test_security_events.c 21 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706
  1. /*
  2. * Asterisk -- An open source telephony toolkit.
  3. *
  4. * Copyright (C) 2012, Digium, Inc.
  5. *
  6. * Russell Bryant <russell@digium.com>
  7. *
  8. * See http://www.asterisk.org for more information about
  9. * the Asterisk project. Please do not directly contact
  10. * any of the maintainers of this project for assistance;
  11. * the project provides a web site, mailing lists and IRC
  12. * channels for your use.
  13. *
  14. * This program is free software, distributed under the terms of
  15. * the GNU General Public License Version 2. See the LICENSE file
  16. * at the top of the source tree.
  17. */
  18. /*! \file
  19. *
  20. * \brief Test security event generation
  21. *
  22. * \author Russell Bryant <russell@digium.com>
  23. */
  24. /*** MODULEINFO
  25. <depend>TEST_FRAMEWORK</depend>
  26. <support_level>core</support_level>
  27. ***/
  28. #include "asterisk.h"
  29. ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
  30. #include "asterisk/module.h"
  31. #include "asterisk/cli.h"
  32. #include "asterisk/utils.h"
  33. #include "asterisk/security_events.h"
  34. #include "asterisk/netsock2.h"
  35. static void evt_gen_failed_acl(void);
  36. static void evt_gen_inval_acct_id(void);
  37. static void evt_gen_session_limit(void);
  38. static void evt_gen_mem_limit(void);
  39. static void evt_gen_load_avg(void);
  40. static void evt_gen_req_no_support(void);
  41. static void evt_gen_req_not_allowed(void);
  42. static void evt_gen_auth_method_not_allowed(void);
  43. static void evt_gen_req_bad_format(void);
  44. static void evt_gen_successful_auth(void);
  45. static void evt_gen_unexpected_addr(void);
  46. static void evt_gen_chal_resp_failed(void);
  47. static void evt_gen_inval_password(void);
  48. static void evt_gen_chal_sent(void);
  49. static void evt_gen_inval_transport(void);
  50. typedef void (*evt_generator)(void);
  51. static const evt_generator evt_generators[AST_SECURITY_EVENT_NUM_TYPES] = {
  52. [AST_SECURITY_EVENT_FAILED_ACL] = evt_gen_failed_acl,
  53. [AST_SECURITY_EVENT_INVAL_ACCT_ID] = evt_gen_inval_acct_id,
  54. [AST_SECURITY_EVENT_SESSION_LIMIT] = evt_gen_session_limit,
  55. [AST_SECURITY_EVENT_MEM_LIMIT] = evt_gen_mem_limit,
  56. [AST_SECURITY_EVENT_LOAD_AVG] = evt_gen_load_avg,
  57. [AST_SECURITY_EVENT_REQ_NO_SUPPORT] = evt_gen_req_no_support,
  58. [AST_SECURITY_EVENT_REQ_NOT_ALLOWED] = evt_gen_req_not_allowed,
  59. [AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED] = evt_gen_auth_method_not_allowed,
  60. [AST_SECURITY_EVENT_REQ_BAD_FORMAT] = evt_gen_req_bad_format,
  61. [AST_SECURITY_EVENT_SUCCESSFUL_AUTH] = evt_gen_successful_auth,
  62. [AST_SECURITY_EVENT_UNEXPECTED_ADDR] = evt_gen_unexpected_addr,
  63. [AST_SECURITY_EVENT_CHAL_RESP_FAILED] = evt_gen_chal_resp_failed,
  64. [AST_SECURITY_EVENT_INVAL_PASSWORD] = evt_gen_inval_password,
  65. [AST_SECURITY_EVENT_CHAL_SENT] = evt_gen_chal_sent,
  66. [AST_SECURITY_EVENT_INVAL_TRANSPORT] = evt_gen_inval_transport,
  67. };
  68. static void evt_gen_failed_acl(void)
  69. {
  70. struct ast_sockaddr addr_local = { {0,} };
  71. struct ast_sockaddr addr_remote = { {0,} };
  72. struct timeval session_tv = ast_tvnow();
  73. struct ast_security_event_failed_acl failed_acl_event = {
  74. .common.event_type = AST_SECURITY_EVENT_FAILED_ACL,
