git:master: modules_k/permissions: added allow_trusted() transport protocol value "any" - sr-dev

21 Apr 2012

Module: sip-router
Branch: master
Commit: 54d36ac52b0d5ea64abdb6fdb7f88a2ae2be5fd5
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=54d36ac5...
Author: Juha Heinanen jh@tutpro.com
Committer: Juha Heinanen jh@tutpro.com
Date:   Sat Apr 21 20:17:40 2012 +0300
modules_k/permissions: added allow_trusted() transport protocol value "any"
- Transport protocol argument of allow_trusted() function call
  can now have value "any" meaning that any transport protocol is
  acceptable.
---
modules_k/permissions/README                    |    2 +-
 modules_k/permissions/doc/permissions_admin.xml |    2 +-
 modules_k/permissions/hash.c                    |   57 +++++++++---------
 modules_k/permissions/trusted.c                 |   75 +++++++++++++----------
 4 files changed, 73 insertions(+), 63 deletions(-)

diff --git a/modules_k/permissions/README b/modules_k/permissions/README
index 5613198..51fb4df 100644
--- a/modules_k/permissions/README
+++ b/modules_k/permissions/README
@@ -829,7 +829,7 @@ if ($var(group) != -1) {
Source address and transport protocol given in pvar arguments must be
    in string format. Valid transport protocol values are (ignoring case)
-   "udp, "tcp", "tls", and "sctp".
+   "any", "udp, "tcp", "tls", and "sctp".
This function can be used from REQUEST_ROUTE, FAILURE_ROUTE.
diff --git a/modules_k/permissions/doc/permissions_admin.xml b/modules_k/permissions/doc/permissions_admin.xml
index b18040c..993ef64 100644
--- a/modules_k/permissions/doc/permissions_admin.xml
+++ b/modules_k/permissions/doc/permissions_admin.xml
@@ -1043,7 +1043,7 @@ if ($var(group) != -1) {
    	<para>
    	Source address and transport protocol given in pvar
    	arguments must be in string format.  Valid transport
-		protocol values are (ignoring case) "udp, "tcp", "tls",
+		protocol values are (ignoring case) "any", "udp, "tcp", "tls",
    	and "sctp".
    	</para>
    	<para>
diff --git a/modules_k/permissions/hash.c b/modules_k/permissions/hash.c
index 4536e8a..467259b 100644
--- a/modules_k/permissions/hash.c
+++ b/modules_k/permissions/hash.c
@@ -1,7 +1,7 @@
 /*
  * Hash functions for cached trusted and address tables
  *
- * Copyright (C) 2003-2006 Juha Heinanen
+ * Copyright (C) 2003-2012 Juha Heinanen
  *
  * This file is part of Kamailio, a free SIP server.
  *
@@ -228,37 +228,38 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg,
    uri_string[uri.len] = (char)0;
for (np = table[perm_hash(src_ip)]; np != NULL; np = np->next) {
-		if ((np->src_ip.len == src_ip.len) && 
-				(strncmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
-				((np->proto == PROTO_NONE) || (np->proto == proto))) {
-			if (np->pattern) {
-				if (regcomp(&preg, np->pattern, REG_NOSUB)) {
-					LM_ERR("invalid regular expression\n");
-					continue;
-				}
-				if (regexec(&preg, uri_string, 0, (regmatch_t *)0, 0)) {
-					regfree(&preg);
-					continue;
-				}
-				regfree(&preg);
-			}
-			/* Found a match */
-			if (tag_avp.n && np->tag.s) {
-				val.s = np->tag;
-				if (add_avp(tag_avp_type|AVP_VAL_STR, tag_avp, val) != 0) {
-					LM_ERR("setting of tag_avp failed\n");
-					return -1;
-				}
-			}
-			if (!peer_tag_mode)
-				return 1;
-			count++;
+	    if ((np->src_ip.len == src_ip.len) && 
+		(strncmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
+		((np->proto == PROTO_NONE) || (proto == PROTO_NONE) ||
+		 (np->proto == proto))) {
+		if (np->pattern) {
+		    if (regcomp(&preg, np->pattern, REG_NOSUB)) {
+			LM_ERR("invalid regular expression\n");
+			continue;
+		    }
+		    if (regexec(&preg, uri_string, 0, (regmatch_t *)0, 0)) {
+			regfree(&preg);
+			continue;
+		    }
+		    regfree(&preg);
    	}
+		/* Found a match */
+		if (tag_avp.n && np->tag.s) {
+		    val.s = np->tag;
+		    if (add_avp(tag_avp_type|AVP_VAL_STR, tag_avp, val) != 0) {
+			LM_ERR("setting of tag_avp failed\n");
+			return -1;
+		    }
+		}
+		if (!peer_tag_mode)
+		    return 1;
+		count++;
+	    }
    }
    if (!count)
-		return -1;
+	    return -1;
    else 
-		return count;
+	    return count;
 }
diff --git a/modules_k/permissions/trusted.c b/modules_k/permissions/trusted.c
index 67d0a04..4e7953c 100644
--- a/modules_k/permissions/trusted.c
+++ b/modules_k/permissions/trusted.c
@@ -3,7 +3,7 @@
  *
  * allow_trusted related functions
  *
- * Copyright (C) 2003 Juha Heinanen
+ * Copyright (C) 2003-2012 Juha Heinanen
  *
  * This file is part of Kamailio, a free SIP server.
  *
@@ -288,7 +288,9 @@ void clean_trusted(void)
  */
 static inline int match_proto(const char *proto_string, int proto_int)
 {
-	if (strcasecmp(proto_string, "any") == 0) return 1;
+        if ((proto_int == PROTO_NONE) ||
+	                (strcasecmp(proto_string, "any") == 0))
+	        return 1;
    
