Asterisk - The Open Source Telephony Project GIT-master-d856a3e
Data Structures | Functions
security_events.h File Reference

Security Event Reporting API. More...

#include "asterisk/event.h"
#include "asterisk/security_events_defs.h"
Include dependency graph for security_events.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  ast_security_event_ie_type
 

Functions

const char * ast_security_event_get_name (const enum ast_security_event_type event_type)
 Get the name of a security event sub-type. More...
 
const struct ast_security_event_ie_typeast_security_event_get_optional_ies (const enum ast_security_event_type event_type)
 Get the list of optional IEs for a given security event sub-type. More...
 
const struct ast_security_event_ie_typeast_security_event_get_required_ies (const enum ast_security_event_type event_type)
 Get the list of required IEs for a given security event sub-type. More...
 
int ast_security_event_report (const struct ast_security_event_common *sec)
 Report a security event. More...
 
const char * ast_security_event_severity_get_name (const enum ast_security_event_severity severity)
 Get the name of a security event severity. More...
 
struct stasis_message_typeast_security_event_type (void)
 A stasis_message_type for security events. More...
 
int ast_security_stasis_init (void)
 initializes stasis topic/event types for ast_security_topic and ast_security_event_type More...
 
struct stasis_topicast_security_topic (void)
 A stasis_topic which publishes messages for security related issues. More...
 

Detailed Description

Security Event Reporting API.

Author
Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com

Definition in file security_events.h.

Function Documentation

◆ ast_security_event_get_name()

const char * ast_security_event_get_name ( const enum ast_security_event_type  event_type)

Get the name of a security event sub-type.

Parameters
[in]event_typesecurity event sub-type
Return values
NULLif event_type is invalid
non-NULLthe name of the security event type
Since
1.8

Definition at line 895 of file main/security_events.c.

896{
897 if (check_event_type(event_type)) {
898 return NULL;
899 }
900
901 return sec_events[event_type].name;
902}
static int check_event_type(const enum ast_security_event_type event_type)
static const struct @389 sec_events[AST_SECURITY_EVENT_NUM_TYPES]
#define NULL
Definition: resample.c:96

References check_event_type(), NULL, and sec_events.

Referenced by add_json_object(), ast_security_event_report(), gen_events(), security_event_stasis_cb(), and security_event_to_ami_blob().

◆ ast_security_event_get_optional_ies()

const struct ast_security_event_ie_type * ast_security_event_get_optional_ies ( const enum ast_security_event_type  event_type)

Get the list of optional IEs for a given security event sub-type.

Parameters
[in]event_typesecurity event sub-type
Return values
NULLinvalid event_type
non-NULLAn array terminated with the value AST_EVENT_IE_END
Since
1.8

Definition at line 914 of file main/security_events.c.

916{
917 if (check_event_type(event_type)) {
918 return NULL;
919 }
920
921 return sec_events[event_type].optional_ies;
922}

References check_event_type(), NULL, and sec_events.

Referenced by handle_security_event(), security_event_stasis_cb(), and security_event_to_ami_blob().

◆ ast_security_event_get_required_ies()

const struct ast_security_event_ie_type * ast_security_event_get_required_ies ( const enum ast_security_event_type  event_type)

Get the list of required IEs for a given security event sub-type.

Parameters
[in]event_typesecurity event sub-type
Return values
NULLinvalid event_type
non-NULLAn array terminated with the value AST_EVENT_IE_END
Since
1.8

Definition at line 904 of file main/security_events.c.

906{
907 if (check_event_type(event_type)) {
908 return NULL;
909 }
910
911 return sec_events[event_type].required_ies;
912}

References check_event_type(), NULL, and sec_events.

Referenced by handle_security_event(), security_event_stasis_cb(), and security_event_to_ami_blob().

◆ ast_security_event_report()

int ast_security_event_report ( const struct ast_security_event_common sec)

Report a security event.

Parameters
[in]secsecurity event data. Callers of this function should never declare an instance of ast_security_event_common directly. The argument should be an instance of a specific security event descriptor which has ast_security_event_common at the very beginning.
Return values
0success
non-zerofailure

Definition at line 1171 of file main/security_events.c.

