[asterisk-dev] [Code Review] Generate security events in chan_sip using new Security Events Framework

Wed Sep 21 10:29:35 CDT 2011

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1362/#review4418
-----------------------------------------------------------


/branches/10/channels/chan_sip.c
<https://reviewboard.asterisk.org/r/1362/#comment8542>

    Ok, so I was talking with some of our staff at a meeting today and we were wanting to look into breaking the chan_sip.c changes out into a different file for organization purposes... something like security_events.c in the channels/sip folder.
    
    From the look of things, the following could be moved pretty easily...
    
    security_event_get_transport()
    security_event_encode_sin_local()
    security_event_encode_sin_remote()
    sip_report_invalid_peer()
    sip_report_failed_acl()
    sip_report_inval_password()
    sip_report_auth_success()
    sip_report_session_limit()
    sip_report_failed_challenge_response()
    sip_report_chal_sent
    sip_report_inval_transport()
    sip_report_security_event()
    
    If you need any help making this change, let me know.


- jrose


On Sept. 21, 2011, 8:25 a.m., elguero wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/1362/
> -----------------------------------------------------------
> 
> (Updated Sept. 21, 2011, 8:25 a.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Summary
> -------
> 
> Security Events Framework was added in 1.8 and support was added for AMI to generate events at that time.
> 
> This patch attempts to add support in chan_sip to generate security events.  Hopefully we can get this into Asterisk 10.
> 
> I am looking forward to hearing feedback on where this patch can be improved especially from those who have an intimate knowledge of chan_sip.
> 
> Thanks
> 
> 
> This addresses bug ASTERISK-18264.
>     https://issues.asterisk.org/jira/browse/ASTERISK-18264
> 
> 
> Diffs
> -----
> 
>   /branches/10/CHANGES 337324 
>   /branches/10/channels/chan_sip.c 337324 
>   /branches/10/channels/sip/include/sip.h 337324 
>   /branches/10/configs/logger.conf.sample 337324 
>   /branches/10/include/asterisk/event_defs.h 337324 
>   /branches/10/include/asterisk/security_events_defs.h 337324 
>   /branches/10/main/event.c 337324 
>   /branches/10/main/security_events.c 337324 
> 
> Diff: https://reviewboard.asterisk.org/r/1362/diff
> 
> 
> Testing
> -------
> 
> Local dev machine and a softphone.  Generated events by using the wrong username, wrong password, wrong auth name, successful authentication.
> 
> 
> Thanks,
> 
> elguero
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20110921/4443607e/attachment.htm>