    if (proto_int == PROTO_UDP) {
    	if (strcasecmp(proto_string, "udp") == 0) {
@@ -471,43 +473,50 @@ int allow_trusted_2(struct sip_msg* _msg, char* _src_ip_sp, char* _proto_sp)
     int proto_int;
if (_src_ip_sp==NULL
-			|| (fixup_get_svalue(_msg, (gparam_p)_src_ip_sp, &src_ip) != 0)) {
-		LM_ERR("src_ip param does not exist or has no value\n");
-		return -1;
+	|| (fixup_get_svalue(_msg, (gparam_p)_src_ip_sp, &src_ip) != 0)) {
+	LM_ERR("src_ip param does not exist or has no value\n");
+	return -1;
     }
if (_proto_sp==NULL
-			|| (fixup_get_svalue(_msg, (gparam_p)_proto_sp, &proto) != 0)) {
-		LM_ERR("proto param does not exist or has no value\n");
-		return -1;
+	|| (fixup_get_svalue(_msg, (gparam_p)_proto_sp, &proto) != 0)) {
+	LM_ERR("proto param does not exist or has no value\n");
+	return -1;
     }
-	if(proto.len!=3 && proto.len!=4)
-		goto error;
-
-	switch(proto.s[0]) {
-		case 'u': case 'U':
-			if (proto.len==3 && strncasecmp(proto.s, "udp", 3) == 0) {
-				proto_int = PROTO_UDP;
-			} else goto error;
-		break;
-		case 't': case 'T':
-			if (proto.len==3 && strncasecmp(proto.s, "tcp", 3) == 0) {
-				proto_int = PROTO_TCP;
-			} else if (proto.len==3 && strncasecmp(proto.s, "tls", 3) == 0) {
-				proto_int = PROTO_TLS;
-			} else goto error;
-		break;
-		case 's': case 'S':
-			if (proto.len==4 && strncasecmp(proto.s, "sctp", 4) == 0) {
-				proto_int = PROTO_SCTP;
-			} else goto error;
-		break;
-		default:
-			goto error;
+
+    if(proto.len!=3 && proto.len!=4)
+	goto error;
+
+    switch(proto.s[0]) {
+    case 'a': case 'A':
+	if (proto.len==3 && strncasecmp(proto.s, "any", 3) == 0) {
+	    proto_int = PROTO_NONE;
+	} else goto error;
+	break;
+    case 'u': case 'U':
+	if (proto.len==3 && strncasecmp(proto.s, "udp", 3) == 0) {
+	    proto_int = PROTO_UDP;
+	} else goto error;
+	break;
+    case 't': case 'T':
+	if (proto.len==3 && strncasecmp(proto.s, "tcp", 3) == 0) {
+	    proto_int = PROTO_TCP;
+	} else if (proto.len==3 && strncasecmp(proto.s, "tls", 3) == 0) {
+	    proto_int = PROTO_TLS;
+	} else goto error;
+	break;
+    case 's': case 'S':
+	if (proto.len==4 && strncasecmp(proto.s, "sctp", 4) == 0) {
+	    proto_int = PROTO_SCTP;
+	} else goto error;
+	break;
+    default:
+	goto error;
     }
return allow_trusted(_msg, src_ip.s, proto_int);
 error:
-	LM_ERR("unknown protocol %.*s\n", proto.len, proto.s);
-	return -1;
+    LM_ERR("unknown protocol %.*s\n", proto.len, proto.s);
+    return -1;
 }
+

    