  75. .common.version = AST_SECURITY_EVENT_FAILED_ACL_VERSION,
  76. .common.service = "TEST",
  77. .common.module = AST_MODULE,
  78. .common.account_id = "Username",
  79. .common.session_id = "Session123",
  80. .common.session_tv = &session_tv,
  81. .common.local_addr = {
  82. .addr = &addr_local,
  83. .transport = AST_TRANSPORT_UDP,
  84. },
  85. .common.remote_addr = {
  86. .addr = &addr_remote,
  87. .transport = AST_TRANSPORT_UDP,
  88. },
  89. .acl_name = "TEST_ACL",
  90. };
  91. char localaddr[53];
  92. char remoteaddr[53];
  93. ast_copy_string(localaddr, "192.168.1.1:12121", sizeof(localaddr));
  94. ast_copy_string(remoteaddr, "192.168.1.2:12345", sizeof(remoteaddr));
  95. ast_sockaddr_parse(&addr_local, localaddr, 0);
  96. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  97. ast_security_event_report(AST_SEC_EVT(&failed_acl_event));
  98. }
  99. static void evt_gen_inval_acct_id(void)
  100. {
  101. struct ast_sockaddr addr_local = { {0,} };
  102. struct ast_sockaddr addr_remote = { {0,} };
  103. struct timeval session_tv = ast_tvnow();
  104. struct ast_security_event_inval_acct_id inval_acct_id = {
  105. .common.event_type = AST_SECURITY_EVENT_INVAL_ACCT_ID,
  106. .common.version = AST_SECURITY_EVENT_INVAL_ACCT_ID_VERSION,
  107. .common.service = "TEST",
  108. .common.module = AST_MODULE,
  109. .common.account_id = "FakeUser",
  110. .common.session_id = "Session456",
  111. .common.session_tv = &session_tv,
  112. .common.local_addr = {
  113. .addr = &addr_local,
  114. .transport = AST_TRANSPORT_TCP,
  115. },
  116. .common.remote_addr = {
  117. .addr = &addr_remote,
  118. .transport = AST_TRANSPORT_TCP,
  119. },
  120. };
  121. char localaddr[53];
  122. char remoteaddr[53];
  123. ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
  124. ast_copy_string(remoteaddr, "10.1.2.4:123", sizeof(remoteaddr));
  125. ast_sockaddr_parse(&addr_local, localaddr, 0);
  126. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  127. ast_security_event_report(AST_SEC_EVT(&inval_acct_id));
  128. }
  129. static void evt_gen_session_limit(void)
  130. {
  131. struct ast_sockaddr addr_local = { {0,} };
  132. struct ast_sockaddr addr_remote = { {0,} };
  133. struct timeval session_tv = ast_tvnow();
  134. struct ast_security_event_session_limit session_limit = {
  135. .common.event_type = AST_SECURITY_EVENT_SESSION_LIMIT,
  136. .common.version = AST_SECURITY_EVENT_SESSION_LIMIT_VERSION,
  137. .common.service = "TEST",
  138. .common.module = AST_MODULE,
  139. .common.account_id = "Jenny",
  140. .common.session_id = "8675309",
  141. .common.session_tv = &session_tv,
  142. .common.local_addr = {
  143. .addr = &addr_local,
  144. .transport = AST_TRANSPORT_TLS,
  145. },
  146. .common.remote_addr = {
  147. .addr = &addr_remote,
  148. .transport = AST_TRANSPORT_TLS,
  149. },
  150. };
  151. char localaddr[53];
  152. char remoteaddr[53];
  153. ast_copy_string(localaddr, "10.5.4.3:4444", sizeof(localaddr));
  154. ast_copy_string(remoteaddr, "10.5.4.2:3333", sizeof(remoteaddr));
  155. ast_sockaddr_parse(&addr_local, localaddr, 0);
  156. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  157. ast_security_event_report(AST_SEC_EVT(&session_limit));
  158. }
  159. static void evt_gen_mem_limit(void)
  160. {
  161. struct ast_sockaddr addr_local = { {0,} };
  162. struct ast_sockaddr addr_remote = { {0,} };
