[sr-dev] git:master:4826ba74: permissions: new parameter load_backends

29 Jun 2017

Module: kamailio
Branch: master
Commit: 4826ba749a3d8589d57bc5fcb38eeb6f9e840e02
URL: https://github.com/kamailio/kamailio/commit/4826ba749a3d8589d57bc5fcb38eeb6f...
Author: Daniel-Constantin Mierla miconda@gmail.com
Committer: Daniel-Constantin Mierla miconda@gmail.com
Date: 2017-06-29T09:21:22+02:00
permissions: new parameter load_backends
- control what backends should be loaded
  - 1 - address table
  - 2 - trusted table
  - 4 - allow file
  - 8 - deny file
- it can be a combination (sum) of the options to load many backends
- default value 0xffff (load all backends)
---
Modified: src/modules/permissions/permissions.c
Modified: src/modules/permissions/permissions.h
---
Diff:  https://github.com/kamailio/kamailio/commit/4826ba749a3d8589d57bc5fcb38eeb6f...
Patch: https://github.com/kamailio/kamailio/commit/4826ba749a3d8589d57bc5fcb38eeb6f...
---

diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c
index 3d50c6b0b7..f6715556a3 100644
--- a/src/modules/permissions/permissions.c
+++ b/src/modules/permissions/permissions.c
@@ -89,6 +89,8 @@ static int check_all_branches = 1;
int _perm_max_subnets = 512;
+int _perm_load_backends = 0xFFFF;
+
 /*
  * Convert the name of the files into table index
  */
@@ -178,6 +180,7 @@ static param_export_t params[] = {
    {"mask_col",           PARAM_STR, &mask_col        },
    {"port_col",           PARAM_STR, &port_col        },
    {"max_subnets",        PARAM_INT, &_perm_max_subnets },
+	{"load_backends",      PARAM_INT, &_perm_load_backends },
    {0, 0, 0}
 };
@@ -576,33 +579,42 @@ static int double_fixup(void** param, int param_no)
  */
 static int mod_init(void)
 {
-	if(permissions_init_rpc()!=0)
-	{
-		LM_ERR("failed to register RPC commands\n");
+	if(_perm_load_backends==0) {
+		LM_ERR("failure - no backend to be loaded\n");
    	return -1;
    }
-	allow[0].filename = get_pathname(default_allow_file);
-	allow[0].rules = parse_config_file(allow[0].filename);
-	if (allow[0].rules) {
-		LM_DBG("default allow file (%s) parsed\n", allow[0].filename);
-	} else {
-		LM_INFO("default allow file (%s) not found => empty rule set\n",
-				allow[0].filename);
+	if(permissions_init_rpc()!=0) {
+		LM_ERR("failed to register RPC commands\n");
+		return -1;
    }
-	deny[0].filename = get_pathname(default_deny_file);
-	deny[0].rules = parse_config_file(deny[0].filename);
-	if (deny[0].rules) {
-		LM_DBG("default deny file (%s) parsed\n", deny[0].filename);
+	if(_perm_load_backends&PERM_LOAD_ALLOWFILE) {
+		allow[0].filename = get_pathname(default_allow_file);
+		allow[0].rules = parse_config_file(allow[0].filename);
+		if (allow[0].rules) {
+			LM_DBG("default allow file (%s) parsed\n", allow[0].filename);
+		} else {
+			LM_INFO("default allow file (%s) not found => empty rule set\n",
+					allow[0].filename);
+		}
    } else {
-		LM_INFO("default deny file (%s) not found => empty rule set\n",
-				deny[0].filename);
+		allow[0].filename = NULL;
+		allow[0].rules = NULL;
    }
-	if (init_trusted() != 0) {
-		LM_ERR("failed to initialize the allow_trusted function\n");
-		return -1;
+	if(_perm_load_backends&PERM_LOAD_DENYFILE) {
+		deny[0].filename = get_pathname(default_deny_file);
+		deny[0].rules = parse_config_file(deny[0].filename);
+		if (deny[0].rules) {
+			LM_DBG("default deny file (%s) parsed\n", deny[0].filename);
+		} else {
+			LM_INFO("default deny file (%s) not found => empty rule set\n",
+					deny[0].filename);
+		}
+	} else {
+		deny[0].filename = NULL;
+		deny[0].rules = NULL;
    }
if (init_tag_avp(&tag_avp_param) < 0) {
@@ -610,9 +622,18 @@ static int mod_init(void)
    	return -1;
    }
-	if (init_addresses() != 0) {
-		LM_ERR("failed to initialize the allow_address function\n");
-		return -1;
+	if(_perm_load_backends&PERM_LOAD_TRUSTEDDB) {
+		if (init_trusted() != 0) {
+			LM_ERR("failed to initialize the allow_trusted function\n");
+			return -1;
+		}
+	}
+
+	if(_perm_load_backends&PERM_LOAD_ADDRESSDB) {
+		if (init_addresses() != 0) {
+			LM_ERR("failed to initialize the allow_address function\n");
+			return -1;
+		}
    }
if ((db_mode != DISABLE_CACHE) && (db_mode != ENABLE_CACHE)) {
diff --git a/src/modules/permissions/permissions.h b/src/modules/permissions/permissions.h
index 1613652ee6..bec8a7c236 100644
--- a/src/modules/permissions/permissions.h
+++ b/src/modules/permissions/permissions.h
@@ -60,6 +60,12 @@ extern str mask_col;      /* Name of mask column */
 extern str port_col;      /* Name of port column */
 extern int peer_tag_mode; /* Matching mode */
+/* backends to be loaded */
+#define PERM_LOAD_ADDRESSDB	(1<<0)
+#define PERM_LOAD_TRUSTEDDB	(1<<1)
+#define PERM_LOAD_ALLOWFILE	(1<<2)
+#define PERM_LOAD_DENYFILE	(1<<3)
+extern int _perm_load_backends; /* */
typedef struct int_or_pvar {
    unsigned int i;

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

[sr-dev] git:master:4826ba74: permissions: new parameter load_backends