Asterisk - The Open Source Telephony Project  18.5.0
test_security_events.c
Go to the documentation of this file.
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2012, Digium, Inc.
5  *
6  * Russell Bryant <[email protected]>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18 
19 /*! \file
20  *
21  * \brief Test security event generation
22  *
23  * \author Russell Bryant <[email protected]>
24  */
25 
26 /*** MODULEINFO
27  <depend>TEST_FRAMEWORK</depend>
28  <support_level>core</support_level>
29  ***/
30 
31 #include "asterisk.h"
32 
33 #include "asterisk/module.h"
34 #include "asterisk/cli.h"
35 #include "asterisk/utils.h"
36 #include "asterisk/security_events.h"
37 #include "asterisk/netsock2.h"
38 
39 static void evt_gen_failed_acl(void);
40 static void evt_gen_inval_acct_id(void);
41 static void evt_gen_session_limit(void);
42 static void evt_gen_mem_limit(void);
43 static void evt_gen_load_avg(void);
44 static void evt_gen_req_no_support(void);
45 static void evt_gen_req_not_allowed(void);
46 static void evt_gen_auth_method_not_allowed(void);
47 static void evt_gen_req_bad_format(void);
48 static void evt_gen_successful_auth(void);
49 static void evt_gen_unexpected_addr(void);
50 static void evt_gen_chal_resp_failed(void);
51 static void evt_gen_inval_password(void);
52 static void evt_gen_chal_sent(void);
53 static void evt_gen_inval_transport(void);
54 
55 typedef void (*evt_generator)(void);
56 static const evt_generator evt_generators[AST_SECURITY_EVENT_NUM_TYPES] = {
57  [AST_SECURITY_EVENT_FAILED_ACL] = evt_gen_failed_acl,
58  [AST_SECURITY_EVENT_INVAL_ACCT_ID] = evt_gen_inval_acct_id,
59  [AST_SECURITY_EVENT_SESSION_LIMIT] = evt_gen_session_limit,
60  [AST_SECURITY_EVENT_MEM_LIMIT] = evt_gen_mem_limit,
61  [AST_SECURITY_EVENT_LOAD_AVG] = evt_gen_load_avg,
62  [AST_SECURITY_EVENT_REQ_NO_SUPPORT] = evt_gen_req_no_support,
63  [AST_SECURITY_EVENT_REQ_NOT_ALLOWED] = evt_gen_req_not_allowed,
64  [AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED] = evt_gen_auth_method_not_allowed,
65  [AST_SECURITY_EVENT_REQ_BAD_FORMAT] = evt_gen_req_bad_format,
66  [AST_SECURITY_EVENT_SUCCESSFUL_AUTH] = evt_gen_successful_auth,
67  [AST_SECURITY_EVENT_UNEXPECTED_ADDR] = evt_gen_unexpected_addr,
68  [AST_SECURITY_EVENT_CHAL_RESP_FAILED] = evt_gen_chal_resp_failed,
69  [AST_SECURITY_EVENT_INVAL_PASSWORD] = evt_gen_inval_password,
70  [AST_SECURITY_EVENT_CHAL_SENT] = evt_gen_chal_sent,
71  [AST_SECURITY_EVENT_INVAL_TRANSPORT] = evt_gen_inval_transport,
72 };
73 
74 static void evt_gen_failed_acl(void)
75 {
76  struct ast_sockaddr addr_local = { {0,} };
77  struct ast_sockaddr addr_remote = { {0,} };
78 
79  struct timeval session_tv = ast_tvnow();
80  struct ast_security_event_failed_acl failed_acl_event = {
81  .common.event_type = AST_SECURITY_EVENT_FAILED_ACL,
82  .common.version = AST_SECURITY_EVENT_FAILED_ACL_VERSION,
83  .common.service = "TEST",
84  .common.module = AST_MODULE,
85  .common.account_id = "Username",
86  .common.session_id = "Session123",
87  .common.session_tv = &session_tv,
88  .common.local_addr = {
89  .addr = &addr_local,
90  .transport = AST_TRANSPORT_UDP,
91  },
92  .common.remote_addr = {
93  .addr = &addr_remote,
94  .transport = AST_TRANSPORT_UDP,
95  },
96 
97  .acl_name = "TEST_ACL",
98  };
99 
100  char localaddr[53];
101  char remoteaddr[53];
102 
103  ast_copy_string(localaddr, "192.168.1.1:12121", sizeof(localaddr));
104  ast_copy_string(remoteaddr, "192.168.1.2:12345", sizeof(remoteaddr));
105 
106  ast_sockaddr_parse(&addr_local, localaddr, 0);
107  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
108 
109  ast_security_event_report(AST_SEC_EVT(&failed_acl_event));
110 }
111 
112 static void evt_gen_inval_acct_id(void)
113 {
114  struct ast_sockaddr addr_local = { {0,} };
115  struct ast_sockaddr addr_remote = { {0,} };
116 
117  struct timeval session_tv = ast_tvnow();
118  struct ast_security_event_inval_acct_id inval_acct_id = {
119  .common.event_type = AST_SECURITY_EVENT_INVAL_ACCT_ID,
120  .common.version = AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION,
121  .common.service = "TEST",
122  .common.module = AST_MODULE,
123  .common.account_id = "FakeUser",
