diff options
author | Jonathan Rose <jrose@digium.com> | 2011-09-22 16:35:20 +0000 |
---|---|---|
committer | Jonathan Rose <jrose@digium.com> | 2011-09-22 16:35:20 +0000 |
commit | 5982bdcb7c45d286ac7a84ab53fb4a74207d2467 (patch) | |
tree | f11f01927951a0d59f5808497d59cdfd5e2cdb66 /main/security_events.c | |
parent | 8a74aa9ef991ca21d31bc8278f771fa9e0dbdc6d (diff) |
Merged revisions 337595,337597 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/10
........
r337595 | jrose | 2011-09-22 10:35:50 -0500 (Thu, 22 Sep 2011) | 12 lines
Generate Security events in chan_sip using new Security Events Framework
Security Events Framework was added in 1.8 and support was added for AMI to generate
events at that time. This patch adds support for chan_sip to generate security events.
(closes issue ASTERISK-18264)
Reported by: Michael L. Young
Patches:
security_events_chan_sip_v4.patch (license #5026) by Michael L. Young
Review: https://reviewboard.asterisk.org/r/1362/
........
r337597 | jrose | 2011-09-22 10:47:05 -0500 (Thu, 22 Sep 2011) | 10 lines
Forgot to svn add new files to r337595
Part of Generating security events for chan_sip
(issue ASTERISK-18264)
Reported by: Michael L. Young
Patches:
security_events_chan_sip_v4.patch (License #5026) by Michael L. Young
Reviewboard: https://reviewboard.asterisk.org/r/1362/
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@337600 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'main/security_events.c')
-rw-r--r-- | main/security_events.c | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/main/security_events.c b/main/security_events.c index d1e2ac0cc..ed05ebfa0 100644 --- a/main/security_events.c +++ b/main/security_events.c @@ -265,6 +265,7 @@ static const struct { { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) }, { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) }, { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) }, + { AST_EVENT_IE_USING_PASSWORD, SEC_EVT_FIELD(successful_auth, using_password) }, { AST_EVENT_IE_END, 0 } }, .optional_ies = { @@ -335,6 +336,55 @@ static const struct { { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) }, { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) }, { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) }, + { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(inval_password, challenge) }, + { AST_EVENT_IE_RECEIVED_CHALLENGE, SEC_EVT_FIELD(inval_password, received_challenge) }, + { AST_EVENT_IE_RECEIVED_HASH, SEC_EVT_FIELD(inval_password, received_hash) }, + { AST_EVENT_IE_END, 0 } + }, + .optional_ies = { + { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) }, + { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) }, + { AST_EVENT_IE_END, 0 } + }, +}, + +[AST_SECURITY_EVENT_CHAL_SENT] = { + .name = "ChallengeSent", + .version = AST_SECURITY_EVENT_CHAL_SENT_VERSION, + .severity = AST_SECURITY_EVENT_SEVERITY_INFO, + .required_ies = { + { AST_EVENT_IE_EVENT_TV, 0 }, + { AST_EVENT_IE_SEVERITY, 0 }, + { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) }, + { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) }, + { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) }, + { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) }, + { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) }, + { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) }, + { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(chal_sent, challenge) }, + { AST_EVENT_IE_END, 0 } + }, + .optional_ies = { + { AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) }, + { AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) }, + { AST_EVENT_IE_END, 0 } + }, +}, + +[AST_SECURITY_EVENT_INVAL_TRANSPORT] = { + .name = "InvalidTransport", + .version = AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION, + .severity = AST_SECURITY_EVENT_SEVERITY_ERROR, + .required_ies = { + { AST_EVENT_IE_EVENT_TV, 0 }, + { AST_EVENT_IE_SEVERITY, 0 }, + { AST_EVENT_IE_SERVICE, SEC_EVT_FIELD(common, service) }, + { AST_EVENT_IE_EVENT_VERSION, SEC_EVT_FIELD(common, version) }, + { AST_EVENT_IE_ACCOUNT_ID, SEC_EVT_FIELD(common, account_id) }, + { AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) }, + { AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) }, + { AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) }, + { AST_EVENT_IE_ATTEMPTED_TRANSPORT, SEC_EVT_FIELD(inval_transport, transport) }, { AST_EVENT_IE_END, 0 } }, .optional_ies = { @@ -500,6 +550,9 @@ static int add_ie(struct ast_event **event, const struct ast_security_event_comm case AST_EVENT_IE_CHALLENGE: case AST_EVENT_IE_RESPONSE: case AST_EVENT_IE_EXPECTED_RESPONSE: + case AST_EVENT_IE_RECEIVED_CHALLENGE: + case AST_EVENT_IE_RECEIVED_HASH: + case AST_EVENT_IE_ATTEMPTED_TRANSPORT: { const char *str; @@ -519,6 +572,7 @@ static int add_ie(struct ast_event **event, const struct ast_security_event_comm break; } case AST_EVENT_IE_EVENT_VERSION: + case AST_EVENT_IE_USING_PASSWORD: { uint32_t val; val = *((const uint32_t *)(((const char *) sec) + ie_type->offset)); |