dd/d1e/res__security__log_8c_source.html

 /*
  * Asterisk -- An open source telephony toolkit.
  *
  * Copyright (C) 2009, Digium, Inc.
  *
  * Russell Bryant <[email protected]>
  *
  * See http://www.asterisk.org for more information about
  * the Asterisk project. Please do not directly contact
  * any of the maintainers of this project for assistance;
  * the project provides a web site, mailing lists and IRC
  * channels for your use.
  *
  * This program is free software, distributed under the terms of
  * the GNU General Public License Version 2. See the LICENSE file
  * at the top of the source tree.
  */

 /*!
  * \file
  *
  * \author Russell Bryant <[email protected]>
  *
  * \brief Security Event Logging
  *
  * \todo Make informational security events optional
  * \todo Escape quotes in string payload IE contents
  */

 /*** MODULEINFO
  <support_level>core</support_level>
  ***/

 #include "asterisk.h"

 #include "asterisk/module.h"
 #include "asterisk/logger.h"
 #include "asterisk/threadstorage.h"
 #include "asterisk/strings.h"
 #include "asterisk/security_events.h"
 #include "asterisk/stasis.h"
 #include "asterisk/json.h"

 static const char LOG_SECURITY_NAME[] = "SECURITY";

 static int LOG_SECURITY;

 static struct stasis_subscription *security_stasis_sub;

 AST_THREADSTORAGE(security_event_buf);
 static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256;

 enum ie_required {
  NOT_REQUIRED,
  REQUIRED
 };

 static void append_json_single(struct ast_str **str, struct ast_json *json,
  const enum ast_event_ie_type ie_type, enum ie_required required)
 {
  const char *ie_type_key = ast_event_get_ie_type_name(ie_type);

  struct ast_json *json_string;

  json_string = ast_json_object_get(json, ie_type_key);

  if (!required && !json_string) {
  /* Optional IE isn't present. Ignore. */
  return;
  }

  /* At this point, it _better_ be there! */
  ast_assert(json_string != NULL);

  ast_str_append(str, 0, ",%s=\"%s\"",
  ie_type_key,
  ast_json_string_get(json_string));
 }

 static void append_json(struct ast_str **str, struct ast_json *json,
  const struct ast_security_event_ie_type *ies, enum ie_required required)
 {
  unsigned int i;

  for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
  append_json_single(str, json, ies[i].ie_type, required);
  }
 }

 static void security_event_stasis_cb(struct ast_json *json)
 {
  struct ast_str *str;
  struct ast_json *event_type_json;
  enum ast_security_event_type event_type;

  event_type_json = ast_json_object_get(json, "SecurityEvent");
  event_type = ast_json_integer_get(event_type_json);

  ast_assert((unsigned int)event_type < AST_SECURITY_EVENT_NUM_TYPES);

  if (!(str = ast_str_thread_get(&security_event_buf,
  SECURITY_EVENT_BUF_INIT_LEN))) {
  return;
  }

  ast_str_set(&str, 0, "SecurityEvent=\"%s\"",
  ast_security_event_get_name(event_type));

  append_json(&str, json,
  ast_security_event_get_required_ies(event_type), REQUIRED);
  append_json(&str, json,
  ast_security_event_get_optional_ies(event_type), NOT_REQUIRED);

  ast_log_dynamic_level(LOG_SECURITY, "%s\n", ast_str_buffer(str));
 }

 static void security_stasis_cb(void *data, struct stasis_subscription *sub,
  struct stasis_message *message)
 {
  struct ast_json_payload *payload = stasis_message_data(message);

  if (stasis_message_type(message) != ast_security_event_type()) {
  return;
  }

  if (!payload) {
  return;
  }

  security_event_stasis_cb(payload->json);
 }

 static int load_module(void)
 {
  if ((LOG_SECURITY = ast_logger_register_level(LOG_SECURITY_NAME)) == -1) {
  return AST_MODULE_LOAD_DECLINE;
  }

