[asterisk-dev] [Code Review] Generate security events in chan_sip using new Security Events Framework
elguero
reviewboard at asterisk.org
Mon Sep 19 12:35:49 CDT 2011
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1362/
-----------------------------------------------------------
(Updated Sept. 19, 2011, 12:35 p.m.)
Review request for Asterisk Developers.
Changes
-------
- Fixed formatting issues in prior review
- Prefixed functions, where appropriate, with sip_ and added to the sip header file so they can be called from other sip code files
- Added to the Security Events Framework the ability to log the challenge and hash used when there is a failed password; also, if a password was used or not
- Added to the framework an event for when a challenge is sent out
- Added an event for when there is an invalid transport in the request
- Attempted to "refactor" somewhat so that the code is easier to maintain. Created a function to handle the various reporting parameters for the different security events and then call the appropriate function which will generate a security event.
This takes care of REGISTER and INVITE for now. Hopefully it will be somewhat easier to add security events to the other incoming SIP methods with these changes.
I hope I am on the right track with these changes.
Summary
-------
Security Events Framework was added in 1.8 and support was added for AMI to generate events at that time.
This patch attempts to add support in chan_sip to generate security events. Hopefully we can get this into Asterisk 10.
I am looking forward to hearing feedback on where this patch can be improved especially from those who have an intimate knowledge of chan_sip.
Thanks
This addresses bug ASTERISK-18264.
https://issues.asterisk.org/jira/browse/ASTERISK-18264
Diffs (updated)
-----
/branches/10/CHANGES 336574
/branches/10/channels/chan_sip.c 336574
/branches/10/channels/sip/include/sip.h 336574
/branches/10/configs/logger.conf.sample 336574
/branches/10/include/asterisk/event_defs.h 336574
/branches/10/include/asterisk/security_events_defs.h 336574
/branches/10/main/event.c 336574
/branches/10/main/security_events.c 336574
Diff: https://reviewboard.asterisk.org/r/1362/diff
Testing
-------
Local dev machine and a softphone. Generated events by using the wrong username, wrong password, wrong auth name, successful authentication.
Thanks,
elguero
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20110919/dfbba572/attachment.htm>
More information about the asterisk-dev
mailing list