Module: sip-router Branch: alexh/master Commit: 65c3448f2d74b803573d7cc79fbfc81961b40e7b URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=65c3448f...

Author: Alex Hermann alex@speakup.nl Committer: Alex Hermann alex@speakup.nl Date: Tue Mar 8 11:59:01 2011 +0100

modules_k/permissions: allow_trusted(): make the multiple matches feature configurable, defaulting to single match.

---

modules_k/permissions/doc/permissions_admin.xml | 21 +++++++++++++++++++++ modules_k/permissions/hash.c | 5 +++++ modules_k/permissions/permissions.c | 2 ++ modules_k/permissions/permissions.h | 2 ++ modules_k/permissions/trusted.c | 2 ++ 5 files changed, 32 insertions(+), 0 deletions(-)

diff --git a/modules_k/permissions/doc/permissions_admin.xml b/modules_k/permissions/doc/permissions_admin.xml index 0470224..b29f2c7 100644 --- a/modules_k/permissions/doc/permissions_admin.xml +++ b/modules_k/permissions/doc/permissions_admin.xml @@ -672,6 +672,27 @@ modparam("permissions", "peer_tag_avp", "$avp(i:707)") </programlisting> </example> </section> + <section> + <title><varname>peer_tag_mode</varname> (integer)</title> + <para> + Tag mode for allow_trusted(). 0 sets only the tag of the + first match. 1 adds the tags of all matches to the avp. In addition + the return value of allow_trusted() is the number of matches. + </para> + <para> + <emphasis> + Default value is <quote>0</quote>. + </emphasis> + </para> + <example> + <title>Set <varname>peer_tag_mode</varname> parameter</title> + <programlisting format="linespecific"> +... +modparam("permissions", "peer_tag_mode", "1") +... +</programlisting> + </example> + </section> </section>

<section> diff --git a/modules_k/permissions/hash.c b/modules_k/permissions/hash.c index 1261227..9675f4c 100644 --- a/modules_k/permissions/hash.c +++ b/modules_k/permissions/hash.c @@ -40,6 +40,9 @@ static int tag_avp_type; static int_str tag_avp;

+extern int peer_tag_mode; + +

/* * Parse and set tag AVP specs @@ -247,6 +250,8 @@ int match_hash_table(struct trusted_list** table, struct sip_msg* msg, return -1; } } + if (!peer_tag_mode) + return 1; count++; } } diff --git a/modules_k/permissions/permissions.c b/modules_k/permissions/permissions.c index 5beb016..609b1c1 100644 --- a/modules_k/permissions/permissions.c +++ b/modules_k/permissions/permissions.c @@ -68,6 +68,7 @@ str proto_col = str_init("proto"); /* Name of protocol column */ str from_col = str_init("from_pattern"); /* Name of from pattern column */ str tag_col = str_init("tag"); /* Name of tag column */ str tag_avp_param = {NULL, 0}; /* Peer tag AVP spec */ +int peer_tag_mode = 0; /* Add tags form all mathcing peers to avp */

/* for allow_address function */ str address_table = str_init("address"); /* Name of address table */ @@ -159,6 +160,7 @@ static param_export_t params[] = { {"from_col", STR_PARAM, &from_col.s }, {"tag_col", STR_PARAM, &tag_col.s }, {"peer_tag_avp", STR_PARAM, &tag_avp_param.s }, + {"peer_tag_mode", INT_PARAM, &peer_tag_mode }, {"address_table", STR_PARAM, &address_table.s }, {"grp_col", STR_PARAM, &grp_col.s }, {"ip_addr_col", STR_PARAM, &ip_addr_col.s }, diff --git a/modules_k/permissions/permissions.h b/modules_k/permissions/permissions.h index ef3d899..0e4d110 100644 --- a/modules_k/permissions/permissions.h +++ b/modules_k/permissions/permissions.h @@ -61,6 +61,8 @@ extern str grp_col; /* Name of address group column */ extern str ip_addr_col; /* Name of ip address column */ extern str mask_col; /* Name of mask column */ extern str port_col; /* Name of port column */ +extern int peer_tag_mode; /* Matching mode */ +

typedef struct int_or_pvar { unsigned int i; diff --git a/modules_k/permissions/trusted.c b/modules_k/permissions/trusted.c index 32e1313..67d0a04 100644 --- a/modules_k/permissions/trusted.c +++ b/modules_k/permissions/trusted.c @@ -384,6 +384,8 @@ static int match_res(struct sip_msg* msg, int proto, db1_res_t* _r) return -1; } } + if (!peer_tag_mode) + return 1; count++; } }