Browse code

modules_k/userblacklist : extended userblacklist module so also alphanumerical matches are possible

Also updated doc and test.

Marius Zbihlei authored on 11/10/2010 09:45:57
Showing 5 changed files
... ...
@@ -29,6 +29,7 @@ Henning Westerholt
29 29
         3. Exported Parameters
30 30
 
31 31
               3.1. use_domain (integer)
32
+              3.2. match_mode (integer)
32 33
 
33 34
         4. Exported Functions
34 35
 
... ...
@@ -66,12 +67,13 @@ Henning Westerholt
66 67
    List of Examples
67 68
 
68 69
    1.1. Set use_domain parameter
69
-   1.2. check_user_blacklist usage
70
+   1.2. Set match_mode parameter
70 71
    1.3. check_user_blacklist usage
71
-   1.4. check_blacklist usage
72
-   1.5. reload_blacklists usage
73
-   1.6. Example database content - globalblacklist table
74
-   1.7. Example database content - userblacklist table
72
+   1.4. check_user_blacklist usage
73
+   1.5. check_blacklist usage
74
+   1.6. reload_blacklists usage
75
+   1.7. Example database content - globalblacklist table
76
+   1.8. Example database content - userblacklist table
75 77
    2.1. Set db_url parameter
76 78
    2.2. Set userblacklist_table parameter
77 79
    2.3. Set userblacklist_id_col parameter
... ...
@@ -98,6 +100,7 @@ Chapter 1. Admin Guide
98 100
    3. Exported Parameters
99 101
 
100 102
         3.1. use_domain (integer)
103
+        3.2. match_mode (integer)
101 104
 
102 105
    4. Exported Functions
103 106
 
... ...
@@ -164,6 +167,7 @@ Chapter 1. Admin Guide
164 167
 3. Exported Parameters
165 168
 
166 169
    3.1. use_domain (integer)
170
+   3.2. match_mode (integer)
167 171
 
168 172
 3.1. use_domain (integer)
169 173
 
... ...
@@ -177,6 +181,22 @@ Chapter 1. Admin Guide
177 181
 modparam("userblacklist", "use_domain", 0)
178 182
 ...
179 183
 
184
+3.2. match_mode (integer)
185
+
186
+   The number of individual characters that are used for matching. Valid
187
+   values are 10 or 128. When you specifiy 10, only digits will be used
188
+   for matching, this operation mode is equivalent to the old behaviour.
189
+   When configured with 128, all standard ascii chars are available for
190
+   matching. Please be aware that memory requirements for storing the
191
+   routing tree in shared memory will also increase by a factor of 12.8.
192
+
193
+   Default value is “10”.
194
+
195
+   Example 1.2. Set match_mode parameter
196
+...
197
+modparam("userblacklist", "match_mode", 128)
198
+...
199
+
180 200
 4. Exported Functions
181 201
 
182 202
    4.1. check_user_blacklist (string user, string domain, string number,
... ...
@@ -198,7 +218,7 @@ table)
198 218
    are optional, the defaults are used if they are ommited. The number
199 219
    parameter can be used to check for example against the from URI user.
200 220
 
201
-   Example 1.2. check_user_blacklist usage
221
+   Example 1.3. check_user_blacklist usage
202 222
 ...
203 223
 $avp(i:80) = $rU;
204 224
 # rewrite the R-URI
... ...
@@ -219,7 +239,7 @@ table)
219 239
    are optional, the defaults are used if they are ommited. The number
220 240
    parameter can be used to check for example against the from URI user.
221 241
 
222
-   Example 1.3. check_user_blacklist usage
242
+   Example 1.4. check_user_blacklist usage
223 243
 ...
224 244
 $avp(i:80) = $rU;
225 245
 # rewrite the R-URI
... ...
@@ -236,7 +256,7 @@ if (!check_user_whitelist("$avp(i:80)", "$avp(i:82)"))
236 256
    returned. Otherwise, true is returned. If no table is given, then
237 257
    globalblacklist_table is used.
238 258
 
239
-   Example 1.4. check_blacklist usage
259
+   Example 1.5. check_blacklist usage
240 260
 ...
241 261
 if (!check_blacklist("global_blacklist")))
242 262
         sl_send_reply("403", "Forbidden");
... ...
@@ -253,7 +273,7 @@ if (!check_blacklist("global_blacklist")))
253 273
    Reload the internal global blacklist cache. This is necessary after the
254 274
    database tables for the global blacklist have been changed.
255 275
 
