[asterisk-dev] [Code Review]: Generate security events in chan_sip using new Security Events Framework
elguero
reviewboard at asterisk.org
Fri Aug 12 15:44:52 CDT 2011
> On Aug. 12, 2011, 7:53 a.m., mjordan wrote:
> > /branches/10/channels/chan_sip.c, line 1628
> > <https://reviewboard.asterisk.org/r/1362/diff/1/?file=18288#file18288line1628>
> >
> > If possible, make the method parameter as const as possible, i.e., either const struct sip_pvt *p or const struct sip_pvt * const p. This applies to every method that doesn't change the value of the sip_pvt struct.
Ah, makes sense. Corrected.
> On Aug. 12, 2011, 7:53 a.m., mjordan wrote:
> > /branches/10/channels/chan_sip.c, line 1633
> > <https://reviewboard.asterisk.org/r/1362/diff/1/?file=18288#file18288line1633>
> >
> > Bracket here should go on previous line
Fixed.
> On Aug. 12, 2011, 7:53 a.m., mjordan wrote:
> > /branches/10/channels/chan_sip.c, line 14425
> > <https://reviewboard.asterisk.org/r/1362/diff/1/?file=18288#file18288line14425>
> >
> > Bracket here should go on previous line
Fixed.
> On Aug. 12, 2011, 7:53 a.m., mjordan wrote:
> > /branches/10/channels/chan_sip.c, line 25075
> > <https://reviewboard.asterisk.org/r/1362/diff/1/?file=18288#file18288line25075>
> >
> > It'd be nice if all of the security events were raised in one place. That may not be possible, since register / invite both can result in AUTH_UESRNAME_MISMATCH, and this part of the code (which raises the other security events) only occurs if the request is a register, but if it could be refactored to do that it'd be easier to maintain.
I agree with you and that is how I had originally started to do this when I ran into what you pointed out.
Let me take a look and see if I can change this in order to make it easy to maintain.
- elguero
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1362/#review4045
-----------------------------------------------------------
On Aug. 12, 2011, 1:07 a.m., elguero wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/1362/
> -----------------------------------------------------------
>
> (Updated Aug. 12, 2011, 1:07 a.m.)
>
>
> Review request for Asterisk Developers.
>
>
> Summary
> -------
>
> Security Events Framework was added in 1.8 and support was added for AMI to generate events at that time.
>
> This patch attempts to add support in chan_sip to generate security events. Hopefully we can get this into Asterisk 10.
>
> I am looking forward to hearing feedback on where this patch can be improved especially from those who have an intimate knowledge of chan_sip.
>
> Thanks
>
>
> This addresses bug 18264.
> https://issues.asterisk.org/jira/browse/18264
>
>
> Diffs
> -----
>
> /branches/10/channels/chan_sip.c 331633
> /branches/10/configs/logger.conf.sample 331633
> /branches/10/CHANGES 331633
>
> Diff: https://reviewboard.asterisk.org/r/1362/diff
>
>
> Testing
> -------
>
> Local dev machine and a softphone. Generated events by using the wrong username, wrong password, wrong auth name, successful authentication.
>
>
> Thanks,
>
> elguero
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20110812/bf612d2f/attachment.htm>
More information about the asterisk-dev
mailing list