int allow_address(sip_msg_t *_msg, int addr_group, str *ips, int port) { struct ip_addr *ipa; ipa=strtoipX(ips); if ( ipa ) { if (addr_hash_table && match_addr_hash_table(*addr_hash_table, addr_group, ipa, (unsigned int)port) == 1) { return 1; } else { if(subnet_table) { return match_subnet_table(*subnet_table, addr_group, ipa, (unsigned int)port); } } } else { if(domain_list_table) { return match_domain_name_table(*domain_list_table, addr_group, ips, (unsigned int)port); } } return -1; }
int allow_source_address(sip_msg_t *_msg, int addr_group) { LM_DBG("looking for <%u, %x, %u>\n", addr_group, _msg->rcv.src_ip.u.addr32[0], _msg->rcv.src_port); if (addr_hash_table && match_addr_hash_table(*addr_hash_table, addr_group, &_msg->rcv.src_ip, _msg->rcv.src_port) == 1) { return 1; } else { if(subnet_table) { return match_subnet_table(*subnet_table, addr_group, &_msg->rcv.src_ip, _msg->rcv.src_port); } } return -1; }
/* * allow_source_address("group") equals to allow_address("group", "$si", "$sp") * but is faster. */ int allow_source_address(struct sip_msg* _msg, char* _addr_group, char* _str2) { int addr_group = 1; if(_addr_group!=NULL && fixup_get_ivalue(_msg, (gparam_p)_addr_group, &addr_group) !=0 ) { LM_ERR("cannot get group value\n"); return -1; } LM_DBG("looking for <%u, %x, %u>\n", addr_group, _msg->rcv.src_ip.u.addr32[0], _msg->rcv.src_port); if (match_addr_hash_table(*addr_hash_table, addr_group, &_msg->rcv.src_ip, _msg->rcv.src_port) == 1) return 1; else return match_subnet_table(*subnet_table, addr_group, &_msg->rcv.src_ip, _msg->rcv.src_port); }
/* * Checks if an entry exists in cached address table that belongs to a * given address group and has given ip address and port. Port value * 0 in cached address table matches any port. */ int allow_address(struct sip_msg* _msg, char* _addr_group, char* _addr_sp, char* _port_sp) { unsigned int port; int addr_group; str ips; struct ip_addr *ipa; if(fixup_get_ivalue(_msg, (gparam_p)_addr_group, &addr_group) !=0 ) { LM_ERR("cannot get group value\n"); return -1; } if (_addr_sp==NULL || (fixup_get_svalue(_msg, (gparam_p)_addr_sp, &ips) < 0)) { LM_ERR("cannot get value of address pvar\n"); return -1; } ipa=strtoipX(&ips); if (_port_sp==NULL || (fixup_get_ivalue(_msg, (gparam_p)_port_sp, (int*)&port) < 0)) { LM_ERR("cannot get value of port pvar\n"); return -1; } if ( ipa ) { if (match_addr_hash_table(*addr_hash_table, addr_group, ipa, port) == 1) return 1; else return match_subnet_table(*subnet_table, addr_group, ipa, port); } else { return match_domain_name_table(*domain_list_table, addr_group, &ips, port); } }
int check_src_addr_3(struct sip_msg *msg, char *grp, char *info, char* pattern) { int group, hash_ret, subnet_ret, ret = 1; struct in_addr in; str str_ip, str_part_group; struct ip_addr *ip; str pattern_s; struct pm_part_struct *part_struct; struct part_var *pvar, *pvar_new; if (grp) { pvar = (struct part_var *) grp; if (pvar->type == TYPE_PV) { if (fixup_get_svalue(msg, pvar->u.gp, &str_part_group)) { LM_ERR("cannot get group value\n"); return -1; } pvar_new = pkg_malloc(sizeof(struct part_var)); if (pvar_new == NULL) { LM_ERR("no more pkg mem\n"); return -1; } if (check_addr_param1( &str_part_group, pvar_new)) { LM_ERR("failed to parse [%s]!", str_part_group.s); return -1; } group = pvar_new->u.parsed_part.v.ival; if (pvar_new->u.parsed_part.partition.s) part_struct = get_part_struct(&pvar_new->u.parsed_part.partition); else part_struct = get_part_struct(&def_part); pkg_free(pvar_new); } else { group = pvar->u.parsed_part.v.ival; if (pvar->u.parsed_part.partition.s) part_struct = get_part_struct(&pvar->u.parsed_part.partition); else part_struct = get_part_struct(&def_part); } if (group < 0) { LM_ERR("invalid group value\n"); return -1; } } else { group = 0; part_struct = get_part_struct(&def_part); } if (part_struct == NULL) { LM_ERR("no db_url defined or no (such) partition!\n"); return -1; } in.s_addr = msg->rcv.src_ip.u.addr32[0]; str_ip.s = inet_ntoa(in); if (!str_ip.s) { LM_ERR("error at inet_ntoa\n"); return -1; } str_ip.len = strlen(str_ip.s); ip = str2ip(&str_ip); LM_DBG("Looking for : <%d, %.