124  .common.session_id = "Session456",
125  .common.session_tv = &session_tv,
126  .common.local_addr = {
127  .addr = &addr_local,
128  .transport = AST_TRANSPORT_TCP,
129  },
130  .common.remote_addr = {
131  .addr = &addr_remote,
132  .transport = AST_TRANSPORT_TCP,
133  },
134  };
135 
136  char localaddr[53];
137  char remoteaddr[53];
138 
139  ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
140  ast_copy_string(remoteaddr, "10.1.2.4:123", sizeof(remoteaddr));
141 
142  ast_sockaddr_parse(&addr_local, localaddr, 0);
143  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
144 
145  ast_security_event_report(AST_SEC_EVT(&inval_acct_id));
146 }
147 
148 static void evt_gen_session_limit(void)
149 {
150  struct ast_sockaddr addr_local = { {0,} };
151  struct ast_sockaddr addr_remote = { {0,} };
152 
153  struct timeval session_tv = ast_tvnow();
154  struct ast_security_event_session_limit session_limit = {
155  .common.event_type = AST_SECURITY_EVENT_SESSION_LIMIT,
156  .common.version = AST_SECURITY_EVENT_SESSION_LIMIT_VERSION,
157  .common.service = "TEST",
158  .common.module = AST_MODULE,
159  .common.account_id = "Jenny",
160  .common.session_id = "8675309",
161  .common.session_tv = &session_tv,
162  .common.local_addr = {
163  .addr = &addr_local,
164  .transport = AST_TRANSPORT_TLS,
165  },
166  .common.remote_addr = {
167  .addr = &addr_remote,
168  .transport = AST_TRANSPORT_TLS,
169  },
170  };
171 
172  char localaddr[53];
173  char remoteaddr[53];
174 
175  ast_copy_string(localaddr, "10.5.4.3:4444", sizeof(localaddr));
176  ast_copy_string(remoteaddr, "10.5.4.2:3333", sizeof(remoteaddr));
177 
178  ast_sockaddr_parse(&addr_local, localaddr, 0);
179  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
180 
181  ast_security_event_report(AST_SEC_EVT(&session_limit));
182 }
183 
184 static void evt_gen_mem_limit(void)
185 {
186  struct ast_sockaddr addr_local = { {0,} };
187  struct ast_sockaddr addr_remote = { {0,} };
188 
189  struct timeval session_tv = ast_tvnow();
190  struct ast_security_event_mem_limit mem_limit = {
191  .common.event_type = AST_SECURITY_EVENT_MEM_LIMIT,
192  .common.version = AST_SECURITY_EVENT_MEM_LIMIT_VERSION,
193  .common.service = "TEST",
194  .common.module = AST_MODULE,
195  .common.account_id = "Felix",
196  .common.session_id = "Session2604",
197  .common.session_tv = &session_tv,
198  .common.local_addr = {
199  .addr = &addr_local,
200  .transport = AST_TRANSPORT_UDP,
201  },
202  .common.remote_addr = {
203  .addr = &addr_remote,
204  .transport = AST_TRANSPORT_UDP,
205  },
206  };
207 
208  char localaddr[53];
209  char remoteaddr[53];
210 
211  ast_copy_string(localaddr, "10.10.10.10:555", sizeof(localaddr));
212  ast_copy_string(remoteaddr, "10.10.10.12:5656", sizeof(remoteaddr));
213 
214  ast_sockaddr_parse(&addr_local, localaddr, 0);
215  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
216 
217  ast_security_event_report(AST_SEC_EVT(&mem_limit));
218 }
219 
220 static void evt_gen_load_avg(void)
221 {
222  struct ast_sockaddr addr_local = { {0,} };
223  struct ast_sockaddr addr_remote = { {0,} };
224 
225  struct timeval session_tv = ast_tvnow();
226  struct ast_security_event_load_avg load_avg = {
227  .common.event_type = AST_SECURITY_EVENT_LOAD_AVG,
228  .common.version = AST_SECURITY_EVENT_LOAD_AVG_VERSION,
229  .common.service = "TEST",
230  .common.module = AST_MODULE,
231  .common.account_id = "GuestAccount",
232  .common.session_id = "XYZ123",
233  .common.session_tv = &session_tv,
234  .common.local_addr = {
235  .addr = &addr_local,
236  .transport = AST_TRANSPORT_UDP,
237  },
238  .common.remote_addr = {
239  .addr = &addr_remote,
240  .transport = AST_TRANSPORT_UDP,
241  },
242  };
243 
244  char localaddr[53];
245  char remoteaddr[53];
246 
247  ast_copy_string(localaddr, "10.11.12.13:9876", sizeof(localaddr));
248  ast_copy_string(remoteaddr, "10.12.11.10:9825", sizeof(remoteaddr));
249 
250  ast_sockaddr_parse(&addr_local, localaddr, 0);
251  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
252 
253  ast_security_event_report(AST_SEC_EVT(&load_avg));
254 }
255 
256 static void evt_gen_req_no_support(void)
257 {
258  struct ast_sockaddr addr_local = { {0,} };
