Asterisk - The Open Source Telephony Project GIT-master-a63eec2
Loading...
Searching...
No Matches
Enumerations | Functions | Variables
res_security_log.c File Reference

Security Event Logging. More...

#include "asterisk.h"
#include "asterisk/module.h"
#include "asterisk/logger.h"
#include "asterisk/threadstorage.h"
#include "asterisk/strings.h"
#include "asterisk/security_events.h"
#include "asterisk/stasis.h"
#include "asterisk/json.h"
Include dependency graph for res_security_log.c:

Go to the source code of this file.

Enumerations

enum  ie_required { NOT_REQUIRED , REQUIRED }
 

Functions

static void __reg_module (void)
 
static void __unreg_module (void)
 
static void append_json (struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
 
static void append_json_single (struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
 
struct ast_moduleAST_MODULE_SELF_SYM (void)
 
 AST_THREADSTORAGE_CUSTOM_SCOPE (security_event_buf, NULL, ast_free_ptr, static)
 
static int load_module (void)
 
static void security_event_stasis_cb (struct ast_json *json)
 
static void security_stasis_cb (void *data, struct stasis_subscription *sub, struct stasis_message *message)
 
static int unload_module (void)
 

Variables

static struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = ASTERISK_GPL_KEY , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
 
static const struct ast_module_infoast_module_info = &__mod_info
 
static int LOG_SECURITY
 
static const char LOG_SECURITY_NAME [] = "SECURITY"
 
static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
 
static struct stasis_subscriptionsecurity_stasis_sub
 

Detailed Description

Security Event Logging.

Author
Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com
Todo:

Make informational security events optional

Escape quotes in string payload IE contents

Definition in file res_security_log.c.

Enumeration Type Documentation

◆ ie_required

Enumerator
NOT_REQUIRED 
REQUIRED 

Definition at line 53 of file res_security_log.c.

53 {
56};
@ REQUIRED
@ NOT_REQUIRED

Function Documentation

◆ __reg_module()

static void __reg_module ( void  )
static

Definition at line 165 of file res_security_log.c.

◆ __unreg_module()

static void __unreg_module ( void  )
static

Definition at line 165 of file res_security_log.c.

◆ append_json()

static void append_json ( struct ast_str **  str,
struct ast_json json,
const struct ast_security_event_ie_type ies,
enum ie_required  required 
)
static

Definition at line 80 of file res_security_log.c.

82{
83 unsigned int i;
84
85 for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
86 append_json_single(str, json, ies[i].ie_type, required);
87 }
88}
const char * str
Definition app_jack.c:150
@ AST_EVENT_IE_END
Definition event_defs.h:70
static void append_json_single(struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
enum ast_event_ie_type ie_type

References append_json_single(), AST_EVENT_IE_END, ast_security_event_ie_type::ie_type, and str.

Referenced by security_event_stasis_cb().

◆ append_json_single()

static void append_json_single ( struct ast_str **  str,
struct ast_json json,
const enum ast_event_ie_type  ie_type,
enum ie_required  required 
)
static

Definition at line 58 of file res_security_log.c.

60{
61 const char *ie_type_key = ast_event_get_ie_type_name(ie_type);
62
63 struct ast_json *json_string;
64
65 json_string = ast_json_object_get(json, ie_type_key);
66
67 if (!required && !json_string) {
68 /* Optional IE isn't present. Ignore. */
69 return;
70 }
71
72 /* At this point, it _better_ be there! */
73 ast_assert(json_string != NULL);
74
75 ast_str_append(str, 0, ",%s=\"%s\"",
76 ie_type_key,
77 ast_json_string_get(json_string));
78}
const char * ast_event_get_ie_type_name(enum ast_event_ie_type ie_type)
Get the string representation of an information element type.
Definition event.c:209
const char * ast_json_string_get(const struct ast_json *string)
Get the value of a JSON string.
Definition json.c:283
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
Definition json.c:407
#define NULL
Definition resample.c:96
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
Definition strings.h:1139
Abstract JSON element (object, array, string, int, ...).
#define ast_assert(a)
Definition utils.h:776

References ast_assert, ast_event_get_ie_type_name(), ast_json_object_get(), ast_json_string_get(), ast_str_append(), NULL, and str.

Referenced by append_json().

◆ AST_MODULE_SELF_SYM()

struct ast_module * AST_MODULE_SELF_SYM ( void  )

Definition at line 165 of file res_security_log.c.

◆ AST_THREADSTORAGE_CUSTOM_SCOPE()

AST_THREADSTORAGE_CUSTOM_SCOPE ( security_event_buf  ,
NULL  ,
ast_free_ptr  ,
static   
)

◆ load_module()

static int load_module ( void  )
static

Definition at line 133 of file res_security_log.c.

