[svn-commits] jrose: branch jrose/nacl_branch r368516 - in /team/jrose/nacl_branch: channel...

SVN commits to the Digium repositories svn-commits at lists.digium.com
Tue Jun 5 09:29:25 CDT 2012


Author: jrose
Date: Tue Jun  5 09:29:19 2012
New Revision: 368516

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=368516
Log:
Updating branch with Terry's config changes, making name changes for nacl to become named_acl or acl where appropriate (named_acl for internal code stuff, acl for acl.conf, acl show <named acl>, and acl reload.

Added:
    team/jrose/nacl_branch/main/named_acl.c
      - copied, changed from r368515, team/jrose/nacl_branch/main/nacl.c
Removed:
    team/jrose/nacl_branch/main/nacl.c
Modified:
    team/jrose/nacl_branch/channels/chan_unistim.c
    team/jrose/nacl_branch/include/asterisk/acl.h
    team/jrose/nacl_branch/main/asterisk.c
    team/jrose/nacl_branch/main/manager.c

Modified: team/jrose/nacl_branch/channels/chan_unistim.c
URL: http://svnview.digium.com/svn/asterisk/team/jrose/nacl_branch/channels/chan_unistim.c?view=diff&rev=368516&r1=368515&r2=368516
==============================================================================
--- team/jrose/nacl_branch/channels/chan_unistim.c (original)
+++ team/jrose/nacl_branch/channels/chan_unistim.c Tue Jun  5 09:29:19 2012
@@ -6306,8 +6306,8 @@
 			ast_copy_string(d->extension_number, v->value, sizeof(d->extension_number));
 		} else if (!strcasecmp(v->name, "permit") || !strcasecmp(v->name, "deny")) {
 			d->ha = ast_append_ha(v->name, v->value, d->ha, NULL);
-		} else if (!strcasecmp(v->name, "nacl")) {
-			d->ha = ast_append_nacl(d->ha, v->value);
+		} else if (!strcasecmp(v->name, "acl")) {
+			d->ha = ast_append_named_acl(d->ha, v->value);
 		} else if (!strcasecmp(v->name, "context")) {
 			ast_copy_string(d->context, v->value, sizeof(d->context));
 		} else if (!strcasecmp(v->name, "maintext0")) {

Modified: team/jrose/nacl_branch/include/asterisk/acl.h
URL: http://svnview.digium.com/svn/asterisk/team/jrose/nacl_branch/include/asterisk/acl.h?view=diff&rev=368516&r1=368515&r2=368516
==============================================================================
--- team/jrose/nacl_branch/include/asterisk/acl.h (original)
+++ team/jrose/nacl_branch/include/asterisk/acl.h Tue Jun  5 09:29:19 2012
@@ -268,7 +268,7 @@
 const char *ast_tos2str(unsigned int tos);
 
 /*!
- * \brief Pluggable function to append an nacl to an existing host access list
+ * \brief Append an named_acl to an existing host access list
  *
  * \details
  * This function needs to be installed by some other loaded module. If it is available,
@@ -280,15 +280,9 @@
  * \param ha The host access list being appended
  * \param name Name of the nacl sought to append with
  */
-struct ast_ha *ast_append_nacl(struct ast_ha *ha, const char *name);
-
-int init_nacl(void);
-
-/*!
- * \brief Unset nacl function callbacks
- */
-void ast_uninstall_nacl_functions(void);
-
+struct ast_ha *ast_append_named_acl(struct ast_ha *ha, const char *name);
+
+int init_named_acl(void);
 
 #if defined(__cplusplus) || defined(c_plusplus)
 }

Modified: team/jrose/nacl_branch/main/asterisk.c
URL: http://svnview.digium.com/svn/asterisk/team/jrose/nacl_branch/main/asterisk.c?view=diff&rev=368516&r1=368515&r2=368516
==============================================================================
--- team/jrose/nacl_branch/main/asterisk.c (original)
+++ team/jrose/nacl_branch/main/asterisk.c Tue Jun  5 09:29:19 2012
@@ -4010,7 +4010,7 @@
 
 	ast_http_init();		/* Start the HTTP server, if needed */
 
-	if (init_nacl()) {
+	if (init_named_acl()) {
 		printf("%s", term_quit());
 		exit(1);
 	}