259  struct ast_sockaddr addr_remote = { {0,} };
260 
261  struct timeval session_tv = ast_tvnow();
262  struct ast_security_event_req_no_support req_no_support = {
263  .common.event_type = AST_SECURITY_EVENT_REQ_NO_SUPPORT,
264  .common.version = AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION,
265  .common.service = "TEST",
266  .common.module = AST_MODULE,
267  .common.account_id = "George",
268  .common.session_id = "asdkl23478289lasdkf",
269  .common.session_tv = &session_tv,
270  .common.local_addr = {
271  .addr = &addr_local,
272  .transport = AST_TRANSPORT_UDP,
273  },
274  .common.remote_addr = {
275  .addr = &addr_remote,
276  .transport = AST_TRANSPORT_UDP,
277  },
278 
279  .request_type = "MakeMeDinner",
280  };
281 
282  char localaddr[53];
283  char remoteaddr[53];
284 
285  ast_copy_string(localaddr, "10.110.120.130:9888", sizeof(localaddr));
286  ast_copy_string(remoteaddr, "10.120.110.100:9777", sizeof(remoteaddr));
287 
288  ast_sockaddr_parse(&addr_local, localaddr, 0);
289  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
290 
291  ast_security_event_report(AST_SEC_EVT(&req_no_support));
292 }
293 
294 static void evt_gen_req_not_allowed(void)
295 {
296  struct ast_sockaddr addr_local = { {0,} };
297  struct ast_sockaddr addr_remote = { {0,} };
298 
299  struct timeval session_tv = ast_tvnow();
300  struct ast_security_event_req_not_allowed req_not_allowed = {
301  .common.event_type = AST_SECURITY_EVENT_REQ_NOT_ALLOWED,
302  .common.version = AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION,
303  .common.service = "TEST",
304  .common.module = AST_MODULE,
305  .common.account_id = "George",
306  .common.session_id = "alksdjf023423h4lka0df",
307  .common.session_tv = &session_tv,
308  .common.local_addr = {
309  .addr = &addr_local,
310  .transport = AST_TRANSPORT_UDP,
311  },
312  .common.remote_addr = {
313  .addr = &addr_remote,
314  .transport = AST_TRANSPORT_UDP,
315  },
316 
317  .request_type = "MakeMeBreakfast",
318  .request_params = "BACONNNN!",
319  };
320 
321  char localaddr[53];
322  char remoteaddr[53];
323 
324  ast_copy_string(localaddr, "10.110.120.130:9888", sizeof(localaddr));
325  ast_copy_string(remoteaddr, "10.120.110.100:9777", sizeof(remoteaddr));
326 
327  ast_sockaddr_parse(&addr_local, localaddr, 0);
328  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
329 
330  ast_security_event_report(AST_SEC_EVT(&req_not_allowed));
331 }
332 
333 static void evt_gen_auth_method_not_allowed(void)
334 {
335  struct ast_sockaddr addr_local = { {0,} };
336  struct ast_sockaddr addr_remote = { {0,} };
337 
338  struct timeval session_tv = ast_tvnow();
339  struct ast_security_event_auth_method_not_allowed auth_method_not_allowed = {
340  .common.event_type = AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED,
341  .common.version = AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION,
342  .common.service = "TEST",
343  .common.module = AST_MODULE,
344  .common.account_id = "Bob",
345  .common.session_id = "010101010101",
346  .common.session_tv = &session_tv,
347  .common.local_addr = {
348  .addr = &addr_local,
349  .transport = AST_TRANSPORT_TCP,
350  },
351  .common.remote_addr = {
352  .addr = &addr_remote,
353  .transport = AST_TRANSPORT_TCP,
354  },
355 
356  .auth_method = "PlainText"
357  };
358 
359  char localaddr[53];
360  char remoteaddr[53];
361 
362  ast_copy_string(localaddr, "10.110.120.135:8754", sizeof(localaddr));
363  ast_copy_string(remoteaddr, "10.120.110.105:8745", sizeof(remoteaddr));
364 
365  ast_sockaddr_parse(&addr_local, localaddr, 0);
366  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
367 
368  ast_security_event_report(AST_SEC_EVT(&auth_method_not_allowed));
369 }
370 
371 static void evt_gen_req_bad_format(void)
372 {
373  struct ast_sockaddr addr_local = { {0,} };
374  struct ast_sockaddr addr_remote = { {0,} };
375 
376  struct timeval session_tv = ast_tvnow();
377  struct ast_security_event_req_bad_format req_bad_format = {
378  .common.event_type = AST_SECURITY_EVENT_REQ_BAD_FORMAT,
379  .common.version = AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION,
380  .common.service = "TEST",
381  .common.module = AST_MODULE,
