<support_level>core</support_level>
***/
+/*** DOCUMENTATION
+ <managerEvent language="en_US" name="FailedACL">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request violates an ACL check.</synopsis>
+ <syntax>
+ <parameter name="EventTV">
+ <para>The time the event was detected.</para>
+ </parameter>
+ <parameter name="Severity">
+ <para>A relative severity of the security event.</para>
+ <enumlist>
+ <enum name="Informational"/>
+ <enum name="Error"/>
+ </enumlist>
+ </parameter>
+ <parameter name="Service">
+ <para>The Asterisk service that raised the security event.</para>
+ </parameter>
+ <parameter name="EventVersion">
+ <para>The version of this event.</para>
+ </parameter>
+ <parameter name="AccountID">
+ <para>The Service account associated with the security event
+ notification.</para>
+ </parameter>
+ <parameter name="SessionID">
+ <para>A unique identifier for the session in the service
+ that raised the event.</para>
+ </parameter>
+ <parameter name="LocalAddress">
+ <para>The address of the Asterisk service that raised the
+ security event.</para>
+ </parameter>
+ <parameter name="RemoteAddress">
+ <para>The remote address of the entity that caused the
+ security event to be raised.</para>
+ </parameter>
+ <parameter name="Module" required="False">
+ <para>If available, the name of the module that raised the event.</para>
+ </parameter>
+ <parameter name="ACLName" required="False">
+ <para>If available, the name of the ACL that failed.</para>
+ </parameter>
+ <parameter name="SessionTV" required="False">
+ <para>The timestamp reported by the session.</para>
+ </parameter>
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="InvalidAccountID">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request fails an authentication check due to an invalid account ID.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="SessionLimit">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request fails due to exceeding the number of allowed concurrent sessions for that service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="MemoryLimit">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request fails due to an internal memory allocation failure.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="LoadAverageLimit">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request fails because a configured load average limit has been reached.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="RequestNotSupported">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request fails due to some aspect of the requested item not being supported by the service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <parameter name="RequestType">
+ <para>The type of request attempted.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="RequestNotAllowed">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request is not allowed by the service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='RequestNotSupported']/managerEventInstance/syntax/parameter[@name='RequestType'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ <parameter name="RequestParams" required="False">
+ <para>Parameters provided to the rejected request.</para>
+ </parameter>
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="AuthMethodNotAllowed">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request used an authentication method not allowed by the service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <parameter name="AuthMethod">
+ <para>The authentication method attempted.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="RequestBadFormat">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request is received with bad formatting.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='RequestNotSupported']/managerEventInstance/syntax/parameter[@name='RequestType'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ <parameter name="AccountID" required="False">
+ <para>The account ID associated with the rejected request.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='RequestNotAllowed']/managerEventInstance/syntax/parameter[@name='RequestParams'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="SuccessfulAuth">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request successfully authenticates with a service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <parameter name="UsingPassword">
+ <para>Whether or not the authentication attempt included a password.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="UnexpectedAddress">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request has a different source address then what is expected for a session already in progress with a service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <parameter name="ExpectedAddress">
