Add IPv6 address support to security events framework.

The current Security Events Framework API only supports IPv4 when it comes to generating security events. This patch does the following: * Changes the Security Events Framework API to support IPV6 and updates the components that use this API. * Eliminates an error message that was being generated since the current implementation was treating an IPv6 socket address as if it was IPv4. * Some copyright dates were updated on files touched by this patch. (closes issue ASTERISK-19447) Reported by: Michael L. Young Tested by: Michael L. Young Patches: security_events_ipv6v3.diff uploaded by Michael L. Young (license 5026) Review: https://reviewboard.asterisk.org/r/1777/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362200 65c4cc65-6c06-0410-ace0-fbb531ad65f3
author: Michael L. Young <elgueromexicano@gmail.com> 2012-04-16 21:20:50 +0000
committer: Michael L. Young <elgueromexicano@gmail.com> 2012-04-16 21:20:50 +0000
commit: abf40d9b28c0fc8339643e2903692e154d32719e (patch)
tree: 25974b83968cf1e99f2a60c951df3986fa87661d /main/manager.c
parent: ba7032be5f4ac8c638806fe6d4f683ec7813c82f (diff)
1 files changed, 40 insertions, 33 deletions
diff --git a/main/manager.c b/main/manager.c
index 413adf29c..597498c15 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -2178,18 +2178,9 @@ static enum ast_security_event_transport_type mansession_get_transport(const str
 			AST_SECURITY_EVENT_TRANSPORT_TCP;
 }
 
-static struct sockaddr_in *mansession_encode_sin_local(const struct mansession *s,
-		struct sockaddr_in *sin_local)
-{
-	ast_sockaddr_to_sin(&s->tcptls_session->parent->local_address,
-			    sin_local);
-
-	return sin_local;
-}
-
 static void report_invalid_user(const struct mansession *s, const char *username)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	struct ast_security_event_inval_acct_id inval_acct_id = {
 		.common.event_type = AST_SECURITY_EVENT_INVAL_ACCT_ID,
@@ -2198,16 +2189,18 @@ static void report_invalid_user(const struct mansession *s, const char *username
 		.common.account_id = username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s);
 
 	ast_security_event_report(AST_SEC_EVT(&inval_acct_id));
@@ -2215,7 +2208,7 @@ static void report_invalid_user(const struct mansession *s, const char *username
 
 static void report_failed_acl(const struct mansession *s, const char *username)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	struct ast_security_event_failed_acl failed_acl_event = {
 		.common.event_type = AST_SECURITY_EVENT_FAILED_ACL,
@@ -2224,16 +2217,18 @@ static void report_failed_acl(const struct mansession *s, const char *username)
 		.common.account_id = username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 
 	ast_security_event_report(AST_SEC_EVT(&failed_acl_event));
@@ -2241,7 +2236,7 @@ static void report_failed_acl(const struct mansession *s, const char *username)
 
 static void report_inval_password(const struct mansession *s, const char *username)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	struct ast_security_event_inval_password inval_password = {
 		.common.event_type = AST_SECURITY_EVENT_INVAL_PASSWORD,
@@ -2250,16 +2245,18 @@ static void report_inval_password(const struct mansession *s, const char *userna
 		.common.account_id = username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 
 	ast_security_event_report(AST_SEC_EVT(&inval_password));
@@ -2267,7 +2264,7 @@ static void report_inval_password(const struct mansession *s, const char *userna
 
 static void report_auth_success(const struct mansession *s)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	struct ast_security_event_successful_auth successful_auth = {
 		.common.event_type = AST_SECURITY_EVENT_SUCCESSFUL_AUTH,
@@ -2276,16 +2273,18 @@ static void report_auth_success(const struct mansession *s)
 		.common.account_id = s->session->username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 
 	ast_security_event_report(AST_SEC_EVT(&successful_auth));
@@ -2293,7 +2292,7 @@ static void report_auth_success(const struct mansession *s)
 
 static void report_req_not_allowed(const struct mansession *s, const char *action)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	char request_type[64];
 	struct ast_security_event_req_not_allowed req_not_allowed = {
@@ -2303,11 +2302,11 @@ static void report_req_not_allowed(const struct mansession *s, const char *actio
 		.common.account_id = s->session->username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
@@ -2315,6 +2314,8 @@ static void report_req_not_allowed(const struct mansession *s, const char *actio
 		.request_type      = request_type,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 	snprintf(request_type, sizeof(request_type), "Action: %s", action);
 
@@ -2323,7 +2324,7 @@ static void report_req_not_allowed(const struct mansession *s, const char *actio
 
 static void report_req_bad_format(const struct mansession *s, const char *action)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	char request_type[64];
 	struct ast_security_event_req_bad_format req_bad_format = {
@@ -2333,11 +2334,11 @@ static void report_req_bad_format(const struct mansession *s, const char *action
 		.common.account_id = s->session->username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
@@ -2345,6 +2346,8 @@ static void report_req_bad_format(const struct mansession *s, const char *action
 		.request_type      = request_type,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 	snprintf(request_type, sizeof(request_type), "Action: %s", action);
 
@@ -2354,7 +2357,7 @@ static void report_req_bad_format(const struct mansession *s, const char *action
 static void report_failed_challenge_response(const struct mansession *s,
 		const char *response, const char *expected_response)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	struct ast_security_event_chal_resp_failed chal_resp_failed = {
 		.common.event_type = AST_SECURITY_EVENT_CHAL_RESP_FAILED,
@@ -2363,11 +2366,11 @@ static void report_failed_challenge_response(const struct mansession *s,
 		.common.account_id = s->session->username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
@@ -2377,6 +2380,8 @@ static void report_failed_challenge_response(const struct mansession *s,
 		.expected_response = expected_response,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 
 	ast_security_event_report(AST_SEC_EVT(&chal_resp_failed));
@@ -2384,7 +2389,7 @@ static void report_failed_challenge_response(const struct mansession *s,
 
 static void report_session_limit(const struct mansession *s)
 {
-	struct sockaddr_in sin_local;
+	struct ast_sockaddr addr_remote;
 	char session_id[32];
 	struct ast_security_event_session_limit session_limit = {
 		.common.event_type = AST_SECURITY_EVENT_SESSION_LIMIT,
@@ -2393,16 +2398,18 @@ static void report_session_limit(const struct mansession *s)
 		.common.account_id = s->session->username,
 		.common.session_tv = &s->session->sessionstart_tv,
 		.common.local_addr = {
-			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.addr      = &s->tcptls_session->parent->local_address,
 			.transport = mansession_get_transport(s),
 		},
 		.common.remote_addr = {
-			.sin       = &s->session->sin,
+			.addr      = &addr_remote,
 			.transport = mansession_get_transport(s),
 		},
 		.common.session_id = session_id,
 	};
 
+	ast_sockaddr_from_sin(&addr_remote, &s->session->sin);
+
 	snprintf(session_id, sizeof(session_id), "%p", s->session);
 
 	ast_security_event_report(AST_SEC_EVT(&session_limit));
author	Michael L. Young <elgueromexicano@gmail.com>	2012-04-16 21:20:50 +0000
committer	Michael L. Young <elgueromexicano@gmail.com>	2012-04-16 21:20:50 +0000
commit	abf40d9b28c0fc8339643e2903692e154d32719e (patch)
tree	25974b83968cf1e99f2a60c951df3986fa87661d /main/manager.c
parent	ba7032be5f4ac8c638806fe6d4f683ec7813c82f (diff)