Modified: team/jrose/nacl_branch/main/manager.c
URL: http://svnview.digium.com/svn/asterisk/team/jrose/nacl_branch/main/manager.c?view=diff&rev=368516&r1=368515&r2=368516
==============================================================================
--- team/jrose/nacl_branch/main/manager.c (original)
+++ team/jrose/nacl_branch/main/manager.c Tue Jun  5 09:29:19 2012
@@ -7188,8 +7188,8 @@
 			} else if (!strcasecmp(var->name, "deny") ||
 				       !strcasecmp(var->name, "permit")) {
 				user->ha = ast_append_ha(var->name, var->value, user->ha, NULL);
-			} else if (!strcasecmp(var->name, "nacl")) {
-				user->ha = ast_append_nacl(user->ha, var->value);
+			} else if (!strcasecmp(var->name, "acl")) {
+				user->ha = ast_append_named_acl(user->ha, var->value);
 			}  else if (!strcasecmp(var->name, "read") ) {
 				user->readperm = get_perm(var->value);
 			}  else if (!strcasecmp(var->name, "write") ) {

Copied: team/jrose/nacl_branch/main/named_acl.c (from r368515, team/jrose/nacl_branch/main/nacl.c)
URL: http://svnview.digium.com/svn/asterisk/team/jrose/nacl_branch/main/named_acl.c?view=diff&rev=368516&p1=team/jrose/nacl_branch/main/nacl.c&r1=368515&p2=team/jrose/nacl_branch/main/named_acl.c&r2=368516
==============================================================================
--- team/jrose/nacl_branch/main/nacl.c (original)
+++ team/jrose/nacl_branch/main/named_acl.c Tue Jun  5 09:29:19 2012
@@ -15,227 +15,231 @@
 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 
 #include "asterisk/config.h"
+#include "asterisk/config_options.h"
 #include "asterisk/utils.h"
 #include "asterisk/module.h"
 #include "asterisk/cli.h"
 #include "asterisk/acl.h"
 #include "asterisk/astobj2.h"
 
-#define NACL_CONFIG "nacl.conf"
+#define NACL_CONFIG "acl.conf"
 
 #define NAME_LENGTH 80
 
-static struct ao2_container *nacl_list;
-
-struct nacl {
+/*! \note Ok, so you have a container of named_acls and no general options. Instead of just
+ * declaring the named_acl_list, we instead declare a struct that holds this container. This
+ * is to handle the general case where a config really maps to some global options and
+ * one or more containers of configurable objects
+ */
+struct named_acl_config {
+	struct ao2_container *named_acl_list;
+};
+
+/*! \note We also need to declare an ao2_global_obj which basically hides an ao2 object
+ * so that we can only access the internal object by grabbing a reference to it. The back
+ * end config code uses this to atomically swap out a new config object for the old one.
+ */
+
+static AO2_GLOBAL_OBJ_STATIC(globals);
+
+static void *named_acl_config_alloc(void);
+static void *named_acl_alloc(const char *cat);
+static void *named_acl_find(struct ao2_container *container, const char *cat);
+
+/*! \note Now we need to define a config type. This will basically link up a category name
+ * (and optionally a "type" field e.g. type=peer in chan_iax2) to an underlying object. In
+ * this case, we are linking any category that is *not* "general" to a named acl
+ */
+static struct aco_type named_acl_type = {
+	.type = ACO_ITEM, /*!< named_acls are items stored in containers, not individual global objects */
+	.category_match = ACO_BLACKLIST,
+	.category = "^general$", /*!< With the above blacklist, match everything but "general" */
+	.item_alloc = named_acl_alloc, /*!< Just a callback to allocate a new named_acl based on category */
+	.item_find = named_acl_find, /*!< A callback to find an named_acl in some container of named_acls */
+	.item_offset = offsetof(struct named_acl_config, named_acl_list), /*!< Could leave this out since 0 */
+};
+
+/*! \note This is annoying. We need to be able to pass multiple types to aco_option_register as
+ * an array and also be able to create the named_acl_type via intializer lists. So we make create
+ * a single object array here to pass to aco_option_register. This is a case of multiple file
+ * support making things slightly worse for the general case, unfortunately.
+ */
+struct aco_type *named_acl_types[] = ACO_TYPES(&named_acl_type);
+
+/*! \note A representation of acl.conf and tye types associated with it. You only have one
+ * file and one type.
+ */
+struct aco_file named_acl_conf = {
+	.filename = "acl.conf",
+	.types = ACO_TYPES(&named_acl_type),
+};
+
+/*! \note Create a config info struct that describes the config processing for this module.
+ * Pass name of the object, the AO2_GLOBAL_OBJ_STATIC, and an allocater function for your
+ * named_acl_config struct. Also add the array of aco_files to process: in this case just acl.conf
+ */
+CONFIG_INFO_STANDARD(cfg_info, globals, named_acl_config_alloc,
+	.files = ACO_FILES(&named_acl_conf),
+);
+
+struct named_acl {
 	struct ast_ha *ha;
 	char name[NAME_LENGTH]; /* Same max length as a configuration category */
 };
 