  163. struct timeval session_tv = ast_tvnow();
  164. struct ast_security_event_mem_limit mem_limit = {
  165. .common.event_type = AST_SECURITY_EVENT_MEM_LIMIT,
  166. .common.version = AST_SECURITY_EVENT_MEM_LIMIT_VERSION,
  167. .common.service = "TEST",
  168. .common.module = AST_MODULE,
  169. .common.account_id = "Felix",
  170. .common.session_id = "Session2604",
  171. .common.session_tv = &session_tv,
  172. .common.local_addr = {
  173. .addr = &addr_local,
  174. .transport = AST_TRANSPORT_UDP,
  175. },
  176. .common.remote_addr = {
  177. .addr = &addr_remote,
  178. .transport = AST_TRANSPORT_UDP,
  179. },
  180. };
  181. char localaddr[53];
  182. char remoteaddr[53];
  183. ast_copy_string(localaddr, "10.10.10.10:555", sizeof(localaddr));
  184. ast_copy_string(remoteaddr, "10.10.10.12:5656", sizeof(remoteaddr));
  185. ast_sockaddr_parse(&addr_local, localaddr, 0);
  186. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  187. ast_security_event_report(AST_SEC_EVT(&mem_limit));
  188. }
  189. static void evt_gen_load_avg(void)
  190. {
  191. struct ast_sockaddr addr_local = { {0,} };
  192. struct ast_sockaddr addr_remote = { {0,} };
  193. struct timeval session_tv = ast_tvnow();
  194. struct ast_security_event_load_avg load_avg = {
  195. .common.event_type = AST_SECURITY_EVENT_LOAD_AVG,
  196. .common.version = AST_SECURITY_EVENT_LOAD_AVG_VERSION,
  197. .common.service = "TEST",
  198. .common.module = AST_MODULE,
  199. .common.account_id = "GuestAccount",
  200. .common.session_id = "XYZ123",
  201. .common.session_tv = &session_tv,
  202. .common.local_addr = {
  203. .addr = &addr_local,
  204. .transport = AST_TRANSPORT_UDP,
  205. },
  206. .common.remote_addr = {
  207. .addr = &addr_remote,
  208. .transport = AST_TRANSPORT_UDP,
  209. },
  210. };
  211. char localaddr[53];
  212. char remoteaddr[53];
  213. ast_copy_string(localaddr, "10.11.12.13:9876", sizeof(localaddr));
  214. ast_copy_string(remoteaddr, "10.12.11.10:9825", sizeof(remoteaddr));
  215. ast_sockaddr_parse(&addr_local, localaddr, 0);
  216. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  217. ast_security_event_report(AST_SEC_EVT(&load_avg));
  218. }
  219. static void evt_gen_req_no_support(void)
  220. {
  221. struct ast_sockaddr addr_local = { {0,} };
  222. struct ast_sockaddr addr_remote = { {0,} };
  223. struct timeval session_tv = ast_tvnow();
  224. struct ast_security_event_req_no_support req_no_support = {
  225. .common.event_type = AST_SECURITY_EVENT_REQ_NO_SUPPORT,
  226. .common.version = AST_SECURITY_EVENT_REQ_NO_SUPPORT_VERSION,
  227. .common.service = "TEST",
  228. .common.module = AST_MODULE,
  229. .common.account_id = "George",
  230. .common.session_id = "asdkl23478289lasdkf",
  231. .common.session_tv = &session_tv,
  232. .common.local_addr = {
  233. .addr = &addr_local,
  234. .transport = AST_TRANSPORT_UDP,
  235. },
  236. .common.remote_addr = {
  237. .addr = &addr_remote,
  238. .transport = AST_TRANSPORT_UDP,
  239. },
  240. .request_type = "MakeMeDinner",
  241. };
  242. char localaddr[53];
  243. char remoteaddr[53];
  244. ast_copy_string(localaddr, "10.110.120.130:9888", sizeof(localaddr));
  245. ast_copy_string(remoteaddr, "10.120.110.100:9777", sizeof(remoteaddr));
  246. ast_sockaddr_parse(&addr_local, localaddr, 0);
