[sr-dev] git:master: modules_k/permissions: allow_trusted(): Make the multiple matches feature configurable, defaulting to single match .

Alex Hermann alex at speakup.nl
Fri Mar 11 14:38:28 CET 2011 

Module: sip-router
Branch: master
Commit: bbb082d582b0ae20c366128cf57a1f03ef594ff4
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=bbb082d582b0ae20c366128cf57a1f03ef594ff4

Author: Alex Hermann <alex at speakup.nl>
Committer: Alex Hermann <alex at speakup.nl>
Date:   Tue Mar  8 11:59:01 2011 +0100

modules_k/permissions: allow_trusted(): Make the multiple matches feature configurable, defaulting to single match.

---

 modules_k/permissions/doc/permissions_admin.xml |   21 +++++++++++++++++++++
 modules_k/permissions/hash.c                    |    5 +++++
 modules_k/permissions/permissions.c             |    2 ++
 modules_k/permissions/permissions.h             |    2 ++
 modules_k/permissions/trusted.c                 |    2 ++
 5 files changed, 32 insertions(+), 0 deletions(-)

diff --git a/modules_k/permissions/doc/permissions_admin.xml b/modules_k/permissions/doc/permissions_admin.xml
index 0470224..b29f2c7 100644
--- a/modules_k/permissions/doc/permissions_admin.xml
+++ b/modules_k/permissions/doc/permissions_admin.xml
@@ -672,6 +672,27 @@ modparam("permissions", "peer_tag_avp", "$avp(i:707)")
 </programlisting>
 		</example>
 	</section>
+	<section>
+		<title><varname>peer_tag_mode</varname> (integer)</title>
+		<para>
+		Tag mode for allow_trusted(). 0 sets only the tag of the
+		first match. 1 adds the tags of all matches to the avp. In addition
+		the return value of allow_trusted() is the number of matches.
+		</para>
+		<para>
+		<emphasis>
+		Default value is <quote>0</quote>.
+		</emphasis>
+		</para>
+		<example>
+		<title>Set <varname>peer_tag_mode</varname> parameter</title>
+		<programlisting format="linespecific">
+...
+modparam("permissions", "peer_tag_mode", "1")
+...
+</programlisting>
+		</example>
+	</section>
 	</section>
 
 	<section>
diff --git a/modules_k/permissions/hash.c b/modules_k/permissions/hash.c
index 1261227..9675f4c 100644
--- a/modules_k/permissions/hash.c
+++ b/modules_k/permissions/hash.c
@@ -40,6 +40,9 @@
 static int     tag_avp_type;
 static int_str tag_avp;
 
+extern int peer_tag_mode;
+
+
 
 /*
  * Parse and set tag AVP specs
@@ -247,6 +250,8 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg,
 					return -1;
 				}
 			}
+			if (!peer_tag_mode)
+				return 1;
 			count++;
 		}
 	}
diff --git a/modules_k/permissions/permissions.c b/modules_k/permissions/permissions.c
index 5beb016..609b1c1 100644
--- a/modules_k/permissions/permissions.c
+++ b/modules_k/permissions/permissions.c
@@ -68,6 +68,7 @@ str proto_col = str_init("proto");         /* Name of protocol column */
 str from_col = str_init("from_pattern");   /* Name of from pattern column */
 str tag_col = str_init("tag");             /* Name of tag column */
 str tag_avp_param = {NULL, 0};             /* Peer tag AVP spec */
+int peer_tag_mode = 0;                     /* Add tags form all mathcing peers to avp */
 
 /* for allow_address function */
 str address_table = str_init("address");   /* Name of address table */
@@ -159,6 +160,7 @@ static param_export_t params[] = {
 	{"from_col",           STR_PARAM, &from_col.s        },
 	{"tag_col",            STR_PARAM, &tag_col.s         },
 	{"peer_tag_avp",       STR_PARAM, &tag_avp_param.s   },
+	{"peer_tag_mode",      INT_PARAM, &peer_tag_mode     },
 	{"address_table",      STR_PARAM, &address_table.s   },
 	{"grp_col",            STR_PARAM, &grp_col.s         },
 	{"ip_addr_col",        STR_PARAM, &ip_addr_col.s     },
diff --git a/modules_k/permissions/permissions.h b/modules_k/permissions/permissions.h
index ef3d899..0e4d110 100644
--- a/modules_k/permissions/permissions.h
+++ b/modules_k/permissions/permissions.h
@@ -61,6 +61,8 @@ extern str grp_col;       /* Name of address group column */
 extern str ip_addr_col;   /* Name of ip address column */
 extern str mask_col;      /* Name of mask column */
 extern str port_col;      /* Name of port column */
+extern int peer_tag_mode; /* Matching mode */
+
 
 typedef struct int_or_pvar {
     unsigned int i;
diff --git a/modules_k/permissions/trusted.c b/modules_k/permissions/trusted.c
index 32e1313..67d0a04 100644
--- a/modules_k/permissions/trusted.c
+++ b/modules_k/permissions/trusted.c
@@ -384,6 +384,8 @@ static int match_res(struct sip_msg* msg, int proto, db1_res_t* _r)
 					return -1;
 				}
 			}
+			if (!peer_tag_mode) 
+				return 1;
 			count++;
 		}
 	}

More information about the sr-dev mailing list