256
-   Example 1.5. reload_blacklists usage
276
+   Example 1.6. reload_blacklists usage
257 277
 ...
258 278
 kamctl fifo reload_blacklist
259 279
 ...
... ...
@@ -275,7 +295,7 @@ kamctl fifo reload_blacklist
275 295
    complete database documentation on the project webpage,
276 296
    http://www.kamailio.org/docs/db-tables/kamailio-db-devel.html.
277 297
 
278
-   Example 1.6. Example database content - globalblacklist table
298
+   Example 1.7. Example database content - globalblacklist table
279 299
 ...
280 300
 +----+-----------+-----------+
281 301
 | id | prefix    | whitelist |
... ...
@@ -292,7 +312,7 @@ kamctl fifo reload_blacklist
292 312
    “123455787” are also blacklisted, because the longest prefix will be
293 313
    matched.
294 314
 
295
-   Example 1.7. Example database content - userblacklist table
315
+   Example 1.8. Example database content - userblacklist table
296 316
 ...
297 317
 +----+----------------+-------------+-----------+-----------+
298 318
 | id | username       | domain      | prefix    | whitelist |
... ...
@@ -36,10 +36,14 @@
36 36
 #include "../../lib/trie/dtrie.h"
37 37
 
38 38
 
39
+
39 40
 /**
40 41
  * Builds a d-tree using database entries.
41 42
  * \return negative on failure, postive on success, indicating the number of d-tree entries
42 43
  */
44
+
45
+extern int match_mode;
46
+
43 47
 int db_build_userbl_tree(const str *username, const str *domain, const str *table, struct dtrie_node_t *root, int use_domain)
44 48
 {
45 49
 	db_key_t columns[2] = { &userblacklist_prefix_col, &userblacklist_whitelist_col };
... ...
@@ -67,7 +71,7 @@ int db_build_userbl_tree(const str *username, const str *domain, const str *tabl
67 71
 		return -1;
68 72
 	}
69 73
 
70
-	dtrie_clear(root, NULL, 10);
74
+	dtrie_clear(root, NULL, match_mode);
71 75
 
72 76
 	if (RES_COL_N(res) > 1) {
73 77
 		for(i = 0; i < RES_ROW_N(res); i++) {
... ...
@@ -84,7 +88,7 @@ int db_build_userbl_tree(const str *username, const str *domain, const str *tabl
84 88
 						nodeflags=(void *)MARK_WHITELIST;
85 89
 					}
86 90
 					if (dtrie_insert(root, RES_ROWS(res)[i].values[0].val.string_val, strlen(RES_ROWS(res)[i].values[0].val.string_val),
87
-						nodeflags, 10) < 0) LM_ERR("could not insert values into trie.\n");
91
+						nodeflags, match_mode) < 0) LM_ERR("could not insert values into trie.\n");
88 92
 					n++;
89 93
 				}
90 94
 				else {
... ...
@@ -120,7 +124,7 @@ int db_reload_source(const str *table, struct dtrie_node_t *root)
120 124
 		return -1;
121 125
 	}
122 126
 
123
-	dtrie_clear(root, NULL, 10);
127
+	dtrie_clear(root, NULL, match_mode);
124 128
 
