[OpenSER-Devel] Little patch for permissions module
Mihail Gluhowchenko
kukumander at gmail.com
Wed Dec 19 11:21:18 UTC 2007
Index: hash.c
===================================================================
--- hash.c (revision 3418)
+++ hash.c (working copy)
@@ -15,8 +15,8 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA
*/
@@ -114,11 +114,11 @@
}
-/*
+/*
* Add <src_ip, proto, pattern, tag> into hash table, where proto is
integer
* representation of string argument proto.
*/
-int hash_table_insert(struct trusted_list** table, char* src_ip,
+int hash_table_insert(struct trusted_list** table, char* src_ip,
char* proto, char* pattern, char* tag)
{
struct trusted_list *np;
@@ -141,7 +141,7 @@
} else if (strcmp(proto, "sctp") == 0) {
np->proto = PROTO_SCTP;
} else if (strcmp(proto, "none") == 0) {
- shm_free(np);
+ shm_free(np);
return 1;
} else {
LM_CRIT("unknown protocol\n");
@@ -197,15 +197,16 @@
}
-/*
+/*
* Check if an entry exists in hash table that has given src_ip and
protocol
- * value and pattern that matches to From URI. If, assign
+ * value and pattern that matches to From URI. If, assign
*/
int match_hash_table(struct trusted_list** table, struct sip_msg* msg)
{
str uri;
char uri_string[MAX_URI_SIZE + 1];
regex_t preg;
+ int ret;
struct trusted_list *np;
str src_ip;
int_str val;
@@ -219,47 +220,60 @@
LM_ERR("from URI too large\n");
return -1;
}
+
memcpy(uri_string, uri.s, uri.len);
- uri_string[uri.len] = (char)0;
+ uri_string[uri.len] = '\0';
+
for (np = table[perm_hash(src_ip)]; np != NULL; np = np->next) {
- if ((np->src_ip.len == src_ip.len) &&
- (strncasecmp(np->src_ip.s, src_ip.s, src_ip.len) == 0) &&
- ((np->proto == PROTO_NONE) || (np->proto == msg->rcv.proto)))
{
- if (!(np->pattern)) goto found;
- if (regcomp(&preg, np->pattern, REG_NOSUB)) {
- LM_ERR("invalid regular expression\n");
- return -1;
+ if ((np->src_ip.len == src_ip.len) &&
+ (strncasecmp(np->src_ip.s, src_ip.s, src_ip.len) == 0)
&&
+ ((np->proto == PROTO_NONE) || (np->proto == msg->
rcv.proto))) {
+ if (!(np->pattern))
+ goto found;
+
+ if (regcomp(&preg, np->pattern, REG_NOSUB)) {
+ LM_ERR("invalid regular expression\n");
+ return -1;
+ }
+
+ ret = regexec(&preg, uri_string, 0, (regmatch_t *)0,
0);
+ switch(ret)
+ {
+ case REG_NOMATCH:
+ regfree(&preg);
+ break;
+ case REG_NOERROR:
+ regfree(&preg);
+ goto found;
+ break;
+ default:
+ LM_ERR("regexec return error codes
%d\n", ret);
+ }
}
- if (regexec(&preg, uri_string, 0, (regmatch_t *)0, 0)) {
- regfree(&preg);
- } else {
- regfree(&preg);
- goto found;
- }
- }
}
return -1;
+
found:
if (tag_avp.n && np->tag.s) {
- val.s = np->tag;
