| Age | Commit message (Collapse) | Author |
|---|
|
This resolves a large number of compiler warnings from GCC 4.10 which
cause the build to fail under dev mode. The vast majority are
signed/unsigned mismatches in printf-style format strings.
........
Merged revisions 413586 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 413587 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 413588 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@413589 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
When formatting an optional IE, the value is, of course, optional. As such, it
is entirely appropriate for ast_json_object_get to return NULL. If that occurs,
we now simply skip the IE that was requested, as it was not provided by the
entity that raised the event.
Thanks to George Joseph (gtjoseph) for catching this and reporting it in
#asterisk-dev
........
Merged revisions 407750 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@407752 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
The appdocsxml.dtd specifies that a "required" attribute in a parameter may
have a value of yes, no, true, or false. On some systems, specifying "False"
instead of "false" would cause a validation error. This patch fixes the casing
to explicitly match the DTD.
........
Merged revisions 407676 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@407677 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
This patch adds documentation for the Security Events that are emited over
AMI. It also notes these events in the UPGRADE/CHANGES file.
........
Merged revisions 407589 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@407602 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
This patch updates the log messages to include descriptive
names for event types. This is an improvement over having
only cryptic type numbers.
(closes issue ASTERISK-22909)
Reported by: outtolunc
Review: https://reviewboard.asterisk.org/r/3081/
Patches:
svn_security_events.c.names.diff.txt uploaded by outtolunc (license 5198)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@404387 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
Security Events will now be written to any listener of the new 'security' class
Review: https://reviewboard.asterisk.org/r/2998/
........
Merged revisions 402584 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@402585 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
In r337595, additional security events were added for chan_sip
authentication failures. The new IEs added to the existing invalid
password event were defined as required IEs, but existing users of the
event did not set the new IEs and could not since they didn't apply to
existing uses. They are now marked as optional IEs.
(closes issue ASTERISK-22578)
Reported by: Matt Jordan
........
Merged revisions 400421 from http://svn.asterisk.org/svn/asterisk/branches/11
........
Merged revisions 400440 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@400441 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
This removes unused code, event types, IE pltypes, and event IE types
where possible and makes several functions private that were once
public. This includes a renumbering of the remaining event and IE types
which breaks binary compatibility with previous versions. The last
remaining consumers of the old event system (or parts thereof) are
main/security_events.c, res/res_security_log.c, tests/test_cel.c,
tests/test_event.c, main/cel.c, and the CEL backends.
Review: https://reviewboard.asterisk.org/r/2703/
(closes issue ASTERISK-22139)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@396887 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
This patch addresses issues during immediate shutdowns, where modules
are not unloaded, but Asterisk atexit handlers are run.
In the typical case, this usually isn't a big deal. But the
introduction of the Stasis message bus makes it much more likely for
asynchronous activity to be happening off in some thread during
shutdown.
During an immediate shutdown, Asterisk skips unloading modules. But
while it is processing the atexit handlers, there is a window of time
where some of the core message types have been cleaned up, but the
message bus is still running. Specifically, it's still running
module subscriptions that might be using the core message types. If a
message is received by that subscription in that window, it will
attempt to use a message type that has been cleaned up.
To solve this problem, this patch introduces ast_register_cleanup().
This function operates identically to ast_register_atexit(), except
that cleanup calls are not invoked on an immediate shutdown. All of
the core message type and topic cleanup was moved from atexit handlers
to cleanup handlers.
This ensures that core type and topic cleanup only happens if the
modules that used them are first unloaded.
This patch also changes the ast_assert() when accessing a cleaned up
or uninitialized message type to an error log message. Message type
functions are actually NULL safe across the board, so the assert was a
bit heavy handed. Especially for anyone with DO_CRASH enabled.
Review: https://reviewboard.asterisk.org/r/2562/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@390122 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
Also moves ACL messages to the security topic and gets rid of the
ACL topic
(closes issue ASTERISK-21103)
Reported by: Matt Jordan
Review: https://reviewboard.asterisk.org/r/2496/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@388975 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
Instead of calling str->str, one should use ast_str_buffer(str). Same
goes for str->used as ast_str_strlen(str) and str->len as
ast_str_size(str).