+ <para>The address that the request was expected to use.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="ChallengeResponseFailed">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request's attempt to authenticate has been challenged, and the request failed the authentication challenge.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <parameter name="Challenge">
+ <para>The challenge that was sent.</para>
+ </parameter>
+ <parameter name="Response">
+ <para>The response that was received.</para>
+ </parameter>
+ <parameter name="ExpectedResponse">
+ <para>The expected response to the challenge.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="InvalidPassword">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request provides an invalid password during an authentication attempt.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ <parameter name="Challenge" required="False">
+ <para>The challenge that was sent.</para>
+ </parameter>
+ <parameter name="ReceivedChallenge" required="False">
+ <para>The challenge that was received.</para>
+ </parameter>
+ <parameter name="RecievedHash" required="False">
+ <para>The hash that was received.</para>
+ </parameter>
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="ChallengeSent">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when an Asterisk service sends an authentication challenge to a request.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='ChallengeResponseFailed']/managerEventInstance/syntax/parameter[@name='Challenge'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ <managerEvent language="en_US" name="InvalidTransport">
+ <managerEventInstance class="EVENT_FLAG_SECURITY">
+ <synopsis>Raised when a request attempts to use a transport not allowed by the Asterisk service.</synopsis>
+ <syntax>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventTV'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Severity'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Service'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='EventVersion'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='AccountID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionID'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='LocalAddress'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='RemoteAddress'])" />
+ <parameter name="AttemptedTransport">
+ <para>The transport type that the request attempted to use.</para>
+ </parameter>
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='Module'])" />
+ <xi:include xpointer="xpointer(/docs/managerEvent[@name='FailedACL']/managerEventInstance/syntax/parameter[@name='SessionTV'])" />
+ </syntax>
+ </managerEventInstance>
+ </managerEvent>
+ ***/
+
#include "asterisk.h"
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
#include "asterisk/utils.h"
#include "asterisk/strings.h"
#include "asterisk/network.h"
+#include "asterisk/event.h"
#include "asterisk/security_events.h"
#include "asterisk/netsock2.h"
#include "asterisk/stasis.h"
#include "asterisk/astobj2.h"
static const size_t TIMESTAMP_STR_LEN = 32;
+static const size_t SECURITY_EVENT_BUF_INIT_LEN = 256;
/*! \brief Security Topic */
static struct stasis_topic *security_topic;
return security_topic;
}
+static int append_event_str_single(struct ast_str **str, struct ast_json *json,
+ const enum ast_event_ie_type ie_type)
+{
+ const char *ie_type_key = ast_event_get_ie_type_name(ie_type);
+ struct ast_json *json_string = ast_json_object_get(json, ie_type_key);
+
+ ast_assert(json_string != NULL);
+
+ if (ast_str_append(str, 0, "%s: %s\r\n", ie_type_key, S_OR(ast_json_string_get(json_string), "")) == -1) {
+ return -1;
+ }
+
+ return 0;
+}
+
+static int append_event_str_from_json(struct ast_str **str, struct ast_json *json,
+ const struct ast_security_event_ie_type *ies)
+{
+ unsigned int i;
+
+ if (!ies) {
+ return 0;
+ }
+
+ for (i = 0; ies[i].ie_type != AST_EVENT_IE_END; i++) {
+ if (append_event_str_single(str, json, ies[i].ie_type)) {
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+static struct ast_manager_event_blob *security_event_to_ami_blob(struct ast_json *json)
+{
+ RAII_VAR(struct ast_str *, str, NULL, ast_free);
+ struct ast_json *event_type_json;
+ enum ast_security_event_type event_type;
+
+ event_type_json = ast_json_object_get(json, "SecurityEvent");
+ event_type = ast_json_integer_get(event_type_json);
+
+ ast_assert(event_type >= 0 && event_type < AST_SECURITY_EVENT_NUM_TYPES);