382  .common.account_id = "Larry",
383  .common.session_id = "838383fhfhf83hf8h3f8h",
384  .common.session_tv = &session_tv,
385  .common.local_addr = {
386  .addr = &addr_local,
387  .transport = AST_TRANSPORT_TCP,
388  },
389  .common.remote_addr = {
390  .addr = &addr_remote,
391  .transport = AST_TRANSPORT_TCP,
392  },
393 
394  .request_type = "CheeseBurger",
395  .request_params = "Onions,Swiss,MotorOil",
396  };
397 
398  char localaddr[53];
399  char remoteaddr[53];
400 
401  ast_copy_string(localaddr, "10.110.220.230:1212", sizeof(localaddr));
402  ast_copy_string(remoteaddr, "10.120.210.200:2121", sizeof(remoteaddr));
403 
404  ast_sockaddr_parse(&addr_local, localaddr, 0);
405  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
406 
407  ast_security_event_report(AST_SEC_EVT(&req_bad_format));
408 }
409 
410 static void evt_gen_successful_auth(void)
411 {
412  struct ast_sockaddr addr_local = { {0,} };
413  struct ast_sockaddr addr_remote = { {0,} };
414 
415  struct timeval session_tv = ast_tvnow();
416  struct ast_security_event_successful_auth successful_auth = {
417  .common.event_type = AST_SECURITY_EVENT_SUCCESSFUL_AUTH,
418  .common.version = AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION,
419  .common.service = "TEST",
420  .common.module = AST_MODULE,
421  .common.account_id = "ValidUser",
422  .common.session_id = "Session456",
423  .common.session_tv = &session_tv,
424  .common.local_addr = {
425  .addr = &addr_local,
426  .transport = AST_TRANSPORT_TCP,
427  },
428  .common.remote_addr = {
429  .addr = &addr_remote,
430  .transport = AST_TRANSPORT_TCP,
431  },
432  };
433 
434  char localaddr[53];
435  char remoteaddr[53];
436 
437  ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
438  ast_copy_string(remoteaddr, "10.1.2.4:1234", sizeof(remoteaddr));
439 
440  ast_sockaddr_parse(&addr_local, localaddr, 0);
441  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
442 
443  ast_security_event_report(AST_SEC_EVT(&successful_auth));
444 }
445 
446 static void evt_gen_unexpected_addr(void)
447 {
448  struct ast_sockaddr addr_local = { {0,} };
449  struct ast_sockaddr addr_remote = { {0,} };
450  struct ast_sockaddr addr_expected = { {0,} };
451 
452  struct timeval session_tv = ast_tvnow();
453  struct ast_security_event_unexpected_addr unexpected_addr = {
454  .common.event_type = AST_SECURITY_EVENT_UNEXPECTED_ADDR,
455  .common.version = AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION,
456  .common.service = "TEST",
457  .common.module = AST_MODULE,
458  .common.account_id = "CoolUser",
459  .common.session_id = "Session789",
460  .common.session_tv = &session_tv,
461  .common.local_addr = {
462  .addr = &addr_local,
463  .transport = AST_TRANSPORT_UDP,
464  },
465  .common.remote_addr = {
466  .addr = &addr_remote,
467  .transport = AST_TRANSPORT_UDP,
468  },
469 
470  .expected_addr = {
471  .addr = &addr_expected,
472  .transport = AST_TRANSPORT_UDP,
473  },
474  };
475 
476  char localaddr[53];
477  char remoteaddr[53];
478  char expectedaddr[53];
479 
480  ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
481  ast_copy_string(remoteaddr, "10.1.2.4:1234", sizeof(remoteaddr));
482  ast_copy_string(expectedaddr, "10.1.2.5:2343", sizeof(expectedaddr));
483 
484  ast_sockaddr_parse(&addr_local, localaddr, 0);
485  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
486  ast_sockaddr_parse(&addr_expected, expectedaddr, 0);
487 
488  ast_security_event_report(AST_SEC_EVT(&unexpected_addr));
489 }
490 
491 static void evt_gen_chal_resp_failed(void)
492 {
493  struct ast_sockaddr addr_local = { {0,} };
494  struct ast_sockaddr addr_remote = { {0,} };
495 
496  struct timeval session_tv = ast_tvnow();
497  struct ast_security_event_chal_resp_failed chal_resp_failed = {
498  .common.event_type = AST_SECURITY_EVENT_CHAL_RESP_FAILED,
499  .common.version = AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION,
500  .common.service = "TEST",
501  .common.module = AST_MODULE,
502  .common.account_id = "SuperDuperUser",
503  .common.session_id = "Session1231231231",
504  .common.session_tv = &session_tv,
505  .common.local_addr = {
506  .addr = &addr_local,