  247. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  248. ast_security_event_report(AST_SEC_EVT(&req_no_support));
  249. }
  250. static void evt_gen_req_not_allowed(void)
  251. {
  252. struct ast_sockaddr addr_local = { {0,} };
  253. struct ast_sockaddr addr_remote = { {0,} };
  254. struct timeval session_tv = ast_tvnow();
  255. struct ast_security_event_req_not_allowed req_not_allowed = {
  256. .common.event_type = AST_SECURITY_EVENT_REQ_NOT_ALLOWED,
  257. .common.version = AST_SECURITY_EVENT_REQ_NOT_ALLOWED_VERSION,
  258. .common.service = "TEST",
  259. .common.module = AST_MODULE,
  260. .common.account_id = "George",
  261. .common.session_id = "alksdjf023423h4lka0df",
  262. .common.session_tv = &session_tv,
  263. .common.local_addr = {
  264. .addr = &addr_local,
  265. .transport = AST_TRANSPORT_UDP,
  266. },
  267. .common.remote_addr = {
  268. .addr = &addr_remote,
  269. .transport = AST_TRANSPORT_UDP,
  270. },
  271. .request_type = "MakeMeBreakfast",
  272. .request_params = "BACONNNN!",
  273. };
  274. char localaddr[53];
  275. char remoteaddr[53];
  276. ast_copy_string(localaddr, "10.110.120.130:9888", sizeof(localaddr));
  277. ast_copy_string(remoteaddr, "10.120.110.100:9777", sizeof(remoteaddr));
  278. ast_sockaddr_parse(&addr_local, localaddr, 0);
  279. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  280. ast_security_event_report(AST_SEC_EVT(&req_not_allowed));
  281. }
  282. static void evt_gen_auth_method_not_allowed(void)
  283. {
  284. struct ast_sockaddr addr_local = { {0,} };
  285. struct ast_sockaddr addr_remote = { {0,} };
  286. struct timeval session_tv = ast_tvnow();
  287. struct ast_security_event_auth_method_not_allowed auth_method_not_allowed = {
  288. .common.event_type = AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED,
  289. .common.version = AST_SECURITY_EVENT_AUTH_METHOD_NOT_ALLOWED_VERSION,
  290. .common.service = "TEST",
  291. .common.module = AST_MODULE,
  292. .common.account_id = "Bob",
  293. .common.session_id = "010101010101",
  294. .common.session_tv = &session_tv,
  295. .common.local_addr = {
  296. .addr = &addr_local,
  297. .transport = AST_TRANSPORT_TCP,
  298. },
  299. .common.remote_addr = {
  300. .addr = &addr_remote,
  301. .transport = AST_TRANSPORT_TCP,
  302. },
  303. .auth_method = "PlainText"
  304. };
  305. char localaddr[53];
  306. char remoteaddr[53];
  307. ast_copy_string(localaddr, "10.110.120.135:8754", sizeof(localaddr));
  308. ast_copy_string(remoteaddr, "10.120.110.105:8745", sizeof(remoteaddr));
  309. ast_sockaddr_parse(&addr_local, localaddr, 0);
  310. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  311. ast_security_event_report(AST_SEC_EVT(&auth_method_not_allowed));
  312. }
  313. static void evt_gen_req_bad_format(void)
  314. {
  315. struct ast_sockaddr addr_local = { {0,} };
  316. struct ast_sockaddr addr_remote = { {0,} };
  317. struct timeval session_tv = ast_tvnow();
  318. struct ast_security_event_req_bad_format req_bad_format = {
  319. .common.event_type = AST_SECURITY_EVENT_REQ_BAD_FORMAT,
  320. .common.version = AST_SECURITY_EVENT_REQ_BAD_FORMAT_VERSION,
  321. .common.service = "TEST",
  322. .common.module = AST_MODULE,
  323. .common.account_id = "Larry",
  324. .common.session_id = "838383fhfhf83hf8h3f8h",
  325. .common.session_tv = &session_tv,
  326. .common.local_addr = {
  327. .addr = &addr_local,
  328. .transport = AST_TRANSPORT_TCP,
  329. },