-static void destroy_nacl(void *obj)
-{
-	struct nacl *nacl = obj;
-	ast_free_ha(nacl->ha);
-}
-
-static void add_nacl_from_config(char *name, struct ast_variable *input)
-{
-	struct nacl tmp;
-	struct nacl *nacl;
-	struct ast_variable *var = input;
+static int named_acl_hash_fn(const void *obj, const int flags)
+{
+	const struct named_acl *entry = obj;
+	return ast_str_hash(entry->name);
+}
+
+static int named_acl_cmp_fn(void *obj, void *arg, const int flags)
+{
+	struct named_acl *entry1 = obj;
+	struct named_acl *entry2 = arg;
+
+	return (!strcmp(entry1->name, entry2->name)) ? (CMP_MATCH | CMP_STOP) : 0;
+}
+
+/*! \brief destructor for named_acl_config */
+static void named_acl_config_destructor(void *obj)
+{
+	struct named_acl_config *cfg = obj;
+	ao2_cleanup(cfg->named_acl_list);
+}
+
+/*! \brief allocator callback for named_acl_config. Notice it returns void * since it is used by
+ * the backend config code
+ */
+static void *named_acl_config_alloc(void)
+{
+	struct named_acl_config *cfg;
+
+	if (!(cfg = ao2_alloc(sizeof(*cfg), named_acl_config_destructor))) {
+		return NULL;
+	}
+	if (!(cfg->named_acl_list = ao2_container_alloc(37, named_acl_hash_fn, named_acl_cmp_fn))) {
+		ao2_ref(cfg, -1);
+		return NULL;
+	}
+	return cfg;
+}
+
+static void destroy_named_acl(void *obj)
+{
+	struct named_acl *named_acl = obj;
+	ast_free_ha(named_acl->ha);
+}
+
+void *named_acl_alloc(const char *cat)
+{
+	struct named_acl *named_acl;
+
+	if (!(named_acl = ao2_alloc(sizeof(*named_acl), destroy_named_acl))) {
+		return NULL;
+	}
+	ast_copy_string(named_acl->name, cat, sizeof(named_acl->name));
+	return named_acl;
+}
+
+void *named_acl_find(struct ao2_container *container, const char *cat)
+{
+	struct named_acl tmp;
+	ast_copy_string(tmp.name, cat, sizeof(tmp.name));
+	return ao2_find(container, &tmp, OBJ_POINTER);
+}
+
+struct ast_ha *ast_append_named_acl(struct ast_ha *ha, const char *name)
+{
+	struct named_acl tmp;
+	struct named_acl *named_acl;
+	/*! \note This is to grab a reference to a snapshot of the configuration data */
+	RAII_VAR(struct named_acl_config *, cfg, ao2_global_obj_ref(globals), ao2_cleanup);
 
 	ast_copy_string(tmp.name, name, sizeof(tmp.name));
 
