[sr-dev] git:master:c87f5202: permissions: basic safety for concurrent RPC reload

Module: kamailio Branch: master Commit: c87f5202d778cf110ce0fbbc554310c148e997cb URL: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c… Author: Victor Seva &lt;linuxmaniac(a)torreviejawireless.org&gt; Committer: Victor Seva &lt;linuxmaniac(a)torreviejawireless.org&gt; Date: 2020-11-05T11:40:58+01:00 permissions: basic safety for concurrent RPC reload * same logic as 99d5da8d595961063249f871a5d150474fa6f317 --- Modified: src/modules/permissions/permissions.c Modified: src/modules/permissions/permissions.h Modified: src/modules/permissions/rpc.c --- Diff: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c… Patch: https://github.com/kamailio/kamailio/commit/c87f5202d778cf110ce0fbbc554310c… --- diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c index be22963d81..7e447d14d2 100644 --- a/src/modules/permissions/permissions.c +++ b/src/modules/permissions/permissions.c @@ -88,7 +88,7 @@ str perm_address_file = STR_NULL; /* Full path to file with address records */ static int perm_check_all_branches = 1; - +time_t *perm_rpc_reload_time = NULL; int _perm_max_subnets = 512; int _perm_load_backends = 0xFFFF; @@ -587,6 +587,13 @@ static int mod_init(void) return -1; } + perm_rpc_reload_time = shm_malloc(sizeof(time_t)); + if(perm_rpc_reload_time == NULL) { + SHM_MEM_ERROR; + return -1; + } + *perm_rpc_reload_time = 0; + if(permissions_init_rpc()!=0) { LM_ERR("failed to register RPC commands\n"); return -1; @@ -674,6 +681,11 @@ static void mod_exit(void) { int i; + if(perm_rpc_reload_time!=NULL) { + shm_free(perm_rpc_reload_time); + perm_rpc_reload_time = 0; + } + for(i = 0; i < perm_rules_num; i++) { if(perm_allow[i].rules) free_rule(perm_allow[i].rules); if(perm_allow[i].filename) pkg_free(perm_allow[i].filename); diff --git a/src/modules/permissions/permissions.h b/src/modules/permissions/permissions.h index 785d6c94de..c094185626 100644 --- a/src/modules/permissions/permissions.h +++ b/src/modules/permissions/permissions.h @@ -66,6 +66,7 @@ extern int perm_peer_tag_mode; /* Matching mode */ #define PERM_LOAD_ALLOWFILE (1<<2) #define PERM_LOAD_DENYFILE (1<<3) extern int _perm_load_backends; /* */ +extern time_t *perm_rpc_reload_time; typedef struct int_or_pvar { unsigned int i; diff --git a/src/modules/permissions/rpc.c b/src/modules/permissions/rpc.c index 844cdec674..b6a6f9a420 100644 --- a/src/modules/permissions/rpc.c +++ b/src/modules/permissions/rpc.c @@ -30,10 +30,30 @@ #include "permissions.h" +int rpc_check_reload(rpc_t* rpc, void* ctx) { + if(perm_rpc_reload_time==NULL) { + LM_ERR("not ready for reload\n"); + rpc->fault(ctx, 500, "Not ready for reload"); + return -1; + } + if(*perm_rpc_reload_time!=0 && *perm_rpc_reload_time > time(NULL) - 5) { + LM_ERR("ongoing reload\n"); + rpc->fault(ctx, 500, "ongoing reload"); + return -1; + } + *perm_rpc_reload_time = time(NULL); + return 0; +} + /*! \brief * RPC function to reload trusted table */ void rpc_trusted_reload(rpc_t* rpc, void* c) { + + if(rpc_check_reload(rpc, c) < 0) { + return; + } + if (reload_trusted_table_cmd () != 1) { rpc->fault(c, 500, "Reload failed."); return; @@ -67,6 +87,11 @@ void rpc_trusted_dump(rpc_t* rpc, void* c) { * RPC function to reload address table */ void rpc_address_reload(rpc_t* rpc, void* c) { + + if(rpc_check_reload(rpc, c) < 0) { + return; + } + if (reload_address_table_cmd () != 1) { rpc->fault(c, 500, "Reload failed."); return;