Security Event Reporting Data Structures. More...

#include "asterisk/network.h"
#include "asterisk/netsock2.h"

Include dependency graph for security_events_defs.h:

This graph shows which files directly or indirectly include this file:

Data Structures
struct	ast_security_event_auth_method_not_allowed
	Auth method used not allowed. More...

struct	ast_security_event_chal_resp_failed
	An attempt at challenge/response auth failed. More...

struct	ast_security_event_chal_sent
	A challenge was sent out. More...

struct	ast_security_event_common
	Common structure elements. More...

struct	ast_security_event_failed_acl
	Checking against an IP access control list failed. More...

struct	ast_security_event_inval_acct_id
	Invalid account ID specified (invalid username, for example) More...

struct	ast_security_event_inval_password
	An attempt at basic password auth failed. More...

struct	ast_security_event_inval_transport
	Attempt to contact peer on invalid transport. More...

struct	ast_security_event_ip_addr

struct	ast_security_event_load_avg
	Request denied because of a load average limit. More...

struct	ast_security_event_mem_limit
	Request denied because of a memory limit. More...

struct	ast_security_event_req_bad_format
	Invalid formatting of request. More...

struct	ast_security_event_req_no_support
	Request denied because we don't support it. More...

struct	ast_security_event_req_not_allowed
	Request denied because it's not allowed. More...

struct	ast_security_event_session_limit
	Request denied because of a session limit. More...

struct	ast_security_event_successful_auth
	Successful authentication. More...

struct	ast_security_event_unexpected_addr
	Unexpected source address for a session in progress. More...

Macros
#define	AST_SEC_EVT(e) ((struct ast_security_event_common *) e)

#define	AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_CHAL_SENT_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_FAILED_ACL_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION 2
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_LOAD_AVG_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_MEM_LIMIT_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_SESSION_LIMIT_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION 1
	Event descriptor version. More...

#define	AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION 2
	Event descriptor version. More...

Detailed Description

Security Event Reporting Data Structures.

Author: Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com

Definition in file security_events_defs.h.

Macro Definition Documentation

◆ AST_SEC_EVT

#define AST_SEC_EVT ( e ) ((struct ast_security_event_common *) e)

Definition at line 139 of file security_events_defs.h.

Referenced by ast_sip_report_auth_challenge_sent(), ast_sip_report_auth_failed_challenge_response(), ast_sip_report_auth_success(), ast_sip_report_failed_acl(), ast_sip_report_invalid_endpoint(), ast_sip_report_mem_limit(), ast_sip_report_req_no_support(), evt_gen_auth_method_not_allowed(), evt_gen_chal_resp_failed(), evt_gen_chal_sent(), evt_gen_failed_acl(), evt_gen_inval_acct_id(), evt_gen_inval_password(), evt_gen_inval_transport(), evt_gen_load_avg(), evt_gen_mem_limit(), evt_gen_req_bad_format(), evt_gen_req_no_support(), evt_gen_req_not_allowed(), evt_gen_session_limit(), evt_gen_successful_auth(), evt_gen_unexpected_addr(), report_auth_success(), report_failed_acl(), report_failed_challenge_response(), report_inval_password(), report_invalid_user(), report_req_bad_format(), report_req_not_allowed(), report_session_limit(), sip_report_auth_success(), sip_report_chal_sent(), sip_report_failed_acl(), sip_report_failed_challenge_response(), sip_report_inval_password(), sip_report_inval_transport(), sip_report_invalid_peer(), and sip_report_session_limit().

◆ AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION

#define AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 340 of file security_events_defs.h.

Referenced by evt_gen_auth_method_not_allowed().

◆ AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION

#define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 429 of file security_events_defs.h.

Referenced by ast_sip_report_auth_failed_challenge_response(), evt_gen_chal_resp_failed(), report_failed_challenge_response(), and sip_report_failed_challenge_response().

◆ AST_SECURITY_EVENT_CHAL_SENT_VERSION

#define AST_SECURITY_EVENT_CHAL_SENT_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 491 of file security_events_defs.h.

Referenced by ast_sip_report_auth_challenge_sent(), evt_gen_chal_sent(), and sip_report_chal_sent().

◆ AST_SECURITY_EVENT_FAILED_ACL_VERSION

#define AST_SECURITY_EVENT_FAILED_ACL_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 208 of file security_events_defs.h.

Referenced by ast_sip_report_failed_acl(), evt_gen_failed_acl(), report_failed_acl(), and sip_report_failed_acl().

◆ AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION

#define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 229 of file security_events_defs.h.

Referenced by ast_sip_report_invalid_endpoint(), evt_gen_inval_acct_id(), report_invalid_user(), and sip_report_invalid_peer().

