diff options
| author | Michael L. Young <elgueromexicano@gmail.com> | 2012-04-16 21:20:50 +0000 |
|---|---|---|
| committer | Michael L. Young <elgueromexicano@gmail.com> | 2012-04-16 21:20:50 +0000 |
| commit | abf40d9b28c0fc8339643e2903692e154d32719e (patch) | |
| tree | 25974b83968cf1e99f2a60c951df3986fa87661d /channels/sip | |
| parent | ba7032be5f4ac8c638806fe6d4f683ec7813c82f (diff) | |
Add IPv6 address support to security events framework.
The current Security Events Framework API only supports IPv4 when it comes to
generating security events. This patch does the following:
* Changes the Security Events Framework API to support IPV6 and updates
the components that use this API.
* Eliminates an error message that was being generated since the current
implementation was treating an IPv6 socket address as if it was IPv4.
* Some copyright dates were updated on files touched by this patch.
(closes issue ASTERISK-19447)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
security_events_ipv6v3.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/1777/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362200 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'channels/sip')
| -rw-r--r-- | channels/sip/security_events.c | 70 |
1 files changed, 20 insertions, 50 deletions
diff --git a/channels/sip/security_events.c b/channels/sip/security_events.c index 110c10a55..5ba70a143 100644 --- a/channels/sip/security_events.c +++ b/channels/sip/security_events.c @@ -1,7 +1,7 @@ /* * Asterisk -- An open source telephony toolkit. * - * Copyright (C) 2011, Digium, Inc. + * Copyright (C) 2012, Digium, Inc. * * Michael L. Young <elgueromexicano@gmail.com> * @@ -49,25 +49,9 @@ static enum ast_security_event_transport_type security_event_get_transport(const return res; } -static struct sockaddr_in *security_event_encode_sin_local(const struct sip_pvt *p, struct sockaddr_in *sin_local) -{ - ast_sockaddr_to_sin(&p->ourip, sin_local); - - return sin_local; -} - -static struct sockaddr_in *security_event_encode_sin_remote(const struct sip_pvt *p, struct sockaddr_in *sin_remote) -{ - ast_sockaddr_to_sin(&p->sa, sin_remote); - - return sin_remote; -} - void sip_report_invalid_peer(const struct sip_pvt *p) { char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; struct ast_security_event_inval_acct_id inval_acct_id = { .common.event_type = AST_SECURITY_EVENT_INVAL_ACCT_ID, @@ -75,11 +59,11 @@ void sip_report_invalid_peer(const struct sip_pvt *p) .common.service = "SIP", .common.account_id = p->exten, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -93,8 +77,6 @@ void sip_report_invalid_peer(const struct sip_pvt *p) void sip_report_failed_acl(const struct sip_pvt *p, const char *aclname) { char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; struct ast_security_event_failed_acl failed_acl_event = { .common.event_type = AST_SECURITY_EVENT_FAILED_ACL, @@ -102,11 +84,11 @@ void sip_report_failed_acl(const struct sip_pvt *p, const char *aclname) .common.service = "SIP", .common.account_id = p->exten, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -121,8 +103,6 @@ void sip_report_failed_acl(const struct sip_pvt *p, const char *aclname) void sip_report_inval_password(const struct sip_pvt *p, const char *response_challenge, const char *response_hash) { char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; struct ast_security_event_inval_password inval_password = { .common.event_type = AST_SECURITY_EVENT_INVAL_PASSWORD, @@ -130,11 +110,11 @@ void sip_report_inval_password(const struct sip_pvt *p, const char *response_cha .common.service = "SIP", .common.account_id = p->exten, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -152,8 +132,6 @@ void sip_report_inval_password(const struct sip_pvt *p, const char *response_cha void sip_report_auth_success(const struct sip_pvt *p, uint32_t *using_password) { char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; struct ast_security_event_successful_auth successful_auth = { .common.event_type = AST_SECURITY_EVENT_SUCCESSFUL_AUTH, @@ -161,11 +139,11 @@ void sip_report_auth_success(const struct sip_pvt *p, uint32_t *using_password) .common.service = "SIP", .common.account_id = p->exten, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -180,8 +158,6 @@ void sip_report_auth_success(const struct sip_pvt *p, uint32_t *using_password) void sip_report_session_limit(const struct sip_pvt *p) { char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; struct ast_security_event_session_limit session_limit = { .common.event_type = AST_SECURITY_EVENT_SESSION_LIMIT, @@ -189,11 +165,11 @@ void sip_report_session_limit(const struct sip_pvt *p) .common.service = "SIP", .common.account_id = p->exten, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -206,9 +182,7 @@ void sip_report_session_limit(const struct sip_pvt *p) void sip_report_failed_challenge_response(const struct sip_pvt *p, const char *response, const char *expected_response) { - char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; + char session_id[32]; char account_id[256]; struct ast_security_event_chal_resp_failed chal_resp_failed = { @@ -217,11 +191,11 @@ void sip_report_failed_challenge_response(const struct sip_pvt *p, const char *r .common.service = "SIP", .common.account_id = account_id, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -244,22 +218,20 @@ void sip_report_failed_challenge_response(const struct sip_pvt *p, const char *r void sip_report_chal_sent(const struct sip_pvt *p) { - char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; + char session_id[32]; char account_id[256]; - struct ast_security_event_chal_sent chal_sent = { + struct ast_security_event_chal_sent chal_sent = { .common.event_type = AST_SECURITY_EVENT_CHAL_SENT, .common.version = AST_SECURITY_EVENT_CHAL_SENT_VERSION, .common.service = "SIP", .common.account_id = account_id, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, @@ -281,8 +253,6 @@ void sip_report_chal_sent(const struct sip_pvt *p) void sip_report_inval_transport(const struct sip_pvt *p, const char *transport) { char session_id[32]; - struct sockaddr_in sin_local; - struct sockaddr_in sin_remote; struct ast_security_event_inval_transport inval_transport = { .common.event_type = AST_SECURITY_EVENT_INVAL_TRANSPORT, @@ -290,11 +260,11 @@ void sip_report_inval_transport(const struct sip_pvt *p, const char *transport) .common.service = "SIP", .common.account_id = p->exten, .common.local_addr = { - .sin = security_event_encode_sin_local(p, &sin_local), + .addr = &p->ourip, .transport = security_event_get_transport(p) }, .common.remote_addr = { - .sin = security_event_encode_sin_remote(p, &sin_remote), + .addr = &p->sa, .transport = security_event_get_transport(p) }, .common.session_id = session_id, |