Module: kamailio Branch: master Commit: 4826ba749a3d8589d57bc5fcb38eeb6f9e840e02 URL: https://github.com/kamailio/kamailio/commit/4826ba749a3d8589d57bc5fcb38eeb6… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Date: 2017-06-29T09:21:22+02:00 permissions: new parameter load_backends - control what backends should be loaded - 1 - address table - 2 - trusted table - 4 - allow file - 8 - deny file - it can be a combination (sum) of the options to load many backends - default value 0xffff (load all backends) --- Modified: src/modules/permissions/permissions.c Modified: src/modules/permissions/permissions.h --- Diff: https://github.com/kamailio/kamailio/commit/4826ba749a3d8589d57bc5fcb38eeb6… Patch: https://github.com/kamailio/kamailio/commit/4826ba749a3d8589d57bc5fcb38eeb6… --- diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c index 3d50c6b0b7..f6715556a3 100644 --- a/src/modules/permissions/permissions.c +++ b/src/modules/permissions/permissions.c @@ -89,6 +89,8 @@ static int check_all_branches = 1; int _perm_max_subnets = 512; +int _perm_load_backends = 0xFFFF; + /* * Convert the name of the files into table index */ @@ -178,6 +180,7 @@ static param_export_t params[] = { {"mask_col", PARAM_STR, &mask_col }, {"port_col", PARAM_STR, &port_col }, {"max_subnets", PARAM_INT, &_perm_max_subnets }, + {"load_backends", PARAM_INT, &_perm_load_backends }, {0, 0, 0} }; @@ -576,33 +579,42 @@ static int double_fixup(void** param, int param_no) */ static int mod_init(void) { - if(permissions_init_rpc()!=0) - { - LM_ERR("failed to register RPC commands\n"); + if(_perm_load_backends==0) { + LM_ERR("failure - no backend to be loaded\n"); return -1; } - allow[0].filename = get_pathname(default_allow_file); - allow[0].rules = parse_config_file(allow[0].filename); - if (allow[0].rules) { - LM_DBG("default allow file (%s) parsed\n", allow[0].filename); - } else { - LM_INFO("default allow file (%s) not found => empty rule set\n", - allow[0].filename); + if(permissions_init_rpc()!=0) { + LM_ERR("failed to register RPC commands\n"); + return -1; } - deny[0].filename = get_pathname(default_deny_file); - deny[0].rules = parse_config_file(deny[0].filename); - if (deny[0].rules) { - LM_DBG("default deny file (%s) parsed\n", deny[0].filename); + if(_perm_load_backends&PERM_LOAD_ALLOWFILE) { + allow[0].filename = get_pathname(default_allow_file); + allow[0].rules = parse_config_file(allow[0].filename); + if (allow[0].rules) { + LM_DBG("default allow file (%s) parsed\n", allow[0].filename); + } else { + LM_INFO("default allow file (%s) not found => empty rule set\n", + allow[0].filename); + } } else { - LM_INFO("default deny file (%s) not found => empty rule set\n", - deny[0].filename); + allow[0].filename = NULL; + allow[0].rules = NULL; } - if (init_trusted() != 0) { - LM_ERR("failed to initialize the allow_trusted function\n"); - return -1; + if(_perm_load_backends&PERM_LOAD_DENYFILE) { + deny[0].filename = get_pathname(default_deny_file); + deny[0].rules = parse_config_file(deny[0].filename); + if (deny[0].rules) { + LM_DBG("default deny file (%s) parsed\n", deny[0].filename); + } else { + LM_INFO("default deny file (%s) not found => empty rule set\n", + deny[0].filename); + } + } else { + deny[0].filename = NULL; + deny[0].rules = NULL; } if (init_tag_avp(&tag_avp_param) < 0) { @@ -610,9 +622,18 @@ static int mod_init(void) return -1; } - if (init_addresses() != 0) { - LM_ERR("failed to initialize the allow_address function\n"); - return -1; + if(_perm_load_backends&PERM_LOAD_TRUSTEDDB) { + if (init_trusted() != 0) { + LM_ERR("failed to initialize the allow_trusted function\n"); + return -1; + } + } + + if(_perm_load_backends&PERM_LOAD_ADDRESSDB) { + if (init_addresses() != 0) { + LM_ERR("failed to initialize the allow_address function\n"); + return -1; + } } if ((db_mode != DISABLE_CACHE) && (db_mode != ENABLE_CACHE)) { diff --git a/src/modules/permissions/permissions.h b/src/modules/permissions/permissions.h index 1613652ee6..bec8a7c236 100644 --- a/src/modules/permissions/permissions.h +++ b/src/modules/permissions/permissions.h @@ -60,6 +60,12 @@ extern str mask_col; /* Name of mask column */ extern str port_col; /* Name of port column */ extern int peer_tag_mode; /* Matching mode */ +/* backends to be loaded */ +#define PERM_LOAD_ADDRESSDB (1<<0) +#define PERM_LOAD_TRUSTEDDB (1<<1) +#define PERM_LOAD_ALLOWFILE (1<<2) +#define PERM_LOAD_DENYFILE (1<<3) +extern int _perm_load_backends; /* */ typedef struct int_or_pvar { unsigned int i;