res_security_log.c File Reference

Security Event Logging. More...

#include "asterisk.h"
#include "asterisk/module.h"
#include "asterisk/logger.h"
#include "asterisk/threadstorage.h"
#include "asterisk/strings.h"
#include "asterisk/security_events.h"
#include "asterisk/stasis.h"
#include "asterisk/json.h"

Include dependency graph for res_security_log.c:

Go to the source code of this file.

Enumerations
enum	ie_required { NOT_REQUIRED, REQUIRED, NOT_REQUIRED, REQUIRED }

Functions
static void	__init_security_event_buf (void)
static void	__reg_module (void)
static void	__unreg_module (void)
static void	append_json (struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
static void	append_json_single (struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
struct ast_module *	AST_MODULE_SELF_SYM (void)
static int	load_module (void)
static void	security_event_stasis_cb (struct ast_json *json)
static void	security_stasis_cb (void *data, struct stasis_subscription *sub, struct stasis_message *message)
static int	unload_module (void)

Variables
static struct ast_module_info	__mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
static const struct ast_module_info *	ast_module_info = &__mod_info
static int	LOG_SECURITY
static const char	LOG_SECURITY_NAME [] = "SECURITY"
static struct ast_threadstorage	security_event_buf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_security_event_buf , .custom_init = NULL , }
static const size_t	SECURITY_EVENT_BUF_INIT_LEN = 256
static struct stasis_subscription *	security_stasis_sub

Detailed Description

Security Event Logging.

Author

Russell Bryant russe.nosp@m.ll@d.nosp@m.igium.nosp@m..com

Todo:

Make informational security events optional

Escape quotes in string payload IE contents

Definition in file res_security_log.c.

Enumeration Type Documentation

ie_required

enum ie_required

Enumerator
NOT_REQUIRED
REQUIRED
NOT_REQUIRED
REQUIRED

Definition at line 53 of file res_security_log.c.

 {
 NOT_REQUIRED,
 REQUIRED
};

Function Documentation

__init_security_event_buf()

static void __init_security_event_buf ( void  )

static

Definition at line 50 of file res_security_log.c.

{

__reg_module()

static void __reg_module ( void  )

static

Definition at line 165 of file res_security_log.c.

__unreg_module()

static void __unreg_module ( void  )

static

Definition at line 165 of file res_security_log.c.

append_json()

static void append_json ( struct ast_str **  str, struct ast_json *  json, const struct ast_security_event_ie_type *  ies, enum ie_required  required  )

static

Definition at line 80 of file res_security_log.c.

References append_json_single(), AST_EVENT_IE_END, and ast_security_event_ie_type::ie_type.

Referenced by security_event_stasis_cb().

{
 unsigned int i;

 for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
 append_json_single(str, json, ies[i].ie_type, required);
 }
}

append_json_single()

static void append_json_single ( struct ast_str **  str, struct ast_json *  json, const enum ast_event_ie_type  ie_type, enum ie_required  required  )

static

Definition at line 58 of file res_security_log.c.

References ast_assert, ast_event_get_ie_type_name(), ast_json_object_get(), ast_json_string_get(), ast_str_append(), and NULL.

Referenced by append_json().

{
 const char *ie_type_key = ast_event_get_ie_type_name(ie_type);

 struct ast_json *json_string;

 json_string = ast_json_object_get(json, ie_type_key);

 if (!required && !json_string) {
 /* Optional IE isn't present. Ignore. */
 return;
 }

 /* At this point, it _better_ be there! */
 ast_assert(json_string != NULL);

 ast_str_append(str, 0, ",%s=\"%s\"",
 ie_type_key,
 ast_json_string_get(json_string));
}

AST_MODULE_SELF_SYM()

struct ast_module* AST_MODULE_SELF_SYM

(

void

)

Definition at line 165 of file res_security_log.c.

load_module()

static int load_module ( void  )

static

Definition at line 133 of file res_security_log.c.

References ast_logger_register_level(), ast_logger_unregister_level(), AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_security_topic(), ast_verb, LOG_SECURITY, LOG_SECURITY_NAME, NULL, security_stasis_cb(), stasis_subscribe, stasis_subscription_accept_message_type(), STASIS_SUBSCRIPTION_FILTER_SELECTIVE, and stasis_subscription_set_filter().