-	nacl = ao2_find(nacl_list, &tmp, OBJ_POINTER);
-
-	if (nacl) {
-		ast_log(LOG_ERROR, "Multiple definitions present for nacl: %s\n", name);
-		ao2_ref(nacl, -1);
+	/*! \note We now look up the named_acl in the config snapshot's list of named_acls. If a reload is
+	 * done, it will not affect this operation. */
+	named_acl = ao2_find(cfg->named_acl_list, &tmp, OBJ_POINTER);
+
+	if (!named_acl) {
+		ast_log(LOG_ERROR, "named_acl '%s' does not exist. Could not apply named_acl.\n", name);
+		return ha;
+	}
+
+	/* Apply Staples! */
+	ha = ast_duplicate_and_append_ha(ha, named_acl->ha);
+
+	ao2_ref(named_acl, -1);
+
+	return ha;
+}
+
+static void reload_named_acl(int fd)
+{
+	ast_cli(fd, "Reloading named_acl configuration...\n");
+	if (aco_process_config(&cfg_info, 1)) {
+		ast_cli(fd, "Any modules using statically defined ACLs which were using existing named_acls will need to be reloaded for changes to take effect.\n");
+	}
+}
+
+static void cli_display_named_acl(int fd, const char *name)
+{
+	struct named_acl tmp;
+	struct named_acl *named_acl;
+	struct ast_ha *ha;
+	/*! \note This is to grab a reference to a snapshot of the configuration data */
+	RAII_VAR(struct named_acl_config *, cfg, ao2_global_obj_ref(globals), ao2_cleanup);
+
+	ast_copy_string(tmp.name, name, sizeof(tmp.name));
+
+	named_acl = ao2_find(cfg->named_acl_list, &tmp, OBJ_POINTER);
+
+	if (!named_acl) {
+		/* named_acl not found message */
+		ast_cli(fd, "\nCould not find acl named '%s'\n", name);
 		return;
 	}
 
-	nacl = ao2_alloc(sizeof(*nacl), destroy_nacl);
-
-	if (!nacl) {
-		ast_log(LOG_ERROR, "Failed to allocate ao2 object for nacl.\n");
-		return;
-	}
-
-	nacl->ha = NULL;
-	ast_copy_string(nacl->name, name, sizeof(nacl->name));
-
-	while(var) {
-		if (!strcasecmp(var->name, "permit") || !strcasecmp(var->name, "deny")) {
-			int ha_error = 0;
-			nacl->ha = ast_append_ha(var->name, var->value, nacl->ha, &ha_error);
-			if (ha_error) {
-				ast_log(LOG_ERROR, "Bad ACL entry in nacl configuration line %d : %s\n", var->lineno, var->value);
-			}
-		}
-		var = var->next;
-	}
-	ao2_link(nacl_list, nacl);
-	ao2_ref(nacl, -1);
-
-
-}
-
-static int nacl_hash_fn(const void *obj, const int flags)
-{
-	const struct nacl *entry = obj;
-	return ast_str_hash(entry->name);
-}
-
-static int nacl_cmp_fn(void *obj, void *arg, const int flags)
-{
-	struct nacl *entry1 = obj;
-	struct nacl *entry2 = arg;
-
-	return (!strcmp(entry1->name, entry2->name)) ? (CMP_MATCH | CMP_STOP) : 0;
-}
-
-static void nacl_list_scrub(void)
+	ast_cli(fd, "\n%s\n--------------------------------------------------\n", name);
+	for (ha = named_acl->ha; ha; ha = ha->next) {
+		char *output = ast_sockaddr_stringify(&ha->addr);
+		ast_cli(fd, "%s - %s\n", ha->sense == AST_SENSE_ALLOW ? "allow" : " deny", output);
+	}
+
+	ao2_ref(named_acl, -1);
+}
+
+static void cli_display_named_acl_list(int fd)
 {
 	struct ao2_iterator i;
 	void *o;
-
-	i = ao2_iterator_init(nacl_list, 0);
+	/*! \note This is to grab a reference to a snapshot of the configuration data */
+	RAII_VAR(struct named_acl_config *, cfg, ao2_global_obj_ref(globals), ao2_cleanup);
+
+	i = ao2_iterator_init(cfg->named_acl_list, 0);
+
+	ast_cli(fd, "\nnamed_acl\n----\n");
 