1172{
1173 if ((unsigned int)sec->event_type >= AST_SECURITY_EVENT_NUM_TYPES) {
1174 ast_log(LOG_ERROR, "Invalid security event type\n");
1175 return -1;
1176 }
1177
1178 if (!sec_events[sec->event_type].name) {
1179 ast_log(LOG_WARNING, "Security event type %u not handled\n",
1180 sec->event_type);
1181 return -1;
1182 }
1183
1184 if (sec->version != sec_events[sec->event_type].version) {
1185 ast_log(LOG_WARNING, "Security event %u version mismatch\n",
1186 sec->event_type);
1187 return -1;
1188 }
1189
1190 if (handle_security_event(sec)) {
1191 ast_log(LOG_ERROR, "Failed to issue security event of type %s.\n",
1193 }
1194
1195 return 0;
1196}
#define ast_log
Definition: astobj2.c:42
#define LOG_ERROR
#define LOG_WARNING
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
static int handle_security_event(const struct ast_security_event_common *sec)
@ AST_SECURITY_EVENT_NUM_TYPES
This must stay at the end.
enum ast_security_event_type event_type
The security event sub-type.
uint32_t version
security event version

References ast_log, ast_security_event_get_name(), AST_SECURITY_EVENT_NUM_TYPES, ast_security_event_common::event_type, handle_security_event(), LOG_ERROR, LOG_WARNING, sec_events, and ast_security_event_common::version.

Referenced by ast_sip_report_auth_challenge_sent(), ast_sip_report_auth_failed_challenge_response(), ast_sip_report_auth_success(), ast_sip_report_failed_acl(), ast_sip_report_invalid_endpoint(), ast_sip_report_mem_limit(), ast_sip_report_req_no_support(), evt_gen_auth_method_not_allowed(), evt_gen_chal_resp_failed(), evt_gen_chal_sent(), evt_gen_failed_acl(), evt_gen_inval_acct_id(), evt_gen_inval_password(), evt_gen_inval_transport(), evt_gen_load_avg(), evt_gen_mem_limit(), evt_gen_req_bad_format(), evt_gen_req_no_support(), evt_gen_req_not_allowed(), evt_gen_session_limit(), evt_gen_successful_auth(), evt_gen_unexpected_addr(), report_auth_success(), report_failed_acl(), report_failed_challenge_response(), report_inval_password(), report_invalid_user(), report_req_bad_format(), report_req_not_allowed(), and report_session_limit().

◆ ast_security_event_severity_get_name()

const char * ast_security_event_severity_get_name ( const enum ast_security_event_severity  severity)

Get the name of a security event severity.

Parameters
[in]severitysecurity event severity
Return values
NULLif severity is invalid
non-NULLthe name of the security event severity
Since
1.8

Definition at line 871 of file main/security_events.c.

873{
874 unsigned int i;
875
876 for (i = 0; i < ARRAY_LEN(severities); i++) {
877 if (severities[i].severity == severity) {
878 return severities[i].str;
879 }
880 }
881
882 return NULL;
883}
static const struct @390 severities[]
enum ast_security_event_severity severity
#define ARRAY_LEN(a)
Definition: utils.h:666

References ARRAY_LEN, NULL, severities, and severity.

Referenced by alloc_security_event_json_object().

◆ ast_security_event_type()

A stasis_message_type for security events.

Since
12
Return values
NULLon error
Returns
stasis_message_type for security events
Note
Messages of this type should always be issued on and expected from the ast_security_topic stasis_topic

◆ ast_security_stasis_init()

int ast_security_stasis_init ( void  )

initializes stasis topic/event types for ast_security_topic and ast_security_event_type

Since
12
Return values
0on success
-1on failure

Definition at line 483 of file main/security_events.c.

484{
486
487 security_topic = stasis_topic_create("security:all");
488 if (!security_topic) {
489 return -1;
490 }
491
493 return -1;
494 }
495
496
497 return 0;
498}
int ast_register_cleanup(void(*func)(void))
Register a function to be executed before Asterisk gracefully exits.
Definition: clicompat.c:19
static struct stasis_topic * security_topic
Security Topic.
static void security_stasis_cleanup(void)
ast_security_event_type
Security event types.
struct stasis_topic * stasis_topic_create(const char *name)
Create a new topic.
Definition: stasis.c:618
#define STASIS_MESSAGE_TYPE_INIT(name)
Boiler-plate messaging macro for initializing message types.
Definition: stasis.h:1493

References ast_register_cleanup(), security_stasis_cleanup(), security_topic, STASIS_MESSAGE_TYPE_INIT, and stasis_topic_create().

Referenced by asterisk_daemon().

◆ ast_security_topic()

struct stasis_topic * ast_security_topic ( void  )

A stasis_topic which publishes messages for security related issues.

Since
12
Returns
stasis_topic for security related issues.
Return values
NULLon error

Definition at line 380 of file main/security_events.c.

381{
382 return security_topic;
383}

References security_topic.

Referenced by acl_change_stasis_subscribe(), ast_res_pjsip_initialize_configuration(), common_config_load(), handle_security_event(), load_module(), manager_subscriptions_init(), publish_acl_change(), and rtp_reload().