Asterisk - The Open Source Telephony Project GIT-master-7e7a603
Enumerations | Functions | Variables
res_security_log.c File Reference

Security Event Logging. More...

#include "asterisk.h"
#include "asterisk/module.h"
#include "asterisk/logger.h"
#include "asterisk/threadstorage.h"
#include "asterisk/strings.h"
#include "asterisk/security_events.h"
#include "asterisk/stasis.h"
#include "asterisk/json.h"
Include dependency graph for res_security_log.c:

Go to the source code of this file.

Enumerations

enum  ie_required { NOT_REQUIRED , REQUIRED , NOT_REQUIRED , REQUIRED }
 

Functions

static void __init_security_event_buf (void)
 
static void __reg_module (void)
 
static void __unreg_module (void)
 
static void append_json (struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
 
static void append_json_single (struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
 
struct ast_moduleAST_MODULE_SELF_SYM (void)
 
static int load_module (void)
 
static void security_event_stasis_cb (struct ast_json *json)
 
static void security_stasis_cb (void *data, struct stasis_subscription *sub, struct stasis_message *message)
 
static int unload_module (void)
 

Variables

static struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
 
static const struct ast_module_infoast_module_info = &__mod_info
 
static int LOG_SECURITY
 
static const char LOG_SECURITY_NAME [] = "SECURITY"
 
static struct ast_threadstorage security_event_buf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_security_event_buf , .custom_init = NULL , }
 
static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
 
static struct stasis_subscriptionsecurity_stasis_sub
 

Detailed Description

Security Event Logging.

Author
Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com
Todo:

Make informational security events optional

Escape quotes in string payload IE contents

Definition in file res_security_log.c.

Enumeration Type Documentation

◆ ie_required

enum ie_required
Enumerator
NOT_REQUIRED 
REQUIRED 
NOT_REQUIRED 
REQUIRED 

Definition at line 53 of file res_security_log.c.

53 {
54 NOT_REQUIRED,
55 REQUIRED
56};
REQUIRED
@ REQUIRED
Definition: res_security_log.c:55
NOT_REQUIRED
@ NOT_REQUIRED
Definition: res_security_log.c:54

Function Documentation

◆ __init_security_event_buf()

static void __init_security_event_buf ( void  )
static

Definition at line 50 of file res_security_log.c.

53{

◆ __reg_module()

static void __reg_module ( void  )
static

Definition at line 165 of file res_security_log.c.

◆ __unreg_module()

static void __unreg_module ( void  )
static

Definition at line 165 of file res_security_log.c.

◆ append_json()

static void append_json ( struct ast_str **  str,
struct ast_json json,
const struct ast_security_event_ie_type ies,
enum ie_required  required 
)
static

Definition at line 80 of file res_security_log.c.

82{
83 unsigned int i;
84
85 for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
86 append_json_single(str, json, ies[i].ie_type, required);
87 }
88}
str
const char * str
Definition: app_jack.c:147
AST_EVENT_IE_END
@ AST_EVENT_IE_END
Definition: event_defs.h:70
append_json_single
static void append_json_single(struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
Definition: res_security_log.c:58
ast_security_event_ie_type::ie_type
enum ast_event_ie_type ie_type
Definition: security_events.h:54

References append_json_single(), AST_EVENT_IE_END, ast_security_event_ie_type::ie_type, and str.

Referenced by security_event_stasis_cb().

◆ append_json_single()

static void append_json_single ( struct ast_str **  str,
struct ast_json json,
const enum ast_event_ie_type  ie_type,
enum ie_required  required 
)
static

Definition at line 58 of file res_security_log.c.

60{
61 const char *ie_type_key = ast_event_get_ie_type_name(ie_type);
62
63 struct ast_json *json_string;
64
65 json_string = ast_json_object_get(json, ie_type_key);
66
67 if (!required && !json_string) {
68 /* Optional IE isn't present. Ignore. */
69 return;
70 }
71
72 /* At this point, it _better_ be there! */
73 ast_assert(json_string != NULL);
74
75 ast_str_append(str, 0, ",%s=\"%s\"",
76 ie_type_key,
77 ast_json_string_get(json_string));
78}
ast_event_get_ie_type_name
const char * ast_event_get_ie_type_name(enum ast_event_ie_type ie_type)
Get the string representation of an information element type.
Definition: event.c:208
ast_json_string_get
const char * ast_json_string_get(const struct ast_json *string)
Get the value of a JSON string.
Definition: json.c:283
ast_json_object_get
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
Definition: json.c:407
NULL
#define NULL
Definition: resample.c:96
ast_str_append
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
Definition: strings.h:1139
ast_json
Abstract JSON element (object, array, string, int, ...).
ast_assert
#define ast_assert(a)
Definition: utils.h:739

References ast_assert, ast_event_get_ie_type_name(), ast_json_object_get(), ast_json_string_get(), ast_str_append(), NULL, and str.

Referenced by append_json().