{
 if ((LOG_SECURITY = ast_logger_register_level(LOG_SECURITY_NAME)) == -1) {
 return AST_MODULE_LOAD_DECLINE;
 }

 if (!(security_stasis_sub = stasis_subscribe(ast_security_topic(), security_stasis_cb, NULL))) {
 ast_logger_unregister_level(LOG_SECURITY_NAME);
 LOG_SECURITY = -1;
 return AST_MODULE_LOAD_DECLINE;
 }
 stasis_subscription_accept_message_type(security_stasis_sub, ast_security_event_type());
 stasis_subscription_set_filter(security_stasis_sub, STASIS_SUBSCRIPTION_FILTER_SELECTIVE);

 ast_verb(3, "Security Logging Enabled\n");

 return AST_MODULE_LOAD_SUCCESS;
}

security_event_stasis_cb()

static void security_event_stasis_cb ( struct ast_json *  json )

static

Definition at line 90 of file res_security_log.c.

References append_json(), ast_assert, ast_json_integer_get(), ast_json_object_get(), ast_log_dynamic_level, ast_security_event_get_name(), ast_security_event_get_optional_ies(), ast_security_event_get_required_ies(), AST_SECURITY_EVENT_NUM_TYPES, ast_str_buffer(), ast_str_set(), ast_str_thread_get(), LOG_SECURITY, NOT_REQUIRED, REQUIRED, security_event_buf, SECURITY_EVENT_BUF_INIT_LEN, and str.

Referenced by security_stasis_cb().

{
 struct ast_str *str;
 struct ast_json *event_type_json;
 enum ast_security_event_type event_type;

 event_type_json = ast_json_object_get(json, "SecurityEvent");
 event_type = ast_json_integer_get(event_type_json);

 ast_assert((unsigned int)event_type < AST_SECURITY_EVENT_NUM_TYPES);

 if (!(str = ast_str_thread_get(&security_event_buf,
 SECURITY_EVENT_BUF_INIT_LEN))) {
 return;
 }

 ast_str_set(&str, 0, "SecurityEvent=\"%s\"",
 ast_security_event_get_name(event_type));

 append_json(&str, json,
 ast_security_event_get_required_ies(event_type), REQUIRED);
 append_json(&str, json,
 ast_security_event_get_optional_ies(event_type), NOT_REQUIRED);

 ast_log_dynamic_level(LOG_SECURITY, "%s\n", ast_str_buffer(str));
}

security_stasis_cb()

static void security_stasis_cb ( void *  data, struct stasis_subscription *  sub, struct stasis_message *  message  )

static

Definition at line 117 of file res_security_log.c.

References ast_json_payload::json, security_event_stasis_cb(), stasis_message_data(), and stasis_message_type().

Referenced by load_module().

{
 struct ast_json_payload *payload = stasis_message_data(message);

 if (stasis_message_type(message) != ast_security_event_type()) {
 return;
 }

 if (!payload) {
 return;
 }

 security_event_stasis_cb(payload->json);
}

unload_module()

static int unload_module ( void  )

static

Definition at line 152 of file res_security_log.c.

References ast_logger_unregister_level(), ast_verb, LOG_SECURITY_NAME, and stasis_unsubscribe_and_join().

{
 if (security_stasis_sub) {
 security_stasis_sub = stasis_unsubscribe_and_join(security_stasis_sub);
 }

 ast_logger_unregister_level(LOG_SECURITY_NAME);

 ast_verb(3, "Security Logging Disabled\n");

 return 0;
}

Variable Documentation

__mod_info

struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }

static

Definition at line 165 of file res_security_log.c.

ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info

static

Definition at line 165 of file res_security_log.c.

LOG_SECURITY

int LOG_SECURITY

static

Definition at line 46 of file res_security_log.c.

Referenced by load_module(), and security_event_stasis_cb().

LOG_SECURITY_NAME

const char LOG_SECURITY_NAME[] = "SECURITY"

static

Definition at line 44 of file res_security_log.c.

Referenced by load_module(), and unload_module().

security_event_buf

struct ast_threadstorage security_event_buf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_security_event_buf , .custom_init = NULL , }

static

Definition at line 50 of file res_security_log.c.

Referenced by security_event_stasis_cb().

SECURITY_EVENT_BUF_INIT_LEN

const size_t SECURITY_EVENT_BUF_INIT_LEN = 256

static

Definition at line 51 of file res_security_log.c.

Referenced by security_event_stasis_cb().

security_stasis_sub

struct stasis_subscription* security_stasis_sub

static

Definition at line 48 of file res_security_log.c.