  330. .common.remote_addr = {
  331. .addr = &addr_remote,
  332. .transport = AST_TRANSPORT_TCP,
  333. },
  334. .request_type = "CheeseBurger",
  335. .request_params = "Onions,Swiss,MotorOil",
  336. };
  337. char localaddr[53];
  338. char remoteaddr[53];
  339. ast_copy_string(localaddr, "10.110.220.230:1212", sizeof(localaddr));
  340. ast_copy_string(remoteaddr, "10.120.210.200:2121", sizeof(remoteaddr));
  341. ast_sockaddr_parse(&addr_local, localaddr, 0);
  342. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  343. ast_security_event_report(AST_SEC_EVT(&req_bad_format));
  344. }
  345. static void evt_gen_successful_auth(void)
  346. {
  347. struct ast_sockaddr addr_local = { {0,} };
  348. struct ast_sockaddr addr_remote = { {0,} };
  349. struct timeval session_tv = ast_tvnow();
  350. struct ast_security_event_successful_auth successful_auth = {
  351. .common.event_type = AST_SECURITY_EVENT_SUCCESSFUL_AUTH,
  352. .common.version = AST_SECURITY_EVENT_SUCCESSFUL_AUTH_VERSION,
  353. .common.service = "TEST",
  354. .common.module = AST_MODULE,
  355. .common.account_id = "ValidUser",
  356. .common.session_id = "Session456",
  357. .common.session_tv = &session_tv,
  358. .common.local_addr = {
  359. .addr = &addr_local,
  360. .transport = AST_TRANSPORT_TCP,
  361. },
  362. .common.remote_addr = {
  363. .addr = &addr_remote,
  364. .transport = AST_TRANSPORT_TCP,
  365. },
  366. };
  367. char localaddr[53];
  368. char remoteaddr[53];
  369. ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
  370. ast_copy_string(remoteaddr, "10.1.2.4:1234", sizeof(remoteaddr));
  371. ast_sockaddr_parse(&addr_local, localaddr, 0);
  372. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  373. ast_security_event_report(AST_SEC_EVT(&successful_auth));
  374. }
  375. static void evt_gen_unexpected_addr(void)
  376. {
  377. struct ast_sockaddr addr_local = { {0,} };
  378. struct ast_sockaddr addr_remote = { {0,} };
  379. struct ast_sockaddr addr_expected = { {0,} };
  380. struct timeval session_tv = ast_tvnow();
  381. struct ast_security_event_unexpected_addr unexpected_addr = {
  382. .common.event_type = AST_SECURITY_EVENT_UNEXPECTED_ADDR,
  383. .common.version = AST_SECURITY_EVENT_UNEXPECTED_ADDR_VERSION,
  384. .common.service = "TEST",
  385. .common.module = AST_MODULE,
  386. .common.account_id = "CoolUser",
  387. .common.session_id = "Session789",
  388. .common.session_tv = &session_tv,
  389. .common.local_addr = {
  390. .addr = &addr_local,
  391. .transport = AST_TRANSPORT_UDP,
  392. },
  393. .common.remote_addr = {
  394. .addr = &addr_remote,
  395. .transport = AST_TRANSPORT_UDP,
  396. },
  397. .expected_addr = {
  398. .addr = &addr_expected,
  399. .transport = AST_TRANSPORT_UDP,
  400. },
  401. };
  402. char localaddr[53];
  403. char remoteaddr[53];
  404. char expectedaddr[53];
  405. ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
  406. ast_copy_string(remoteaddr, "10.1.2.4:1234", sizeof(remoteaddr));
  407. ast_copy_string(expectedaddr, "10.1.2.5:2343", sizeof(expectedaddr));
  408. ast_sockaddr_parse(&addr_local, localaddr, 0);
  409. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  410. ast_sockaddr_parse(&addr_expected, expectedaddr, 0);
  411. ast_security_event_report(AST_SEC_EVT(&unexpected_addr));
  412. }
  413. static void evt_gen_chal_resp_failed(void)
  414. {