  if (!(security_stasis_sub = stasis_subscribe(ast_security_topic(), security_stasis_cb, NULL))) {
  ast_logger_unregister_level(LOG_SECURITY_NAME);
  LOG_SECURITY = -1;
  return AST_MODULE_LOAD_DECLINE;
  }
  stasis_subscription_accept_message_type(security_stasis_sub, ast_security_event_type());
  stasis_subscription_set_filter(security_stasis_sub, STASIS_SUBSCRIPTION_FILTER_SELECTIVE);

  ast_verb(3, "Security Logging Enabled\n");

  return AST_MODULE_LOAD_SUCCESS;
 }

 static int unload_module(void)
 {
  if (security_stasis_sub) {
  security_stasis_sub = stasis_unsubscribe_and_join(security_stasis_sub);
  }

  ast_logger_unregister_level(LOG_SECURITY_NAME);

  ast_verb(3, "Security Logging Disabled\n");

  return 0;
 }

 AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Security Event Logging");
AST_THREADSTORAGE
#define AST_THREADSTORAGE(name)
Define a thread storage variable.
Definition: threadstorage.h:84

AST_MODULE_INFO_STANDARD
#define AST_MODULE_INFO_STANDARD(keystr, desc)
Definition: module.h:567

message
Definition: manager.h:144

append_json
static void append_json(struct ast_str **str, struct ast_json *json, const struct ast_security_event_ie_type *ies, enum ie_required required)
Definition: res_security_log.c:80

asterisk.h
Asterisk main include file. File version handling, generic pbx functions.

ast_security_event_type
ast_security_event_type
Security event types.
Definition: security_events_defs.h:40

AST_MODULE_LOAD_SUCCESS
Definition: module.h:70

security_events.h
Security Event Reporting API.

strings.h
String manipulation functions.

ast_security_topic
struct stasis_topic * ast_security_topic(void)
A stasis_topic which publishes messages for security related issues.
Definition: main/security_events.c:380

ast_security_event_get_name
const char * ast_security_event_get_name(const enum ast_security_event_type event_type)
Get the name of a security event sub-type.
Definition: main/security_events.c:895

stasis.h
Stasis Message Bus API. See Stasis Message Bus API for detailed documentation.

ast_str_buffer
char * ast_str_buffer(const struct ast_str *buf)
Returns the string buffer within the ast_str buf.
Definition: strings.h:714

ast_json_payload
Definition: json.h:1024

ast_json_payload::json
struct ast_json * json
Definition: json.h:1025

stasis_subscription
Definition: stasis.c:681

stasis_message_type
struct stasis_message_type * stasis_message_type(const struct stasis_message *msg)
Get the message type for a stasis_message.
Definition: stasis_message.c:187

stasis_subscription_set_filter
int stasis_subscription_set_filter(struct stasis_subscription *subscription, enum stasis_subscription_message_filter filter)
Set the message type filtering level on a subscription.
Definition: stasis.c:1079

ast_log_dynamic_level
#define ast_log_dynamic_level(level,...)
Send a log message to a dynamically registered log level.
Definition: logger.h:439

stasis_message
Definition: stasis_message.c:121

ast_str_append
int ast_str_append(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Append to a thread local dynamic string.
Definition: strings.h:1091

REQUIRED
Definition: res_security_log.c:55

ast_assert
#define ast_assert(a)
Definition: utils.h:695

str
const char * str
Definition: app_jack.c:147

NULL
#define NULL
Definition: resample.c:96

threadstorage.h
Definitions to aid in the use of thread local storage.

ast_verb
#define ast_verb(level,...)
Definition: logger.h:463

ast_security_event_get_required_ies
const struct ast_security_event_ie_type * ast_security_event_get_required_ies(const enum ast_security_event_type event_type)
Get the list of required IEs for a given security event sub-type.
Definition: main/security_events.c:904

ast_str_set
int ast_str_set(struct ast_str **buf, ssize_t max_len, const char *fmt,...)
Set a dynamic string using variable arguments.
Definition: strings.h:1065

ast_logger_unregister_level
void ast_logger_unregister_level(const char *name)
Unregister a previously registered logger level.
Definition: logger.c:2536

LOG_SECURITY_NAME
static const char LOG_SECURITY_NAME[]
Definition: res_security_log.c:44

ast_event_ie_type
ast_event_ie_type
Event Information Element types.
Definition: event_defs.h:68

json.h
Asterisk JSON abstraction layer.

