TT#146100 permissions: fix for match crash while RPC reload

https: //github.com/kamailio/kamailio/issues/2909 Change-Id: I65610b649d7ac1bf8c79684d94b8bba7911fe979
4 years ago · 2bfad1d3dd
parent bfa102d281
commit 2bfad1d3dd
3 changed files with 120 additions and 0 deletions
--- a/debian/patches/series
+++ b/debian/patches/series
@ -63,6 +63,8 @@ sipwise/lcr_improve_comparison_based_on_gws_port.patch
 #
 sipwise/tm_t_append_branch_by_contact.patch
 sipwise/tsilo_add_ts_append_by_contact.patch
+upstream/permissions-don-t-remove-old-data-at-the-end-of-the-.patch
+upstream/permissions-trusted_cleanup_interval.patch
 #
 ### Don't just put stuff in any order
 ### use gbp pq import/export tooling to help maintain patches
--- a/debian/patches/upstream/permissions-don-t-remove-old-data-at-the-end-of-the-.patch
+++ b/debian/patches/upstream/permissions-don-t-remove-old-data-at-the-end-of-the-.patch
@ -0,0 +1,30 @@
+From: Victor Seva <linuxmaniac@torreviejawireless.org>
+Date: Thu, 4 Nov 2021 14:34:47 +0100
+Subject: permissions: don't remove old data at the end of the reload process
+
+---
+ src/modules/permissions/trusted.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/src/modules/permissions/trusted.c b/src/modules/permissions/trusted.c
+index 2f9c7d4..7714a32 100644
+--- a/src/modules/permissions/trusted.c
+++ b/src/modules/permissions/trusted.c
+@@ -59,7 +59,6 @@ int reload_trusted_table(void)
+ 	db_val_t* val;
+ 
+ 	struct trusted_list **new_hash_table;
+-	struct trusted_list **old_hash_table;
+ 	int i;
+ 	int priority;
+ 
+@@ -160,9 +159,7 @@ int reload_trusted_table(void)
+ 
+ 	perm_dbf.free_result(perm_db_handle, res);
+ 
+-	old_hash_table = *perm_trust_table;
+ 	*perm_trust_table = new_hash_table;
+-	empty_hash_table(old_hash_table);
+ 
+ 	LM_DBG("trusted table reloaded successfully.\n");
+ 
--- a/debian/patches/upstream/permissions-trusted_cleanup_interval.patch
+++ b/debian/patches/upstream/permissions-trusted_cleanup_interval.patch
@ -0,0 +1,88 @@
+From: Victor Seva <linuxmaniac@torreviejawireless.org>
+Date: Thu, 4 Nov 2021 15:11:12 +0100
+Subject: permissions: trusted_cleanup_interval
+
+cleanup old data of trusted hash_table by timer function.
+---
+ src/modules/permissions/permissions.c |  2 ++
+ src/modules/permissions/permissions.h |  1 +
+ src/modules/permissions/trusted.c     | 20 ++++++++++++++++++++
+ 3 files changed, 23 insertions(+)
+
+diff --git a/src/modules/permissions/permissions.c b/src/modules/permissions/permissions.c
+index 12ab2d8..d565520 100644
+--- a/src/modules/permissions/permissions.c
+++ b/src/modules/permissions/permissions.c
+@@ -61,6 +61,7 @@ static char* perm_deny_suffix = ".deny";
+ /* for allow_trusted and allow_address function */
+ str perm_db_url = {NULL, 0};                    /* Don't connect to the database by default */
+ int perm_reload_delta = 5;
+int perm_trusted_table_interval = 60;
+ 
+ /* for allow_trusted function */
+ int perm_db_mode = DISABLE_CACHE;               /* Database usage mode: 0=no cache, 1=cache */
+@@ -188,6 +189,7 @@ static param_export_t params[] = {
+ 	{"max_subnets",        PARAM_INT, &_perm_max_subnets    },
+ 	{"load_backends",      PARAM_INT, &_perm_load_backends  },
+ 	{"reload_delta",       PARAM_INT, &perm_reload_delta    },
+	{"trusted_cleanup_interval", PARAM_INT, &perm_trusted_table_interval },
+ 	{0, 0, 0}
+ };
+ 
+diff --git a/src/modules/permissions/permissions.h b/src/modules/permissions/permissions.h
+index 2a417ff..c08666a 100644
+--- a/src/modules/permissions/permissions.h
+++ b/src/modules/permissions/permissions.h
+@@ -60,6 +60,7 @@ extern str perm_mask_col;      /* Name of mask column */
+ extern str perm_port_col;      /* Name of port column */
+ extern int perm_peer_tag_mode; /* Matching mode */
+ extern int perm_reload_delta;  /* seconds between RPC reloads */
+extern int perm_trusted_table_interval; /* interval of timer to clean old trusted data */
+ 
+ /* backends to be loaded */
+ #define PERM_LOAD_ADDRESSDB	(1<<0)
+diff --git a/src/modules/permissions/trusted.c b/src/modules/permissions/trusted.c
+index 7714a32..49e871a 100644
+--- a/src/modules/permissions/trusted.c
+++ b/src/modules/permissions/trusted.c
+@@ -166,6 +166,7 @@ int reload_trusted_table(void)
+ 	return 1;
+ }
+ 
+void perm_ht_timer(unsigned int ticks, void *);
+ 
+ /*
+  * Initialize data structures
+@@ -224,6 +225,9 @@ int init_trusted(void)
+ 			goto error;
+ 		}
+ 
+		if(register_timer(perm_ht_timer, NULL, perm_trusted_table_interval) < 0)
+			goto error;
+
+ 		perm_dbf.close(perm_db_handle);
+ 		perm_db_handle = 0;
+ 	}
+@@ -280,6 +284,22 @@ int init_child_trusted(int rank)
+ }
+ 
+ 
+void perm_ht_timer(unsigned int ticks, void *param) {
+	if(perm_rpc_reload_time == NULL)
+		return;
+
+	if(*perm_rpc_reload_time != 0
+			&& *perm_rpc_reload_time > time(NULL) - perm_trusted_table_interval)
+			return;
+
+	LM_DBG("cleaning old trusted table\n");
+	if (*perm_trust_table == perm_trust_table_1) {
+		empty_hash_table(perm_trust_table_2);
+	} else {
+		empty_hash_table(perm_trust_table_1);
+	}
+}
+
+ /*
+  * Close connections and release memory
+  */