507  .transport = AST_TRANSPORT_TCP,
508  },
509  .common.remote_addr = {
510  .addr = &addr_remote,
511  .transport = AST_TRANSPORT_TCP,
512  },
513 
514  .challenge = "8adf8a9sd8fas9df23ljk4",
515  .response = "9u3jlaksdjflakjsdfoi23",
516  .expected_response = "oiafaljhadf9834luahk3k",
517  };
518 
519  char localaddr[53];
520  char remoteaddr[53];
521 
522  ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
523  ast_copy_string(remoteaddr, "10.1.2.4:1234", sizeof(remoteaddr));
524 
525  ast_sockaddr_parse(&addr_local, localaddr, 0);
526  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
527 
528  ast_security_event_report(AST_SEC_EVT(&chal_resp_failed));
529 }
530 
531 static void evt_gen_inval_password(void)
532 {
533  struct ast_sockaddr addr_local = { {0,} };
534  struct ast_sockaddr addr_remote = { {0,} };
535 
536  struct timeval session_tv = ast_tvnow();
537  struct ast_security_event_inval_password inval_password = {
538  .common.event_type = AST_SECURITY_EVENT_INVAL_PASSWORD,
539  .common.version = AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION,
540  .common.service = "TEST",
541  .common.module = AST_MODULE,
542  .common.account_id = "AccountIDGoesHere",
543  .common.session_id = "SessionIDGoesHere",
544  .common.session_tv = &session_tv,
545  .common.local_addr = {
546  .addr = &addr_local,
547  .transport = AST_TRANSPORT_TCP,
548  },
549  .common.remote_addr = {
550  .addr = &addr_remote,
551  .transport = AST_TRANSPORT_TCP,
552  },
553  .challenge = "GoOdChAlLeNgE",
554  .received_challenge = "BaDcHaLlEnGe",
555  .received_hash = "3ad9023adf309",
556  };
557 
558  char localaddr[53];
559  char remoteaddr[53];
560 
561  ast_copy_string(localaddr, "10.200.100.30:4321", sizeof(localaddr));
562  ast_copy_string(remoteaddr, "10.200.100.40:1234", sizeof(remoteaddr));
563 
564  ast_sockaddr_parse(&addr_local, localaddr, 0);
565  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
566 
567  ast_security_event_report(AST_SEC_EVT(&inval_password));
568 }
569 
570 static void evt_gen_chal_sent(void)
571 {
572  struct ast_sockaddr addr_local = { {0,} };
573  struct ast_sockaddr addr_remote = { {0,} };
574 
575  struct timeval session_tv = ast_tvnow();
576  struct ast_security_event_chal_sent chal_sent = {
577  .common.event_type = AST_SECURITY_EVENT_CHAL_SENT,
578  .common.version = AST_SECURITY_EVENT_CHAL_SENT_VERSION,
579  .common.service = "TEST",
580  .common.module = AST_MODULE,
581  .common.account_id = "AccountIDGoesHere",
582  .common.session_id = "SessionIDGoesHere",
583  .common.session_tv = &session_tv,
584  .common.local_addr = {
585  .addr = &addr_local,
586  .transport = AST_TRANSPORT_TCP,
587  },
588  .common.remote_addr = {
589  .addr = &addr_remote,
590  .transport = AST_TRANSPORT_TCP,
591  },
592  .challenge = "IcHaLlEnGeYoU",
593  };
594 
595  char localaddr[53];
596  char remoteaddr[53];
597 
598  ast_copy_string(localaddr, "10.200.10.30:5392", sizeof(localaddr));
599  ast_copy_string(remoteaddr, "10.200.10.31:1443", sizeof(remoteaddr));
600 
601  ast_sockaddr_parse(&addr_local, localaddr, 0);
602  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
603 
604  ast_security_event_report(AST_SEC_EVT(&chal_sent));
605 }
606 
607 static void evt_gen_inval_transport(void)
608 {
609  struct ast_sockaddr addr_local = { {0,} };
610  struct ast_sockaddr addr_remote = { {0,} };
611 
612  struct timeval session_tv = ast_tvnow();
613  struct ast_security_event_inval_transport inval_transport = {
614  .common.event_type = AST_SECURITY_EVENT_INVAL_TRANSPORT,
615  .common.version = AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION,
616  .common.service = "TEST",
617  .common.module = AST_MODULE,
618  .common.account_id = "AccountIDGoesHere",
619  .common.session_id = "SessionIDGoesHere",
620  .common.session_tv = &session_tv,
621  .common.local_addr = {
622  .addr = &addr_local,
623  .transport = AST_TRANSPORT_TCP,
624  },
625  .common.remote_addr = {
626  .addr = &addr_remote,
627  .transport = AST_TRANSPORT_TCP,
628  },
629  .transport = "UDP",
630  };
631 
632  char localaddr[53];
633  char remoteaddr[53];
634 
635  ast_copy_string(localaddr, "10.200.103.45:8223", sizeof(localaddr));
