Asterisk - The Open Source Telephony Project  18.5.0
Enumerations | Functions | Variables
res_security_log.c File Reference

Security Event Logging. More...

#include "asterisk.h"
#include "asterisk/module.h"
#include "asterisk/logger.h"
#include "asterisk/threadstorage.h"
#include "asterisk/strings.h"
#include "asterisk/security_events.h"
#include "asterisk/stasis.h"
#include "asterisk/json.h"
Include dependency graph for res_security_log.c:

Go to the source code of this file.

Enumerations

enum  ie_required { NOT_REQUIRED, REQUIRED, NOT_REQUIRED, REQUIRED }
 

Functions

static void __init_security_event_buf (void)
 
static void __reg_module (void)
 
static void __unreg_module (void)
 
static void append_json (struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
 
static void append_json_single (struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
 
struct ast_moduleAST_MODULE_SELF_SYM (void)
 
static int load_module (void)
 
static void security_event_stasis_cb (struct ast_json *json)
 
static void security_stasis_cb (void *data, struct stasis_subscription *sub, struct stasis_message *message)
 
static int unload_module (void)
 

Variables

static struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
 
static const struct ast_module_infoast_module_info = &__mod_info
 
static int LOG_SECURITY
 
static const char LOG_SECURITY_NAME [] = "SECURITY"
 
static struct ast_threadstorage security_event_buf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_security_event_buf , .custom_init = NULL , }
 
static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
 
static struct stasis_subscriptionsecurity_stasis_sub
 

Detailed Description

Security Event Logging.

Author
Russell Bryant russe[email protected][email protected][email protected]igium[email protected].com
Todo:

Make informational security events optional

Escape quotes in string payload IE contents

Definition in file res_security_log.c.

Enumeration Type Documentation

◆ ie_required

Enumerator
NOT_REQUIRED 
REQUIRED 
NOT_REQUIRED 
REQUIRED 

Definition at line 53 of file res_security_log.c.

Function Documentation

◆ __init_security_event_buf()

static void __init_security_event_buf ( void  )
static

Definition at line 50 of file res_security_log.c.

53 {

◆ __reg_module()

static void __reg_module ( void  )
static

Definition at line 165 of file res_security_log.c.

◆ __unreg_module()

static void __unreg_module ( void  )
static

Definition at line 165 of file res_security_log.c.

◆ append_json()

static void append_json ( struct ast_str **  str,
struct ast_json json,
const struct ast_security_event_ie_type ies,
enum ie_required  required 
)
static

Definition at line 80 of file res_security_log.c.

References append_json_single(), AST_EVENT_IE_END, and ast_security_event_ie_type::ie_type.

Referenced by security_event_stasis_cb().

82 {
83  unsigned int i;
84 
85  for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
86  append_json_single(str, json, ies[i].ie_type, required);
87  }
88 }
static void append_json_single(struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)

◆ append_json_single()

static void append_json_single ( struct ast_str **  str,
struct ast_json json,
const enum ast_event_ie_type  ie_type,
enum ie_required  required 
)
static

Definition at line 58 of file res_security_log.c.

References ast_assert, ast_event_get_ie_type_name(), ast_json_object_get(), ast_json_string_get(), ast_str_append(), and NULL.

Referenced by append_json().

60 {
61  const char *ie_type_key = ast_event_get_ie_type_name(ie_type);
62 
63  struct ast_json *json_string;
64 
65  json_string = ast_json_object_get(json, ie_type_key);
66 
67  if (!required && !json_string) {
68  /* Optional IE isn't present. Ignore. */
69  return;
70  }
71 
72  /* At this point, it _better_ be there! */
73  ast_assert(json_string != NULL);
74 
75  ast_str_append(str, 0, ",%s=\"%s\"",
76  ie_type_key,
77  ast_json_string_get(json_string));
78 }
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
Definition: strings.h:1091
#define ast_assert(a)
Definition: utils.h:695
#define NULL
Definition: resample.c:96
const char * ast_json_string_get(const struct ast_json *string)
Get the value of a JSON string.
Definition: json.c:273
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
Definition: json.c:397
const char * ast_event_get_ie_type_name(enum ast_event_ie_type ie_type)
Get the string representation of an information element type.
Definition: event.c:208
Abstract JSON element (object, array, string, int, ...).

