438 "error occurred when adding required event fields.\n");
445 "error occurred when adding optional event fields.\n");
504#define MAX_SECURITY_IES 12
507#undef MAX_SECURITY_IES
510#define SEC_EVT_FIELD(e, field) (offsetof(struct ast_security_event_##e, field))
536 .name =
"InvalidAccountID",
558 .name =
"SessionLimit",
580 .name =
"MemoryLimit",
602 .name =
"LoadAverageLimit",
624 .name =
"RequestNotSupported",
647 .name =
"RequestNotAllowed",
671 .name =
"AuthMethodNotAllowed",
694 .name =
"RequestBadFormat",
718 .name =
"SuccessfulAuth",
741 .name =
"UnexpectedAddress",
764 .name =
"ChallengeResponseFailed",
789 .name =
"InvalidPassword",
814 .name =
"ChallengeSent",
837 .name =
"InvalidTransport",
966 str = *((
const char **)(((
const char *) sec) + ie_type->
offset));
970 "type '%u' (%s) not present\n", ie_type->
ie_type,
995 val = *((
const uint32_t *)(((
const char *) sec) + ie_type->
offset));
1014 if (req && !
addr->addr) {
1016 "type '%u' (%s) not present\n", ie_type->
ie_type,
1030 const struct timeval *tval;
1032 tval = *((
const struct timeval **)(((
const char *) sec) + ie_type->
offset));
1036 "type '%u' (%s) not present\n", ie_type->
ie_type,
1059 "will be missing data.\n", ie_type->
ie_type,
1070 const char *severity_str;
1105 severity_str =
S_OR(
Asterisk main include file. File version handling, generic pbx functions.
int ast_register_cleanup(void(*func)(void))
Register a function to be executed before Asterisk gracefully exits.
enum ast_cc_service_type service
const char * ast_event_get_ie_type_name(enum ast_event_ie_type ie_type)
Get the string representation of an information element type.
ast_event_ie_type
Event Information Element types.
@ AST_EVENT_IE_EVENT_VERSION
@ AST_EVENT_IE_REMOTE_ADDR
@ AST_EVENT_IE_ATTEMPTED_TRANSPORT
@ AST_EVENT_IE_ACCOUNT_ID
@ AST_EVENT_IE_SESSION_ID
@ AST_EVENT_IE_LOCAL_ADDR
@ AST_EVENT_IE_RECEIVED_HASH
@ AST_EVENT_IE_AUTH_METHOD
@ AST_EVENT_IE_RECEIVED_CHALLENGE
@ AST_EVENT_IE_REQUEST_TYPE
@ AST_EVENT_IE_EXPECTED_RESPONSE
@ AST_EVENT_IE_EXPECTED_ADDR
@ AST_EVENT_IE_USING_PASSWORD
@ AST_EVENT_IE_SESSION_TV
@ AST_EVENT_IE_REQUEST_PARAMS
Asterisk JSON abstraction layer.
struct ast_json * ast_json_ipaddr(const struct ast_sockaddr *addr, enum ast_transport transport_type)
Construct an IP address as JSON.
struct ast_json * ast_json_string_create(const char *value)
Construct a JSON string from value.
void ast_json_unref(struct ast_json *value)
Decrease refcount on value. If refcount reaches zero, value is freed.
struct ast_json * ast_json_object_create(void)
Create a new JSON object.
struct ast_json_payload * ast_json_payload_create(struct ast_json *json)
Create an ao2 object to pass json blobs as data payloads for stasis.
struct ast_json * ast_json_timeval(const struct timeval tv, const char *zone)
Construct a timeval as JSON.
struct ast_json * ast_json_integer_create(intmax_t value)
Create a JSON integer.
struct ast_json * ast_json_stringf(const char *format,...)
Create a JSON string, printf style.
struct ast_json * ast_json_ref(struct ast_json *value)
Increase refcount on value.
int ast_json_object_set(struct ast_json *object, const char *key, struct ast_json *value)
Set a field in a JSON object.
const char * ast_json_string_get(const struct ast_json *string)
Get the value of a JSON string.
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
intmax_t ast_json_integer_get(const struct ast_json *integer)
Get the value from a JSON integer.
const struct ast_security_event_ie_type * ast_security_event_get_required_ies(const enum ast_security_event_type event_type)
Get the list of required IEs for a given security event sub-type.
static struct stasis_topic * security_topic
Security Topic.
#define SEC_EVT_FIELD(e, field)
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
STASIS_MESSAGE_TYPE_DEFN(ast_security_event_type,.to_ami=security_event_to_ami,)
Message type for security events.
int ast_security_stasis_init(void)
initializes stasis topic/event types for ast_security_topic and ast_security_event_type
struct ast_security_event_ie_type optional_ies[MAX_SECURITY_IES]
const char * ast_security_event_severity_get_name(const enum ast_security_event_severity severity)
Get the name of a security event severity.
struct ast_security_event_ie_type required_ies[MAX_SECURITY_IES]
static int check_event_type(const enum ast_security_event_type event_type)
static struct ast_json * alloc_security_event_json_object(const struct ast_security_event_common *sec)
static void security_stasis_cleanup(void)
static struct ast_manager_event_blob * security_event_to_ami(struct stasis_message *message)
const struct ast_security_event_ie_type * ast_security_event_get_optional_ies(const enum ast_security_event_type event_type)
Get the list of optional IEs for a given security event sub-type.