134{
137 }
138
141 LOG_SECURITY = -1;
143 }
146
147 ast_verb(3, "Security Logging Enabled\n");
148
150}
int ast_logger_register_level(const char *name)
Register a new logger level.
Definition logger.c:2821
#define ast_verb(level,...)
void ast_logger_unregister_level(const char *name)
Unregister a previously registered logger level.
Definition logger.c:2879
@ AST_MODULE_LOAD_SUCCESS
Definition module.h:70
@ AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
Definition module.h:78
static int LOG_SECURITY
static struct stasis_subscription * security_stasis_sub
static const char LOG_SECURITY_NAME[]
static void security_stasis_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
ast_security_event_type
Security event types.
@ STASIS_SUBSCRIPTION_FILTER_SELECTIVE
Definition stasis.h:297
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
Definition stasis.c:1090
int stasis_subscription_set_filter(struct stasis_subscription *subscription, enum stasis_subscription_message_filter filter)
Set the message type filtering level on a subscription.
Definition stasis.c:1144
#define stasis_subscribe(topic, callback, data)
Definition stasis.h:649

References ast_logger_register_level(), ast_logger_unregister_level(), AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_security_topic(), ast_verb, LOG_SECURITY, LOG_SECURITY_NAME, NULL, security_stasis_cb(), security_stasis_sub, stasis_subscribe, stasis_subscription_accept_message_type(), STASIS_SUBSCRIPTION_FILTER_SELECTIVE, and stasis_subscription_set_filter().

◆ security_event_stasis_cb()

static void security_event_stasis_cb ( struct ast_json json)
static

Definition at line 90 of file res_security_log.c.

91{
92 struct ast_str *str;
93 struct ast_json *event_type_json;
94 enum ast_security_event_type event_type;
95
96 event_type_json = ast_json_object_get(json, "SecurityEvent");
97 event_type = ast_json_integer_get(event_type_json);
98
99 ast_assert((unsigned int)event_type < AST_SECURITY_EVENT_NUM_TYPES);
100
101 if (!(str = ast_str_thread_get(&security_event_buf,
103 return;
104 }
105
106 ast_str_set(&str, 0, "SecurityEvent=\"%s\"",
107 ast_security_event_get_name(event_type));
108
109 append_json(&str, json,
111 append_json(&str, json,
113
115}
#define ast_log_dynamic_level(level,...)
Send a log message to a dynamically registered log level.
intmax_t ast_json_integer_get(const struct ast_json *integer)
Get the value from a JSON integer.
Definition json.c:332
static const size_t SECURITY_EVENT_BUF_INIT_LEN
static void append_json(struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
const struct ast_security_event_ie_type * ast_security_event_get_required_ies(const enum ast_security_event_type event_type)
Get the list of required IEs for a given security event sub-type.
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
const struct ast_security_event_ie_type * ast_security_event_get_optional_ies(const enum ast_security_event_type event_type)
Get the list of optional IEs for a given security event sub-type.
@ AST_SECURITY_EVENT_NUM_TYPES
This must stay at the end.
int ast_str_set(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Set a dynamic string using variable arguments.
Definition strings.h:1113
char *attribute_pure ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
Definition strings.h:761
struct ast_str * ast_str_thread_get(struct ast_threadstorage *ts, size_t init_len)
Retrieve a thread locally stored dynamic string.
Definition strings.h:909
Support for dynamic strings.
Definition strings.h:623

References append_json(), ast_assert, ast_json_integer_get(), ast_json_object_get(), ast_log_dynamic_level, ast_security_event_get_name(), ast_security_event_get_optional_ies(), ast_security_event_get_required_ies(), AST_SECURITY_EVENT_NUM_TYPES, ast_str_buffer(), ast_str_set(), ast_str_thread_get(), LOG_SECURITY, NOT_REQUIRED, REQUIRED, SECURITY_EVENT_BUF_INIT_LEN, and str.

Referenced by security_stasis_cb().

◆ security_stasis_cb()

static void security_stasis_cb ( void *  data,
struct stasis_subscription sub,
struct stasis_message message 
)
static

Definition at line 117 of file res_security_log.c.

119{
121
123 return;
124 }
125
126 if (!payload) {
127 return;
128 }
129
131}
static void security_event_stasis_cb(struct ast_json *json)
void * stasis_message_data(const struct stasis_message *msg)
Get the data contained in a message.
struct ast_json * json
Definition json.h:1083

References ast_json_payload::json, security_event_stasis_cb(), and stasis_message_data().

Referenced by load_module().

◆ unload_module()

static int unload_module ( void  )
static

Definition at line 152 of file res_security_log.c.

153{
156 }
157
159
160 ast_verb(3, "Security Logging Disabled\n");
161
162 return 0;
163}
struct stasis_subscription * stasis_unsubscribe_and_join(struct stasis_subscription *subscription)
Cancel a subscription, blocking until the last message is processed.
Definition stasis.c:1201

References ast_logger_unregister_level(), ast_verb, LOG_SECURITY_NAME, security_stasis_sub, and stasis_unsubscribe_and_join().

Variable Documentation

◆ __mod_info

struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = ASTERISK_GPL_KEY , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
static

Definition at line 165 of file res_security_log.c.

◆ ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info
static

Definition at line 165 of file res_security_log.c.

◆ LOG_SECURITY

int LOG_SECURITY
static

Definition at line 46 of file res_security_log.c.

Referenced by load_module(), and security_event_stasis_cb().

◆ LOG_SECURITY_NAME

const char LOG_SECURITY_NAME[] = "SECURITY"
static

Definition at line 44 of file res_security_log.c.

Referenced by load_module(), and unload_module().

◆ SECURITY_EVENT_BUF_INIT_LEN

const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
static

Definition at line 51 of file res_security_log.c.

Referenced by security_event_stasis_cb().

◆ security_stasis_sub

struct stasis_subscription* security_stasis_sub
static

Definition at line 48 of file res_security_log.c.

Referenced by load_module(), and unload_module().