[asterisk-dev] [Code Review] Security Event Framework Proposal

Russell Bryant russell at digium.com
Fri Jun 5 07:59:29 CDT 2009 


> On 2009-06-05 00:03:04, vadim wrote:
> > /trunk/security_events.txt, line 118
> > <http://reviewboard.digium.com/r/273/diff/1/?file=5541#file5541line118>
> >
> >     This seems to be a copy of line 106

Yeah, I noticed that last night, too.  Oops.  :-)  


- Russell


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/273/#review827
-----------------------------------------------------------


On 2009-06-04 11:04:33, Russell Bryant wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> http://reviewboard.digium.com/r/273/
> -----------------------------------------------------------
> 
> (Updated 2009-06-04 11:04:33)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Summary
> -------
> 
> The included changes include a proposal for a security event framework for Asterisk.  The document "security_events.txt" contains the proposal.  There is also some code that is the beginning of a proposed implementation of the proposal.
> 
> This code is not yet close to a state where it should be considered for merging.  There are still many more events to implement if we agree to proceed down this path.
> 
> 
> Diffs
> -----
> 
>   /trunk/channels/chan_sip.c 199085 
>   /trunk/include/asterisk/event_defs.h 199085 
>   /trunk/include/asterisk/security_events.h PRE-CREATION 
>   /trunk/include/asterisk/security_events_defs.h PRE-CREATION 
>   /trunk/main/event.c 199085 
>   /trunk/main/security_events.c PRE-CREATION 
>   /trunk/security_events.txt PRE-CREATION 
>   /trunk/tests/test_security_events.c PRE-CREATION 
> 
> Diff: http://reviewboard.digium.com/r/273/diff
> 
> 
> Testing
> -------
> 
> As previously noted, the code is incomplete and is not intended to be reviewed for merging into trunk at this time.  However, the test module does generate a FailedACL security event which comes out of the custom security log channel, demonstrating the documented security log format:
> 
> *CLI> securityevents test generation
> 
> SECURITY[17921]: res_security_log.c:125 security_event_cb: SecurityEvent="FailedACL",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1244131376-695232"
> 
> 
> Thanks,
> 
> Russell
> 
>

More information about the asterisk-dev mailing list