res/res_security_log.c

   1 /*
   2  * Asterisk -- An open source telephony toolkit.
   3  *
   4  * Copyright (C) 2009, Digium, Inc.
   5  *
   6  * Russell Bryant <russell@digium.com>
   7  *
   8  * See http://www.asterisk.org for more information about
   9  * the Asterisk project. Please do not directly contact
  10  * any of the maintainers of this project for assistance;
  11  * the project provides a web site, mailing lists and IRC
  12  * channels for your use.
  13  *
  14  * This program is free software, distributed under the terms of
  15  * the GNU General Public License Version 2. See the LICENSE file
  16  * at the top of the source tree.
  17  */
  18
  19 /*!
  20  * \file
  21  *
  22  * \author Russell Bryant <russell@digium.com>
  23  *
  24  * \brief Security Event Logging
  25  *
  26  * \todo Make informational security events optional
  27  * \todo Escape quotes in string payload IE contents
  28  */
  29
  30 /*** MODULEINFO
  31         <support_level>core</support_level>
  32  ***/
  33
  34 #include "asterisk.h"
  35
  36 ASTERISK_REGISTER_FILE();
  37
  38 #include "asterisk/module.h"
  39 #include "asterisk/logger.h"
  40 #include "asterisk/threadstorage.h"
  41 #include "asterisk/strings.h"
  42 #include "asterisk/security_events.h"
  43 #include "asterisk/stasis.h"
  44 #include "asterisk/json.h"
  45
  46 static const char LOG_SECURITY_NAME[] = "SECURITY";
  47
  48 static int LOG_SECURITY;
  49
  50 static struct stasis_subscription *security_stasis_sub;
  51
  52 AST_THREADSTORAGE(security_event_buf);
  53 static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256;
  54
  55 enum ie_required {
  56         NOT_REQUIRED,
  57         REQUIRED
  58 };
  59
  60 static void append_json_single(struct ast_str **str, struct ast_json *json,
  61                 const enum ast_event_ie_type ie_type, enum ie_required required)
  62 {
  63         const char *ie_type_key = ast_event_get_ie_type_name(ie_type);
  64
  65         struct ast_json *json_string;
  66
  67         json_string = ast_json_object_get(json, ie_type_key);
  68
  69         if (!required && !json_string) {
  70                 /* Optional IE isn't present. Ignore. */
  71                 return;
  72         }
  73
  74         /* At this point, it _better_ be there! */
  75         ast_assert(json_string != NULL);
  76
  77         ast_str_append(str, 0, ",%s=\"%s\"",
  78                         ie_type_key,
  79                         ast_json_string_get(json_string));
  80 }
  81
  82 static void append_json(struct ast_str **str, struct ast_json *json,
  83                 const struct ast_security_event_ie_type *ies, enum ie_required required)
  84 {
  85         unsigned int i;
  86
  87         for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
  88                 append_json_single(str, json, ies[i].ie_type, required);
  89         }
  90 }
  91
  92 static void security_event_stasis_cb(struct ast_json *json)
  93 {
  94         struct ast_str *str;
  95         struct ast_json *event_type_json;
  96         enum ast_security_event_type event_type;
  97
  98         event_type_json = ast_json_object_get(json, "SecurityEvent");
  99         event_type = ast_json_integer_get(event_type_json);
 100
 101         ast_assert((unsigned int)event_type < AST_SECURITY_EVENT_NUM_TYPES);
 102
 103         if (!(str = ast_str_thread_get(&security_event_buf,
 104                         SECURITY_EVENT_BUF_INIT_LEN))) {
 105                 return;
 106         }
 107
 108         ast_str_set(&str, 0, "SecurityEvent=\"%s\"",
 109                         ast_security_event_get_name(event_type));
 110
 111         append_json(&str, json,
 112                         ast_security_event_get_required_ies(event_type), REQUIRED);
 113         append_json(&str, json,
 114                         ast_security_event_get_optional_ies(event_type), NOT_REQUIRED);
 115
 116         ast_log_dynamic_level(LOG_SECURITY, "%s\n", ast_str_buffer(str));
 117 }
 118
 119 static void security_stasis_cb(void *data, struct stasis_subscription *sub,
 120         struct stasis_message *message)
 121 {
 122         struct ast_json_payload *payload = stasis_message_data(message);
 123
 124         if (stasis_message_type(message) != ast_security_event_type()) {
 125                 return;
 126         }
 127
 128         if (!payload) {
 129                 return;
 130         }
 131
 132         security_event_stasis_cb(payload->json);
 133 }
 134
 135 static int load_module(void)
 136 {
 137         if ((LOG_SECURITY = ast_logger_register_level(LOG_SECURITY_NAME)) == -1) {
 138                 return AST_MODULE_LOAD_DECLINE;
 139         }
 140
 141         if (!(security_stasis_sub = stasis_subscribe(ast_security_topic(), security_stasis_cb, NULL))) {
 142                 ast_logger_unregister_level(LOG_SECURITY_NAME);
 143                 LOG_SECURITY = -1;
 144                 return AST_MODULE_LOAD_DECLINE;
 145         }
 146
 147         ast_verb(3, "Security Logging Enabled\n");
 148
 149         return AST_MODULE_LOAD_SUCCESS;
 150 }
 151
 152 static int unload_module(void)
 153 {
 154         if (security_stasis_sub) {
 155                 security_stasis_sub = stasis_unsubscribe_and_join(security_stasis_sub);
 156         }
 157
 158         ast_logger_unregister_level(LOG_SECURITY_NAME);
 159
 160         ast_verb(3, "Security Logging Disabled\n");
 161
 162         return 0;
 163 }
 164
 165 AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "Security Event Logging");