[svn-commits] russell: branch group/security_events r199730 - /team/group/security_events/m...

Tue Jun 9 07:09:27 CDT 2009

Author: russell
Date: Tue Jun  9 07:09:23 2009
New Revision: 199730

URL: http://svn.asterisk.org/svn-view/asterisk?view=rev&rev=199730
Log:
Report invalid user and ACL failures from AMI

Modified:
    team/group/security_events/main/manager.c

Modified: team/group/security_events/main/manager.c
URL: http://svn.asterisk.org/svn-view/asterisk/team/group/security_events/main/manager.c?view=diff&rev=199730&r1=199729&r2=199730
==============================================================================

--- team/group/security_events/main/manager.c (original)
+++ team/group/security_events/main/manager.c Tue Jun  9 07:09:23 2009
@@ -74,6 +74,7 @@
 #include "asterisk/term.h"
 #include "asterisk/astobj2.h"
 #include "asterisk/features.h"
+#include "asterisk/security_events.h"
 
 /*** DOCUMENTATION
 	<manager name="Ping" language="en_US">
@@ -807,6 +808,7 @@
 	pthread_t waiting_thread;	/*!< Sleeping thread using this descriptor */
 	uint32_t managerid;	/*!< Unique manager identifier, 0 for AMI sessions */
 	time_t sessionstart;    /*!< Session start time */
+	struct timeval sessionstart_tv; /*!< Session start time */
 	time_t sessiontimeout;	/*!< Session timeout if HTTP */
 	char username[80];	/*!< Logged in username */
 	char challenge[10];	/*!< Authentication challenge */
@@ -834,6 +836,7 @@
  */
 struct mansession {
 	struct mansession_session *session;
+	struct ast_tcptls_session_instance *tcptls_session;
 	FILE *f;
 	int fd;
 	ast_mutex_t lock;
@@ -1735,14 +1738,72 @@
 	return maskint;
 }
 
+static enum ast_security_event_transport_type mansession_get_transport(const struct mansession *s)
+{
+	return s->tcptls_session->parent->tls_cfg ? AST_SECURITY_EVENT_TRANSPORT_TLS :
+			AST_SECURITY_EVENT_TRANSPORT_TCP;
+}
+
+static struct sockaddr_in *mansession_encode_sin_local(const struct mansession *s,
+		struct sockaddr_in *sin_local)
+{
+	*sin_local = s->tcptls_session->parent->local_address;
+
+	return sin_local;
+}
+
 static void report_invalid_user(const struct mansession *s, const char *username)
 {
-	/* XXX */
+	struct sockaddr_in sin_local = { 0, };
+	struct ast_str *session_id = ast_str_alloca(32);
+	struct ast_security_event_inval_acct_id inval_acct_id = {
+		.common.event_type = AST_SECURITY_EVENT_INVAL_ACCT_ID,
+		.common.version    = AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION,
+		.common.service    = "AMI",
+
+		.account_id = s->session->username,
+		.session_tv = &s->session->sessionstart_tv,
+		.local_addr = {
+			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.transport = mansession_get_transport(s),
+		},
+		.remote_addr = {
+			.sin       = &s->session->sin,
+			.transport = mansession_get_transport(s),
+		},
+	};
+
+	ast_str_set(&session_id, 0, "%p", s->session);
+	inval_acct_id.session_id = ast_str_buffer(session_id);
+
+	ast_security_event_report(AST_SEC_EVT(&inval_acct_id));
 }
 
 static void report_failed_acl(const struct mansession *s, const char *username)
 {
-	/* XXX */
+	struct sockaddr_in sin_local = { 0, };
+	struct ast_str *session_id = ast_str_alloca(32);
+	struct ast_security_event_failed_acl failed_acl_event = {
+		.common.event_type = AST_SECURITY_EVENT_FAILED_ACL,
+		.common.version    = AST_SECURITY_EVENT_FAILED_ACL_VERSION,
+		.common.service    = "AMI",
+
+		.account_id = s->session->username,
+		.session_tv = &s->session->sessionstart_tv,
+		.local_addr = {
+			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.transport = mansession_get_transport(s),
+		},
+		.remote_addr = {
+			.sin       = &s->session->sin,
+			.transport = mansession_get_transport(s),
+		},
+	};
+
+	ast_str_set(&session_id, 0, "%p", s->session);
+	failed_acl_event.session_id = ast_str_buffer(session_id);
+
+	ast_security_event_report(AST_SEC_EVT(&failed_acl_event));
 }
 
 /*
@@ -1819,6 +1880,7 @@
 	s->session->writeperm = user->writeperm;
 	s->session->writetimeout = user->writetimeout;
 	s->session->sessionstart = time(NULL);
+	s->session->sessionstart_tv = ast_tvnow();
 	set_eventmask(s, astman_get_header(m, "Events"));
 
 	AST_RWLIST_UNLOCK(&users);
@@ -3754,7 +3816,9 @@
 {
 	struct ast_tcptls_session_instance *ser = data;
 	struct mansession_session *session = build_mansession(ser->remote_address);
-	struct mansession s = { NULL, };
+	struct mansession s = {
+		.tcptls_session = data,
+	};
 	int flags;
 	int res;
 