static int append_event_str_from_json(struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies)
static int append_event_str_single(struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type)
static const struct @390 severities[]
static const size_t SECURITY_EVENT_BUF_INIT_LEN
static const struct @389 sec_events[AST_SECURITY_EVENT_NUM_TYPES]
static struct ast_manager_event_blob * security_event_to_ami_blob(struct ast_json *json)
static int add_json_object(struct ast_json *json, const struct ast_security_event_common *sec, const struct ast_security_event_ie_type *ie_type, enum ie_required req)
enum ast_security_event_severity severity
int ast_security_event_report(const struct ast_security_event_common *sec)
Report a security event.
static int add_ip_json_object(struct ast_json *json, enum ast_event_ie_type ie_type, const struct ast_security_event_ip_addr *addr)
static int handle_security_event(const struct ast_security_event_common *sec)
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
#define EVENT_FLAG_SECURITY
struct ast_manager_event_blob * ast_manager_event_blob_create(int event_flags, const char *manager_event, const char *extra_fields_fmt,...)
Construct a ast_manager_event_blob.
Wrapper for network related headers, masking differences between various operating systems....
static void challenge(const char *realm, pjsip_tx_data *tdata, const pjsip_rx_data *rdata, int is_stale)
astobj2 callback for adding digest challenges to responses
static void to_ami(struct ast_sip_subscription *sub, struct ast_str **buf)
Security Event Reporting API.
#define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_MEM_LIMIT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_SESSION_LIMIT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_FAILED_ACL_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION
Event descriptor version.
ast_security_event_severity
the severity of a security event
@ AST_SECURITY_EVENT_SEVERITY_ERROR
Something has gone wrong.
@ AST_SECURITY_EVENT_SEVERITY_INFO
Informational event, not something that has gone wrong.
ast_security_event_type
Security event types.
@ AST_SECURITY_EVENT_INVAL_TRANSPORT
An attempt to contact a peer on an invalid transport.
@ AST_SECURITY_EVENT_LOAD_AVG
Load Average limit reached.
@ AST_SECURITY_EVENT_INVAL_PASSWORD
An attempt at basic password authentication failed.
@ AST_SECURITY_EVENT_SESSION_LIMIT
Session limit reached.
@ AST_SECURITY_EVENT_REQ_NO_SUPPORT
A request was made that we understand, but do not support.
@ AST_SECURITY_EVENT_FAILED_ACL
Failed ACL.
@ AST_SECURITY_EVENT_NUM_TYPES
This must stay at the end.
@ AST_SECURITY_EVENT_UNEXPECTED_ADDR
An unexpected source address was seen for a session in progress.
@ AST_SECURITY_EVENT_MEM_LIMIT
Memory limit reached.
@ AST_SECURITY_EVENT_REQ_NOT_ALLOWED
A request was made that is not allowed.
@ AST_SECURITY_EVENT_CHAL_SENT
Challenge was sent out, informational.
@ AST_SECURITY_EVENT_CHAL_RESP_FAILED
An attempt at challenge/response authentication failed.
@ AST_SECURITY_EVENT_REQ_BAD_FORMAT
Request received with bad formatting.
@ AST_SECURITY_EVENT_SUCCESSFUL_AUTH
FYI FWIW, Successful authentication has occurred.
@ AST_SECURITY_EVENT_INVAL_ACCT_ID
Invalid Account ID.
@ AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED
The attempted authentication method is not allowed.
#define AST_SECURITY_EVENT_LOAD_AVG_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION
Event descriptor version.
#define AST_SECURITY_EVENT_CHAL_SENT_VERSION
Event descriptor version.
Stasis Message Bus API. See Stasis Message Bus API for detailed documentation.
struct stasis_message_type * stasis_message_type(const struct stasis_message *msg)
Get the message type for a stasis_message.
#define STASIS_MESSAGE_TYPE_CLEANUP(name)
Boiler-plate messaging macro for cleaning up message types.
struct stasis_topic * stasis_topic_create(const char *name)
Create a new topic.
#define STASIS_MESSAGE_TYPE_INIT(name)
Boiler-plate messaging macro for initializing message types.
void * stasis_message_data(const struct stasis_message *msg)
Get the data contained in a message.
struct stasis_message * stasis_message_create(struct stasis_message_type *type, void *data)
Create a new message.
void stasis_publish(struct stasis_topic *topic, struct stasis_message *message)
Publish a message to a topic's subscribers.
String manipulation functions.
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
char * ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
#define S_OR(a, b)
returns the equivalent of logic or for strings: first one if not empty, otherwise second one.
#define ast_str_create(init_len)
Create a malloc'ed dynamic length string.
Abstract JSON element (object, array, string, int, ...).
Struct containing info for an AMI event to send out.
Common structure elements.
enum ast_security_event_type event_type
The security event sub-type.
uint32_t version
security event version
const char * service
Service that generated the event.
size_t offset
For internal usage.
enum ast_event_ie_type ie_type
const struct ast_sockaddr * addr
enum ast_transport transport
Support for dynamic strings.
struct timeval ast_tvnow(void)
Returns current timeval. Meant to replace calls to gettimeofday().
#define RAII_VAR(vartype, varname, initval, dtor)
Declare a variable that will call a destructor function when it goes out of scope.