append_json_single
static void append_json_single(struct ast_str **str, struct ast_json *json, const enum ast_event_ie_type ie_type, enum ie_required required)
Definition: res_security_log.c:58

ast_json_string_get
const char * ast_json_string_get(const struct ast_json *string)
Get the value of a JSON string.
Definition: json.c:273

ast_security_event_ie_type
Definition: include/asterisk/security_events.h:53

security_stasis_sub
static struct stasis_subscription * security_stasis_sub
Definition: res_security_log.c:48

ast_logger_register_level
int ast_logger_register_level(const char *name)
Register a new logger level.
Definition: logger.c:2503

stasis_subscribe
#define stasis_subscribe(topic, callback, data)
Definition: stasis.h:652

ast_str
The descriptor of a dynamic string XXX storage will be optimized later if needed We use the ts field ...
Definition: strings.h:584

NOT_REQUIRED
Definition: res_security_log.c:54

security_event_stasis_cb
static void security_event_stasis_cb(struct ast_json *json)
Definition: res_security_log.c:90

stasis_message_data
void * stasis_message_data(const struct stasis_message *msg)
Get the data contained in a message.
Definition: stasis_message.c:195

ast_security_event_ie_type::ie_type
enum ast_event_ie_type ie_type
Definition: include/asterisk/security_events.h:54

SECURITY_EVENT_BUF_INIT_LEN
static const size_t SECURITY_EVENT_BUF_INIT_LEN
Definition: res_security_log.c:51

stasis_unsubscribe_and_join
struct stasis_subscription * stasis_unsubscribe_and_join(struct stasis_subscription *subscription)
Cancel a subscription, blocking until the last message is processed.
Definition: stasis.c:1136

AST_MODULE_LOAD_DECLINE
Module has failed to load, may be in an inconsistent state.
Definition: module.h:78

security_stasis_cb
static void security_stasis_cb(void *data, struct stasis_subscription *sub, struct stasis_message *message)
Definition: res_security_log.c:117

AST_SECURITY_EVENT_NUM_TYPES
This must stay at the end.
Definition: security_events_defs.h:121

logger.h
Support for logging to various files, console and syslog Configuration in file logger.conf.

ast_security_event_get_optional_ies
const struct ast_security_event_ie_type * ast_security_event_get_optional_ies(const enum ast_security_event_type event_type)
Get the list of optional IEs for a given security event sub-type.
Definition: main/security_events.c:914

ast_json_object_get
struct ast_json * ast_json_object_get(struct ast_json *object, const char *key)
Get a field from a JSON object.
Definition: json.c:397

ast_event_get_ie_type_name
const char * ast_event_get_ie_type_name(enum ast_event_ie_type ie_type)
Get the string representation of an information element type.
Definition: event.c:208

load_module
static int load_module(void)
Definition: res_security_log.c:133

stasis_subscription_accept_message_type
int stasis_subscription_accept_message_type(struct stasis_subscription *subscription, const struct stasis_message_type *type)
Indicate to a subscription that we are interested in a message type.
Definition: stasis.c:1025

sub
struct stasis_forward * sub
Definition: res_corosync.c:240

STASIS_SUBSCRIPTION_FILTER_SELECTIVE
Definition: stasis.h:300

ast_json
Abstract JSON element (object, array, string, int, ...).

unload_module
static int unload_module(void)
Definition: res_security_log.c:152

ast_str_thread_get
struct ast_str * ast_str_thread_get(struct ast_threadstorage *ts, size_t init_len)
Retrieve a thread locally stored dynamic string.
Definition: strings.h:861

ASTERISK_GPL_KEY
#define ASTERISK_GPL_KEY
The text the key() function should return.
Definition: module.h:46

module.h
Asterisk module definitions.

AST_EVENT_IE_END
Definition: event_defs.h:70

ast_json_integer_get
intmax_t ast_json_integer_get(const struct ast_json *integer)
Get the value from a JSON integer.
Definition: json.c:322

security_event_buf
static struct ast_threadstorage security_event_buf
Definition: res_security_log.c:50

ie_required
ie_required
Definition: main/security_events.c:937

LOG_SECURITY
static int LOG_SECURITY
Definition: res_security_log.c:46