- if (add_avp(tag_avp_type|AVP_VAL_STR, tag_avp, val) != 0) {
- LM_ERR("setting of tag_avp failed\n");
- return -1;
- }
+ val.s = np->tag;
+ if (add_avp(tag_avp_type|AVP_VAL_STR, tag_avp, val) != 0) {
+ LM_ERR("setting of tag_avp failed\n");
+ return -1;
+ }
}
return 1;
}
-/*
- * Print trusted entries stored in hash table
+/*
+ * Print trusted entries stored in hash table
*/
int hash_table_mi_print(struct trusted_list** table, struct mi_node* rpl)
{
int i;
struct trusted_list *np;
-
+
for (i = 0; i < PERM_HASH_SIZE; i++) {
np = table[i];
while (np) {
@@ -279,7 +293,7 @@
}
-/*
+/*
* Free contents of hash table, it doesn't destroy the
* hash table itself
*/
@@ -287,7 +301,7 @@
{
int i;
struct trusted_list *np, *next;
-
+
for (i = 0; i < PERM_HASH_SIZE; i++) {
np = table[i];
while (np) {
@@ -336,7 +350,7 @@
}
-/*
+/*
* Add <grp, ip_addr, port> into hash table
*/
int addr_hash_table_insert(struct addr_list** table, unsigned int grp,
@@ -345,7 +359,7 @@
struct addr_list *np;
unsigned int hash_val;
str addr_str;
-
+
np = (struct addr_list *) shm_malloc(sizeof(*np));
if (np == NULL) {
LM_ERR("no shm memory for table entry\n");
@@ -355,7 +369,7 @@
np->grp = grp;
np->ip_addr = ip_addr;
np->port = port;
-
+
addr_str.s = (char *)(&ip_addr);
addr_str.len = 4;
hash_val = perm_hash(addr_str);
@@ -366,7 +380,7 @@
}
-/*
+/*
* Check if an entry exists in hash table that has given group, ip_addr,
and
* port. Port 0 in hash table matches any port.
*/
@@ -390,15 +404,15 @@
}
-/*
- * Print addresses stored in hash table
+/*
+ * Print addresses stored in hash table
*/
int addr_hash_table_mi_print(struct addr_list** table, struct mi_node* rpl)
{
int i;
struct addr_list *np;
struct ip_addr addr;
-
+
for (i = 0; i < PERM_HASH_SIZE; i++) {
np = table[i];
while (np) {
@@ -417,7 +431,7 @@
}
-/*
+/*
* Free contents of hash table, it doesn't destroy the
* hash table itself
*/
@@ -445,7 +459,7 @@
{
struct subnet* ptr;
- /* subnet record [PERM_MAX_SUBNETS] contains in its grp field
+ /* subnet record [PERM_MAX_SUBNETS] contains in its grp field
the number of subnet records in the subnet table */
ptr = (struct subnet *)shm_malloc
(sizeof(struct subnet) * (PERM_MAX_SUBNETS + 1));
@@ -457,8 +471,8 @@
return ptr;
}
-
-/*
+
+/*
* Add <grp, subnet, mask, port> into subnet table so that table is
* kept in increasing ordered according to grp.
*/
@@ -485,7 +499,7 @@
table[i + 1] = table[i];
i--;
}
-
+
table[i + 1].grp = grp;
table[i + 1].subnet = subnet;
table[i + 1].port = port;
@@ -497,7 +511,7 @@
}
-/*
+/*
* Check if an entry exists in subnet table that matches given group,
ip_addr,
* and port. Port 0 in subnet table matches any port.
