[asterisk-commits] russell: branch group/security_events r199731 - /team/group/security_events/m...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Tue Jun 9 07:15:49 CDT 2009 

Author: russell
Date: Tue Jun  9 07:15:45 2009
New Revision: 199731

URL: http://svn.asterisk.org/svn-view/asterisk?view=rev&rev=199731
Log:
Report invalid password security events for AMI

Modified:
    team/group/security_events/main/manager.c

Modified: team/group/security_events/main/manager.c
URL: http://svn.asterisk.org/svn-view/asterisk/team/group/security_events/main/manager.c?view=diff&rev=199731&r1=199730&r2=199731
==============================================================================
--- team/group/security_events/main/manager.c (original)
+++ team/group/security_events/main/manager.c Tue Jun  9 07:15:45 2009
@@ -1761,7 +1761,7 @@
 		.common.version    = AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION,
 		.common.service    = "AMI",
 
-		.account_id = s->session->username,
+		.account_id = username,
 		.session_tv = &s->session->sessionstart_tv,
 		.local_addr = {
 			.sin       = mansession_encode_sin_local(s, &sin_local),
@@ -1788,7 +1788,7 @@
 		.common.version    = AST_SECURITY_EVENT_FAILED_ACL_VERSION,
 		.common.service    = "AMI",
 
-		.account_id = s->session->username,
+		.account_id = username,
 		.session_tv = &s->session->sessionstart_tv,
 		.local_addr = {
 			.sin       = mansession_encode_sin_local(s, &sin_local),
@@ -1804,6 +1804,33 @@
 	failed_acl_event.session_id = ast_str_buffer(session_id);
 
 	ast_security_event_report(AST_SEC_EVT(&failed_acl_event));
+}
+
+static void report_inval_password(const struct mansession *s, const char *username)
+{
+	struct sockaddr_in sin_local = { 0, };
+	struct ast_str *session_id = ast_str_alloca(32);
+	struct ast_security_event_inval_password inval_password = {
+		.common.event_type = AST_SECURITY_EVENT_INVAL_PASSWORD,
+		.common.version    = AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION,
+		.common.service    = "AMI",
+
+		.account_id = username,
+		.session_tv = &s->session->sessionstart_tv,
+		.local_addr = {
+			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.transport = mansession_get_transport(s),
+		},
+		.remote_addr = {
+			.sin       = &s->session->sin,
+			.transport = mansession_get_transport(s),
+		},
+	};
+
+	ast_str_set(&session_id, 0, "%p", s->session);
+	inval_password.session_id = ast_str_buffer(session_id);
+
+	ast_security_event_report(AST_SEC_EVT(&inval_password));
 }
 
 /*
@@ -1861,7 +1888,7 @@
 		if (password && !strcmp(password, user->secret)) {
 			error = 0;
 		} else {
-			/* XXX Invalid password */
+			report_inval_password(s, username);
 		}
 	}

More information about the asterisk-commits mailing list