security_events_defs.h File Reference
Security Event Reporting Data Structures. More...
#include "asterisk/network.h"
Go to the source code of this file.
Detailed Description
Security Event Reporting Data Structures.
Definition in file security_events_defs.h.
Define Documentation
| #define AST_SEC_EVT | ( | e | ) | ((struct ast_security_event_common *) e) |
Definition at line 152 of file security_events_defs.h.
Referenced by report_auth_success(), report_failed_acl(), report_failed_challenge_response(), report_inval_password(), report_invalid_user(), report_req_bad_format(), report_req_not_allowed(), report_session_limit(), sip_report_auth_success(), sip_report_chal_sent(), sip_report_failed_acl(), sip_report_failed_challenge_response(), sip_report_inval_password(), sip_report_inval_transport(), sip_report_invalid_peer(), and sip_report_session_limit().
| #define AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 353 of file security_events_defs.h.
| #define AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 442 of file security_events_defs.h.
Referenced by report_failed_challenge_response(), and sip_report_failed_challenge_response().
| #define AST_SECURITY_EVENT_CHAL_SENT_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 504 of file security_events_defs.h.
Referenced by sip_report_chal_sent().
| #define AST_SECURITY_EVENT_FAILED_ACL_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 221 of file security_events_defs.h.
Referenced by report_failed_acl(), and sip_report_failed_acl().
| #define AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 242 of file security_events_defs.h.
Referenced by report_invalid_user(), and sip_report_invalid_peer().
| #define AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION 2 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 473 of file security_events_defs.h.
Referenced by report_inval_password(), and sip_report_inval_password().
| #define AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 525 of file security_events_defs.h.
Referenced by sip_report_inval_transport().
| #define AST_SECURITY_EVENT_LOAD_AVG_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 290 of file security_events_defs.h.
| #define AST_SECURITY_EVENT_MEM_LIMIT_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 274 of file security_events_defs.h.
| #define AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 374 of file security_events_defs.h.
Referenced by report_req_bad_format().
| #define AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 306 of file security_events_defs.h.
| #define AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 327 of file security_events_defs.h.
Referenced by report_req_not_allowed().
| #define AST_SECURITY_EVENT_SESSION_LIMIT_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 258 of file security_events_defs.h.
Referenced by report_session_limit(), and sip_report_session_limit().
| #define AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 400 of file security_events_defs.h.
Referenced by report_auth_success(), and sip_report_auth_success().
| #define AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION 1 |
Event descriptor version.
- Note:
- This _must_ be changed if this event descriptor is changed.
Definition at line 421 of file security_events_defs.h.
Enumeration Type Documentation
the severity of a security event
This is defined as a bit field to make it easy for consumers of the API to subscribe to any combination of the defined severity levels.
XXX
- Todo:
- Do we need any more levels here?
- Enumerator:
-
AST_SECURITY_EVENT_SEVERITY_INFO Informational event, not something that has gone wrong. AST_SECURITY_EVENT_SEVERITY_ERROR Something has gone wrong.
Definition at line 136 of file security_events_defs.h.
00136 { 00137 /*! \brief Informational event, not something that has gone wrong */ 00138 AST_SECURITY_EVENT_SEVERITY_INFO = (1 << 0), 00139 /*! \brief Something has gone wrong */ 00140 AST_SECURITY_EVENT_SEVERITY_ERROR = (1 << 1), 00141 };
Transport types.
- Enumerator:
-
AST_SECURITY_EVENT_TRANSPORT_UDP AST_SECURITY_EVENT_TRANSPORT_TCP AST_SECURITY_EVENT_TRANSPORT_TLS
Definition at line 146 of file security_events_defs.h.
00146 { 00147 AST_SECURITY_EVENT_TRANSPORT_UDP, 00148 AST_SECURITY_EVENT_TRANSPORT_TCP, 00149 AST_SECURITY_EVENT_TRANSPORT_TLS, 00150 };
Security event types.
AST_EVENT_SECURITY is the event type of an ast_event generated as a security event. The event will have an information element of type AST_EVENT_IE_SECURITY_EVENT which identifies the security event sub-type. This enum defines the possible values for this sub-type.
- Enumerator:
-
AST_SECURITY_EVENT_FAILED_ACL Failed ACL. This security event should be generated when an incoming request was made, but was denied due to configured IP address access control lists.
AST_SECURITY_EVENT_INVAL_ACCT_ID Invalid Account ID. This event is used when an invalid account identifier is supplied during authentication. For example, if an invalid username is given, this event should be used.