+
+ if (!(str = ast_str_create(SECURITY_EVENT_BUF_INIT_LEN))) {
+ return NULL;
+ }
+
+ if (append_event_str_from_json(&str, json,
+ ast_security_event_get_required_ies(event_type))) {
+ ast_log(AST_LOG_ERROR, "Failed to issue a security event to AMI: "
+ "error occurred when adding required event fields.\n");
+ return NULL;
+ }
+
+ if (append_event_str_from_json(&str, json,
+ ast_security_event_get_optional_ies(event_type))) {
+ ast_log(AST_LOG_ERROR, "Failed to issue a security event to AMI: "
+ "error occurred when adding optional event fields.\n");
+ return NULL;
+ }
+
+ return ast_manager_event_blob_create(EVENT_FLAG_SECURITY,
+ ast_security_event_get_name(event_type),
+ "%s",
+ ast_str_buffer(str));
+}
+
+static struct ast_manager_event_blob *security_event_to_ami(struct stasis_message *message)
+{
+ struct ast_json_payload *payload = stasis_message_data(message);
+
+ if (stasis_message_type(message) != ast_security_event_type()) {
+ return NULL;
+ }
+
+ if (!payload) {
+ return NULL;
+ }
+
+ return security_event_to_ami_blob(payload->json);
+}
+
/*! \brief Message type for security events */
-STASIS_MESSAGE_TYPE_DEFN(ast_security_event_type);
+STASIS_MESSAGE_TYPE_DEFN(ast_security_event_type,
+ .to_ami = security_event_to_ami,
+ );
static void security_stasis_cleanup(void)
{
{ AST_EVENT_IE_SESSION_ID, SEC_EVT_FIELD(common, session_id) },
{ AST_EVENT_IE_LOCAL_ADDR, SEC_EVT_FIELD(common, local_addr) },
{ AST_EVENT_IE_REMOTE_ADDR, SEC_EVT_FIELD(common, remote_addr) },
- { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(inval_password, challenge) },
- { AST_EVENT_IE_RECEIVED_CHALLENGE, SEC_EVT_FIELD(inval_password, received_challenge) },
- { AST_EVENT_IE_RECEIVED_HASH, SEC_EVT_FIELD(inval_password, received_hash) },
{ AST_EVENT_IE_END, 0 }
},
.optional_ies = {
{ AST_EVENT_IE_MODULE, SEC_EVT_FIELD(common, module) },
{ AST_EVENT_IE_SESSION_TV, SEC_EVT_FIELD(common, session_tv) },
+ { AST_EVENT_IE_CHALLENGE, SEC_EVT_FIELD(inval_password, challenge) },
+ { AST_EVENT_IE_RECEIVED_CHALLENGE, SEC_EVT_FIELD(inval_password, received_challenge) },
+ { AST_EVENT_IE_RECEIVED_HASH, SEC_EVT_FIELD(inval_password, received_hash) },
{ AST_EVENT_IE_END, 0 }
},
},
str = *((const char **)(((const char *) sec) + ie_type->offset));
if (req && !str) {
- ast_log(LOG_WARNING, "Required IE '%d' for security event "
- "type '%d' not present\n", ie_type->ie_type,
- sec->event_type);
+ ast_log(LOG_WARNING, "Required IE '%d' (%s) for security event "
+ "type '%d' (%s) not present\n", ie_type->ie_type,
+ ast_event_get_ie_type_name(ie_type->ie_type),
+ sec->event_type, ast_security_event_get_name(sec->event_type));
res = -1;
break;
}
addr = (const struct ast_security_event_ip_addr *)(((const char *) sec) + ie_type->offset);
if (req && !addr->addr) {
- ast_log(LOG_WARNING, "Required IE '%d' for security event "
- "type '%d' not present\n", ie_type->ie_type,
- sec->event_type);
+ ast_log(LOG_WARNING, "Required IE '%d' (%s) for security event "
+ "type '%d' (%s) not present\n", ie_type->ie_type,
+ ast_event_get_ie_type_name(ie_type->ie_type),
+ sec->event_type, ast_security_event_get_name(sec->event_type));
res = -1;
}
tval = *((const struct timeval **)(((const char *) sec) + ie_type->offset));
if (req && !tval) {
- ast_log(LOG_WARNING, "Required IE '%d' for security event "
- "type '%d' not present\n", ie_type->ie_type,
- sec->event_type);
+ ast_log(LOG_WARNING, "Required IE '%d' (%s) for security event "
+ "type '%d' (%s) not present\n", ie_type->ie_type,
+ ast_event_get_ie_type_name(ie_type->ie_type),
+ sec->event_type, ast_security_event_get_name(sec->event_type));
res = -1;
}
/* Added automatically, nothing to do here. */
break;
default:
- ast_log(LOG_WARNING, "Unhandled IE type '%d', this security event "
- "will be missing data.\n", ie_type->ie_type);
+ ast_log(LOG_WARNING, "Unhandled IE type '%d' (%s), this security event "
+ "will be missing data.\n", ie_type->ie_type,
+ ast_event_get_ie_type_name(ie_type->ie_type));
break;
}
* This is true even if ast_json_object_set fails.
*/
- /* AST_EVENT_IE_SECURITY_EVENT */
json_temp = ast_json_integer_create(sec->event_type);
- if (!json_temp || ast_json_object_set(json_object, ast_event_get_ie_type_name(AST_EVENT_IE_SECURITY_EVENT), json_temp)) {
+ if (!json_temp || ast_json_object_set(json_object, "SecurityEvent", json_temp)) {
return NULL;
}
- /* AST_EVENT_IE_EVENT_VERSION */
json_temp = ast_json_stringf("%d", sec->version);
if (!json_temp || ast_json_object_set(json_object, ast_event_get_ie_type_name(AST_EVENT_IE_EVENT_VERSION), json_temp)) {
return NULL;
projects / asterisk/asterisk.git / blobdiff