_create(void)
Create a new JSON object.
struct ast_json * ast_json_ipaddr(const struct ast_sockaddr *addr, enum ast_transport transport_type)
Construct an IP address as JSON.
#define AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION
Event descriptor version.
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
#define S_OR(a, b)
returns the equivalent of logic or for strings: first one if not empty, otherwise second one...
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
const char * ast_event_get_ie_type_name(enum ast_event_ie_type ie_type)
Get the string representation of an information element type.
Abstract JSON element (object, array, string, int, ...).
#define AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION
Event descriptor version.
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
intmax_t ast_json_integer_get(const struct ast_json *integer)
Get the value from a JSON integer.
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.
#define AST_SECURITY_EVENT_SESSION_LIMIT_VERSION
Event descriptor version.
Something has gone wrong.
An attempt to contact a peer on an invalid transport.
#define AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION
Event descriptor version.
#define ast_str_create(init_len)
Create a malloc'ed dynamic length string.
A request was made that we understand, but do not support.
struct ast_json * ast_json_integer_create(intmax_t value)
Create a JSON integer.