[asterisk-dev] [Code Review] Security Event Framework Proposal
Russell Bryant
russell at digium.com
Fri Jun 5 07:59:29 CDT 2009
> On 2009-06-05 00:03:04, vadim wrote:
> > /trunk/security_events.txt, line 118
> > <http://reviewboard.digium.com/r/273/diff/1/?file=5541#file5541line118>
> >
> > This seems to be a copy of line 106
Yeah, I noticed that last night, too. Oops. :-)
- Russell
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/273/#review827
-----------------------------------------------------------
On 2009-06-04 11:04:33, Russell Bryant wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.digium.com/r/273/
> -----------------------------------------------------------
>
> (Updated 2009-06-04 11:04:33)
>
>
> Review request for Asterisk Developers.
>
>
> Summary
> -------
>
> The included changes include a proposal for a security event framework for Asterisk. The document "security_events.txt" contains the proposal. There is also some code that is the beginning of a proposed implementation of the proposal.
>
> This code is not yet close to a state where it should be considered for merging. There are still many more events to implement if we agree to proceed down this path.
>
>
> Diffs
> -----
>
> /trunk/channels/chan_sip.c 199085
> /trunk/include/asterisk/event_defs.h 199085
> /trunk/include/asterisk/security_events.h PRE-CREATION
> /trunk/include/asterisk/security_events_defs.h PRE-CREATION
> /trunk/main/event.c 199085
> /trunk/main/security_events.c PRE-CREATION
> /trunk/security_events.txt PRE-CREATION
> /trunk/tests/test_security_events.c PRE-CREATION
>
> Diff: http://reviewboard.digium.com/r/273/diff
>
>
> Testing
> -------
>
> As previously noted, the code is incomplete and is not intended to be reviewed for merging into trunk at this time. However, the test module does generate a FailedACL security event which comes out of the custom security log channel, demonstrating the documented security log format:
>
> *CLI> securityevents test generation
>
> SECURITY[17921]: res_security_log.c:125 security_event_cb: SecurityEvent="FailedACL",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1244131376-695232"
>
>
> Thanks,
>
> Russell
>
>
More information about the asterisk-dev
mailing list