  415. struct ast_sockaddr addr_local = { {0,} };
  416. struct ast_sockaddr addr_remote = { {0,} };
  417. struct timeval session_tv = ast_tvnow();
  418. struct ast_security_event_chal_resp_failed chal_resp_failed = {
  419. .common.event_type = AST_SECURITY_EVENT_CHAL_RESP_FAILED,
  420. .common.version = AST_SECURITY_EVENT_CHAL_RESP_FAILED_VERSION,
  421. .common.service = "TEST",
  422. .common.module = AST_MODULE,
  423. .common.account_id = "SuperDuperUser",
  424. .common.session_id = "Session1231231231",
  425. .common.session_tv = &session_tv,
  426. .common.local_addr = {
  427. .addr = &addr_local,
  428. .transport = AST_TRANSPORT_TCP,
  429. },
  430. .common.remote_addr = {
  431. .addr = &addr_remote,
  432. .transport = AST_TRANSPORT_TCP,
  433. },
  434. .challenge = "8adf8a9sd8fas9df23ljk4",
  435. .response = "9u3jlaksdjflakjsdfoi23",
  436. .expected_response = "oiafaljhadf9834luahk3k",
  437. };
  438. char localaddr[53];
  439. char remoteaddr[53];
  440. ast_copy_string(localaddr, "10.1.2.3:4321", sizeof(localaddr));
  441. ast_copy_string(remoteaddr, "10.1.2.4:1234", sizeof(remoteaddr));
  442. ast_sockaddr_parse(&addr_local, localaddr, 0);
  443. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  444. ast_security_event_report(AST_SEC_EVT(&chal_resp_failed));
  445. }
  446. static void evt_gen_inval_password(void)
  447. {
  448. struct ast_sockaddr addr_local = { {0,} };
  449. struct ast_sockaddr addr_remote = { {0,} };
  450. struct timeval session_tv = ast_tvnow();
  451. struct ast_security_event_inval_password inval_password = {
  452. .common.event_type = AST_SECURITY_EVENT_INVAL_PASSWORD,
  453. .common.version = AST_SECURITY_EVENT_INVAL_PASSWORD_VERSION,
  454. .common.service = "TEST",
  455. .common.module = AST_MODULE,
  456. .common.account_id = "AccountIDGoesHere",
  457. .common.session_id = "SessionIDGoesHere",
  458. .common.session_tv = &session_tv,
  459. .common.local_addr = {
  460. .addr = &addr_local,
  461. .transport = AST_TRANSPORT_TCP,
  462. },
  463. .common.remote_addr = {
  464. .addr = &addr_remote,
  465. .transport = AST_TRANSPORT_TCP,
  466. },
  467. .challenge = "GoOdChAlLeNgE",
  468. .received_challenge = "BaDcHaLlEnGe",
  469. .received_hash = "3ad9023adf309",
  470. };
  471. char localaddr[53];
  472. char remoteaddr[53];
  473. ast_copy_string(localaddr, "10.200.100.30:4321", sizeof(localaddr));
  474. ast_copy_string(remoteaddr, "10.200.100.40:1234", sizeof(remoteaddr));
  475. ast_sockaddr_parse(&addr_local, localaddr, 0);
  476. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  477. ast_security_event_report(AST_SEC_EVT(&inval_password));
  478. }
  479. static void evt_gen_chal_sent(void)
  480. {
  481. struct ast_sockaddr addr_local = { {0,} };
  482. struct ast_sockaddr addr_remote = { {0,} };
  483. struct timeval session_tv = ast_tvnow();
  484. struct ast_security_event_chal_sent chal_sent = {
  485. .common.event_type = AST_SECURITY_EVENT_CHAL_SENT,
  486. .common.version = AST_SECURITY_EVENT_CHAL_SENT_VERSION,
  487. .common.service = "TEST",
  488. .common.module = AST_MODULE,
  489. .common.account_id = "AccountIDGoesHere",
  490. .common.session_id = "SessionIDGoesHere",
  491. .common.session_tv = &session_tv,
  492. .common.local_addr = {
  493. .addr = &addr_local,
  494. .transport = AST_TRANSPORT_TCP,
  495. },
  496. .common.remote_addr = {
  497. .addr = &addr_remote,