Review: https://reviewboard.asterisk.org/r/2198
........
Merged revisions 376469 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 376470 from http://svn.asterisk.org/svn/asterisk/branches/10
........
Merged revisions 376471 from http://svn.asterisk.org/svn/asterisk/branches/11
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@376472 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
........
r369001 | kpfleming | 2012-06-15 10:56:08 -0500 (Fri, 15 Jun 2012) | 11 lines
Add support-level indications to many more source files.
Since we now have tools that scan through the source tree looking for files
with specific support levels, we need to ensure that every file that is
a component of a 'core' or 'extended' module (or the main Asterisk binary)
is explicitly marked with its support level. This patch adds support-level
indications to many more source files in tree, but avoids adding them to
third-party libraries that are included in the tree and to source files
that don't end up involved in Asterisk itself.
........
r369002 | kpfleming | 2012-06-15 10:57:14 -0500 (Fri, 15 Jun 2012) | 3 lines
Add a script to enable finding source files without support-levels defined.
........
Merged revisions 369001-369002 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 369005 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@369013 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
The current Security Events Framework API only supports IPv4 when it comes to
generating security events. This patch does the following:
* Changes the Security Events Framework API to support IPV6 and updates
the components that use this API.
* Eliminates an error message that was being generated since the current
implementation was treating an IPv6 socket address as if it was IPv4.
* Some copyright dates were updated on files touched by this patch.
(closes issue ASTERISK-19447)
Reported by: Michael L. Young
Tested by: Michael L. Young
Patches:
security_events_ipv6v3.diff uploaded by Michael L. Young (license 5026)
Review: https://reviewboard.asterisk.org/r/1777/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@362200 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
https://origsvn.digium.com/svn/asterisk/branches/10
........
r337595 | jrose | 2011-09-22 10:35:50 -0500 (Thu, 22 Sep 2011) | 12 lines
Generate Security events in chan_sip using new Security Events Framework
Security Events Framework was added in 1.8 and support was added for AMI to generate
events at that time. This patch adds support for chan_sip to generate security events.
(closes issue ASTERISK-18264)
Reported by: Michael L. Young
Patches:
security_events_chan_sip_v4.patch (license #5026) by Michael L. Young
Review: https://reviewboard.asterisk.org/r/1362/
........
r337597 | jrose | 2011-09-22 10:47:05 -0500 (Thu, 22 Sep 2011) | 10 lines
Forgot to svn add new files to r337595
Part of Generating security events for chan_sip
(issue ASTERISK-18264)
Reported by: Michael L. Young
Patches:
security_events_chan_sip_v4.patch (License #5026) by Michael L. Young
Reviewboard: https://reviewboard.asterisk.org/r/1362/
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@337600 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
|
This commit introduces the security events API. This API is to be used by
Asterisk components to report events that have security implications.
A simple example is when a connection is made but fails authentication. These
events can be used by external tools manipulate firewall rules or something
similar after detecting unusual activity based on security events.
Inside of Asterisk, the events go through the ast_event API. This means that
they have a binary encoding, and it is easy to write code to subscribe to these
events and do something with them.
One module is provided that is a subscriber to these events - res_security_log.
This module turns security events into a parseable text format and sends them
to the "security" logger level. Using logger.conf, these log entries may be
sent to a file, or to syslog.
One service, AMI, has been fully updated for reporting security events.
AMI was chosen as it was a fairly straight forward service to convert.
The next target will be chan_sip. That will be more complicated and will
be done as its own project as the next phase of security events work.
For more information on the security events framework, see the documentation
generated from doc/tex/. "make asterisk.pdf"
Review: https://reviewboard.asterisk.org/r/273/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@206021 65c4cc65-6c06-0410-ace0-fbb531ad65f3
|