◆ AST_MODULE_SELF_SYM()

struct ast_module* AST_MODULE_SELF_SYM ( void  )

Definition at line 165 of file res_security_log.c.

◆ load_module()

static int load_module ( void  )
static

Definition at line 133 of file res_security_log.c.

References ast_logger_register_level(), ast_logger_unregister_level(), AST_MODULE_LOAD_DECLINE, AST_MODULE_LOAD_SUCCESS, ast_security_topic(), ast_verb, LOG_SECURITY, LOG_SECURITY_NAME, NULL, security_stasis_cb(), stasis_subscribe, stasis_subscription_accept_message_type(), STASIS_SUBSCRIPTION_FILTER_SELECTIVE, and stasis_subscription_set_filter().

134 {
137  }
138 
141  LOG_SECURITY = -1;
143  }
146 
147  ast_verb(3, "Security Logging Enabled\n");
148 
150 }
ast_security_event_type
Security event types.
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
int stasis_subscription_set_filter(struct stasis_subscription *subscription, enum stasis_subscription_message_filter filter)
Set the message type filtering level on a subscription.
Definition: stasis.c:1079
#define NULL
Definition: resample.c:96
#define ast_verb(level,...)
Definition: logger.h:463
void ast_logger_unregister_level(const char *name)
Unregister a previously registered logger level.
Definition: logger.c:2536
static const char LOG_SECURITY_NAME[]
static struct stasis_subscription * security_stasis_sub
int ast_logger_register_level(const char *name)
Register a new logger level.
Definition: logger.c:2503
#define stasis_subscribe(topic, callback, data)
Definition: stasis.h:652
Module has failed to load, may be in an inconsistent state.
Definition: module.h:78
static void security_stasis_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
Definition: stasis.c:1025
static int LOG_SECURITY

◆ security_event_stasis_cb()

static void security_event_stasis_cb ( struct ast_json json)
static

Definition at line 90 of file res_security_log.c.

References append_json(), ast_assert, ast_json_integer_get(), ast_json_object_get(), ast_log_dynamic_level, ast_security_event_get_name(), ast_security_event_get_optional_ies(), ast_security_event_get_required_ies(), AST_SECURITY_EVENT_NUM_TYPES, ast_str_buffer(), ast_str_set(), ast_str_thread_get(), LOG_SECURITY, NOT_REQUIRED, REQUIRED, security_event_buf, SECURITY_EVENT_BUF_INIT_LEN, and str.

Referenced by security_stasis_cb().

91 {
92  struct ast_str *str;
93  struct ast_json *event_type_json;
94  enum ast_security_event_type event_type;
95 
96  event_type_json = ast_json_object_get(json, "SecurityEvent");
97  event_type = ast_json_integer_get(event_type_json);
98 
99  ast_assert((unsigned int)event_type < AST_SECURITY_EVENT_NUM_TYPES);
100 
103  return;
104  }
105 
106  ast_str_set(&str, 0, "SecurityEvent=\"%s\"",
107  ast_security_event_get_name(event_type));
108 
109  append_json(&str, json,
111  append_json(&str, json,
113 
115 }
static void append_json(struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
ast_security_event_type
Security event types.
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
char * ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
Definition: strings.h:714
#define ast_log_dynamic_level(level,...)
Send a log message to a dynamically registered log level.
Definition: logger.h:439
#define ast_assert(a)
Definition: utils.h:695
const char * str
Definition: app_jack.c:147
const struct ast_security_event_ie_type * ast_security_event_get_required_ies(const enum ast_security_event_type event_type)
Get the list of required IEs for a given security event sub-type.
int ast_str_set(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Set a dynamic string using variable arguments.
Definition: strings.h:1065
The descriptor of a dynamic string XXX storage will be optimized later if needed We use the ts field ...
Definition: strings.h:584
static const size_t SECURITY_EVENT_BUF_INIT_LEN
This must stay at the end.
const struct ast_security_event_ie_type * ast_security_event_get_optional_ies(const enum ast_security_event_type event_type)
Get the list of optional IEs for a given security event sub-type.
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
Definition: json.c:397
Abstract JSON element (object, array, string, int, ...).
struct ast_str * ast_str_thread_get(struct ast_threadstorage *ts, size_t init_len)
Retrieve a thread locally stored dynamic string.
Definition: strings.h:861
intmax_t ast_json_integer_get(const struct ast_json *integer)
Get the value from a JSON integer.
Definition: json.c:322
static struct ast_threadstorage security_event_buf
static int LOG_SECURITY

