[asterisk-dev] [Code Review] 2496: Stasis: Update security events to use stasis. Move ACL messages to the security topic.

David Lee reviewboard at asterisk.org
Wed May 8 09:34:47 CDT 2013



> On May 7, 2013, 3 p.m., David Lee wrote:
> > /trunk/main/security_events.c, lines 696-699
> > <https://reviewboard.asterisk.org/r/2496/diff/1/?file=37181#file37181line696>
> >
> >     I added an example in the file comment in json.h in trunk to better explain how to handle ast_json references properly. Hope that helps!
> 
> jrose wrote:
>     I notice these reviews are against revision 1.  The code here has changed a bit, but it's worth noting that there isn't any need to bump the reference to the json_temp here since if it succeeds, we immediately set json_temp to be a new json object and if it fails we break out of the function entirely.
>     
>     I do notice now though that if it fails, when the function exits it will try to unref json_temp which will at this point be a stale pointer... that's no good. I'll fix it by setting json_temp to NULL here.
> 
> jrose wrote:
>     On second thought, this is just an example where RAII_VAR has turned into a hinderance.  I'll just stop RAII_VARing it and remove the reference as needed.
> 
> jrose wrote:
>     Aaaaand then the realization set in that I already made that change and I'm driving myself crazy.

Sorry about the review on old code. Curse you ReviewBoard!


- David


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2496/#review8464
-----------------------------------------------------------


On May 7, 2013, 4:32 p.m., jrose wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/2496/
> -----------------------------------------------------------
> 
> (Updated May 7, 2013, 4:32 p.m.)
> 
> 
> Review request for Asterisk Developers, David Lee, kmoore, and Matt Jordan.
> 
> 
> Bugs: ASTERISK-21103
>     https://issues.asterisk.org/jira/browse/ASTERISK-21103
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> Stage 3/3 of ASTERISK-21103. In order to convert this set of messages I had to change all of the event blob stuff into JSON strings inside of a JSON blob loaded onto a JSON payload and sent out over stasis to the security topic where it is then consumed by stasis and read into a log message in the appropriate fashion with the fields in the right order to catch the bird to catch the spider to catch the fly.
> 
> 
> Diffs
> -----
> 
>   /trunk/include/asterisk/acl.h 387858 
>   /trunk/include/asterisk/security_events.h 387858 
>   /trunk/channels/chan_sip.c 387858 
>   /trunk/channels/chan_iax2.c 387858 
>   /trunk/main/asterisk.c 387858 
>   /trunk/main/manager.c 387858 
>   /trunk/main/named_acl.c 387858 
>   /trunk/main/security_events.c 387858 
>   /trunk/res/res_security_log.c 387858 
> 
> Diff: https://reviewboard.asterisk.org/r/2496/diff/
> 
> 
> Testing
> -------
> 
> Made sure that the security messages were being generated in the same way as they were prior to the stasis change by using the following CLI command:
> 
> securityevents test generation
> 
> 
> Examples Before:
> [May  3 14:40:28] SECURITY[1305]: res_security_log.c:134 security_event_cb: SecurityEvent="FailedACL",EventTV="1367610028-869814",Severity="Error",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1367610028-869754"
> [May  3 14:40:28] SECURITY[1305]: res_security_log.c:134 security_event_cb: SecurityEvent="InvalidAccountID",EventTV="1367610028-869895",Severity="Error",Service="TEST",EventVersion="1",AccountID="FakeUser",SessionID="Session456",LocalAddress="IPV4/TCP/10.1.2.3/4321",RemoteAddress="IPV4/TCP/10.1.2.4/123",Module="test_security_events",SessionTV="1367610028-869854"
> [May  3 14:40:28] SECURITY[1305]: res_security_log.c:134 security_event_cb: SecurityEvent="SessionLimit",EventTV="1367610028-869960",Severity="Error",Service="TEST",EventVersion="1",AccountID="Jenny",SessionID="8675309",LocalAddress="IPV4/TLS/10.5.4.3/4444",RemoteAddress="IPV4/TLS/10.5.4.2/3333",Module="test_security_events",SessionTV="1367610028-869923"
> 
> 
> Examples After:
> [May  3 14:33:35] SECURITY[31607]: res_security_log.c:122 security_event_stasis_cb: SecurityEvent="FailedACL",EventTV="1367609615-957822",Severity="Error",Service="TEST",EventVersion="1",AccountID="Username",SessionID="Session123",LocalAddress="IPV4/UDP/192.168.1.1/12121",RemoteAddress="IPV4/UDP/192.168.1.2/12345",Module="test_security_events",ACLName="TEST_ACL",SessionTV="1367609615-957750"
> [May  3 14:33:35] SECURITY[31608]: res_security_log.c:122 security_event_stasis_cb: SecurityEvent="InvalidAccountID",EventTV="1367609615-958101",Severity="Error",Service="TEST",EventVersion="1",AccountID="FakeUser",SessionID="Session456",LocalAddress="IPV4/TCP/10.1.2.3/4321",RemoteAddress="IPV4/TCP/10.1.2.4/123",Module="test_security_events",SessionTV="1367609615-957969"
> [May  3 14:33:35] SECURITY[31608]: res_security_log.c:122 security_event_stasis_cb: SecurityEvent="SessionLimit",EventTV="1367609615-958404",Severity="Error",Service="TEST",EventVersion="1",AccountID="Jenny",SessionID="8675309",LocalAddress="IPV4/TLS/10.5.4.3/4444",RemoteAddress="IPV4/TLS/10.5.4.2/3333",Module="test_security_events",SessionTV="1367609615-958360"
> 
> 
> As you can see it's basically identical aside from things that are expected to change between runs and the name of the function generating the messages.
> 
> 
> Thanks,
> 
> jrose
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130508/286328f8/attachment.htm>


More information about the asterisk-dev mailing list