[sr-dev] git:master:c87f5202: permissions: basic safety for concurrent RPC reload
Victor Seva
linuxmaniac at torreviejawireless.org
Thu Nov 5 11:46:02 CET 2020
Module: kamailio
Branch: master
Commit: c87f5202d778cf110ce0fbbc554310c148e997cb
URL: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c148e997cb
Author: Victor Seva <linuxmaniac at torreviejawireless.org>
Committer: Victor Seva <linuxmaniac at torreviejawireless.org>
Date: 2020-11-05T11:40:58+01:00
permissions: basic safety for concurrent RPC reload
* same logic as 99d5da8d595961063249f871a5d150474fa6f317
---
Modified: src/modules/permissions/permissions.c
Modified: src/modules/permissions/permissions.h
Modified: src/modules/permissions/rpc.c
---
Diff: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c148e997cb.diff
Patch: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c148e997cb.patch
---
diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c
index be22963d81..7e447d14d2 100644
--- a/src/modules/permissions/permissions.c
+++ b/src/modules/permissions/permissions.c
@@ -88,7 +88,7 @@ str perm_address_file = STR_NULL; /* Full path to file with address records
*/
static int perm_check_all_branches = 1;
-
+time_t *perm_rpc_reload_time = NULL;
int _perm_max_subnets = 512;
int _perm_load_backends = 0xFFFF;
@@ -587,6 +587,13 @@ static int mod_init(void)
return -1;
}
+ perm_rpc_reload_time = shm_malloc(sizeof(time_t));
+ if(perm_rpc_reload_time == NULL) {
+ SHM_MEM_ERROR;
+ return -1;
+ }
+ *perm_rpc_reload_time = 0;
+
if(permissions_init_rpc()!=0) {
LM_ERR("failed to register RPC commands\n");
return -1;
@@ -674,6 +681,11 @@ static void mod_exit(void)
{
int i;
+ if(perm_rpc_reload_time!=NULL) {
+ shm_free(perm_rpc_reload_time);
+ perm_rpc_reload_time = 0;
+ }
+
for(i = 0; i < perm_rules_num; i++) {
if(perm_allow[i].rules) free_rule(perm_allow[i].rules);
if(perm_allow[i].filename) pkg_free(perm_allow[i].filename);
diff --git a/src/modules/permissions/permissions.h b/src/modules/permissions/permissions.h
index 785d6c94de..c094185626 100644
--- a/src/modules/permissions/permissions.h
+++ b/src/modules/permissions/permissions.h
@@ -66,6 +66,7 @@ extern int perm_peer_tag_mode; /* Matching mode */
#define PERM_LOAD_ALLOWFILE (1<<2)
#define PERM_LOAD_DENYFILE (1<<3)
extern int _perm_load_backends; /* */
+extern time_t *perm_rpc_reload_time;
typedef struct int_or_pvar {
unsigned int i;
diff --git a/src/modules/permissions/rpc.c b/src/modules/permissions/rpc.c
index 844cdec674..b6a6f9a420 100644
--- a/src/modules/permissions/rpc.c
+++ b/src/modules/permissions/rpc.c
@@ -30,10 +30,30 @@
#include "permissions.h"
+int rpc_check_reload(rpc_t* rpc, void* ctx) {
+ if(perm_rpc_reload_time==NULL) {
+ LM_ERR("not ready for reload\n");
+ rpc->fault(ctx, 500, "Not ready for reload");
+ return -1;
+ }
+ if(*perm_rpc_reload_time!=0 && *perm_rpc_reload_time > time(NULL) - 5) {
+ LM_ERR("ongoing reload\n");
+ rpc->fault(ctx, 500, "ongoing reload");
+ return -1;
+ }
+ *perm_rpc_reload_time = time(NULL);
+ return 0;
+}
+
/*! \brief
* RPC function to reload trusted table
*/
void rpc_trusted_reload(rpc_t* rpc, void* c) {
+
+ if(rpc_check_reload(rpc, c) < 0) {
+ return;
+ }
+
if (reload_trusted_table_cmd () != 1) {
rpc->fault(c, 500, "Reload failed.");
return;
@@ -67,6 +87,11 @@ void rpc_trusted_dump(rpc_t* rpc, void* c) {
* RPC function to reload address table
*/
void rpc_address_reload(rpc_t* rpc, void* c) {
+
+ if(rpc_check_reload(rpc, c) < 0) {
+ return;
+ }
+
if (reload_address_table_cmd () != 1) {
rpc->fault(c, 500, "Reload failed.");
return;
More information about the sr-dev
mailing list