◆ security_stasis_cb()

static void security_stasis_cb ( void *  data,
struct stasis_subscription sub,
struct stasis_message message 
)
static

Definition at line 117 of file res_security_log.c.

References ast_json_payload::json, security_event_stasis_cb(), stasis_message_data(), and stasis_message_type().

Referenced by load_module().

119 {
120  struct ast_json_payload *payload = stasis_message_data(message);
121 
122  if (stasis_message_type(message) != ast_security_event_type()) {
123  return;
124  }
125 
126  if (!payload) {
127  return;
128  }
129 
130  security_event_stasis_cb(payload->json);
131 }
ast_security_event_type
Security event types.
struct ast_json * json
Definition: json.h:1025
struct stasis_message_type * stasis_message_type(const struct stasis_message *msg)
Get the message type for a stasis_message.
static void security_event_stasis_cb(struct ast_json *json)
void * stasis_message_data(const struct stasis_message *msg)
Get the data contained in a message.

◆ unload_module()

static int unload_module ( void  )
static

Definition at line 152 of file res_security_log.c.

References ast_logger_unregister_level(), ast_verb, LOG_SECURITY_NAME, and stasis_unsubscribe_and_join().

153 {
154  if (security_stasis_sub) {
156  }
157 
159 
160  ast_verb(3, "Security Logging Disabled\n");
161 
162  return 0;
163 }
#define ast_verb(level,...)
Definition: logger.h:463
void ast_logger_unregister_level(const char *name)
Unregister a previously registered logger level.
Definition: logger.c:2536
static const char LOG_SECURITY_NAME[]
static struct stasis_subscription * security_stasis_sub
struct stasis_subscription * stasis_unsubscribe_and_join(struct stasis_subscription *subscription)
Cancel a subscription, blocking until the last message is processed.
Definition: stasis.c:1136

Variable Documentation

◆ __mod_info

struct ast_module_info __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_LOAD_ORDER , .description = "Security Event Logging" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = AST_BUILDOPT_SUM, .load = load_module, .unload = unload_module, .load_pri = AST_MODPRI_DEFAULT, .support_level = AST_MODULE_SUPPORT_CORE, }
static

Definition at line 165 of file res_security_log.c.

◆ ast_module_info

const struct ast_module_info* ast_module_info = &__mod_info
static

Definition at line 165 of file res_security_log.c.

◆ LOG_SECURITY

int LOG_SECURITY
static

Definition at line 46 of file res_security_log.c.

Referenced by load_module(), and security_event_stasis_cb().

◆ LOG_SECURITY_NAME

const char LOG_SECURITY_NAME[] = "SECURITY"
static

Definition at line 44 of file res_security_log.c.

Referenced by load_module(), and unload_module().

◆ security_event_buf

struct ast_threadstorage security_event_buf = { .once = PTHREAD_ONCE_INIT , .key_init = __init_security_event_buf , .custom_init = NULL , }
static

Definition at line 50 of file res_security_log.c.

Referenced by security_event_stasis_cb().

◆ SECURITY_EVENT_BUF_INIT_LEN

const size_t SECURITY_EVENT_BUF_INIT_LEN = 256
static

Definition at line 51 of file res_security_log.c.

Referenced by security_event_stasis_cb().

◆ security_stasis_sub

struct stasis_subscription* security_stasis_sub
static

Definition at line 48 of file res_security_log.c.