[asterisk-dev] [Code Review] Security Event Framework Proposal

Russell Bryant russell at digium.com
Thu Jun 4 11:04:33 CDT 2009


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/273/
-----------------------------------------------------------

Review request for Asterisk Developers.


Summary
-------

The included changes include a proposal for a security event framework for Asterisk.  The document "security_events.txt" contains the proposal.  There is also some code that is the beginning of a proposed implementation of the proposal.

This code is not yet close to a state where it should be considered for merging.  There are still many more events to implement if we agree to proceed down this path.


Diffs
-----

  /trunk/channels/chan_sip.c 199085 
  /trunk/include/asterisk/event_defs.h 199085 
  /trunk/include/asterisk/security_events.h PRE-CREATION 
  /trunk/include/asterisk/security_events_defs.h PRE-CREATION 
  /trunk/main/event.c 199085 
  /trunk/main/security_events.c PRE-CREATION 
  /trunk/security_events.txt PRE-CREATION 
  /trunk/tests/test_security_events.c PRE-CREATION 

Diff: http://reviewboard.digium.com/r/273/diff


Testing
-------

As previously noted, the code is incomplete and is not intended to be reviewed for merging into trunk at this time.  However, the test module does generate a FailedACL security event which comes out of the custom security log channel, demonstrating the documented security log format:

*CLI> securityevents test generation

SECURITY[17921]: res_security_log.c:125 security_event_cb: SecurityEvent="FailedACL",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1244131376-695232"


Thanks,

Russell




More information about the asterisk-dev mailing list