125 129
 	if (RES_COL_N(res) > 1) {
126 130
 		for(i = 0; i < RES_ROW_N(res); i++) {
... ...
@@ -134,7 +138,7 @@ int db_reload_source(const str *table, struct dtrie_node_t *root)
134 138
 					if (RES_ROWS(res)[i].values[1].val.int_val == 0) nodeflags=(void *) MARK_BLACKLIST;
135 139
 					else nodeflags=(void *)MARK_WHITELIST;
136 140
 					if (dtrie_insert(root, RES_ROWS(res)[i].values[0].val.string_val, strlen(RES_ROWS(res)[i].values[0].val.string_val),
137
-						nodeflags, 10) < 0) LM_ERR("could not insert values into trie.\n");
141
+						nodeflags, match_mode) < 0) LM_ERR("could not insert values into trie.\n");
138 142
 					n++;
139 143
 				}
140 144
 				else {
... ...
@@ -93,6 +93,31 @@ modparam("userblacklist", "use_domain", 0)
93 93
 		    </programlisting>
94 94
 	    </example>
95 95
     </section>
96
+    <section>
97
+    	    <title><varname>match_mode</varname> (integer)</title>
98
+	    <para>
99
+The number of individual characters that are used for matching. 
100
+Valid values are 10 or 128. When you specifiy 10, only digits will be used for matching, 
101
+this operation mode is equivalent to the old behaviour. When configured with 128, 
102
+all standard ascii chars are available for matching. Please be aware that memory 
103
+requirements for storing the routing tree in shared memory will also increase by a factor of 12.8.
104
+	    </para>
105
+	    <para>
106
+		    <emphasis>
107
+			    Default value is <quote>10</quote>.
108
+		    </emphasis>
109
+	    </para>
110
+	    <example>
111
+		    <title>Set <varname>match_mode</varname> parameter</title>
112
+		    <programlisting format="linespecific">
113
+...
114
+modparam("userblacklist", "match_mode", 128)
115
+...
116
+		    </programlisting>
117
+	    </example>
118
+    </section>
119
+    
120
+
96 121
 </section>
97 122
 <section>
98 123
 	<title>Exported Functions</title>
... ...
@@ -73,7 +73,8 @@ struct check_blacklist_fs_t {
73 73
 };
74 74
 
75 75
 str userblacklist_db_url = str_init(DEFAULT_RODB_URL);
76
-static int use_domain   = 0;
76
+int use_domain   = 0;
77
+int match_mode = 10; /* numeric */
77 78
 static struct dtrie_node_t *gnode = NULL;
78 79
 
79 80
 /* ---- fixup functions: */
... ...
@@ -122,6 +123,7 @@ static param_export_t params[] = {
122 123
 	userblacklist_DB_COLS
123 124
 	globalblacklist_DB_COLS
124 125
 	{ "use_domain",      INT_PARAM, &use_domain },
126
+	{ "match_mode",	     INT_PARAM, &match_mode},
125 127
 	{ 0, 0, 0}
126 128
 };
127 129
 
... ...
@@ -291,7 +293,7 @@ static int check_user_list(struct sip_msg *msg, char* str1, char* str2, char* st
291 293
 		ptr = ptr + 1;
292 294
 	}
293 295
 
294
-	nodeflags = dtrie_longest_match(dtrie_root, ptr, strlen(ptr), NULL, 10);
296
+	nodeflags = dtrie_longest_match(dtrie_root, ptr, strlen(ptr), NULL, match_mode);
295 297
 	if (nodeflags) {
296 298
 		if (*nodeflags == (void *)MARK_WHITELIST) {
297 299
 			/* LM_ERR("whitelisted"); */
... ...
@@ -395,7 +397,7 @@ static int add_source(const char *table)
395 397
 	strcpy(src->table, table);
396 398
 	LM_DBG("add table %s", table);
397 399
 
398
-	src->dtrie_root = dtrie_init(10);
400
+	src->dtrie_root = dtrie_init(match_mode);
399 401
 
400 402
 	if (src->dtrie_root == NULL) {
401 403
 		LM_ERR("could not initialize data");
... ...
@@ -510,15 +512,15 @@ static int check_blacklist(struct sip_msg *msg, struct check_blacklist_fs_t *arg
510 512
 
511 513
 	ptr = req_number;
512 514
 	/* Skip over non-digits.  */
513
-	while (strlen(ptr) > 0 && !isdigit(*ptr)) {
514
-		ptr = ptr + 1;
515
+	while (match_mode == 10 && strlen(ptr) > 0 && !isdigit(*ptr)) {
516
+			ptr = ptr + 1;
515 517
 	}
516 518
 
517 519
 	LM_DBG("check entry %s\n", req_number);
518 520
 
519 521
 	/* avoids dirty reads when updating d-tree */
520 522
 	lock_get(lock);
521
-	nodeflags = dtrie_longest_match(arg1->dtrie_root, ptr, strlen(ptr), NULL, 10);
523
+	nodeflags = dtrie_longest_match(arg1->dtrie_root, ptr, strlen(ptr), NULL, match_mode);
522 524
 	if (nodeflags) {
523 525
 		if (*nodeflags == (void *)MARK_WHITELIST) {
524 526
 			/* LM_DBG("whitelisted"); */
... ...
@@ -591,7 +593,7 @@ static void destroy_source_list(void)
591 593
 			sources->head = src->next;
592 594
 
