Module: kamailio Branch: master Commit: c87f5202d778cf110ce0fbbc554310c148e997cb URL: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c1...
Author: Victor Seva linuxmaniac@torreviejawireless.org Committer: Victor Seva linuxmaniac@torreviejawireless.org Date: 2020-11-05T11:40:58+01:00
permissions: basic safety for concurrent RPC reload
* same logic as 99d5da8d595961063249f871a5d150474fa6f317
---
Modified: src/modules/permissions/permissions.c Modified: src/modules/permissions/permissions.h Modified: src/modules/permissions/rpc.c
---
Diff: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c1... Patch: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c1...
---
diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c index be22963d81..7e447d14d2 100644 --- a/src/modules/permissions/permissions.c +++ b/src/modules/permissions/permissions.c @@ -88,7 +88,7 @@ str perm_address_file = STR_NULL; /* Full path to file with address records */ static int perm_check_all_branches = 1;
- +time_t *perm_rpc_reload_time = NULL; int _perm_max_subnets = 512;
int _perm_load_backends = 0xFFFF; @@ -587,6 +587,13 @@ static int mod_init(void) return -1; }
+ perm_rpc_reload_time = shm_malloc(sizeof(time_t)); + if(perm_rpc_reload_time == NULL) { + SHM_MEM_ERROR; + return -1; + } + *perm_rpc_reload_time = 0; + if(permissions_init_rpc()!=0) { LM_ERR("failed to register RPC commands\n"); return -1; @@ -674,6 +681,11 @@ static void mod_exit(void) { int i;
+ if(perm_rpc_reload_time!=NULL) { + shm_free(perm_rpc_reload_time); + perm_rpc_reload_time = 0; + } + for(i = 0; i < perm_rules_num; i++) { if(perm_allow[i].rules) free_rule(perm_allow[i].rules); if(perm_allow[i].filename) pkg_free(perm_allow[i].filename); diff --git a/src/modules/permissions/permissions.h b/src/modules/permissions/permissions.h index 785d6c94de..c094185626 100644 --- a/src/modules/permissions/permissions.h +++ b/src/modules/permissions/permissions.h @@ -66,6 +66,7 @@ extern int perm_peer_tag_mode; /* Matching mode */ #define PERM_LOAD_ALLOWFILE (1<<2) #define PERM_LOAD_DENYFILE (1<<3) extern int _perm_load_backends; /* */ +extern time_t *perm_rpc_reload_time;
typedef struct int_or_pvar { unsigned int i; diff --git a/src/modules/permissions/rpc.c b/src/modules/permissions/rpc.c index 844cdec674..b6a6f9a420 100644 --- a/src/modules/permissions/rpc.c +++ b/src/modules/permissions/rpc.c @@ -30,10 +30,30 @@ #include "permissions.h"
+int rpc_check_reload(rpc_t* rpc, void* ctx) { + if(perm_rpc_reload_time==NULL) { + LM_ERR("not ready for reload\n"); + rpc->fault(ctx, 500, "Not ready for reload"); + return -1; + } + if(*perm_rpc_reload_time!=0 && *perm_rpc_reload_time > time(NULL) - 5) { + LM_ERR("ongoing reload\n"); + rpc->fault(ctx, 500, "ongoing reload"); + return -1; + } + *perm_rpc_reload_time = time(NULL); + return 0; +} + /*! \brief * RPC function to reload trusted table */ void rpc_trusted_reload(rpc_t* rpc, void* c) { + + if(rpc_check_reload(rpc, c) < 0) { + return; + } + if (reload_trusted_table_cmd () != 1) { rpc->fault(c, 500, "Reload failed."); return; @@ -67,6 +87,11 @@ void rpc_trusted_dump(rpc_t* rpc, void* c) { * RPC function to reload address table */ void rpc_address_reload(rpc_t* rpc, void* c) { + + if(rpc_check_reload(rpc, c) < 0) { + return; + } + if (reload_address_table_cmd () != 1) { rpc->fault(c, 500, "Reload failed."); return;