git:master:85270635: permissions: docs - elaborated more the help for allow_trusted() - sr-dev

11 Jul 2018

Module: kamailio
Branch: master
Commit: 852706359470d586238e7df2c1aec2511e272d04
URL: https://github.com/kamailio/kamailio/commit/852706359470d586238e7df2c1aec25…

Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt;
Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt;
Date: 2018-07-11T11:38:58+02:00

permissions: docs - elaborated more the help for allow_trusted()

---

Modified: src/modules/permissions/doc/permissions_admin.xml

---

Diff: 
https://github.com/kamailio/kamailio/commit/852706359470d586238e7df2c1aec25…
Patch:
https://github.com/kamailio/kamailio/commit/852706359470d586238e7df2c1aec25…

---

diff --git a/src/modules/permissions/doc/permissions_admin.xml
b/src/modules/permissions/doc/permissions_admin.xml
index 500dc48627..935620c0df 100644
--- a/src/modules/permissions/doc/permissions_admin.xml
+++ b/src/modules/permissions/doc/permissions_admin.xml
@@ -1185,12 +1185,12 @@ if ($var(group) != -1) {
 	</section>
 	<section id ="permissions.f.allow_trusted">
 		<title>
-		<function moreinfo="none">allow_trusted([src_ip_pvar, proto_pvar,
uri_pvar])</function>
+		<function moreinfo="none">allow_trusted([src_ip_pvar, proto_pvar,
furi_pvar])</function>
 		</title>
 		<para>
 		Checks based either on request's source address and transport
 		protocol or source address and transport protocol given
-		in pvar arguments, and From URI of request (or uri_pvar if provided)
+		in pvar arguments, and From URI of request (or furi_pvar if provided)
 		if request can be trusted without
 		authentication.  Returns <quote>1</quote> if a match is found
 		as described in <xref linkend="sec-trusted-requests"/>
@@ -1200,9 +1200,14 @@ if ($var(group) != -1) {
 		matching peer to AVP peer_tag_avp.
 		</para>
 		<para>
-		Source address, transport protocol and uri given in pvar
-		arguments must be in string format.  Valid transport
-		protocol values are (ignoring case) "any", "udp, "tcp",
"tls",
+		NOTE: source IP is matched using string comparison. Be careful if the
+		IP can have different forms, for a safer alternative for matching IP
+		addresses, look at allow_source_address or allow_address().
+		</para>
+		<para>
+		Source address, transport protocol and uri given in the
+		arguments must be in string format and they can contain script variables.
+		Valid transport protocol values are (ignoring case) "any", "udp,
"tcp", "tls",
 		"ws", "wss" and "sctp".
 		</para>
 		<para>
@@ -1214,11 +1219,15 @@ if ($var(group) != -1) {
 ...
 if (allow_trusted()) {
 	t_relay();
-};
+}
 ...
 if (allow_trusted("$si", "$proto")) {
 	t_relay();
-};
+}
+...
+if (allow_trusted("$si", "any", "$ai")) {
+	t_relay();
+}
 ...
 </programlisting>
 		</example>



    