Module: sip-router
Branch: master
Commit: 54d36ac52b0d5ea64abdb6fdb7f88a2ae2be5fd5
URL:
http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=54d36ac…
Author: Juha Heinanen <jh(a)tutpro.com>
Committer: Juha Heinanen <jh(a)tutpro.com>
Date: Sat Apr 21 20:17:40 2012 +0300
modules_k/permissions: added allow_trusted() transport protocol value "any"
- Transport protocol argument of allow_trusted() function call
can now have value "any" meaning that any transport protocol is
acceptable.
---
modules_k/permissions/README | 2 +-
modules_k/permissions/doc/permissions_admin.xml | 2 +-
modules_k/permissions/hash.c | 57 +++++++++---------
modules_k/permissions/trusted.c | 75 +++++++++++++----------
4 files changed, 73 insertions(+), 63 deletions(-)
diff --git a/modules_k/permissions/README b/modules_k/permissions/README
index 5613198..51fb4df 100644
--- a/modules_k/permissions/README
+++ b/modules_k/permissions/README
@@ -829,7 +829,7 @@ if ($var(group) != -1) {
Source address and transport protocol given in pvar arguments must be
in string format. Valid transport protocol values are (ignoring case)
- "udp, "tcp", "tls", and "sctp".
+ "any", "udp, "tcp", "tls", and "sctp".
This function can be used from REQUEST_ROUTE, FAILURE_ROUTE.
diff --git a/modules_k/permissions/doc/permissions_admin.xml
b/modules_k/permissions/doc/permissions_admin.xml
index b18040c..993ef64 100644
--- a/modules_k/permissions/doc/permissions_admin.xml
+++ b/modules_k/permissions/doc/permissions_admin.xml
@@ -1043,7 +1043,7 @@ if ($var(group) != -1) {
<para>
Source address and transport protocol given in pvar
arguments must be in string format. Valid transport
- protocol values are (ignoring case) "udp, "tcp", "tls",
+ protocol values are (ignoring case) "any", "udp, "tcp",
"tls",
and "sctp".
</para>
<para>
diff --git a/modules_k/permissions/hash.c b/modules_k/permissions/hash.c
index 4536e8a..467259b 100644
--- a/modules_k/permissions/hash.c
+++ b/modules_k/permissions/hash.c
@@ -1,7 +1,7 @@
/*
* Hash functions for cached trusted and address tables
*
- * Copyright (C) 2003-2006 Juha Heinanen
+ * Copyright (C) 2003-2012 Juha Heinanen
*
* This file is part of Kamailio, a free SIP server.
*
@@ -228,37 +228,38 @@ int match_hash_table(struct trusted_list** table, struct sip_msg*
msg,
uri_string[uri.len] = (char)0;
for (np = table[perm_hash(src_ip)]; np != NULL; np = np->next) {
- if ((np->src_ip.len == src_ip.len) &&
- (strncmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
- ((np->proto == PROTO_NONE) || (np->proto == proto))) {
- if (np->pattern) {
- if (regcomp(&preg, np->pattern, REG_NOSUB)) {
- LM_ERR("invalid regular expression\n");
- continue;
- }
- if (regexec(&preg, uri_string, 0, (regmatch_t *)0, 0)) {
- regfree(&preg);
- continue;
- }
- regfree(&preg);
- }
- /* Found a match */
- if (tag_avp.n && np->tag.s) {
- val.s = np->tag;
- if (add_avp(tag_avp_type|AVP_VAL_STR, tag_avp, val) != 0) {
- LM_ERR("setting of tag_avp failed\n");
- return -1;
- }
- }
- if (!peer_tag_mode)
- return 1;
- count++;
+ if ((np->src_ip.len == src_ip.len) &&
+ (strncmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
+ ((np->proto == PROTO_NONE) || (proto == PROTO_NONE) ||
+ (np->proto == proto))) {
+ if (np->pattern) {
+ if (regcomp(&preg, np->pattern, REG_NOSUB)) {
+ LM_ERR("invalid regular expression\n");
+ continue;
+ }
+ if (regexec(&preg, uri_string, 0, (regmatch_t *)0, 0)) {
+ regfree(&preg);
+ continue;
+ }
+ regfree(&preg);
}
+ /* Found a match */
+ if (tag_avp.n && np->tag.s) {
+ val.s = np->tag;
+ if (add_avp(tag_avp_type|AVP_VAL_STR, tag_avp, val) != 0) {
+ LM_ERR("setting of tag_avp failed\n");
+ return -1;
+ }
+ }
+ if (!peer_tag_mode)
+ return 1;
+ count++;
+ }
}
if (!count)
- return -1;
+ return -1;
else
- return count;
+ return count;
}
diff --git a/modules_k/permissions/trusted.c b/modules_k/permissions/trusted.c
index 67d0a04..4e7953c 100644
--- a/modules_k/permissions/trusted.c
+++ b/modules_k/permissions/trusted.c
@@ -3,7 +3,7 @@
*
* allow_trusted related functions
*
- * Copyright (C) 2003 Juha Heinanen
+ * Copyright (C) 2003-2012 Juha Heinanen
*
* This file is part of Kamailio, a free SIP server.
