[svn-commits] russell: branch group/security_events r199733 - /team/group/security_events/m...

SVN commits to the Digium repositories svn-commits at lists.digium.com
Tue Jun 9 07:23:32 CDT 2009 

Author: russell
Date: Tue Jun  9 07:23:29 2009
New Revision: 199733

URL: http://svn.asterisk.org/svn-view/asterisk?view=rev&rev=199733
Log:
Report request not allowed security event for AMI

Modified:
    team/group/security_events/main/manager.c

Modified: team/group/security_events/main/manager.c
URL: http://svn.asterisk.org/svn-view/asterisk/team/group/security_events/main/manager.c?view=diff&rev=199733&r1=199732&r2=199733
==============================================================================
--- team/group/security_events/main/manager.c (original)
+++ team/group/security_events/main/manager.c Tue Jun  9 07:23:29 2009
@@ -1860,6 +1860,37 @@
 	ast_security_event_report(AST_SEC_EVT(&successful_auth));
 }
 
+static void report_req_not_allowed(const struct mansession *s, const char *action)
+{
+	struct sockaddr_in sin_local = { 0, };
+	struct ast_str *session_id = ast_str_alloca(32);
+	struct ast_str *request_type = ast_str_alloca(64);
+	struct ast_security_event_req_not_allowed req_not_allowed = {
+		.common.event_type = AST_SECURITY_EVENT_REQ_NOT_ALLOWED,
+		.common.version    = AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION,
+		.common.service    = "AMI",
+
+		.account_id = s->session->username,
+		.session_tv = &s->session->sessionstart_tv,
+		.local_addr = {
+			.sin       = mansession_encode_sin_local(s, &sin_local),
+			.transport = mansession_get_transport(s),
+		},
+		.remote_addr = {
+			.sin       = &s->session->sin,
+			.transport = mansession_get_transport(s),
+		},
+	};
+
+	ast_str_set(&session_id, 0, "%p", s->session);
+	req_not_allowed.session_id = ast_str_buffer(session_id);
+
+	ast_str_set(&request_type, 0, "Action: %s", action);
+	req_not_allowed.request_type = ast_str_buffer(request_type);
+
+	ast_security_event_report(AST_SEC_EVT(&req_not_allowed));
+}
+
 /*
  * Here we start with action_ handlers for AMI actions,
  * and the internal functions used by them.
@@ -3719,7 +3750,7 @@
 		} else {
 			astman_send_error(s, m, "Permission denied");
 			tmp = NULL;
-			/* XXX Request not allowed */
+			report_req_not_allowed(s, action);
 		}
 		break;
 	}

More information about the svn-commits mailing list