◆ AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION

#define AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION 2

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 460 of file security_events_defs.h.

Referenced by evt_gen_inval_password(), report_inval_password(), and sip_report_inval_password().

◆ AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION

#define AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 512 of file security_events_defs.h.

Referenced by evt_gen_inval_transport(), and sip_report_inval_transport().

◆ AST_SECURITY_EVENT_LOAD_AVG_VERSION

#define AST_SECURITY_EVENT_LOAD_AVG_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 277 of file security_events_defs.h.

Referenced by evt_gen_load_avg().

◆ AST_SECURITY_EVENT_MEM_LIMIT_VERSION

#define AST_SECURITY_EVENT_MEM_LIMIT_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 261 of file security_events_defs.h.

Referenced by ast_sip_report_mem_limit(), and evt_gen_mem_limit().

◆ AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION

#define AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 361 of file security_events_defs.h.

Referenced by evt_gen_req_bad_format(), and report_req_bad_format().

◆ AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION

#define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 293 of file security_events_defs.h.

Referenced by ast_sip_report_req_no_support(), and evt_gen_req_no_support().

◆ AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION

#define AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 314 of file security_events_defs.h.

Referenced by evt_gen_req_not_allowed(), and report_req_not_allowed().

◆ AST_SECURITY_EVENT_SESSION_LIMIT_VERSION

#define AST_SECURITY_EVENT_SESSION_LIMIT_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 245 of file security_events_defs.h.

Referenced by evt_gen_session_limit(), report_session_limit(), and sip_report_session_limit().

◆ AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION

#define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION 1

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 387 of file security_events_defs.h.

Referenced by ast_sip_report_auth_success(), evt_gen_successful_auth(), report_auth_success(), and sip_report_auth_success().

◆ AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION

#define AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION 2

Event descriptor version.

Note: This must be changed if this event descriptor is changed.

Definition at line 408 of file security_events_defs.h.

Referenced by evt_gen_unexpected_addr().

Enumeration Type Documentation

◆ ast_security_event_severity

enum ast_security_event_severity

the severity of a security event

This is defined as a bit field to make it easy for consumers of the API to subscribe to any combination of the defined severity levels.

XXX

Todo:: Do we need any more levels here?

Enumerator
AST_SECURITY_EVENT_SEVERITY_INFO	Informational event, not something that has gone wrong.
AST_SECURITY_EVENT_SEVERITY_ERROR	Something has gone wrong.

Definition at line 132 of file security_events_defs.h.

  {
  /*! \brief Informational event, not something that has gone wrong */
  AST_SECURITY_EVENT_SEVERITY_INFO = (1 << 0),
  /*! \brief Something has gone wrong */
  AST_SECURITY_EVENT_SEVERITY_ERROR = (1 << 1),
 };

◆ ast_security_event_type

enum ast_security_event_type

Security event types.

Enumerator
AST_SECURITY_EVENT_FAILED_ACL	Failed ACL. This security event should be generated when an incoming request was made, but was denied due to configured IP address access control lists.
AST_SECURITY_EVENT_INVAL_ACCT_ID	Invalid Account ID. This event is used when an invalid account identifier is supplied during authentication. For example, if an invalid username is given, this event should be used.
AST_SECURITY_EVENT_SESSION_LIMIT	Session limit reached. A request has been denied because a configured session limit has been reached, such as a call limit.
AST_SECURITY_EVENT_MEM_LIMIT	Memory limit reached. A request has been denied because a configured memory limit has been reached.
AST_SECURITY_EVENT_LOAD_AVG	Load Average limit reached. A request has been denied because a configured load average limit has been reached.
AST_SECURITY_EVENT_REQ_NO_SUPPORT	A request was made that we understand, but do not support.
AST_SECURITY_EVENT_REQ_NOT_ALLOWED	A request was made that is not allowed.
AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED	The attempted authentication method is not allowed.
AST_SECURITY_EVENT_REQ_BAD_FORMAT	Request received with bad formatting.
AST_SECURITY_EVENT_SUCCESSFUL_AUTH	FYI FWIW, Successful authentication has occurred.
AST_SECURITY_EVENT_UNEXPECTED_ADDR	An unexpected source address was seen for a session in progress.
AST_SECURITY_EVENT_CHAL_RESP_FAILED	An attempt at challenge/response authentication failed.
AST_SECURITY_EVENT_INVAL_PASSWORD	An attempt at basic password authentication failed.
AST_SECURITY_EVENT_CHAL_SENT	Challenge was sent out, informational.
AST_SECURITY_EVENT_INVAL_TRANSPORT	An attempt to contact a peer on an invalid transport.
AST_SECURITY_EVENT_NUM_TYPES	This must stay at the end.