*
@@ -288,7 +288,9 @@ void clean_trusted(void)
*/
static inline int match_proto(const char *proto_string, int proto_int)
{
- if (strcasecmp(proto_string, "any") == 0) return 1;
+ if ((proto_int == PROTO_NONE) ||
+ (strcasecmp(proto_string, "any") == 0))
+ return 1;
if (proto_int == PROTO_UDP) {
if (strcasecmp(proto_string, "udp") == 0) {
@@ -471,43 +473,50 @@ int allow_trusted_2(struct sip_msg* _msg, char* _src_ip_sp, char*
_proto_sp)
int proto_int;
if (_src_ip_sp==NULL
- || (fixup_get_svalue(_msg, (gparam_p)_src_ip_sp, &src_ip) != 0)) {
- LM_ERR("src_ip param does not exist or has no value\n");
- return -1;
+ || (fixup_get_svalue(_msg, (gparam_p)_src_ip_sp, &src_ip) != 0)) {
+ LM_ERR("src_ip param does not exist or has no value\n");
+ return -1;
}
if (_proto_sp==NULL
- || (fixup_get_svalue(_msg, (gparam_p)_proto_sp, &proto) != 0)) {
- LM_ERR("proto param does not exist or has no value\n");
- return -1;
+ || (fixup_get_svalue(_msg, (gparam_p)_proto_sp, &proto) != 0)) {
+ LM_ERR("proto param does not exist or has no value\n");
+ return -1;
}
- if(proto.len!=3 && proto.len!=4)
- goto error;
-
- switch(proto.s[0]) {
- case 'u': case 'U':
- if (proto.len==3 && strncasecmp(proto.s, "udp", 3) == 0) {
- proto_int = PROTO_UDP;
- } else goto error;
- break;
- case 't': case 'T':
- if (proto.len==3 && strncasecmp(proto.s, "tcp", 3) == 0) {
- proto_int = PROTO_TCP;
- } else if (proto.len==3 && strncasecmp(proto.s, "tls", 3) == 0) {
- proto_int = PROTO_TLS;
- } else goto error;
- break;
- case 's': case 'S':
- if (proto.len==4 && strncasecmp(proto.s, "sctp", 4) == 0) {
- proto_int = PROTO_SCTP;
- } else goto error;
- break;
- default:
- goto error;
+
+ if(proto.len!=3 && proto.len!=4)
+ goto error;
+
+ switch(proto.s[0]) {
+ case 'a': case 'A':
+ if (proto.len==3 && strncasecmp(proto.s, "any", 3) == 0) {
+ proto_int = PROTO_NONE;
+ } else goto error;
+ break;
+ case 'u': case 'U':
+ if (proto.len==3 && strncasecmp(proto.s, "udp", 3) == 0) {
+ proto_int = PROTO_UDP;
+ } else goto error;
+ break;
+ case 't': case 'T':
+ if (proto.len==3 && strncasecmp(proto.s, "tcp", 3) == 0) {
+ proto_int = PROTO_TCP;
+ } else if (proto.len==3 && strncasecmp(proto.s, "tls", 3) == 0) {
+ proto_int = PROTO_TLS;
+ } else goto error;
+ break;
+ case 's': case 'S':
+ if (proto.len==4 && strncasecmp(proto.s, "sctp", 4) == 0) {
+ proto_int = PROTO_SCTP;
+ } else goto error;
+ break;
+ default:
+ goto error;
}
return allow_trusted(_msg, src_ip.s, proto_int);
error:
- LM_ERR("unknown protocol %.*s\n", proto.len, proto.s);
- return -1;
+ LM_ERR("unknown protocol %.*s\n", proto.len, proto.s);
+ return -1;
}
+