  498. .transport = AST_TRANSPORT_TCP,
  499. },
  500. .challenge = "IcHaLlEnGeYoU",
  501. };
  502. char localaddr[53];
  503. char remoteaddr[53];
  504. ast_copy_string(localaddr, "10.200.10.30:5392", sizeof(localaddr));
  505. ast_copy_string(remoteaddr, "10.200.10.31:1443", sizeof(remoteaddr));
  506. ast_sockaddr_parse(&addr_local, localaddr, 0);
  507. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  508. ast_security_event_report(AST_SEC_EVT(&chal_sent));
  509. }
  510. static void evt_gen_inval_transport(void)
  511. {
  512. struct ast_sockaddr addr_local = { {0,} };
  513. struct ast_sockaddr addr_remote = { {0,} };
  514. struct timeval session_tv = ast_tvnow();
  515. struct ast_security_event_inval_transport inval_transport = {
  516. .common.event_type = AST_SECURITY_EVENT_INVAL_TRANSPORT,
  517. .common.version = AST_SECURITY_EVENT_INVAL_TRANSPORT_VERSION,
  518. .common.service = "TEST",
  519. .common.module = AST_MODULE,
  520. .common.account_id = "AccountIDGoesHere",
  521. .common.session_id = "SessionIDGoesHere",
  522. .common.session_tv = &session_tv,
  523. .common.local_addr = {
  524. .addr = &addr_local,
  525. .transport = AST_TRANSPORT_TCP,
  526. },
  527. .common.remote_addr = {
  528. .addr = &addr_remote,
  529. .transport = AST_TRANSPORT_TCP,
  530. },
  531. .transport = "UDP",
  532. };
  533. char localaddr[53];
  534. char remoteaddr[53];
  535. ast_copy_string(localaddr, "10.200.103.45:8223", sizeof(localaddr));
  536. ast_copy_string(remoteaddr, "10.200.103.44:1039", sizeof(remoteaddr));
  537. ast_sockaddr_parse(&addr_local, localaddr, 0);
  538. ast_sockaddr_parse(&addr_remote, remoteaddr, 0);
  539. ast_security_event_report(AST_SEC_EVT(&inval_transport));
  540. }
  541. static void gen_events(struct ast_cli_args *a)
  542. {
  543. unsigned int i;
  544. ast_cli(a->fd, "Generating some security events ...\n");
  545. for (i = 0; i < ARRAY_LEN(evt_generators); i++) {
  546. const char *event_type = ast_security_event_get_name(i);
  547. if (!evt_generators[i]) {
  548. ast_cli(a->fd, "*** No event generator for event type '%s' ***\n",
  549. event_type);
  550. continue;
  551. }
  552. ast_cli(a->fd, "Generating a '%s' security event ...\n", event_type);
  553. evt_generators[i]();
  554. }
  555. ast_cli(a->fd, "Security event generation complete.\n");
  556. }
  557. static char *handle_cli_sec_evt_test(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
  558. {
  559. switch (cmd) {
  560. case CLI_INIT:
  561. e->command = "securityevents test generation";
  562. e->usage = ""
  563. "Usage: securityevents test generation"
  564. "";
  565. return NULL;
  566. case CLI_GENERATE:
  567. return NULL;
  568. case CLI_HANDLER:
  569. gen_events(a);
  570. return CLI_SUCCESS;
  571. }
  572. return CLI_FAILURE;
  573. }
  574. static struct ast_cli_entry cli_sec_evt[] = {
  575. AST_CLI_DEFINE(handle_cli_sec_evt_test, "Test security event generation"),
  576. };
  577. static int unload_module(void)
  578. {
  579. return ast_cli_unregister_multiple(cli_sec_evt, ARRAY_LEN(cli_sec_evt));
  580. }
  581. static int load_module(void)
  582. {
  583. int res;
  584. res = ast_cli_register_multiple(cli_sec_evt, ARRAY_LEN(cli_sec_evt));
  585. return res ? AST_MODULE_LOAD_DECLINE : AST_MODULE_LOAD_SUCCESS;
  586. }
  587. AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Test Security Event Generation");