*/
@@ -511,7 +525,7 @@
i = 0;
while ((i < count) && (table[i].grp < grp))
i++;
-
+
if (i == count) return -1;
while ((i < count) && (table[i].grp == grp)) {
@@ -526,14 +540,14 @@
}
-/*
- * Print subnets stored in subnet table
+/*
+ * Print subnets stored in subnet table
*/
int subnet_table_mi_print(struct subnet* table, struct mi_node* rpl)
{
unsigned int count, i;
struct ip_addr addr;
-
+
count = table[PERM_MAX_SUBNETS].grp;
for (i = 0; i < count; i++) {
@@ -551,7 +565,7 @@
}
-/*
+/*
* Empty contents of subnet table
*/
void empty_subnet_table(struct subnet *table)
Index: trusted.c
===================================================================
--- trusted.c (revision 3418)
+++ trusted.c (working copy)
@@ -17,8 +17,8 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA
*
* History:
@@ -94,7 +94,7 @@
row = RES_ROWS(res);
LM_DBG("number of rows in trusted table: %d\n", RES_ROW_N(res));
-
+
for (i = 0; i < RES_ROW_N(res); i++) {
val = ROW_VALUES(row + i);
if ((ROW_N(row + i) == 4) &&
@@ -137,7 +137,7 @@
*hash_table = new_hash_table;
LM_DBG("trusted table reloaded successfully.\n");
-
+
return 1;
}
@@ -194,10 +194,10 @@
hash_table_1 = new_hash_table();
if (!hash_table_1) return -1;
-
+
hash_table_2 = new_hash_table();
if (!hash_table_2) goto error;
-
+
hash_table = (struct trusted_list ***)shm_malloc
(sizeof(struct trusted_list **));
if (!hash_table) goto error;
@@ -244,7 +244,7 @@
if (!db_url) {
return 0;
}
-
+
/* Check if database is needed by child */
if (db_mode==DISABLE_CACHE && rank>0) {
db_handle = perm_dbf.init(db_url);
@@ -265,7 +265,7 @@
LM_ERR("invalid table version (use openser_mysql.sh
reinstall)\n");
perm_dbf.close(db_handle);
return -1;
- }
+ }
}
@@ -306,7 +306,7 @@
static inline int match_proto(const char *proto_string, int proto_int)
{
if (strcasecmp(proto_string, "any") == 0) return 1;
-
+
if (proto_int == PROTO_UDP) {
if (strcasecmp(proto_string, "udp") == 0) {
return 1;
@@ -314,7 +314,7 @@
return 0;
}
}
-
+
if (proto_int == PROTO_TCP) {
if (strcasecmp(proto_string, "tcp") == 0) {
return 1;
@@ -322,7 +322,7 @@
return 0;
}
}
-
+
if (proto_int == PROTO_TLS) {
if (strcasecmp(proto_string, "tls") == 0) {
return 1;
@@ -330,7 +330,7 @@
return 0;
}
}
-
+
if (proto_int == PROTO_SCTP) {
if (strcasecmp(proto_string, "sctp") == 0) {
return 1;
@@ -350,7 +350,7 @@
*/
static int match_res(struct sip_msg* msg, db_res_t* _r)
{
- int i, tag_avp_type;
+ int i, tag_avp_type;
str uri;
char uri_string[MAX_URI_SIZE+1];
db_row_t* row;
@@ -365,10 +365,10 @@
return -1;
}
memcpy(uri_string, uri.s, uri.len);
- uri_string[uri.len] = (char)0;
+ uri_string[uri.len] = '\0';
row = RES_ROWS(_r);
-
+
for(i = 0; i < RES_ROW_N(_r); i++) {
val = ROW_VALUES(row + i);
if ((ROW_N(row + i) == 3) &&
@@ -415,11 +415,11 @@
* values are "any" (that matches any protocol), "tcp", "udp", "tls",
* and "sctp".
*/
-int allow_trusted(struct sip_msg* _msg, char* str1, char* str2)
+int allow_trusted(struct sip_msg* _msg, char* str1, char* str2)
{
int result;
db_res_t* res = NULL;
-
+
db_key_t keys[1];
db_val_t vals[1];
db_key_t cols[3];
@@ -439,7 +439,7 @@
LM_ERR("failed to use trusted table\n");
return -1;
}
-
+
VAL_TYPE(vals) = DB_STRING;
VAL_NULL(vals) = 0;
VAL_STRING(vals) = ip_addr2a(&(_msg->rcv.src_ip));
@@ -454,7 +454,7 @@
perm_dbf.free_result(db_handle, res);
return -1;
}
-
+
result = match_res(_msg, res);
perm_dbf.free_result(db_handle, res);
return result;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openser.org/pipermail/devel/attachments/20071219/ae2ee1f6/attachment-0001.htm
More information about the Devel
mailing list