AST_SECURITY_EVENT_SESSION_LIMIT Session limit reached. A request has been denied because a configured session limit has been reached, such as a call limit.
AST_SECURITY_EVENT_MEM_LIMIT Memory limit reached. A request has been denied because a configured memory limit has been reached.
AST_SECURITY_EVENT_LOAD_AVG Load Average limit reached. A request has been denied because a configured load average limit has been reached.
AST_SECURITY_EVENT_REQ_NO_SUPPORT A request was made that we understand, but do not support. AST_SECURITY_EVENT_REQ_NOT_ALLOWED A request was made that is not allowed. AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED The attempted authentication method is not allowed. AST_SECURITY_EVENT_REQ_BAD_FORMAT Request received with bad formatting. AST_SECURITY_EVENT_SUCCESSFUL_AUTH FYI FWIW, Successful authentication has occurred. AST_SECURITY_EVENT_UNEXPECTED_ADDR An unexpected source address was seen for a session in progress. AST_SECURITY_EVENT_CHAL_RESP_FAILED An attempt at challenge/response authentication failed. AST_SECURITY_EVENT_INVAL_PASSWORD An attempt at basic password authentication failed. AST_SECURITY_EVENT_CHAL_SENT Challenge was sent out, informational. AST_SECURITY_EVENT_INVAL_TRANSPORT An attempt to contact a peer on an invalid transport. AST_SECURITY_EVENT_NUM_TYPES This _must_ stay at the end.
Definition at line 44 of file security_events_defs.h.
00044 { 00045 /*! 00046 * \brief Failed ACL 00047 * 00048 * This security event should be generated when an incoming request 00049 * was made, but was denied due to configured IP address access control 00050 * lists. 00051 */ 00052 AST_SECURITY_EVENT_FAILED_ACL, 00053 /*! 00054 * \brief Invalid Account ID 00055 * 00056 * This event is used when an invalid account identifier is supplied 00057 * during authentication. For example, if an invalid username is given, 00058 * this event should be used. 00059 */ 00060 AST_SECURITY_EVENT_INVAL_ACCT_ID, 00061 /*! 00062 * \brief Session limit reached 00063 * 00064 * A request has been denied because a configured session limit has been 00065 * reached, such as a call limit. 00066 */ 00067 AST_SECURITY_EVENT_SESSION_LIMIT, 00068 /*! 00069 * \brief Memory limit reached 00070 * 00071 * A request has been denied because a configured memory limit has been 00072 * reached. 00073 */ 00074 AST_SECURITY_EVENT_MEM_LIMIT, 00075 /*! 00076 * \brief Load Average limit reached 00077 * 00078 * A request has been denied because a configured load average limit has been 00079 * reached. 00080 */ 00081 AST_SECURITY_EVENT_LOAD_AVG, 00082 /*! 00083 * \brief A request was made that we understand, but do not support 00084 */ 00085 AST_SECURITY_EVENT_REQ_NO_SUPPORT, 00086 /*! 00087 * \brief A request was made that is not allowed 00088 */ 00089 AST_SECURITY_EVENT_REQ_NOT_ALLOWED, 00090 /*! 00091 * \brief The attempted authentication method is not allowed 00092 */ 00093 AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED, 00094 /*! 00095 * \brief Request received with bad formatting 00096 */ 00097 AST_SECURITY_EVENT_REQ_BAD_FORMAT, 00098 /*! 00099 * \brief FYI FWIW, Successful authentication has occurred 00100 */ 00101 AST_SECURITY_EVENT_SUCCESSFUL_AUTH, 00102 /*! 00103 * \brief An unexpected source address was seen for a session in progress 00104 */ 00105 AST_SECURITY_EVENT_UNEXPECTED_ADDR, 00106 /*! 00107 * \brief An attempt at challenge/response authentication failed 00108 */ 00109 AST_SECURITY_EVENT_CHAL_RESP_FAILED, 00110 /*! 00111 * \brief An attempt at basic password authentication failed 00112 */ 00113 AST_SECURITY_EVENT_INVAL_PASSWORD, 00114 /*! 00115 * \brief Challenge was sent out, informational 00116 */ 00117 AST_SECURITY_EVENT_CHAL_SENT, 00118 /*! 00119 * \brief An attempt to contact a peer on an invalid transport. 00120 */ 00121 AST_SECURITY_EVENT_INVAL_TRANSPORT, 00122 /*! 00123 * \brief This _must_ stay at the end. 00124 */ 00125 AST_SECURITY_EVENT_NUM_TYPES 00126 };