◆ AST_MODULE_SELF_SYM()

struct ast_module * AST_MODULE_SELF_SYM ( void  )

Definition at line 165 of file res_security_log.c.

◆ load_module()

static int load_module ( void  )
static

Definition at line 133 of file res_security_log.c.

134{
135 if ((LOG_SECURITY = ast_logger_register_level(LOG_SECURITY_NAME)) == -1) {
136 return AST_MODULE_LOAD_DECLINE;
137 }
138
139 if (!(security_stasis_sub = stasis_subscribe(ast_security_topic(), security_stasis_cb, NULL))) {
140 ast_logger_unregister_level(LOG_SECURITY_NAME);
141 LOG_SECURITY = -1;
142 return AST_MODULE_LOAD_DECLINE;
143 }
144 stasis_subscription_accept_message_type(security_stasis_sub, ast_security_event_type());
145 stasis_subscription_set_filter(security_stasis_sub, STASIS_SUBSCRIPTION_FILTER_SELECTIVE);
146
147 ast_verb(3, "Security Logging Enabled\n");
148
149 return AST_MODULE_LOAD_SUCCESS;
150}
ast_logger_register_level
int ast_logger_register_level(const char *name)
Register a new logger level.
Definition: logger.c:2839
ast_verb
#define ast_verb(level,...)
Definition: include/asterisk/logger.h:462
ast_logger_unregister_level
void ast_logger_unregister_level(const char *name)
Unregister a previously registered logger level.
Definition: logger.c:2897
AST_MODULE_LOAD_SUCCESS
@ AST_MODULE_LOAD_SUCCESS
Definition: module.h:70
AST_MODULE_LOAD_DECLINE
@ AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
Definition: module.h:78
LOG_SECURITY
static int LOG_SECURITY
Definition: res_security_log.c:46
security_stasis_sub
static struct stasis_subscription * security_stasis_sub
Definition: res_security_log.c:48
LOG_SECURITY_NAME
static const char LOG_SECURITY_NAME[]
Definition: res_security_log.c:44
security_stasis_cb
static void security_stasis_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
Definition: res_security_log.c:117
ast_security_topic
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
Definition: main/security_events.c:380
ast_security_event_type
ast_security_event_type
Security event types.
Definition: security_events_defs.h:40
STASIS_SUBSCRIPTION_FILTER_SELECTIVE
@ STASIS_SUBSCRIPTION_FILTER_SELECTIVE
Definition: stasis.h:297
stasis_subscription_accept_message_type
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
Definition: stasis.c:1023
stasis_subscription_set_filter
int stasis_subscription_set_filter(struct stasis_subscription *subscription, enum stasis_subscription_message_filter filter)
Set the message type filtering level on a subscription.
Definition: stasis.c:1077
stasis_subscribe
#define stasis_subscribe(topic, callback, data)
Definition: stasis.h:649

References ast_logger_register_level(), ast_logger_unregister_level(), AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_security_topic(), ast_verb, LOG_SECURITY, LOG_SECURITY_NAME, NULL, security_stasis_cb(), security_stasis_sub, stasis_subscribe, stasis_subscription_accept_message_type(), STASIS_SUBSCRIPTION_FILTER_SELECTIVE, and stasis_subscription_set_filter().

◆ security_event_stasis_cb()

static void security_event_stasis_cb ( struct ast_json json)
static

Definition at line 90 of file res_security_log.c.

91{
92 struct ast_str *str;
93 struct ast_json *event_type_json;
94 enum ast_security_event_type event_type;
95
96 event_type_json = ast_json_object_get(json, "SecurityEvent");
97 event_type = ast_json_integer_get(event_type_json);
98
99 ast_assert((unsigned int)event_type < AST_SECURITY_EVENT_NUM_TYPES);
100
101 if (!(str = ast_str_thread_get(&security_event_buf,
102 SECURITY_EVENT_BUF_INIT_LEN))) {
103 return;
104 }
105
106 ast_str_set(&str, 0, "SecurityEvent=\"%s\"",
107 ast_security_event_get_name(event_type));
108
109 append_json(&str, json,
110 ast_security_event_get_required_ies(event_type), REQUIRED);
111 append_json(&str, json,
112 ast_security_event_get_optional_ies(event_type), NOT_REQUIRED);
113
114 ast_log_dynamic_level(LOG_SECURITY, "%s\n", ast_str_buffer(str));
115}
ast_log_dynamic_level
#define ast_log_dynamic_level(level,...)
Send a log message to a dynamically registered log level.
Definition: include/asterisk/logger.h:438
ast_json_integer_get
intmax_t ast_json_integer_get(const struct ast_json *integer)
Get the value from a JSON integer.
Definition: json.c:332
security_event_buf
static struct ast_threadstorage security_event_buf
Definition: res_security_log.c:50
SECURITY_EVENT_BUF_INIT_LEN
static const size_t SECURITY_EVENT_BUF_INIT_LEN
Definition: res_security_log.c:51
append_json
static void append_json(struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
Definition: res_security_log.c:80
ast_security_event_get_required_ies
const struct ast_security_event_ie_type * ast_security_event_get_required_ies(const enum ast_security_event_type event_type)
Get the list of required IEs for a given security event sub-type.
Definition: main/security_events.c:904
ast_security_event_get_name
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
Definition: main/security_events.c:895
ast_security_event_get_optional_ies
const struct ast_security_event_ie_type * ast_security_event_get_optional_ies(const enum ast_security_event_type event_type)
Get the list of optional IEs for a given security event sub-type.
Definition: main/security_events.c:914
AST_SECURITY_EVENT_NUM_TYPES
@ AST_SECURITY_EVENT_NUM_TYPES
This must stay at the end.
Definition: security_events_defs.h:121
ast_str_buffer
char * ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
Definition: strings.h:761
ast_str_set
int ast_str_set(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Set a dynamic string using variable arguments.
Definition: strings.h:1113
ast_str_thread_get
struct ast_str * ast_str_thread_get(struct ast_threadstorage *ts, size_t init_len)
Retrieve a thread locally stored dynamic string.
Definition: strings.h:909
ast_str
Support for dynamic strings.
Definition: strings.h:623