636  ast_copy_string(remoteaddr, "10.200.103.44:1039", sizeof(remoteaddr));
637 
638  ast_sockaddr_parse(&addr_local, localaddr, 0);
639  ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
640 
641  ast_security_event_report(AST_SEC_EVT(&inval_transport));
642 }
643 
644 static void gen_events(struct ast_cli_args *a)
645 {
646  unsigned int i;
647 
648  ast_cli(a->fd, "Generating some security events ...\n");
649 
650  for (i = 0; i < ARRAY_LEN(evt_generators); i++) {
651  const char *event_type = ast_security_event_get_name(i);
652 
653  if (!evt_generators[i]) {
654  ast_cli(a->fd, "*** No event generator for event type '%s' ***\n",
655  event_type);
656  continue;
657  }
658 
659  ast_cli(a->fd, "Generating a '%s' security event ...\n", event_type);
660 
661  evt_generators[i]();
662  }
663 
664  ast_cli(a->fd, "Security event generation complete.\n");
665 }
666 
667 static char *handle_cli_sec_evt_test(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
668 {
669  switch (cmd) {
670  case CLI_INIT:
671  e->command = "securityevents test generation";
672  e->usage = ""
673  "Usage: securityevents test generation"
674  "";
675  return NULL;
676  case CLI_GENERATE:
677  return NULL;
678  case CLI_HANDLER:
679  gen_events(a);
680  return CLI_SUCCESS;
681  }
682 
683  return CLI_FAILURE;
684 }
685 
686 static struct ast_cli_entry cli_sec_evt[] = {
687  AST_CLI_DEFINE(handle_cli_sec_evt_test, "Test security event generation"),
688 };
689 
690 static int unload_module(void)
691 {
692  return ast_cli_unregister_multiple(cli_sec_evt, ARRAY_LEN(cli_sec_evt));
693 }
694 
695 static int load_module(void)
696 {
697  int res;
698 
699  res = ast_cli_register_multiple(cli_sec_evt, ARRAY_LEN(cli_sec_evt));
700 
701  return res ? AST_MODULE_LOAD_DECLINE : AST_MODULE_LOAD_SUCCESS;
702 }
703 
704 AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Test Security Event Generation");
AST_SECURITY_EVENT_INVAL_PASSWORD
An attempt at basic password authentication failed.
Definition: security_events_defs.h:109
ast_security_event_mem_limit::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:266
AST_CLI_DEFINE
#define AST_CLI_DEFINE(fn, txt,...)
Definition: cli.h:197
ast_security_event_common::event_type
enum ast_security_event_type event_type
The security event sub-type.
Definition: security_events_defs.h:158
AST_MODULE_INFO_STANDARD
#define AST_MODULE_INFO_STANDARD(keystr, desc)
Definition: module.h:567
unload_module
static int unload_module(void)
Definition: test_security_events.c:690
ast_security_event_inval_transport::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:517
localaddr
static struct ast_ha * localaddr
List of local networks We store "localnet" addresses from the config file into an access list...
Definition: chan_sip.c:1147
asterisk.h
Asterisk main include file. File version handling, generic pbx functions.
ARRAY_LEN
#define ARRAY_LEN(a)
Definition: isdn_lib.c:42
AST_SECURITY_EVENT_SUCCESSFUL_AUTH
FYI FWIW, Successful authentication has occurred.
Definition: security_events_defs.h:97
security_events.h
Security Event Reporting API.
ast_sockaddr_parse
int ast_sockaddr_parse(struct ast_sockaddr *addr, const char *str, int flags)
Parse an IPv4 or IPv6 address string.
Definition: netsock2.c:230
ast_cli_unregister_multiple
int ast_cli_unregister_multiple(struct ast_cli_entry *e, int len)
Unregister multiple commands.
Definition: clicompat.c:30
AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION
#define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION
Event descriptor version.
Definition: security_events_defs.h:293
evt_gen_chal_resp_failed
static void evt_gen_chal_resp_failed(void)
Definition: test_security_events.c:491
ast_security_event_get_name
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
Definition: main/security_events.c:895
ast_security_event_chal_resp_failed
An attempt at challenge/response auth failed.
Definition: security_events_defs.h:424
ast_cli_entry
descriptor for a cli entry.
Definition: cli.h:171
evt_gen_auth_method_not_allowed
static void evt_gen_auth_method_not_allowed(void)
Definition: test_security_events.c:333
AST_SECURITY_EVENT_CHAL_SENT_VERSION
#define AST_SECURITY_EVENT_CHAL_SENT_VERSION
Event descriptor version.