 	while ((o = ao2_iterator_next(&i))) {
-		ao2_unlink(nacl_list, o);
+		struct named_acl *named_acl = o;
+
+		ast_cli(fd, "%s\n", named_acl->name);
+
 		ao2_ref(o, -1);
 	}
 
 	ao2_iterator_destroy(&i);
 }
 
-static int load_nacl_config(int reload)
-{
-	static char *cat = NULL;
-	struct ast_config *cfg = NULL;
-	struct ast_variable *var = NULL;
-	struct ast_flags config_flags = { reload ? CONFIG_FLAG_FILEUNCHANGED : 0 };
-
-	if ((cfg = ast_config_load(NACL_CONFIG, config_flags)) == CONFIG_STATUS_FILEUNCHANGED) {
-		return -1;
-	}
-
-	if (cfg == CONFIG_STATUS_FILEMISSING || cfg == CONFIG_STATUS_FILEINVALID) {
-		ast_log(LOG_WARNING, "No such configuration file %s\n", NACL_CONFIG);
-		return 0;
-	}
-
-	/* We need to lock the list since we'll be wiping it and repopulating it. */
-	ao2_lock(nacl_list);
-
-	/* If reloading, clean the list.  Otherwise, we need to create the list. */
-	if (reload) {
-		/* scrub the nacl entries */
-		nacl_list_scrub();
-	} else {
-		nacl_list = ao2_container_alloc(37, nacl_hash_fn, nacl_cmp_fn);
-	}
-
-
-	cat = ast_category_browse(cfg, NULL);
-	while (cat) {
-		if (strcasecmp(cat, "general")) {
-			var = ast_variable_browse(cfg, cat);
-			add_nacl_from_config(cat, var);
-		}
-		cat = ast_category_browse(cfg, cat);
-	}
-
-	/* It's safe to unlock the list now. */
-	ao2_unlock(nacl_list);
-
-	ast_config_destroy(cfg);
-	return 1;
-}
-
-struct ast_ha *ast_append_nacl(struct ast_ha *ha, const char *name)
-{
-	struct nacl tmp;
-	struct nacl *nacl;
-
-	ast_copy_string(tmp.name, name, sizeof(tmp.name));
-
-	nacl = ao2_find(nacl_list, &tmp, OBJ_POINTER);
-
-	if (!nacl) {
-		ast_log(LOG_ERROR, "nacl '%s' does not exist. Could not apply nacl.\n", name);
-		return ha;
-	}
-
-	/* Apply Staples! */
-	ha = ast_duplicate_and_append_ha(ha, nacl->ha);
-
-	ao2_ref(nacl, -1);
-
-	return ha;
-}
-
-static void reload_nacl(int fd)
-{
-	ast_cli(fd, "Reloading nacl configuration...\n");
-	if (load_nacl_config(1) == 1) {
-		ast_cli(fd, "Any modules using statically defined ACLs which were using existing nacls will need to be reloaded for changes to take effect.\n");
-	}
-}
-
-static void cli_display_nacl(int fd, const char *name)
-{
-	struct nacl tmp;
-	struct nacl *nacl;
-	struct ast_ha *ha;
-
-	ast_copy_string(tmp.name, name, sizeof(tmp.name));
-
-	nacl = ao2_find(nacl_list, &tmp, OBJ_POINTER);
-
-	if (!nacl) {
-		/* nacl not found message */
-		ast_cli(fd, "\nCould not find acl named '%s'\n", name);
-		return;
-	}
-
-	ast_cli(fd, "\n%s\n--------------------------------------------------\n", name);
-	for (ha = nacl->ha; ha; ha = ha->next) {
-		char *output = ast_sockaddr_stringify(&ha->addr);
-		ast_cli(fd, "%s - %s\n", ha->sense == AST_SENSE_ALLOW ? "allow" : " deny", output);
-	}
-
-	ao2_ref(nacl, -1);
-}
-
-static void cli_display_nacl_list(int fd)
-{
-	struct ao2_iterator i;
-	void *o;
-
-	i = ao2_iterator_init(nacl_list, 0);
-
-	ast_cli(fd, "\nnacl\n----\n");
-
-	while ((o = ao2_iterator_next(&i))) {
-		struct nacl *nacl = o;
-
-		ast_cli(fd, "%s\n", nacl->name);
-
-		ao2_ref(o, -1);
-	}
-
-	ao2_iterator_destroy(&i);
-}
-
-static char *handle_nacl_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
+static char *handle_acl_reload(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 {
 	switch (cmd) {
 	case CLI_INIT:
-		e->command = "nacl reload";
+		e->command = "acl reload";
 		e->usage =
-			"Usage: nacl reload\n"
-			"       Reloads the nacl configuration.\n";
+			"Usage: acl reload\n"
+			"       Reloads the named_acl configuration.\n";
 	case CLI_GENERATE:
 		return NULL;
 	}
@@ -244,17 +248,17 @@
 		return CLI_SHOWUSAGE;
 	}
 