*s, %d, %d> in tables\n", group, str_ip.len, str_ip.s, msg->rcv.src_port, msg->rcv.proto); if (pattern) { if (fixup_get_svalue(msg, (gparam_p)pattern, &pattern_s) < 0) { LM_ERR("cannot get pattern value\n"); return -1; } pattern = pkg_malloc(pattern_s.len + 1); if (!pattern) { LM_ERR("no more pkg mem\n"); return -1; } memcpy(pattern, pattern_s.s, pattern_s.len); pattern[pattern_s.len] = 0; } hash_ret = hash_match(msg, *part_struct->hash_table, group, ip, msg->rcv.src_port, msg->rcv.proto, pattern, info); if (hash_ret < 0) { subnet_ret = match_subnet_table(msg, *part_struct->subnet_table, group, ip, msg->rcv.src_port, msg->rcv.proto, pattern, info); ret = (hash_ret > subnet_ret) ? hash_ret : subnet_ret; } if (pattern) pkg_free(pattern); return ret; }
int check_addr_6(struct sip_msg* msg, char* grp_sgp, char* ip_sp, char* port_sp, char* proto_sp, char* info, char* pattern) { unsigned int port; int group, proto, hash_ret, subnet_ret, ret = 1; struct ip_addr *ip; str str_ip, str_proto, str_port, pattern_s, str_part_group; struct pm_part_struct *part_struct; struct part_var *pvar, *pvar_new; memset(&str_ip, 0, sizeof(str)); memset(&str_proto, 0, sizeof(str)); if (grp_sgp) { pvar = (struct part_var *) grp_sgp; if (pvar->type == TYPE_PV) { if (fixup_get_svalue(msg, pvar->u.gp, &str_part_group)) { LM_ERR("cannot get group value\n"); return -1; } pvar_new = pkg_malloc(sizeof(struct part_var)); if (pvar_new == NULL) { LM_ERR("no more pkg mem\n"); return -1; } if (check_addr_param1( &str_part_group, pvar_new)) { LM_ERR("failed to parse [%s]!", str_part_group.s); return -1; } group = pvar_new->u.parsed_part.v.ival; if (pvar_new->u.parsed_part.partition.s) part_struct = get_part_struct(&pvar_new->u.parsed_part.partition); else part_struct = get_part_struct(&def_part); pkg_free(pvar_new); } else { group = pvar->u.parsed_part.v.ival; if (pvar->u.parsed_part.partition.s) part_struct = get_part_struct(&pvar->u.parsed_part.partition); else part_struct = get_part_struct(&def_part); } if (group < 0) { LM_ERR("invalid group value\n"); return -1; } } else { group = 0; part_struct = get_part_struct(&def_part); } if (part_struct == NULL) { LM_ERR("no db_url defined or no (such) partition!\n"); return -1; } if (ip_sp) { if (fixup_get_svalue(msg, (gparam_p)ip_sp, &str_ip)) { LM_ERR("cannot get str_ip string\n"); return -1; } } else { LM_ERR("source ip not provided!\n"); return -1; } if (str_ip.len <= 0 || !str_ip.s) { LM_ERR("source ip is not set!\n"); return -1; } ip = str2ip(&str_ip); if (!ip) { LM_ERR("invalid ip set <%.*s>!\n", str_ip.len, str_ip.s); return -1; } if (proto_sp) { if (fixup_get_svalue(msg, (gparam_p) proto_sp, &str_proto)) { LM_ERR("cannot get str_proto string\n"); return -1; } } if (str_proto.len <= 0 || !str_proto.s) { str_proto.s = "any"; str_proto.len = strlen(str_proto.s); } if (!strncasecmp(str_proto.s, "UDP", str_proto.len)) proto = PROTO_UDP; else if (!strncasecmp(str_proto.s, "TCP", str_proto.len)) proto = PROTO_TCP; else if (!strncasecmp(str_proto.s, "TLS", str_proto.len)) proto = PROTO_TLS; else if (!strncasecmp(str_proto.s, "SCTP", str_proto.len)) proto = PROTO_SCTP; else if (!strncasecmp(str_proto.s, "ANY", str_proto.len)) proto = PROTO_NONE; else { LM_ERR("unknown protocol %.*s\n", str_proto.len, str_proto.s); return -1; } if (port_sp) { if (fixup_get_svalue(msg, (gparam_p)port_sp, &str_port)) { LM_ERR("cannot get port value\n"); return -1; } if (str2int(&str_port, &port) < 0) { LM_ERR("invalid port value\n"); return -1; } } else port = 0; if (pattern) { if (fixup_get_svalue(msg, (gparam_p)pattern, &pattern_s) < 0) { LM_ERR("cannot get pattern value\n"); return -1; } pattern = pkg_malloc(pattern_s.len + 1); if (!pattern) { LM_ERR("no more pkg mem\n"); return -1; } memcpy(pattern, pattern_s.s, pattern_s.len); pattern[pattern_s.len] = 0; } LM_DBG("Looking for : <%d, %.*s, %.*s, %d, %s>\n", group, str_ip.len, str_ip.s, str_proto.len, str_proto.s, port, ZSW(pattern) ); hash_ret = hash_match(msg, *part_struct->hash_table, group, ip, port, proto, pattern, info); if (hash_ret < 0) { subnet_ret = match_subnet_table(msg, *part_struct->subnet_table, group, ip, port, proto, pattern, info); ret = (hash_ret > subnet_ret) ? hash_ret : subnet_ret; } if (pattern) pkg_free(pattern); return ret; }