Definition: security_events_defs.h:491
ast_security_event_req_no_support
Request denied because we don&#39;t support it.
Definition: security_events_defs.h:288
ast_security_event_failed_acl
Checking against an IP access control list failed.
Definition: security_events_defs.h:203
CLI_INIT
Definition: cli.h:152
ast_security_event_inval_acct_id::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:234
evt_gen_failed_acl
static void evt_gen_failed_acl(void)
Definition: test_security_events.c:74
AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED
The attempted authentication method is not allowed.
Definition: security_events_defs.h:89
ast_security_event_chal_sent
A challenge was sent out.
Definition: security_events_defs.h:486
ast_cli_register_multiple
#define ast_cli_register_multiple(e, len)
Register multiple commands.
Definition: cli.h:265
ast_tvnow
struct timeval ast_tvnow(void)
Returns current timeval. Meant to replace calls to gettimeofday().
Definition: time.h:150
ast_security_event_unexpected_addr
Unexpected source address for a session in progress.
Definition: security_events_defs.h:403
ast_security_event_chal_resp_failed::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:434
AST_SECURITY_EVENT_REQ_NOT_ALLOWED
A request was made that is not allowed.
Definition: security_events_defs.h:85
ast_security_event_req_bad_format::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:366
evt_gen_inval_transport
static void evt_gen_inval_transport(void)
Definition: test_security_events.c:607
NULL
#define NULL
Definition: resample.c:96
ast_cli
void ast_cli(int fd, const char *fmt,...)
Definition: clicompat.c:6
AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION
#define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION
Event descriptor version.
Definition: security_events_defs.h:387
AST_SECURITY_EVENT_UNEXPECTED_ADDR
An unexpected source address was seen for a session in progress.
Definition: security_events_defs.h:101
ast_security_event_unexpected_addr::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:413
ast_sockaddr
Socket address structure.
Definition: netsock2.h:97
AST_SEC_EVT
#define AST_SEC_EVT(e)
Definition: security_events_defs.h:139
AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION
#define AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION
Event descriptor version.
Definition: security_events_defs.h:408
utils.h
Utility functions.
gen_events
static void gen_events(struct ast_cli_args *a)
Definition: test_security_events.c:644
AST_SECURITY_EVENT_MEM_LIMIT
Memory limit reached.
Definition: security_events_defs.h:70
ast_security_event_inval_password
An attempt at basic password auth failed.
Definition: security_events_defs.h:455
ast_cli_args::fd
const int fd
Definition: cli.h:159
AST_SECURITY_EVENT_REQ_BAD_FORMAT
Request received with bad formatting.
Definition: security_events_defs.h:93
ast_security_event_session_limit
Request denied because of a session limit.
Definition: security_events_defs.h:240
evt_gen_inval_acct_id
static void evt_gen_inval_acct_id(void)
Definition: test_security_events.c:112
ast_security_event_successful_auth
Successful authentication.
Definition: security_events_defs.h:382
AST_SECURITY_EVENT_FAILED_ACL_VERSION
#define AST_SECURITY_EVENT_FAILED_ACL_VERSION
Event descriptor version.
Definition: security_events_defs.h:208
evt_gen_successful_auth
static void evt_gen_successful_auth(void)
Definition: test_security_events.c:410
AST_SECURITY_EVENT_CHAL_SENT
Challenge was sent out, informational.
Definition: security_events_defs.h:113
ast_security_event_inval_password::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:465
ast_security_event_failed_acl::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:213
evt_gen_req_no_support
static void evt_gen_req_no_support(void)
Definition: test_security_events.c:256
AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION
#define AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION
Event descriptor version.
Definition: security_events_defs.h:340
AST_SECURITY_EVENT_MEM_LIMIT_VERSION
#define AST_SECURITY_EVENT_MEM_LIMIT_VERSION
Event descriptor version.
Definition: security_events_defs.h:261
netsock2.h
Network socket handling.
evt_generator
void(* evt_generator)(void)
Definition: test_security_events.c:55
ast_security_event_auth_method_not_allowed
Auth method used not allowed.
Definition: security_events_defs.h:335
evt_gen_inval_password
static void evt_gen_inval_password(void)
Definition: test_security_events.c:531
ast_security_event_inval_transport
Attempt to contact peer on invalid transport.
Definition: security_events_defs.h:507
AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION
#define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION
Event descriptor version.
Definition: security_events_defs.h:229
ast_security_event_load_avg::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:282
ast_security_event_mem_limit
Request denied because of a memory limit.
Definition: security_events_defs.h:256
evt_gen_mem_limit
static void evt_gen_mem_limit(void)
Definition: test_security_events.c:184
ast_security_event_req_no_support::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:298
evt_gen_session_limit
static void evt_gen_session_limit(void)
Definition: test_security_events.c:148
AST_SECURITY_EVENT_LOAD_AVG
Load Average limit reached.
