[asterisk-dev] Fwd: Asterisk Sip Registration Hooks

Mike Myhre digium at aeisecure.com
Wed Aug 10 16:34:29 CDT 2011 

> By the way... a colleague here reminded me of this thread yesterday, 
> and I wanted to correct a previous statement I made: if you produce a 
> patch for Asterisk 10 that adds security event reporting for the 
> various REGISTER-related events you want to report and submit it 
> through the normal process, there's still time to get it into Asterisk 
> 10. It's still in beta, and such a patch would have very low risk of 
> regressions or performance issues... plus it's something the community 
> has wanted for a long time.

I looked at the code for both 1.8.X and V10 in chan_sip.c and both 
appear identical. The simplest patch is the single line I added below 
that gives my res module access to the Failed peer registration command:

/* handle_request_register function */
         if ((res = register_verify(p, sin, req, e)) < 0) {
                 const char *reason;

                 switch (res) {
                 case AUTH_SECRET_FAILED:
                         reason = "Wrong password";
                         break;
                 case AUTH_USERNAME_MISMATCH:
                         reason = "Username/auth name mismatch";
                         break;
                 case AUTH_NOT_FOUND:
                         reason = "No matching peer found";
                         break;
                 case AUTH_UNKNOWN_DOMAIN:
                         reason = "Not a local domain";
                         break;
                 case AUTH_PEER_NOT_DYNAMIC:
                         reason = "Peer is not supposed to register";
                         break;
                 case AUTH_ACL_FAILED:
                         reason = "Device does not match ACL";
                         break;
                 case AUTH_BAD_TRANSPORT:
                         reason = "Device not configured to use this 
transport type";
                         break;
                 default:
                         reason = "Unknown failure";
                         break;
                 }
                 ast_log(LOG_NOTICE, "Registration from '%s' failed for 
'%s' - %s\n",
                         get_header(req, "To"), 
ast_inet_ntoa(sin->sin_addr),
                         reason);
                 append_history(p, "RegRequest", "Failed : Account %s : 
%s", get_header(req, "To"), reason);

/* START OF PATCH LINE */
                 ast_verbose(VERBOSE_PREFIX_3 "SIP Registry Error: 
\'%s\' from \'%s\' - %s\n",
                         get_header(req,"To"),ast_inet_ntoa 
(sin->sin_addr),reason);
/* END OF PATCH LINE */
         } else
                 append_history(p, "RegRequest", "Succeeded : Account 
%s", get_header(req, "To"));

         if (res < 1) {
                 /* Destroy the session, but keep us around for just a 
bit in case they don't
                    get our 200 OK */
                 sip_scheddestroy(p, DEFAULT_TRANS_TIMEOUT);
         }

     This could be used in all versions 1.4.X - V10. I am not sure what 
the "normal process" to submit this would be, or if you wanted to add 
the line, but it is pretty simple.

     Mike

More information about the asterisk-dev mailing list