Definition at line 40 of file security_events_defs.h.

  {
  /*!
  * \brief Failed ACL
  *
  * This security event should be generated when an incoming request
  * was made, but was denied due to configured IP address access control
  * lists.
  */
  AST_SECURITY_EVENT_FAILED_ACL,
  /*!
  * \brief Invalid Account ID
  *
  * This event is used when an invalid account identifier is supplied
  * during authentication. For example, if an invalid username is given,
  * this event should be used.
  */
  AST_SECURITY_EVENT_INVAL_ACCT_ID,
  /*!
  * \brief Session limit reached
  *
  * A request has been denied because a configured session limit has been
  * reached, such as a call limit.
  */
  AST_SECURITY_EVENT_SESSION_LIMIT,
  /*!
  * \brief Memory limit reached
  *
  * A request has been denied because a configured memory limit has been
  * reached.
  */
  AST_SECURITY_EVENT_MEM_LIMIT,
  /*!
  * \brief Load Average limit reached
  *
  * A request has been denied because a configured load average limit has been
  * reached.
  */
  AST_SECURITY_EVENT_LOAD_AVG,
  /*!
  * \brief A request was made that we understand, but do not support
  */
  AST_SECURITY_EVENT_REQ_NO_SUPPORT,
  /*!
  * \brief A request was made that is not allowed
  */
  AST_SECURITY_EVENT_REQ_NOT_ALLOWED,
  /*!
  * \brief The attempted authentication method is not allowed
  */
  AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED,
  /*!
  * \brief Request received with bad formatting
  */
  AST_SECURITY_EVENT_REQ_BAD_FORMAT,
  /*!
  * \brief FYI FWIW, Successful authentication has occurred
  */
  AST_SECURITY_EVENT_SUCCESSFUL_AUTH,
  /*!
  * \brief An unexpected source address was seen for a session in progress
  */
  AST_SECURITY_EVENT_UNEXPECTED_ADDR,
  /*!
  * \brief An attempt at challenge/response authentication failed
  */
  AST_SECURITY_EVENT_CHAL_RESP_FAILED,
  /*!
  * \brief An attempt at basic password authentication failed
  */
  AST_SECURITY_EVENT_INVAL_PASSWORD,
  /*!
  * \brief Challenge was sent out, informational
  */
  AST_SECURITY_EVENT_CHAL_SENT,
  /*!
  * \brief An attempt to contact a peer on an invalid transport.
  */
  AST_SECURITY_EVENT_INVAL_TRANSPORT,
  /*!
  * \brief This _must_ stay at the end.
  */
  AST_SECURITY_EVENT_NUM_TYPES
 };

Enumerations
enum	ast_security_event_severity { AST_SECURITY_EVENT_SEVERITY_INFO = (1 << 0), AST_SECURITY_EVENT_SEVERITY_ERROR = (1 << 1) }
	the severity of a security event More...

enum	ast_security_event_type { AST_SECURITY_EVENT_FAILED_ACL, AST_SECURITY_EVENT_INVAL_ACCT_ID, AST_SECURITY_EVENT_SESSION_LIMIT, AST_SECURITY_EVENT_MEM_LIMIT, AST_SECURITY_EVENT_LOAD_AVG, AST_SECURITY_EVENT_REQ_NO_SUPPORT, AST_SECURITY_EVENT_REQ_NOT_ALLOWED, AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED, AST_SECURITY_EVENT_REQ_BAD_FORMAT, AST_SECURITY_EVENT_SUCCESSFUL_AUTH, AST_SECURITY_EVENT_UNEXPECTED_ADDR, AST_SECURITY_EVENT_CHAL_RESP_FAILED, AST_SECURITY_EVENT_INVAL_PASSWORD, AST_SECURITY_EVENT_CHAL_SENT, AST_SECURITY_EVENT_INVAL_TRANSPORT, AST_SECURITY_EVENT_NUM_TYPES }
	Security event types. More...

Data Structures

Macros

Enumerations

Detailed Description

Macro Definition Documentation

◆ AST_SEC_EVT

◆ AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION

◆ AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION

◆ AST_SECURITY_EVENT_CHAL_SENT_VERSION

◆ AST_SECURITY_EVENT_FAILED_ACL_VERSION

◆ AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION

◆ AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION

◆ AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION

◆ AST_SECURITY_EVENT_LOAD_AVG_VERSION

◆ AST_SECURITY_EVENT_MEM_LIMIT_VERSION

◆ AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION

◆ AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION

◆ AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION

◆ AST_SECURITY_EVENT_SESSION_LIMIT_VERSION

◆ AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION

◆ AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION

Enumeration Type Documentation

◆ ast_security_event_severity

◆ ast_security_event_type