References append_json(), ast_assert, ast_json_integer_get(), ast_json_object_get(), ast_log_dynamic_level, ast_security_event_get_name(), ast_security_event_get_optional_ies(), ast_security_event_get_required_ies(), AST_SECURITY_EVENT_NUM_TYPES, ast_str_buffer(), ast_str_set(), ast_str_thread_get(), LOG_SECURITY, NOT_REQUIRED, REQUIRED, security_event_buf, SECURITY_EVENT_BUF_INIT_LEN, and str.

Referenced by security_stasis_cb().

◆ security_stasis_cb()

static void security_stasis_cb ( void *  data,
struct stasis_subscription sub,
struct stasis_message message 
)
static

Definition at line 117 of file res_security_log.c.

119{
120 struct ast_json_payload *payload = stasis_message_data(message);
121
122 if (stasis_message_type(message) != ast_security_event_type()) {
123 return;
124 }
125
126 if (!payload) {
127 return;
128 }
129
130 security_event_stasis_cb(payload->json);
131}
security_event_stasis_cb
static void security_event_stasis_cb(struct ast_json *json)
Definition: res_security_log.c:90
stasis_message_type
struct stasis_message_type * stasis_message_type(const struct stasis_message *msg)
Get the message type for a stasis_message.
Definition: stasis_message.c:187
stasis_message_data
void * stasis_message_data(const struct stasis_message *msg)
Get the data contained in a message.
Definition: stasis_message.c:195
ast_json_payload
Definition: json.h:1082
ast_json_payload::json
struct ast_json * json
Definition: json.h:1083

References ast_json_payload::json, security_event_stasis_cb(), stasis_message_data(), and stasis_message_type().

Referenced by load_module().

◆ unload_module()

static int unload_module ( void  )
static

Definition at line 152 of file res_security_log.c.

153{
154 if (security_stasis_sub) {
155 security_stasis_sub = stasis_unsubscribe_and_join(security_stasis_sub);
156 }
157
158 ast_logger_unregister_level(LOG_SECURITY_NAME);
159
160 ast_verb(3, "Security Logging Disabled\n");
161
162 return 0;
163}
stasis_unsubscribe_and_join
struct stasis_subscription * stasis_unsubscribe_and_join(struct stasis_subscription *subscription)
Cancel a subscription, blocking until the last message is processed.
Definition: stasis.c:1134

References ast_logger_unregister_level(), ast_verb, LOG_SECURITY_NAME, security_stasis_sub, and stasis_unsubscribe_and_join().

Variable Documentation

◆ __mod_info

struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
static

Definition at line 165 of file res_security_log.c.

◆ ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info
static

Definition at line 165 of file res_security_log.c.

◆ LOG_SECURITY

int LOG_SECURITY
static

Definition at line 46 of file res_security_log.c.

Referenced by load_module(), and security_event_stasis_cb().

◆ LOG_SECURITY_NAME

const char LOG_SECURITY_NAME[] = "SECURITY"
static

Definition at line 44 of file res_security_log.c.

Referenced by load_module(), and unload_module().

◆ security_event_buf

struct ast_threadstorage security_event_buf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_security_event_buf , .custom_init = NULL , }
static

Definition at line 50 of file res_security_log.c.

Referenced by security_event_stasis_cb().

◆ SECURITY_EVENT_BUF_INIT_LEN

const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
static

Definition at line 51 of file res_security_log.c.

Referenced by security_event_stasis_cb().

◆ security_stasis_sub

struct stasis_subscription* security_stasis_sub
static

Definition at line 48 of file res_security_log.c.

Referenced by load_module(), and unload_module().

Generated on Wed Apr 24 2024 20:04:53 for Asterisk - The Open Source Telephony Project by doxygen 1.9.4