Re: [OpenSER-Users] userblacklist

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Hello,

I enhanced userblacklist module in that way, that check_user_blacklist function has now 2 additional, but optional, parameters:

check_user_blacklist(string user, string domain [, string number_to_check][, string table])

Purpose of all this is to have serveral user individual blacklists for e.g. incoming and outgoing calls. You have to create one table for each userblacklist in your database. Table layout is same as default "userblacklist" table. Whitelist is the same for all userblacklists supported. Global blacklist behaviour was not touched by this work.

The new behaviour is like this:

number_to-check must be a PV or empty table must be a PV or string

Modparams "use_domain" and "db_url" are global for all userblacklist tables. Modparam "db_table" is default value if no table parameter was given.

a) check_user_blacklist(string user, string domain) or check_user_blacklist(string user, string domain [, "", ""])

behaves as known.

b) check_user_blacklist(string user, string domain, string number_to_check) or check_user_blacklist(string user, string domain, string number_to_check, "")

checks number_to_check against user's prefix using table given in mod_param dt_table.

c) check_user_blacklist(string user, string domain, string number_to_check, string table)

checks number_to_check against user's prefix using given table instead of default mod_param db_table.

d) check_user_blacklist(string user, string domain, "", string table)

checks R-URI against user's prefix using given table instead of mod_param db_table.

Additionally I fixed a potential seg fault caused by strncpy without using MAXNUMBERLEN to protect target buffer in function "check_user_blacklist".

Further e164 numbers (leading '+' sign) as number_to_check or in R-URI are now allowed. "+" is stripped off in function "check_user_blacklist" befor calling dt_longest_match().

Is there a chance to get this into trunk?

regards Helmut

69c69 < static int check_user_blacklist(struct sip_msg *msg, char* str1, char* str2); ---

static int check_user_blacklist(struct sip_msg *msg, char* str1, char* str2, char* str3, char* str4);

83a84,85

{ "check_user_blacklist", (cmd_function)check_user_blacklist, 3, check_user_blacklist_fixup, 0, REQUEST_ROUTE | FAILURE_ROUTE }, { "check_user_blacklist", (cmd_function)check_user_blacklist, 4, check_user_blacklist_fixup, 0, REQUEST_ROUTE | FAILURE_ROUTE },

148,149c150,151 < model=NULL; < if (param_no==1 || param_no==2) { ---

if (param_no>0 && param_no<=4 && s.len>0) {

155c157,158 < if(pv_parse_format(&s, &model) < 0 || !model) { ---

if(pv_parse_format(&s, &model) < 0 || !model) 
{

159,161c162,168 < if(!model->spec.getf) { < if(param_no == 1) { < if(str2int(&s, (unsigned int*)&model->spec.pvp.pvn.u.isname.name.n) != 0) { ---

if(!model->spec.getf) 
{
	if(param_no == 1) 
	{
	   	if(str2int(&s, (unsigned int*)&model->spec.pvp.pvn.u.isname.name.n) != 0) 
	   	{

164c171,181 < } ---

	   	}
	}
	else if(param_no == 3)
	{
		LM_ERR("wrong value [%s] for param no %d!\n", s.s, param_no);
		return E_UNSPEC;
	}
	else if(param_no == 4)
	{
		LM_DBG("PARAM4 is just a string!\n");
		return 0;

166a184

174c192 < static int check_user_blacklist(struct sip_msg *msg, char* str1, char* str2) ---

static int check_user_blacklist(struct sip_msg *msg, char* str1, char* str2, char* str3, char* str4)

177a196,198

str table = { .len = 0, .s = NULL}; str number = { .len = 0, .s = NULL};

179a201,204

char *ptr;

/* We use strncpy with MAXNUMBERLEN set leter here, so we can terminate string buffer here with \0 */ req_number[MAXNUMBERLEN] = '\0';

186a212

193a220,250

/*Parameter 4=tablename (string or PV)*/ if(str4!=NULL && ((pv_elem_p)str4)->spec.getf) { if(pv_printf_s(msg, (pv_elem_p)str4, &table) != 0) { LM_ERR("cannot print table pseudo-variable\n"); return -1; } } else if(str4!=NULL && strlen(str4)>0) { /*string*/ table.s=str4; table.len=strlen(str4); } else { /*no, then use default table name*/ table.len=db_table.len; table.s=db_table.s; }

/*Source number*/ if(str3!=NULL && ((pv_elem_p)str3)->spec.getf) { if(pv_printf_s(msg, (pv_elem_p)str3, &number) != 0) { LM_ERR("cannot print number pseudo-variable\n"); return -1; } }

198,200c255,268 < if ((parse_sip_msg_uri(msg) < 0) || (!msg->parsed_uri.user.s) || (msg->parsed_uri.user.len > MAXNUMBERLEN)) { < LM_ERR("cannot parse msg URI\n"); < return -1; ---

/* Is number for cheking as parameter given?*/ if(number.s==NULL) { /*No, so use R-URI*/ if ((parse_sip_msg_uri(msg) < 0) || (!msg->parsed_uri.user.s) || (msg->parsed_uri.user.len > MAXNUMBERLEN)) { LM_ERR("cannot parse msg URI\n"); return -1; }

/*String terminating \0 is set automatically when user.s is shorter than MAXNUMBERLEN*/
strncpy(req_number, msg->parsed_uri.user.s, MAXNUMBERLEN);

202,203c270,271 < strncpy(req_number, msg->parsed_uri.user.s, msg->parsed_uri.user.len); < req_number[msg->parsed_uri.user.len] = '\0'; ---

/*String terminating \0 was set at the beginning of this function */ else strncpy(req_number, number.s, MAXNUMBERLEN);

206c274,276 < if (db_build_userbl_tree(&user, &domain, &db_table, dt_root, use_domain) < 0) { ---

LM_DBG("using parameter: '%s', '%s', '%s', '%s'\n", user.s, domain.s, req_number, table.s);

if (db_build_userbl_tree(&user, &domain, &table, dt_root, use_domain) < 0) {

211c281,286 < if (dt_longest_match(dt_root, req_number, &whitelist) >= 0) { ---

/*Checking for e164 numbers. If + is found, remove it*/ if(strlen(req_number)>1 && req_number[0]=='+') ptr=req_number+1; else ptr=req_number;

if (dt_longest_match(dt_root, ptr, &whitelist) >= 0) {

464c539 < LM_INFO("initializing"); ---

LM_INFO("initializing ...\n");

472c547 < LM_INFO("finished initializing"); ---

LM_INFO("finished initializing\n");