-	reload_nacl(a->fd);
+	reload_named_acl(a->fd);
 	return CLI_SUCCESS;
 }
 
-static char *handle_show_nacl_cmd(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
+static char *handle_show_named_acl_cmd(struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
 {
 	switch (cmd) {
 	case CLI_INIT:
-		e->command = "nacl show";
+		e->command = "acl show";
 		e->usage =
-			"Usage: nacl show <name>\n"
+			"Usage: acl show <name>\n"
 			"   Shows a list of named ACLs or lists all entries in a given named ACL.\n";
 		return NULL;
 	case CLI_GENERATE:
@@ -262,12 +266,12 @@
 	}
 
 	if (a->argc == 2) {
-		cli_display_nacl_list(a->fd);
+		cli_display_named_acl_list(a->fd);
 		return CLI_SUCCESS;
 	}
 
 	if (a->argc == 3) {
-		cli_display_nacl(a->fd, a->argv[2]);
+		cli_display_named_acl(a->fd, a->argv[2]);
 		return CLI_SUCCESS;
 	}
 
@@ -275,14 +279,25 @@
 	return CLI_SHOWUSAGE;
 }
 
-static struct ast_cli_entry cli_nacl[] = {
-	AST_CLI_DEFINE(handle_nacl_reload, "Reload nacl configurations"),
-	AST_CLI_DEFINE(handle_show_nacl_cmd, "Show a named ACL or list all named ACLs"),
-};
-
-int init_nacl()
-{
-	load_nacl_config(0);
-	ast_cli_register_multiple(cli_nacl, ARRAY_LEN(cli_nacl));
+static struct ast_cli_entry cli_named_acl[] = {
+	AST_CLI_DEFINE(handle_acl_reload, "Reload acl configurations"),
+	AST_CLI_DEFINE(handle_show_named_acl_cmd, "Show a named ACL or list all named ACLs"),
+};
+
+int init_named_acl()
+{
+	if (aco_info_init(&cfg_info)) {
+		return -1;
+	}
+
+	/*! \note Register the options. Not sure what the defaults should be. Change the NULLS for yourself */
+	aco_option_register(&cfg_info, "permit", ACO_EXACT, named_acl_types, NULL, OPT_ACL_T, 1, FLDSET(struct named_acl, ha), "permit");
+	aco_option_register(&cfg_info, "deny", ACO_EXACT, named_acl_types, NULL, OPT_ACL_T, 1, FLDSET(struct named_acl, ha), "deny");
+
+	if (aco_process_config(&cfg_info, 0)) {
+		return -1;
+	}
+
+	ast_cli_register_multiple(cli_named_acl, ARRAY_LEN(cli_named_acl));
 	return 0;
 }




More information about the svn-commits mailing list