593 595
 			if (src->table) shm_free(src->table);
594
-			dtrie_destroy(&(src->dtrie_root), NULL, 10);
596
+			dtrie_destroy(&(src->dtrie_root), NULL, match_mode);
595 597
 			shm_free(src);
596 598
 		}
597 599
 
... ...
@@ -673,7 +675,7 @@ static int mi_child_init(void)
673 675
 	if(userblacklist_child_initialized)
674 676
 		return 0;
675 677
 	if (userblacklist_db_open() != 0) return -1;
676
-	dtrie_root=dtrie_init(10);
678
+	dtrie_root=dtrie_init(match_mode);
677 679
 	if (dtrie_root == NULL) {
678 680
 		LM_ERR("could not initialize data");
679 681
 		return -1;
... ...
@@ -692,5 +694,5 @@ static void mod_destroy(void)
692 694
 	destroy_source_list();
693 695
 	destroy_shmlock();
694 696
 	userblacklist_db_close();
695
-	dtrie_destroy(&dtrie_root, NULL, 10);
697
+	dtrie_destroy(&dtrie_root, NULL, match_mode);
696 698
 }
... ...
@@ -34,6 +34,7 @@ function cleanup() {
34 34
 	$MYSQL "delete from userblacklist where username='494675231';"
35 35
 	$MYSQL "delete from userblacklist where username='494675453';"
36 36
 	$MYSQL "delete from userblacklist where username='494675454';"
37
+	$MYSQL "delete from userblacklist where username='user4946';"
37 38
 	$MYSQL "delete from globalblacklist where description='_test_';"
38 39
 	exit $1;
39 40
 }
... ...
@@ -58,6 +59,7 @@ $MYSQL "insert into location (username,contact,socket,user_agent,cseq,q) values
58 59
 
59 60
 $MYSQL "insert into location (username,contact,socket,user_agent,cseq,q) values (\"49721123456784\",\"sip:2.23456789@127.0.0.1\",\"udp:127.0.0.1:5060\",\"ser_test\",1,-1);"
60 61
 
62
+$MYSQL "insert into location (username,contact,socket,user_agent,cseq,q) values (\"user4946\",\"sip:user4946@127.0.0.1\",\"udp:127.0.0.1:5060\",\"ser_test\",1,-1);"
61 63
 
62 64
 # setup userblacklist, first some dummy data
63 65
 $MYSQL "insert into userblacklist (username, domain, prefix, whitelist) values ('494675454','','49900','0');"
... ...
@@ -133,17 +135,23 @@ $MYSQL "insert into globalblacklist (prefix, whitelist, description) values ('2'
133 135
 
134 136
 $CTL fifo reload_blacklist
135 137
 
136
-if [ "$ret" -ne 1 ] ; then
138
+sipp -sn uac -s 49721123456785 127.0.0.1:5059 -i 127.0.0.1 -m 1 -f 2 -p 5061 &> /dev/null
139
+ret=$?
140
+
141
+if [ "$ret" -ne 0 ] ; then
137 142
 	cleanup 1
138 143
 fi;
139 144
 
140
-sipp -sn uac -s 49721123456785 127.0.0.1:5059 -i 127.0.0.1 -m 1 -f 2 -p 5061 &> /dev/null
145
+$MYSQL "insert into globalblacklist (prefix, whitelist, description) values ('user4946','0','_test_');"
146
+
147
+sipp -sn uac -s user4946 127.0.0.1:5059 -i 127.0.0.1 -m 1 -f 2 -p 5061 &> /dev/null
141 148
 ret=$?
142 149
 
143
-if [ "$ret" -ne 0 ] ; then
150
+if [ "$ret" -ne 1 ] ; then
144 151
 	cleanup 1
145 152
 fi;
146 153
 
154
+
147 155
 sipp -sn uac -s 49721123456784 127.0.0.1:5059 -i 127.0.0.1 -m 1 -f 2 -p 5061 &> /dev/null
148 156
 ret=$?
149 157