Definition: security_events_defs.h:77
ast_security_event_load_avg
Request denied because of a load average limit.
Definition: security_events_defs.h:272
AST_SECURITY_EVENT_CHAL_RESP_FAILED
An attempt at challenge/response authentication failed.
Definition: security_events_defs.h:105
AST_SECURITY_EVENT_FAILED_ACL
Failed ACL.
Definition: security_events_defs.h:48
handle_cli_sec_evt_test
static char * handle_cli_sec_evt_test(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
Definition: test_security_events.c:667
evt_gen_req_bad_format
static void evt_gen_req_bad_format(void)
Definition: test_security_events.c:371
CLI_FAILURE
#define CLI_FAILURE
Definition: cli.h:46
evt_generators
static const evt_generator evt_generators[AST_SECURITY_EVENT_NUM_TYPES]
Definition: test_security_events.c:56
ast_cli_entry::command
char * command
Definition: cli.h:186
ast_security_event_successful_auth::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:392
AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
Definition: module.h:78
ast_security_event_auth_method_not_allowed::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:345
load_module
static int load_module(void)
Definition: test_security_events.c:695
AST_SECURITY_EVENT_NUM_TYPES
This must stay at the end.
Definition: security_events_defs.h:121
AST_SECURITY_EVENT_LOAD_AVG_VERSION
#define AST_SECURITY_EVENT_LOAD_AVG_VERSION
Event descriptor version.
Definition: security_events_defs.h:277
ast_cli_entry::usage
const char * usage
Definition: cli.h:177
ast_security_event_inval_acct_id
Invalid account ID specified (invalid username, for example)
Definition: security_events_defs.h:224
AST_SECURITY_EVENT_SESSION_LIMIT
Session limit reached.
Definition: security_events_defs.h:63
cli_sec_evt
static struct ast_cli_entry cli_sec_evt[]
Definition: test_security_events.c:686
CLI_SUCCESS
#define CLI_SUCCESS
Definition: cli.h:44
ast_security_event_session_limit::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:250
ast_security_event_req_not_allowed::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:319
AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION
#define AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION
Event descriptor version.
Definition: security_events_defs.h:460
evt_gen_unexpected_addr
static void evt_gen_unexpected_addr(void)
Definition: test_security_events.c:446
AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION
#define AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION
Event descriptor version.
Definition: security_events_defs.h:512
AST_SECURITY_EVENT_INVAL_ACCT_ID
Invalid Account ID.
Definition: security_events_defs.h:56
cli.h
Standard Command Line Interface.
ast_security_event_chal_sent::common
struct ast_security_event_common common
Common security event descriptor elements.
Definition: security_events_defs.h:496
AST_MODULE
#define AST_MODULE
Definition: app_audiosocket.c:45
ast_copy_string
void ast_copy_string(char *dst, const char *src, size_t size)
Size-limited null-terminating string copy.
Definition: strings.h:401
ast_cli_args
Definition: cli.h:158
AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION
#define AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION
Event descriptor version.
Definition: security_events_defs.h:361
AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION
#define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION
Event descriptor version.
Definition: security_events_defs.h:429
evt_gen_chal_sent
static void evt_gen_chal_sent(void)
Definition: test_security_events.c:570
ast_security_event_req_bad_format
Invalid formatting of request.
Definition: security_events_defs.h:356
ast_security_event_report
int ast_security_event_report(const struct ast_security_event_common *sec)
Report a security event.
Definition: main/security_events.c:1171
ASTERISK_GPL_KEY
#define ASTERISK_GPL_KEY
The text the key() function should return.
Definition: module.h:46
module.h
Asterisk module definitions.
evt_gen_load_avg
static void evt_gen_load_avg(void)
Definition: test_security_events.c:220
AST_SECURITY_EVENT_SESSION_LIMIT_VERSION
#define AST_SECURITY_EVENT_SESSION_LIMIT_VERSION
Event descriptor version.
Definition: security_events_defs.h:245
ast_security_event_req_not_allowed
Request denied because it&#39;s not allowed.
Definition: security_events_defs.h:309
AST_SECURITY_EVENT_INVAL_TRANSPORT
An attempt to contact a peer on an invalid transport.
Definition: security_events_defs.h:117
AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION
#define AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION
Event descriptor version.
Definition: security_events_defs.h:314
AST_SECURITY_EVENT_REQ_NO_SUPPORT
A request was made that we understand, but do not support.
Definition: security_events_defs.h:81
evt_gen_req_not_allowed
static void evt_gen_req_not_allowed(void)
Definition: test_security_events.c:294
a
static struct test_val a
Definition: test_linkedlists.c:46
Generated on Sun Aug 8 2021 19:44:21 for Asterisk - The Open Source Telephony Project by   doxygen 1.8.13